...
 
Commits (2)
prereq:
- nginx
- docker-compose
- python docker support
- password store enabled
So to install then test version
include
- sauce.yml
- mastodon-docker.yml # test version
- nginx.yml
For the prod version
include
- sauce.yml
- mastodon-docker.yml # prod version
- nginx.yml
- exim.yml
- letsencrypt.yml
-----------------
To install the database, first copy the zipped SQL dump backup to the
server as $dump. If the mastodon database is on $db_addr (with the usual port):
apt install pv postgresql-client
docker-compose down
docker-compose up -d db
psql -U postgres -h $db_addr -c 'drop database "mastodon-live"'
# copying takes about 5 minutes with a 6GB database dump
# importing takes about 40 mins with a 6GB database dump
pv $dump | gzip -dc | psql -U postgres -h $db_addr
# `pv` simply shows progress.
docker-compose up -d # mastodon takes a few minutes to boot up, so don't panic if you see 502's
needed to fix paths in docker-compose.yml.
inspect the external network to get the address of the web and streaming containers.
then update the nginx proxy config to use these.
docker container exec -ti docker_web_1 bash
RAILS_ENV=production bundle exec rake webpacker:compile
RAILS_ENV=production bundle exec rails assets:precompile
SAFETY_ASSURED=1 RAILS_ENV=production rails db:setup
# Note the domain on the email needs to be resolveable for this to succeed.
RAILS_ENV=production bin/tootctl accounts create $USER --email admin@web --confirmed --role admin
docker create --name temp tootsuite/mastodon:v2.6.4
docker cp temp:/mastodon/public mastodon-public
docker rm temp
docker-compose down
docker-compose up -d
sudo docker network inspect docker_internal_network -f '{{ println "# DOCKER_HOSTS " }}{{range .Containers }}{{ (index (split .IPv4Address "/") 0) }} {{ .Name }}{{ println }}{{end}}' | sudo tee -a /etc/hosts
FIXME To get streaming on the test server working, I find I either
need to change .env.production to set LOCAL_DOMAIN= or set /etc/hosts
to redirect social.coop to the test server IP.
## Upgrading
Read this for a quick overview of how to do it with a very
off-the-shelf install:
https://github.com/tootsuite/documentation/blob/master/Running-Mastodon/Docker-Guide.md#updating
Note, we have for various good reasons modified our docker config, so
we can't either use the one Mastodon supplies verbatim, nor simply
assume we can keep it unchanged.
Typical gotchas:
- docker-compose needs alteration
- .env.production
- tools or invocations change, e.g. yarn
- components minimum supported versions change (postgres, redis, etc.)
So we need to read the upgrade notes and understand what has changed!
Some useful guides:
- Upgrading postgres https://gorails.com/guides/upgrading-postgresql-version-on-ubuntu-server
FIXME mention: stop server; back up the database; then upgrade
You may also find you need to upgrade in small steps rather than a big
jump (if there is more than one intervening version released). How
small is open to question - obviously this might mean you need to do
lots of upgrades if you take the smallest steps possible.
The pre-built docker images are kept here:
https://hub.docker.com/r/tootsuite/mastodon/
Look at the "Tags" tab to see the versions available. The version we
are using is in the docker-compose.yml config.
The source reposiotory has a list of released versions here, which
should mirror the docker releases:
https://github.com/tootsuite/mastodon/releases
Read the upgrade notes for each release! Make a ordered list of all
the changes you need to take into account.
Chheck out the tootsuite/mastodon source, and look to see how the
docker-compose.yml has changed. Aim to port the changes to our
docker-compose.yml. You can use git to view the differences in the
release commits (from within the mastodon repository). For example:
git diff v2.8.4 v2.9.3 -- docker-compose.yml
Note: Our assets are the built-in assets in the image, except for an
overlaid favicon.ico, so I assume I won't need to re-compile
these. The upgrade notes seem to bear this out.
I will however need to apply the database changes.
At the time of writing, I am on v2.6.4, and the latest is v3.0.1. I
would like to upgrade in one step, but inspecting the upgrade notes I
see some special instructions for some releases, and checking with git
I see changes to docker-compose.yml.
I go through the changes to docker-compose.yml, including the version
updates, and commit each in turn.
Then, after a quick review, I check out each in turn, and follow the
manual steps described in my notes, which have been shortened to those
specific points I need to address.
What seems to fall out is a series of upgrades:
- port mastodon upgrade v2.6.4 - v2.7.0
- port mastodon upgrade v2.7.0 - v2.8.4
- port mastodon upgrade v2.8.4 - v2.9.3
- port mastodon upgrade v2.9.3 - v3.0.1
Adding in the manual steps
- stop
- port mastodon upgrade v2.6.4 - v2.7.0
- build
- docker-compose run --rm -e SKIP_POST_DEPLOYMENT_MIGRATIONS=true web rails db:migrate
- start
- docker-compose run --rm web rails db:migrate
- restart
- stop
- port mastodon upgrade v2.7.0 - v2.8.4
- build
- start
- docker-compose run --rm web rails db:migrate
- restart
- docker-compose run --rm web bin/tootctl cache clear
- stop
- port mastodon upgrade v2.8.4 - v2.9.3
- build
- start
- docker-compose run --rm web rails db:migrate
- restart
- docker-compose run --rm web bin/tootctl cache clear
- stop
- port mastodon upgrade v2.9.3 - v3.0.1
- build
- docker-compose run --rm -e SKIP_POST_DEPLOYMENT_MIGRATIONS=true web rails db:migrate
- start
- docker-compose run --rm web bin/tootctl cache clear
- docker-compose run --rm web rails db:migrate
- restart
FIXMe when do I run the migrations? with container stopped or started?
......@@ -14,7 +14,8 @@
# (Needs to come after config creation or it will create empty dirs)
- include_tasks: mastodon-docker.yml
notify: restart systemd services
tags: docker-compose.yml
# Enable systemd service
- include_tasks: systemd.yml
notify:
......
......@@ -57,6 +57,7 @@
mode: '0655'
owner: root
group: root
tags: docker-compose.yml
# This creates the mastodon secrets config, which includes various
# passwords and keys taken from the password repository. The password
......
---
- name: social.coop | server
hosts: all
become: yes
vars_files:
- secrets.vars.yml
vars:
s3_access_key_id: "{{lookup('passwordstore', 'deployment/backupninja/s3access')}}"
s3_secret_access_key: "{{lookup('passwordstore', 'deployment/backupninja/s3sec')}}"
roles:
# - role: server
- role: docker-install
- role: social-coop
# FIXME put this in pass
# sauce_git_token: DJoW-zzoj2XoGzZvyysv
[all]
# ansible_user=root ansible_host=test-trunk
backupninja ansible_user=root ansible_host=142.93.139.81 ansible_port=22
test ansible_user=root ansible_host=157.245.40.220 ansible_port=22