diff --git a/.gitignore b/.gitignore index f53a790..08c3750 100644 --- a/.gitignore +++ b/.gitignore @@ -1,9 +1,12 @@ -FileBrowser/database.db -Jellyfin/cache/ -Jellyfin/config/ -Pacoloco/cache/ -qBittorrent/config/ -qBittorrent/qbit-config/ - +/Revolt/data /OpenWebUI/open-webui /uptime-kuma/data +/FileBrowser/database.db +/Pacoloco/cache/ + +/Jellyfin/cache/ +/Jellyfin/config/ + +/qBittorrent/config/ +/qBittorrent/qbit-config/ + diff --git a/Revolt/.env b/Revolt/.env new file mode 100644 index 0000000..bef7913 --- /dev/null +++ b/Revolt/.env @@ -0,0 +1,108 @@ +## +## Quark configuration +## + +# MongoDB +MONGODB=mongodb://database + +# Redis +REDIS_URI=redis://redis/ + +# Hostname used for Caddy +# This should in most cases match REVOLT_APP_URL +HOSTNAME=http://local.revolt.chat + +# URL to where the Revolt app is publicly accessible +REVOLT_APP_URL=http://local.revolt.chat + +# VITE_xxx variables are used in the new frontend https://github.com/revoltchat/frontend + +# URL to where the API is publicly accessible +REVOLT_PUBLIC_URL=http://local.revolt.chat/api +VITE_API_URL=http://local.revolt.chat/api + +# URL to where the WebSocket server is publicly accessible +REVOLT_EXTERNAL_WS_URL=ws://local.revolt.chat/ws +VITE_WS_URL=ws://local.revolt.chat/ws + +# URL to where Autumn is publicly available +AUTUMN_PUBLIC_URL=http://local.revolt.chat/autumn +VITE_MEDIA_URL=http://local.revolt.chat/autumn + +# URL to where January is publicly available +JANUARY_PUBLIC_URL=http://local.revolt.chat/january +VITE_PROXY_URL=http://local.revolt.chat/january + + +## +## hCaptcha Settings +## + +# If you are sure that you don't want to use hCaptcha, set to 1. +REVOLT_UNSAFE_NO_CAPTCHA=1 + +# hCaptcha API key (This is the "Secret key" from your User Settings page) +# REVOLT_HCAPTCHA_KEY=0x0000000000000000000000000000000000000000 + +# hCaptcha site key +# REVOLT_HCAPTCHA_SITEKEY=10000000-ffff-ffff-ffff-000000000001 + + +## +## Email Settings +## + +# If you are sure that you don't want to use email verification, set to 1. +REVOLT_UNSAFE_NO_EMAIL=1 + +# SMTP host +# REVOLT_SMTP_HOST=smtp.example.com + +# SMTP username +# REVOLT_SMTP_USERNAME=noreply@example.com + +# SMTP password +# REVOLT_SMTP_PASSWORD=CHANGEME + +# SMTP From header +# REVOLT_SMTP_FROM=Revolt + + +## +## Application Settings +## + +# Whether to only allow users to sign up if they have an invite code +REVOLT_INVITE_ONLY=0 + +# Maximum number of people that can be in a group chat +REVOLT_MAX_GROUP_SIZE=150 + +# VAPID keys for push notifications +# Generate using this guide: https://gitlab.insrt.uk/revolt/delta/-/wikis/vapid +# --> Please replace these keys before going into production! <-- +REVOLT_VAPID_PRIVATE_KEY=LS0tLS1CRUdJTiBFQyBQUklWQVRFIEtFWS0tLS0tCk1IY0NBUUVFSUJSUWpyTWxLRnBiVWhsUHpUbERvcEliYk1yeVNrNXpKYzVYVzIxSjJDS3hvQW9HQ0NxR1NNNDkKQXdFSG9VUURRZ0FFWnkrQkg2TGJQZ2hEa3pEempXOG0rUXVPM3pCajRXT1phdkR6ZU00c0pqbmFwd1psTFE0WAp1ZDh2TzVodU94QWhMQlU3WWRldVovWHlBdFpWZmNyQi9BPT0KLS0tLS1FTkQgRUMgUFJJVkFURSBLRVktLS0tLQo= +REVOLT_VAPID_PUBLIC_KEY=BGcvgR-i2z4IQ5Mw841vJvkLjt8wY-FjmWrw83jOLCY52qcGZS0OF7nfLzuYbjsQISwVO2HXrmf18gLWVX3Kwfw= + + +## +## Autumn