使用docker-compose部署Redlib

前言

作为7年老用户，我一直使用第三方客户端浏览Reddit。Relay for reddit、rif is fun for Reddit和Slide for reddit，这些是我用过的非常优秀的客户端。臃肿的官方客户端给他们提鞋都不配。

然而，Reddit在2023年宣布对免费API进行限制，开发者们无可奈何，纷纷宣布停止维护三方客户端。在这之后，我也被迫使用网页端，忍受狗皮膏药式无孔不入的广告。

机缘巧合之下，了解到了redlib这类的私有reddit前端，它们可以私有化部署到服务端上，以绕过API请求次数的限制，并且针对网页端的浏览习惯做了适应性的调整，使得浏览体验有了质的提升。

先贴下redlib的官方介绍吧。

10-second pitch: Redlib is a private front-end like Invidious but for Reddit. Browse the coldest takes of r/unpopularopinion without being tracked. 10-second pitch: Redlib is a private front-end like Invidious but for Reddit. Browse the coldest takes of r/unpopularopinion without being tracked.

🚀 Fast: written in Rust for blazing-fast speeds and memory safety

☁️ Light: no JavaScript, no ads, no tracking, no bloat

🕵 Private: all requests are proxied through the server, including >media

🔒 Secure: strong Content Security Policy prevents browser requests to Reddit

最近三个月以来，我一直使用热心网友的redlib实例，然而从2024年9月16日起，这些redlib实例时常报出Failed to parse page JSON data: expected value at line 1 column 1之类的错误。

在排查错误的过程中了解到redlib可以使用docker进行部署。恰好我有一台VPS和一个域名，为什么不自己搭一个试试呢？这就是本文的出发点。

本文将使用docker-compose部署redlib。部署分为两步：

使用IP访问redlib：这是docker-compose部署后的原始状态
使用域名访问redlib：IP地址不便于使用，使用域名符合人类习惯。在这个过程中会使用nginx进行反代

准备工作

安装docker

我的VPS是Ubuntu 22.04 LTS，所以直接跟着官方教程走

卸载老版本的docker

1

 for pkg in docker.io docker-doc docker-compose docker-compose-v2 podman-docker containerd runc; do sudo apt-get remove $pkg; done

设置Docker的`apt`仓库

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13


# Add Docker's official GPG key:
sudo apt-get update
sudo apt-get install ca-certificates curl
sudo install -m 0755 -d /etc/apt/keyrings
sudo curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.asc
sudo chmod a+r /etc/apt/keyrings/docker.asc

# Add the repository to Apt sources:
echo \
  "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu \
  $(. /etc/os-release && echo "$VERSION_CODENAME") stable" | \
  sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
sudo apt-get update

使用apt安装docker包

1

 sudo apt-get install docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin

验证docker已成功安装

1

 sudo docker run hello-world

安装nginx

~~VPS自带，略过~~

部署`redlib`

创建目录

首先新建一个目录，作为redlib的根目录

1
2
3


cd ~
mkdir redlib
cd /redlib

创建`compose.yaml`文件

在刚刚创建的根目录下，创建compose.yaml文件。其为docker compose的描述文件。

内容拷贝官方给的样例

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23


services:
  redlib:
    image: quay.io/redlib/redlib:latest
    restart: always
    container_name: "redlib"
    ports:
      - 8080:8080 # Specify `127.0.0.1:8080:8080` instead if using a reverse proxy
    user: nobody
    read_only: true
    security_opt:
      - no-new-privileges:true
      # - seccomp=seccomp-redlib.json
    cap_drop:
      - ALL
    env_file: .env
    networks:
      - redlib
    healthcheck:
      test: ["CMD", "wget", "--spider", "-q", "--tries=1", "http://localhost:8080/settings"]
      interval: 5m
      timeout: 3s
networks:
  redlib:

创建`.env`文件

该文件是redlib的配置文件。内容同样拷贝官方给的样例

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52


# Redlib configuration
# See the Configuration section of the README for a more detailed explanation of these settings.

# Instance-specific settings
# Enable SFW-only mode for the instance
REDLIB_SFW_ONLY=off
# Set a banner message for the instance
REDLIB_BANNER=
# Disable search engine indexing
REDLIB_ROBOTS_DISABLE_INDEXING=off
# Set the Pushshift frontend for "removed" links
REDLIB_PUSHSHIFT_FRONTEND=undelete.pullpush.io

# Default user settings
# Set the default theme (options: system, light, dark, black, dracula, nord, laserwave, violet, gold, rosebox, gruvboxdark, gruvboxlight)
REDLIB_DEFAULT_THEME=system
# Set the default front page (options: default, popular, all)
REDLIB_DEFAULT_FRONT_PAGE=default
# Set the default layout (options: card, clean, compact)
REDLIB_DEFAULT_LAYOUT=card
# Enable wide mode by default
REDLIB_DEFAULT_WIDE=off
# Set the default post sort method (options: hot, new, top, rising, controversial)
REDLIB_DEFAULT_POST_SORT=hot
# Set the default comment sort method (options: confidence, top, new, controversial, old)
REDLIB_DEFAULT_COMMENT_SORT=confidence
# Enable blurring Spoiler content by default
REDLIB_DEFAULT_BLUR_SPOILER=off
# Enable showing NSFW content by default
REDLIB_DEFAULT_SHOW_NSFW=off
# Enable blurring NSFW content by default
REDLIB_DEFAULT_BLUR_NSFW=off
# Enable HLS video format by default
REDLIB_DEFAULT_USE_HLS=off
# Hide HLS notification by default
REDLIB_DEFAULT_HIDE_HLS_NOTIFICATION=off
# Disable autoplay videos by default
REDLIB_DEFAULT_AUTOPLAY_VIDEOS=off
# Define a default list of subreddit subscriptions (format: sub1+sub2+sub3)
REDLIB_DEFAULT_SUBSCRIPTIONS=
# Define a default list of subreddit filters (format: sub1+sub2+sub3)
REDLIB_DEFAULT_FILTERS=
# Hide awards by default
REDLIB_DEFAULT_HIDE_AWARDS=off
# Hide sidebar and summary
REDLIB_DEFAULT_HIDE_SIDEBAR_AND_SUMMARY=off
# Disable the confirmation before visiting Reddit
REDLIB_DEFAULT_DISABLE_VISIT_REDDIT_CONFIRMATION=off
# Hide score by default
REDLIB_DEFAULT_HIDE_SCORE=off
# Enable fixed navbar by default
REDLIB_DEFAULT_FIXED_NAVBAR=on

启动`docker compose`

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14


> docker compose up

[+] Running 5/5
 ✔ redlib Pulled                                                                                                                                                                                                            3.4s 
   ✔ 46b060cc2620 Pull complete                                                                                                                                                                                             1.0s 
   ✔ 96a1df924928 Pull complete                                                                                                                                                                                             1.3s 
   ✔ 33c906f810ad Pull complete                                                                                                                                                                                             1.6s 
   ✔ 63451cf93f80 Pull complete                                                                                                                                                                                             1.6s 
[+] Running 2/2
 ✔ Network redlib_redlib  Created                                                                                                                                                                                           0.3s 
 ✔ Container redlib       Created                                                                                                                                                                                           0.2s 
Attaching to redlib
redlib  | Starting Redlib...
redlib  | Running Redlib v0.35.1 on [::]:8080!

验证redlib服务

上一步完成后，redlib已经在监听VPS的8080端口了。下面尝试使用IP访问

curl -I Your_VPS_IP:8080

出现以下回复则大功告成

1
2
3
4
5
6
7
8


HTTP/1.1 404 Not Found
referrer-policy: no-referrer
x-content-type-options: nosniff
x-frame-options: DENY
content-security-policy: default-src 'none'; font-src 'self'; script-src 'self' blob:; manifest-src 'self'; media-src 'self' data: blob: about:; style-src 'self' 'unsafe-inline'; base-uri 'none'; img-src 'self' data:; form-action 'self'; frame-ancestors 'none'; connect-src 'self'; worker-src blob:;
strict-transport-security: max-age=604800
content-length: 22
date: Tue, 17 Sep 2024 14:03:21 GMT

配置域名访问

上一步中，redlib服务已经部署成功，可以通过IP访问。但是IP地址很长，不是很好记。因此，我们可以通过为redlib配置域名的方式来解决这些问题。

本文使用子域名，因为其设置简单。假设你的域名是example.com，那么可以通过redlib.example.com访问redlib服务。此外，我本机的8080端口被其他服务占用，所以也会涉及redlib监听端口的修改。

新增子域名记录

找到你的DNS设置，新增一条指向主域名的CNAME记录。

Type	Name	Content
CNAME	redlib	example.com

配置nginx转发

在nginx的site-enabled文件夹下，新建一个配置: nano redlib，放入以下内容。我的8080端口已经被占用，所以这里将redlib放置在9999端口。

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11


server {
    listen 443 ssl ;
    liten [::]:443 ssl;
    ssl_certificate /path/to/your/cert.pem
    server_name redlib.example.com
    location / {
        proxy_pass localhost:9999;
        proxy_redirect off;
        proxy_set_header Host $host;
    }
}

接下来在site-enabled目录创建符号连接以启用redlib的转发

1
2


cd /etc/nginx/site-enabled
ln -s /etc/nginx/sites-available/redlib redlib

重启nginx使配置生效

1

service nginx restart

修改`compose.yaml`

找到刚才执行docker compose的终端，CTRL+C中断其运行。

1
2
3
4


Gracefully stopping... (press Ctrl+C again to force)
[+] Stopping 1/1
 ✔ Container redlib  Stopped                                 10.8s 
canceled

使用nano compose.yaml修改compose.yaml的ports为127.0.0.1:9999:8080：

8888端口在docker镜像构建时已经由开发者决定，我们无法改变。
127.0.0.1:9999告诉docker，将127.0.0.1的9999端口映射到容器的8888端口。
如果我们不添加127.0.0.1，则docker会把所有网卡的9999端口进行映射，即0.0.0.0:9999
我们的HTTPS请求被nginx接收，通过上一步中写好的配置转发到localhost:9999，转发后被在127.0.0.1:9999的docker捕捉到，进一步转发到容器的8888端口，从而由redlib处理。

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24


services:
  redlib:
    image: quay.io/redlib/redlib:latest
    restart: always
    container_name: "redlib"
    ports:
      - 127.0.0.1:9999:8080 # Specify `127.0.0.1:8080:8080` instead if using a reverse proxy
    user: nobody
    read_only: true
    security_opt:
      - no-new-privileges:true
      # - seccomp=seccomp-redlib.json
    cap_drop:
      - ALL
    env_file: .env
    networks:
      - redlib
    healthcheck:
      test: ["CMD", "wget", "--spider", "-q", "--tries=1", "http://localhost:8080/settings"]
      interval: 5m
      timeout: 3s

networks:
  redlib:

验证

curl -I redlib.example.com