I am trying to deploy a mastodon server using this project: https://github.com/tootsuite/mastodon
I am running Docker-Compose and Podman on a Fedora 33 server.
$ docker-compose --version
docker-compose version 1.27.4, build unknown
$ docker --version
podman version 3.0.1
$ cat /etc/fedora-release
Fedora release 33 (Thirty Three)
I had to do some changes into the docker-compose.yml to make it work with Podman. You can see my whole config file below.
version: '3'
services:
db:
restart: always
image: postgres:9.6-alpine
shm_size: 256mb
networks:
- internal_network
healthcheck:
test: ["CMD", "pg_isready", "-U", "postgres"]
timeout: 45s
interval: 10s
retries: 10
volumes:
- ./postgres:/var/lib/postgresql/data
environment:
- POSTGRES_HOST_AUTH_METHOD=trust
redis:
restart: always
image: redis:6.0-alpine
networks:
- internal_network
healthcheck:
test: ["CMD", "redis-cli", "ping"]
timeout: 45s
interval: 10s
retries: 10
volumes:
- ./redis:/data
# es:
# restart: always
# image: docker.elastic.co/elasticsearch/elasticsearch-oss:6.8.10
# environment:
# - "ES_JAVA_OPTS=-Xms512m -Xmx512m"
# - "cluster.name=es-mastodon"
# - "discovery.type=single-node"
# - "bootstrap.memory_lock=true"
# networks:
# - internal_network
# healthcheck:
# test: ["CMD-SHELL", "curl --silent --fail localhost:9200/_cluster/health || exit 1"]
# volumes:
# - ./elasticsearch:/usr/share/elasticsearch/data
# ulimits:
# memlock:
# soft: -1
# hard: -1
web:
# build: .
image: tootsuite/mastodon
restart: always
env_file: .env.production
command: bash -c "rm -f /mastodon/tmp/pids/server.pid; bundle exec rails s -p 3000"
networks:
- external_network
- internal_network
healthcheck:
test: ["CMD-SHELL", "wget -q --spider --proxy=off localhost:3000/health || exit 1"]
timeout: 45s
interval: 10s
retries: 10
ports:
- "127.0.0.1:3000:3000"
depends_on:
- db
- redis
# - es
volumes:
- ./public/system:/mastodon/public/system
streaming:
build: .
image: tootsuite/mastodon
restart: always
env_file: .env.production
command: node ./streaming
networks:
- external_network
- internal_network
healthcheck:
test: ["CMD-SHELL", "wget -q --spider --proxy=off localhost:4000/api/v1/streaming/health || exit 1"]
timeout: 45s
interval: 10s
retries: 10
ports:
- "127.0.0.1:4000:4000"
depends_on:
- db
- redis
sidekiq:
build: .
image: tootsuite/mastodon
restart: always
env_file: .env.production
command: bundle exec sidekiq
depends_on:
- db
- redis
networks:
- external_network
- internal_network
volumes:
- ./public/system:/mastodon/public/system
## Uncomment to enable federation with tor instances along with adding the following ENV variables
## http_proxy=http://privoxy:8118
## ALLOW_ACCESS_TO_HIDDEN_SERVICE=true
# tor:
# image: sirboops/tor
# networks:
# - external_network
# - internal_network
#
# privoxy:
# image: sirboops/privoxy
# volumes:
# - ./priv-config:/opt/config
# networks:
# - external_network
# - internal_network
networks:
external_network:
internal_network:
internal: true
Here is a diff with remote version of the file on the repository:
(tl;dr: I added options to health-checks and an env variable to authorize running postgres without password and commented build option to use image from the repo, as building was failing too)
$ git diff docker-compose.yml
diff --git a/docker-compose.yml b/docker-compose.yml
index 52eea7a74..a8e047ec7 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -9,8 +9,13 @@ services:
- internal_network
healthcheck:
test: ["CMD", "pg_isready", "-U", "postgres"]
+ timeout: 45s
+ interval: 10s
+ retries: 10
volumes:
- ./postgres:/var/lib/postgresql/data
+ environment:
+ - POSTGRES_HOST_AUTH_METHOD=trust
redis:
restart: always
@@ -19,6 +24,9 @@ services:
- internal_network
healthcheck:
test: ["CMD", "redis-cli", "ping"]
+ timeout: 45s
+ interval: 10s
+ retries: 10
volumes:
- ./redis:/data
@@ -42,7 +50,7 @@ services:
# hard: -1
web:
- build: .
