diff --git a/defaults/main.yml b/defaults/main.yml new file mode 100644 index 0000000..d5778d8 --- /dev/null +++ b/defaults/main.yml @@ -0,0 +1,4 @@ +# vim:ft=ansible: +pleroma_home: /opt/pleroma +pleroma_enabled: yes +pleroma_name: default diff --git a/handlers/main.yml b/handlers/main.yml new file mode 100644 index 0000000..201acdd --- /dev/null +++ b/handlers/main.yml @@ -0,0 +1,8 @@ +# vim:ft=ansible: +--- +- name: "restart pleroma {{ pleroma_name }}" + systemd: + name: "pleroma@{{ pleroma_name }}" + state: restarted + become: yes + when: pleroma_enabled diff --git a/tasks/main.yml b/tasks/main.yml new file mode 100644 index 0000000..4b8e055 --- /dev/null +++ b/tasks/main.yml @@ -0,0 +1,14 @@ +#!/usr/bin/env ansible-playbook +# vim:ft=ansible: +--- +- name: set up system + block: + - name: install packages + apt: name=curl,python3-psycopg2,unzip,libmagic-dev,ncurses-bin + - name: assure pleroma uesr + user: name=pleroma system=yes home={{ pleroma_home }} + - name: assure operational directory + file: path={{ pleroma_home }} state=directory owner=pleroma group=pleroma mode="3775" + - name: assure systemd unit + template: src=pleroma.service dest=/etc/systemd/system/pleroma@.service + notify: "restart pleroma {{ pleroma_name }}" diff --git a/templates/pleroma.service b/templates/pleroma.service new file mode 100644 index 0000000..ff76b87 --- /dev/null +++ b/templates/pleroma.service @@ -0,0 +1,26 @@ +# vim:ft=systemd +[Unit] +Description=Pleroma social network %i +After=network.target + +[Service] +User=pleroma +Environment="HOME={{ pleroma_home }}/%i}" +WorkingDirectory={{ pleroma_home }}/%i + +KillMode=process +Restart=on-failure + +ExecStart={{ pleroma_home }}/%i/bin/pleroma start +ExecStop={{ pleroma_home }}/%i/bin/pleroma stop + +PrivateTmp=true +ProtectHome=true +ProtectSystem=full +PrivateDevice=false +NoNewPrivileges=true +CapabilityBoundingSet=~CAP_SYS_ADMIN + +[Install] +WantedBy=multi-user.target +