Problems with creating my own instance

SomeBoyo@feddit.de to Selfhosted@lemmy.world – 23 points –

I am currently trying to create my own Lemmy instance and am following the join-lemmy.org docker guide. But unfortunately docker compose up doesn't work with the default config and throw's a yaml: line 32: found character that cannot start any token error. Is there something I can do to fix this?

The section in question is

{% for item in lemmy_env_vars %}
{% for key, value in item.items() %}
      - {{ key }}={{ value }}
{% endfor %}
{% endfor %}
{% endif %}
10

You are viewing a single comment
View all comments

I'm not a pro at Docker, but I've spun up over 30 different services using Docker Compose so I'm more than a novice. I would say that Lemmy's documentation is the worst I've ever seen.

The website points you at that compose file which is (I think?) designed for Ansible. I think there's another example somewhere without all the jibbery joo, but I can't search for it right now.

Edit: here it is https://github.com/LemmyNet/lemmy/blob/main/docker/docker-compose.yml

No idea why they don't link to that one in the first place. I'd fix it if I knew how.

If memory serves, the default docker compose expose the database port with a basic hard coded password, too. So imagine using the compose without reading too much, next thing you know you’re running a free Postgres database for the world.

Edit: yep, still publishing the db port with hard coded password…

The lemmy docs are all a mess. Try writing something that uses the lemmy api and you start crying because looking up the endpoints in the code tells you what it does faster than their 'documentation'

Thank you, I was wondering, what that stuff was

If you use that docker compose file, I recommend you comment out the build section and uncomment the image section in the lemmy service.

I also recommend you use a reverse proxy and Docker networks rather than exposing the postgres instance on port 5433, but if you aren’t familiar with Docker networks you can leave it as is for now. If you’re running locally and don’t open that port in your router’s firewall, it’s a non-issue unless there’s an attacker on your LAN, but given that you’re not gaining anything from exposing it (unless you need to connect to the DB directly regularly - as a one off you could temporarily add the port mapping), it doesn’t make sense to increase your attack surface for no benefit.