From b5852d788ddf824f097b663f33e5541e43c8fd68 Mon Sep 17 00:00:00 2001 From: kitoy Date: Mon, 22 May 2023 14:51:55 +0200 Subject: [PATCH] ADD DNSDist(DoH DoT) service --- CTbase.yml | 9 ++-- bimsocial.yml | 26 +++++++----- roles/common/defaults/main.yml | 1 - roles/mastodon/defaults/main.yml | 4 ++ roles/mastodon/tasks/main.yml | 72 ++++++++++++++------------------ roles/nodejs/defaults/main.yml | 2 +- roles/nodejs/tasks/main.yml | 4 +- roles/postgresql/tasks/main.yml | 12 +++++- roles/rbenv/tasks/main.yml | 12 +----- roles/ssl-cert/tasks/main.yml | 4 +- roles/yarn/tasks/main.yml | 1 - 11 files changed, 73 insertions(+), 74 deletions(-) diff --git a/CTbase.yml b/CTbase.yml index 34e5858..c35af46 100644 --- a/CTbase.yml +++ b/CTbase.yml @@ -1,11 +1,12 @@ + --- - hosts: test roles: - common - # déclaration de la variables globales vars: - email: your_email@your_domain.com - cthostname: machine_hostname - domain: domain_name + email: kitoy@kitoy.me + cthostname: tablette + domain: kitoy.me create_user: false + installCertbot: false diff --git a/bimsocial.yml b/bimsocial.yml index 468cdc0..3d2662c 100644 --- a/bimsocial.yml +++ b/bimsocial.yml @@ -1,20 +1,24 @@ --- -- hosts: bim +- hosts: test roles: - - common - - rbenv - - nginx - - postgresql - - mastodon + - common + - rbenv + - nginx + - postgresql + - nodejs + - yarn + - mastodon # Déclaration des variables globales vars: email: contact@bim.land domain: social.bim.land cthostname: social - create_user: true + create_user: True username: mastodon - installCertbot: true - debian_version: buster - nodejs_version: 12 - ruby_version: 2.7.2 + installCertbot: True + debian_version: bullseye + nodejs_version: 14 + ruby_version: 2.7.5 + mastodon_version: 3.4.10 + restore: True diff --git a/roles/common/defaults/main.yml b/roles/common/defaults/main.yml index fd080d6..2907d4f 100644 --- a/roles/common/defaults/main.yml +++ b/roles/common/defaults/main.yml @@ -4,7 +4,6 @@ commonRequirePackages: - man - bash-completion - locales - - python-pip - wget - bzip2 - lsof diff --git a/roles/mastodon/defaults/main.yml b/roles/mastodon/defaults/main.yml index c8950d0..a135fc1 100644 --- a/roles/mastodon/defaults/main.yml +++ b/roles/mastodon/defaults/main.yml @@ -28,3 +28,7 @@ requiredPackages: - libjemalloc-dev - redis-tools - redis-server + - gnupg + - apt-transport-https + - lsb-release + - ca-certificates diff --git a/roles/mastodon/tasks/main.yml b/roles/mastodon/tasks/main.yml index c913cf1..39486c8 100644 --- a/roles/mastodon/tasks/main.yml +++ b/roles/mastodon/tasks/main.yml @@ -1,40 +1,29 @@ --- -- name: Add Yarn apt key - apt_key: - url: https://dl.yarnpkg.com/debian/pubkey.gpg - state: present - -- name: Add Yarn Repository - apt_repository: - repo: deb https://dl.yarnpkg.com/debian/ stable main - state: present - -- name: Install Yarn - apt: - name: yarn - state: present - -- name: Add Nodejs apt key - apt_key: - url: https://deb.nodesource.com/gpgkey/nodesource.gpg.key - state: present - -- name: Add Nodes 12 repository - apt_repository: - repo: deb https://deb.nodesource.com/node_12.x buster main - state: present - -- name: Install NodeJs - apt: - name: nodejs - state: present - - name: Install required by mastodon apt: name: "{{ requiredPackages }}" state: present +- name: ensure postgresql is running + service: + name: postgresql + state: restarted + +- name: Create postgresql User Mastodon + become: yes + become_user: postgres + shell: psql -c "CREATE USER mastodon CREATEDB;" + +- name: Create Mastodon Database for restauration + become: yes + become_user: "{{ username }}" + shell: | + createdb -T template0 -E UTF8 mastodon_production + args: + executable: /bin/bash + when: restore == True + - name: Install Mastodon from git become: yes become_user: "{{ username }}" @@ -44,24 +33,27 @@ eval "$(rbenv init -)" git clone https://github.com/tootsuite/mastodon.git live cd live - git checkout $(git tag -l | grep -v 'rc[0-9]*$' | sort -V | tail -n 1) + git checkout v"{{ mastodon_version }}" gem install bundler --no-document bundle config set deployment 'true' bundle config set without 'development test' bundle install + args: + executable: /bin/bash + +- name: Exec yarn install + become: yes + become_user: "{{ username }}" + ignore_errors: True + shell: | + cd + export PATH="$HOME/.rbenv/bin:$PATH" + eval "$(rbenv init -)" + cd live yarn install --pure-lockfile --non-interactive args: executable: /bin/bash -- name: ensure postgresql is running - service: - name: postgresql - state: restarted - -- name: Create postgresql Database - become: yes - become_user: postgres - shell: psql -c "CREATE USER mastodon CREATEDB;" - name: Copy nginx configuration copy: diff --git a/roles/nodejs/defaults/main.yml b/roles/nodejs/defaults/main.yml index 5a41b09..7da9047 100644 --- a/roles/nodejs/defaults/main.yml +++ b/roles/nodejs/defaults/main.yml @@ -2,4 +2,4 @@ requiredPackages: - apt-transport-https nodejs_version: 12 -debian_version: buster +debian_version: bullseyes diff --git a/roles/nodejs/tasks/main.yml b/roles/nodejs/tasks/main.yml index 1b8b3fd..087f82d 100644 --- a/roles/nodejs/tasks/main.yml +++ b/roles/nodejs/tasks/main.yml @@ -3,9 +3,9 @@ url: https://deb.nodesource.com/gpgkey/nodesource.gpg.key state: present -- name: Add Nodes 12 repository +- name: Add Nodes {{nodejs_version }} repository apt_repository: - repo: deb https://deb.nodesource.com/node_"{{ nodejs_version }}".x "{{ debian_version }}" main + repo: deb https://deb.nodesource.com/node_{{ nodejs_version }}.x {{ debian_version }} main state: present - name: Install NodeJs diff --git a/roles/postgresql/tasks/main.yml b/roles/postgresql/tasks/main.yml index f37efd1..4cc58f4 100644 --- a/roles/postgresql/tasks/main.yml +++ b/roles/postgresql/tasks/main.yml @@ -1,8 +1,18 @@ --- +- name: Add Postgresql apt key + apt_key: + url: https://www.postgresql.org/media/keys/ACCC4CF8.asc + state: present + +- name: Add Postgresql Repository + apt_repository: + repo: deb http://apt.postgresql.org/pub/repos/apt {{ debian_version }}-pgdg main + state: present + - name: Install Postresql Server apt: name: - postgresql - postgresql-contrib - - python-psycopg2 + - python3-psycopg2 diff --git a/roles/rbenv/tasks/main.yml b/roles/rbenv/tasks/main.yml index fe1dcbd..f59f8f6 100644 --- a/roles/rbenv/tasks/main.yml +++ b/roles/rbenv/tasks/main.yml @@ -4,16 +4,6 @@ name: "{{ requiredPackages }}" state: present -- name: Copy rbenv installer - become: yes - become_user: "{{ username }}" - copy: - src: rbenv_installer.sh - dest: rbenv_installer.sh - owner: "{{ username }}" - group: "{{ username }}" - mode: 0755 - when: create_user - name: Install rbenv become: yes @@ -33,7 +23,7 @@ cd ~ export PATH="$HOME/.rbenv/bin:$PATH" eval "$(rbenv init -)" - RUBY_CONFIGURE_OPTS=--with-jemalloc rbenv install "{{ ruby_version }}" + rbenv install "{{ ruby_version }}" rbenv global "{{ ruby_version }}" args: executable: /bin/bash diff --git a/roles/ssl-cert/tasks/main.yml b/roles/ssl-cert/tasks/main.yml index 07c1e16..ba69f2e 100644 --- a/roles/ssl-cert/tasks/main.yml +++ b/roles/ssl-cert/tasks/main.yml @@ -17,9 +17,9 @@ when: installCertbot == False - name: Create self-signed certificate, if configured. - shell: "openssl req -x509 -nodes -subj '/CN={{ domain }}' -days 365 -newkey rsa:4096 -sha256 -keyout /etc/server/{{ domain }}/server.key -out /etc/server/{{ domain }}/server.crt" + shell: openssl req -x509 -nodes -subj '/CN={{ domain }}' -days 3650 -newkey rsa:4096 -sha256 -keyout /etc/ssl/"{{ domain }}".key -out /etc/ssl/"{{ domain }}".crt when: installCertbot == False - name: Create self-signed certificate, if configured. - shell: "certbot -certonly -d {{ domain }} --nginx -m contact@bim.land --agree-tos" + shell: "certbot -certonly -d {{ domain }} {{ alt_domains }} --{{ mode }} -m {{ email }} --agree-tos" when: installCertbot == True diff --git a/roles/yarn/tasks/main.yml b/roles/yarn/tasks/main.yml index 9c7df36..c802a25 100644 --- a/roles/yarn/tasks/main.yml +++ b/roles/yarn/tasks/main.yml @@ -1,5 +1,4 @@ --- ---- - name: Add Yarn apt key apt_key: