mirror of
https://github.com/kevinveenbirkenbach/computer-playbook.git
synced 2024-11-22 04:31:13 +01:00
Compare commits
3 Commits
b923db2ec0
...
e2594c7538
Author | SHA1 | Date | |
---|---|---|---|
e2594c7538 | |||
560c7e8103 | |||
14999faba8 |
@ -1,8 +1,9 @@
|
||||
# General
|
||||
setup: false # Pass CLI commands to execute the setup tasks for the different roles
|
||||
verbose: false # Prints well formated debug information
|
||||
top_domain: "localhost" # Change this in inventory to your domain
|
||||
ip4_address: "127.0.0.1" # Change thie in inventory to the ip address of your server
|
||||
backups_folder_path: "/Backups/"
|
||||
backups_folder_path: "/Backups/" # Path to the backups folder
|
||||
|
||||
# Server Tact Variables
|
||||
|
||||
|
@ -3,3 +3,4 @@ database_host: "postgres" # needs to be fixed
|
||||
database_databasename: "greenlight-v3"
|
||||
database_username: "postgres"
|
||||
database_password: ""
|
||||
database_type: "postgres"
|
@ -1,8 +1,15 @@
|
||||
# docker mastodon
|
||||
|
||||
## create configuration
|
||||
```bash
|
||||
docker-compose run --rm web bundle exec rake mastodon:setup
|
||||
```
|
||||
|
||||
## Setup with existing configuration
|
||||
```bash
|
||||
docker-compose run --rm web bundle exec rails db:migrate
|
||||
```
|
||||
|
||||
## cleanup
|
||||
```bash
|
||||
cd {{path_docker_compose_instances}}mastodon/
|
||||
@ -30,3 +37,4 @@ docker-compose exec -it -u root web chown -R 991:991 public
|
||||
- https://gist.github.com/TrillCyborg/84939cd4013ace9960031b803a0590c4
|
||||
- https://www.2daygeek.com/linux-command-check-website-is-up-down-alive/
|
||||
- https://vitobotta.com/2022/11/07/setting-up-a-personal-mastodon-instance/
|
||||
- https://www.digitalocean.com/community/tutorials/how-to-scale-your-mastodon-server
|
@ -23,3 +23,9 @@
|
||||
src: .env.production.j2
|
||||
dest: "{{docker_compose_instance_directory}}.env.production"
|
||||
notify: docker compose project setup
|
||||
|
||||
- name: execute database migration
|
||||
command:
|
||||
cmd: "docker-compose run --rm web bundle exec rails db:migrate"
|
||||
chdir: "{{docker_compose_instance_directory}}"
|
||||
when: setup | bool
|
@ -5,6 +5,7 @@ SECRET_KEY_BASE={{mastodon_secret_key_base}}
|
||||
OTP_SECRET={{mastodon_otp_secret}}
|
||||
VAPID_PRIVATE_KEY={{mastodon_vapid_private_key}}
|
||||
VAPID_PUBLIC_KEY={{mastodon_vapid_public_key}}
|
||||
|
||||
DB_HOST={{database_host}}
|
||||
DB_PORT=5432
|
||||
DB_NAME={{database_databasename}}
|
||||
|
@ -6,7 +6,7 @@ services:
|
||||
{% include 'templates/docker-service-' + database_type + '.yml.j2' %}
|
||||
|
||||
web:
|
||||
image: tootsuite/mastodon:{{version_mastodon}}
|
||||
image: ghcr.io/mastodon/mastodon:{{version_mastodon}}
|
||||
restart: always
|
||||
env_file: .env.production
|
||||
command: bash -c "rm -f /mastodon/tmp/pids/server.pid; bundle exec rails s -p 3000"
|
||||
@ -22,7 +22,7 @@ services:
|
||||
{% include 'templates/docker-container-networks.yml.j2' %}
|
||||
|
||||
streaming:
|
||||
image: tootsuite/mastodon:{{version_mastodon}}
|
||||
image: ghcr.io/mastodon/mastodon:{{version_mastodon}}
|
||||
restart: always
|
||||
env_file: .env.production
|
||||
command: node ./streaming
|
||||
@ -36,7 +36,7 @@ services:
|
||||
{% include 'templates/docker-container-networks.yml.j2' %}
|
||||
|
||||
sidekiq:
|
||||
image: tootsuite/mastodon:{{version_mastodon}}
|
||||
image: ghcr.io/mastodon/mastodon:{{version_mastodon}}
|
||||
restart: always
|
||||
env_file: .env.production
|
||||
command: bundle exec sidekiq
|
||||
|
@ -11,10 +11,10 @@ listeners:
|
||||
database:
|
||||
name: psycopg2
|
||||
args:
|
||||
user: matrix
|
||||
password: "{{matrix_database_password}}"
|
||||
database: matrix
|
||||
host: database
|
||||
user: "{{database_username}}"
|
||||
password: "{{database_password}}"
|
||||
database: "{{database_databasename}}"
|
||||
host: "{{database_host}}"
|
||||
cp_min: 5
|
||||
cp_max: 10
|
||||
