mirror of
https://github.com/kevinveenbirkenbach/computer-playbook.git
synced 2024-11-22 20:51:07 +01:00
Compare commits
3 Commits
b923db2ec0
...
e2594c7538
Author | SHA1 | Date | |
---|---|---|---|
e2594c7538 | |||
560c7e8103 | |||
14999faba8 |
@ -1,8 +1,9 @@
|
|||||||
# General
|
# General
|
||||||
|
setup: false # Pass CLI commands to execute the setup tasks for the different roles
|
||||||
verbose: false # Prints well formated debug information
|
verbose: false # Prints well formated debug information
|
||||||
top_domain: "localhost" # Change this in inventory to your domain
|
top_domain: "localhost" # Change this in inventory to your domain
|
||||||
ip4_address: "127.0.0.1" # Change thie in inventory to the ip address of your server
|
ip4_address: "127.0.0.1" # Change thie in inventory to the ip address of your server
|
||||||
backups_folder_path: "/Backups/"
|
backups_folder_path: "/Backups/" # Path to the backups folder
|
||||||
|
|
||||||
# Server Tact Variables
|
# Server Tact Variables
|
||||||
|
|
||||||
|
@ -3,3 +3,4 @@ database_host: "postgres" # needs to be fixed
|
|||||||
database_databasename: "greenlight-v3"
|
database_databasename: "greenlight-v3"
|
||||||
database_username: "postgres"
|
database_username: "postgres"
|
||||||
database_password: ""
|
database_password: ""
|
||||||
|
database_type: "postgres"
|
@ -1,8 +1,15 @@
|
|||||||
# docker mastodon
|
# docker mastodon
|
||||||
|
|
||||||
## create configuration
|
## create configuration
|
||||||
```bash
|
```bash
|
||||||
docker-compose run --rm web bundle exec rake mastodon:setup
|
docker-compose run --rm web bundle exec rake mastodon:setup
|
||||||
```
|
```
|
||||||
|
|
||||||
|
## Setup with existing configuration
|
||||||
|
```bash
|
||||||
|
docker-compose run --rm web bundle exec rails db:migrate
|
||||||
|
```
|
||||||
|
|
||||||
## cleanup
|
## cleanup
|
||||||
```bash
|
```bash
|
||||||
cd {{path_docker_compose_instances}}mastodon/
|
cd {{path_docker_compose_instances}}mastodon/
|
||||||
@ -30,3 +37,4 @@ docker-compose exec -it -u root web chown -R 991:991 public
|
|||||||
- https://gist.github.com/TrillCyborg/84939cd4013ace9960031b803a0590c4
|
- https://gist.github.com/TrillCyborg/84939cd4013ace9960031b803a0590c4
|
||||||
- https://www.2daygeek.com/linux-command-check-website-is-up-down-alive/
|
- https://www.2daygeek.com/linux-command-check-website-is-up-down-alive/
|
||||||
- https://vitobotta.com/2022/11/07/setting-up-a-personal-mastodon-instance/
|
- https://vitobotta.com/2022/11/07/setting-up-a-personal-mastodon-instance/
|
||||||
|
- https://www.digitalocean.com/community/tutorials/how-to-scale-your-mastodon-server
|
@ -23,3 +23,9 @@
|
|||||||
src: .env.production.j2
|
src: .env.production.j2
|
||||||
dest: "{{docker_compose_instance_directory}}.env.production"
|
dest: "{{docker_compose_instance_directory}}.env.production"
|
||||||
notify: docker compose project setup
|
notify: docker compose project setup
|
||||||
|
|
||||||
|
- name: execute database migration
|
||||||
|
command:
|
||||||
|
cmd: "docker-compose run --rm web bundle exec rails db:migrate"
|
||||||
|
chdir: "{{docker_compose_instance_directory}}"
|
||||||
|
when: setup | bool
|
@ -5,6 +5,7 @@ SECRET_KEY_BASE={{mastodon_secret_key_base}}
|
|||||||
OTP_SECRET={{mastodon_otp_secret}}
|
OTP_SECRET={{mastodon_otp_secret}}
|
||||||
VAPID_PRIVATE_KEY={{mastodon_vapid_private_key}}
|
VAPID_PRIVATE_KEY={{mastodon_vapid_private_key}}
|
||||||
VAPID_PUBLIC_KEY={{mastodon_vapid_public_key}}
|
VAPID_PUBLIC_KEY={{mastodon_vapid_public_key}}
|
||||||
|
|
||||||
DB_HOST={{database_host}}
|
DB_HOST={{database_host}}
|
||||||
DB_PORT=5432
|
DB_PORT=5432
|
||||||
DB_NAME={{database_databasename}}
|
DB_NAME={{database_databasename}}
|
||||||
