implemented pixelfed draft

playbook.yml

@@ -120,6 +120,14 @@
         domain: "mastodon.{{top_domain}}"
         http_port: 8009
         stream_port: 4001
+- name: setup pixelfed hosts
+  hosts: pixelfed_hosts
+  become: true
+  roles:
+   -  role: docker-pixelfed
+      vars:
+        domain: pixelfed.{{top_domain}}
+        http_port: 8010
 - name: setup akaunting hosts
   hosts: akaunting_hosts
   become: true

roles/docker-pixelfed/README.md

@@ -0,0 +1,5 @@
+# role docker-pixelfed
+
+## further information
+- https://hub.docker.com/r/zknt/pixelfed
+- https://blog.pixelfed.de/2020/05/29/pixelfed-in-docker/

roles/docker-pixelfed/handlers/main.yml

@@ -0,0 +1,8 @@
+---
+- name: recreate pixelfed
+  command:
+    cmd: docker-compose -p pixelfed up -d --force-recreate
+    chdir: /home/administrator/docker-compose/pixelfed/
+  environment:
+    COMPOSE_HTTP_TIMEOUT: 600
+    DOCKER_CLIENT_TIMEOUT: 600

roles/docker-pixelfed/meta/main.yml

@@ -0,0 +1,2 @@
+dependencies:
+- native-docker-reverse-proxy

roles/docker-pixelfed/tasks/main.yml

@@ -0,0 +1,22 @@
+---
+- name: recieve pixelfed certificates
+  command: certbot certonly --agree-tos --email {{administrator_email}} --non-interactive --webroot -w /var/lib/letsencrypt/ -d {{item}}
+  loop: "{{domains}}"
+
+- name: configure pixelfed nginx configurations
+  vars:
+    client_max_body_size: "2M"
+    domain: "{{item}}"
+  template: src=roles/native-docker-reverse-proxy/templates/domain.conf.j2 dest=/etc/nginx/conf.d/{{ item }}.conf
+  loop: "{{domains}}"
+  notify: restart nginx
+
+- name: "create /home/administrator/docker-compose/pixelfed/"
+  file:
+    path: "/home/administrator/docker-compose/pixelfed/"
+    state: directory
+    mode: 0755
+
+- name: add docker-compose.yml
+  template: src=docker-compose.yml.j2 dest=/home/administrator/docker-compose/pixelfed/docker-compose.yml
+  notify: recreate pixelfed

roles/docker-pixelfed/templates/docker-compose.yml.j2

@@ -0,0 +1,71 @@
+version: '2'
+
+services:
+  application:
+    image: zknt/pixelfed
+    restart: unless-stopped
+    logging:
+      driver: journald
+    env_file:
+      - ./env
+    volumes:
+      - "application_data:/var/www/storage"
+      - "./env:/var/www/.env"
+    ports:
+      - "{{http_port}}:80"
+    depends_on:
+      - database
+      - redis
+  worker:
+    image: zknt/pixelfed
+    restart: unless-stopped
+    logging:
+      driver: journald
+    env_file:
+      - ./env
+    volumes:
+      - "application_data:/var/www/storage"
+      - "./env:/var/www/.env"
+    entrypoint: /worker-entrypoint.sh
+    depends_on:
+      - database
+      - redis
+      - app
+    healthcheck:
+      test: php artisan horizon:status | grep running
+      interval: 60s
+      timeout: 5s
+      retries: 1
+  database:
+    logging:
+      driver: journald
+    image: mariadb
+    restart: always
+    environment:
+      MYSQL_DATABASE: "pixelfed"
+      MYSQL_USER: "pixelfed"
+      MYSQL_PASSWORD: "{{pixelfed_database_password}}"
+      MYSQL_RANDOM_ROOT_PASSWORD: 'yes'
+    volumes:
+      - database:/var/lib/mysql
+    healthcheck:
+      test: "/usr/bin/mysql --user=pixelfed --password={{pixelfed_database_password}} --execute \"SHOW DATABASES;\""
+      interval: 3s
+      timeout: 1s
+      retries: 5
+  redis:
+    image: redis:alpine
+    restart: always
+    logging:
+      driver: journald
+    volumes:
+      - redis:/data
+    healthcheck:
+      test: ["CMD", "redis-cli", "ping"]
+      interval: 1s
+      timeout: 3s
+      retries: 30
+volumes:
+  database:
+  redis_data:
+  application_data:

