静看光阴荏苒
不管不顾不问不说也不念

Docker安装Firefish

Firefish是Misskey的一个分支,具有多项改进和错误修复。Firefish与Misskey的显著差异,主要在以下几个方面(摘自Firefish项目页面的介绍):

Improved UI/UX (especially on mobile)
Post editing
Content importing
Improved notifications
Improved server security
Improved accessibility
Improved threads
Recommended Servers timeline
OCR image captioning
New and improved Groups
Better intro tutorial
Compatibility with Mastodon clients/apps
Backfill user information
Advanced search
Many more user and admin settings
Many bug fixes and performance improvements
Link verification
So much more!

下面的安装步骤基于Debian12 ARM64。安装需要用到的软件包:

apt -y update
apt -y install curl nginx python3-certbot-nginx

安装Docker:

curl -fsSL https://get.docker.com -o get-docker.sh
sh get-docker.sh

新建目录以及docker-compose文件:

mkdir -p /opt/firefish/config && cd /opt/firefish && nano docker-compose.yml

写入如下配置:

version: '3.8'

services:
  web:
    image: registry.joinfirefish.org/firefish/firefish:arm64
    container_name: firefish_web
    restart: unless-stopped
    depends_on:
      - db
      - redis
      - meilisearch
    ports:
      - "127.0.0.1:3000:3000"
    networks:
      - calcnet
    environment:
      - NODE_ENV=production
    volumes:
      - ./files:/firefish/files
      - ./config:/firefish/.config:ro

  db:
    image: docker.io/postgres:14-alpine
    container_name: firefish_db
    restart: unless-stopped
    networks:
      - calcnet
    environment:
      - POSTGRES_DB=firefish
      - POSTGRES_USER=imlala
      - POSTGRES_PASSWORD=setyourdbpasswd
    volumes:
      - ./db:/var/lib/postgresql/data

  redis:
    image: docker.io/redis:7.0-alpine
    container_name: firefish_redis
    restart: unless-stopped
    networks:
      - calcnet
    volumes:
      - ./redis:/data

  meilisearch:
    container_name: firefish_meilisearch
    image: getmeili/meilisearch:v1.4
    restart: unless-stopped
    networks:
      - calcnet
    environment:
      - MEILI_ENV=production
      - MEILI_MASTER_KEY=setyourapikey
      - MEILI_NO_ANALYTICS=true
    volumes:
      - ./meili_data:/meili_data

networks:
  calcnet:

在config目录下新建一个firefish需要用到的配置文件:

nano config/default.yml

写入如下配置,需要改动的地方后面我会详细介绍:

#━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
# Firefish configuration
#━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

# After starting your server, please don't change the URL! Doing so will break federation.

#   ┌─────┐
#───┘ URL └─────────────────────────────────────────────────────

# Final accessible URL seen by a user.
url: https://example.com/

#   ┌───────────────────────┐
#───┘ Port and TLS settings └───────────────────────────────────

#
# Firefish requires a reverse proxy to support HTTPS connections.
#
#                 +----- https://example.com/ ------------+
#   +------+      |+-------------+      +----------------+|
#   | User | ---> || Proxy (443) | ---> | Firefish (3000) ||
#   +------+      |+-------------+      +----------------+|
#                 +---------------------------------------+
#
#   You need to set up a reverse proxy. (e.g. nginx, caddy)
#   An encrypted connection with HTTPS is highly recommended
#   because tokens may be transferred in GET requests.

# The port that your Firefish server should listen on.
port: 3000

# The bind host your Firefish server should listen on.
# If unspecified, the wildcard address will be used.
#bind: 127.0.0.1

#   ┌──────────────────────────┐
#───┘ PostgreSQL configuration └────────────────────────────────

db:
  host: localhost
  port: 5432
  #ssl: false
  # Database name
  db: firefish

  # Auth
  user: example-firefish-user
  pass: example-firefish-pass

  # Whether disable Caching queries
  #disableCache: true

  # Extra Connection options
  #extra:
  #  ssl:
  #   host: localhost
  #   rejectUnauthorized: false

#   ┌─────────────────────┐
#───┘ Redis configuration └─────────────────────────────────────

redis:
  host: localhost
  port: 6379
  #tls:
  #  host: localhost
  #  rejectUnauthorized: false
  #family: 0  # 0=Both, 4=IPv4, 6=IPv6
  #pass: example-pass
  #prefix: example-prefix
  #db: 1
  #user: default

#   ┌─────────────────────────────┐
#───┘ Cache server configuration └─────────────────────────────────────

# A Redis-compatible server (DragonflyDB, Keydb, Redis) for caching
# If left blank, it will use the Redis server from above

#cacheServer:
  #host: localhost
  #port: 6379
  #family: 0  # 0=Both, 4=IPv4, 6=IPv6
  #pass: example-pass
  #prefix: example-prefix
  #db: 1

# Please configure either MeiliSearch *or* Sonic.
# If both MeiliSearch and Sonic configurations are present, MeiliSearch will take precedence.