+ # build: .
image: tootsuite/mastodon
restart: always
env_file: .env.production
@@ -52,6 +60,9 @@ services:
- internal_network
healthcheck:
test: ["CMD-SHELL", "wget -q --spider --proxy=off localhost:3000/health || exit 1"]
+ timeout: 45s
+ interval: 10s
+ retries: 10
ports:
- "127.0.0.1:3000:3000"
depends_on:
@@ -72,6 +83,9 @@ services:
- internal_network
healthcheck:
test: ["CMD-SHELL", "wget -q --spider --proxy=off localhost:4000/api/v1/streaming/health || exit 1"]
+ timeout: 45s
+ interval: 10s
+ retries: 10
ports:
- "127.0.0.1:4000:4000"
depends_on:
Generating secrets was fine, but it failed on this command:
$ sudo docker-compose run --rm web bundle exec rails db:migrate
Creating network "mastodon_internal_network" with the default driver
Creating network "mastodon_external_network" with the default driver
Creating mastodon_db_1 ... done
Creating mastodon_redis_1 ... done
Creating mastodon_web_run ... done
rails aborted!
PG::ConnectionBad: could not translate host name "db" to address: Name or service not known
I already used the combination of Docker-Compose and Podman 3.0 with several projects and I never had any issue with hostname resolving inside networks. I wonder if I must specify a driver for this situation.
Also I would like a way to test if I can reach db service with this hostname from the container of web and so, if the problem is in the code (that I highly doubt but I want to be sure).
EDIT1: Logs of db service showing that the service seems to be running fine and ready to accept connections
$ sudo docker logs -f mastodon_db_1
PostgreSQL Database directory appears to contain a database; Skipping initialization
LOG: database system was shut down at 2021-04-01 07:02:04 UTC
LOG: MultiXact member wraparound protections are now enabled
LOG: database system is ready to accept connections
LOG: autovacuum launcher started
I have found a solution: removing networks' definition.
It sounds cheap, but it worked.
So the final docker-compose.yml looks like this:
version: '3'
services:
db:
restart: always
image: postgres:9.6-alpine
shm_size: 256mb
healthcheck:
test: ["CMD", "pg_isready", "-U", "postgres"]
timeout: 45s
interval: 10s
retries: 10
volumes:
- ./postgres:/var/lib/postgresql/data
environment:
- POSTGRES_HOST_AUTH_METHOD=trust
redis:
restart: always
image: redis:6.0-alpine
healthcheck:
test: ["CMD", "redis-cli", "ping"]
timeout: 45s
interval: 10s
retries: 10
volumes:
- ./redis:/data
# es:
# restart: always
# image: docker.elastic.co/elasticsearch/elasticsearch-oss:6.8.10
# environment:
# - "ES_JAVA_OPTS=-Xms512m -Xmx512m"
# - "cluster.name=es-mastodon"
# - "discovery.type=single-node"
# - "bootstrap.memory_lock=true"
# networks:
# - internal_network
# healthcheck:
# test: ["CMD-SHELL", "curl --silent --fail localhost:9200/_cluster/health || exit 1"]
# volumes:
# - ./elasticsearch:/usr/share/elasticsearch/data
# ulimits:
# memlock:
# soft: -1
# hard: -1
web:
# build: .
image: tootsuite/mastodon
restart: always
env_file: .env.production
command: bash -c "rm -f /mastodon/tmp/pids/server.pid; bundle exec rails s -p 3000"
healthcheck:
test: ["CMD-SHELL", "wget -q --spider --proxy=off localhost:3000/health || exit 1"]
timeout: 45s
interval: 10s
retries: 10
ports:
- "127.0.0.1:3000:3000"
depends_on:
- db
- redis
# - es
volumes:
- ./public/system:/mastodon/public/system
streaming:
build: .
image: tootsuite/mastodon
restart: always
env_file: .env.production
command: node ./streaming
healthcheck:
test: ["CMD-SHELL", "wget -q --spider --proxy=off localhost:4000/api/v1/streaming/health || exit 1"]
timeout: 45s
interval: 10s
retries: 10
ports:
- "127.0.0.1:4000:4000"
depends_on:
- db
- redis
sidekiq:
build: .
image: tootsuite/mastodon
restart: always
env_file: .env.production
command: bundle exec sidekiq
depends_on:
- db
- redis
volumes:
- ./public/system:/mastodon/public/system
## Uncomment to enable federation with tor instances along with adding the following ENV variables
## http_proxy=http://privoxy:8118
## ALLOW_ACCESS_TO_HIDDEN_SERVICE=true
# tor:
# image: sirboops/tor
# networks:
# - external_network
# - internal_network
#
# privoxy:
# image: sirboops/privoxy
# volumes:
# - ./priv-config:/opt/config
# networks:
# - external_network
# - internal_network