ansible-role-mastodon/tasks/docker/docker.yml

---
- name: Ensure docker configuration folder exists
  file:
    path: /etc/docker/
    state: directory

- name: Configure docker daemon
  copy:
    dest: /etc/docker/daemon.json
    content: "{{ docker_daemon_settings|to_json(indent=4, sort_keys=True) }}"
    backup: true

- name: Configure docker service and reload it
  systemd:
    name: docker
    state: reloaded
    enabled: true
    masked: false

# - name: Create Mastodon folder
#   file:
#     path: "{{ mastodon_composer_folder }}"
#     state: directory

- name: Clon Mastodon repo
  git:
    repo: "{{ mastodon_repo }}"
    dest: "{{ mastodon_composer_folder }}"
    force: true
    update: true
    reference: "{{ mastodon_version }}"

- name: Create docker-compose.yaml file
  template:
    src: templates/docker-compose.yml.j2
    dest: "{{ mastodon_composer_folder }}/docker-compose.override.yml"
    backup: true

- name: Ensure mastodon environment configuration is present
  template:
    src: templates/env.j2
    dest: "{{ mastodon_composer_folder }}/.env.production"
    mode: 0600
    backup: true

- name: Generate secret key
  shell: docker-compose run --rm web bundle exec rake secret
  args:
    chdir: "{{ mastodon_composer_folder }}"
  register: secret_key_cmd
  when: mastodon_secret_key_base == ''

- name: Set mastodon_secret_key_base
  set_fact:
    mastodon_secret_key_base: "{{ secret_key_cmd.stdout }}"
  when: mastodon_secret_key_base == ''

- name: Add secret key to Mastodon config
  lineinfile:
    path: "{{ mastodon_composer_folder }}/.env.production"
    line: "SECRET_KEY_BASE={{ mastodon_secret_key_base }}"
    regexp: "^SECRET_KEY_BASE="
    backup: true
    mode: 0600

- name: Generate OTP secret key
  shell: docker-compose run --rm web bundle exec rake secret
  args:
    chdir: "{{ mastodon_composer_folder }}"
  register: otp_key_cmd
  when: mastodon_otp_secret == ''

- name: Set mastodon_otp_secret
  set_fact:
    mastodon_otp_secret: "{{ otp_key_cmd.stdout }}"
  when: mastodon_otp_secret == ''

- name: Add OTP key to Mastodon config
  lineinfile:
    path: "{{ mastodon_composer_folder }}/.env.production"
    line: "OTP_SECRET={{ mastodon_otp_secret }}"
    regexp: "^OTP_SECRET="
    backup: true
    mode: 0600

- name: Generate Paperclip secret key
  shell: docker-compose run --rm web bundle exec rake secret
  args:
    chdir: "{{ mastodon_composer_folder }}"
  register: paperclip_key_cmd
  when: mastodon_paperclip_secret == ''

- name: Set mastodon_paperclip_secret
  set_fact:
    mastodon_paperclip_secret: "{{ otppaperclip_key_cmd_key_cmd.stdout }}"
  when: mastodon_paperclip_secret == ''

- name: Add Paperclip key to Mastodon config
  lineinfile:
    path: "{{ mastodon_composer_folder }}/.env.production"
    line: "PAPERCLIP_SECRET={{ mastodon_paperclip_secret }}"
    regexp: "^PAPERCLIP_SECRET="
    backup: true
    mode: 0600

- name: Generate VAPID keypair
  shell: 'docker-compose run --rm web bundle exec rake mastodon:webpush:generate_vapid_key'
  args:
    chdir: "{{ mastodon_composer_folder }}"
  register: vapid_key_cmd
  when: vapid_public_key == ''

- name: Set vapid_public_key
  set_fact:
    vapid_public_key: "{{ vapid_key_cmd.stdout_lines[1] }}"
  when: vapid_public_key == ''

- name: Set vapid_private_key
  set_fact:
    vapid_private_key: "{{ vapid_key_cmd.stdout_lines[0] }}"
  when: vapid_private_key == ''

- name: Add Paperclip private key to Mastodon config
  lineinfile:
    path: "{{ mastodon_composer_folder }}/.env.production"
    line: "{{ vapid_private_key }}"
    regexp: "^VAPID_PRIVATE_KEY="
    mode: 0600
    backup: true

