.gitmodules

@@ -4,6 +4,3 @@
 [submodule "roles/terraria"]
 	path = roles/terraria
 	url = https://git.desu.ltd/salt/ansible-role-terraria
-[submodule "roles/pleroma"]
-	path = roles/pleroma
-	url = https://git.desu.ltd/salt/ansible-role-pleroma

README.md

@@ -6,8 +6,12 @@ Useful for management across all of 9iron, thefuck, and desu.
 
 This branch is kinda-sorta a port of master, so it still needs to reach some form of feature parity with it. Namely:
 
+* Pleroma (Well shit, now that @p's acknowledged me and @sjw's following me, I can't really put it down, can I?)
+
 * Matrix(? Do I still want to keep this around? Is there a better alternative? Will my friends even use it?)
 
+* Port over fedi1 (Requires resolution of the above two issues)
+
 * Port over configs for Nextcloud on web1.9iron.club
 
 ## Initialization

inventory/group_vars/all.yml

@@ -2,7 +2,7 @@
 
 # For homebrew roles and such, mostly Ansible-related setup
 ansible_pull_repo: "https://git.desu.ltd/salt/ansible"
-ansible_pull_commit: master
+ansible_pull_commit: rewrite
 common_ansible_pubkey: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABgQDfXVgMHeD2wtCAIVoDYQ+R19vKfhmR2FgUTkHhAzE2156fB/+IMB+6Qc4X3aFRIcUp+Ls8Vm8JQ3d0jvbcGQkgbAjRExQa71XGBmhxJCxzlCLBoQzBmTSnryL09LExoMynzVgrso8TQP92vZBGJFI/lLGAaop2l9pu+3cgM3sRaK+A11lcRCrS25C3hqPQhKC44zjzOt7sIoaG6RqG3CQ8jhE35bthQdBySOZVDgDKfjDyPuDzVxiKjsuNm4Ojzm0QW5gq6GkLOg2B8OSQ1TGQgBHQu4b8zsKBOUOdbZb0JLM8NdpH1cMntC0QBofy3DzqR/CFaSaBzUx+dnkBH0/pjBOrhHzzqZGOJayfC1igYki67HqzFV5IjhAVa+c4S9L/zbFk0+YZYdgMoKNlMU2LgzrSEastuXHD7NUy3fMP4BZbqg37SjQzFRXoUp5+ctVs9tCoy/qvvjT3UVGcn312eJrRRfWrYagU2nWKGyqbTOpsuOJ5OLlhopy6eP9+yRM= ansible"
 
 # For backups
@@ -130,23 +130,6 @@ secret_pleroma_9iron_db_pass: !vault |
           37636162313364623933396232366239633338363539626637373163333130373665373038363566
           65646633636638653335356536323334646632366164633532636634376632356166306139393766
           38633934623639366263
-secret_pleroma_key_base: !vault |
-          $ANSIBLE_VAULT;1.1;AES256
-          36333934336635613533333137636532363937613764353933636566663031316262333837323064
-          6534653062626461633462636335346132353564653038330a326330326235623530393337333063
-          37666666386637633839633737376465366439356461653363396665636137353264363762346461
-          3765616634653234630a623061393834373964653939626564363263383435666366356339663136
-          64613330656434653538363734393831353133316666326338366335383064356165333537383837
-          31633939353565303661626233623064653838636435376239376361663362636164653962383561
-          33366335623038653232613731333730363836653532363834663663343963303763323534343038
-          61666238346239636634
-secret_pleroma_signing_salt: !vault |
-          $ANSIBLE_VAULT;1.1;AES256
-          31306137646362333433313630363538333234643339353530333038393061663132633161356231
-          3662386234633933633762363334333031306564353132380a633339323364633137396636616363
-          64393536353362386336323662316262333763326138616364333237353262323232636335353436
-          3563396435643363620a646337346561393863366361643536356363626334343264343861663131
-          3466
 
