From f206e87f2ade972dabb3afa17b8d64e77896719e Mon Sep 17 00:00:00 2001 From: Salt Date: Thu, 30 Jul 2020 08:28:46 -0500 Subject: [PATCH] Reorganize pleroma deployment, add recovery script --- roles/pleroma/tasks/main.yml | 23 +++++++++--- roles/pleroma/templates/recover.sh | 59 ++++++++++++++++++++++++++++++ 2 files changed, 77 insertions(+), 5 deletions(-) create mode 100644 roles/pleroma/templates/recover.sh diff --git a/roles/pleroma/tasks/main.yml b/roles/pleroma/tasks/main.yml index 9e22581..61bb977 100644 --- a/roles/pleroma/tasks/main.yml +++ b/roles/pleroma/tasks/main.yml @@ -17,6 +17,11 @@ password: "!" home: /opt/pleroma shell: /usr/sbin/nologin + - name: Template out service + template: + src: "pleroma.service" + dest: "/etc/systemd/system/pleroma.service" + notify: restart pleroma - name: Set up PostgreSQL block: - name: Create DB user @@ -68,11 +73,24 @@ website_url: "{{ pleroma_url }}" - name: Install Pleroma block: + - name: Disable service + systemd: + name: pleroma + state: stopped - name: Get latest release zip get_url: url: "https://git.pleroma.social/api/v4/projects/2/jobs/artifacts/stable/download?job={{ pleroma_arch }}" dest: "/opt/pleroma/release.zip" register: r + - name: Template out scripts + template: + src: "{{ item.src }}" + dest: "/opt/pleroma/{{ item.dest }}" + owner: pleroma + group: pleroma + mode: "{{ item.mode }}" + loop: + - { src: "recover.sh", dest: "recover.sh", mode: "0755" } - name: Install Pleroma block: - name: Unzip release @@ -137,11 +155,6 @@ args: chdir: /opt/pleroma changed_when: false - - name: Template out service - template: - src: "pleroma.service" - dest: "/etc/systemd/system/pleroma.service" - notify: restart pleroma - name: Start and enable service systemd: daemon_reload: yes diff --git a/roles/pleroma/templates/recover.sh b/roles/pleroma/templates/recover.sh new file mode 100644 index 0000000..3e51cab --- /dev/null +++ b/roles/pleroma/templates/recover.sh @@ -0,0 +1,59 @@ +#! /bin/sh +# +# recover.sh +# Recover a Pleroma server from our S3 bucket +# Copyright (C) 2020 Vintage Salt +# +# Distributed under terms of the MIT license. +# + +set -e + +# Get to our Pleroma dir +export PLEROMA_DIR="/opt/pleroma" +cd "$PLEROMA_DIR" || exit 50 + +# Make sure we have a backup +if ! aws s3 ls "s3://{{ aws_backup_bucket }}/{{ pleroma_url }}/" > /dev/null 2>&1; then + echo "No backups available" + exit 0 +fi +# If we have existing Pleroma uploads, remove them +if [ -d /var/lib/pleroma/uploads ]; then + echo "Backing up current uploads" + tar czf "recover-uploads-$(date -Iseconds).tar.gz" /var/lib/pleroma/uploads --remove-files --force-local +fi +# If it STILL exists, then we have a problem +if [ -d /var/lib/pleroma/uploads ]; then + echo "Uploads still found after tarring; bailing" + exit 51 +fi + +# Get our latest good uploads backup +backup_up="$(aws s3 ls "s3://{{ aws_backup_bucket }}/{{ pleroma_url }}/" | grep uploads | tail -n 1 | awk '{print $4}')" +# And our latest good DB backup +backup_db="$(aws s3 ls "s3://{{ aws_backup_bucket }}/{{ pleroma_url }}/" | grep pgdump | tail -n 1 | awk '{print $4}')" +echo "Restoring backup: $backup_up $backup_db" +# Get our backups +aws s3 cp "s3://{{ aws_backup_bucket }}/{{ pleroma_url }}/$backup_up" uploads.tgz +aws s3 cp "s3://{{ aws_backup_bucket }}/{{ pleroma_url }}/$backup_db" db.pgdump.gz +# Decompress +tar xzf uploads.tgz +gunzip db.pgdump.gz +# Find uploads +uploaddir="$(find ./var -type d -name "uploads" | head -n 1)" +# Ensure we're stopped +systemctl stop pleroma +# Move it into place +mv "$uploaddir" /var/lib/pleroma/ +# Assure ownership +chown pleroma. /var/lib/pleroma/uploads +# Remove the var dir, if it exists +if [ -d "var" ]; then + rm -rf "$PLEROMA_DIR/var" +fi +# Drop and recreate our database +sudo -Hu postgres psql -c 'DROP DATABASE ;' +sudo -Hu postgres psql -c 'CREATE DATABASE ;' +sudo -Hu postgres pg_restore -d pleroma -v -1 db.pgdump +sudo -Hu postgres vacuumdb --all --analyze-in-stages