Refactor BookWyrm role: switch to source-built Dockerfile, update README/meta for usability, add env improvements (ALLOWED_HOSTS, Redis vars, Celery broker), and pin version v0.7.5. See https://chatgpt.com/share/68b6d273-abc4-800f-ad3f-e1a5b9f8dad0

2025-09-07 18:57:12 +02:00 · 2025-09-02 13:18:32 +02:00
parent 61d852c508
commit 3a83f3d14e
7 changed files with 78 additions and 37 deletions
--- a/roles/web-app-bookwyrm/README.md
+++ b/roles/web-app-bookwyrm/README.md
@@ -2,24 +2,25 @@

 ## Description

-Host your own social reading platform with **BookWyrm**. This role deploys BookWyrm via Docker Compose, wires domains and ports, and offers optional OIDC integration so your readers can sign in through your central identity provider.
+**BookWyrm** is a self-hosted social reading platform where users can share books, post reviews, follow each other, and join federated conversations across the Fediverse. It is a community-driven alternative to proprietary platforms like Goodreads. Readers can catalog their library, track reading progress, and discover new books through friends and federated timelines.

 ## Overview

-This role provisions a BookWyrm application stack with Docker. It supports PostgreSQL and Redis, sets sensible environment defaults, and exposes an application container plus a dedicated Celery worker. A reverse proxy (provided elsewhere in your stack) fronts the service for public access.
+BookWyrm provides a federated social network for books built on ActivityPub. Each instance can be private, invitation-only, or open for public registration. Users can import/export book lists, interact with others across the Fediverse, and maintain their own curated reading environment. As an admin, you can configure moderation tools, content rules, and federation policies to suit your community.

 ## Features

- **Fully Dockerized Deployment:** Builds and runs BookWyrm containers (app + worker) using Docker Compose.
- **Production-friendly Settings:** Environment templating for database, Redis, and security-relevant settings (e.g., `SECRET_KEY`).
- **Optional OIDC:** Can integrate with your OIDC provider (e.g., Keycloak) directly or behind oauth2-proxy (depending on your flavor).
- **Volumes for Data & Media:** Persistent volumes for BookWyrm data and media assets.
- **Redis & Celery Worker:** Background tasks processed by Celery; Redis used for broker and cache.
- **Desktop Integration Hooks:** Compatible with your Web App Desktop listing when the role includes this README.
- **Matomo/CSS/Desktop Flags:** Standard feature flags are available for consistent theming/analytics across apps in your ecosystem.
+- **Federated Social Network:** Connects with other BookWyrm instances and ActivityPub platforms.
+- **Book Cataloging:** Add, search, and organize books; import/export libraries.
+- **Reading Status & Reviews:** Mark books as “to read,” “reading,” or “finished,” and publish reviews or quotes.
+- **Timelines & Interaction:** Follow other readers, comment on reviews, and engage in federated discussions.
+- **Privacy & Moderation:** Fine-grained controls for content visibility, moderation, and federation settings.
+- **Community Building:** Host a private club, classroom library, or large public community for readers.
+- **Optional SSO Integration:** Can work with OIDC for unified login across platforms.

 ## Further Resources

- [BookWyrm (GitHub)](https://github.com/bookwyrm-social/bookwyrm)
+- [BookWyrm GitHub](https://github.com/bookwyrm-social/bookwyrm)
 - [BookWyrm Documentation](https://docs.joinbookwyrm.com/)
- [OpenID Connect (Wikipedia)](https://en.wikipedia.org/wiki/OpenID_Connect)
+- [ActivityPub (Wikipedia)](https://en.wikipedia.org/wiki/ActivityPub)
+- [Fediverse (Wikipedia)](https://en.wikipedia.org/wiki/Fediverse)
--- a/roles/web-app-bookwyrm/config/main.yml
+++ b/roles/web-app-bookwyrm/config/main.yml
@@ -6,8 +6,7 @@ docker:
    redis:
      enabled:  true
    application:
-      image:    bookwyrm/bookwyrm
-      version:  latest
+      version:  'v0.7.5'
      name:     bookwyrm
    worker:
      enabled:  true
--- a/roles/web-app-bookwyrm/meta/main.yml
+++ b/roles/web-app-bookwyrm/meta/main.yml
@@ -1,17 +1,19 @@
 ---
 galaxy_info:
-  author: "Kevin Veen-Birkenbach"
-  description: "Deploys BookWyrm social reading server via Docker Compose, with basic domain and port wiring."
+  author: "Kevin Veen-Birchenbach"
+  description: "BookWyrm is a self-hosted federated social reading platform where users share reviews, track reading, and connect with others across the Fediverse."
  license: "Infinito.Nexus NonCommercial License"
  license_url: "https://s.infinito.nexus/license"
  company: |
-    Kevin Veen-Birkenbach
+    Kevin Veen-Birchenbach
    Consulting & Coaching Solutions
    https://www.veen.world
  galaxy_tags:
-    - bookwyrm
-    - social
-    - docker
+    - books
+    - social-network
+    - fediverse
+    - activitypub
+    - reading
  repository: "https://s.infinito.nexus/code"
  issue_tracker_url: "https://s.infinito.nexus/issues"
  documentation: "https://s.infinito.nexus/code/tree/main/roles/web-app-bookwyrm"
--- a/roles/web-app-bookwyrm/templates/Dockerfile.j2
+++ b/roles/web-app-bookwyrm/templates/Dockerfile.j2
@@ -1,7 +1,39 @@
-FROM "{{ BOOKWYRM_IMAGE }}:{{ BOOKWYRM_VERSION }}"
+# Build BookWyrm from source (no upstream image available)
+ARG BOOKWYRM_VERSION={{ BOOKWYRM_VERSION | default('v0.7.5') }}
+FROM python:3.11-bookworm AS builder

