add config for pasture verify actor

author: Jenniferplusplus <contact@jenniferplusplus.com> 2023-11-13 19:00:38 -0600
committer: Jenniferplusplus <contact@jenniferplusplus.com> 2023-11-13 19:00:38 -0600
commit: e7cf3fcb3c81a4451dbb088f4768d3b833ce80dc (patch)
tree: 0132af6e5adb3d5b84bab2104f44be31d99dbef6
parent: 64c1d42dba333159ff57400c0496f81d07e64d82 (diff)
download: sandcastles-e7cf3fcb3c81a4451dbb088f4768d3b833ce80dc.tar.gz
sandcastles-e7cf3fcb3c81a4451dbb088f4768d3b833ce80dc.tar.bz2
sandcastles-e7cf3fcb3c81a4451dbb088f4768d3b833ce80dc.zip
5 files changed, 102 insertions, 1 deletions
diff --git a/mastodon.castle.yml b/mastodon.castle.yml
index 780edcf..df83712 100644
--- a/mastodon.castle.yml
+++ b/mastodon.castle.yml
@@ -43,6 +43,8 @@ services:
       - WEB_DOMAIN=mastodon.castle
   
   mastodon-streaming:
+    labels:
+      - traefik.enable=false
     depends_on:
       - mastodon
     image: docker.io/bitnami/mastodon:4
@@ -55,6 +57,8 @@ services:
       - MASTODON_ELASTICSEARCH_PASSWORD=bitnami123
       - MASTODON_REDIS_HOST=mastodon_redis
   mastodon-sidekiq:
+    labels:
+      - traefik.enable=false
     depends_on:
       - mastodon
     image: docker.io/bitnami/mastodon:4
@@ -70,6 +74,8 @@ services:
       - MASTODON_REDIS_HOST=mastodon_redis
       - MASTODON_DATABASE_HOST=mastodon_db
   mastodon_db:
+    labels:
+      - traefik.enable=false
     image: docker.io/bitnami/postgresql:16
     networks:
       - mastodon
@@ -80,6 +86,8 @@ services:
       - POSTGRESQL_USERNAME=bn_mastodon
       - POSTGRESQL_PASSWORD=bitnami1
   mastodon_redis:
+    labels:
+      - traefik.enable=false
     image: docker.io/bitnami/redis:7.0
     volumes:
       - 'redis_data:/bitnami/redis'
@@ -88,6 +96,8 @@ services:
     environment:
       - ALLOW_EMPTY_PASSWORD=yes
   mastodon_es:
+    labels:
+      - traefik.enable=false
     image: docker.io/bitnami/elasticsearch:8
     networks:
       - mastodon
diff --git a/pasture.Dockerfile b/pasture.Dockerfile
new file mode 100644
index 0000000..b7f6926
--- /dev/null
+++ b/pasture.Dockerfile
@@ -0,0 +1,17 @@
+FROM python:3.11-alpine
+
+RUN pip install ipython
+RUN pip install bovine
+
+RUN pip install fediverse_pasture
+
+ADD https://codeberg.org/helge/funfedidev/archive/cd14bd038b3733f8efa343c2157dfd8768e641f9.zip /var/source.zip 
+
+RUN unzip /var/source.zip -d /var/source/
+RUN mkdir /work
+RUN cp /var/source/funfedidev/fediverse-pasture/work / -r
+WORKDIR /opt
+
+COPY volumes/root-ca/certs/root_ca.crt /usr/local/share/ca-certificates/root_ca.crt
+
+RUN cat /usr/local/share/ca-certificates/root_ca.crt >> /etc/ssl/certs/ca-certificates.crt
+\ No newline at end of file
diff --git a/pasture.castle.yml b/pasture.castle.yml
new file mode 100644
index 0000000..bd0ce8b
--- /dev/null
+++ b/pasture.castle.yml
@@ -0,0 +1,72 @@
+
+services:
+  pasture_one_actor:
+    labels:
+      - traefik.enable=false
+    image: pasture-sandcastles
+    build:
+      dockerfile: ./pasture.Dockerfile
+    volumes: 
+      - ./volumes/pasture:/opt
+    command: python -m fediverse_pasture.one_actor --port 80 --assets assets
+    networks:
+      pasture:
+  pasture_runner:
+    labels:
+      - traefik.enable=false
+    image: pasture-sandcastles
+    build:
+      dockerfile: ./pasture.Dockerfile
+    volumes: 
+      - ./volumes/pasture:/opt
+      - ./work:/work
+    working_dir: /work
+    depends_on:
+      - pasture_one_actor
+    command: /bin/sh
+    stdin_open: true
+    tty: true
+    networks:
+      pasture:
+  pasture_http_signature:
+    labels:
+      - traefik.enable=false
+    image: pasture-sandcastles
+    build:
+      dockerfile: ./pasture.Dockerfile
+    volumes: 
+      - ./volumes/pasture:/opt
+    command: python -m fediverse_pasture.http_signature --port 80
+    networks:
+      pasture:
+  pasture_verify_actor:
+    labels:
+      - traefik.http.routers.pasture.rule=Host(`actor.pasture.castle`)
+      - traefik.http.routers.pasture.tls=true
+      - traefik.http.routers.pasture.tls.certresolver=smallstep
+      - traefik.port=80
+    image: pasture-sandcastles
+    build:
+      dockerfile: ./pasture.Dockerfile
+    volumes: 
+      - ./volumes/pasture:/opt
+    command: python -m fediverse_pasture.verify_actor --port 80 --domain pasture_verify_actor
+    expose:
+      - 80
+    networks:
+      pasture:
+      fediverse:
+
+  proxy:
+    networks:
+      default:
+        aliases:
+          - actor.pasture.castle
+      fediverse:
+        aliases:
+          - actor.pasture.castle
+
+
+networks:
+  pasture:
+    internal: true
+\ No newline at end of file
diff --git a/volumes/pasture/.gitignore b/volumes/pasture/.gitignore
new file mode 100644
index 0000000..c96a04f
--- /dev/null
+++ b/volumes/pasture/.gitignore
@@ -0,0 +1,2 @@
+*
+!.gitignore
+\ No newline at end of file
diff --git a/volumes/proxy/traefik.toml b/volumes/proxy/traefik.toml
index 0c3f0a1..c6d2e96 100644
--- a/volumes/proxy/traefik.toml
+++ b/volumes/proxy/traefik.toml
@@ -11,7 +11,7 @@
   dashboard = true
 
 [certificatesResolvers.smallstep.acme]
-  caServer = "https://root-ca.castle:9000/acme/acme/directory" # acme-staging-v02.api.letsencrypt.org/directory"
+  caServer = "https://root-ca.castle:9000/acme/acme/directory"
   storage = "acme.json"
   [certificatesResolvers.smallstep.acme.httpChallenge]
     entryPoint = "web"
author	Jenniferplusplus <contact@jenniferplusplus.com>	2023-11-13 19:00:38 -0600
committer	Jenniferplusplus <contact@jenniferplusplus.com>	2023-11-13 19:00:38 -0600
commit	e7cf3fcb3c81a4451dbb088f4768d3b833ce80dc (patch)
tree	0132af6e5adb3d5b84bab2104f44be31d99dbef6
parent	64c1d42dba333159ff57400c0496f81d07e64d82 (diff)
download	sandcastles-e7cf3fcb3c81a4451dbb088f4768d3b833ce80dc.tar.gz sandcastles-e7cf3fcb3c81a4451dbb088f4768d3b833ce80dc.tar.bz2 sandcastles-e7cf3fcb3c81a4451dbb088f4768d3b833ce80dc.zip