[Nanobox] Apply Release Notes Changes ()

Apparently I missed some things in earlier commits/releases that needed to be applied to the Nanobox setup. All minor things, nothing that breaks anything, but still best to get them in place.

- Move cron jobs to their own component, so the Sidekiq component can be scaled up to multiple instances without causing issues with running the same cron job multiple times at once.
- Update cron jobs to the latest requirements, removing extraneous ones
- Add new variables to `.env.nanobox`
- Update Nginx to use correct cache header directives
This commit is contained in:
Daniel Hunsaker 2017-11-15 08:26:53 -07:00 committed by Eugen Rochko
parent 19e8b861a2
commit 3e4b01b47d
3 changed files with 100 additions and 29 deletions

View File

@ -35,6 +35,17 @@ PAPERCLIP_SECRET=$PAPERCLIP_SECRET
SECRET_KEY_BASE=$SECRET_KEY_BASE SECRET_KEY_BASE=$SECRET_KEY_BASE
OTP_SECRET=$OTP_SECRET OTP_SECRET=$OTP_SECRET
# VAPID keys (used for push notifications)
# You can generate the keys using the following command (first is the private key, second is the public one)
# You should only generate this once per instance. If you later decide to change it, all push subscription will
# be invalidated, requiring the users to access the website again to resubscribe.
#
# Generate with `rake mastodon:webpush:generate_vapid_key` task (`nanobox run bundle exec rake mastodon:webpush:generate_vapid_key`)
#
# For more information visit https://rossta.net/blog/using-the-web-push-api-with-vapid.html
VAPID_PRIVATE_KEY=$VAPID_PRIVATE_KEY
VAPID_PUBLIC_KEY=$VAPID_PUBLIC_KEY
# Registrations # Registrations
# Single user mode will disable registrations and redirect frontpage to the first profile # Single user mode will disable registrations and redirect frontpage to the first profile
# SINGLE_USER_MODE=true # SINGLE_USER_MODE=true
@ -62,7 +73,7 @@ SMTP_FROM_ADDRESS=notifications@${APP_NAME}.nanoapp.io
#SMTP_CA_FILE=/etc/ssl/certs/ca-certificates.crt #SMTP_CA_FILE=/etc/ssl/certs/ca-certificates.crt
#SMTP_OPENSSL_VERIFY_MODE=peer #SMTP_OPENSSL_VERIFY_MODE=peer
#SMTP_ENABLE_STARTTLS_AUTO=true #SMTP_ENABLE_STARTTLS_AUTO=true
#SMTP_TLS=true
# Optional user upload path and URL (images, avatars). Default is :rails_root/public/system. If you set this variable, you are responsible for making your HTTP server (eg. nginx) serve these files. # Optional user upload path and URL (images, avatars). Default is :rails_root/public/system. If you set this variable, you are responsible for making your HTTP server (eg. nginx) serve these files.
# PAPERCLIP_ROOT_PATH=/var/lib/mastodon/public-system # PAPERCLIP_ROOT_PATH=/var/lib/mastodon/public-system
@ -91,6 +102,23 @@ SMTP_FROM_ADDRESS=notifications@${APP_NAME}.nanoapp.io
# S3_ENDPOINT= # S3_ENDPOINT=
# S3_SIGNATURE_VERSION= # S3_SIGNATURE_VERSION=
# Swift (optional)
# SWIFT_ENABLED=true
# SWIFT_USERNAME=
# For Keystone V3, the value for SWIFT_TENANT should be the project name
# SWIFT_TENANT=
# SWIFT_PASSWORD=
# Keystone V2 and V3 URLs are supported. Use a V3 URL if possible to avoid
# issues with token rate-limiting during high load.
# SWIFT_AUTH_URL=
# SWIFT_CONTAINER=
# SWIFT_OBJECT_URL=
# SWIFT_REGION=
# Defaults to 'default'
# SWIFT_DOMAIN_NAME=
# Defaults to 60 seconds. Set to 0 to disable
# SWIFT_CACHE_TTL=
# Optional alias for S3 if you want to use Cloudfront or Cloudflare in front # Optional alias for S3 if you want to use Cloudfront or Cloudflare in front
# S3_CLOUDFRONT_HOST= # S3_CLOUDFRONT_HOST=