-# Place for optional plugins/patches
-# COPY ./patches/ /app/patches/
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    git build-essential libpq-dev \
+    libjpeg-dev zlib1g-dev libxml2-dev libxslt1-dev libffi-dev libmagic-dev \
+  && rm -rf /var/lib/apt/lists/*

-# Ensure media/data exist (UID/GID depend on upstream; keep generic)
-RUN mkdir -p /app/data /app/media && chown -R 1000:1000 /app/data /app/media
+WORKDIR /src
+# Shallow clone the chosen tag/branch
+RUN git clone --depth=1 --branch "${BOOKWYRM_VERSION}" https://github.com/bookwyrm-social/bookwyrm.git .
+
+# Pre-install Python deps to a wheelhouse for faster final image
+RUN pip install --upgrade pip \
+ && pip wheel --wheel-dir /wheels -r requirements.txt
+
+FROM python:3.11-bookworm
+ENV PYTHONUNBUFFERED=1
+WORKDIR /app
+
+# Copy app source and wheels
+COPY --from=builder /src /app
+COPY --from=builder /wheels /wheels
+
+# System deps for runtime
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    libpq5 curl \
+    libjpeg62-turbo zlib1g libxml2 libxslt1.1 libffi8 libmagic1 \
+  && rm -rf /var/lib/apt/lists/* \
+  && pip install --no-cache-dir --no-index --find-links=/wheels -r /app/requirements.txt \
+  && adduser --disabled-password --gecos '' bookwyrm \
+  && mkdir -p /app/data /app/media \
+  && chown -R bookwyrm:bookwyrm /app
+
+USER bookwyrm
+
+# Gunicorn/Celery are configured by upstream files in repo
+# Ports/healthcheck handled by compose template
--- a/roles/web-app-bookwyrm/templates/docker-compose.yml.j2
+++ b/roles/web-app-bookwyrm/templates/docker-compose.yml.j2
@@ -1,6 +1,13 @@
 {% include 'roles/docker-compose/templates/base.yml.j2' %}

  application:
+{% include 'roles/docker-container/templates/base.yml.j2' %}
+    command: >-
+      bash -lc '
+        python manage.py migrate --noinput &&
+        python manage.py collectstatic --noinput &&
+        gunicorn bookwyrm.wsgi:application --bind 0.0.0.0:{{ container_port }}
+      '
    build:
      context: .
      dockerfile: Dockerfile
@@ -9,22 +16,18 @@
    hostname: "{{ BOOKWYRM_HOSTNAME }}"
    ports:
      - "127.0.0.1:{{ ports.localhost.http[application_id] }}:{{ container_port }}"
-    environment:
-{% include 'roles/web-app-bookwyrm/templates/env.j2' %}
    volumes:
      - 'data:/app/data'
      - 'media:/app/media'
 {% include 'roles/docker-container/templates/healthcheck/curl.yml.j2' %}
-{% include 'roles/docker-container/templates/base.yml.j2' %}
 {% include 'roles/docker-container/templates/depends_on/dmbs_excl.yml.j2' %}
 {% include 'roles/docker-container/templates/networks.yml.j2' %}