log_config: "/data/{{domain_matrix_synapse}}.log.config"
|
||||
|
@ -40,6 +40,7 @@ services:
|
||||
retries: 1
|
||||
{% include 'templates/docker-container-depends-on-database-redis.yml.j2' %}
|
||||
application:
|
||||
condition: service_started
|
||||
{% include 'templates/docker-container-networks.yml.j2' %}
|
||||
|
||||
{% include 'templates/docker-compose-volumes.yml.j2' %}
|
||||
|
@ -6,8 +6,8 @@
|
||||
|
||||
- name: Install PostgreSQL
|
||||
docker_container:
|
||||
name: postgres
|
||||
image: postgres:latest
|
||||
name: central-postgres
|
||||
image: "postgres:{{database_version}}"
|
||||
detach: yes
|
||||
env:
|
||||
POSTGRES_PASSWORD: "{{ central_postgres_password }}"
|
||||
@ -16,6 +16,8 @@
|
||||
- name: central_postgres_network
|
||||
published_ports:
|
||||
- "127.0.0.1:5432:5432"
|
||||
volumes:
|
||||
- central_postgres_database:/var/lib/postgresql/data
|
||||
when: run_once_docker_postgres is not defined
|
||||
|
||||
- name: wait for availability of postgres
|
||||
@ -23,10 +25,16 @@
|
||||
host: "127.0.0.1"
|
||||
port: "5432"
|
||||
delay: 0
|
||||
timeout: 120
|
||||
timeout: 300
|
||||
when: run_once_docker_postgres is not defined
|
||||
|
||||
- name: Create database
|
||||
- name: install python-psycopg2
|
||||
pacman:
|
||||
name: python-psycopg2
|
||||
state: present
|
||||
when: run_once_docker_postgres is not defined
|
||||
|
||||
- name: "Create database: {{ database_databasename }}"
|
||||
postgresql_db:
|
||||
name: "{{ database_databasename }}"
|
||||
state: present
|
||||
@ -35,18 +43,68 @@
|
||||
login_host: 127.0.0.1
|
||||
login_port: 5432
|
||||
|
||||
- name: Create database user
|
||||
- name: "Create database user: {{ database_username }}"
|
||||
postgresql_user:
|
||||
name: "{{ database_username }}"
|
||||
password: "{{ database_password }}"
|
||||
db: "{{ database_databasename }}"
|
||||
priv: ALL
|
||||
state: present
|
||||
login_user: postgres
|
||||
login_password: "{{ central_postgres_password }}"
|
||||
login_host: 127.0.0.1
|
||||
login_port: 5432
|
||||
|
||||
- name: "Set privileges for database user: {{ database_username }}"
|
||||
postgresql_privs:
|
||||
db: "{{ database_databasename }}"
|
||||
role: "{{ database_username }}"
|
||||
objs: ALL_IN_SCHEMA
|
||||
privs: ALL
|
||||
type: table
|
||||
state: present
|
||||
login_user: postgres
|
||||
login_password: "{{ central_postgres_password }}"
|
||||
login_host: 127.0.0.1
|
||||
login_port: 5432
|
||||
|
||||
- name: Grant all privileges at the database level
|
||||
postgresql_privs:
|
||||
db: "{{ database_databasename }}"
|
||||
role: "{{ database_username }}"
|
||||
privs: ALL
|
||||
type: database
|
||||
state: present
|
||||
login_user: postgres
|
||||
login_password: "{{ central_postgres_password }}"
|
||||
login_host: 127.0.0.1
|
||||
login_port: 5432
|
||||
|
||||
- name: Grant all privileges on all tables in the public schema
|
||||
postgresql_privs:
|
||||
db: "{{ database_databasename }}"
|
||||
role: "{{ database_username }}"
|
||||
objs: ALL_IN_SCHEMA
|
||||
privs: ALL
|
||||
type: table
|
||||
schema: public
|
||||
state: present
|
||||
login_user: postgres
|
||||
login_password: "{{ central_postgres_password }}"
|
||||
login_host: 127.0.0.1
|
||||
login_port: 5432
|
||||
|
||||
- name: Set comprehensive privileges for user on public schema
|
||||
postgresql_query:
|
||||
db: "{{ database_databasename }}"
|
||||
login_user: postgres
|
||||
login_password: "{{ central_postgres_password }}"
|
||||
login_host: 127.0.0.1
|
||||
login_port: 5432
|
||||
query: |
|
||||
GRANT USAGE ON SCHEMA public TO {{ database_username }};
|
||||
GRANT CREATE ON SCHEMA public TO {{ database_username }};
|
||||
ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL PRIVILEGES ON TABLES TO {{ database_username }};
|
||||
|
||||
- name: Run the docker_postgres tasks once
|
||||
set_fact:
|
||||
run_once_docker_postgres: true
|
||||
|
Loading…
Reference in New Issue
Block a user