- name: Add Paperclip public key to Mastodon config
  lineinfile:
    path: "{{ mastodon_composer_folder }}/.env.production"
    line: "{{ vapid_public_key }}"
    regexp: "^VAPID_PUBLIC_KEY="
    mode: 0600
    backup: true

- name: Build Mastodon container to include secrets
  community.docker.docker_compose:
    project_name: mastodon
    project_src: "{{ mastodon_composer_folder }}/"
    state: present
    stopped: true
    build: true

- name: Start Redis container
  docker_container:
    name: mastodon_redis_1
    state: started

- name: Start ElasticSearch container
  docker_container:
    name: mastodon_es_1
    state: started

- name: Start database container
  docker_container:
    name: mastodon_db_1
    state: started

# CREATE USER mastodon CREATEDB;
- name: Set up database
  shell: "docker-compose run --rm web bundle exec rake db:setup && echo 'Database ready' > /var/lib/mastodon_db_setup"
  args:
    creates: /var/lib/mastodon_db_setup
    chdir: "{{ mastodon_composer_folder }}"
  when: mastodon_initial_setup

- name: Migrate database
  shell: "docker-compose run --rm web bundle exec rake db:migrate && echo 'Database migrated' > /var/lib/mastodon_db_migrated"
  args:
    creates: /var/lib/mastodon_db_migrated
    chdir: "{{ mastodon_composer_folder }}"
  when: not mastodon_initial_setup

- name: Build Mastodon container to include secrets
  community.docker.docker_compose:
    project_name: mastodon
    project_src: "{{ mastodon_composer_folder }}/"
    state: present
    stopped: false
    build: true

- name: Create initial user
  shell: "docker-compose run --rm web bin/tootctl accounts create '{{ mastodon_owner }}' --email '{{ mastodon_owner_email }}' --confirmed --role Owner && echo 'Owner account created' > /var/lib/mastodon_owner_created"
  args:
    creates: /var/lib/mastodon_owner_created
    chdir: "{{ mastodon_composer_folder }}"
  register: owner_result
  when: mastodon_initial_setup

- name: Show owner password
  debug:
    var: owner_result
  when: mastodon_initial_setup

- name: Deploy Mastodon systemd service unit
  template:
    src: templates/mastodon.service.j2
    dest: /etc/systemd/system/mastodon.service
    backup: true

- name: Deploy Mastodon Media Remove systemd service unit
  template:
    src: templates/mastodon-media-remove.service.j2
    dest: /etc/systemd/system/mastodon-media-remove.service
    backup: true

- name: Deploy Mastodon Media Remove systemd timer unit
  template:
    src: templates/mastodon-media-remove.timer.j2
    dest: /etc/systemd/system/mastodon-media-remove.timer
    backup: true

- name: Deploy Mastodon Preview Cards Remove systemd service unit
  template:
    src: templates/mastodon-preview_cards-remove.service.j2
    dest: /etc/systemd/system/mastodon-preview_cards-remove.service
    backup: true

- name: Deploy Mastodon Preview Cards Remove systemd timer unit
  template:
    src: templates/mastodon-preview_cards-remove.timer.j2
    dest: /etc/systemd/system/mastodon-preview_cards-remove.timer
    backup: true

- name: Deploy Mastodon Search Deploy systemd service unit
  template:
    src: templates/mastodon-search-deploy.service.j2
    dest: /etc/systemd/system/mastodon-search-deploy.service
    backup: true

- name: Deploy Mastodon Search Deploy systemd timer unit
  template:
    src: templates/mastodon-search-deploy.timer.j2
    dest: /etc/systemd/system/mastodon-search-deploy.timer
    backup: true

- name: Enable Mastodon Media Remove systemd timer unit
  systemd:
    name: mastodon-media-remove.timer
    state: started
    enabled: true
    daemon_reload: true

- name: Enable Mastodon systemd timer units
  systemd:
    name: "{{ item }}"
    state: started
    enabled: true
  loop:
    - mastodon-preview_cards-remove.timer
    - mastodon-search-deploy.timer
unify containers 2022-11-19 16:31:16 +01:00			`---`
add docker config folder 2023-02-07 22:05:23 +01:00			`- name: Ensure docker configuration folder exists`
			`file:`
			`path: /etc/docker/`
			`state: directory`

Add systemd units 2022-11-20 19:55:08 +01:00			`- name: Configure docker daemon`
			`copy:`
			`dest: /etc/docker/daemon.json`
			`content: "{{ docker_daemon_settings\|to_json(indent=4, sort_keys=True) }}"`
Add backup of files 2023-07-07 08:27:16 +02:00			`backup: true`
Add systemd units 2022-11-20 19:55:08 +01:00
			`- name: Configure docker service and reload it`
			`systemd:`
			`name: docker`
			`state: reloaded`
			`enabled: true`
			`masked: false`

Include mastodon repo 2023-07-08 12:50:01 +02:00			`# - name: Create Mastodon folder`
			`# file:`
			`# path: "{{ mastodon_composer_folder }}"`
			`# state: directory`

			`- name: Clon Mastodon repo`
			`git:`
Use URI for repo 2023-07-09 16:36:53 +02:00			`repo: "{{ mastodon_repo }}"`
Include mastodon repo 2023-07-08 12:50:01 +02:00			`dest: "{{ mastodon_composer_folder }}"`
			`force: true`
			`update: true`
Use mastodon version for docker 2023-07-31 07:32:22 +02:00			`reference: "{{ mastodon_version }}"`
use alternate setup 2022-11-19 21:55:50 +01:00
Use my docker-compose file with latest 2022-11-19 17:24:45 +01:00			`- name: Create docker-compose.yaml file`
custom ports 2022-11-19 19:54:26 +01:00			`template:`
			`src: templates/docker-compose.yml.j2`
Use docker-compose override 2023-07-30 15:27:15 +02:00			`dest: "{{ mastodon_composer_folder }}/docker-compose.override.yml"`
Add backup of files 2023-07-07 08:27:16 +02:00			`backup: true`
unify containers 2022-11-19 16:31:16 +01:00
Unify environmental variables 2022-11-24 08:53:59 +01:00			`- name: Ensure mastodon environment configuration is present`
Add mastodon configuration file 2022-11-19 16:47:52 +01:00			`template:`
Unify environmental variables 2022-11-24 08:53:59 +01:00			`src: templates/env.j2`
use upstream name for env 2023-07-08 19:43:58 +02:00			`dest: "{{ mastodon_composer_folder }}/.env.production"`
use alternate setup 2022-11-19 21:55:50 +01:00			`mode: 0600`
Add backup of files 2023-07-07 08:27:16 +02:00			`backup: true`
add more stops 2022-11-19 19:41:40 +01:00
Handle secrets 2022-11-19 19:06:51 +01:00			`- name: Generate secret key`
			`shell: docker-compose run --rm web bundle exec rake secret`
fix shells 2022-11-19 19:16:26 +01:00			`args:`
			`chdir: "{{ mastodon_composer_folder }}"`
Handle secrets 2022-11-19 19:06:51 +01:00			`register: secret_key_cmd`
			`when: mastodon_secret_key_base == ''`

fix existing secrets 2022-11-19 19:23:42 +01:00			`- name: Set mastodon_secret_key_base`
			`set_fact:`
			`mastodon_secret_key_base: "{{ secret_key_cmd.stdout }}"`
			`when: mastodon_secret_key_base == ''`

Handle secrets 2022-11-19 19:06:51 +01:00			`- name: Add secret key to Mastodon config`
			`lineinfile:`
use upstream name for env 2023-07-08 19:43:58 +02:00			`path: "{{ mastodon_composer_folder }}/.env.production"`
fix existing secrets 2022-11-19 19:23:42 +01:00			`line: "SECRET_KEY_BASE={{ mastodon_secret_key_base }}"`
Handle secrets 2022-11-19 19:06:51 +01:00			`regexp: "^SECRET_KEY_BASE="`
Add backup of files 2023-07-07 08:27:16 +02:00			`backup: true`
use alternate setup 2022-11-19 21:55:50 +01:00			`mode: 0600`
Handle secrets 2022-11-19 19:06:51 +01:00
			`- name: Generate OTP secret key`
			`shell: docker-compose run --rm web bundle exec rake secret`
fix shells 2022-11-19 19:16:26 +01:00			`args:`
			`chdir: "{{ mastodon_composer_folder }}"`
Handle secrets 2022-11-19 19:06:51 +01:00			`register: otp_key_cmd`
			`when: mastodon_otp_secret == ''`

fix existing secrets 2022-11-19 19:23:42 +01:00			`- name: Set mastodon_otp_secret`
			`set_fact:`
			`mastodon_otp_secret: "{{ otp_key_cmd.stdout }}"`
			`when: mastodon_otp_secret == ''`

Handle secrets 2022-11-19 19:06:51 +01:00			`- name: Add OTP key to Mastodon config`
			`lineinfile:`
use upstream name for env 2023-07-08 19:43:58 +02:00			`path: "{{ mastodon_composer_folder }}/.env.production"`
fix existing secrets 2022-11-19 19:23:42 +01:00			`line: "OTP_SECRET={{ mastodon_otp_secret }}"`
Handle secrets 2022-11-19 19:06:51 +01:00			`regexp: "^OTP_SECRET="`
Add backup of files 2023-07-07 08:27:16 +02:00			`backup: true`
use alternate setup 2022-11-19 21:55:50 +01:00			`mode: 0600`
Handle secrets 2022-11-19 19:06:51 +01:00
			`- name: Generate Paperclip secret key`
			`shell: docker-compose run --rm web bundle exec rake secret`
fix shells 2022-11-19 19:16:26 +01:00			`args:`
			`chdir: "{{ mastodon_composer_folder }}"`
Handle secrets 2022-11-19 19:06:51 +01:00			`register: paperclip_key_cmd`
			`when: mastodon_paperclip_secret == ''`

fix existing secrets 2022-11-19 19:23:42 +01:00			`- name: Set mastodon_paperclip_secret`
			`set_fact:`
			`mastodon_paperclip_secret: "{{ otppaperclip_key_cmd_key_cmd.stdout }}"`
			`when: mastodon_paperclip_secret == ''`

Handle secrets 2022-11-19 19:06:51 +01:00			`- name: Add Paperclip key to Mastodon config`
			`lineinfile:`
use upstream name for env 2023-07-08 19:43:58 +02:00			`path: "{{ mastodon_composer_folder }}/.env.production"`
fix existing secrets 2022-11-19 19:23:42 +01:00			`line: "PAPERCLIP_SECRET={{ mastodon_paperclip_secret }}"`
Handle secrets 2022-11-19 19:06:51 +01:00			`regexp: "^PAPERCLIP_SECRET="`
Add backup of files 2023-07-07 08:27:16 +02:00			`backup: true`
use alternate setup 2022-11-19 21:55:50 +01:00			`mode: 0600`
Handle secrets 2022-11-19 19:06:51 +01:00
			`- name: Generate VAPID keypair`
fix shells 2022-11-19 19:16:26 +01:00			`shell: 'docker-compose run --rm web bundle exec rake mastodon:webpush:generate_vapid_key'`
			`args:`
			`chdir: "{{ mastodon_composer_folder }}"`
Handle secrets 2022-11-19 19:06:51 +01:00			`register: vapid_key_cmd`
			`when: vapid_public_key == ''`

fix existing secrets 2022-11-19 19:23:42 +01:00			`- name: Set vapid_public_key`
			`set_fact:`
			`vapid_public_key: "{{ vapid_key_cmd.stdout_lines[1] }}"`
			`when: vapid_public_key == ''`

			`- name: Set vapid_private_key`
			`set_fact:`
			`vapid_private_key: "{{ vapid_key_cmd.stdout_lines[0] }}"`
			`when: vapid_private_key == ''`

Handle secrets 2022-11-19 19:06:51 +01:00			`- name: Add Paperclip private key to Mastodon config`
			`lineinfile:`
use upstream name for env 2023-07-08 19:43:58 +02:00			`path: "{{ mastodon_composer_folder }}/.env.production"`
fix existing secrets 2022-11-19 19:23:42 +01:00			`line: "{{ vapid_private_key }}"`
Handle secrets 2022-11-19 19:06:51 +01:00			`regexp: "^VAPID_PRIVATE_KEY="`
use alternate setup 2022-11-19 21:55:50 +01:00			`mode: 0600`
Add backup of files 2023-07-07 08:27:16 +02:00			`backup: true`
Handle secrets 2022-11-19 19:06:51 +01:00
			`- name: Add Paperclip public key to Mastodon config`
			`lineinfile:`
use upstream name for env 2023-07-08 19:43:58 +02:00			`path: "{{ mastodon_composer_folder }}/.env.production"`
fix existing secrets 2022-11-19 19:23:42 +01:00			`line: "{{ vapid_public_key }}"`
Handle secrets 2022-11-19 19:06:51 +01:00			`regexp: "^VAPID_PUBLIC_KEY="`
use alternate setup 2022-11-19 21:55:50 +01:00			`mode: 0600`
Add backup of files 2023-07-07 08:27:16 +02:00			`backup: true`
add working dir 2022-11-19 19:14:41 +01:00
use alternate setup 2022-11-19 21:55:50 +01:00			`- name: Build Mastodon container to include secrets`
add re-build 2022-11-19 19:20:35 +01:00			`community.docker.docker_compose:`
Build for real 2022-11-19 19:28:29 +01:00			`project_name: mastodon`
			`project_src: "{{ mastodon_composer_folder }}/"`
			`state: present`
alternative to stop 2022-11-19 19:38:23 +01:00			`stopped: true`
Build for real 2022-11-19 19:28:29 +01:00			`build: true`
add re-build 2022-11-19 19:20:35 +01:00
Add ES container to start while setting up 2023-07-09 16:53:51 +02:00			`- name: Start Redis container`
add more stops 2022-11-19 19:41:40 +01:00			`docker_container:`
			`name: mastodon_redis_1`
use alternate setup 2022-11-19 21:55:50 +01:00			`state: started`
add more stops 2022-11-19 19:41:40 +01:00
Add ES container to start while setting up 2023-07-09 16:53:51 +02:00			`- name: Start ElasticSearch container`
			`docker_container:`
			`name: mastodon_es_1`
			`state: started`

			`- name: Start database container`
rename cotnainers 2022-11-19 22:08:12 +01:00			`docker_container:`
fix db container name 2023-07-09 11:17:27 +02:00			`name: mastodon_db_1`
use alternate setup 2022-11-19 21:55:50 +01:00			`state: started`
add more stops 2022-11-19 19:41:40 +01:00
update database 2022-11-19 22:25:33 +01:00			`# CREATE USER mastodon CREATEDB;`
add working dir 2022-11-19 19:14:41 +01:00			`- name: Set up database`
Use docker-compose override 2023-07-30 15:27:15 +02:00			`shell: "docker-compose run --rm web bundle exec rake db:setup && echo 'Database ready' > /var/lib/mastodon_db_setup"`
add working dir 2022-11-19 19:14:41 +01:00			`args:`
fix shells 2022-11-19 19:16:26 +01:00			`creates: /var/lib/mastodon_db_setup`
			`chdir: "{{ mastodon_composer_folder }}"`
use alternate setup 2022-11-19 21:55:50 +01:00			`when: mastodon_initial_setup`

			`- name: Migrate database`
Use docker-compose override 2023-07-30 15:27:15 +02:00			`shell: "docker-compose run --rm web bundle exec rake db:migrate && echo 'Database migrated' > /var/lib/mastodon_db_migrated"`
use alternate setup 2022-11-19 21:55:50 +01:00			`args:`
			`creates: /var/lib/mastodon_db_migrated`
			`chdir: "{{ mastodon_composer_folder }}"`
			`when: not mastodon_initial_setup`

unmanage containers 2022-11-19 22:05:18 +01:00			`- name: Build Mastodon container to include secrets`
			`community.docker.docker_compose:`
			`project_name: mastodon`
			`project_src: "{{ mastodon_composer_folder }}/"`
			`state: present`
			`stopped: false`
			`build: true`
use alternate setup 2022-11-19 21:55:50 +01:00
			`- name: Create initial user`
Use docker-compose override 2023-07-30 15:27:15 +02:00			`shell: "docker-compose run --rm web bin/tootctl accounts create '{{ mastodon_owner }}' --email '{{ mastodon_owner_email }}' --confirmed --role Owner && echo 'Owner account created' > /var/lib/mastodon_owner_created"`
use alternate setup 2022-11-19 21:55:50 +01:00			`args:`
			`creates: /var/lib/mastodon_owner_created`
			`chdir: "{{ mastodon_composer_folder }}"`
			`register: owner_result`
			`when: mastodon_initial_setup`

			`- name: Show owner password`
			`debug:`
			`var: owner_result`
			`when: mastodon_initial_setup`
Add some todo 2022-11-19 23:18:46 +01:00
Add systemd units 2022-11-20 19:55:08 +01:00			`- name: Deploy Mastodon systemd service unit`
			`template:`
			`src: templates/mastodon.service.j2`
			`dest: /etc/systemd/system/mastodon.service`
Add backup of files 2023-07-07 08:27:16 +02:00			`backup: true`
Add systemd units 2022-11-20 19:55:08 +01:00
			`- name: Deploy Mastodon Media Remove systemd service unit`
			`template:`
			`src: templates/mastodon-media-remove.service.j2`
			`dest: /etc/systemd/system/mastodon-media-remove.service`
Add backup of files 2023-07-07 08:27:16 +02:00			`backup: true`
Add systemd units 2022-11-20 19:55:08 +01:00
			`- name: Deploy Mastodon Media Remove systemd timer unit`
			`template:`
			`src: templates/mastodon-media-remove.timer.j2`
			`dest: /etc/systemd/system/mastodon-media-remove.timer`
Add backup of files 2023-07-07 08:27:16 +02:00			`backup: true`
Add some todo 2022-11-19 23:18:46 +01:00
Add systemd units 2022-11-20 19:55:08 +01:00			`- name: Deploy Mastodon Preview Cards Remove systemd service unit`
			`template:`
			`src: templates/mastodon-preview_cards-remove.service.j2`
			`dest: /etc/systemd/system/mastodon-preview_cards-remove.service`
Add backup of files 2023-07-07 08:27:16 +02:00			`backup: true`
Add systemd units 2022-11-20 19:55:08 +01:00
			`- name: Deploy Mastodon Preview Cards Remove systemd timer unit`
			`template:`
			`src: templates/mastodon-preview_cards-remove.timer.j2`
			`dest: /etc/systemd/system/mastodon-preview_cards-remove.timer`
Add backup of files 2023-07-07 08:27:16 +02:00			`backup: true`
Add systemd units 2022-11-20 19:55:08 +01:00
			`- name: Deploy Mastodon Search Deploy systemd service unit`
			`template:`
			`src: templates/mastodon-search-deploy.service.j2`
			`dest: /etc/systemd/system/mastodon-search-deploy.service`
Add backup of files 2023-07-07 08:27:16 +02:00			`backup: true`
Add systemd units 2022-11-20 19:55:08 +01:00
			`- name: Deploy Mastodon Search Deploy systemd timer unit`
			`template:`
			`src: templates/mastodon-search-deploy.timer.j2`
			`dest: /etc/systemd/system/mastodon-search-deploy.timer`
Add backup of files 2023-07-07 08:27:16 +02:00			`backup: true`
Add systemd units 2022-11-20 19:55:08 +01:00
			`- name: Enable Mastodon Media Remove systemd timer unit`
			`systemd:`
fix unit files 2022-11-22 13:03:40 +01:00			`name: mastodon-media-remove.timer`
			`state: started`
fix systemd 2022-11-22 13:08:05 +01:00			`enabled: true`
Add systemd units 2022-11-20 19:55:08 +01:00			`daemon_reload: true`

fix unit files 2022-11-22 13:03:40 +01:00			`- name: Enable Mastodon systemd timer units`
Add systemd units 2022-11-20 19:55:08 +01:00			`systemd:`
			`name: "{{ item }}"`
fix unit files 2022-11-22 13:03:40 +01:00			`state: started`
fix systemd 2022-11-22 13:08:05 +01:00			`enabled: true`
Add systemd units 2022-11-20 19:55:08 +01:00			`loop:`
			`- mastodon-preview_cards-remove.timer`
			`- mastodon-search-deploy.timer`