|
@ -6,7 +6,7 @@ services:
|
|||||||
{% include 'templates/docker-service-' + database_type + '.yml.j2' %}
|
{% include 'templates/docker-service-' + database_type + '.yml.j2' %}
|
||||||
|
|
||||||
web:
|
web:
|
||||||
image: tootsuite/mastodon:{{version_mastodon}}
|
image: ghcr.io/mastodon/mastodon:{{version_mastodon}}
|
||||||
restart: always
|
restart: always
|
||||||
env_file: .env.production
|
env_file: .env.production
|
||||||
command: bash -c "rm -f /mastodon/tmp/pids/server.pid; bundle exec rails s -p 3000"
|
command: bash -c "rm -f /mastodon/tmp/pids/server.pid; bundle exec rails s -p 3000"
|
||||||
@ -22,7 +22,7 @@ services:
|
|||||||
{% include 'templates/docker-container-networks.yml.j2' %}
|
{% include 'templates/docker-container-networks.yml.j2' %}
|
||||||
|
|
||||||
streaming:
|
streaming:
|
||||||
image: tootsuite/mastodon:{{version_mastodon}}
|
image: ghcr.io/mastodon/mastodon:{{version_mastodon}}
|
||||||
restart: always
|
restart: always
|
||||||
env_file: .env.production
|
env_file: .env.production
|
||||||
command: node ./streaming
|
command: node ./streaming
|
||||||
@ -36,7 +36,7 @@ services:
|
|||||||
{% include 'templates/docker-container-networks.yml.j2' %}
|
{% include 'templates/docker-container-networks.yml.j2' %}
|
||||||
|
|
||||||
sidekiq:
|
sidekiq:
|
||||||
image: tootsuite/mastodon:{{version_mastodon}}
|
image: ghcr.io/mastodon/mastodon:{{version_mastodon}}
|
||||||
restart: always
|
restart: always
|
||||||
env_file: .env.production
|
env_file: .env.production
|
||||||
command: bundle exec sidekiq
|
command: bundle exec sidekiq
|
||||||
|
@ -11,10 +11,10 @@ listeners:
|
|||||||
database:
|
database:
|
||||||
name: psycopg2
|
name: psycopg2
|
||||||
args:
|
args:
|
||||||
user: matrix
|
user: "{{database_username}}"
|
||||||
password: "{{matrix_database_password}}"
|
password: "{{database_password}}"
|
||||||
database: matrix
|
database: "{{database_databasename}}"
|
||||||
host: database
|
host: "{{database_host}}"
|
||||||
cp_min: 5
|
cp_min: 5
|
||||||
cp_max: 10
|
cp_max: 10
|
||||||
log_config: "/data/{{domain_matrix_synapse}}.log.config"
|
log_config: "/data/{{domain_matrix_synapse}}.log.config"
|
||||||
|
@ -40,6 +40,7 @@ services:
|
|||||||
retries: 1
|
retries: 1
|
||||||
{% include 'templates/docker-container-depends-on-database-redis.yml.j2' %}
|
{% include 'templates/docker-container-depends-on-database-redis.yml.j2' %}
|
||||||
application:
|
application:
|
||||||
|
condition: service_started
|
||||||
{% include 'templates/docker-container-networks.yml.j2' %}
|
{% include 'templates/docker-container-networks.yml.j2' %}
|
||||||
|
|
||||||
{% include 'templates/docker-compose-volumes.yml.j2' %}
|
{% include 'templates/docker-compose-volumes.yml.j2' %}
|
||||||
|
@ -6,8 +6,8 @@
|
|||||||
|
|
||||||
- name: Install PostgreSQL
|
- name: Install PostgreSQL
|
||||||
docker_container:
|
docker_container:
|
||||||
name: postgres
|
name: central-postgres
|
||||||
image: postgres:latest
|
image: "postgres:{{database_version}}"
|
||||||
detach: yes
|
detach: yes
|
||||||
env:
|
env:
|
||||||
POSTGRES_PASSWORD: "{{ central_postgres_password }}"
|
POSTGRES_PASSWORD: "{{ central_postgres_password }}"
|
||||||
@ -16,6 +16,8 @@
|
|||||||
- name: central_postgres_network
|
- name: central_postgres_network
|
||||||
published_ports:
|
published_ports:
|
||||||
- "127.0.0.1:5432:5432"
|
- "127.0.0.1:5432:5432"
|
||||||
|
volumes:
|
||||||
|
- central_postgres_database:/var/lib/postgresql/data
|
||||||
when: run_once_docker_postgres is not defined
|
when: run_once_docker_postgres is not defined
|
||||||
|
|
||||||
- name: wait for availability of postgres
|
- name: wait for availability of postgres
|
||||||
@ -23,10 +25,16 @@
|
|||||||
host: "127.0.0.1"
|
host: "127.0.0.1"
|
||||||
port: "5432"
|
port: "5432"
|
||||||
delay: 0
|
delay: 0
|
||||||
timeout: 120
|
timeout: 300
|
||||||
when: run_once_docker_postgres is not defined
|
when: run_once_docker_postgres is not defined
|
||||||
|
|
||||||
- name: Create database
|
- name: install python-psycopg2
|
||||||
|
pacman:
|
||||||
|
name: python-psycopg2
|
||||||
|
state: present
|
||||||
|
when: run_once_docker_postgres is not defined
|
||||||
|
|
||||||
|
- name: "Create database: {{ database_databasename }}"
|
||||||
postgresql_db:
|
postgresql_db:
|
||||||
name: "{{ database_databasename }}"
|
name: "{{ database_databasename }}"
|
||||||
state: present
|
state: present
|
||||||
@ -35,18 +43,68 @@
|
|||||||
login_host: 127.0.0.1
|
login_host: 127.0.0.1
|
||||||
login_port: 5432
|
login_port: 5432
|
||||||
|
|
||||||
- name: Create database user
|
- name: "Create database user: {{ database_username }}"
|
||||||
postgresql_user:
|
postgresql_user:
|
||||||
name: "{{ database_username }}"
|
name: "{{ database_username }}"
|
||||||
password: "{{ database_password }}"
|
password: "{{ database_password }}"
|
||||||
|
db: "{{ database_databasename }}"
|
||||||
|
state: present
|
||||||
|
login_user: postgres
|
||||||
|
login_password: "{{ central_postgres_password }}"
|
||||||
|
login_host: 127.0.0.1
|
||||||
|
login_port: 5432
|
||||||
|
|
||||||
|
- name: "Set privileges for database user: {{ database_username }}"
|
||||||
|
postgresql_privs:
|
||||||
|
db: "{{ database_databasename }}"
|
||||||
|
role: "{{ database_username }}"
|
||||||
|
objs: ALL_IN_SCHEMA
|
||||||
|
privs: ALL
|
||||||
|
type: table
|
||||||
|
state: present
|
||||||
|
login_user: postgres
|
||||||
|
login_password: "{{ central_postgres_password }}"
|
||||||
|
login_host: 127.0.0.1
|
||||||
|
login_port: 5432
|
||||||
|
|
||||||
|
- name: Grant all privileges at the database level
|
||||||
|
postgresql_privs:
|
||||||
db: "{{ database_databasename }}"
|
db: "{{ database_databasename }}"
|
||||||
priv: ALL
|
role: "{{ database_username }}"
|
||||||
|
privs: ALL
|
||||||
|
type: database
|
||||||
state: present
|
state: present
|
||||||
login_user: postgres
|
login_user: postgres
|
||||||
login_password: "{{ central_postgres_password }}"
|
login_password: "{{ central_postgres_password }}"
|
||||||
login_host: 127.0.0.1
|
login_host: 127.0.0.1
|
||||||
login_port: 5432
|
login_port: 5432
|
||||||
|
|
||||||
|
- name: Grant all privileges on all tables in the public schema
|
||||||
|
postgresql_privs:
|
||||||
|
db: "{{ database_databasename }}"
|
||||||
|
role: "{{ database_username }}"
|
||||||
|
objs: ALL_IN_SCHEMA
|
||||||
|
privs: ALL
|
||||||
|
type: table
|
||||||
|
schema: public
|
||||||
|
state: present
|
||||||
|
login_user: postgres
|
||||||
|
login_password: "{{ central_postgres_password }}"
|
||||||
|
login_host: 127.0.0.1
|
||||||
|
login_port: 5432
|
||||||
|
|
||||||
|
- name: Set comprehensive privileges for user on public schema
|
||||||
|
postgresql_query:
|
||||||
|
db: "{{ database_databasename }}"
|
||||||
|
login_user: postgres
|
||||||
|
login_password: "{{ central_postgres_password }}"
|
||||||
|
login_host: 127.0.0.1
|
||||||
|
login_port: 5432
|
||||||
|
query: |
|
||||||
|
GRANT USAGE ON SCHEMA public TO {{ database_username }};
|
||||||
|
GRANT CREATE ON SCHEMA public TO {{ database_username }};
|
||||||
|
ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL PRIVILEGES ON TABLES TO {{ database_username }};
|
||||||
|
|
||||||
- name: Run the docker_postgres tasks once
|
- name: Run the docker_postgres tasks once
|
||||||
set_fact:
|
set_fact:
|
||||||
run_once_docker_postgres: true
|
run_once_docker_postgres: true
|
||||||
|
Loading…
Reference in New Issue
Block a user