This commit is contained in:
server 2024-08-14 04:52:59 +00:00
commit 028cc0e8d5
10 changed files with 497 additions and 7 deletions

17
.gitignore vendored
View File

@ -1,9 +1,12 @@
FileBrowser/database.db
Jellyfin/cache/
Jellyfin/config/
Pacoloco/cache/
qBittorrent/config/
qBittorrent/qbit-config/
/Revolt/data
/OpenWebUI/open-webui
/uptime-kuma/data
/FileBrowser/database.db
/Pacoloco/cache/
/Jellyfin/cache/
/Jellyfin/config/
/qBittorrent/config/
/qBittorrent/qbit-config/

108
Revolt/.env Normal file
View File

@ -0,0 +1,108 @@
##
## Quark configuration
##
# MongoDB
MONGODB=mongodb://database
# Redis
REDIS_URI=redis://redis/
# Hostname used for Caddy
# This should in most cases match REVOLT_APP_URL
HOSTNAME=http://local.revolt.chat
# URL to where the Revolt app is publicly accessible
REVOLT_APP_URL=http://local.revolt.chat
# VITE_xxx variables are used in the new frontend https://github.com/revoltchat/frontend
# URL to where the API is publicly accessible
REVOLT_PUBLIC_URL=http://local.revolt.chat/api
VITE_API_URL=http://local.revolt.chat/api
# URL to where the WebSocket server is publicly accessible
REVOLT_EXTERNAL_WS_URL=ws://local.revolt.chat/ws
VITE_WS_URL=ws://local.revolt.chat/ws
# URL to where Autumn is publicly available
AUTUMN_PUBLIC_URL=http://local.revolt.chat/autumn
VITE_MEDIA_URL=http://local.revolt.chat/autumn
# URL to where January is publicly available
JANUARY_PUBLIC_URL=http://local.revolt.chat/january
VITE_PROXY_URL=http://local.revolt.chat/january
##
## hCaptcha Settings
##
# If you are sure that you don't want to use hCaptcha, set to 1.
REVOLT_UNSAFE_NO_CAPTCHA=1
# hCaptcha API key (This is the "Secret key" from your User Settings page)
# REVOLT_HCAPTCHA_KEY=0x0000000000000000000000000000000000000000
# hCaptcha site key
# REVOLT_HCAPTCHA_SITEKEY=10000000-ffff-ffff-ffff-000000000001
##
## Email Settings
##
# If you are sure that you don't want to use email verification, set to 1.
REVOLT_UNSAFE_NO_EMAIL=1
# SMTP host
# REVOLT_SMTP_HOST=smtp.example.com
# SMTP username
# REVOLT_SMTP_USERNAME=noreply@example.com
# SMTP password
# REVOLT_SMTP_PASSWORD=CHANGEME
# SMTP From header
# REVOLT_SMTP_FROM=Revolt <noreply@example.com>
##
## Application Settings
##
# Whether to only allow users to sign up if they have an invite code
REVOLT_INVITE_ONLY=0
# Maximum number of people that can be in a group chat
REVOLT_MAX_GROUP_SIZE=150
# VAPID keys for push notifications
# Generate using this guide: https://gitlab.insrt.uk/revolt/delta/-/wikis/vapid
# --> Please replace these keys before going into production! <--
REVOLT_VAPID_PRIVATE_KEY=LS0tLS1CRUdJTiBFQyBQUklWQVRFIEtFWS0tLS0tCk1IY0NBUUVFSUJSUWpyTWxLRnBiVWhsUHpUbERvcEliYk1yeVNrNXpKYzVYVzIxSjJDS3hvQW9HQ0NxR1NNNDkKQXdFSG9VUURRZ0FFWnkrQkg2TGJQZ2hEa3pEempXOG0rUXVPM3pCajRXT1phdkR6ZU00c0pqbmFwd1psTFE0WAp1ZDh2TzVodU94QWhMQlU3WWRldVovWHlBdFpWZmNyQi9BPT0KLS0tLS1FTkQgRUMgUFJJVkFURSBLRVktLS0tLQo=
REVOLT_VAPID_PUBLIC_KEY=BGcvgR-i2z4IQ5Mw841vJvkLjt8wY-FjmWrw83jOLCY52qcGZS0OF7nfLzuYbjsQISwVO2HXrmf18gLWVX3Kwfw=
##
## Autumn configuration
##
# S3 Region
AUTUMN_S3_REGION=minio
# S3 Endpoint
AUTUMN_S3_ENDPOINT=http://minio:9000
# MinIO Root User
MINIO_ROOT_USER=minioautumn
# MinIO Root Password
MINIO_ROOT_PASSWORD=minioautumn
# AWS Access Key ID
AWS_ACCESS_KEY_ID=minioautumn
# AWS Secret Key
AWS_SECRET_ACCESS_KEY=minioautumn

