infrastructure/roles/mastodon/tasks/main.yml

- name: Update default SELinux contexts
  community.general.sefcontext:
    target: "{{ item.target }}"
    setype: "container_file_t"
    selevel: "{{ item.selevel }}"
    state: present
  loop:
    - target: "{{ mastodon_public_location }}(/.*)?"
      selevel: "{{ mastodon_public_selinux_level }}"
    - target: "{{ mastodon_postgres_location }}(/.*)?"
      selevel: "{{ mastodon_postgres_selinux_level }}"
    - target: "{{ mastodon_redis_location }}(/.*)?"
      selevel: "{{ mastodon_redis_selinux_level }}"
    - target: "{{ mastodon_install_location }}/redis.conf"
      selevel: "{{ mastodon_redis_selinux_level }}"
    - target: "{{ mastodon_elasticsearch_location }}(/.*)?"
      selevel: "{{ mastodon_elasticsearch_selinux_level }}"
    - target: "{{ mastodon_install_location }}/default.conf"
      selevel: "{{ mastodon_nginx_selinux_level }}"
  become: true
  notify: "mastodon selinux context changed"

- name: Create mastodon directories.
  ansible.builtin.file:
    path: "{{ mastodon_install_location }}"
    owner: "root"
    group: "root"
    mode: "0700"
    state: directory
  become: true

- name: Ensure mastodon data directories exist.
  block:
    - name: Stat mastodon public dir.
      ansible.builtin.stat:
        path: "{{ mastodon_public_location }}"
      become: true
      register: mastodon_stat_public_dir

    - name: Stat mastodon postgres dir.
      ansible.builtin.stat:
        path: "{{ mastodon_postgres_location }}"
      become: true
      register: mastodon_stat_postgres_dir

    - name: Stat mastodon redis dir.
      ansible.builtin.stat:
        path: "{{ mastodon_redis_location }}"
      become: true
      register: mastodon_stat_redis_dir

    - name: Stat mastodon elasticsearch dir.
      ansible.builtin.stat:
        path: "{{ mastodon_elasticsearch_location }}"
      become: true
      register: mastodon_stat_elasticsearch_dir

    - name: Create mastodon data directories.
      ansible.builtin.file:
        path: "{{ item.path }}"
        state: directory
        mode: "0700"
        owner: "{{ item.owner }}"
        group: "{{ item.group }}"
      loop:
        - path: "{{ mastodon_public_location }}"
          owner: "{{ mastodon_stat_public_dir.stat.uid | default('root') }}"
          group: "{{ mastodon_stat_public_dir.stat.gid | default('root') }}"
        - path: "{{ mastodon_postgres_location }}"
          owner: "{{ mastodon_stat_postgres_dir.stat.uid | default('root') }}"
          group: "{{ mastodon_stat_postgres_dir.stat.gid | default('root') }}"
        - path: "{{ mastodon_redis_location }}"
          owner: "{{ mastodon_stat_redis_dir.stat.uid | default('root') }}"
          group: "{{ mastodon_stat_redis_dir.stat.gid | default('root') }}"
        - path: "{{ mastodon_elasticsearch_location }}"
          owner: "{{ mastodon_stat_elasticsearch_dir.stat.uid | default('root') }}"
          group: "{{ mastodon_stat_elasticsearch_dir.stat.gid | default('root') }}"
      become: true

- name: Adjust sysctl settings for elasticsearch
  ansible.posix.sysctl:
    name: vm.max_map_count
    value: "262144"
    state: present
  become: true

- name: Deploy redis config file.
  ansible.builtin.template:
    src: redis.conf.j2
    dest: "{{ mastodon_install_location }}/redis.conf"
    owner: "{{ mastodon_stat_redis_dir.stat.uid | default('root') }}"
    group: "{{ mastodon_stat_redis_dir.stat.gid | default('root') }}"
    mode: "0600"
  become: true
  notify: "mastodon redis service changed"

- name: Deploy mastodon environment file.
  ansible.builtin.template:
    src: mastodon.env.j2
    dest: "{{ mastodon_install_location }}/mastodon.env"
    mode: "0600"
    owner: "root"
    group: "root"
  become: true
  notify: "mastodon env changed"

- name: Deploy postgres environment file.
  ansible.builtin.template:
    src: mastodon-postgres.env.j2
    dest: "{{ mastodon_install_location }}/mastodon-postgres.env"
    mode: "0600"
    owner: "root"
    group: "root"
  become: true

- name: Deploy elasticsearch environment file.
  ansible.builtin.template:
    src: mastodon-elasticsearch.env.j2
    dest: "{{ mastodon_install_location }}/mastodon-elasticsearch.env"
    mode: "0600"
    owner: "root"
    group: "root"
  become: true

- name: Add caddy config file.
  block:
    - name: Check caddy config dir.
      ansible.builtin.stat:
        path: "{{ caddy_install_dir }}/config"
      become: true
      register: caddy_stat_config_dir

    - name: Template caddy config for mastodon.
      ansible.builtin.template:
        src: mastodon.caddy.j2
        dest: "{{ caddy_install_dir }}/config/mastodon.caddy"
        mode: "0600"
        setype: "container_file_t"
        selevel: "{{ caddy_selinux_level }}"
        owner: "{{ caddy_stat_config_dir.stat.uid }}"
        group: "{{ caddy_stat_config_dir.stat.gid }}"
      notify: "caddy config changed"
      become: true