roles/docker-pixelfed/templates/env.j2

@@ -0,0 +1,150 @@
+## Crypto
+APP_KEY=
+
+## General Settings
+APP_NAME="Pixelfed Prod"
+APP_ENV=production
+APP_DEBUG=false
+APP_URL=https://real.domain
+APP_DOMAIN="real.domain"
+ADMIN_DOMAIN="real.domain"
+SESSION_DOMAIN="real.domain"
+
+OPEN_REGISTRATION=true
+ENFORCE_EMAIL_VERIFICATION=false
+PF_MAX_USERS=1000
+OAUTH_ENABLED=true
+
+APP_TIMEZONE=UTC
+APP_LOCALE=en
+
+## Pixelfed Tweaks
+LIMIT_ACCOUNT_SIZE=true
+MAX_ACCOUNT_SIZE=1000000
+MAX_PHOTO_SIZE=15000
+MAX_AVATAR_SIZE=2000
+MAX_CAPTION_LENGTH=500
+MAX_BIO_LENGTH=125
+MAX_NAME_LENGTH=30
+MAX_ALBUM_LENGTH=4
+IMAGE_QUALITY=80
+PF_OPTIMIZE_IMAGES=true
+PF_OPTIMIZE_VIDEOS=true
+ADMIN_ENV_EDITOR=false
+ACCOUNT_DELETION=true
+ACCOUNT_DELETE_AFTER=false
+MAX_LINKS_PER_POST=0
+
+## Instance
+#INSTANCE_DESCRIPTION=
+INSTANCE_PUBLIC_HASHTAGS=false
+#INSTANCE_CONTACT_EMAIL=
+INSTANCE_PUBLIC_LOCAL_TIMELINE=false
+#BANNED_USERNAMES=
+STORIES_ENABLED=false
+RESTRICTED_INSTANCE=false
+
+## Mail
+MAIL_DRIVER=log
+MAIL_HOST=smtp.mailtrap.io
+MAIL_PORT=2525
+MAIL_FROM_ADDRESS="pixelfed@example.com"
+MAIL_FROM_NAME="Pixelfed"
+MAIL_USERNAME=null
+MAIL_PASSWORD=null
+MAIL_ENCRYPTION=null
+
+## Databases (MySQL)
+DB_CONNECTION=mysql
+DB_DATABASE=pixelfed_prod
+DB_HOST=db
+DB_PASSWORD=pixelfed_db_pass
+DB_PORT=3306
+DB_USERNAME=pixelfed
+# pass the same values to the db itself
+MYSQL_DATABASE=pixelfed_prod
+MYSQL_PASSWORD=pixelfed_db_pass
+MYSQL_RANDOM_ROOT_PASSWORD=true
+MYSQL_USER=pixelfed
+
+## Databases (Postgres)
+#DB_CONNECTION=pgsql
+#DB_HOST=postgres
+#DB_PORT=5432
+#DB_DATABASE=pixelfed
+#DB_USERNAME=postgres
+#DB_PASSWORD=postgres
+
+## Cache (Redis)
+REDIS_CLIENT=phpredis
+REDIS_SCHEME=tcp
+REDIS_HOST=redis
+REDIS_PASSWORD=redis_password
+REDIS_PORT=6379
+REDIS_DATABASE=0
+
+HORIZON_PREFIX="horizon-"
+
+## EXPERIMENTS 
+EXP_LC=false
+EXP_REC=false
+EXP_LOOPS=false
+
+## ActivityPub Federation
+ACTIVITY_PUB=false
+AP_REMOTE_FOLLOW=false
+AP_SHAREDINBOX=false
+AP_INBOX=false
+AP_OUTBOX=false
+ATOM_FEEDS=true
+NODEINFO=true
+WEBFINGER=true
+
+## S3
+FILESYSTEM_DRIVER=local
+FILESYSTEM_CLOUD=s3
+PF_ENABLE_CLOUD=false
+#AWS_ACCESS_KEY_ID=
+#AWS_SECRET_ACCESS_KEY=
+#AWS_DEFAULT_REGION=
+#AWS_BUCKET=
+#AWS_URL=
+#AWS_ENDPOINT=
+#AWS_USE_PATH_STYLE_ENDPOINT=false
+
+## Horizon
+HORIZON_DARKMODE=false
+
+## COSTAR - Confirm Object Sentiment Transform and Reduce
+PF_COSTAR_ENABLED=false
+
+# Media
+MEDIA_EXIF_DATABASE=false
+
+## Logging
+LOG_CHANNEL=stderr
+
+## Image
+IMAGE_DRIVER=imagick
+
+## Broadcasting
+BROADCAST_DRIVER=log  # log driver for local development
+
+## Cache
+CACHE_DRIVER=redis
+
+## Purify
+RESTRICT_HTML_TYPES=true
+
+## Queue
+QUEUE_DRIVER=redis
+
+## Session
+SESSION_DRIVER=redis
+
+## Trusted Proxy
+TRUST_PROXIES="*"
+
+## Passport
+#PASSPORT_PRIVATE_KEY=
+#PASSPORT_PUBLIC_KEY=