--- # Tasks file for the mastodon role # Infrastructure # Ansible instructions to deploy the infrastructure # Copyright (C) 2019-2020 Christoph (Sheogorath) Kern # Copyright (C) 2020 Alexander Wellbrock # Copyright (C) 2020 Saibotk # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, version 3 of the License. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see . - name: Update default SELinux contexts community.general.sefcontext: target: "{{ item }}(/.*)?" setype: "container_file_t" state: present with_items: - "{{ mastodon_database_location }}" - "{{ mastodon_public_location }}" - "{{ mastodon_redis_location }}" - "{{ mastodon_elastic_location }}" - "{{ mastodon_nginx_location }}" become: true - name: Create install directory ansible.builtin.file: path: "{{ item }}" state: directory mode: "0700" owner: "root" group: "root" with_items: - "{{ mastodon_install_location }}" become: true - name: Create data directories ansible.builtin.file: # noqa risky-file-permissions # Container manages permissions on its own path: "{{ item }}" state: directory setype: "container_file_t" with_items: - "{{ mastodon_database_location }}" - "{{ mastodon_public_location }}" - "{{ mastodon_redis_location }}" - "{{ mastodon_elastic_location }}" - "{{ mastodon_nginx_location }}" become: true - name: Adjust elasticsearch directory permissions ansible.builtin.file: path: "{{ mastodon_elastic_location }}" state: directory setype: "container_file_t" mode: "0750" owner: 1000 group: "root" become: true - name: Adjust sysctl settings for elasticsearch ansible.posix.sysctl: name: vm.max_map_count value: "262144" state: present when: - mastodon_config.enable_elasticsearch is defined and mastodon_config.enable_elasticsearch - mastodon_elasticsearch_adjust_sysctl become: true - name: Create public data directory ansible.builtin.file: path: "{{ mastodon_public_location }}/system" mode: "0755" owner: "991" group: "991" state: directory setype: "container_file_t" become: true - name: Deploy nginx proxy config file ansible.builtin.template: src: "default.conf" dest: "{{ mastodon_nginx_location }}/default.conf" mode: "0600" owner: "root" group: "root" become: true - name: Check if migration is needed ansible.builtin.command: "grep -q 'mastodon/mastodon:{{ mastodon_image_version }}' '{{ mastodon_install_location }}/docker-compose.yml'" register: mastodon_version_fact ignore_errors: true changed_when: mastodon_version_fact.rc > 0 failed_when: false become: true notify: ["Pull mastodon image", "Stop mastodon for upgrade"] - name: Immediately run / flush Ansible handlers ansible.builtin.meta: "flush_handlers" - name: Deploy config ansible.builtin.template: src: ".env.production" dest: "{{ mastodon_install_location }}/.env.production" mode: "0600" owner: "root" group: "root" tags: - mastodon become: true - name: Deploy docker-compose.yml ansible.builtin.template: src: "docker-compose.yml" dest: "{{ mastodon_install_location }}/docker-compose.yml" mode: "0600" owner: "root" group: "root" validate: docker compose -f %s config -q tags: - mastodon become: true - name: Migrate database ansible.builtin.command: "docker-compose run --rm web rails db:migrate" args: chdir: "{{ mastodon_install_location }}" when: # noqa no-handler - mastodon_version_fact is changed tags: - docker - mastodon become: true changed_when: true environment: PYTHONPATH: "" - name: Clear cache ansible.builtin.command: docker-compose run --rm web bin/tootctl cache clear args: chdir: "{{ mastodon_install_location }}" when: # noqa no-handler - mastodon_version_fact is changed tags: - docker - mastodon become: true changed_when: true environment: PYTHONPATH: "" - name: Compose mastodon community.docker.docker_compose_v2: state: present project_src: "{{ mastodon_install_location }}" pull: always remove_orphans: true tags: - docker - mastodon become: true