From 6c313627d4fdc5a29e130af1887669c09e22606f Mon Sep 17 00:00:00 2001
From: "Antonio J. Delgado" <ad@susurrando.com>
Date: Sun, 20 Nov 2022 20:55:08 +0200
Subject: [PATCH] Add systemd units

---
 README.md                                     |  9 ++-
 defaults/main.yml                             |  6 ++
 tasks/docker/docker.yml                       | 62 ++++++++++++++++++-
 tasks/main.yml                                |  7 +++
 templates/mastodon-media-remove.service.j2    | 14 +++++
 templates/mastodon-media-remove.timer.j2      | 10 +++
 .../mastodon-preview_cards-remove.service.j2  | 14 +++++
 .../mastodon-preview_cards-remove.timer.j2    | 10 +++
 templates/mastodon-search-deploy.service.j2   | 14 +++++
 templates/mastodon-search-deploy.timer.j2     | 10 +++
 templates/mastodon.service.j2                 | 14 +++++
 11 files changed, 165 insertions(+), 5 deletions(-)
 create mode 100644 templates/mastodon-media-remove.service.j2
 create mode 100644 templates/mastodon-media-remove.timer.j2
 create mode 100644 templates/mastodon-preview_cards-remove.service.j2
 create mode 100644 templates/mastodon-preview_cards-remove.timer.j2
 create mode 100644 templates/mastodon-search-deploy.service.j2
 create mode 100644 templates/mastodon-search-deploy.timer.j2
 create mode 100644 templates/mastodon.service.j2

diff --git a/README.md b/README.md
index 80514b9..7704575 100644
--- a/README.md
+++ b/README.md
@@ -4,14 +4,17 @@
 
 Thanks for this post https://sleeplessbeastie.eu/2022/05/02/how-to-take-advantage-of-docker-to-install-mastodon/ that helped a lot
 
+# Description
+
+This Ansible role would install a Mastodon instance either directly in the computer or a set of docker containers using docker-compose. You will need to have a reverse proxy pointing then to ports 3000 and 4000.
+
 # Configuration
 
 Check the default/main.yml for used variables and customize. If you don't have secrets already generated, leave them empty and the role will create them and you can pick them up from the application.env.production file created in the Mastodon folder.
 
 # To-Do
 
-- Create systemd units to start as a service
-- Create scheduled jobs (systemd timer units) for ```tootctl media remove``` and ```tootctl preview_cards remove```
 - Is federation working?
 - Test bare metal installation (so far only tested with docker)
-- There are 500 errors on my instance
+- There are 500 errors on my instance when accessing "Administration"
+- Include reverse proxy web server (nginx and apache)
diff --git a/defaults/main.yml b/defaults/main.yml
index 7617e82..453ea81 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -20,6 +20,9 @@ mastodon_docker_image: "moritzheiber/mastodon-docker"
 mastodon_docker_network: "mastodon_network"
 
 docker_command: docker
+docker_daemon_settings:
+  iptables: false
+  log-driver: journald
 install_python_packages:
   - package: "docker"
 
@@ -65,6 +68,9 @@ redis_port: 6379
 self_signed_cert_location: /etc/ssl/certs
 self_signed_key_location: /etc/ssl/private
 mastodon_composer_folder: /opt/mastodon
+media_remove_schedule: 'Sat *-*-* 00:10:00'
+preview_cards_remove_schedule: 'Sat *-*-* 00:20:00'
+search_deploy_schedule: 'Sat *-*-* 03:00:00'
 
 es_enabled: 'false'
 es_host: localhost
diff --git a/tasks/docker/docker.yml b/tasks/docker/docker.yml
index 8406ffa..3f1735d 100644
--- a/tasks/docker/docker.yml
+++ b/tasks/docker/docker.yml
@@ -1,4 +1,16 @@
 ---
+- name: Configure docker daemon
+  copy:
+    dest: /etc/docker/daemon.json
+    content: "{{ docker_daemon_settings|to_json(indent=4, sort_keys=True) }}"
+
+- name: Configure docker service and reload it
+  systemd:
+    name: docker
+    state: reloaded
+    enabled: true
+    masked: false
+
 - name: Create Mastodon folder
   file:
     path: "{{ mastodon_composer_folder }}"
@@ -225,6 +237,52 @@
     var: owner_result
   when: mastodon_initial_setup
 
+- name: Deploy Mastodon systemd service unit
+  template:
+    src: templates/mastodon.service.j2
+    dest: /etc/systemd/system/mastodon.service
 