configuration +## + +# S3 Region +AUTUMN_S3_REGION=minio + +# S3 Endpoint +AUTUMN_S3_ENDPOINT=http://minio:9000 + +# MinIO Root User +MINIO_ROOT_USER=minioautumn + +# MinIO Root Password +MINIO_ROOT_PASSWORD=minioautumn + +# AWS Access Key ID +AWS_ACCESS_KEY_ID=minioautumn + +# AWS Secret Key +AWS_SECRET_ACCESS_KEY=minioautumn diff --git a/Revolt/.env.caddy b/Revolt/.env.caddy new file mode 100644 index 0000000..d9f938c --- /dev/null +++ b/Revolt/.env.caddy @@ -0,0 +1 @@ +HOSTNAME=http://local.revolt.chat diff --git a/Revolt/Caddyfile b/Revolt/Caddyfile new file mode 100644 index 0000000..f98ca75 --- /dev/null +++ b/Revolt/Caddyfile @@ -0,0 +1,42 @@ +{ + admin :2019 + + servers { + metrics + } +} + +// {$HOSTNAME} { +:80 { + route /api* { + uri strip_prefix /api + reverse_proxy http://api:8000 + } + + route /ws { + @upgrade { + header Connection *Upgrade* + header Upgrade websocket + } + + uri strip_prefix /ws + reverse_proxy @upgrade http://events:9000 + } + + route /autumn* { + uri strip_prefix /autumn + reverse_proxy http://autumn:3000 + } + + route /january* { + uri strip_prefix /january + reverse_proxy http://january:7000 + } + + route /stats* { + uri strip_prefix /stats + reverse_proxy http://grafana:3000 + } + + reverse_proxy http://web:5000 +} diff --git a/Revolt/README.md b/Revolt/README.md new file mode 100644 index 0000000..6f526ec --- /dev/null +++ b/Revolt/README.md @@ -0,0 +1,13 @@ +Run a revolt server with fancy monitoring (WIP) + + +# Prep + +You may need to run +```bash +sudo mount --make-rshared / +``` + +# Before Prod +- [ ] Change .env.grafana file usernames and passwords +- [ ] Change .env file urls \ No newline at end of file diff --git a/Revolt/Revolt.toml b/Revolt/Revolt.toml new file mode 100644 index 0000000..611edfa --- /dev/null +++ b/Revolt/Revolt.toml @@ -0,0 +1,97 @@ +[database] +mongodb = "mongodb://database" +redis = "redis://redis/" + +[hosts] +app = "http://local.revolt.chat" +api = "http://local.revolt.chat/api" +events = "ws://local.revolt.chat/ws" +autumn = "http://local.revolt.chat/autumn" +january = "http://local.revolt.chat/january" +voso_legacy = "" +voso_legacy_ws = "" + +[api] + +[api.registration] +invite_only = false + +[api.smtp] +host = "" +username = "" +password = "" +from_address = "" + +[api.vapid] +private_key = "LS0tLS1CRUdJTiBFQyBQUklWQVRFIEtFWS0tLS0tCk1IY0NBUUVFSUJSUWpyTWxLRnBiVWhsUHpUbERvcEliYk1yeVNrNXpKYzVYVzIxSjJDS3hvQW9HQ0NxR1NNNDkKQXdFSG9VUURRZ0FFWnkrQkg2TGJQZ2hEa3pEempXOG0rUXVPM3pCajRXT1phdkR6ZU00c0pqbmFwd1psTFE0WAp1ZDh2TzVodU94QWhMQlU3WWRldVovWHlBdFpWZmNyQi9BPT0KLS0tLS1FTkQgRUMgUFJJVkFURSBLRVktLS0tLQo" +public_key = "BGcvgR-i2z4IQ5Mw841vJvkLjt8wY-FjmWrw83jOLCY52qcGZS0OF7nfLzuYbjsQISwVO2HXrmf18gLWVX3Kwfw=" + +[api.fcm] +api_key = "" + +[api.apn] +pkcs8 = "" +key_id = "" +team_id = "" + +[api.security] +authifier_shield_key = "" +voso_legacy_token = "" +trust_cloudflare = false + +[api.security.captcha] +hcaptcha_key = "" +hcaptcha_sitekey = "" + +[api.workers] +max_concurrent_connections = 50 + +[features] +webhooks_enabled = false + +[features.limits] + +[features.limits.global] +group_size = 100 +message_embeds = 5 +message_replies = 5 +message_reactions = 20 +server_emoji = 100 +server_roles = 200 +server_channels = 200 + +new_user_days = 3 + +[features.limits.new_user] +outgoing_friend_requests = 5 + +bots = 2 +message_length = 2000 +message_attachments = 5 +servers = 100 + +attachment_size = 20000000 +avatar_size = 4000000 +background_size = 6000000 +icon_size = 2500000 +banner_size = 6000000 +emoji_size = 500000 + +[features.limits.default] +outgoing_friend_requests = 10 + +bots = 5 +message_length = 2000 +message_attachments = 5 +servers = 100 + +attachment_size = 20000000 +avatar_size = 4000000 +background_size = 6000000 +icon_size = 2500000 +banner_size = 6000000 +emoji_size = 500000 + +[sentry] +api = "" +events = "" diff --git a/Revolt/compose.yaml b/Revolt/compose.yaml new file mode 100644 index 0000000..a005bd4 --- /dev/null +++ b/Revolt/compose.yaml @@ -0,0 +1,183 @@ +services: + # r-proxy, log generator + caddy: + image: caddy:latest + restart: always + env_file: .env.caddy + ports: + - '8880:80' + - '4443:443' + volumes: + - './Caddyfile:/etc/caddy/Caddyfile' + - './data/caddy-data:/data' + - './data/caddy-config:/config' + + ########################################## + # Monitoring + ##### + + # log collector + prometheus: + image: prom/prometheus:latest + restart: always + volumes: + - ./prometheus/:/etc/prometheus/ + - prometheus_storage:/prometheus + command: + - '--config.file=/etc/prometheus/prometheus.yml' + - '--storage.tsdb.path=/prometheus' + - '--web.console.libraries=/usr/share/prometheus/console_libraries' + - '--web.console.templates=/usr/share/prometheus/consoles' + ports: + - 9090:9090 + # links: + # - cadvisor:cadvisor + depends_on: + - cadvisor + - caddy + + # log viewer + grafana: + image: grafana/grafana:latest + user: "472" + restart: always + ports: + - 3000:3000 + volumes: + - './grafana/provisioning/:/etc/grafana/provisioning/' + - 'grafana_storage:/var/lib/grafana' + env_file: + - ./grafana/.env.grafana + depends_on: + - prometheus + + node-exporter: + image: quay.io/prometheus/node-exporter:latest + volumes: + - /proc:/host/proc:ro + - /sys:/host/sys:ro + - /:/rootfs:ro + - /:/host:ro,rslave + command: + - '--path.rootfs=/host' + - '--path.procfs=/host/proc' + - '--path.sysfs=/host/sys' + - --collector.filesystem.mount-points-exclude + - "^/(sys|proc|dev|host|etc|rootfs/var/lib/docker/containers|rootfs/var/lib/docker/overlay2|rootfs/run/docker/netns|rootfs/var/lib/docker/aufs)($$|/)" + ports: + - 9100:9100 + restart: always + deploy: + mode: global + + cadvisor: + image: gcr.io/cadvisor/cadvisor + volumes: + - /:/rootfs:ro + - /var/run:/var/run:rw + - /sys:/sys:ro + - /var/lib/docker/:/var/lib/docker:ro + ports: + - 8080:8080 + restart: always + deploy: + mode: global + + ########################################## + # Revolt + ##### + + # MongoDB database + database: + image: mongo + restart: always + volumes: + - './data/db:/data/db' + + # Redis server + redis: + image: eqalpha/keydb + restart: always + + # S3-compatible