Compare commits
2 Commits
8b7f8e4beb
...
628f5611e4
Author | SHA1 | Date | |
---|---|---|---|
628f5611e4 | |||
7f1fcdfea2 |
24
defaults/main.yml
Normal file
24
defaults/main.yml
Normal file
@ -0,0 +1,24 @@
|
|||||||
|
# vim:ft=ansible:
|
||||||
|
pleroma_home: /opt/pleroma
|
||||||
|
pleroma_arch: amd64
|
||||||
|
pleroma_install: yes
|
||||||
|
pleroma_enabled: yes
|
||||||
|
pleroma_download_url: "https://git.pleroma.social/api/v4/projects/2/jobs/artifacts/stable/download?job={{ pleroma_arch }}"
|
||||||
|
|
||||||
|
# Site configuration
|
||||||
|
pleroma_hostname: ""
|
||||||
|
pleroma_char_limit: 65536
|
||||||
|
pleroma_open_registration: "false"
|
||||||
|
pleroma_instance_name: "My Pleroma Instance"
|
||||||
|
pleroma_instance_desc: "My Pleroma instance, deployed via Ansible with no defaults changed"
|
||||||
|
|
||||||
|
# Secret configuration
|
||||||
|
pleroma_secret_key_base: ""
|
||||||
|
pleroma_secret_signing_salt: ""
|
||||||
|
|
||||||
|
# DB configuration
|
||||||
|
pleroma_db_name: ""
|
||||||
|
pleroma_db_host: ""
|
||||||
|
pleroma_db_user: ""
|
||||||
|
pleroma_db_pass: ""
|
||||||
|
pleroma_db_pool_size: 10
|
8
handlers/main.yml
Normal file
8
handlers/main.yml
Normal file
@ -0,0 +1,8 @@
|
|||||||
|
# vim:ft=ansible:
|
||||||
|
---
|
||||||
|
- name: restart pleroma
|
||||||
|
systemd:
|
||||||
|
name: pleroma.service
|
||||||
|
state: restarted
|
||||||
|
become: yes
|
||||||
|
when: pleroma_enabled
|
75
tasks/main.yml
Normal file
75
tasks/main.yml
Normal file
@ -0,0 +1,75 @@
|
|||||||
|
#!/usr/bin/env ansible-playbook
|
||||||
|
# vim:ft=ansible:
|
||||||
|
---
|
||||||
|
- name: set up system
|
||||||
|
block:
|
||||||
|
- name: install packages
|
||||||
|
apt: name=curl,python3-psycopg2,unzip,libmagic-dev,ncurses-bin
|
||||||
|
- name: assure pleroma uesr
|
||||||
|
user: name=pleroma system=yes home={{ pleroma_home }}
|
||||||
|
- name: assure operational directory
|
||||||
|
file: path={{ pleroma_home }} state=directory owner=pleroma group=pleroma mode="3775"
|
||||||
|
- name: assure systemd unit
|
||||||
|
template: src=pleroma.service dest=/etc/systemd/system/pleroma@.service
|
||||||
|
notify: restart pleroma
|
||||||
|
- name: set up pleroma
|
||||||
|
block:
|
||||||
|
- name: assure db extensions
|
||||||
|
postgresql_ext:
|
||||||
|
db: "{{ pleroma_db_name }}"
|
||||||
|
name: "{{ item }}"
|
||||||
|
login_host: "{{ pleroma_db_host }}"
|
||||||
|
login_user: "{{ pleroma_db_user }}"
|
||||||
|
login_pass: "{{ pleroma_db_pass }}"
|
||||||
|
loop:
|
||||||
|
- citext
|
||||||
|
- pg_trgm
|
||||||
|
- uuid-ossp
|
||||||
|
notify: restart pleroma
|
||||||
|
- name: get latest release
|
||||||
|
get_url: url={{ pleroma_download_url }} dest={{ pleroma_home }}/release.zip
|
||||||
|
register: dl
|
||||||
|
- name: install pleroma
|
||||||
|
block:
|
||||||
|
- name: stop pleroma
|
||||||
|
systemd: name=pleroma@{{ pleroma_name }} state=stopped
|
||||||
|
- name: unzip release
|
||||||
|
unarchive: src={{ pleroma_home }}/release.zip dest={{ pleroma_home }} remote_src=yes
|
||||||
|
- name: remove old release
|
||||||
|
file: path={{ pleroma_home }}/{{ item }} state=absent
|
||||||
|
loop:
|
||||||
|
- bin
|
||||||
|
- lib
|
||||||
|
- releases
|
||||||
|
- installation
|
||||||
|
- name: move new release in
|
||||||
|
shell: rsync -a {{ pleroma_home }}/release/* {{ pleroma_home }}/
|
||||||
|
- name: clean up
|
||||||
|
file: path={{ pleroma_home }}/release state=absent
|
||||||
|
- name: clean up ownership
|
||||||
|
file: path={{ pleroma_home }} owner=pleroma group=pleroma recurse=yes
|
||||||
|
when: dl is changed and pleroma_install
|
||||||
|
- name: assure directory structure
|
||||||
|
file: path={{ item }} state=directory owner=pleroma group=pleroma mode="0755"
|
||||||
|
loop:
