Commits (2)
- nginx
- docker-compose
- python docker support
- password store enabled
So to install then test version
- sauce.yml
- mastodon-docker.yml # test version
- nginx.yml
For the prod version
- sauce.yml
- mastodon-docker.yml # prod version
- nginx.yml
- exim.yml
- letsencrypt.yml
To install the database, first copy the zipped SQL dump backup to the
server as $dump. If the mastodon database is on $db_addr (with the usual port):
apt install pv postgresql-client
docker-compose down
docker-compose up -d db
psql -U postgres -h $db_addr -c 'drop database "mastodon-live"'
# copying takes about 5 minutes with a 6GB database dump
# importing takes about 40 mins with a 6GB database dump
pv $dump | gzip -dc | psql -U postgres -h $db_addr
# `pv` simply shows progress.
docker-compose up -d # mastodon takes a few minutes to boot up, so don't panic if you see 502's
needed to fix paths in docker-compose.yml.
inspect the external network to get the address of the web and streaming containers.
then update the nginx proxy config to use these.
docker container exec -ti docker_web_1 bash
RAILS_ENV=production bundle exec rake webpacker:compile
RAILS_ENV=production bundle exec rails assets:precompile
SAFETY_ASSURED=1 RAILS_ENV=production rails db:setup
# Note the domain on the email needs to be resolveable for this to succeed.
RAILS_ENV=production bin/tootctl accounts create $USER --email admin@web --confirmed --role admin
docker create --name temp tootsuite/mastodon:v2.6.4
docker cp temp:/mastodon/public mastodon-public
docker rm temp
docker-compose down
docker-compose up -d
sudo docker network inspect docker_internal_network -f '{{ println "# DOCKER_HOSTS " }}{{range .Containers }}{{ (index (split .IPv4Address "/") 0) }} {{ .Name }}{{ println }}{{end}}' | sudo tee -a /etc/hosts
FIXME To get streaming on the test server working, I find I either
need to change .env.production to set LOCAL_DOMAIN= or set /etc/hosts
to redirect social.coop to the test server IP.
## Upgrading
Read this for a quick overview of how to do it with a very
off-the-shelf install:
Note, we have for various good reasons modified our docker config, so
we can't either use the one Mastodon supplies verbatim, nor simply
assume we can keep it unchanged.
Typical gotchas:
- docker-compose needs alteration
- .env.production
- tools or invocations change, e.g. yarn
- components minimum supported versions change (postgres, redis, etc.)
So we need to read the upgrade notes and understand what has changed!
Some useful guides:
- Upgrading postgres https://gorails.com/guides/upgrading-postgresql-version-on-ubuntu-server
FIXME mention: stop server; back up the database; then upgrade
You may also find you need to upgrade in small steps rather than a big
jump (if there is more than one intervening version released). How
small is open to question - obviously this might mean you need to do
lots of upgrades if you take the smallest steps possible.
The pre-built docker images are kept here:
Look at the "Tags" tab to see the versions available. The version we
are using is in the docker-compose.yml config.
The source reposiotory has a list of released versions here, which
should mirror the docker releases:
Read the upgrade notes for each release! Make a ordered list of all
the changes you need to take into account.
Chheck out the tootsuite/mastodon source, and look to see how the
docker-compose.yml has changed. Aim to port the changes to our
docker-compose.yml. You can use git to view the differences in the
release commits (from within the mastodon repository). For example:
git diff v2.8.4 v2.9.3 -- docker-compose.yml
Note: Our assets are the built-in assets in the image, except for an
overlaid favicon.ico, so I assume I won't need to re-compile
these. The upgrade notes seem to bear this out.
I will however need to apply the database changes.
At the time of writing, I am on v2.6.4, and the latest is v3.0.1. I
would like to upgrade in one step, but inspecting the upgrade notes I
see some special instructions for some releases, and checking with git
I see changes to docker-compose.yml.
I go through the changes to docker-compose.yml, including the version
updates, and commit each in turn.
Then, after a quick review, I check out each in turn, and follow the
manual steps described in my notes, which have been shortened to those
specific points I need to address.
What seems to fall out is a series of upgrades:
- port mastodon upgrade v2.6.4 - v2.7.0
- port mastodon upgrade v2.7.0 - v2.8.4
- port mastodon upgrade v2.8.4 - v2.9.3
- port mastodon upgrade v2.9.3 - v3.0.1
Adding in the manual steps
- stop
- port mastodon upgrade v2.6.4 - v2.7.0
- build
- docker-compose run --rm -e SKIP_POST_DEPLOYMENT_MIGRATIONS=true web rails db:migrate
- start
- docker-compose run --rm web rails db:migrate
- restart
- stop
- port mastodon upgrade v2.7.0 - v2.8.4
- build
- start
- docker-compose run --rm web rails db:migrate
- restart
- docker-compose run --rm web bin/tootctl cache clear
- stop
- port mastodon upgrade v2.8.4 - v2.9.3
- build
- start
- docker-compose run --rm web rails db:migrate
- restart
- docker-compose run --rm web bin/tootctl cache clear
- stop
- port mastodon upgrade v2.9.3 - v3.0.1
- build
- docker-compose run --rm -e SKIP_POST_DEPLOYMENT_MIGRATIONS=true web rails db:migrate
- start
- docker-compose run --rm web bin/tootctl cache clear
- docker-compose run --rm web rails db:migrate
- restart
FIXMe when do I run the migrations? with container stopped or started?
......@@ -14,7 +14,8 @@
# (Needs to come after config creation or it will create empty dirs)
- include_tasks: mastodon-docker.yml
notify: restart systemd services
tags: docker-compose.yml
# Enable systemd service
- include_tasks: systemd.yml
......@@ -57,6 +57,7 @@
mode: '0655'
owner: root
group: root
tags: docker-compose.yml
# This creates the mastodon secrets config, which includes various
# passwords and keys taken from the password repository. The password
- name: social.coop | server
hosts: all
become: yes
- secrets.vars.yml
s3_access_key_id: "{{lookup('passwordstore', 'deployment/backupninja/s3access')}}"
s3_secret_access_key: "{{lookup('passwordstore', 'deployment/backupninja/s3sec')}}"
# - role: server
- role: docker-install
- role: social-coop
# FIXME put this in pass
# sauce_git_token: DJoW-zzoj2XoGzZvyysv
# ansible_user=root ansible_host=test-trunk
backupninja ansible_user=root ansible_host= ansible_port=22
test ansible_user=root ansible_host= ansible_port=22