ansible-role-mastodon/tasks/docker/docker.yml

---
- name: Clone Mastodon repo
  git:
    repo: https://github.com/mastodon/mastodon.git
    dest: "{{ mastodon_composer_folder }}"
    depth: 1
  ignore_errors: true

- name: Copy Dockerfile from Mastodon repo
  copy:
    src: files/Dockerfile
    dest: "{{ mastodon_composer_folder }}/Dockerfile"

- name: Ensure mastodon folder exists
  file:
    path: "{{ mastodon_composer_folder }}"
    state: directory

- name: Create docker-compose.yaml file
  copy:
    src: files/docker-compose.yml
    dest: "{{ mastodon_composer_folder }}/docker-compose.yml"

- name: Ensure mastodon configuration is present
  template:
    src: templates/env.j2
    dest: "{{ mastodon_composer_folder }}/.env.production"

- name: Build Mastodon container
  community.docker.docker_compose:
        project_name: mastodon
        project_src: "{{ mastodon_composer_folder }}/"
        state: present

- name: Generate secret key
  shell: docker-compose run --rm web bundle exec rake secret
  args:
    chdir: "{{ mastodon_composer_folder }}"
  register: secret_key_cmd
  when: mastodon_secret_key_base == ''

- name: Add secret key to Mastodon config
  lineinfile:
    path: "{{ mastodon_composer_folder }}/.env.production"
    line: "SECRET_KEY_BASE={{ secret_key_cmd.stdout }}"
    regexp: "^SECRET_KEY_BASE="
    backup: yes

- name: Generate OTP secret key
  shell: docker-compose run --rm web bundle exec rake secret
  args:
    chdir: "{{ mastodon_composer_folder }}"
  register: otp_key_cmd
  when: mastodon_otp_secret == ''

- name: Add OTP key to Mastodon config
  lineinfile:
    path: "{{ mastodon_composer_folder }}/.env.production"
    line: "OTP_SECRET={{ otp_key_cmd.stdout }}"
    regexp: "^OTP_SECRET="
    backup: yes

- name: Generate Paperclip secret key
  shell: docker-compose run --rm web bundle exec rake secret
  args:
    chdir: "{{ mastodon_composer_folder }}"
  register: paperclip_key_cmd
  when: mastodon_paperclip_secret == ''

- name: Add Paperclip key to Mastodon config
  lineinfile:
    path: "{{ mastodon_composer_folder }}/.env.production"
    line: "PAPERCLIP_SECRET={{ paperclip_key_cmd.stdout }}"
    regexp: "^PAPERCLIP_SECRET="
    backup: yes

- name: Generate VAPID keypair
  shell: 'docker-compose run --rm web bundle exec rake mastodon:webpush:generate_vapid_key'
  args:
    chdir: "{{ mastodon_composer_folder }}"
  register: vapid_key_cmd
  when: vapid_public_key == ''

- name: Add Paperclip private key to Mastodon config
  lineinfile:
    path: "{{ mastodon_composer_folder }}/.env.production"
    line: "{{ vapid_key_cmd.stdout_lines[0] }}"
    regexp: "^VAPID_PRIVATE_KEY="
    backup: yes

- name: Add Paperclip public key to Mastodon config
  lineinfile:
    path: "{{ mastodon_composer_folder }}/.env.production"
    line: "{{ vapid_key_cmd.stdout_lines[1] }}"
    regexp: "^VAPID_PUBLIC_KEY="
    backup: yes

- name: Set up database
  shell: docker-compose run --rm web rails db:migrate && echo "Database set up." > /var/lib/mastodon_db_setup
  args:
    creates: /var/lib/mastodon_db_setup
    chdir: "{{ mastodon_composer_folder }}"