LibrePortal/containers/mastodon/docker-compose.yml
librelad 12b4d6823e feat(backup): file-capture labels for linkding, vaultwarden, headscale, mastodon
Now that uid auto-discover is in (d424473), adding more apps is just naming the
container + path — no uid guessing. Four more apps get complete backups of their
private data dirs (previously: incomplete on the file side because libreportal
can't read sub-UID-owned content from the host).

- linkding-service     -> /etc/linkding/data           (overlaps with sqlite db, same pattern as gitea — dump replays over the captured tree on restore, harmless)
- vaultwarden-service  -> /data                         (same overlap pattern)
- headscale-service    -> /var/lib/headscale            (same overlap pattern)
- mastodon-service     -> /mastodon/public/system       (uploads; postgres handled separately by backup.db)

Coverage now: nextcloud, bookstack, gitea, owncloud, linkding, vaultwarden,
headscale, mastodon. Skipped jellyfin — it has multiple internal sqlite DBs and
no backup.db declared; adding just backup.files without backup.db / backup.live
wouldn't activate live capture, and adding backup.live blind could yield torn
sqlites. That one wants proper DB declaration first.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Signed-off-by: librelad <librelad@digitalangels.vip>
2026-05-26 16:13:46 +01:00

80 lines
4.2 KiB
YAML
Executable File

networks:
DOCKER_NETWORK_DATA: #LIBREPORTAL|DOCKER_NETWORK_TAG|DOCKER_NETWORK_DATA
external: true
services:
mastodon-service: #LIBREPORTAL|SERVICE_TAG_1|mastodon-service
container_name: mastodon-service
image: tootsuite/mastodon:v4.2.0
ports:
- "PORTS_DATA_1" #LIBREPORTAL|PORTS_TAG_1|PORTS_DATA_1
- "PORTS_DATA_2" #LIBREPORTAL|PORTS_TAG_2|PORTS_DATA_2
volumes:
- ./mastodon_data:/mastodon/public/system
environment:
- TZ=TIMEZONE_DATA #LIBREPORTAL|TIMEZONE_TAG|TIMEZONE_DATA
- LOCAL_DOMAIN=DOMAINSUBNAME_DATA #LIBREPORTAL|DOMAINSUBNAME_TAG|DOMAINSUBNAME_DATA
- DB_HOST=mastodon-postgres
- DB_USER=RANDOM_TAG_1_DATA #LIBREPORTAL|RANDOM_TAG_1|unconfigured
- DB_PASS=PASSWORD_TAG_1_DATA #LIBREPORTAL|PASSWORD_TAG_1|unconfigured
- DB_NAME=RANDOM_TAG_2_DATA #LIBREPORTAL|RANDOM_TAG_2|unconfigured
- REDIS_HOST=mastodon-redis
- SECRET_KEY_BASE=HEX_TAG_1_DATA #LIBREPORTAL|HEX_TAG_1|unconfigured
- OTP_SECRET=HEX_TAG_2_DATA #LIBREPORTAL|HEX_TAG_2|unconfigured
- VAPID_PRIVATE_KEY=VAPID_TAG_1_DATA #LIBREPORTAL|VAPID_TAG_1|unconfigured
- VAPID_PUBLIC_KEY=VAPID_TAG_2_DATA #LIBREPORTAL|VAPID_TAG_2|unconfigured
- SMTP_SERVER=
- SMTP_PORT=587
- SMTP_LOGIN=
- SMTP_PASSWORD=PASSWORD_TAG_2_DATA #LIBREPORTAL|PASSWORD_TAG_2|unconfigured
- SMTP_FROM_ADDRESS=
- EMAIL_DELIVERY_METHOD=none
- SMTP_AUTH_METHOD=none
depends_on:
- mastodon-postgres
- mastodon-redis
labels:
libreportal.category: "CATEGORY_DATA" #LIBREPORTAL|CATEGORY_TAG|CATEGORY_DATA
libreportal.title: "TITLE_DATA" #LIBREPORTAL|TITLE_TAG|TITLE_DATA
libreportal.backup.db: "postgres:mastodon-postgres:postgres:"
libreportal.backup.files: "mastodon-service:/mastodon/public/system:mastodon_data"
traefik.enable: TRAEFIK_ENABLE_DATA #LIBREPORTAL|TRAEFIK_ENABLE_TAG|TRAEFIK_ENABLE_DATA
# TRAEFIK_PORT_1_BEGIN
traefik.http.routers.mastodon-service.entrypoints: web,websecure
traefik.http.routers.mastodon-service.rule: Host(`DOMAINSUBNAME_DATA_1`) #LIBREPORTAL|DOMAINSUBNAME_TAG_1|DOMAINSUBNAME_DATA_1
traefik.http.routers.mastodon-service.tls: true
traefik.http.routers.mastodon-service.tls.certresolver: production
traefik.http.services.mastodon-service.loadbalancer.server.port: PORT_INTERNAL_DATA_1 #LIBREPORTAL|PORT_INTERNAL_TAG_1|PORT_INTERNAL_DATA_1
traefik.http.routers.mastodon-service.middlewares: MIDDLEWARE_DATA_1 #LIBREPORTAL|MIDDLEWARE_TAG_1|MIDDLEWARE_DATA_1
# TRAEFIK_PORT_1_END
traefik.docker.network: DOCKER_NETWORK_DATA #LIBREPORTAL|DOCKER_NETWORK_TAG|DOCKER_NETWORK_DATA
command: bash -c "RAILS_ENV=production bundle exec rails db:migrate && RAILS_ENV=production bundle exec rails s -b 0.0.0.0"
healthcheck:
disable: HEALTHCHECK_DATA #LIBREPORTAL|HEALTHCHECK_TAG|HEALTHCHECK_DATA
networks:
DOCKER_NETWORK_DATA: #LIBREPORTAL|DOCKER_NETWORK_TAG|DOCKER_NETWORK_DATA
ipv4_address: IP_DATA_3 #LIBREPORTAL|IP_TAG_3|IP_DATA_3
mastodon-postgres:
image: postgres:15
container_name: mastodon-postgres
environment:
- POSTGRES_DB=RANDOM_TAG_2_DATA #LIBREPORTAL|RANDOM_TAG_2|unconfigured
- POSTGRES_USER=RANDOM_TAG_1_DATA #LIBREPORTAL|RANDOM_TAG_1|unconfigured
- POSTGRES_PASSWORD=PASSWORD_TAG_1_DATA #LIBREPORTAL|PASSWORD_TAG_1|unconfigured
volumes:
- ./postgres:/var/lib/postgresql/data
networks:
DOCKER_NETWORK_DATA: #LIBREPORTAL|DOCKER_NETWORK_TAG|DOCKER_NETWORK_DATA
ipv4_address: IP_DATA_1 #LIBREPORTAL|IP_TAG_1|IP_DATA_1
mastodon-redis:
image: redis:7
container_name: mastodon-redis
command: redis-server --save 60 1 --loglevel warning
volumes:
- ./redis:/data
networks:
DOCKER_NETWORK_DATA: #LIBREPORTAL|DOCKER_NETWORK_TAG|DOCKER_NETWORK_DATA
ipv4_address: IP_DATA_2 #LIBREPORTAL|IP_TAG_2|IP_DATA_2