♻: add pg role determination to mastodon
This commit is contained in:
VC
12
roles/mastodon/handlers/main.yml
Normal file
12
roles/mastodon/handlers/main.yml
Normal file
@@ -0,0 +1,12 @@
|
||||
---
|
||||
|
||||
- name: Restart mastodon
|
||||
ansible.builtin.systemd:
|
||||
name: "{{ item }}"
|
||||
daemon_reload: true
|
||||
state: restarted
|
||||
enabled: true
|
||||
loop:
|
||||
- "mastodon-sidekiq.service"
|
||||
- "mastodon-streaming@4000.service"
|
||||
- "mastodon-web.service"
|
||||
15
roles/mastodon/tasks/db.yml
Normal file
15
roles/mastodon/tasks/db.yml
Normal file
@@ -0,0 +1,15 @@
|
||||
---
|
||||
|
||||
- name: Create mastodon db role
|
||||
become_user: postgres
|
||||
become: true
|
||||
community.postgresql.postgresql_user:
|
||||
name: "{{ mastodon_pg_role }}"
|
||||
password: "{{ mastodon_pg_password }}"
|
||||
|
||||
- name: Create mastodon db
|
||||
become_user: postgres
|
||||
become: true
|
||||
community.postgresql.postgresql_db:
|
||||
name: "{{ mastodon_pg_database }}"
|
||||
owner: "{{ mastodon_pg_role }}"
|
||||
@@ -1,5 +1,8 @@
|
||||
---
|
||||
|
||||
- name: Init db
|
||||
ansible.builtin.include_tasks: db.yml
|
||||
|
||||
- name: Create mastodon user
|
||||
ansible.builtin.user:
|
||||
name: mastodon
|
||||
@@ -63,5 +66,15 @@
|
||||
- name: Install mastodon
|
||||
ansible.builtin.include_tasks: mastodon.yml
|
||||
|
||||
- name: Put env file
|
||||
ansible.builtin.template:
|
||||
src: "env.production.j2"
|
||||
dest: "{{ mastodon_home }}/live/.env.production"
|
||||
user: mastodon
|
||||
group: mastodon
|
||||
mode: "0o600"
|
||||
notify:
|
||||
- Restart mastodon
|
||||
|
||||
- name: Install tootctl cron
|
||||
ansible.builtin.include_tasks: cron.yml
|
||||
|
||||
48
roles/mastodon/templates/env.production.j2
Normal file
48
roles/mastodon/templates/env.production.j2
Normal file
@@ -0,0 +1,48 @@
|
||||
# Service dependencies
|
||||
REDIS_HOST=localhost
|
||||
REDIS_PORT=6379
|
||||
DB_HOST=/var/run/postgresql
|
||||
DB_USER={{ mastodon_pg_role }}
|
||||
DB_NAME={{ mastodon_pg_database }}
|
||||
DB_PASS={{ mastodon_pg_password }}
|
||||
DB_PORT=5432
|
||||
DB_POOL=5
|
||||
|
||||
# Federation
|
||||
LOCAL_DOMAIN={{ mastodon_access_url }}
|
||||
LOCAL_HTTPS=true
|
||||
|
||||
# Application secrets
|
||||
PAPERCLIP_SECRET={{ mastodon_paperclip_secret }}
|
||||
SECRET_KEY_BASE={{ mastodon_secret_key_base }}
|
||||
OTP_SECRET={{ mastodon_otp_secret }}
|
||||
VAPID_PRIVATE_KEY={{ mastodon_vapid_private_key }}
|
||||
VAPID_PUBLIC_KEY=BCSXQli-mN6ociCWZ900DcLEgxz0J533PjltXn25PgwAV7CVuySi_mrwr5ldd5rzEUHh3U7opcUxG8iSRV7Ohqo=
|
||||
|
||||
# E-mail configuration
|
||||
SMTP_SERVER=127.0.0.1
|
||||
SMTP_PORT=25
|
||||
SMTP_AUTH_METHOD=none
|
||||
SMTP_OPENSSL_VERIFY_MODE=none
|
||||
SMTP_FROM_ADDRESS=mastodon@nintendojo.fr
|
||||
SMTP_ENABLE_STARTTLS=auto
|
||||
|
||||
# S3 storage configuration
|
||||
S3_ENABLED=true
|
||||
S3_BUCKET=mastodon-ndfr
|
||||
AWS_ACCESS_KEY_ID={{ mastodon_aws_access_key_id }}
|
||||
AWS_SECRET_ACCESS_KEY={{ mastodon_aws_secret_access_key }}
|
||||
S3_ALIAS_HOST=medias.m.nintendojo.fr
|
||||
S3_REGION=garage
|
||||
S3_ENDPOINT=https://garage.mateu.be
|
||||
|
||||
# ES
|
||||
ES_ENABLED=true
|
||||
ES_HOST=es1.dmz.mateu.be
|
||||
ES_PORT=9200
|
||||
ES_PREFIX=ndfr
|
||||
|
||||
# Encryption
|
||||
ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY={{ mastodon_active_record_encryption_deterministic_key }}
|
||||
ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT={{ mastodon_active_record_encryption_key_derivation_salt }}
|
||||
ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY={{ mastodon_active_record_encryption_primary_key }}
|
||||
@@ -11,3 +11,4 @@ mastodon_yarn_key_path: "/usr/share/keyrings/yarnkey.gpg"
|
||||
mastodon_ruby_version: "3.3.5"
|
||||
|
||||
mastodon_home: "/srv/mastodon"
|
||||
mastodon_access_url: "{{ web_hostname | selectattr('type', 'defined') | selectattr('type', '==', 'mastodon') | map(attribute='host') | first }}"
|
||||
|
||||
Reference in New Issue
Block a user