From 1f3e7afb2c2cb7c50843cecc846ea4477b518bba Mon Sep 17 00:00:00 2001 From: Franziska Kunsmann Date: Sat, 20 Feb 2021 16:53:35 +0100 Subject: [PATCH] bundles/pleroma: initial NON-WORKING version --- .editorconfig | 3 ++ PORT_MAP.md | 6 +-- bundles/pleroma/files/pleroma.config.exs | 44 +++++++++++++++++++ bundles/pleroma/items.py | 55 ++++++++++++++++++++++++ bundles/pleroma/metadata.py | 31 +++++++++++++ 5 files changed, 134 insertions(+), 5 deletions(-) create mode 100644 bundles/pleroma/files/pleroma.config.exs create mode 100644 bundles/pleroma/items.py create mode 100644 bundles/pleroma/metadata.py diff --git a/.editorconfig b/.editorconfig index 2b2153d..e09c9dd 100644 --- a/.editorconfig +++ b/.editorconfig @@ -11,6 +11,9 @@ insert_final_newline = true [*.yaml] indent_size = 2 +[*.exs] +indent_size = 2 + # possibly sql dumps [*.sql] indent_size = unset diff --git a/PORT_MAP.md b/PORT_MAP.md index 1111ee5..fe5117b 100644 --- a/PORT_MAP.md +++ b/PORT_MAP.md @@ -6,11 +6,6 @@ easily find available ports for other bundles. ## TCP Rule of thumb: keep ports below 10000 free for stuff that reserves ports. -| Port range | reserved for | -| ----------- | ------------ | -| 200.. | Matrix | -| 220.. | Generic Web services | - | Port | bundle | usage | | ----------- | -------------------- | ----- | | 22 | | sshd | @@ -38,6 +33,7 @@ Rule of thumb: keep ports below 10000 free for stuff that reserves ports. | 20080 | matrix-synapse | client, federation | | 20081 | matrix-synapse | prometheus metrics | | 20090 | matrix-media-repo | media_repo | +| 21000 | pleroma | pleroma | | 22000 | gitea | gitea | | 22010 | jenkins-ci | Jenkins CI | | 22020 | travelynx | Travelynx Web | diff --git a/bundles/pleroma/files/pleroma.config.exs b/bundles/pleroma/files/pleroma.config.exs new file mode 100644 index 0000000..27564a8 --- /dev/null +++ b/bundles/pleroma/files/pleroma.config.exs @@ -0,0 +1,44 @@ +import Config + +config :pleroma, Pleroma.Web.Endpoint, + url: [host: "${node.metadata['pleroma']['url']}", scheme: "https", port: 443], + http: [port: 21000, ip: {127, 0, 0, 1}], + secret_key_base: "${node.metadata['pleroma']['secret_key']}", + secure_cookie_flag: true + +config :pleroma, :http_security, + enabled: false, + sts: true, + referrer_policy: "same-origin" + +config :pleroma, :instance, + name: "${node.metadata['pleroma']['title']}", + description: "${node.metadata['pleroma']['description']}", + email: "${node.metadata['pleroma']['admin_email']}", + limit: ${node.metadata['pleroma'].get('limit_chars', 500)}, + registrations_open: ${str(node.metadata['pleroma'].get('signup_enabled', False)).lower()}, + invites_enabled: ${str(node.metadata['pleroma'].get('invite_enabled', True)).lower()}, + static_dir: "/var/pleroma/static/" + +config :pleroma, Pleroma.Upload, + uploader: Pleroma.Uploaders.Local, + filters: [Pleroma.Upload.Filter.Dedupe] + +config :pleroma, Pleroma.Uploaders.Local, + uploads: "/var/pleroma/uploads/" + +config :pleroma, :media_proxy, + enabled: false, + redirect_on_failure: true + #base_url: "https://cache.pleroma.social" + +# Configure your database +config :pleroma, Pleroma.Repo, + adapter: Ecto.Adapters.Postgres, + username: "pleroma", + password: "${node.metadata['postgresql']['roles']['pleroma']['password']}", + database: "pleroma", + hostname: "localhost", + pool_size: 10, + timeout: 60000, + pool_timeout: 60000 diff --git a/bundles/pleroma/items.py b/bundles/pleroma/items.py new file mode 100644 index 0000000..dac7c34 --- /dev/null +++ b/bundles/pleroma/items.py @@ -0,0 +1,55 @@ +version = node.metadata['pleroma']['version'] + +users = { + 'pleroma': { + 'home': '/opt/pleroma', + }, +} + +directories = { + '/opt/pleroma': {}, + '/var/pleroma': { + 'owner': 'pleroma', + }, + '/var/pleroma/uploads': { + 'owner': 'pleroma', + }, + '/var/pleroma/static': { + 'owner': 'pleroma', + }, + '/var/pleroma/static/emoji': { + 'owner': 'pleroma', + }, +} + +if node.has_bundle('zfs'): + directories['/var/pleroma']['needs'] = { + 'zfs_dataset:tank/pleroma-data', + } + +actions = { + 'pleroma_download_release': { + 'command': \ + 'cd /opt/pleroma/ && '\ + f'wget -O/opt/pleroma/pleroma.zip https://git.pleroma.social/api/v4/projects/2/jobs/artifacts/stable/download?job=amd64 && '\ + 'rm -rf release && '\ + 'unzip /opt/pleroma/pleroma.zip', + 'unless': f'[ "$(cat /opt/pleroma/.bundlewrap_installed_version)" = "{version}" ]', + 'needs': { + 'directory:/opt/pleroma', + }, + }, + 'pleroma_create_schema': { + 'triggered': True, + 'command': 'sudo -u pleroma /opt/pleroma/src/rel/files/bin/pleroma_ctl create', + 'triggered_by': { + 'postgres_db:pleroma', + }, + }. +} + +files = { + '/opt/pleroma/pleroma.config.exs': { + 'content_type': 'mako', + }, +} diff --git a/bundles/pleroma/metadata.py b/bundles/pleroma/metadata.py new file mode 100644 index 0000000..d60250f --- /dev/null +++ b/bundles/pleroma/metadata.py @@ -0,0 +1,31 @@ +defaults = { + 'apt': { + 'packages': { + 'imagemagick': {}, + 'ffmpeg': {}, + 'libimage-exiftool-perl': {}, + }, + }, + 'zfs': { + 'datasets': { + 'tank/pleroma-data': { + 'mountpoint': '/var/pleroma', + }, + }, + }, + 'pleroma': { + 'admin_email': 'pleroma@{}'.format(node.hostname), + }, + 'postgresql': { + 'roles': { + 'pleroma': { + 'password': repo.vault.password_for(f'{node.name} postgresql pleroma'), + }, + }, + 'databases': { + 'pleroma': { + 'owner': 'pleroma', + }, + }, + }, +}