bundles/pleroma: get it working
All checks were successful
bundlewrap/pipeline/head This commit looks good

This commit is contained in:
Franzi 2021-02-20 19:37:33 +01:00
parent 33fb9fb3f5
commit f8c157ce50
Signed by: kunsi
GPG key ID: 12E3D2136B818350
6 changed files with 90 additions and 10 deletions

View file

@ -40,5 +40,4 @@ config :pleroma, Pleroma.Repo,
database: "pleroma",
hostname: "localhost",
pool_size: 10,
timeout: 60000,
pool_timeout: 60000
timeout: 60000

View file

@ -0,0 +1,23 @@
[Unit]
Description=Pleroma social network
After=network.target
Requires=postgresql.service
[Service]
User=pleroma
WorkingDirectory=/opt/pleroma
Environment="HOME=/opt/pleroma"
Environment="PLEROMA_CONFIG_PATH=/opt/pleroma/pleroma.config.exs"
Environment="PLUG_TMPDIR=/tmp/pleroma"
ExecStart=/opt/pleroma/release/bin/pleroma start
ExecStop=/opt/pleroma/release/bin/pleroma stop
Restart=on-failure
PrivateTmp=true
ProtectHome=true
ProtectSystem=full
NoNewPrivileges=true
CapabilityBoundingSet=~CAP_SYS_ADMIN
[Install]
WantedBy=multi-user.target

View file

@ -31,25 +31,58 @@ actions = {
'pleroma_download_release': {
'command': \
'cd /opt/pleroma/ && '\
f'wget -O/opt/pleroma/pleroma.zip https://git.pleroma.social/api/v4/projects/2/jobs/artifacts/stable/download?job=amd64 && '\
f'wget -O/opt/pleroma/pleroma.zip https://git.pleroma.social/api/v4/projects/2/jobs/artifacts/release/{version}/download?job=amd64 && '\
'rm -rf release && '\
'unzip /opt/pleroma/pleroma.zip',
'unzip /opt/pleroma/pleroma.zip && '\
'chown -R pleroma:pleroma /opt/pleroma/release && '\
f'echo -n "{version}" > /opt/pleroma/.bundlewrap_installed_version',
'unless': f'[ "$(cat /opt/pleroma/.bundlewrap_installed_version)" = "{version}" ]',
'needs': {
'directory:/opt/pleroma',
},
'preceded_by': {
'svc_systemd:pleroma:stop',
},
'triggers': {
'action:pleroma_migrate_database',
'svc_systemd:pleroma:restart',
},
},
'pleroma_create_schema': {
'pleroma_migrate_database': {
'triggered': True,
'command': 'sudo -u pleroma /opt/pleroma/src/rel/files/bin/pleroma_ctl create',
'triggered_by': {
'command': \
'echo "CREATE EXTENSION IF NOT EXISTS citext;" | psql pleroma && '\
'echo "CREATE EXTENSION IF NOT EXISTS pg_trgm;" | psql pleroma && '\
'echo "CREATE EXTENSION IF NOT EXISTS \\\"uuid-ossp\\\";" | psql pleroma && '\
'sudo -u pleroma PLEROMA_CONFIG_PATH=/opt/pleroma/pleroma.config.exs /opt/pleroma/release/bin/pleroma_ctl create',
'needs': {
'postgres_db:pleroma',
},
}.
},
}
files = {
'/etc/systemd/system/pleroma.service': {
'triggers': {
'action:systemd-reload',
'svc_systemd:pleroma:restart',
},
},
'/opt/pleroma/pleroma.config.exs': {
'content_type': 'mako',
'triggers': {
'svc_systemd:pleroma:restart',
},
},
}
svc_systemd = {
'pleroma': {
'needs': {
'action:pleroma_download_release',
'action:pleroma_migrate_database',
'file:/etc/systemd/system/pleroma.service',
'file:/opt/pleroma/pleroma.config.exs',
},
},
}

View file

@ -29,3 +29,27 @@ defaults = {
},
},
}
@metadata_reactor.provides(
'nginx/vhosts/pleroma',
)
def nginx(metadata):
if not node.has_bundle('nginx'):
raise DoNotRunAgain
return {
'nginx': {
'vhosts': {
'pleroma': {
'domain': metadata.get('pleroma/url'),
'proxy': {
'/': {
'target': 'http://127.0.0.1:21000',
'websockets': True,
},
},
},
},
},
}

View file

@ -0,0 +1 @@
client_max_body_size 16m;

View file

@ -25,7 +25,7 @@ nodes['htz-cloud.pleroma'] = {
'nginx': {
'vhosts': {
'pleroma': {
'domain': 'cybert-media.net',
'extras': True,
},
},
},
@ -34,7 +34,7 @@ nodes['htz-cloud.pleroma'] = {
'url': 'cybert-media.net',
'title': 'CYBERt Media',
'description': '',
'secret_key': vault.decrypt('encrypt$gAAAAABgMSibWavxv69eNmzAtQRSeFMtaXdkc1K2fklFMDsBJk2Rcmhak5tAVVqkemtnc96Q-Ad_FrdQM9wyuqUQnUEkIr1zScInJZsbf-QCoD02yX7Gktizmlc0aUjF1HO3rdtX9TeW'),
'secret_key': vault.decrypt('encrypt$gAAAAABgMVXXclfxVY022fM0Fdf94Oh3sxVlK0lYyBO_CsQFEbZcMua3w1oJY8_9d1JcrCJSSeBRTDnt-ZkRCQ6xKoALo8Rl7s9DPxa7J0vHdkggeZ3IHaOyXBcBPdx8vILyKDLHRXacaynOUBOjy6RIl6Qf2wH1ASbphCcjD-Njricg4PG6Rcixm87fF60rLBjAAkRoz5ZQnXlut1rhjLj-z-7UpA68fkeyPVJXbroWBJdmvCUt92dwjuGARsku2XI22mVvjtJJ'),
},
'vm': {
'cpu': 1,