red/pleroma
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

move pleroma config to config map

Browse source
This commit is contained in:
red 2025-03-12 16:34:30 -04:00
parent 64664df6b7
commit 938245526b
3 changed files with 274 additions and 256 deletions
Download patch file Download diff file Expand all files Collapse all files

19
pleroma/Dockerfile
View file

@ -11,23 +11,24 @@ RUN unzip /tmp/pleroma.zip -d /tmp/
RUN apk update && \
apk add exiftool ffmpeg vips libmagic ncurses postgresql-client curl
RUN adduser --system --shell /bin/false --home ${HOME} pleroma &&\
RUN adduser --system --shell /bin/false --home ${HOME} -u 1000 pleroma &&\
addgroup -g 1000 -S pleroma &&\
addgroup pleroma pleroma &&\
mkdir -p ${DATA} &&\
chown -R pleroma ${DATA} &&\
chown -R pleroma:pleroma ${DATA} &&\
mkdir -p /etc/pleroma &&\
chown -R pleroma /etc/pleroma &&\
chown -R pleroma:pleroma /etc/pleroma &&\
mv /tmp/release/* ${HOME} &&\
chown -R pleroma ${HOME}
chown -R pleroma:pleroma ${HOME}
RUN rm -r /tmp/release
RUN rm /tmp/pleroma.zip
USER pleroma
COPY --chmod=0764 --chown=pleroma ./static-files/ /static-files/
COPY --chmod=0640 --chown=pleroma ./docker.exs /etc/pleroma/config.exs
COPY --chmod=0755 ./docker-entrypoint.sh ${HOME}
COPY --chmod=0764 --chown=pleroma:pleroma ./static-files/ /static-files/
COPY --chmod=0755 --chown=pleroma:pleroma ./docker-entrypoint.sh ${HOME}
EXPOSE 4000
USER pleroma
ENTRYPOINT ["/opt/pleroma/docker-entrypoint.sh"]

