services:
mastodon:
image: lscr.io/linuxserver/mastodon:4.3.3
environment:
- TZ={{ timezone }}
- PUID={{ docker_user.id }}
- PGID={{ docker_user.id }}
- LOCAL_DOMAIN=theorangeone.net
- WEB_DOMAIN=mastodon.theorangeone.net
- DATABASE_URL=postgresql://mastodon:mastodon@db:5432/mastodon
- REDIS_URL=redis://redis
- SIDEKIQ_REDIS_URL=redis://redis/1
- SECRET_KEY_BASE={{ vault_secret_key_base }}
- OTP_SECRET={{ vault_otp_secret }}
- VAPID_PRIVATE_KEY={{ vault_vapid_private_key }}
- VAPID_PUBLIC_KEY={{ vault_vapid_public_key }}
- ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY={{ vault_active_record_encryption_deterministic_key }}
- ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT={{ vault_active_record_encryption_key_derivation_salt }}
- ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY={{ vault_active_record_encryption_primary_key }}
- SINGLE_USER_MODE=true
- DEFAULT_LOCALE=en
- STREAMING_CLUSTER_NUM=1
- WEB_CONCURRENCY=0 # 0 means 1, but not in clustered mode
- SIDEKIQ_THREADS=1
- SIDEKIQ_CONCURRENCY=1
- HTTP_PROXY={{ pve_hosts.qbittorrent.ip }}:3128
- HTTPS_PROXY={{ pve_hosts.qbittorrent.ip }}:3128
restart: unless-stopped
volumes:
- "{{ app_data_dir }}/mastodon:/config/mastodon"
depends_on:
- db
- redis
networks:
- default
- traefik
tmpfs:
- /var/cache
- /config/log
labels:
- traefik.enable=true
- traefik.http.routers.mastodon.rule=Host(`mastodon.theorangeone.net`)
- traefik.http.services.mastodon-mastodon.loadbalancer.server.port=443
- traefik.http.services.mastodon-mastodon.loadbalancer.server.scheme=https
db:
image: postgres:14-alpine
restart: unless-stopped
volumes:
- /mnt/speed/dbs/postgres/mastodon:/var/lib/postgresql/data
environment:
- POSTGRES_PASSWORD=mastodon
- POSTGRES_USER=mastodon
redis:
image: redis:7-alpine
restart: unless-stopped
volumes:
- /mnt/speed/dbs/redis/mastodon:/data
networks:
traefik:
external: true