Allow playbook to be run for updates as well as install. #9
|
@ -0,0 +1,62 @@
|
|||
---
|
||||
# This role copies over the user-edited .env.production,
|
||||
# and runs the database setup
|
||||
|
||||
- name: Generate PAPERCLIP_SECRET and register it
|
||||
shell: cd /home/mastodon/live && bundle exec rake secret
|
||||
register: PAPERCLIP_SECRET
|
||||
environment:
|
||||
RAILS_ENV: production
|
||||
PATH: '/home/mastodon/.rbenv/bin:/home/mastodon/.rbenv/shims:/home/mastodon/.rbenv/plugins/ruby-build/bin:{{ ansible_env.PATH }}'
|
||||
args:
|
||||
executable: /bin/bash
|
||||
become: true
|
||||
become_user: mastodon
|
||||
- name: Generate SECRET_KEY_BASE and register it
|
||||
shell: cd /home/mastodon/live && bundle exec rake secret
|
||||
register: SECRET_KEY_BASE
|
||||
environment:
|
||||
RAILS_ENV: production
|
||||
PATH: '/home/mastodon/.rbenv/bin:/home/mastodon/.rbenv/shims:/home/mastodon/.rbenv/plugins/ruby-build/bin:{{ ansible_env.PATH }}'
|
||||
args:
|
||||
executable: /bin/bash
|
||||
become: true
|
||||
become_user: mastodon
|
||||
- name: Generate OTP_SECRET and register it
|
||||
shell: cd /home/mastodon/live && bundle exec rake secret
|
||||
register: OTP_SECRET
|
||||
environment:
|
||||
RAILS_ENV: production
|
||||
PATH: '/home/mastodon/.rbenv/bin:/home/mastodon/.rbenv/shims:/home/mastodon/.rbenv/plugins/ruby-build/bin:{{ ansible_env.PATH }}'
|
||||
args:
|
||||
executable: /bin/bash
|
||||
become: true
|
||||
become_user: mastodon
|
||||
- name: Generate VAPID keys and register it
|
||||
shell: cd /home/mastodon/live && bundle exec rake mastodon:webpush:generate_vapid_key
|
||||
register: VAPID_KEYS
|
||||
environment:
|
||||
RAILS_ENV: production
|
||||
PATH: '/home/mastodon/.rbenv/bin:/home/mastodon/.rbenv/shims:/home/mastodon/.rbenv/plugins/ruby-build/bin:{{ ansible_env.PATH }}'
|
||||
SECRET_KEY_BASE: '0'
|
||||
OTP_SECRET: '{{ OTP_SECRET.stdout }}'
|
||||
args:
|
||||
executable: /bin/bash
|
||||
become: true
|
||||
become_user: mastodon
|
||||
- name: Copy Mastodon .env.production
|
||||
template:
|
||||
src: .env.production
|
||||
dest: /home/mastodon/live/.env.production
|
||||
become: true
|
||||
become_user: mastodon
|
||||
- name: Run Mastodon database setup
|
||||
shell: cd /home/mastodon/live && bundle exec rails db:setup
|
||||
environment:
|
||||
RAILS_ENV: production
|
||||
SAFETY_ASSURED: 1
|
||||
PATH: '/home/mastodon/.rbenv/bin:/home/mastodon/.rbenv/shims:/home/mastodon/.rbenv/plugins/ruby-build/bin:{{ ansible_env.PATH }}'
|
||||
args:
|
||||
executable: /bin/bash
|
||||
become: true
|
||||
become_user: mastodon
|
|
@ -1,11 +1,13 @@
|
|||
---
|
||||
# This role copies over the user-edited .env.production, runs the database
|
||||
# setup, pre-compiles assets, starts Mastodon daemons, adds media cleanup
|
||||
# cron job
|
||||
# This role pre-compiles assets, starts Mastodon daemons,
|
||||
# adds media cleanup cron job
|
||||
|
||||
- name: Generate PAPERCLIP_SECRET and register it
|
||||
shell: cd /home/mastodon/live && bundle exec rake secret
|
||||
register: PAPERCLIP_SECRET
|
||||
- name: Run install tasks
|
||||
include_tasks: install.yml
