main
Alpha Chen 2 months ago
parent bbe328132b
commit c18b700342
Signed by: alpha
SSH Key Fingerprint: SHA256:3fOT8fiYQG/aK9ntivV3Bqtg8AYQ7q4nV6ZgihOA20g

@ -0,0 +1,58 @@
# https://docs.gotosocial.org/en/latest/getting_started/installation/container/
- name: Set up GoToSocial
hosts: lotus-land-story
vars_files:
- vars.yml
vars:
version: snapshot # temporary, to get import/export functionality
tasks:
- name: Create working directory
ansible.builtin.file:
path: /mnt/lotus-land-story/gotosocial
state: directory
mode: "0755"
- name: Create data directory
ansible.builtin.file:
path: /mnt/lotus-land-story/gotosocial/data
state: directory
owner: 1000
group: 1000
mode: "0755"
# https://raw.githubusercontent.com/superseriousbusiness/gotosocial/main/example/docker-compose/docker-compose.yaml
- name: Run GoToSocial
community.docker.docker_container:
name: gotosocial
image: superseriousbusiness/gotosocial:{{ version }}
restart: true
restart_policy: unless-stopped
env:
GTS_HOST: hey.kejadlen.dev
GTS_LANDING_PAGE_USER: alpha
GTS_DB_TYPE: sqlite
GTS_DB_ADDRESS: /gotosocial/storage/sqlite.db
GTS_OIDC_ENABLED: "true"
GTS_OIDC_IDP_NAME: "Authelia"
GTS_OIDC_ISSUER: https://auth.kejadlen.dev
GTS_OIDC_CLIENT_ID: gotosocial
GTS_OIDC_CLIENT_SECRET: "{{ gotosocial.oidc_client_secret }}"
GTS_OIDC_ADMIN_GROUPS: admin
GTS_METRICS_ENABLED: "true"
GTS_METRICS_AUTH_ENABLED: "true"
GTS_METRICS_AUTH_USERNAME: "{{ prometheus.gotosocial.username }}"
GTS_METRICS_AUTH_PASSWORD: "{{ prometheus.gotosocial.password }}"
# GTS_ADVANCED_RATE_LIMIT_REQUESTS: "0"
TZ: UTC
volumes:
- /mnt/lotus-land-story/gotosocial/data:/gotosocial/storage
networks:
- name: lotus_land_story
handlers:
- name: Import restarts
ansible.builtin.import_tasks: restarts.yml
# vim: ft=yaml.ansible

@ -100,6 +100,7 @@
- import_playbook: grafana.yml # noqa: name[play] - import_playbook: grafana.yml # noqa: name[play]
- import_playbook: loki.yml # noqa: name[play] - import_playbook: loki.yml # noqa: name[play]
- import_playbook: miniflux.yml # noqa: name[play] - import_playbook: miniflux.yml # noqa: name[play]
- import_playbook: gotosocial.yml # noqa: name[play]
- import_playbook: caddy.yml # noqa: name[play] - import_playbook: caddy.yml # noqa: name[play]

@ -137,4 +137,12 @@ logs.{{ domain }} {
reverse_proxy parseable:8000 reverse_proxy parseable:8000
} }
hey.kejadlen.dev
reverse_proxy gotosocial:8080
handle /metrics {
respond 404
}
}
# vim: ts=4 # vim: ts=4

@ -62,6 +62,8 @@ identity_providers:
{{ authelia.oidc_private_key | indent(10) }} {{ authelia.oidc_private_key | indent(10) }}
clients: clients:
# https://www.authelia.com/reference/guides/generating-secure-values/#generating-a-random-password-hash
- client_id: grafana - client_id: grafana
client_name: Grafana client_name: Grafana
client_secret: $argon2id$v=19$m=65536,t=3,p=4$bHcAAorVdHuZzuz53WfAQA$x+pIDTo6SsGyY9JD4OZ7dT6pkEcPf8Yh6Yb7DXco8aQ client_secret: $argon2id$v=19$m=65536,t=3,p=4$bHcAAorVdHuZzuz53WfAQA$x+pIDTo6SsGyY9JD4OZ7dT6pkEcPf8Yh6Yb7DXco8aQ
@ -105,3 +107,15 @@ identity_providers:
- openid - openid
- email - email
- profile - profile
- client_id: gotosocial
client_name: GoToSocial
client_secret: $argon2id$v=19$m=65536,t=3,p=4$4fkP2O3FYs26yKH/3WLuvQ$JHkaAA+b752/v7rtyhEzGwGutpSZR+7PSmz8psFb8BM
public: false
redirect_uris:
- https://hey.kejadlen.dev/auth/callback
scopes:
- openid
- email
- profile
- groups

@ -5,7 +5,7 @@ users:
password: "$argon2id$v=19$m=65536,t=3,p=4$JHtyy/vVD+37neJUjy5Shw$6GODmDOXW/v7cfhqwuEp30bVSCWLT5R3OEe/Gi5FGX0" # yamllint disable-line rule:line-length password: "$argon2id$v=19$m=65536,t=3,p=4$JHtyy/vVD+37neJUjy5Shw$6GODmDOXW/v7cfhqwuEp30bVSCWLT5R3OEe/Gi5FGX0" # yamllint disable-line rule:line-length
email: alpha@kejadlen.dev email: alpha@kejadlen.dev
groups: groups:
- admins - admin
- family - family
lydia: lydia:
disabled: false disabled: false

@ -70,4 +70,11 @@ scrape_configs:
static_configs: static_configs:
- targets: ['paperless-ngx:5555'] - targets: ['paperless-ngx:5555']
# vim: ft=yaml.ansible - job_name: gotosocial
metrics_path: /metrics
scheme: http
basic_auth:
username: {{ prometheus.gotosocial.username }}
password: {{ prometheus.gotosocial.password }}
static_configs:
- targets: ['gotosocial:8080']

Loading…
Cancel
Save