- name: Ensure mastodon nginx config exists.
  block:
    - name: Stat mastodon nginx config.
      ansible.builtin.stat:
        path: "{{ mastodon_install_location }}/default.conf"
      become: true
      register: mastodon_stat_nginx_config

    - name: Deploy mastodon nginx config.
      ansible.builtin.template:
        src: default.conf.j2
        dest: "{{ mastodon_install_location }}/default.conf"
        mode: "0600"
        owner: "{{ mastodon_stat_nginx_config.stat.uid | default('root') }}"
        group: "{{ mastodon_stat_nginx_config.stat.gid | default('root') }}"
        setype: "container_file_t"
        selevel: "{{ mastodon_nginx_selinux_level }}"
      become: true
      notify: "mastodon nginx service changed"

- name: Create mastodon postgres socket volume.
  ansible.builtin.template:
    src: mastodon-postgres-socket.volume
    dest: /etc/containers/systemd/mastodon-postgres-socket.volume
    owner: "root"
    group: "root"
    mode: "0644"
  become: true
  notify:
    - "mastodon postgres socket changed"

- name: Create mastodon redis socket volume.
  ansible.builtin.template:
    src: mastodon-redis-socket.volume
    dest: /etc/containers/systemd/mastodon-redis-socket.volume
    owner: "root"
    group: "root"
    mode: "0644"
  become: true
  notify:
    - "mastodon redis socket changed"

- name: Create mastodon web container file.
  ansible.builtin.template:
    src: mastodon-web.container.j2
    dest: /etc/containers/systemd/mastodon-web.container
    owner: "root"
    group: "root"
    mode: "0644"
  become: true
  notify: "mastodon web service changed"

- name: Create mastodon streaming container file.
  ansible.builtin.template:
    src: mastodon-streaming.container.j2
    dest: /etc/containers/systemd/mastodon-streaming.container
    owner: "root"
    group: "root"
    mode: "0644"
  become: true
  notify: "mastodon streaming service changed"

- name: Create mastodon sidekiq container file.
  ansible.builtin.template:
    src: mastodon-sidekiq.container.j2
    dest: /etc/containers/systemd/mastodon-sidekiq.container
    owner: "root"
    group: "root"
    mode: "0644"
  become: true
  notify: "mastodon sidekiq service changed"

- name: Create mastodon postgres container file.
  ansible.builtin.template:
    src: mastodon-postgres.container.j2
    dest: /etc/containers/systemd/mastodon-postgres.container
    owner: "root"
    group: "root"
    mode: "0644"
  become: true
  notify: "mastodon postgres service changed"

- name: Create mastodon redis container file.
  ansible.builtin.template:
    src: mastodon-redis.container.j2
    dest: /etc/containers/systemd/mastodon-redis.container
    owner: "root"
    group: "root"
    mode: "0644"
  become: true
  notify: "mastodon redis service changed"

- name: Create mastodon elasticsearch container file.
  ansible.builtin.template:
    src: mastodon-elasticsearch.container.j2
    dest: /etc/containers/systemd/mastodon-elasticsearch.container
    owner: "root"
    group: "root"
    mode: "0644"
  become: true
  notify: "mastodon elasticsearch service changed"

- name: Create mastodon nginx container file.
  ansible.builtin.template:
    src: mastodon-nginx.container.j2
    dest: /etc/containers/systemd/mastodon-nginx.container
    owner: "root"
    group: "root"
    mode: "0644"
  become: true
  notify: "mastodon nginx service changed"

# TODO: Quadlet does not change networks when their definition changes
# We need to find a solution to recreate the network
- name: Create mastodon frontend network definition file.
  ansible.builtin.template:
    src: mastodon-frontend.network.j2
    dest: "/etc/containers/systemd/mastodon-frontend.network"
    owner: "root"
    group: "root"
    mode: "0644"
  become: true

# TODO: Quadlet does not change networks when their definition changes
# We need to find a solution to recreate the network
- name: Create mastodon backend network definition file.
  ansible.builtin.template:
    src: mastodon-backend.network.j2
    dest: "/etc/containers/systemd/mastodon-backend.network"
    owner: "root"
    group: "root"
    mode: "0644"
  become: true

- name: Ensure mastodon services are enabled.
  ansible.builtin.systemd:
    enabled: true
    name: "{{ item }}"
    daemon_reload: true
  loop:
    - mastodon-postgres.service
    - mastodon-redis.service
    - mastodon-elasticsearch.service
    - mastodon-web.service
    - mastodon-streaming.service
    - mastodon-sidekiq.service
    - mastodon-nginx.service
  become: true

- name: Flush handlers
  ansible.builtin.meta: flush_handlers

- name: Ensure mastodon services are started.
  ansible.builtin.systemd:
    state: started
    name: "{{ item }}"
  loop:
    - mastodon-postgres.service
    - mastodon-redis.service
    - mastodon-elasticsearch.service
    - mastodon-web.service
    - mastodon-streaming.service
    - mastodon-sidekiq.service
    - mastodon-nginx.service
  become: true