  worker:
+{% include 'roles/docker-container/templates/base.yml.j2' %}
    image: "{{ BOOKWYRM_CUSTOM_IMAGE }}"
-    container_name: "{{ BOOKWYRM_CONTAINER }}-worker"
+    container_name: "{{ BOOKWYRM_WORKER_CONTAINER }}"
    command: "bash -lc 'celery -A celerywyrm worker -l INFO'"
-    environment:
-{% include 'roles/web-app-bookwyrm/templates/env.j2' %}
    volumes:
      - 'data:/app/data'
      - 'media:/app/media'
--- a/roles/web-app-bookwyrm/templates/env.j2
+++ b/roles/web-app-bookwyrm/templates/env.j2
@@ -1,6 +1,7 @@
 # Core
 BOOKWYRM_URL="{{ BOOKWYRM_URL }}"
 DOMAIN="{{ BOOKWYRM_HOSTNAME }}"
+ALLOWED_HOSTS="{{ BOOKWYRM_HOSTNAME }},127.0.0.1,localhost"
 PORT="{{ WEB_PORT }}"
 WEB_PROTOCOL="{{ WEB_PROTOCOL }}"
 MEDIA_ROOT="/app/media"
@@ -16,8 +17,9 @@ EMAIL="{{ users['no-reply'].email }}"
 DATABASE_URL="postgres://{{ database_username }}:{{ database_password }}@{{ database_host }}:{{ database_port }}/{{ database_name }}"

 # Redis / Celery
-REDIS_BROKER_URL="redis://{{ BOOKWYRM_REDIS_HOST }}:{{ BOOKWYRM_REDIS_PORT }}/0"
-REDIS_CACHE_URL="redis://{{ BOOKWYRM_REDIS_HOST }}:{{ BOOKWYRM_REDIS_PORT }}/1"
+REDIS_BROKER_URL="{{ BOOKWYRM_REDIS_BROKER_URL }}"
+REDIS_CACHE_URL="{{ BOOKWYRM_REDIS_BASE_URL }}/1"
+CELERY_BROKER_URL="{{ BOOKWYRM_REDIS_BROKER_URL }}"

 # Proxy (if BookWyrm sits behind reverse proxy)
 FORWARDED_ALLOW_IPS="*"
--- a/roles/web-app-bookwyrm/vars/main.yml
+++ b/roles/web-app-bookwyrm/vars/main.yml
@@ -33,13 +33,15 @@ BOOKWYRM_OIDC_SCOPES:           "openid,email,profile"
 BOOKWYRM_OIDC_UNIQUE_ATTRIBUTE: "{{ OIDC.ATTRIBUTES.USERNAME }}"

 ## Docker
+BOOKWYRM_CONTAINER:             "{{ applications | get_app_conf(application_id, 'docker.services.application.name') }}"
+BOOKWYRM_DATA_VOLUME:           "{{ applications | get_app_conf(application_id, 'docker.volumes.data') }}"
+BOOKWYRM_MEDIA_VOLUME:          "{{ applications | get_app_conf(application_id, 'docker.volumes.media') }}"
 BOOKWYRM_VERSION:               "{{ applications | get_app_conf(application_id, 'docker.services.application.version') }}"
-BOOKWYRM_IMAGE:                 "{{ applications | get_app_conf(application_id, 'docker.services.application.image') | default('bookwyrm/bookwyrm') }}"
-BOOKWYRM_CONTAINER:             "{{ applications | get_app_conf(application_id, 'docker.services.application.name') | default('bookwyrm') }}"
-BOOKWYRM_DATA_VOLUME:           "{{ applications | get_app_conf(application_id, 'docker.volumes.data') | default('bookwyrm_data') }}"
-BOOKWYRM_MEDIA_VOLUME:          "{{ applications | get_app_conf(application_id, 'docker.volumes.media') | default('bookwyrm_media') }}"
-BOOKWYRM_CUSTOM_IMAGE:          "{{ BOOKWYRM_IMAGE }}_custom"
+BOOKWYRM_CUSTOM_IMAGE:          "bookwyrm_custom"
+BOOKWYRM_WORKER_CONTAINER:      "{{ BOOKWYRM_CONTAINER }}-worker"

 ## Redis
 BOOKWYRM_REDIS_HOST:            "redis"
 BOOKWYRM_REDIS_PORT:            6379
+BOOKWYRM_REDIS_BASE_URL:        "redis://{{ BOOKWYRM_REDIS_HOST }}:{{ BOOKWYRM_REDIS_PORT }}"
+BOOKWYRM_REDIS_BROKER_URL:      "{{ BOOKWYRM_REDIS_BASE_URL }}/0"