|
||||||
|
- /etc/pleroma
|
||||||
|
- /opt/pleroma
|
||||||
|
- /var/lib/pleroma
|
||||||
|
- /var/lib/pleroma/static
|
||||||
|
- /var/lib/pleroma/uploads
|
||||||
|
- name: template out stub config
|
||||||
|
template: src=config.exs dest=/etc/pleroma/config.exs owner=pleroma group=pleroma mode="0640"
|
||||||
|
notify: restart pleroma
|
||||||
|
- name: migrate db
|
||||||
|
command: {{ pleroma_home }}/bin/pleroma_ctl migrate
|
||||||
|
args:
|
||||||
|
chdir: "{{ pleroma_home }}"
|
||||||
|
become: yes
|
||||||
|
become_user: pleroma
|
||||||
|
changed_when: false
|
||||||
|
- name: enable service
|
||||||
|
systemd: name=pleroma state=started enabled=yes
|
||||||
|
when: pleroma_enabled
|
||||||
|
- name: disable service
|
||||||
|
systemd: name=pleroma state=stopped enabled=no
|
||||||
|
when: not pleroma_enabled
|
47
templates/config.exs
Normal file
47
templates/config.exs
Normal file
@ -0,0 +1,47 @@
|
|||||||
|
# WARNING: THIS FILE CONTAINS SENSITIVE INFORMATION
|
||||||
|
import Config
|
||||||
|
|
||||||
|
# Basic configuration
|
||||||
|
config :pleroma, Pleroma.Web.Endpoint,
|
||||||
|
url: [host: "{{ pleroma_hostname }}", scheme: "https", port: 443],
|
||||||
|
http: [ip: {127, 0, 0, 1}, port: 4000],
|
||||||
|
secret_key_base: "{{ pleroma_secret_key_base }}",
|
||||||
|
signing_salt: "{{ pleroma_secret_signing_salt }}"
|
||||||
|
config :pleroma, :instance,
|
||||||
|
name: "{{ pleroma_instance_name }}",
|
||||||
|
desc: "{{ pleroma_instance_desc }}",
|
||||||
|
limit: "{{ pleroma_char_limit }}",
|
||||||
|
registrations_open: {{ pleroma_open_registration }},
|
||||||
|
static_dir: "/var/lib/pleroma/static"
|
||||||
|
config :pleroma, Pleroma.Upload,
|
||||||
|
uploader: Pleroma.Uploaders.Local,
|
||||||
|
filters: [Pleroma.Upload.Filter.Dedupe]
|
||||||
|
config :pleroma, Pleroma.Uploaders.Local,
|
||||||
|
uploads: "/var/lib/pleroma/uploads"
|
||||||
|
config :pleroma, :media_proxy,
|
||||||
|
enabled: false,
|
||||||
|
redirect_on_failure: true
|
||||||
|
|
||||||
|
# Use in-db configs where possible
|
||||||
|
config :pleroma, configurable_from_database: true
|
||||||
|
|
||||||
|
# DB configuration
|
||||||
|
config :pleroma, Pleroma.Repo,
|
||||||
|
adapter: Ecto.Adapters.Postgres,
|
||||||
|
database: "{{ pleroma_db_name }}",
|
||||||
|
hostname: "{{ pleroma_db_host }}",
|
||||||
|
username: "{{ pleroma_db_user }}",
|
||||||
|
password: "{{ pleroma_db_pass }}",
|
||||||
|
pool_size: {{ pleroma_db_pool_size }}
|
||||||
|
config :pleroma, :database, rum_enabled: false
|
||||||
|
|
||||||
|
# Mail
|
||||||
|
config :pleroma, Pleroma.Emails.Mailer,
|
||||||
|
enabled: false,
|
||||||
|
|
||||||
|
# Theming
|
||||||
|
config :pleroma, :frontend_configurations,
|
||||||
|
pleroma_fe: %{
|
||||||
|
background: "/images/background.jpg",
|
||||||
|
theme: "simply-dark"
|
||||||
|
}
|
26
templates/pleroma.service
Normal file
26
templates/pleroma.service
Normal file
@ -0,0 +1,26 @@
|
|||||||
|
# vim:ft=systemd
|
||||||
|
[Unit]
|
||||||
|
Description=Pleroma social network %i
|
||||||
|
After=network.target
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
User=pleroma
|
||||||
|
Environment="HOME={{ pleroma_home }}/%i}"
|
||||||
|
WorkingDirectory={{ pleroma_home }}/%i
|
||||||
|
|
||||||
|
KillMode=process
|
||||||
|
Restart=on-failure
|
||||||
|
|
||||||
|
ExecStart={{ pleroma_home }}/%i/bin/pleroma start
|
||||||
|
ExecStop={{ pleroma_home }}/%i/bin/pleroma stop
|
||||||
|
|
||||||
|
PrivateTmp=true
|
||||||
|
ProtectHome=true
|
||||||
|
ProtectSystem=full
|
||||||
|
PrivateDevice=false
|
||||||
|
NoNewPrivileges=true
|
||||||
|
CapabilityBoundingSet=~CAP_SYS_ADMIN
|
||||||
|
|
||||||
|
[Install]
|
||||||
|
WantedBy=multi-user.target
|
||||||
|
|
Loading…
Reference in New Issue
Block a user