 # For Matrix/Synapse
 secret_matrix_9iron_db_pass: !vault |

inventory/hosts.yml

@@ -25,9 +25,6 @@ all:
           hosts:
             web1.9iron.club:
             web1.desu.ltd:
-        app:
-          hosts:
-            fedi1.9iron.club:
         game:
           hosts:
             game1.thefuck.how:

playbooks/vars/9iron-pleroma-apache.yml

@@ -1,20 +0,0 @@
-# vim:ft=ansible:
-apache_global_vhost_settings: |
-  DirectoryIndex index.php index.html
-  Protocols h2 http/1.1
-apache_vhosts:
-  - servername: cowfee.moe
-    extra_parameters: |
-      Redirect permanent / https://cowfee.moe/
-apache_vhosts_ssl:
-  - servername: cowfee.moe
-    extra_parameters: |
-      ProxyPreserveHost On
-      ProxyRequests Off
-      ProxyPass / http://127.0.0.1:4000/ nocanon retry=1
-      ProxyPassReverse / https://127.0.0.1:4000/
-      RequestHeader set X_FORWARDED_PROTO 'https'
-      RequestHeader set X-Forwarded-Ssl on
-    certificate_file: /etc/letsencrypt/live/cowfee.moe/fullchain.pem
-    certificate_key_file: /etc/letsencrypt/live/cowfee.moe/privkey.pem
-    certificate_chain_file: /etc/letsencrypt/live/cowfee.moe/chain.pem

playbooks/vars/9iron-pleroma-certbot.yml

@@ -1,10 +0,0 @@
-# vim:ft=ansible:
-certbot_admin_email: rehashedsalt@cock.li
-certbot_create_if_missing: yes
-certbot_create_method: standalone
-certbot_create_standalone_stop_services:
-  - apache2
-certbot_certs:
-  - domains:
-    - cowfee.moe
-    - matrix.9iron.club

playbooks/vars/9iron-pleroma.yml

@@ -1,16 +0,0 @@
-# vim:ft=ansible:
-# Site config
-pleroma_hostname: cowfee.moe
-pleroma_open_registration: "true"
-pleroma_instance_name: Cowfee
-pleroma_instance_desc: owo
-
-# Secret config
-pleroma_secret_key_base: "{{ secret_pleroma_key_base }}"
-pleroma_secret_signing_salt: "{{ secret_pleroma_signing_salt }}"
-
-# DB config
-pleroma_db_host: 172.31.47.215
-pleroma_db_name: pleroma
-pleroma_db_user: pleroma
-pleroma_db_pass: "{{ secret_pleroma_9iron_db_pass }}"

playbooks/web.yml

@@ -113,33 +113,7 @@
       tags: [ web, apache ]
     - role: gitea
       tags: [ web, gitea ]
-- hosts: fedi1.9iron.club
-  vars_files:
-    - vars/apache.yml
-    - vars/9iron-pleroma.yml
-    - vars/9iron-pleroma-apache.yml
-    - vars/9iron-pleroma-certbot.yml
-  roles:
-    - role: backup
-      vars:
-        backup_s3backup_list_extra:
-          - /opt/pleroma
-          - /var/lib/pleroma
-      tags: [ backup ]
-    - role: motd
-      vars:
-        motd_watch_services_extra:
-          - apache2
-          - pleroma
-      tags: [ motd ]
-    - role: certbot
-      tags: [ web, certbot ]
-    - role: apache
-      tags: [ web, apache ]
 - hosts: game1.thefuck.how
-  vars_files:
-    - vars/apache.yml
-    - vars/php-fpm.yml
   roles:
     - role: certbot
       vars:
@@ -154,9 +128,39 @@
               - game1.thefuck.how
       tags: [ web, certbot ]
     - role: php
+      vars:
+        php_enable_php_fpm: yes
+        php_memory_limit: 512M
+        php_packages_extra:
+          - libapache2-mod-php
+          - php-intl
+          - php-imagick
+          - php-redis
+          - php-bcmath
+          - php-gmp
       tags: [ web, php ]
     - role: apache
       vars:
+        apache_remove_default_vhost: yes
+        apache_packages_state: latest
+        apache_mods_enabled:
+          - headers.load
+          - http2.load
+          - mpm_worker.load
+          - proxy.load
+          - proxy_fcgi.load
+          - proxy_http.load
+          - rewrite.load
+          - ssl.load
+        apache_mods_disabled:
+          - mpm_prefork.load
+          - php7.4.load
+        apache_global_vhost_settings: |
+          DirectoryIndex index.php index.html
+          Protocols h2 http/1.1
+          <FilesMatch \.php$>
+            SetHandler "proxy:fcgi://127.0.0.1:9000"
+          </FilesMatch>
         apache_vhosts:
           - servername: thefuck.how
             extra_parameters: |

roles/pleroma

@@ -1 +0,0 @@
-Subproject commit 628f5611e47befa5903c37331beb06089253014a