#   ┌───────────────────────────┐
#───┘ MeiliSearch configuration └─────────────────────────────────────
#meilisearch:
#  host: meilisearch
#  port: 7700
#  ssl: false
#  apiKey:

#   ┌─────────────────────┐
#───┘ Sonic configuration └─────────────────────────────────────

#sonic:
#  host: localhost
#  port: 1491
#  auth: SecretPassword
#  collection: notes
#  bucket: default


#   ┌───────────────┐
#───┘ ID generation └───────────────────────────────────────────

# No need to uncomment in most cases, but you may want to change
# these settings if you plan to run a large and/or distributed server.

# cuid:
#   # Min 16, Max 24
#   length: 16
#
#   # Set this to a unique string across workers (e.g., machine's hostname)
#   # if your workers are running in multiple hosts.
#   fingerprint: my-fingerprint


#   ┌─────────────────────┐
#───┘ Other configuration └─────────────────────────────────────

# Maximum length of a post (default 3000, max 100000)
#maxNoteLength: 3000

# Maximum length of an image caption (default 1500, max 8192)
#maxCaptionLength: 1500

# Reserved usernames that only the administrator can register with
reservedUsernames: [
  'root',
  'admin',
  'administrator',
  'me',
  'system'
]

# Whether disable HSTS
#disableHsts: true

# Number of worker processes by type.
# The sum must not exceed the number of available cores.
#clusterLimits:
#  web: 1
#  queue: 1

# Job concurrency per worker
# deliverJobConcurrency: 128
# inboxJobConcurrency: 16

# Job rate limiter
# deliverJobPerSec: 128
# inboxJobPerSec: 16

# Job attempts
# deliverJobMaxAttempts: 12
# inboxJobMaxAttempts: 8

# Local address used for outgoing requests
#outgoingAddress: 127.0.0.1

# IP address family used for outgoing request (ipv4, ipv6 or dual)
#outgoingAddressFamily: ipv4

# Syslog option
#syslog:
#  host: localhost
#  port: 514

# Proxy for HTTP/HTTPS
#proxy: http://127.0.0.1:3128

#proxyBypassHosts: [
#  'web.kaiteki.app',
#  'example.com',
#  '192.0.2.8'
#]

# Proxy for SMTP/SMTPS
#proxySmtp: http://127.0.0.1:3128   # use HTTP/1.1 CONNECT
#proxySmtp: socks4://127.0.0.1:1080 # use SOCKS4
#proxySmtp: socks5://127.0.0.1:1080 # use SOCKS5

# Media Proxy
#mediaProxy: https://example.com/proxy

# Proxy remote files (default: false)
#proxyRemoteFiles: true

#allowedPrivateNetworks: [
#  '127.0.0.1/32'
#]

# TWA
#twa:
#  nameSpace: android_app
#  packageName: tld.domain.twa
#  sha256CertFingerprints: ['AB:CD:EF']

# Upload or download file size limits (bytes)
#maxFileSize: 262144000

#━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
# Congrats, you've reached the end of the config file needed for most deployments!
# Enjoy your Firefish server!
#━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━




#━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
# Managed hosting settings
# >>> NORMAL SELF-HOSTERS, STAY AWAY! <<<
# >>> YOU DON'T NEED THIS! <<<
# Each category is optional, but if each item in each category is mandatory!
# If you mess this up, that's on you, you've been warned...
#━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

#maxUserSignups: 100
#isManagedHosting: true
#deepl:
#  managed: true
#  authKey: ''
#  isPro: false
#
#email:
#  managed: true
#  address: 'example@email.com'
#  host: 'email.com'
#  port: 587
#  user: 'example@email.com'
#  pass: ''
#  useImplicitSslTls: false
#
#objectStorage:
#  managed: true
#  baseUrl: ''
#  bucket: ''
#  prefix: ''
#  endpoint: ''
#  region: ''
#  accessKey: ''
#  secretKey: ''
#  useSsl: true
#  connnectOverProxy: false
#  setPublicReadOnUpload: true
#  s3ForcePathStyle: true

# !!!!!!!!!!
# >>>>>> AGAIN, NORMAL SELF-HOSTERS, STAY AWAY! <<<<<<
# >>>>>> YOU DON'T NEED THIS, ABOVE SETTINGS ARE FOR MANAGED HOSTING ONLY! <<<<<<
# !!!!!!!!!!