|
||||
when: install is defined
|
||||
- name: Run Mastodon database migration
|
||||
when: install is not defined
|
||||
shell: cd /home/mastodon/live && bundle exec rails db:migrate
|
||||
environment:
|
||||
RAILS_ENV: production
|
||||
PATH: '/home/mastodon/.rbenv/bin:/home/mastodon/.rbenv/shims:/home/mastodon/.rbenv/plugins/ruby-build/bin:{{ ansible_env.PATH }}'
|
||||
|
@ -13,44 +15,6 @@
|
|||
executable: /bin/bash
|
||||
become: true
|
||||
become_user: mastodon
|
||||
- name: Generate SECRET_KEY_BASE and register it
|
||||
shell: cd /home/mastodon/live && bundle exec rake secret
|
||||
register: SECRET_KEY_BASE
|
||||
environment:
|
||||
RAILS_ENV: production
|
||||
PATH: '/home/mastodon/.rbenv/bin:/home/mastodon/.rbenv/shims:/home/mastodon/.rbenv/plugins/ruby-build/bin:{{ ansible_env.PATH }}'
|
||||
args:
|
||||
executable: /bin/bash
|
||||
become: true
|
||||
become_user: mastodon
|
||||
- name: Generate OTP_SECRET and register it
|
||||
shell: cd /home/mastodon/live && bundle exec rake secret
|
||||
register: OTP_SECRET
|
||||
environment:
|
||||
RAILS_ENV: production
|
||||
PATH: '/home/mastodon/.rbenv/bin:/home/mastodon/.rbenv/shims:/home/mastodon/.rbenv/plugins/ruby-build/bin:{{ ansible_env.PATH }}'
|
||||
args:
|
||||
executable: /bin/bash
|
||||
become: true
|
||||
become_user: mastodon
|
||||
- name: Generate VAPID keys and register it
|
||||
shell: cd /home/mastodon/live && bundle exec rake mastodon:webpush:generate_vapid_key
|
||||
register: VAPID_KEYS
|
||||
environment:
|
||||
RAILS_ENV: production
|
||||
PATH: '/home/mastodon/.rbenv/bin:/home/mastodon/.rbenv/shims:/home/mastodon/.rbenv/plugins/ruby-build/bin:{{ ansible_env.PATH }}'
|
||||
SECRET_KEY_BASE: '0'
|
||||
OTP_SECRET: '{{ OTP_SECRET.stdout }}'
|
||||
args:
|
||||
executable: /bin/bash
|
||||
become: true
|
||||
become_user: mastodon
|
||||
- name: Copy Mastodon .env.production
|
||||
template:
|
||||
src: .env.production
|
||||
dest: /home/mastodon/live/.env.production
|
||||
become: true
|
||||
become_user: mastodon
|
||||
- name: Precompile Mastodon static assets
|
||||
shell: cd /home/mastodon/live && bundle exec rails assets:precompile
|
||||
environment:
|
||||
|
@ -60,16 +24,6 @@
|
|||
executable: /bin/bash
|
||||
become: true
|
||||
become_user: mastodon
|
||||
- name: Run Mastodon database setup
|
||||
shell: cd /home/mastodon/live && bundle exec rails db:setup
|
||||
environment:
|
||||
RAILS_ENV: production
|
||||
SAFETY_ASSURED: 1
|
||||
PATH: '/home/mastodon/.rbenv/bin:/home/mastodon/.rbenv/shims:/home/mastodon/.rbenv/plugins/ruby-build/bin:{{ ansible_env.PATH }}'
|
||||
args:
|
||||
executable: /bin/bash
|
||||
become: true
|
||||
become_user: mastodon
|
||||
- name: Add Mastodon media cache cleanup cronjob
|
||||
cron:
|
||||
name: "Mastodon media cache cleanup"
|
||||
|
|
|
@ -0,0 +1,12 @@
|
|||
---
|
||||
# This role sets up a Let's Encrypt certificate for the
|
||||
# Mastodon instance
|
||||
|
||||
- name: Stop nginx for now
|
||||
service: name=nginx state=stopped
|
||||
- name: Generate standalone Let's Encrypt TLS certificate for Mastodon instance
|
||||
