alpha
/
dotfiles
1
0
Fork 0
Code Issues 15 Pull Requests Packages Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'd2fdca2c0e'
${ noResults }
dotfiles/meta/playbooks/pixelfed/install.yml

210 lines
6.0 KiB
Raw Blame History

---
- hosts: pixelfed
tasks:
- apt:
update_cache: yes
# https://docs.pixelfed.org/running-pixelfed/prerequisites.html
- package:
name:
- git
- python3-psycopg2 # required for postgresql_user task
# pixelfed dependencies
- nginx
- postgresql
- php-fpm
- php-bcmath
- php-curl
- php-gd
- php-intl
- php-mbstring
- php-pgsql
- php-redis
- php-xml
- php-zip
- redis
- community.postgresql.postgresql_db:
name: pixelfed
become: true
become_user: postgres
- community.postgresql.postgresql_user:
db: pixelfed
name: pixelfed
password: "{{ pixelfed_db_password }}"
# role_attr_flags: CREATEDB
become: true
become_user: postgres
- lineinfile:
path: /etc/php/7.4/fpm/php.ini
regexp: "^upload_max_filesize = "
line: "upload_max_filesize = 6M"
notify: Restart php-fpm
- copy:
src: /etc/php/7.4/fpm/pool.d/www.conf
dest: /etc/php/7.4/fpm/pool.d/pixelfed.conf
remote_src: yes
- lineinfile:
path: /etc/php/7.4/fpm/pool.d/pixelfed.conf
regexp: "{{ item.regexp }}"
line: "{{ item.line }}"
loop:
- { regexp: "\\[www\\]", line: "[pixelfed]" }
- { regexp: "^user =", line: "user = pixelfed" }
- { regexp: "^group =", line: "group = pixelfed" }
- { regexp: "^listen =", line: "listen = /run/php/pixelfed.sock" }
- { regexp: "^;listen.mode =", line: "listen.mode = 0660" }
notify: Restart php-fpm
# - lineinfile:
# path: /etc/redis/redis.conf
# regexp: "{{ item.regexp }}"
# line: "{{ item.line }}"
# loop:
# - { regexp: "^# unixsocket ", line: "unixsocket /var/run/redis/redis.sock" }
# - { regexp: "^# unixsocketperm ", line: "unixsocketperm 770" }
- user:
name: pixelfed
# https://docs.pixelfed.org/running-pixelfed/installation.html#setting-up-pixelfed-files
- git:
repo: "https://github.com/pixelfed/pixelfed.git"
version: v0.11.2
dest: /usr/share/pixelfed
- file:
path: /usr/share/pixelfed
recurse: yes
owner: pixelfed
group: pixelfed
handlers:
- name: Restart php-fpm
service:
name: php7.4-fpm
state: restarted
- hosts: pixelfed
become: yes
become_user: pixelfed
tasks:
- get_url:
url: https://getcomposer.org/installer
dest: /usr/share/pixelfed/composer-setup.php
- file:
path: /usr/share/pixelfed/bin
state: directory
- command: php composer-setup.php --install-dir=bin --filename=composer
args:
chdir: /usr/share/pixelfed
- community.general.composer:
command: install
working_dir: /usr/share/pixelfed
composer_executable: /usr/share/pixelfed/bin/composer
- copy:
src: /usr/share/pixelfed/.env.example
dest: /usr/share/pixelfed/.env
remote_src: yes
- lineinfile:
path: /usr/share/pixelfed/.env
regexp: "{{ item.regexp }}"
line: "{{ item.line }}"
loop:
- { regexp: "^APP_NAME=", line: "APP_NAME={{ pixelfed_app_name }}" }
- { regexp: "^APP_KEY=", line: "APP_KEY={{ pixelfed_app_key }}" }
- { regexp: "^APP_URL=", line: "APP_URL={{ pixelfed_app_url }}" }
- { regexp: "^APP_DOMAIN=", line: "APP_DOMAIN={{ pixelfed_domain }}" }
- { regexp: "^ADMIN_DOMAIN=", line: "ADMIN_DOMAIN={{ pixelfed_domain }}" }
- { regexp: "^SESSION_DOMAIN=", line: "SESSION_DOMAIN={{ pixelfed_domain }}" }
- { regexp: "^DB_CONNECTION=", line: "DB_CONNECTION=pgsql" }
- { regexp: "^DB_PORT=", line: "DB_PORT=5432" }
- { regexp: "^DB_PASSWORD=", line: "DB_PASSWORD={{ pixelfed_db_password }}" }
- { regexp: "^MAIL_DRIVER=", line: "MAIL_DRIVER=smtp" }
- { regexp: "^MAIL_HOST=", line: "MAIL_HOST={{ pixelfed_mail_host }}" }
- { regexp: "^MAIL_PORT=", line: "MAIL_PORT={{ pixelfed_mail_port }}" }
- { regexp: "^MAIL_USERNAME=", line: "MAIL_USERNAME={{ pixelfed_mail_username }}" }
- { regexp: "^MAIL_PASSWORD=", line: "MAIL_PASSWORD={{ pixelfed_mail_password }}" }
- { regexp: "^MAIL_ENCRYPTION=", line: "MAIL_ENCRYPTION={{ pixelfed_mail_encryption }}" }
- { regexp: "^MAIL_FROM_ADDRESS=", line: "MAIL_FROM_ADDRESS={{ pixelfed_mail_from_address }}" }
- { regexp: "^ACTIVITY_PUB=", line: "ACTIVITY_PUB=true" }
- { regexp: "^AP_REMOTE_FOLLOW=", line: "AP_REMOTE_FOLLOW=true" }
- { regexp: "^OPEN_REGISTRATION=", line: "OPEN_REGISTRATION=false" }
notify: Clear Pixelfed cache
- command: php artisan {{ item }}
args:
chdir: /usr/share/pixelfed
loop:
- storage:link
- migrate --force
- import:cities
- instance:actor
- route:cache
- view:cache
- horizon:install
- horizon:publish
# https://docs.pixelfed.org/technical-documentation/api-v1.html#authorization
- lineinfile:
path: /usr/share/pixelfed/.env
regexp: "^OAUTH_ENABLED="
line: "OAUTH_ENABLED=true"
# Should probably be a handler - hopefully they're idempotent
- command: php artisan {{ item }}
args:
chdir: /usr/share/pixelfed
loop:
- passport:keys
- config:cache
- route:cache
- view:cache
- passport:client --personal
handlers:
- name: Clear Pixelfed cache
command: php artisan config:cache
args:
chdir: /usr/share/pixelfed
- hosts: pixelfed
tasks:
- copy:
src: pixelfed.service
dest: /etc/systemd/system/pixelfed.service
become: yes
- service:
name: pixelfed
enabled: yes
state: restarted
- cron:
job: /usr/bin/php /usr/share/pixelfed/artisan schedule:run >> /dev/null 2>&1
- template:
src: pixelfed.nginx
dest: /etc/nginx/sites-available/pixelfed.conf
notify: Restart nginx
- file:
src: /etc/nginx/sites-available/pixelfed.conf
dest: /etc/nginx/sites-enabled/pixelfed.conf
state: link
notify: Restart nginx
handlers:
- name: Restart nginx
service:
name: nginx
state: restarted
Reference in new issue View Git Blame Copy Permalink