ansible/roles/pleroma/tasks/main.yml
Salt aae27cd361 Make it easier to read Pleroma dirs
There's no private data there anyhow
2020-08-07 05:42:06 -05:00

181 lines
5.7 KiB
YAML

#!/usr/bin/ansible-playbook
# vim:ft=ansible:
---
- name: Install Pleroma
block:
- name: Set up system
block:
- name: Install packages
apt:
name:
- curl
- python3-psycopg2
- unzip
#- ncurses # Comes installed by default on buntu
- name: Create pleroma user
user:
name: pleroma
password: "!"
home: /opt/pleroma
shell: /usr/sbin/nologin
- name: Template out service
template:
src: "pleroma.service"
dest: "/etc/systemd/system/pleroma.service"
notify: restart pleroma
- name: Set up PostgreSQL
block:
- name: Create DB user
postgresql_user:
name: pleroma
password: "{{ pleroma.db.pass }}"
login_host: "{{ pleroma_db_hostname }}"
login_user: "{{ psql.ansible.user }}"
login_password: "{{ psql.ansible.pass }}"
- name: Create DB
postgresql_db:
name: pleroma
owner: pleroma
login_host: "{{ pleroma_db_hostname }}"
login_user: "{{ psql.ansible.user }}"
login_password: "{{ psql.ansible.pass }}"
- name: Create extensions
postgresql_ext:
db: pleroma
name: "{{ item }}"
login_host: "{{ pleroma_db_hostname }}"
login_user: "{{ psql.ansible.user }}"
login_password: "{{ psql.ansible.pass }}"
loop:
- citext
- pg_trgm
- uuid-ossp
when: pleroma_db_hostname is defined
- name: Set up Apache
block:
- name: Enable modules
command:
cmd: a2enmod "{{ item }}"
creates: "/etc/apache2/mods-enabled/{{ item }}.load"
loop:
- proxy
- proxy_http
notify: restart apache
- name: Template out vhost
template:
src: "apache2-vhost-ssl.conf"
dest: "/etc/apache2/sites-available/{{ pleroma_url }}.conf"
notify: restart apache
- name: Create webroot
file:
state: directory
path: "{{ pleroma_webroot }}"
- name: Enable site
command:
cmd: "a2ensite {{ pleroma_url }}.conf"
creates: "/etc/apache2/sites-enabled/{{ pleroma_url }}.conf"
notify: restart apache
- name: Generate certificate
include_role:
name: https
vars:
website_url: "{{ pleroma_url }}"
- name: Install Pleroma
block:
- name: Get latest release zip
get_url:
url: "https://git.pleroma.social/api/v4/projects/2/jobs/artifacts/stable/download?job={{ pleroma_arch }}"
dest: "/opt/pleroma/release.zip"
register: r
- name: Template out scripts
template:
src: "{{ item.src }}"
dest: "/opt/pleroma/{{ item.dest }}"
owner: pleroma
group: pleroma
mode: "{{ item.mode }}"
loop:
- { src: "recover.sh", dest: "recover.sh", mode: "0755" }
- name: Install Pleroma
block:
- name: Disable service
systemd:
name: pleroma
state: stopped
- name: Unzip release
unarchive:
src: "/opt/pleroma/release.zip"
remote_src: yes
dest: "/opt/pleroma"
- name: Remove old release
file:
path: "/opt/pleroma/{{ item }}"
state: absent
loop:
- bin
- lib
- releases
- installation
- erts-10.3.5.2 # Don't give me shit for hardcoding this version string in
- name: Move release out of folder
shell: mv -f /opt/pleroma/release/* /opt/pleroma/
- name: Clean up
file:
path: /opt/pleroma/release
state: absent
- name: Assign ownership
file:
path: /opt/pleroma
owner: pleroma
group: pleroma
recurse: yes
when: r is changed
- name: Create directory structure
file:
path: "{{ item }}"
state: directory
owner: pleroma
group: pleroma
mode: "0755"
loop:
- /etc/pleroma
- /opt/pleroma
- /var/lib/pleroma
- /var/lib/pleroma/uploads
- /var/lib/pleroma/static
- name: Template out configs
template:
src: config.exs
dest: /etc/pleroma/config.exs
owner: pleroma
group: pleroma
mode: "0640"
notify: restart pleroma
- name: Clone static directory
git:
repo: "{{ pleroma.static_repo }}"
dest: "/var/lib/pleroma/static"
force: yes
when: pleroma.static_repo is defined
become: yes
become_user: pleroma
- name: Migrate DB
command: /opt/pleroma/bin/pleroma_ctl migrate
args:
chdir: /opt/pleroma
become: yes
become_user: pleroma
changed_when: false
- name: Start and enable service
systemd:
daemon_reload: yes
name: pleroma.service
state: started
enabled: yes
- name: Template out backup module
template:
src: "backup.sh"
dest: "/opt/backups/modules/{{ pleroma_url }}.sh"
mode: "0600"
become: yes