Compare commits

...

2 Commits

Author SHA1 Message Date
628f5611e4 Alright, this shoooould be functional 2021-01-25 21:46:22 -06:00
7f1fcdfea2 Stashing my work 2021-01-25 21:15:47 -06:00
5 changed files with 180 additions and 0 deletions

24
defaults/main.yml Normal file
View File

@ -0,0 +1,24 @@
# vim:ft=ansible:
pleroma_home: /opt/pleroma
pleroma_arch: amd64
pleroma_install: yes
pleroma_enabled: yes
pleroma_download_url: "https://git.pleroma.social/api/v4/projects/2/jobs/artifacts/stable/download?job={{ pleroma_arch }}"
# Site configuration
pleroma_hostname: ""
pleroma_char_limit: 65536
pleroma_open_registration: "false"
pleroma_instance_name: "My Pleroma Instance"
pleroma_instance_desc: "My Pleroma instance, deployed via Ansible with no defaults changed"
# Secret configuration
pleroma_secret_key_base: ""
pleroma_secret_signing_salt: ""
# DB configuration
pleroma_db_name: ""
pleroma_db_host: ""
pleroma_db_user: ""
pleroma_db_pass: ""
pleroma_db_pool_size: 10

8
handlers/main.yml Normal file
View File

@ -0,0 +1,8 @@
# vim:ft=ansible:
---
- name: restart pleroma
systemd:
name: pleroma.service
state: restarted
become: yes
when: pleroma_enabled

75
tasks/main.yml Normal file
View File

@ -0,0 +1,75 @@
#!/usr/bin/env ansible-playbook
# vim:ft=ansible:
---
- name: set up system
block:
- name: install packages
apt: name=curl,python3-psycopg2,unzip,libmagic-dev,ncurses-bin
- name: assure pleroma uesr
user: name=pleroma system=yes home={{ pleroma_home }}
- name: assure operational directory
file: path={{ pleroma_home }} state=directory owner=pleroma group=pleroma mode="3775"
- name: assure systemd unit
template: src=pleroma.service dest=/etc/systemd/system/pleroma@.service
notify: restart pleroma
- name: set up pleroma
block:
- name: assure db extensions
postgresql_ext:
db: "{{ pleroma_db_name }}"
name: "{{ item }}"
login_host: "{{ pleroma_db_host }}"
login_user: "{{ pleroma_db_user }}"
login_pass: "{{ pleroma_db_pass }}"
loop:
- citext
- pg_trgm
- uuid-ossp
notify: restart pleroma
- name: get latest release
get_url: url={{ pleroma_download_url }} dest={{ pleroma_home }}/release.zip
register: dl
- name: install pleroma
block:
- name: stop pleroma
systemd: name=pleroma@{{ pleroma_name }} state=stopped
- name: unzip release
unarchive: src={{ pleroma_home }}/release.zip dest={{ pleroma_home }} remote_src=yes
- name: remove old release
file: path={{ pleroma_home }}/{{ item }} state=absent
loop:
- bin
- lib
- releases
- installation
- name: move new release in
shell: rsync -a {{ pleroma_home }}/release/* {{ pleroma_home }}/
- name: clean up
file: path={{ pleroma_home }}/release state=absent
- name: clean up ownership
file: path={{ pleroma_home }} owner=pleroma group=pleroma recurse=yes
when: dl is changed and pleroma_install
- name: assure directory structure
file: path={{ item }} state=directory owner=pleroma group=pleroma mode="0755"
loop:
- /etc/pleroma
- /opt/pleroma
- /var/lib/pleroma
- /var/lib/pleroma/static
- /var/lib/pleroma/uploads
- name: template out stub config
template: src=config.exs dest=/etc/pleroma/config.exs owner=pleroma group=pleroma mode="0640"
notify: restart pleroma
- name: migrate db
command: {{ pleroma_home }}/bin/pleroma_ctl migrate
args:
chdir: "{{ pleroma_home }}"
become: yes
become_user: pleroma
changed_when: false
- name: enable service
systemd: name=pleroma state=started enabled=yes
when: pleroma_enabled
- name: disable service
systemd: name=pleroma state=stopped enabled=no
when: not pleroma_enabled

47
templates/config.exs Normal file
View File

@ -0,0 +1,47 @@
# WARNING: THIS FILE CONTAINS SENSITIVE INFORMATION
import Config
# Basic configuration
config :pleroma, Pleroma.Web.Endpoint,
url: [host: "{{ pleroma_hostname }}", scheme: "https", port: 443],
http: [ip: {127, 0, 0, 1}, port: 4000],
secret_key_base: "{{ pleroma_secret_key_base }}",
signing_salt: "{{ pleroma_secret_signing_salt }}"
config :pleroma, :instance,
name: "{{ pleroma_instance_name }}",
desc: "{{ pleroma_instance_desc }}",
limit: "{{ pleroma_char_limit }}",
registrations_open: {{ pleroma_open_registration }},
static_dir: "/var/lib/pleroma/static"
config :pleroma, Pleroma.Upload,
uploader: Pleroma.Uploaders.Local,
filters: [Pleroma.Upload.Filter.Dedupe]
config :pleroma, Pleroma.Uploaders.Local,
uploads: "/var/lib/pleroma/uploads"
config :pleroma, :media_proxy,
enabled: false,
redirect_on_failure: true
# Use in-db configs where possible
config :pleroma, configurable_from_database: true
# DB configuration
config :pleroma, Pleroma.Repo,
adapter: Ecto.Adapters.Postgres,
database: "{{ pleroma_db_name }}",
hostname: "{{ pleroma_db_host }}",
username: "{{ pleroma_db_user }}",
password: "{{ pleroma_db_pass }}",
pool_size: {{ pleroma_db_pool_size }}
config :pleroma, :database, rum_enabled: false
# Mail
config :pleroma, Pleroma.Emails.Mailer,
enabled: false,
# Theming
config :pleroma, :frontend_configurations,
pleroma_fe: %{
background: "/images/background.jpg",
theme: "simply-dark"
}

26
templates/pleroma.service Normal file
View File

@ -0,0 +1,26 @@
# vim:ft=systemd
[Unit]
Description=Pleroma social network %i
After=network.target
[Service]
User=pleroma
Environment="HOME={{ pleroma_home }}/%i}"
WorkingDirectory={{ pleroma_home }}/%i
KillMode=process
Restart=on-failure
ExecStart={{ pleroma_home }}/%i/bin/pleroma start
ExecStop={{ pleroma_home }}/%i/bin/pleroma stop
PrivateTmp=true
ProtectHome=true
ProtectSystem=full
PrivateDevice=false
NoNewPrivileges=true
CapabilityBoundingSet=~CAP_SYS_ADMIN
[Install]
WantedBy=multi-user.target