Commit 3e4b01b4 authored by Dan Hunsaker's avatar Dan Hunsaker Committed by Eugen Rochko

[Nanobox] Apply Release Notes Changes (#5670)

Apparently I missed some things in earlier commits/releases that needed to be applied to the Nanobox setup. All minor things, nothing that breaks anything, but still best to get them in place.

- Move cron jobs to their own component, so the Sidekiq component can be scaled up to multiple instances without causing issues with running the same cron job multiple times at once.
- Update cron jobs to the latest requirements, removing extraneous ones
- Add new variables to `.env.nanobox`
- Update Nginx to use correct cache header directives
parent 19e8b861
......@@ -35,6 +35,17 @@ PAPERCLIP_SECRET=$PAPERCLIP_SECRET
SECRET_KEY_BASE=$SECRET_KEY_BASE
OTP_SECRET=$OTP_SECRET
# VAPID keys (used for push notifications)
# You can generate the keys using the following command (first is the private key, second is the public one)
# You should only generate this once per instance. If you later decide to change it, all push subscription will
# be invalidated, requiring the users to access the website again to resubscribe.
#
# Generate with `rake mastodon:webpush:generate_vapid_key` task (`nanobox run bundle exec rake mastodon:webpush:generate_vapid_key`)
#
# For more information visit https://rossta.net/blog/using-the-web-push-api-with-vapid.html
VAPID_PRIVATE_KEY=$VAPID_PRIVATE_KEY
VAPID_PUBLIC_KEY=$VAPID_PUBLIC_KEY
# Registrations
# Single user mode will disable registrations and redirect frontpage to the first profile
# SINGLE_USER_MODE=true
......@@ -62,7 +73,7 @@ SMTP_FROM_ADDRESS=notifications@${APP_NAME}.nanoapp.io
#SMTP_CA_FILE=/etc/ssl/certs/ca-certificates.crt
#SMTP_OPENSSL_VERIFY_MODE=peer
#SMTP_ENABLE_STARTTLS_AUTO=true
#SMTP_TLS=true
# Optional user upload path and URL (images, avatars). Default is :rails_root/public/system. If you set this variable, you are responsible for making your HTTP server (eg. nginx) serve these files.
# PAPERCLIP_ROOT_PATH=/var/lib/mastodon/public-system
......@@ -91,6 +102,23 @@ SMTP_FROM_ADDRESS=notifications@${APP_NAME}.nanoapp.io
# S3_ENDPOINT=
# S3_SIGNATURE_VERSION=
# Swift (optional)
# SWIFT_ENABLED=true
# SWIFT_USERNAME=
# For Keystone V3, the value for SWIFT_TENANT should be the project name
# SWIFT_TENANT=
# SWIFT_PASSWORD=
# Keystone V2 and V3 URLs are supported. Use a V3 URL if possible to avoid
# issues with token rate-limiting during high load.
# SWIFT_AUTH_URL=
# SWIFT_CONTAINER=
# SWIFT_OBJECT_URL=
# SWIFT_REGION=
# Defaults to 'default'
# SWIFT_DOMAIN_NAME=
# Defaults to 60 seconds. Set to 0 to disable
# SWIFT_CACHE_TTL=
# Optional alias for S3 if you want to use Cloudfront or Cloudflare in front
# S3_CLOUDFRONT_HOST=
......
......@@ -42,6 +42,7 @@ run.config:
fs_watch: true
deploy.config:
extra_steps:
- NODE_ENV=production bundle exec rake assets:precompile
......@@ -60,6 +61,7 @@ deploy.config:
web.web:
- bundle exec rake db:migrate:setup
web.web:
start:
nginx: nginx -c /app/nanobox/nginx-web.conf
......@@ -78,6 +80,7 @@ web.web:
data.storage:
- public/system
web.stream:
start:
nginx: nginx -c /app/nanobox/nginx-stream.conf
......@@ -91,8 +94,13 @@ web.stream:
writable_dirs:
- tmp
worker.sidekiq:
start: bundle exec sidekiq -c 5 -q default -q mailers -q pull -q push -L /app/log/sidekiq.log
start:
default: bundle exec sidekiq -c 5 -q default -L /app/log/sidekiq.log
mailers: bundle exec sidekiq -c 5 -q mailers -L /app/log/sidekiq.log
pull: bundle exec sidekiq -c 5 -q pull -L /app/log/sidekiq.log
push: bundle exec sidekiq -c 5 -q push -L /app/log/sidekiq.log
writable_dirs:
- tmp
......@@ -105,50 +113,78 @@ worker.sidekiq:
data.storage:
- public/system
cron:
- id: generate_static_gifs
schedule: '*/15 * * * *'
command: 'bundle exec rake mastodon:maintenance:add_static_avatars'
- id: update_counter_caches
schedule: '50 * * * *'
command: 'bundle exec rake mastodon:maintenance:update_counter_caches'
worker.cron_only:
start: sleep 365d
writable_dirs:
- tmp
log_watch:
rake: 'log/production.log'
