Open menu

Lemmy in Docker on Proxmox, behind PFSense


How to run Lemmy in the most obscure way

I have a proxmox host that runs a virtual pfsense firewall and a docker swarm, why not try and run Lemmy on it.

This should be easy and for the most part is, copy paste the docker-compose file. Edit it for swarm, stand it up.

Find out that you missed the traefik routing, so fix that.

Now I have it working, I found that the update to 0.18.1 broke it. Lemmy was trying to call its self and failing, so to fix it I gave PFSense a custom DNS entry.

The setup

The compose file

The below compose file is how I stand it all up, this is also on my github repo

Things you should note

# networks:

volumes:
  lemmy_pgsql:
    driver: local
    driver_opts:
      type: none
      o: bind
      device: '/mnt/data/lemmy/pgsql'
  lemmy_pgsql_config:
    driver: local
    driver_opts:
      type: none
      o: bind
      device: '/mnt/data/lemmy/pgsql_config'
  lemmy_pics:
    driver: local
    driver_opts:
      type: none
      o: bind
      device: '/mnt/data/lemmy/pics'
  lemmy_themes:
    driver: local
    driver_opts:
      type: none
      o: bind
      device: '/mnt/data/lemmy/themes'

configs:
  lemmy_nginx:
    external: true
  lemmy_config:
    external: true

x-logging: &default-logging
  driver: "json-file"
  options:
    max-size: "50m"
    max-file: "4"

services:
  proxy:
    image: nginx:1-alpine
    restart: always
    logging: *default-logging
    depends_on:
      - pictrs
      - lemmy-ui
    configs:
      - source: lemmy_nginx
        target: /etc/nginx/nginx.conf
        uid: "0"
        gid: "0"
        mode: 0444
    networks:
      - proxy_lemmy
    deploy:
    labels:
      - "traefik.docker.network=proxy_lemmy"
      - "traefik.http.routers.lemmy.rule=Host(`lemmy.example.com`)"
      - "traefik.http.routers.lemmy.service=lemmy"
      - "traefik.http.services.lemmy.loadbalancer.server.port=8536"

  lemmy:
    image: dessalines/lemmy:0.18.0
    hostname: lemmy
    restart: always
    logging: *default-logging
    environment:
      - RUST_LOG="warn"
    depends_on:
      - postgres
      - pictrs
    configs:
      - source: lemmy_config
        target: /config/config.hjson
        uid: "0"
        gid: "0"
        mode: 0444
    networks:
      - proxy_lemmy

  lemmy-ui:
    image: dessalines/lemmy-ui:0.18.0
    environment:
      - LEMMY_UI_LEMMY_INTERNAL_HOST=lemmy:8536
      - LEMMY_UI_LEMMY_EXTERNAL_HOST=https://lemmy.example.com
      - LEMMY_UI_HTTPS=true
    volumes:
      - lemmy_themes:/app/extra_themes
    depends_on:
      - lemmy
    restart: always
    logging: *default-logging
    networks:
      - proxy_lemmy

  pictrs:
    image: asonix/pictrs:0.4.0-rc.7
    # this needs to match the pictrs url in lemmy.hjson
    hostname: pictrs
    # we can set options to pictrs like this, here we set max. image size and forced format for conversion
    # entrypoint: /sbin/tini -- /usr/local/bin/pict-rs -p /mnt -m 4 --image-format webp
    environment:
      - PICTRS_OPENTELEMETRY_URL=http://otel:4137
      - PICTRS__API_KEY=<PASSWORD>
      - RUST_LOG=debug
      - RUST_BACKTRACE=full
      - PICTRS__MEDIA__VIDEO_CODEC=vp9
      - PICTRS__MEDIA__GIF__MAX_WIDTH=256
      - PICTRS__MEDIA__GIF__MAX_HEIGHT=256
      - PICTRS__MEDIA__GIF__MAX_AREA=65536
      - PICTRS__MEDIA__GIF__MAX_FRAME_COUNT=400
    user: 991:991
    volumes:
      - lemmy_pics:/mnt:Z
    restart: always
    logging: *default-logging
    deploy:
      resources:
        limits:
          memory: 690m
    networks:
      - proxy_lemmy

  postgres:
    image: postgres:15-alpine
    hostname: postgres
    environment:
      - POSTGRES_USER=lemmy
      - POSTGRES_PASSWORD=<PASSWORD>
      - POSTGRES_DB=lemmy
    volumes:
      - lemmy_pgsql:/var/lib/postgresql/data:Z
      - lemmy_pgsql_config:/etc/postgresql
    restart: always
    logging: *default-logging
    networks:
      - proxy_lemmy

  postfix:
    image: mwader/postfix-relay
    environment:
      - POSTFIX_myhostname=example.com
    restart: "always"
    logging: *default-logging
    networks:
      - proxy_lemmy

Published: 11 Jul 2023 by Matt Horwood