sophies-stuff #36

Merged
sophie merged 43 commits from sophies-stuff into main 2021-03-13 12:43:44 +00:00
6 changed files with 90 additions and 10 deletions
Showing only changes of commit f8c157ce50 - Show all commits

View file

@ -40,5 +40,4 @@ config :pleroma, Pleroma.Repo,
database: "pleroma", database: "pleroma",
hostname: "localhost", hostname: "localhost",
pool_size: 10, pool_size: 10,
timeout: 60000, timeout: 60000
pool_timeout: 60000

View file

@ -0,0 +1,23 @@
[Unit]
Description=Pleroma social network
After=network.target
Requires=postgresql.service
[Service]
User=pleroma
WorkingDirectory=/opt/pleroma
Environment="HOME=/opt/pleroma"
Environment="PLEROMA_CONFIG_PATH=/opt/pleroma/pleroma.config.exs"
Environment="PLUG_TMPDIR=/tmp/pleroma"
ExecStart=/opt/pleroma/release/bin/pleroma start
ExecStop=/opt/pleroma/release/bin/pleroma stop
Restart=on-failure
PrivateTmp=true
ProtectHome=true
ProtectSystem=full
NoNewPrivileges=true
CapabilityBoundingSet=~CAP_SYS_ADMIN
[Install]
WantedBy=multi-user.target

View file

@ -31,25 +31,58 @@ actions = {
'pleroma_download_release': { 'pleroma_download_release': {
'command': \ 'command': \
'cd /opt/pleroma/ && '\ 'cd /opt/pleroma/ && '\
f'wget -O/opt/pleroma/pleroma.zip https://git.pleroma.social/api/v4/projects/2/jobs/artifacts/stable/download?job=amd64 && '\ f'wget -O/opt/pleroma/pleroma.zip https://git.pleroma.social/api/v4/projects/2/jobs/artifacts/release/{version}/download?job=amd64 && '\
'rm -rf release && '\ 'rm -rf release && '\
'unzip /opt/pleroma/pleroma.zip', 'unzip /opt/pleroma/pleroma.zip && '\
'chown -R pleroma:pleroma /opt/pleroma/release && '\
f'echo -n "{version}" > /opt/pleroma/.bundlewrap_installed_version',
'unless': f'[ "$(cat /opt/pleroma/.bundlewrap_installed_version)" = "{version}" ]', 'unless': f'[ "$(cat /opt/pleroma/.bundlewrap_installed_version)" = "{version}" ]',
'needs': { 'needs': {
'directory:/opt/pleroma', 'directory:/opt/pleroma',
}, },
'preceded_by': {
'svc_systemd:pleroma:stop',
},
'triggers': {
'action:pleroma_migrate_database',
'svc_systemd:pleroma:restart',
},
}, },
'pleroma_create_schema': { 'pleroma_migrate_database': {
'triggered': True, 'triggered': True,
'command': 'sudo -u pleroma /opt/pleroma/src/rel/files/bin/pleroma_ctl create', 'command': \
'triggered_by': { 'echo "CREATE EXTENSION IF NOT EXISTS citext;" | psql pleroma && '\
'echo "CREATE EXTENSION IF NOT EXISTS pg_trgm;" | psql pleroma && '\
'echo "CREATE EXTENSION IF NOT EXISTS \\\"uuid-ossp\\\";" | psql pleroma && '\
'sudo -u pleroma PLEROMA_CONFIG_PATH=/opt/pleroma/pleroma.config.exs /opt/pleroma/release/bin/pleroma_ctl create',
'needs': {
'postgres_db:pleroma', 'postgres_db:pleroma',
}, },
}. },
} }
files = { files = {
'/etc/systemd/system/pleroma.service': {
'triggers': {
'action:systemd-reload',
'svc_systemd:pleroma:restart',
},
},
'/opt/pleroma/pleroma.config.exs': { '/opt/pleroma/pleroma.config.exs': {
'content_type': 'mako', 'content_type': 'mako',
'triggers': {
'svc_systemd:pleroma:restart',
},
},
}
svc_systemd = {
'pleroma': {
'needs': {
'action:pleroma_download_release',
'action:pleroma_migrate_database',
'file:/etc/systemd/system/pleroma.service',
'file:/opt/pleroma/pleroma.config.exs',
},
}, },
} }

View file

@ -29,3 +29,27 @@ defaults = {
}, },
}, },
} }
@metadata_reactor.provides(
'nginx/vhosts/pleroma',
)
def nginx(metadata):
if not node.has_bundle('nginx'):
raise DoNotRunAgain
return {
'nginx': {
'vhosts': {
'pleroma': {
'domain': metadata.get('pleroma/url'),
'proxy': {
'/': {
'target': 'http://127.0.0.1:21000',
'websockets': True,
},
},
},
},
},
}

View file

@ -0,0 +1 @@
client_max_body_size 16m;

View file

@ -25,7 +25,7 @@ nodes['htz-cloud.pleroma'] = {
'nginx': { 'nginx': {
'vhosts': { 'vhosts': {
'pleroma': { 'pleroma': {
'domain': 'cybert-media.net', 'extras': True,
}, },
}, },
}, },
@ -34,7 +34,7 @@ nodes['htz-cloud.pleroma'] = {
'url': 'cybert-media.net', 'url': 'cybert-media.net',
'title': 'CYBERt Media', 'title': 'CYBERt Media',
'description': '', 'description': '',
'secret_key': vault.decrypt('encrypt$gAAAAABgMSibWavxv69eNmzAtQRSeFMtaXdkc1K2fklFMDsBJk2Rcmhak5tAVVqkemtnc96Q-Ad_FrdQM9wyuqUQnUEkIr1zScInJZsbf-QCoD02yX7Gktizmlc0aUjF1HO3rdtX9TeW'), 'secret_key': vault.decrypt('encrypt$gAAAAABgMVXXclfxVY022fM0Fdf94Oh3sxVlK0lYyBO_CsQFEbZcMua3w1oJY8_9d1JcrCJSSeBRTDnt-ZkRCQ6xKoALo8Rl7s9DPxa7J0vHdkggeZ3IHaOyXBcBPdx8vILyKDLHRXacaynOUBOjy6RIl6Qf2wH1ASbphCcjD-Njricg4PG6Rcixm87fF60rLBjAAkRoz5ZQnXlut1rhjLj-z-7UpA68fkeyPVJXbroWBJdmvCUt92dwjuGARsku2XI22mVvjtJJ'),
}, },
'vm': { 'vm': {
'cpu': 1, 'cpu': 1,