shell: letsencrypt certonly -n --agree-tos --standalone -d {{ LOCAL_DOMAIN }} --email "webmaster@{{ LOCAL_DOMAIN }}"
|
||||
- name: Restart nginx
|
||||
service: name=nginx state=started
|
||||
- name: Generate webroot Let's Encrypt TLS certificate for Mastodon instance
|
||||
shell: letsencrypt certonly -n --webroot -d {{ LOCAL_DOMAIN }} -w /home/mastodon/live/public/ --email "webmaster@{{ LOCAL_DOMAIN }}"
|
|
@ -1,6 +1,5 @@
|
|||
---
|
||||
# This role install nginx, configures it and sets up a Let's Encrypt certificate for the
|
||||
# Mastodon instance
|
||||
# This role install nginx, configures it
|
||||
|
||||
- name: Install nginx and certbot
|
||||
apt: name={{ item }} state=latest update_cache=yes
|
||||
|
@ -20,16 +19,11 @@
|
|||
src: /etc/nginx/sites-available/{{ LOCAL_DOMAIN }}.conf
|
||||
dest: /etc/nginx/sites-enabled/{{ LOCAL_DOMAIN }}.conf
|
||||
state: link
|
||||
- name: Stop nginx for now
|
||||
service: name=nginx state=stopped
|
||||
- name: Generate standalone Let's Encrypt TLS certificate for Mastodon instance
|
||||
shell: letsencrypt certonly -n --agree-tos --standalone -d {{ LOCAL_DOMAIN }} --email "webmaster@{{ LOCAL_DOMAIN }}"
|
||||
- name: Restart nginx
|
||||
service: name=nginx state=started
|
||||
- name: Generate webroot Let's Encrypt TLS certificate for Mastodon instance
|
||||
shell: letsencrypt certonly -n --webroot -d {{ LOCAL_DOMAIN }} -w /home/mastodon/live/public/ --email "webmaster@{{ LOCAL_DOMAIN }}"
|
||||
- name: Copy and enable Let's Encrypt renew script
|
||||
copy:
|
||||
src: letsencrypt-renew.sh
|
||||
dest: /etc/cron.daily/letsencrypt-renew.sh
|
||||
mode: 0700
|
||||
- name: Run nginx install tasks
|
||||
include_tasks: install.yml
|
||||
when: install is defined
|
||||
|
|
|
@ -0,0 +1,15 @@
|
|||
---
|
||||
# This role deletes any existing PostgreSQL database
|
||||
|
||||
- name: Stop any Mastodon services that may be running to remove database locks
|
||||
systemd: name={{ item }} state=stopped
|
||||
with_items:
|
||||
- mastodon-sidekiq
|
||||
- mastodon-streaming
|
||||
- mastodon-web
|
||||
- name: Drop any existing database that may exist with the same name
|
||||
postgresql_db:
|
||||
name: "{{ DB_NAME }}"
|
||||
state: absent
|
||||
become: true
|
||||
become_user: postgres
|
|
@ -8,12 +8,6 @@
|
|||
- postgresql
|
||||
- postgresql-contrib
|
||||
- python-psycopg2
|
||||
- name: Stop any Mastodon services that may be running to remove database locks
|
||||
systemd: name={{ item }} state=stopped
|
||||
with_items:
|
||||
- mastodon-sidekiq
|
||||
- mastodon-streaming
|
||||
- mastodon-web
|
||||
- name: Add Mastodon PostgreSQL database user
|
||||
postgresql_user:
|
||||
name: mastodon
|
||||
|
@ -21,9 +15,6 @@
|
|||
state: present
|
||||
become: true
|
||||
become_user: postgres
|
||||
- name: Drop any existing database that may exist with the same name
|
||||
postgresql_db:
|
||||
name: "{{ DB_NAME }}"
|
||||
state: absent
|
||||
become: true
|
||||
become_user: postgres
|
||||
- name: Run PostgreSQL install tasks
|
||||
include_tasks: install.yml
|
||||
when: install is defined
|
||||
|
|
Loading…
Reference in New Issue