# Seriously. Do NOT fill out the above settings if you're self-hosting.
# They're much better off being set from the control panel.

上面这个配置文件是官方的默认配置,看上去有很多内容,但实际上需要改动的地方不多,你只需要改动下面我列出的这些配置项即可:

1、配置站点域名:

   ┌─────┐
───┘ URL └─────────────────────────────────────────────────────

url: https://firefish.example.com/

2、配置数据库连接:

   ┌──────────────────────────┐
───┘ PostgreSQL configuration └────────────────────────────────

db:
  host: db // host对应docker-compose内的services名
  port: 5432
...
  db: firefish // 应设置为POSTGRES_DB变量的值
  user: imlala // 应设置为POSTGRES_USER变量的值
  pass: setyourdbpasswd // 应设置为POSTGRES_PASSWORD变量的值
...

3、配置Redis:

   ┌─────────────────────┐
───┘ Redis configuration └─────────────────────────────────────

redis:
  host: redis // host对应docker-compose内的services名
  port: 6379
...

4、配置Meilisearch:

   ┌───────────────────────────┐
───┘ MeiliSearch configuration └─────────────────────────────────────

meilisearch:
  host: meilisearch
  port: 7700
  ssl: false
  apiKey: setyourapikey // 应设置为MEILI_MASTER_KEY变量的值
...

其他的大多数配置内容都可以稍后在后台管理面板进行修改。现在你只需拉取镜像并启动容器:

docker compose up -d

查看容器运行状态,确保STATUS都是UP:

接下来配置NGINX反向代理,新建NGINX站点配置文件:

nano /etc/nginx/sites-available/firefish

写入如下配置:

map $http_upgrade $connection_upgrade {
    default upgrade;
    ''      close;
}

proxy_cache_path /tmp/nginx_cache levels=1:2 keys_zone=cache1:16m max_size=1g inactive=720m use_temp_path=off;

server {
    listen 80;
    server_name firefish.example.com;
    client_max_body_size 0;

    location / {
        proxy_pass http://127.0.0.1:3000;
        proxy_set_header Host $host;
        proxy_http_version 1.1;
        proxy_redirect off;

        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto https;

        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection $connection_upgrade;

        proxy_cache cache1;
        proxy_cache_lock on;
        proxy_cache_use_stale updating;
        add_header X-Cache $upstream_cache_status;
    }
}

启用站点:

ln -s /etc/nginx/sites-available/firefish /etc/nginx/sites-enabled/firefish

签发SSL证书:

certbot --nginx

现在访问你的站点,创建管理员账号即完成全部安装过程了。

一点注意事项,如果你的meilisearch是后续安装的,即安装meilisearch的时候实例内已经有帖子了,为了能够搜索到所有内容,你还需要在后台点一下这个索引帖子:

这里留空,索引全部内容:

参考:

https://www.meilisearch.com/docs/learn/configuration/instance_options
https://raw.githubusercontent.com/meilisearch/meilisearch/latest/config.toml
https://git.joinfirefish.org/firefish/firefish/-/blob/develop/docs/docker.md

赞(4)
未经允许不得转载:荒岛 » Docker安装Firefish
分享到: 更多 (0)

评论 5

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址
  1. #1

    大佬 你好 能合作下广告位吗?广告合作哪里点挤不进去 看到留言烦请联系我 TG https://t.me/paidaxing12345

    派大星1年前 (2023-10-10) Microsoft Edge 117.0.2045.60 Microsoft Edge 117.0.2045.60 Windows 10 x64 Edition Windows 10 x64 Edition回复
  2. #2

    lala 是不是还有个https://joinsharkey.org/ 也是misskey的分支

    啊啊1年前 (2023-11-30) Google Chrome 119.0.0.0 Google Chrome 119.0.0.0 Windows 10 x64 Edition Windows 10 x64 Edition回复
  3. #3

    Error response from daemon: manifest for registry.joinfirefish.org/firefish/firefish:arm64 not found: manifest unknown: manifest unknown 拉拉这个要怎么解决

    粑粑1年前 (2023-12-04) Google Chrome 119.0.0.0 Google Chrome 119.0.0.0 Windows 10 x64 Edition Windows 10 x64 Edition回复
  4. #4

    https://git.joinfirefish.org/firefish/firefish/-/merge_requests/10592/diffs
    https://git.joinfirefish.org/firefish/firefish/-/issues/10730
    lala,我发现正式版本运行会失败。目前只有beta版本的docker镜像修复了这个错误。

    hofaeair11个月前 (01-17) Firefox 121.0 Firefox 121.0 Windows 10 x64 Edition Windows 10 x64 Edition回复

分享创造快乐

广告合作资源投稿