1
Revolt/.env.caddy Normal file
View File

@ -0,0 +1 @@
HOSTNAME=http://local.revolt.chat

42
Revolt/Caddyfile Normal file
View File

@ -0,0 +1,42 @@
{
admin :2019
servers {
metrics
}
}
// {$HOSTNAME} {
:80 {
route /api* {
uri strip_prefix /api
reverse_proxy http://api:8000
}
route /ws {
@upgrade {
header Connection *Upgrade*
header Upgrade websocket
}
uri strip_prefix /ws
reverse_proxy @upgrade http://events:9000
}
route /autumn* {
uri strip_prefix /autumn
reverse_proxy http://autumn:3000
}
route /january* {
uri strip_prefix /january
reverse_proxy http://january:7000
}
route /stats* {
uri strip_prefix /stats
reverse_proxy http://grafana:3000
}
reverse_proxy http://web:5000
}

13
Revolt/README.md Normal file
View File

@ -0,0 +1,13 @@
Run a revolt server with fancy monitoring (WIP)
# Prep
You may need to run
```bash
sudo mount --make-rshared /
```
# Before Prod
- [ ] Change .env.grafana file usernames and passwords
- [ ] Change .env file urls

97
Revolt/Revolt.toml Normal file
View File

@ -0,0 +1,97 @@
[database]
mongodb = "mongodb://database"
redis = "redis://redis/"
[hosts]
app = "http://local.revolt.chat"
api = "http://local.revolt.chat/api"
events = "ws://local.revolt.chat/ws"
autumn = "http://local.revolt.chat/autumn"
january = "http://local.revolt.chat/january"
voso_legacy = ""
voso_legacy_ws = ""
[api]
[api.registration]
invite_only = false
[api.smtp]
host = ""
username = ""
password = ""
from_address = ""
[api.vapid]
private_key = "LS0tLS1CRUdJTiBFQyBQUklWQVRFIEtFWS0tLS0tCk1IY0NBUUVFSUJSUWpyTWxLRnBiVWhsUHpUbERvcEliYk1yeVNrNXpKYzVYVzIxSjJDS3hvQW9HQ0NxR1NNNDkKQXdFSG9VUURRZ0FFWnkrQkg2TGJQZ2hEa3pEempXOG0rUXVPM3pCajRXT1phdkR6ZU00c0pqbmFwd1psTFE0WAp1ZDh2TzVodU94QWhMQlU3WWRldVovWHlBdFpWZmNyQi9BPT0KLS0tLS1FTkQgRUMgUFJJVkFURSBLRVktLS0tLQo"
public_key = "BGcvgR-i2z4IQ5Mw841vJvkLjt8wY-FjmWrw83jOLCY52qcGZS0OF7nfLzuYbjsQISwVO2HXrmf18gLWVX3Kwfw="
[api.fcm]
api_key = ""
[api.apn]
pkcs8 = ""
key_id = ""
team_id = ""
[api.security]
authifier_shield_key = ""
voso_legacy_token = ""
trust_cloudflare = false
[api.security.captcha]
hcaptcha_key = ""
hcaptcha_sitekey = ""
[api.workers]
max_concurrent_connections = 50
[features]
webhooks_enabled = false
[features.limits]
[features.limits.global]
group_size = 100
message_embeds = 5
message_replies = 5
message_reactions = 20
server_emoji = 100
server_roles = 200
server_channels = 200
new_user_days = 3
[features.limits.new_user]
outgoing_friend_requests = 5
bots = 2
message_length = 2000
message_attachments = 5
servers = 100
attachment_size = 20000000
avatar_size = 4000000
background_size = 6000000
icon_size = 2500000
banner_size = 6000000
emoji_size = 500000
[features.limits.default]
outgoing_friend_requests = 10
bots = 5
message_length = 2000
message_attachments = 5
servers = 100
attachment_size = 20000000
avatar_size = 4000000
background_size = 6000000
icon_size = 2500000
banner_size = 6000000
emoji_size = 500000
[sentry]
api = ""
events = ""