View File

@ -42,6 +42,7 @@ run.config:
fs_watch: true fs_watch: true
deploy.config: deploy.config:
extra_steps: extra_steps:
- NODE_ENV=production bundle exec rake assets:precompile - NODE_ENV=production bundle exec rake assets:precompile
@ -60,6 +61,7 @@ deploy.config:
web.web: web.web:
- bundle exec rake db:migrate:setup - bundle exec rake db:migrate:setup
web.web: web.web:
start: start:
nginx: nginx -c /app/nanobox/nginx-web.conf nginx: nginx -c /app/nanobox/nginx-web.conf
@ -78,6 +80,7 @@ web.web:
data.storage: data.storage:
- public/system - public/system
web.stream: web.stream:
start: start:
nginx: nginx -c /app/nanobox/nginx-stream.conf nginx: nginx -c /app/nanobox/nginx-stream.conf
@ -91,8 +94,13 @@ web.stream:
writable_dirs: writable_dirs:
- tmp - tmp
worker.sidekiq: worker.sidekiq:
start: bundle exec sidekiq -c 5 -q default -q mailers -q pull -q push -L /app/log/sidekiq.log start:
default: bundle exec sidekiq -c 5 -q default -L /app/log/sidekiq.log
mailers: bundle exec sidekiq -c 5 -q mailers -L /app/log/sidekiq.log
pull: bundle exec sidekiq -c 5 -q pull -L /app/log/sidekiq.log
push: bundle exec sidekiq -c 5 -q push -L /app/log/sidekiq.log
writable_dirs: writable_dirs:
- tmp - tmp
@ -105,50 +113,78 @@ worker.sidekiq:
data.storage: data.storage:
- public/system - public/system
worker.cron_only:
start: sleep 365d
writable_dirs:
- tmp
log_watch:
rake: 'log/production.log'
network_dirs:
data.storage:
- public/system
cron: cron:
- id: generate_static_gifs # 20:00 (8 pm), server time: send out the daily digest emails to everyone
schedule: '*/15 * * * *' # who opted to receive one
command: 'bundle exec rake mastodon:maintenance:add_static_avatars'
- id: update_counter_caches
schedule: '50 * * * *'
command: 'bundle exec rake mastodon:maintenance:update_counter_caches'
# runs feeds:clear, media:clear, users:clear, and push:refresh
- id: do_daily_tasks
schedule: '00 00 * * *'
command: 'bundle exec rake mastodon:daily'
- id: clear_silenced_media
schedule: '10 00 * * *'
command: 'bundle exec rake mastodon:media:remove_silenced'
- id: clear_remote_media
schedule: '20 00 * * *'
command: 'bundle exec rake mastodon:media:remove_remote'
- id: clear_unfollowed_subs
schedule: '30 00 * * *'
command: 'bundle exec rake mastodon:push:clear'
- id: send_digest_emails - id: send_digest_emails
schedule: '00 20 * * *' schedule: '00 20 * * *'
command: 'bundle exec rake mastodon:emails:digest' command: 'bundle exec rake mastodon:emails:digest'
# 00:10 (ten past midnight), server time: remove local copies of remote
# users' media once they are older than a certain age (use NUM_DAYS evar to
# change this from the default of 7 days)
- id: clear_remote_media
schedule: '10 00 * * *'
command: 'bundle exec rake mastodon:media:remove_remote'
# 00:20 (twenty past midnight), server time: remove subscriptions to remote
# users that nobody follows locally (anymore)
- id: clear_unfollowed_subs
schedule: '20 00 * * *'
command: 'bundle exec rake mastodon:push:clear'
# 00:30 (half past midnight), server time: update local copies of remote
# users' avatars to match whatever they currently have set on their profile
- id: update_remote_avatars
schedule: '30 00 * * *'
command: 'bundle exec rake mastodon:media:redownload_avatars'
############################################################################