# runs feeds:clear, media:clear, users:clear, and push:refresh
- id: do_daily_tasks
schedule: '00 00 * * *'
command: 'bundle exec rake mastodon:daily'
network_dirs:
data.storage:
- public/system
- id: clear_silenced_media
schedule: '10 00 * * *'
command: 'bundle exec rake mastodon:media:remove_silenced'
cron:
# 20:00 (8 pm), server time: send out the daily digest emails to everyone
# who opted to receive one
- id: send_digest_emails
schedule: '00 20 * * *'
command: 'bundle exec rake mastodon:emails:digest'
# 00:10 (ten past midnight), server time: remove local copies of remote
# users' media once they are older than a certain age (use NUM_DAYS evar to
# change this from the default of 7 days)
- id: clear_remote_media
schedule: '20 00 * * *'
schedule: '10 00 * * *'
command: 'bundle exec rake mastodon:media:remove_remote'
# 00:20 (twenty past midnight), server time: remove subscriptions to remote
# users that nobody follows locally (anymore)
- id: clear_unfollowed_subs
schedule: '30 00 * * *'
schedule: '20 00 * * *'
command: 'bundle exec rake mastodon:push:clear'
- id: send_digest_emails
schedule: '00 20 * * *'
command: 'bundle exec rake mastodon:emails:digest'
# 00:30 (half past midnight), server time: update local copies of remote
# users' avatars to match whatever they currently have set on their profile
- id: update_remote_avatars
schedule: '30 00 * * *'
command: 'bundle exec rake mastodon:media:redownload_avatars'
############################################################################
# This task is one you might want to enable, or might not. It keeps disk
# usage low, but makes "shadow bans" (scenarios where the user is silenced,
# but not intended to be made aware that the silencing has occurred) much
# more difficult to put in place, as users would then notice their media is
# vanishing on a regular basis. Enable it if you aren't worried about users
# knowing they've been silenced (on the instance level), and want to save
# disk space. Leave it disabled otherwise.
############################################################################
# # 00:00 (midnight), server time: remove media posted by silenced users
# - id: clear_silenced_media
# schedule: '00 00 * * *'
# command: 'bundle exec rake mastodon:media:remove_silenced'
############################################################################
# The following two tasks can be uncommented to automatically open and close
# registrations on a schedule. The format of 'schedule' is a standard cron
# time expression: minute hour day month day-of-week; search for "cron
# time expressions" for more info on how to set these up. The examples here
# open registration only from 8 am to 4 pm, server time.
#
############################################################################
# # 08:00 (8 am), server time: open registrations so new users can join
# - id: open_registrations
# schedule: '00 08 * * *'
# command: 'bundle exec rake mastodon:settings:open_registrations'
#
# # 16:00 (4 pm), server time: close registrations so new users *can't* join
# - id: close_registrations
# schedule: '00 16 * * *'
# command: 'bundle exec rake mastodon:settings:close_registrations'
data.db:
image: nanobox/postgresql:9.5
......@@ -170,6 +206,7 @@ data.db:
curl -k -H "X-AUTH-TOKEN: ${WAREHOUSE_DATA_HOARDER_TOKEN}" https://${WAREHOUSE_DATA_HOARDER_HOST}:7410/blobs/${file} -X DELETE
done
data.redis:
image: nanobox/redis:3.0
......@@ -189,6 +226,7 @@ data.redis:
curl -k -H "X-AUTH-TOKEN: ${WAREHOUSE_DATA_HOARDER_TOKEN}" https://${WAREHOUSE_DATA_HOARDER_HOST}:7410/blobs/${file} -X DELETE
done
data.storage:
image: nanobox/unfs:0.9
......
......@@ -42,7 +42,12 @@ http {
try_files $uri @rails;
}
location ~ ^/(assets|system/media_attachments/files|system/accounts/avatars) {
location /sw.js {
add_header Cache-Control "public, max-age=0";
try_files $uri @rails;
}
location ~ ^/(emoji|packs|system/media_attachments/files|system/accounts/avatars) {
add_header Cache-Control "public, max-age=31536000, immutable";
try_files $uri @rails;
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment