kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-09-10 04:25:20 +02:00
Code Issues Packages Projects Releases Wiki Activity

web-app-bluesky: refactor role, add Cloudflare DNS integration, split tasks

Browse Source 
Changes: add AppView port; add CSP whitelist; new tasks (01_pds, 02_social_app, 03_dns); switch templates to BLUESKY_* vars; update docker-compose and env; TCP healthcheck; remove admin_password from schema.

Conversation context: https://chatgpt.com/share/68b85276-e0ec-800f-90ec-480a1d528593
This commit is contained in:
Kevin Veen-Birkenbach
2025-09-03 16:37:35 +02:00
parent a1130e33d7
commit d2dc2eab5f
10 changed files with 230 additions and 86 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
roles/web-app-bluesky/templates/docker-compose.yml.j2
View File

@@ -3,40 +3,32 @@
pds:
{% set container_port = 3000 %}
{% set container_healthcheck = 'xrpc/_health' %}
image: "{{ applications | get_app_conf(application_id, 'images.pds', True) }}"
image: "{{ BLUESKY_PDS_IMAGE }}:{{ BLUESKY_PDS_VERSION }}"
{% include 'roles/docker-container/templates/base.yml.j2' %}
volumes:
- pds_data:/opt/pds
- {{pdsadmin_file_path}}:/usr/local/bin/pdsadmin:ro
- pds_data:{{ BLUESKY_PDS_DATA_DIR }}
- {{ BLUESKY_PDSADMIN_FILE }}:/usr/local/bin/pdsadmin:ro
ports:
- "127.0.0.1:{{ports.localhost.http['web-app-bluesky_api']}}:{{ container_port }}"
- "127.0.0.1:{{ BLUESKY_API_PORT }}:{{ container_port }}"
{% include 'roles/docker-container/templates/healthcheck/wget.yml.j2' %}
{% include 'roles/docker-container/templates/networks.yml.j2' %}
# Deactivated for the moment @see https://github.com/bluesky-social/social-app
{% if BLUESKY_WEB_ENABLED %}
{% set container_port = 8100 %}
web:
command: ["bskyweb","serve"]
build:
context: "{{ social_app_path }}"
dockerfile: Dockerfile
# It doesn't compile yet with this parameters. @todo Fix it
args:
REACT_APP_PDS_URL: "{{ WEB_PROTOCOL }}://{{domains[application_id].api}}" # URL des PDS
REACT_APP_API_URL: "{{ WEB_PROTOCOL }}://{{domains[application_id].api}}" # API-URL des PDS
REACT_APP_SITE_NAME: "{{ PRIMARY_DOMAIN | upper }} - Bluesky"
REACT_APP_SITE_DESCRIPTION: "Decentral Social "
context: "{{ BLUESKY_SOCIAL_APP_DIR }}"
dockerfile: Dockerfile
pull_policy: never
ports:
- "127.0.0.1:{{ports.localhost.http['web-app-bluesky_web']}}:8100"
healthcheck:
test: ["CMD", "sh", "-c", "for pid in $(ls /proc | grep -E '^[0-9]+$'); do if cat /proc/$pid/cmdline 2>/dev/null | grep -q 'bskywebserve'; then exit 0; fi; done; exit 1"]
interval: 30s
timeout: 10s
retries: 3
- "127.0.0.1:{{ BLUESKY_WEB_PORT }}:{{ container_port }}"
{% include 'roles/docker-container/templates/healthcheck/tcp.yml.j2' %}
{% include 'roles/docker-container/templates/networks.yml.j2' %}
{% endif %}
{% include 'roles/docker-compose/templates/volumes.yml.j2' %}
pds_data:
name: {{ BLUESKY_PDS_DATA_VOLUME }}
{% include 'roles/docker-compose/templates/networks.yml.j2' %}

24
roles/web-app-bluesky/templates/env.j2
View File

@@ -1,21 +1,21 @@
PDS_HOSTNAME="{{domains[application_id].api}}"
PDS_ADMIN_EMAIL="{{ applications.bluesky.users.administrator.email}}"
PDS_SERVICE_DID="did:web:{{domains[application_id].api}}"
PDS_HOSTNAME="{{ BLUESKY_API_DOMAIN }}"
PDS_ADMIN_EMAIL="{{ BLUESKY_ADMIN_EMAIL }}"
PDS_SERVICE_DID="did:web:{{ BLUESKY_API_DOMAIN }}"
# See https://mattdyson.org/blog/2024/11/self-hosting-bluesky-pds/
PDS_SERVICE_HANDLE_DOMAINS=".{{ PRIMARY_DOMAIN }}"
PDS_JWT_SECRET="{{ bluesky_jwt_secret }}"
PDS_ADMIN_PASSWORD="{{bluesky_admin_password}}"
PDS_PLC_ROTATION_KEY_K256_PRIVATE_KEY_HEX="{{ bluesky_rotation_key }}"
PDS_JWT_SECRET="{{ BLUESKY_JWT_SECRET }}"
PDS_ADMIN_PASSWORD="{{ BLUESKY_ADMIN_PASSWORD }}"
PDS_PLC_ROTATION_KEY_K256_PRIVATE_KEY_HEX="{{ BLUESKY_ROTATION_KEY }}"
PDS_CRAWLERS=https://bsky.network
PDS_EMAIL_SMTP_URL=smtps://{{ users['no-reply'].email }}:{{ users['no-reply'].mailu_token }}@{{ SYSTEM_EMAIL.HOST }}:{{ SYSTEM_EMAIL.PORT }}/
PDS_EMAIL_FROM_ADDRESS={{ users['no-reply'].email }}
LOG_ENABLED=true
PDS_BLOBSTORE_DISK_LOCATION=/opt/pds/blocks
PDS_DATA_DIRECTORY: /opt/pds
PDS_BLOB_UPLOAD_LIMIT: 52428800
LOG_ENABLED={{ MODE_DEBUG | string | lower }}
PDS_BLOBSTORE_DISK_LOCATION={{ BLUESKY_PDS_BLOBSTORE_LOCATION }}
PDS_DATA_DIRECTORY={{ BLUESKY_PDS_DATA_DIR }}
PDS_BLOB_UPLOAD_LIMIT=52428800
PDS_DID_PLC_URL=https://plc.directory
PDS_BSKY_APP_VIEW_URL=https://{{domains[application_id].web}}
PDS_BSKY_APP_VIEW_DID=did:web:{{domains[application_id].web}}
PDS_BSKY_APP_VIEW_URL={{ BLUESKY_VIEW_URL }}
PDS_BSKY_APP_VIEW_DID={{ BLUESKY_VIEW_DID }}
PDS_REPORT_SERVICE_URL=https://mod.bsky.app
PDS_REPORT_SERVICE_DID=did:plc:ar7c4by46qjdydhdevvrndac