# This task is one you might want to enable, or might not. It keeps disk
# usage low, but makes "shadow bans" (scenarios where the user is silenced,
# but not intended to be made aware that the silencing has occurred) much
# more difficult to put in place, as users would then notice their media is
# vanishing on a regular basis. Enable it if you aren't worried about users
# knowing they've been silenced (on the instance level), and want to save
# disk space. Leave it disabled otherwise.
############################################################################
# # 00:00 (midnight), server time: remove media posted by silenced users
# - id: clear_silenced_media
# schedule: '00 00 * * *'
# command: 'bundle exec rake mastodon:media:remove_silenced'
############################################################################
# The following two tasks can be uncommented to automatically open and close # The following two tasks can be uncommented to automatically open and close
# registrations on a schedule. The format of 'schedule' is a standard cron # registrations on a schedule. The format of 'schedule' is a standard cron
# time expression: minute hour day month day-of-week; search for "cron # time expression: minute hour day month day-of-week; search for "cron
# time expressions" for more info on how to set these up. The examples here # time expressions" for more info on how to set these up. The examples here
# open registration only from 8 am to 4 pm, server time. # open registration only from 8 am to 4 pm, server time.
# ############################################################################
# # 08:00 (8 am), server time: open registrations so new users can join
# - id: open_registrations # - id: open_registrations
# schedule: '00 08 * * *' # schedule: '00 08 * * *'
# command: 'bundle exec rake mastodon:settings:open_registrations' # command: 'bundle exec rake mastodon:settings:open_registrations'
# #
# # 16:00 (4 pm), server time: close registrations so new users *can't* join
# - id: close_registrations # - id: close_registrations
# schedule: '00 16 * * *' # schedule: '00 16 * * *'
# command: 'bundle exec rake mastodon:settings:close_registrations' # command: 'bundle exec rake mastodon:settings:close_registrations'
data.db: data.db:
image: nanobox/postgresql:9.5 image: nanobox/postgresql:9.5
@ -170,6 +206,7 @@ data.db:
curl -k -H "X-AUTH-TOKEN: ${WAREHOUSE_DATA_HOARDER_TOKEN}" https://${WAREHOUSE_DATA_HOARDER_HOST}:7410/blobs/${file} -X DELETE curl -k -H "X-AUTH-TOKEN: ${WAREHOUSE_DATA_HOARDER_TOKEN}" https://${WAREHOUSE_DATA_HOARDER_HOST}:7410/blobs/${file} -X DELETE
done done
data.redis: data.redis:
image: nanobox/redis:3.0 image: nanobox/redis:3.0
@ -189,6 +226,7 @@ data.redis:
curl -k -H "X-AUTH-TOKEN: ${WAREHOUSE_DATA_HOARDER_TOKEN}" https://${WAREHOUSE_DATA_HOARDER_HOST}:7410/blobs/${file} -X DELETE curl -k -H "X-AUTH-TOKEN: ${WAREHOUSE_DATA_HOARDER_TOKEN}" https://${WAREHOUSE_DATA_HOARDER_HOST}:7410/blobs/${file} -X DELETE
done done
data.storage: data.storage:
image: nanobox/unfs:0.9 image: nanobox/unfs:0.9

View File

@ -42,7 +42,12 @@ http {
try_files $uri @rails; try_files $uri @rails;
} }
location ~ ^/(assets|system/media_attachments/files|system/accounts/avatars) { location /sw.js {
add_header Cache-Control "public, max-age=0";
try_files $uri @rails;
}
location ~ ^/(emoji|packs|system/media_attachments/files|system/accounts/avatars) {
add_header Cache-Control "public, max-age=31536000, immutable"; add_header Cache-Control "public, max-age=31536000, immutable";
try_files $uri @rails; try_files $uri @rails;
} }