244
pleroma/docker.exs
View file

@ -1,244 +0,0 @@
# Pleroma instance configuration
# NOTE: This file should not be committed to a repo or otherwise made public
# without removing sensitive information.
import Config
config :pleroma, Pleroma.Web.Endpoint,
url: [host: System.get_env("DOMAIN", "localhost"), scheme: "https", port: 443],
http: [ip: {0, 0, 0, 0}, port: 4000],
secret_key_base: System.get_env("SECRET_KEY_BASE"),
signing_salt: System.get_env("SIGNING_SALT")
config :pleroma, :instance,
name: System.get_env("INSTANCE_NAME", "Pleroma"),
email: System.get_env("ADMIN_EMAIL"),
notify_email: System.get_env("NOTIFY_EMAIL"),
limit: 5000,
upload_limit: 67_108_864,
registrations_open: false,
invites_enabled: true,
healthcheck: true
# config :pleroma, :http, proxy_url: {:socks5h, System.get_env("SOCKS_ADDRESS"), System.get_env("SOCKS_PORT")}
config :pleroma, :http,
proxy_url: "http://privoxy:8118"
config :pleroma, :media_proxy,
enabled: false,
redirect_on_failure: true
#base_url: "https://cache.pleroma.social"
config :pleroma, Pleroma.Repo,
adapter: Ecto.Adapters.Postgres,
username: System.get_env("DB_USER", "pleroma"),
password: System.get_env("DB_PASS"),
database: System.get_env("DB_NAME", "pleroma"),
hostname: System.get_env("DB_HOST", "db")
# Configure web push notifications
config :web_push_encryption, :vapid_details,
subject: "mailto:#{System.get_env("NOTIFY_EMAIL")}",
public_key: System.get_env("WEB_PUSH_PUBLIC_KEY"),
private_key: System.get_env("WEB_PUSH_PRIVATE_KEY")
config :pleroma, :database, rum_enabled: false
config :pleroma, :instance, static_dir: "/var/lib/pleroma/static"
config :pleroma, Pleroma.Uploaders.Local, uploads: "/var/lib/pleroma/uploads"
# Enable Strict-Transport-Security once SSL is working:
# config :pleroma, :http_security,
# sts: true
# Configure S3 support if desired.
# The public S3 endpoint (base_url) is different depending on region and provider,
# consult your S3 provider's documentation for details on what to use.
#
config :pleroma, Pleroma.Upload,
uploader: Pleroma.Uploaders.S3,
base_url: System.get_env("MEDIA_URL")
config :pleroma, Pleroma.Uploaders.S3,
bucket: System.get_env("S3_BUCKET"),
bucket_namespace: nil,
truncated_namespace: "",
streaming_enabled: true
# Configure S3 credentials:
config :ex_aws, :s3,
access_key_id: System.get_env("S3_ACCESS_KEY"),
secret_access_key: System.get_env("S3_SECRET_KEY"),
scheme: System.get_env("S3_SCHEME"),
host: System.get_env("S3_HOST"),
port: System.get_env("S3_PORT")
config :joken, default_signer: System.get_env("DEFAULT_SIGNER")
config :pleroma, configurable_from_database: false
config :pleroma, Pleroma.Upload, filters: [Pleroma.Upload.Filter.Exiftool.StripLocation, Pleroma.Upload.Filter.Dedupe]
config :pleroma, :mrf,
policies: [
Pleroma.Web.ActivityPub.MRF.SimplePolicy,
Pleroma.Web.ActivityPub.MRF.ObjectAgePolicy,
Pleroma.Web.ActivityPub.MRF.TagPolicy,
Pleroma.Web.ActivityPub.MRF.InlineQuotePolicy,
Pleroma.Web.ActivityPub.MRF.HashtagPolicy
]
config :pleroma, :mrf_simple,
media_removal: [
{"youjo.love", "nonce"},
{"nnia.space", "https://kiwifarms.st/threads/margarita-molotorenko-margarita-molotorenko-lecter-wierstamann-comrade-lecter-wierstaban-chrono-corner-akhnaton.178049/"},
{"*.freak.university", "nonce"},
{"sad.cab", "nonce"},
{"*.lolison.top", "nonce"},
{"pedo.school", "nonce"},
{"rapemeat.solutions", "nonce"},
{"ghetti.monster", "nonce"},
{"xhais.love", "https://kiwifarms.st/threads/valerie-connor-roundy-hypnotist-sappho-succubus-sappho-vin-r-wolf-f1r3fr0st-v3xarray-r00tlulz.108414/"},
{"horserock.xyz", "nonce"},
{"lolison.network", "nonce"},
{"loli.exposed", "nonce"},
{"lewdieheaven.com", "nonce"},
{"rot.gives", "nonce"},
{"rapemeat.express", "nonce"},
{"pettanko.art", "nonce"},
{"rqd2.net", "nonce"},
{"nnia.cc", "https://kiwifarms.st/threads/margarita-molotorenko-margarita-molotorenko-lecter-wierstamann-comrade-lecter-wierstaban-chrono-corner-akhnaton.178049/"},
{"childlove.space", "nonce"},
{"cannibal.cafe", "nonce"},
{"rape.pet", "https://kiwifarms.st/threads/the-pediverse-radqueers-paraphila-movement.194261/post-19500421"},
{"whitewomen.dog", "nonce"},
{"monk.ey.business", "nonce"},
{"*.ulithsys.moe", "nonce"},
{"paravielfalt.zone", "nonce"},
{"mapsupport.de", "nonce"},
{"*.cunnyborea.space", "nonce"},
{"cunnyborea.top", "nonce"},
{"youjo.observer", "nonce"},
