-
Start tailscale
$ docekr compose up tailscale -d
-
Create the SSL certificate
$ docker compose exec tailscale /bin/sh -c "tailscale cert --cert-file /mnt/tls/cert.pem --key-file /mnt/tls/cert.key pds.bowfin-woodpecker.ts.net"
-
Start PDS
$ docker compose up -d
-
-
Save ngerakines/3e42483cc64dc5ab9c5e1d803a5f2a92 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| PDS_SERVICE_HANDLE_DOMAINS=.pyroclastic.cloud | |
| PDS_HOSTNAME=pds.your-ts-net-name.ts.net | |
| PDS_JWT_SECRET=secret | |
| PDS_ADMIN_PASSWORD=secret | |
| PDS_PLC_ROTATION_KEY_K256_PRIVATE_KEY_HEX=secret | |
| [email protected] | |
| PDS_DATA_DIRECTORY=/pds | |
| PDS_BLOBSTORE_DISK_LOCATION=/pds/blobs | |
| LOG_ENABLED=true | |
| PDS_DID_PLC_URL=https://plc.your-ts-net-name.ts.net | |
| PDS_BSKY_APP_VIEW_DID=did:web:api.bsky.app | |
| PDS_REPORT_SERVICE_DID=did:plc:ar7c4by46qjdydhdevvrndac | |
| PDS_EMAIL_FROM_ADDRESS=postmaster@localhost | |
| PDS_EMAIL_SMTP_URL=smtp://localhost:1025 | |
| PDS_ACCEPTING_REPO_IMPORTS=true | |
| PDS_DEV_MODE=TRUE | |
| DEBUG_MODE=TRUE | |
| LOG_LEVEL=trace | |
| PDS_PORT=3001 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| version: '3.8' | |
| volumes: | |
| pds_data: | |
| pds_ts: | |
| pds_tls: | |
| services: | |
| app: | |
| image: ghcr.io/bluesky-social/pds:0.4 | |
| restart: unless-stopped | |
| env_file: ".env" | |
| volumes: | |
| - pds_data:/pds | |
| tailscale: | |
| image: tailscale/tailscale:latest | |
| restart: unless-stopped | |
| environment: | |
| - TS_AUTHKEY=tskey-auth-your-key-goes-here | |
| - TS_STATE_DIR=/var/run/tailscale | |
| - TS_EXTRA_ARGS=--advertise-tags=tag:pds | |
| - TS_HOSTNAME=pds | |
| volumes: | |
| - pds_tls:/mnt/tls | |
| - pds_ts:/var/run/tailscale | |
| nginx: | |
| image: nginx | |
| restart: unless-stopped | |
| network_mode: service:tailscale | |
| volumes: | |
| - ./nginx.conf:/etc/nginx/nginx.conf | |
| - pds_tls:/mnt/tls:ro |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| events {} | |
| http { | |
| server { | |
| resolver 127.0.0.11 [::1]:5353 valid=15s; | |
| set $backend "http://app:3001"; | |
| listen 443 ssl; | |
| ssl_certificate /mnt/tls/cert.pem; | |
| ssl_certificate_key /mnt/tls/cert.key; | |
| location / { | |
| proxy_pass $backend; | |
| proxy_set_header Host $host; | |
| proxy_set_header X-Real-IP $remote_addr; | |
| proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
| client_max_body_size 64M; | |
| } | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment