Skip to content

Usage

Running Commands

The commands are the same as those for the upstream project. Such as

docker exec -it bluesky-pds pdsadmin account create
docker exec -it bluesky-pds pdsadmin create-invite-code

Creating an account non-interactively

pdsadmin account create also takes the email and handle as positional arguments (email first), so it can run in one command. It prints a generated password once. For example, creating a test-bot account on the bluesky-pds container:

docker exec bluesky-pds \
    pdsadmin account create admin+test-bot@modernleft.org test-bot.modernleft.network

Creating an app password

App passwords are created through the XRPC API rather than pdsadmin. Authenticate as the account to get an accessJwt, then call createAppPassword with a name. The password is returned once. Use an app password (never the main account password) for CI and third-party clients.

Authenticate as the account. This returns an accessJwt:

docker exec bluesky-pds curl --silent --request POST \
    http://localhost:3000/xrpc/com.atproto.server.createSession \
    --header 'Content-Type: application/json' \
    --data '{"identifier":"test-bot.modernleft.network","password":"<account-password>"}'

Create the app password, passing the accessJwt from the previous step:

docker exec bluesky-pds curl --silent --request POST \
    http://localhost:3000/xrpc/com.atproto.server.createAppPassword \
    --header 'Content-Type: application/json' \
    --header 'Authorization: Bearer <accessJwt>' \
    --data '{"name":"bluesky-post-action-ci"}'

goat CLI

The image bundles the atproto goat CLI at /usr/local/bin/goat for account admin and debugging. It is built from source and pinned to a tagged release.

docker exec -it bluesky-pds goat --help