-# ToDo: (adelgado) Systemd units
-# ToDo: (adelgado) Scheduled jobs for tootctl media remove and tootctl preview_cards remove
+- name: Deploy Mastodon Media Remove systemd service unit
+  template:
+    src: templates/mastodon-media-remove.service.j2
+    dest: /etc/systemd/system/mastodon-media-remove.service
+
+- name: Deploy Mastodon Media Remove systemd timer unit
+  template:
+    src: templates/mastodon-media-remove.timer.j2
+    dest: /etc/systemd/system/mastodon-media-remove.timer
+
+- name: Deploy Mastodon Preview Cards Remove systemd service unit
+  template:
+    src: templates/mastodon-preview_cards-remove.service.j2
+    dest: /etc/systemd/system/mastodon-preview_cards-remove.service
+
+- name: Deploy Mastodon Preview Cards Remove systemd timer unit
+  template:
+    src: templates/mastodon-preview_cards-remove.timer.j2
+    dest: /etc/systemd/system/mastodon-preview_cards-remove.timer
+
+- name: Deploy Mastodon Search Deploy systemd service unit
+  template:
+    src: templates/mastodon-search-deploy.service.j2
+    dest: /etc/systemd/system/mastodon-search-deploy.service
+
+- name: Deploy Mastodon Search Deploy systemd timer unit
+  template:
+    src: templates/mastodon-search-deploy.timer.j2
+    dest: /etc/systemd/system/mastodon-search-deploy.timer
+
+- name: Enable Mastodon Media Remove systemd timer unit
+  systemd:
+    name: mastodon-media-remove
+    state: enabled
+    daemon_reload: true
+
+- name: Enable Mastodon Media Remove systemd timer unit
+  systemd:
+    name: "{{ item }}"
+    state: enabled
+  loop:
+    - mastodon-preview_cards-remove.timer
+    - mastodon-media-remove.timer
+    - mastodon-search-deploy.timer
diff --git a/tasks/main.yml b/tasks/main.yml
index 4f3eab1..db7f691 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -1,4 +1,11 @@
 ---
+
+- name: Increase mmap counts
+  ansible.posix.sysctl:
+    name: vm.max_map_count
+    value: '262144'
+    state: present
+
 - name: Ensure bare metal installation
   include_tasks: bare.yml
   when: mastodon_bare_installation
diff --git a/templates/mastodon-media-remove.service.j2 b/templates/mastodon-media-remove.service.j2
new file mode 100644
index 0000000..4c12698
--- /dev/null
+++ b/templates/mastodon-media-remove.service.j2
@@ -0,0 +1,14 @@
+[Unit]
+Description=Mastodon - media remove service
+Wants=mastodon-media-remove.timer
+
+[Service]
+Type=oneshot
+StandardError=null
+StandardOutput=null
+
+WorkingDirectory={{ mastodon_composer_folder }}
+ExecStart=/usr/bin/docker-compose -f {{ mastodon_composer_folder }}/docker-compose.yml run --rm shell tootctl media remove
+
+[Install]
+WantedBy=multi-user.target
diff --git a/templates/mastodon-media-remove.timer.j2 b/templates/mastodon-media-remove.timer.j2
new file mode 100644
index 0000000..67d42d4
--- /dev/null
+++ b/templates/mastodon-media-remove.timer.j2
@@ -0,0 +1,10 @@
+[Unit]
+Description=Schedule a media remove every week
+
+[Timer]
+Persistent=true
+OnCalendar={{ media_remove_schedule }}
+Unit=mastodon-media-remove.service
+
+[Install]
+WantedBy=timers.target
diff --git a/templates/mastodon-preview_cards-remove.service.j2 b/templates/mastodon-preview_cards-remove.service.j2
new file mode 100644
index 0000000..6e7e4b8
--- /dev/null
+++ b/templates/mastodon-preview_cards-remove.service.j2
@@ -0,0 +1,14 @@
+[Unit]
+Description=Mastodon - preview cards remove service
+Wants=mastodon-preview_cards-remove.timer
+
+[Service]
+Type=oneshot
+StandardError=null
+StandardOutput=null
+
+WorkingDirectory={{ mastodon_composer_folder }}
+ExecStart=/usr/bin/docker-compose -f {{ mastodon_composer_folder }}/docker-compose.yml run --rm shell tootctl preview_cards remove
+
+[Install]
+WantedBy=multi-user.target
diff --git a/templates/mastodon-preview_cards-remove.timer.j2 b/templates/mastodon-preview_cards-remove.timer.j2
new file mode 100644
index 0000000..cb485cf
--- /dev/null
+++ b/templates/mastodon-preview_cards-remove.timer.j2
@@ -0,0 +1,10 @@
+[Unit]
+Description=Schedule a preview cards remove every week
+
+[Timer]
+Persistent=true
+OnCalendar={{ preview_cards_remove_schedule }}
+Unit=mastodon-preview_cards-remove.service
+
+[Install]
+WantedBy=timers.target
diff --git a/templates/mastodon-search-deploy.service.j2 b/templates/mastodon-search-deploy.service.j2
new file mode 100644
index 0000000..08ef707
--- /dev/null
+++ b/templates/mastodon-search-deploy.service.j2
@@ -0,0 +1,14 @@
+[Unit]
+Description=Mastodon - update Elasticsearch indices
+Wants=mastodon-search-deploy.timer
+
+[Service]
+Type=oneshot
+StandardError=null
+StandardOutput=null
+
+WorkingDirectory={{ mastodon_composer_folder }}
+ExecStart=/usr/bin/docker-compose -f {{ mastodon_composer_folder }}/docker-compose.yml run --rm shell tootctl search deploy
+
+[Install]
+WantedBy=multi-user.target
diff --git a/templates/mastodon-search-deploy.timer.j2 b/templates/mastodon-search-deploy.timer.j2
new file mode 100644
index 0000000..a505b59
--- /dev/null
+++ b/templates/mastodon-search-deploy.timer.j2
@@ -0,0 +1,10 @@
+[Unit]
+Description=Schedule a preview cards remove every week
+
+[Timer]
+Persistent=true
+OnCalendar={{ search_deploy_schedule }}
+Unit=mastodon-search-deploy.service
+
+[Install]
+WantedBy=timers.target
diff --git a/templates/mastodon.service.j2 b/templates/mastodon.service.j2
new file mode 100644
index 0000000..2c4eec7
--- /dev/null
+++ b/templates/mastodon.service.j2
@@ -0,0 +1,14 @@
+[Unit]
+Description=Mastodon service
+After=docker.service
+
+[Service]
+Type=oneshot
+RemainAfterExit=yes
+
+WorkingDirectory={{ mastodon_composer_folder }}
+ExecStart=/usr/bin/docker-compose -f {{ mastodon_composer_folder }}/docker-compose.yml up -d
+ExecStop=/usr/bin/docker-compose -f {{ mastodon_composer_folder }}/docker-compose.yml down
+
+[Install]
+WantedBy=multi-user.target