{"*.ating.press", "nonce"},
{"*.cunny.win", "nonce"},
{"cottoncandy.cafe", "nonce"},
{"childlove.su", "nonce"},
{"*.tlespace.xyz", "nonce"},
{"*.tleplace.xyz", "nonce"},
{"oddballs.online", "https://kiwifarms.st/threads/ezra-j-orena-toonimal-critterkiddo-bonzibuddy-runt-funnyanimal-speciose.180429/"},
{"*.cassilda.house", "nonce"},
{"tummy.town", "nonce"},
{"*.yesmap.net", "nonce"},
{"*.tooters.wtf", "nonce"},
{"*.isekco.re", "nonce"},
{"eepy.express", "nonce"},
{"*.nekos.cafe", "nonce"},
{"*.thoughtcrimes.top", "nonce"},
{"imouto.pics", "nonce"},
{"shota.house", "nonce"},
{"*.notacri.me", "nonce"},
{"cutecatgirls.cafe", "nonce"},
{"bunnyanarchy.org", "nonce"},
{"*.offkey.wtf", "https://kiwifarms.st/threads/ezra-j-orena-toonimal-critterkiddo-bonzibuddy-runt-funnyanimal-speciose.180429/"},
{"*.mikonian.ca", "nonce"},
{"*.burggit.moe", "nonce"},
{"miiverse.cafe", "nonce"},
{"*.sexycubs.xyz", "nonce"},
{"*.cubsex.lol", "nonce"},
{"*.sexypokemon.xyz", "nonce (same IP as sexycubs.xyz)"},
{"fstube.net", "nonce"},
{"pacsa.us", "nonce"},
{"childlove.top", "nonce"},
{"imouto.exposed", "nonce"},
{"socks.cafe", "nonce"},
{"cunnyfu.cc", "nonce"},
{"cub.lol", "nonce"},
{"chaotic.buzz", "nonce"},
{"filly.love", "nonce"},
{"kodo.pictures", "nonce"},
{"mesugaki.xyz", "nonce"},
{"*.cutiegarden.rip", "nonce"},
{"*.cutiegarden.org", "nonce"},
{"*.tor.observer", "Tor2web service currently used as a proxy to get unfilterable CSAM instances to federate elsewhere"},
{"minor.cafe", "https://kiwifarms.st/threads/the-pediverse-radqueers-paraphila-movement.194261/post-19500421"},
{"yummyy.cc", "nonce"},
{"*.neechan.top", "nonce"},
{"baise-moi.top", "nonce"},
{"*.cubsex.pictures", "nonce"},
{"cub.cool", "nonce"},
{"outcast.zip", "nonce"},
{"pon.cat", "nonce"},
{"*.faraday.quest", "nonce"},
{"puppyspace.cc", "nonce"},
{"puppyspace.org", "nonce"},
{"netzsphaere.xyz", "nonce"},
{"ponkat.in", "nonce"},
{"paraphili.cc", "nonce"},
{"inumimi.love", "nonce"},
{"snuffster.pw", "nonce"},
{"cuties.zone", "nonce"},
{"cunny.beauty", "nonce"},
{"vampires.pet", "nonce"},
{"poni.cc", "nonce"},
{"kidsarehot.fyi", "nonce"},
{"gimmeloli.top", "nonce"},
{"yotsu.rocks", "nonce"},
{"cutiefest.cc", "nonce"},
{"*.kawaiizenbo.me", "nonce"},
{"pawuwu.net", "nonce"},
{"*.allykotetsu.com", "nonce"},
{"xn--u9jz52grnl.xn--q9jyb4c", "nonce"},
{"*.zooey.cat", "nonce"},
{"yiffy.pet", "nonce"},
{"yotsu.lol", "nonce"},
{"lolihigh.school", "nonce"},
{"gimmeloli.cc", "nonce"},
{"incestlovers.moe", "nonce"},
{"kit.cafe", "nonce"},
{"dellago.casa", "nonce"},
{"*.bongothirteen.net", "nonce"},
{"*.capyborea.space", "nonce"},
{"edens.faith", "nonce"},
{"080984.xyz", "nonce"},
{"pawoo.net", "Alledged illegal content here."},
{"rot.gives", "dawg....."},
{"cunnyborea.space", "sanitization, suspicious instance (pedos) but no evidence they are feds apart from 1 post"},
{"childlove.space", "N/A"},
{"cannibal.cafe", "fed hazard, and of course admitted to using lolis as alternatives to actual illegal material"},
{"ating.press", "N/A"},
{"rape.pet", "N/A"},
{"freak.university", "known pedo instance"},
{"social.isekco.re", "N/A"},
{"cute.lolison.top", "N/A"},
{"eepy.express", "N/A"},
{"whitewomen.dog", "VERY suspicious server"},
{"love.is.notacri.me", "N/A"},
{"aethy.com", "N/A"},
{"imouto.exposed", "N/A"},
{"cunnyfu.cc", "N/A"},
{"cubsex.lol", "i'm tired of dealing with these servers"},
{"cunny.gay", "N/A"},
{"lolison.top", "N/A"},
{"baraag.net", "N/A"},
{"fedi.cutiegarden.rip", "N/A"},
{"cub.lol", "N/A"},
{"kodo.pictures", "N/A"},
{"yummyy.cc", "N/A"},
{"filly.love", "I'm not enabling the media proxy for you to spread your illness onto my servers you chomo"},
{"mapsupport.de", "Cut off one head, two more will take its place."},
{"minor.cafe", "N/A"},
{"childlove.top", "Chomo: Type A (Common)"},
{"cubsex.pictures", "Chomo: Type B (Furry)"},
{"luv.cunnyborea.space", "Chomo: Type A (Common)"},
{"nnia.space", "Chomo: Type A (Common)"},
{"cub.cool", "Chomo: Type B (Furry)"},
{"puppyspace.cc", "Chomo: Type B (Furry)"},
{"inumimi.love", "Chomo: Type A (Common)"},
{"neechan.top", "Chomo: Type A (Common)"},
{"yesmap.net", "Chomo: Type A (Common)"},
{"poni.cc", "looks like the rebirth of filly.love"},
{"cunny.beauty", "Chomo: Type A (Common)"},
{"burggit.moe", "Chomo: Type A (Common)"},
{"mostr.pub", "NNNNGGGGGGHHHHH I KILL YOU"}
]