Lemmy in Docker on Proxmox, behind PFSense
How to run Lemmy in the most obscure way
I have a proxmox host that runs a virtual pfsense firewall and a docker swarm, why not try and run Lemmy on it.
This should be easy and for the most part is, copy paste the docker-compose file. Edit it for swarm, stand it up.
Find out that you missed the traefik routing, so fix that.
Now I have it working, I found that the update to 0.18.1 broke it. Lemmy was trying to call its self and failing, so to fix it I gave PFSense a custom DNS entry.
The setup
- proxmox working
- pfsense setup and working on proxmox (https://homelab.horwood.biz/?blog%2F202111262)
- docker swarm on multi nodes (maybe write how?)
- storage for the Lemmy data (make some directories)
The compose file
The below compose file is how I stand it all up, this is also on my github repo
Things you should note
- the data is stored on an NFS mount that both swarm nodes have at the same location
- the configs for both the proxy and Lemmy containers are swarm configs
- I have every stack in its own network, with traefik as the way into the network
version: "3.7"
# networks:
volumes:
lemmy_pgsql:
driver: local
driver_opts:
type: none
o: bind
device: '/mnt/data/lemmy/pgsql'
lemmy_pgsql_config:
driver: local
driver_opts:
type: none
o: bind
device: '/mnt/data/lemmy/pgsql_config'
lemmy_pics:
driver: local
driver_opts:
type: none
o: bind
device: '/mnt/data/lemmy/pics'
lemmy_themes:
driver: local
driver_opts:
type: none
o: bind
device: '/mnt/data/lemmy/themes'
configs:
lemmy_nginx:
external: true
lemmy_config:
external: true
x-logging: &default-logging
driver: "json-file"
options:
max-size: "50m"
max-file: "4"
services:
proxy:
image: nginx:1-alpine
restart: always
logging: *default-logging
depends_on:
- pictrs
- lemmy-ui
configs:
- source: lemmy_nginx
target: /etc/nginx/nginx.conf
uid: "0"
gid: "0"
mode: 0444
networks:
- proxy_lemmy
deploy:
labels:
- "traefik.docker.network=proxy_lemmy"
- "traefik.http.routers.lemmy.rule=Host(`lemmy.example.com`)"
- "traefik.http.routers.lemmy.service=lemmy"
- "traefik.http.services.lemmy.loadbalancer.server.port=8536"
lemmy:
image: dessalines/lemmy:0.18.0
hostname: lemmy
restart: always
logging: *default-logging
environment:
- RUST_LOG="warn"
depends_on:
- postgres
- pictrs
configs:
- source: lemmy_config
target: /config/config.hjson
uid: "0"
gid: "0"
mode: 0444
networks:
- proxy_lemmy
lemmy-ui:
image: dessalines/lemmy-ui:0.18.0
environment:
- LEMMY_UI_LEMMY_INTERNAL_HOST=lemmy:8536
- LEMMY_UI_LEMMY_EXTERNAL_HOST=https://lemmy.example.com
- LEMMY_UI_HTTPS=true
volumes:
- lemmy_themes:/app/extra_themes
depends_on:
- lemmy
restart: always
logging: *default-logging
networks:
- proxy_lemmy
pictrs:
image: asonix/pictrs:0.4.0-rc.7
# this needs to match the pictrs url in lemmy.hjson
hostname: pictrs
# we can set options to pictrs like this, here we set max. image size and forced format for conversion
# entrypoint: /sbin/tini -- /usr/local/bin/pict-rs -p /mnt -m 4 --image-format webp
environment:
- PICTRS_OPENTELEMETRY_URL=http://otel:4137
- PICTRS__API_KEY=<PASSWORD>
- RUST_LOG=debug
- RUST_BACKTRACE=full
- PICTRS__MEDIA__VIDEO_CODEC=vp9
- PICTRS__MEDIA__GIF__MAX_WIDTH=256
- PICTRS__MEDIA__GIF__MAX_HEIGHT=256
- PICTRS__MEDIA__GIF__MAX_AREA=65536
- PICTRS__MEDIA__GIF__MAX_FRAME_COUNT=400
user: 991:991
volumes:
- lemmy_pics:/mnt:Z
restart: always
logging: *default-logging
deploy:
resources:
limits:
memory: 690m
networks:
- proxy_lemmy
postgres:
image: postgres:15-alpine
hostname: postgres
environment:
- POSTGRES_USER=lemmy
- POSTGRES_PASSWORD=<PASSWORD>
- POSTGRES_DB=lemmy
volumes:
- lemmy_pgsql:/var/lib/postgresql/data:Z
- lemmy_pgsql_config:/etc/postgresql
restart: always
logging: *default-logging
networks:
- proxy_lemmy
postfix:
image: mwader/postfix-relay
environment:
- POSTFIX_myhostname=example.com
restart: "always"
logging: *default-logging
networks:
- proxy_lemmy