Add Docker Compose setup for PDS

2026-01-26 16:33:04 -05:00
parent 002c1f2cfe
commit 5c5db4f614
4 changed files with 82 additions and 0 deletions
@@ -0,0 +1,5 @@
+# Secrets
+pds.env
+
+# Data directory
+data/
@@ -0,0 +1,42 @@
+services:
+  pds-1440-news:
+    image: ghcr.io/bluesky-social/pds:0.4
+    container_name: pds-1440-news
+    restart: unless-stopped
+    volumes:
+      - ./data:/pds
+    env_file:
+      - pds.env
+    networks:
+      - proxy
+    labels:
+      - "traefik.enable=true"
+      # PDS API endpoint: pds.1440.news
+      - "traefik.http.routers.pds-1440-news.rule=Host(`pds.1440.news`)"
+      - "traefik.http.routers.pds-1440-news.entrypoints=https"
+      - "traefik.http.routers.pds-1440-news.tls.certresolver=letsencrypt"
+      # Wildcard for account handles: *.1440.news
+      - "traefik.http.routers.pds-1440-news-handles.rule=HostRegexp(`^.+\\.1440\\.news$$`)"
+      - "traefik.http.routers.pds-1440-news-handles.entrypoints=https"
+      - "traefik.http.routers.pds-1440-news-handles.tls.certresolver=letsencrypt"
+      - "traefik.http.routers.pds-1440-news-handles.priority=1"
+      # HTTP to HTTPS redirect
+      - "traefik.http.routers.pds-1440-news-redirect.rule=Host(`pds.1440.news`)"
+      - "traefik.http.routers.pds-1440-news-redirect.entrypoints=http"
+      - "traefik.http.routers.pds-1440-news-redirect.middlewares=https-redirect"
+      - "traefik.http.routers.pds-1440-news-handles-redirect.rule=HostRegexp(`^.+\\.1440\\.news$$`)"
+      - "traefik.http.routers.pds-1440-news-handles-redirect.entrypoints=http"
+      - "traefik.http.routers.pds-1440-news-handles-redirect.middlewares=https-redirect"
+      - "traefik.http.routers.pds-1440-news-handles-redirect.priority=1"
+      # Shared middleware
+      - "traefik.http.middlewares.https-redirect.redirectscheme.scheme=https"
+      - "traefik.http.middlewares.https-redirect.redirectscheme.permanent=true"
+      # Service port
+      - "traefik.http.services.pds-1440-news.loadbalancer.server.port=3000"
+      # Local development
+      - "traefik.http.routers.pds-1440-news-local.rule=Host(`pds.1440.localhost`)"
+      - "traefik.http.routers.pds-1440-news-local.entrypoints=http"
+
+networks:
+  proxy:
+    external: true
@@ -0,0 +1,6 @@
+#!/bin/bash
+# Generate secrets for PDS configuration
+
+echo "PDS_JWT_SECRET=$(openssl rand -hex 32)"
+echo "PDS_ADMIN_PASSWORD=$(openssl rand -base64 24)"
+echo "PDS_PLC_ROTATION_KEY_K256_PRIVATE_KEY_HEX=$(openssl rand -hex 32)"
@@ -0,0 +1,29 @@
+# PDS Configuration for 1440.news
+# Copy to pds.env and fill in values
+
+# Core (required)
+PDS_HOSTNAME=pds.1440.news
+PDS_JWT_SECRET=
+PDS_ADMIN_PASSWORD=
+PDS_PLC_ROTATION_KEY_K256_PRIVATE_KEY_HEX=
+
+# Storage
+PDS_DATA_DIRECTORY=/pds
+PDS_BLOBSTORE_DISK_LOCATION=/pds/blocks
+PDS_BLOB_UPLOAD_LIMIT=5242880
+
+# AT Protocol Network
+PDS_DID_PLC_URL=https://plc.directory
+PDS_BSKY_APP_VIEW_URL=https://api.bsky.app
+PDS_BSKY_APP_VIEW_DID=did:web:api.bsky.app
+PDS_REPORT_SERVICE_URL=https://mod.bsky.app
+PDS_REPORT_SERVICE_DID=did:plc:ar7c4by46qjdydhdevvrndac
+PDS_CRAWLERS=https://bsky.network
+
+# Email (optional but recommended)
+# PDS_EMAIL_SMTP_URL=smtps://user:pass@smtp.example.com:465
+# PDS_EMAIL_FROM_ADDRESS=noreply@1440.news
+
+# Optional
+# PDS_PRIVACY_POLICY_URL=https://1440.news/privacy
+LOG_LEVEL=info