If your discussion involves attacking entire groups for the actions of a few then you’ve already given up. Please be respectful, except against bigotry, fuck that noise.

  • 0 Posts
  • 2 Comments
Joined 1 year ago
cake
Cake day: June 8th, 2023

help-circle
  • The thing I struggled with the most was adapting the provided docker-compose.yml for my Caddy setup.

    I am using caddy-docker-proxy, which I absolutely love but their documentation is not the greatest for matchers.

    If anyone else wants a super basic Lemmy instance running on Caddy with their domain on Cloudflare here is a docker-compose.yml

    Please make sure you update your lemmy.hjson hostname field to match the domain you used in the docker-compose.yml for the caddy labels

    If you’re not using Cloudflare you can replace build: . (and not use the Dockerfile I provided below) in the caddy service with image: lucaslorentz/caddy-docker-proxy:ci-alpine (and remove the caddy.acme_dns label) and I believe it will fall back to Let’sEncrypt

    version: "3.9"
    
    services:
      caddy:
        container_name: caddy
        build: .
        depends_on:
          - lemmy-ui
          - pictrs
        ports:
          - 80:80
          - 443:443
        environment:
          CADDY_INGRESS_NETWORKS: caddy
        networks:
          - caddy
        volumes:
          - /var/run/docker.sock:/var/run/docker.sock
          - /opt/docker/caddy/data:/data
          - /opt/docker/caddy/config:/config
        labels:
          caddy.log.format: console
          caddy.acme_dns: cloudflare YOUR_CLOUDFLARE_API_TOKEN
        restart: unless-stopped
      lemmy:
        container_name: lemmy
        image: dessalines/lemmy:0.17.3
        depends_on:
          - postgres
          - pictrs
        environment:
          RUST_LOG: "warn,lemmy_server=info,lemmy_api=info,lemmy_api_common=info,lemmy_api_crud=info,lemmy_apub=info,lemmy_db_schema=info,lemmy_db_views=info,lemmy_db_views_actor=info,lemmy_db_views_moderator=info,lemmy_routes=info,lemmy_utils=info,lemmy_websocket=info"
        networks:
          - caddy
        volumes:
          - /opt/docker/lemmy/lemmy.hjson:/config/config.hjson:ro
        labels:
          caddy: "your.domain.com"
          caddy.@lemmy: path_regexp ^/(api|pictrs|feeds|nodeinfo|\.well-known)/.*$
          caddy.@post: method POST
          caddy.@accept: header Accept application/*
          caddy.reverse_proxy_1: "@lemmy {{upstreams 8536}}"
          caddy.reverse_proxy_2: "@post {{upstreams 8536}}"
          caddy.reverse_proxy_3: "@accept {{upstreams 8536}}"
        restart: unless-stopped
      lemmy-ui:
        container_name: lemmy-ui
        image: dessalines/lemmy-ui:0.17.3
        depends_on:
          - lemmy
        environment:
          LEMMY_UI_LEMMY_INTERNAL_HOST: lemmy:8536
          LEMMY_UI_LEMMY_EXTERNAL_HOST: localhost:1234
          LEMMY_HTTPS: true
        networks:
          - caddy
        labels:
          caddy: "your.domain.com"
          caddy.reverse_proxy: "{{upstreams 1234}}"
        restart: unless-stopped
      pictrs:
        container_name: pictrs
        image: asonix/pictrs:0.3.1
        environment:
          PICTRS__API_KEY: API_KEY
        user: 991:991
        volumes:
          - /opt/docker/pictrs:/mnt
        networks:
          - caddy
      postgres:
        container_name: postgres
        image: postgres:15-alpine
        environment:
          POSTGRES_DB: lemmy
          POSTGRES_USER: lemmy
          POSTGRES_PASSWORD: password
        volumes:
          - /opt/docker/postgres:/var/lib/postgresql/data
        networks:
          - caddy
        restart: unless-stopped
    
    networks:
      caddy:
        external: true
    

    Here is the Dockerfile used for the caddy container:

    ARG CADDY_VERSION=2.6.4
    
    FROM caddy:${CADDY_VERSION}-builder AS builder
    
    RUN xcaddy build \
        --with github.com/lucaslorentz/caddy-docker-proxy/v2@v2.8.4 \
        --with github.com/caddy-dns/cloudflare
    
    FROM caddy:${CADDY_VERSION}-alpine
    
    RUN apk add --no-cache tzdata
    
    COPY --from=builder /usr/bin/caddy /usr/bin/caddy
    
    CMD ["caddy", "docker-proxy"]
    

  • If you have Cloudflare you can set up an email alias for incoming email and then create a secondary Gmail address on top of your existing one for outgoing email. If you go to ‘Settings > Accounts and Import > Send mail as’ and add another email address (not an alias) with the same email as the one you setup on Cloudflare (noreply@yourdomain.com). You will likely need to create a Gmail app password to sign into the email server if you use 2FA.

    Once you’ve created this email Gmail will send you a confirmation email to confirm it’s all working. Then you can just enter Google’s SMTP server info for Lemmy along with your email you used to login to the SMTP server when you added a new email in Gmail settings (your actual email, not the CF one), and the app password you created.

    If done it this way for a few services beyond Lemmy and it’s worked well so far. This way you’re also using a Gmail account technically so you can hopefully avoid blacklists and spam filters.