From fa14342f7583f3075ce6b04c03c995e33a0fa5cc Mon Sep 17 00:00:00 2001
From: Ubuntu <ubuntu@vst.labs.lowerlayer.nl>
Date: Sat, 19 Nov 2022 08:32:29 +0000
Subject: [PATCH 1/2] nginx: create certdir directory before attempting symlink

---
 Makefile                                  | 2 ++
 nginx/docker-entrypoint.d/10-createkey.sh | 2 +-
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/Makefile b/Makefile
index 43852d3..458ca54 100644
--- a/Makefile
+++ b/Makefile
@@ -31,6 +31,8 @@ down:
 	$(DOCKER) down
 nginx-shell:
 	$(DOCKER) exec nginx sh
+nginx-logs:
+	$(DOCKER) logs -f --tail 1000 nginx
 grafana-shell:
 	$(DOCKER) exec grafana bash
 hedgedoc-shell:
diff --git a/nginx/docker-entrypoint.d/10-createkey.sh b/nginx/docker-entrypoint.d/10-createkey.sh
index 1fd36f0..d590dff 100755
--- a/nginx/docker-entrypoint.d/10-createkey.sh
+++ b/nginx/docker-entrypoint.d/10-createkey.sh
@@ -7,6 +7,7 @@ if [ -z "$DOMAIN_NAME" ]; then
 fi
 
 certdir="/etc/letsencrypt/live/${DOMAIN_NAME}"
+mkdir -p "$certdir"
 
 # ensure that the keys are available with a fixed path
 for key in fullchain.pem privkey.pem ; do
@@ -17,7 +18,6 @@ if [ -r "$certdir/fullchain.pem" ]; then
 	exit 0
 fi
 
-mkdir -p "$certdir"
 
 echo >&2 "$certdir: Creating temporary keys"
 openssl req \

From 70826bccad3219df16a87ec3f408b502ae2eb107 Mon Sep 17 00:00:00 2001
From: Ubuntu <ubuntu@vst.labs.lowerlayer.nl>
Date: Sat, 19 Nov 2022 11:09:23 +0000
Subject: [PATCH 2/2] mastodon: enable elastic search

---
 mastodon.yaml | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/mastodon.yaml b/mastodon.yaml
index aba46af..e3819e8 100644
--- a/mastodon.yaml
+++ b/mastodon.yaml
@@ -35,14 +35,20 @@ services:
       - ./data/mastodon/redis:/data
 
   mastodon-es:
-    image: docker.elastic.co/elasticsearch/elasticsearch-oss:7.10.2
+    image: docker.elastic.co/elasticsearch/elasticsearch:7.17.5
     restart: always
     container_name: mastodon-es
     environment:
-      - "ES_JAVA_OPTS=-Xms512m -Xmx512m"
+      - "ES_JAVA_OPTS=-Xms512m -Xmx512m -Des.enforce.bootstrap.checks=true"
+      - "xpack.license.self_generated.type=basic"
+      - "xpack.security.enabled=false"
+      - "xpack.watcher.enabled=false"
+      - "xpack.graph.enabled=false"
+      - "xpack.ml.enabled=false"
+      - "bootstrap.memory_lock=true"
       - "cluster.name=es-mastodon"
       - "discovery.type=single-node"
-      - "bootstrap.memory_lock=true"
+      - "thread_pool.write.queue_size=1000"
     env_file:
       - ./env.production
       - ./mastodon/env.production
@@ -53,7 +59,7 @@ services:
     volumes:
        - ./data/mastodon/elasticsearch:/usr/share/elasticsearch/data
     # fixup the permissions on the data directory since they are created as root on host
-    entrypoint: ["/bin/sh", "-c", "chown -R elasticsearch:elasticsearch data && exec /usr/local/bin/docker-entrypoint.sh eswrapper"]
+    entrypoint: ["/bin/sh", "-c", "sysctl -w vm.max_map_count=262144 && chown elasticsearch:elasticsearch data && exec /usr/local/bin/docker-entrypoint.sh eswrapper"]
     ulimits:
       memlock:
         soft: -1