# Name of your application. Used to uniquely configure containers.
service: futureporn
# Name of the container image.
image: futureporn/bright
# Deploy to these servers.
servers:
web:
- 66.42.125.79
# Enable SSL auto certification via Let's Encrypt and allow for multiple apps on a single web server.
# Remove this section when using multiple web servers and ensure you terminate SSL at your load balancer.
#
# Note: If using Cloudflare, set encryption mode in SSL/TLS setting to "Full" to enable CF-to-app encryption.
proxy: false
# how long to wait for new containers to boot
deploy_timeout: 30
# Credentials for your image host.
registry:
# Specify the registry server, if you're not using Docker Hub
# server: registry.digitalocean.com / ghcr.io / ...
server: gitea.futureporn.net
username: cj_clippy
# Always use an access token rather than real password (pulled from .kamal/secrets).
password:
- KAMAL_REGISTRY_PASSWORD
# Configure builder setup.
builder:
args:
MIX_ENV: prod
arch: amd64
dockerfile: ./apps/bright/Dockerfile
context: ./apps/bright
# Pass in additional build args needed for your Dockerfile.
# args:
# RUBY_VERSION: <%= File.read('.ruby-version').strip %>
env:
clear:
PORT: 4000
DATABASE_HOST: 10.2.128.4
MIX_ENV: dev
PUBLIC_S3_ENDPOINT: https://futureporn-b2.b-cdn.net
PATREON_REDIRECT_URI: https://bright.futureporn.net/auth/patreon/callback
SITE_URL: https://bright.futureporn.net
PHX_HOST: bright.futureporn.net
AWS_BUCKET: futureporn
AWS_REGION: us-west-000
AWS_HOST: s3.us-west-000.backblazeb2.com
secret:
- DATABASE_URL
- SECRET_KEY_BASE
- PATREON_CLIENT_SECRET
- PATREON_CLIENT_ID
- AWS_ACCESS_KEY_ID
- AWS_SECRET_ACCESS_KEY
# Aliases are triggered with "bin/kamal <alias>". You can overwrite arguments on invocation:
# "bin/kamal logs -r job" will tail logs from the first server in the job section.
#
# aliases:
# shell: app exec --interactive --reuse "bash"
ssh:
keys: ["~/.ssh/futureporn"]
keys_only: true
# Use a persistent storage volume.
#
volumes:
- "app_cache:/mnt/vfs/futureporn"
# Bridge fingerprinted assets, like JS and CSS, between versions to avoid
# hitting 404 on in-flight requests. Combines all files from new and old
# version inside the asset_path.
#
# asset_path: /app/public/assets
# Configure rolling deploys by setting a wait time between batches of restarts.
#
# boot:
# limit: 10 # Can also specify as a percentage of total hosts, such as "25%"
# wait: 2
# Use accessory services (secrets come from .kamal/secrets).
#
accessories:
tracker:
image: gitea.futureporn.net/futureporn/tracker:latest
host: 66.42.125.79
port: "0.0.0.0:5063:5063"
env:
clear:
TRACKER_HELPER_ACCESSLIST_PATH: "/var/lib/aquatic/accesslist"
secret:
- TRACKER_HELPER_USERNAME
- TRACKER_HELPER_PASSWORD
proxy:
ssl: true
forward_headers: false
# note: tracker also uses port 6969/udp and 9000/tcp, but the api at 5063/tcp is what we specify here. # @todo @blocking https://github.com/basecamp/kamal-proxy/issues/48 app_port: 5063
host: tracker.futureporn.net
healthcheck:
path: /health
db:
image: postgres:15
host: 45.76.228.113
port: "0.0.0.0:5432:5432"
env:
clear:
POSTGRES_USER: postgres
POSTGRES_DB: bright
secret:
- POSTGRES_PASSWORD
directories:
- pg_data:/var/lib/postgresql/data