183
Revolt/compose.yaml Normal file
View File

@ -0,0 +1,183 @@
services:
# r-proxy, log generator
caddy:
image: caddy:latest
restart: always
env_file: .env.caddy
ports:
- '8880:80'
- '4443:443'
volumes:
- './Caddyfile:/etc/caddy/Caddyfile'
- './data/caddy-data:/data'
- './data/caddy-config:/config'
##########################################
# Monitoring
#####
# log collector
prometheus:
image: prom/prometheus:latest
restart: always
volumes:
- ./prometheus/:/etc/prometheus/
- prometheus_storage:/prometheus
command:
- '--config.file=/etc/prometheus/prometheus.yml'
- '--storage.tsdb.path=/prometheus'
- '--web.console.libraries=/usr/share/prometheus/console_libraries'
- '--web.console.templates=/usr/share/prometheus/consoles'
ports:
- 9090:9090
# links:
# - cadvisor:cadvisor
depends_on:
- cadvisor
- caddy
# log viewer
grafana:
image: grafana/grafana:latest
user: "472"
restart: always
ports:
- 3000:3000
volumes:
- './grafana/provisioning/:/etc/grafana/provisioning/'
- 'grafana_storage:/var/lib/grafana'
env_file:
- ./grafana/.env.grafana
depends_on:
- prometheus
node-exporter:
image: quay.io/prometheus/node-exporter:latest
volumes:
- /proc:/host/proc:ro
- /sys:/host/sys:ro
- /:/rootfs:ro
- /:/host:ro,rslave
command:
- '--path.rootfs=/host'
- '--path.procfs=/host/proc'
- '--path.sysfs=/host/sys'
- --collector.filesystem.mount-points-exclude
- "^/(sys|proc|dev|host|etc|rootfs/var/lib/docker/containers|rootfs/var/lib/docker/overlay2|rootfs/run/docker/netns|rootfs/var/lib/docker/aufs)($$|/)"
ports:
- 9100:9100
restart: always
deploy:
mode: global
cadvisor:
image: gcr.io/cadvisor/cadvisor
volumes:
- /:/rootfs:ro
- /var/run:/var/run:rw
- /sys:/sys:ro
- /var/lib/docker/:/var/lib/docker:ro
ports:
- 8080:8080
restart: always
deploy:
mode: global
##########################################
# Revolt
#####
# MongoDB database
database:
image: mongo
restart: always
volumes:
- './data/db:/data/db'
# Redis server
redis:
image: eqalpha/keydb
restart: always
# S3-compatible storage server
minio:
image: minio/minio
command: server /data
env_file: .env
volumes:
- './data/minio:/data'
restart: always
# API server (delta)
api:
image: ghcr.io/revoltchat/server:latest
env_file: .env
depends_on:
- database
- redis
- caddy
restart: always
volumes:
- './Revolt.toml:/Revolt.toml'
# Events service (quark)
events:
image: ghcr.io/revoltchat/bonfire:latest
env_file: .env
depends_on:
- database
- redis
- caddy
restart: always
volumes:
- './Revolt.toml:/Revolt.toml'
# Web App (revite)
web:
image: ghcr.io/revoltchat/client:master
env_file: .env
depends_on:
- caddy
restart: always
# File server (autumn)
autumn:
image: ghcr.io/revoltchat/autumn:latest
env_file: .env
depends_on:
- database
- createbuckets
- caddy
environment:
- AUTUMN_MONGO_URI=mongodb://database
restart: always
# Metadata and image proxy (january)
january:
image: ghcr.io/revoltchat/january:latest
depends_on:
- caddy
restart: always
# Create buckets for minio.
createbuckets:
image: minio/mc
depends_on:
- minio
env_file: .env
entrypoint: >
/bin/sh -c "
/usr/bin/mc config host add minio http://minio:9000 $MINIO_ROOT_USER $MINIO_ROOT_PASSWORD;
while ! /usr/bin/mc ready minio; do echo 'Waiting minio...' && sleep 1; done;
/usr/bin/mc mb minio/attachments;
/usr/bin/mc mb minio/avatars;
/usr/bin/mc mb minio/backgrounds;
/usr/bin/mc mb minio/icons;
/usr/bin/mc mb minio/banners;
/usr/bin/mc mb minio/emojis;
exit 0;
"
volumes:
grafana_storage: {}
prometheus_storage: {}

View File

@ -0,0 +1,4 @@
GF_AUTH_ANONYMOUS_ENABLED=true
GF_AUTH_ANONYMOUS_ORG_ROLE=Admin
GF_AUTH_DISABLE_LOGIN_FORM=true
GF_FEATURE_TOGGLES_ENABLE=traceqlEditor

View File

@ -0,0 +1,15 @@
apiVersion: 1
datasources:
- name: Prometheus
type: prometheus
uid: prometheus
access: proxy
orgId: 1
url: http://prometheus:9090
basicAuth: false
isDefault: false
version: 1
editable: false
jsonData:
httpMethod: GET

View File

@ -0,0 +1,24 @@
global:
scrape_interval: 15s
external_labels:
monitor: 'Revolt'
scrape_configs:
- job_name: caddy
static_configs:
# docker networking
- targets: ['caddy:2019']
- job_name: 'prometheus'
static_configs:
- targets: ['localhost:9090']
- job_name: 'cadvisor'
static_configs:
- targets: ['cadvisor:8080']
- job_name: 'node-exporter'
static_configs:
- targets: ['node-exporter:9100']