124 lines
3.4 KiB
YAML
124 lines
3.4 KiB
YAML
# Name of your application. Used to uniquely configure containers.
|
|
service: futureporn
|
|
|
|
# Name of the container image.
|
|
image: futureporn/bright
|
|
|
|
# Deploy to these servers.
|
|
servers:
|
|
web:
|
|
- 66.42.125.79
|
|
|
|
# Enable SSL auto certification via Let's Encrypt and allow for multiple apps on a single web server.
|
|
# Remove this section when using multiple web servers and ensure you terminate SSL at your load balancer.
|
|
#
|
|
# Note: If using Cloudflare, set encryption mode in SSL/TLS setting to "Full" to enable CF-to-app encryption.
|
|
proxy: false
|
|
|
|
# how long to wait for new containers to boot
|
|
deploy_timeout: 30
|
|
|
|
# Credentials for your image host.
|
|
registry:
|
|
# Specify the registry server, if you're not using Docker Hub
|
|
# server: registry.digitalocean.com / ghcr.io / ...
|
|
server: gitea.futureporn.net
|
|
username: cj_clippy
|
|
|
|
# Always use an access token rather than real password (pulled from .kamal/secrets).
|
|
password:
|
|
- KAMAL_REGISTRY_PASSWORD
|
|
|
|
# Configure builder setup.
|
|
builder:
|
|
args:
|
|
MIX_ENV: prod
|
|
arch: amd64
|
|
dockerfile: ./apps/bright/Dockerfile
|
|
context: ./apps/bright
|
|
|
|
# Pass in additional build args needed for your Dockerfile.
|
|
# args:
|
|
# RUBY_VERSION: <%= File.read('.ruby-version').strip %>
|
|
|
|
env:
|
|
clear:
|
|
PORT: 4000
|
|
DATABASE_HOST: 10.2.128.4
|
|
MIX_ENV: dev
|
|
PUBLIC_S3_ENDPOINT: https://futureporn-b2.b-cdn.net
|
|
PATREON_REDIRECT_URI: https://bright.futureporn.net/auth/patreon/callback
|
|
SITE_URL: https://bright.futureporn.net
|
|
PHX_HOST: bright.futureporn.net
|
|
AWS_BUCKET: futureporn
|
|
AWS_REGION: us-west-000
|
|
AWS_HOST: s3.us-west-000.backblazeb2.com
|
|
secret:
|
|
- DATABASE_URL
|
|
- SECRET_KEY_BASE
|
|
- PATREON_CLIENT_SECRET
|
|
- PATREON_CLIENT_ID
|
|
- AWS_ACCESS_KEY_ID
|
|
- AWS_SECRET_ACCESS_KEY
|
|
|
|
# Aliases are triggered with "bin/kamal <alias>". You can overwrite arguments on invocation:
|
|
# "bin/kamal logs -r job" will tail logs from the first server in the job section.
|
|
#
|
|
# aliases:
|
|
# shell: app exec --interactive --reuse "bash"
|
|
|
|
ssh:
|
|
keys: ["~/.ssh/futureporn"]
|
|
keys_only: true
|
|
|
|
# Use a persistent storage volume.
|
|
#
|
|
volumes:
|
|
- "app_cache:/mnt/vfs/futureporn"
|
|
|
|
# Bridge fingerprinted assets, like JS and CSS, between versions to avoid
|
|
# hitting 404 on in-flight requests. Combines all files from new and old
|
|
# version inside the asset_path.
|
|
#
|
|
# asset_path: /app/public/assets
|
|
|
|
# Configure rolling deploys by setting a wait time between batches of restarts.
|
|
#
|
|
# boot:
|
|
# limit: 10 # Can also specify as a percentage of total hosts, such as "25%"
|
|
# wait: 2
|
|
|
|
# Use accessory services (secrets come from .kamal/secrets).
|
|
#
|
|
accessories:
|
|
tracker:
|
|
image: gitea.futureporn.net/futureporn/tracker:latest
|
|
host: 66.42.125.79
|
|
port: "0.0.0.0:5063:5063"
|
|
env:
|
|
clear:
|
|
TRACKER_HELPER_ACCESSLIST_PATH: "/var/lib/aquatic/accesslist"
|
|
secret:
|
|
- TRACKER_HELPER_USERNAME
|
|
- TRACKER_HELPER_PASSWORD
|
|
proxy:
|
|
ssl: true
|
|
forward_headers: false
|
|
# note: tracker also uses port 6969/udp and 9000/tcp, but the api at 5063/tcp is what we specify here. # @todo @blocking https://github.com/basecamp/kamal-proxy/issues/48 app_port: 5063
|
|
host: tracker.futureporn.net
|
|
healthcheck:
|
|
path: /health
|
|
|
|
db:
|
|
image: postgres:15
|
|
host: 45.76.228.113
|
|
port: "0.0.0.0:5432:5432"
|
|
env:
|
|
clear:
|
|
POSTGRES_USER: postgres
|
|
POSTGRES_DB: bright
|
|
secret:
|
|
- POSTGRES_PASSWORD
|
|
directories:
|
|
- pg_data:/var/lib/postgresql/data
|