storage server + minio: + image: minio/minio + command: server /data + env_file: .env + volumes: + - './data/minio:/data' + restart: always + + # API server (delta) + api: + image: ghcr.io/revoltchat/server:latest + env_file: .env + depends_on: + - database + - redis + - caddy + restart: always + volumes: + - './Revolt.toml:/Revolt.toml' + + # Events service (quark) + events: + image: ghcr.io/revoltchat/bonfire:latest + env_file: .env + depends_on: + - database + - redis + - caddy + restart: always + volumes: + - './Revolt.toml:/Revolt.toml' + + # Web App (revite) + web: + image: ghcr.io/revoltchat/client:master + env_file: .env + depends_on: + - caddy + restart: always + + # File server (autumn) + autumn: + image: ghcr.io/revoltchat/autumn:latest + env_file: .env + depends_on: + - database + - createbuckets + - caddy + environment: + - AUTUMN_MONGO_URI=mongodb://database + restart: always + + # Metadata and image proxy (january) + january: + image: ghcr.io/revoltchat/january:latest + depends_on: + - caddy + restart: always + + # Create buckets for minio. + createbuckets: + image: minio/mc + depends_on: + - minio + env_file: .env + entrypoint: > + /bin/sh -c " + /usr/bin/mc config host add minio http://minio:9000 $MINIO_ROOT_USER $MINIO_ROOT_PASSWORD; + while ! /usr/bin/mc ready minio; do echo 'Waiting minio...' && sleep 1; done; + /usr/bin/mc mb minio/attachments; + /usr/bin/mc mb minio/avatars; + /usr/bin/mc mb minio/backgrounds; + /usr/bin/mc mb minio/icons; + /usr/bin/mc mb minio/banners; + /usr/bin/mc mb minio/emojis; + exit 0; + " + +volumes: + grafana_storage: {} + prometheus_storage: {} diff --git a/Revolt/grafana/.env.grafana b/Revolt/grafana/.env.grafana new file mode 100644 index 0000000..89d433f --- /dev/null +++ b/Revolt/grafana/.env.grafana @@ -0,0 +1,4 @@ +GF_AUTH_ANONYMOUS_ENABLED=true +GF_AUTH_ANONYMOUS_ORG_ROLE=Admin +GF_AUTH_DISABLE_LOGIN_FORM=true +GF_FEATURE_TOGGLES_ENABLE=traceqlEditor \ No newline at end of file diff --git a/Revolt/grafana/provisioning/datasources/datasources.yaml b/Revolt/grafana/provisioning/datasources/datasources.yaml new file mode 100644 index 0000000..434b278 --- /dev/null +++ b/Revolt/grafana/provisioning/datasources/datasources.yaml @@ -0,0 +1,15 @@ +apiVersion: 1 + +datasources: +- name: Prometheus + type: prometheus + uid: prometheus + access: proxy + orgId: 1 + url: http://prometheus:9090 + basicAuth: false + isDefault: false + version: 1 + editable: false + jsonData: + httpMethod: GET diff --git a/Revolt/prometheus/prometheus.yml b/Revolt/prometheus/prometheus.yml new file mode 100644 index 0000000..0e184e2 --- /dev/null +++ b/Revolt/prometheus/prometheus.yml @@ -0,0 +1,24 @@ +global: + scrape_interval: 15s + external_labels: + monitor: 'Revolt' + +scrape_configs: + - job_name: caddy + static_configs: + # docker networking + - targets: ['caddy:2019'] + + - job_name: 'prometheus' + static_configs: + - targets: ['localhost:9090'] + + - job_name: 'cadvisor' + static_configs: + - targets: ['cadvisor:8080'] + + - job_name: 'node-exporter' + static_configs: + - targets: ['node-exporter:9100'] + +