自托管服务记录
自托管服务记录
回想起自己做网站的辛酸史,就感觉到头痛😭。原本自己是超级讨厌Docker的玩家到现在没有Docker镜像连用都不想用,这其中我的经历完全不想诉说。我只想大声讲出来:Docker真的太方便了!!!(当然,是能连上hub网站的话)
mastodon
地址在这里,欢迎注册!大家一起玩!
这是我最喜欢的服务,类似于微博,但是是去中心化的,每个人都是主站!实例之间的通信使用一个加做“中继”的东东连接,当然,本站点没有加入任何中继!(其实是关闭了,因为感觉有点吵)从去年搭好开始就没断过,每天都在吐槽(当垃圾桶,哈哈哈哈)。最近发现有用户在我网站注册,好开心诶!就是。。。注册后完全没有反应😥,担心他(她?)没有看到还发送过邮件提醒,但是依然石沉大海。
docker-compose.yml文件:
version: '3'
services:
db:
restart: always
image: postgres:14-alpine
shm_size: 256mb
networks:
- internal_network
healthcheck:
test: ['CMD', 'pg_isready', '-U', 'postgres']
volumes:
- ./postgres14:/var/lib/postgresql/data
environment:
- 'POSTGRES_HOST_AUTH_METHOD=trust'
redis:
restart: always
image: redis:6-alpine
networks:
- internal_network
healthcheck:
test: ['CMD', 'redis-cli', 'ping']
volumes:
- ./redis:/data
# es:
# restart: always
# image: docker.elastic.co/elasticsearch/elasticsearch:7.17.4
# environment:
# - "ES_JAVA_OPTS=-Xms512m -Xmx512m -Des.enforce.bootstrap.checks=true"
# - "xpack.license.self_generated.type=basic"
# - "xpack.security.enabled=false"
# - "xpack.watcher.enabled=false"
# - "xpack.graph.enabled=false"
# - "xpack.ml.enabled=false"
# - "bootstrap.memory_lock=true"
# - "cluster.name=es-mastodon"
# - "discovery.type=single-node"
# - "thread_pool.write.queue_size=1000"
# networks:
# - external_network
# - internal_network
# healthcheck:
# test: ["CMD-SHELL", "curl --silent --fail localhost:9200/_cluster/health || exit 1"]
# volumes:
# - ./elasticsearch:/usr/share/elasticsearch/data
# ulimits:
# memlock:
# soft: -1
# hard: -1
# nofile:
# soft: 65536
# hard: 65536
# ports:
# - '127.0.0.1:9200:9200'
web:
build: .
image: tootsuite/mastodon
restart: always
env_file: .env.production
command: bash -c "rm -f /mastodon/tmp/pids/server.pid; bundle exec rails s -p 3000"
networks:
- external_network
- internal_network
healthcheck:
# prettier-ignore
test: ['CMD-SHELL', 'wget -q --spider --proxy=off localhost:3000/health || exit 1']
ports:
- '127.0.0.1:3000:3000'
depends_on:
- db
- redis
# - es
volumes:
- ./public/system:/mastodon/public/system
streaming:
build: .
image: tootsuite/mastodon
restart: always
env_file: .env.production
command: node ./streaming
networks:
- external_network
- internal_network
healthcheck:
# prettier-ignore
test: ['CMD-SHELL', 'wget -q --spider --proxy=off localhost:4000/api/v1/streaming/health || exit 1']
ports:
- '127.0.0.1:4000:4000'
depends_on:
- db
- redis
sidekiq:
build: .
image: tootsuite/mastodon
restart: always
env_file: .env.production
command: bundle exec sidekiq
depends_on:
- db
- redis
networks:
- external_network
- internal_network
volumes:
- ./public/system:/mastodon/public/system
healthcheck:
test: ['CMD-SHELL', "ps aux | grep '[s]idekiq\ 6' || false"]
## Uncomment to enable federation with tor instances along with adding the following ENV variables
## http_proxy=http://privoxy:8118
## ALLOW_ACCESS_TO_HIDDEN_SERVICE=true
# tor:
# image: sirboops/tor
# networks:
# - external_network
# - internal_network
#
# privoxy:
# image: sirboops/privoxy
# volumes:
# - ./priv-config:/opt/config
# networks:
# - external_network
# - internal_network
networks:
external_network:
internal_network:
internal: true
这个compose文件中使用的镜像是官方的,我是自己改了主题的噗。
兰空图床
最没有使用价值的服务之一....搭建完后除刚开始有点兴致上传看看外,已经实质上被我忘记。
兰空图床没有docker镜像,使用的是php环境。
Bitwarden
Bitwarden是一款自由且开源的密码管理服务,用户可在加密的保管库中存储敏感信息(例如网站登录凭据)。基本上我所有的密码现在已经使用Bitwarden保存。在android和ios上都可网站或app自动填充。在PC上使用浏览器插件登录自己账号也OK。
自托管与官方服务的区别是,自托管版本自动获得所有官方付费功能。
使用几个月后发现Bitwarden的send功能简直是神器,可以跨平台发送图片文字链接等,完全可以当一个简易的跨平台云剪切!
docker-compose.yml文件:
version: '3'
services:
vaultwarden:
image: vaultwarden/server:latest
container_name: vaultwarden
restart: always
environment:
- WEBSOCKET_ENABLED=true
- SIGNUPS_ALLOWED=false
volumes:
- /data/docker/bitwarden/data:/data
ports:
- 7006:80 # Needed for the ACME HTTP-01 challenge.
- 7007:443
- 3012:3012
需要自己配置一下反向代理哦!
Cloudreve
当个云盘用,也能开Wevdav功能来同步支持此功能的各种APP保存数据。给朋友分享软件文档什么的也可以用这个(那为什么不用万能的QQ和微信呢?NO!我才不用这些嘞!)
我的云盘地址是:吕楪的云盘
docker-compose.yml文件:
version: "3.8"
services:
cloudreve:
container_name: cloudreve
image: cloudreve/cloudreve:latest
restart: unless-stopped
ports:
- "5212:5212"
volumes:
- temp_data:/data
- ./cloudreve/uploads:/cloudreve/uploads
- ./cloudreve/conf.ini:/cloudreve/conf.ini
- ./cloudreve/cloudreve.db:/cloudreve/cloudreve.db
- ./cloudreve/avatar:/cloudreve/avatar
depends_on:
- aria2
aria2:
container_name: aria2
image: p3terx/aria2-pro
restart: unless-stopped
environment:
- RPC_SECRET=your_aria_rpc_token
- RPC_PORT=6800
volumes:
- ./aria2/config:/config
- temp_data:/data
volumes:
temp_data:
driver: local
driver_opts:
type: none
device: $PWD/data
o: bind
自己配置的话,外部端口尽量都改改吧。
h5ai
文件索引器,很早以前当直链来get使用的。自己网上冲浪发现一些有用的脚步保存到这里,服务器用的时候直接通过wget命令访问。非常方便!顺带一提,博客添加的音乐播放器的播放文件就在这里噗。
网站是h5ai,只需要下载下来放网站根目录,然后开几个PHP函数就能用。
matrix
通讯应用,服务端叫做synapse,iOS和Android都有,所以现在当做跨平台传送文件的工具用。做好后端后PC端可以使用Element连接。如果你搭建此应用,可以通过这个链接联系我!
上面是搭好后网页的提示,代表服务正在运行中。
version: "3.4"
services:
synapse:
hostname: matrix
image: matrixdotorg/synapse:latest
restart: always
#container_name: matrix_server
container_name: synapse
depends_on:
- db
- redis
ports:
- 8008:8008
volumes:
- ./synapse/data:/data
networks:
- synapse_network
- external_network
healthcheck:
test: ["CMD-SHELL", "curl -s localhost:8008/health || exit 1"]
db:
image: postgres
restart: always
container_name: matrix_db
volumes:
- ./synapse/db:/var/lib/postgresql/data
environment:
POSTGRES_USER: synapse
POSTGRES_PASSWORD: Flzx3000c
POSTGRES_DB: synapse
POSTGRES_INITDB_ARGS: "--encoding='UTF8' --lc-collate='C' --lc-ctype='C'"
networks:
- synapse_network
healthcheck:
test: ["CMD", "pg_isready", "-U", "synapse"]
redis:
image: redis:6.0-alpine
restart: always
container_name: matrix_redis
volumes:
- ./synapse/redis:/data
networks:
- synapse_network
healthcheck:
test: ["CMD", "redis-cli", "ping"]
networks:
synapse_network:
internal: true
external_network:
funkwhale
这是一个音乐播放器(大概?),我在服务端放了一点陈奕迅的歌😎。听别人讲这个可以和mastodon互通诶,但是我完全找不到怎么联系。有谁能告诉我吗?
docker-compose.yml文件:
version: "3"
services:
postgres:
restart: unless-stopped
networks:
- default
env_file: .env
environment:
- "POSTGRES_HOST_AUTH_METHOD=trust"
image: postgres:11
volumes:
- ./data/postgres:/var/lib/postgresql/data
redis:
restart: unless-stopped
networks:
- default
env_file: .env
image: redis:5
volumes:
- ./data/redis:/data
celeryworker:
restart: unless-stopped
image: funkwhale/funkwhale:${FUNKWHALE_VERSION:-latest}
networks:
- default
depends_on:
- postgres
- redis
env_file: .env
# Celery workers handle background tasks (such file imports or federation
# messaging). The more processes a worker gets, the more tasks
# can be processed in parallel. However, more processes also means
# a bigger memory footprint.
# By default, a worker will span a number of process equal to your number
# of CPUs. You can adjust this, by explicitly setting the --concurrency
# flag:
# celery -A funkwhale_api.taskapp worker -l INFO --concurrency=4
command: celery -A funkwhale_api.taskapp worker -l INFO --concurrency=${CELERYD_CONCURRENCY-0}
environment:
- C_FORCE_ROOT=true
volumes:
- "${MUSIC_DIRECTORY_SERVE_PATH-/srv/funkwhale/data/music}:${MUSIC_DIRECTORY_PATH-/music}:ro"
- "${MEDIA_ROOT}:${MEDIA_ROOT}"
celerybeat:
restart: unless-stopped
image: funkwhale/funkwhale:${FUNKWHALE_VERSION:-latest}
networks:
- default
depends_on:
- postgres
- redis
env_file: .env
command: celery -A funkwhale_api.taskapp beat --pidfile= -l INFO
api:
restart: unless-stopped
image: funkwhale/funkwhale:${FUNKWHALE_VERSION:-latest}
networks:
- default
depends_on:
- postgres
- redis
env_file: .env
volumes:
- "${MUSIC_DIRECTORY_SERVE_PATH-/srv/funkwhale/data/music}:${MUSIC_DIRECTORY_PATH-/music}:ro"
- "${MEDIA_ROOT}:${MEDIA_ROOT}"
- "${STATIC_ROOT}:${STATIC_ROOT}"
- "${FUNKWHALE_FRONTEND_PATH}:/frontend"
ports:
- "5000"
nginx:
restart: unless-stopped
image: nginx
networks:
- default
depends_on:
- api
env_file:
- .env
environment:
# Override those variables in your .env file if needed
- "NGINX_MAX_BODY_SIZE=${NGINX_MAX_BODY_SIZE-100M}"
volumes:
- "./nginx/funkwhale.template:/etc/nginx/conf.d/funkwhale.template:ro"
- "./nginx/funkwhale_proxy.conf:/etc/nginx/funkwhale_proxy.conf:ro"
- "${MUSIC_DIRECTORY_SERVE_PATH-/srv/funkwhale/data/music}:${MUSIC_DIRECTORY_PATH-/music}:ro"
- "${MEDIA_ROOT}:${MEDIA_ROOT}:ro"
- "${STATIC_ROOT}:${STATIC_ROOT}:ro"
- "${FUNKWHALE_FRONTEND_PATH}:/frontend:ro"
ports:
# override those variables in your .env file if needed
- "${FUNKWHALE_API_IP}:${FUNKWHALE_API_PORT}:80"
command: >
sh -c "envsubst \"`env | awk -F = '{printf \" $$%s\", $$1}'`\"
< /etc/nginx/conf.d/funkwhale.template
> /etc/nginx/conf.d/default.conf
&& cat /etc/nginx/conf.d/default.conf
&& nginx -g 'daemon off;'"
networks:
default:
squoosh
这是谷歌开源的一个图片压缩软件,在V2EX闲逛的时候发现有朋友做了一个镜像所以搭来玩玩。然后,发现妈耶,果然谷歌的技术好厉害诶,压缩蛮强的。可以把智图扔了😄。
看下面,原本一张2.47MB的图片,可以直接压缩层158KB!完全可以扔掉智图了好吗!每次智图压图片时CPU嗡嗡嗡转吵死人了,而且我明明看文档讲是把图片扔服务器上压缩的诶,智图压缩一张图片用好大功夫,而squoosh秒压!
timetagger
timetagger是一个时间记录软件,自己做什么工作的时候点record,结束的时候点stop,但是总是会忘记这简单的操作Orz,所以用处不大。
docker-compose.yml文件:
# Example docker-compose file for TimeTagger that uses the published
# Docker image. Shows all options settable via the environment.
#
# !! Make sure to apply your own credentials !!
# !! You can use e.g. https://timetagger.app/cred to generate them !!
# !! In docker-compose characters '$' should be escaped as '$$' !!
version: "3"
services:
timetagger:
image: ghcr.io/almarklein/timetagger
ports:
- "8547:80"
volumes:
- ./_timetagger:/root/_timetagger
environment:
- TIMETAGGER_BIND=0.0.0.0:80
- TIMETAGGER_DATADIR=/root/_timetagger
- TIMETAGGER_LOG_LEVEL=info
- TIMETAGGER_CREDENTIALS=test:$$2a$$08$$0CD1NFiIbancwWsu3se1v.RNR/b7YeZd71yg3cZ/3whGlyU6Iny5i # test:test
#- TIMETAGGER_CREDENTIALS=admin:$2a$08$o.yZppxGWSy1JmbboPj1muSkV32nQYN2U6eDeMTFy8Zn.LZEbqOte
缓慢追加中....(PS:好想搭个Bookwyrm,但是尝试好久总是架构问题不行诶😥)
PS:@2022年8月25日 Bookwyrm-桔梗 搭建好了,这是几个星期前的事情🎉