From 1fafdad7a38cc34b6576c76ac21edfbffe642040 Mon Sep 17 00:00:00 2001 From: rene Date: Fri, 18 Mar 2022 17:01:33 +0100 Subject: [PATCH] execute tasks as user mastodon --- roles/mastodon/tasks/main.yml | 4 - .../mastodon/tasks/system_setup/mastodon.yml | 118 ++++++++---------- roles/mastodon/tasks/system_setup/ruby.yml | 102 +++++++-------- 3 files changed, 105 insertions(+), 119 deletions(-) diff --git a/roles/mastodon/tasks/main.yml b/roles/mastodon/tasks/main.yml index 9bf6b1d..3b37433 100644 --- a/roles/mastodon/tasks/main.yml +++ b/roles/mastodon/tasks/main.yml @@ -17,9 +17,5 @@ - include_tasks: system_setup/nginx.yml - include_tasks: system_setup/user.yml - include_tasks: system_setup/ruby.yml - become: true - become_user: "{{ mastodon_user }}" - include_tasks: system_setup/mastodon.yml - become: true - become_user: "{{ mastodon_user }}" - include_tasks: system_setup/letsencrypt.yml \ No newline at end of file diff --git a/roles/mastodon/tasks/system_setup/mastodon.yml b/roles/mastodon/tasks/system_setup/mastodon.yml index 2f25c4c..aad3d2c 100644 --- a/roles/mastodon/tasks/system_setup/mastodon.yml +++ b/roles/mastodon/tasks/system_setup/mastodon.yml @@ -1,100 +1,86 @@ -- name: Clone mastodon - git: - repo: "https://github.com/mastodon/mastodon.git" - dest: "{{ mastodon_home }}/{{mastodon_path}}" - clone: true +- block: + become: true + become_user: "{{ mastodon_user }}" -# - name: Update to latest version -# shell: "git fetch; git checkout $(git tag -l | grep -v 'rc[0-9]*$' | sort -V | tail -n 1)" -# args: -# chdir: "{{ mastodon_home }}/{{ mastodon_path }}" + - name: Clone mastodon + git: + repo: "https://github.com/mastodon/mastodon.git" + dest: "{{ mastodon_home }}/{{mastodon_path}}" + clone: true -- name: Bundle install - shell: | - ~/.rbenv/shims/bundle config set --local deployment 'true' && \ - ~/.rbenv/shims/bundle config set --local without 'test' && \ - ~/.rbenv/shims/bundle config set --local with 'development' && \ - ~/.rbenv/shims/bundle install -j$(getconf _NPROCESSORS_ONLN) - args: - chdir: "{{ mastodon_home }}/{{ mastodon_path }}" + # - name: Update to latest version + # shell: "git fetch; git checkout $(git tag -l | grep -v 'rc[1-9]*$' | sort -V | tail -n 1)" + # args: + # chdir: "{{ mastodon_home }}/{{ mastodon_path }}" -- name: Yarn install - command: yarn install --pure-lockfile - args: - chdir: "{{ mastodon_home }}/{{ mastodon_path }}" + - name: Bundle install + shell: | + ~/.rbenv/shims/bundle config set --local deployment 'true' && \ + ~/.rbenv/shims/bundle config set --local without 'test' && \ + ~/.rbenv/shims/bundle config set --local with 'development' && \ + ~/.rbenv/shims/bundle install -j$(getconf _NPROCESSORS_ONLN) + args: + chdir: "{{ mastodon_home }}/{{ mastodon_path }}" + + - name: Yarn install + command: yarn install --pure-lockfile + args: + chdir: "{{ mastodon_home }}/{{ mastodon_path }}" + + - name: Media cleanup cronjob + cron: + name: "media cleanup" + minute: "15" + hour: "1" + job: '/bin/bash -c ''export PATH="$HOME/.rbenv/bin:$PATH"; eval "$(rbenv init -)"; cd {{ mastodon_home }}/{{ mastodon_path }} && RAILS_ENV=production ./bin/tootctl media remove''' + + - stat: path={{ mastodon_home }}/{{ mastodon_path }}/.env.production + register: production_config + + - name: Migrate database + shell: "RAILS_ENV=production ~/.rbenv/shims/bundle exec rails db:migrate" + args: + chdir: "{{ mastodon_home }}/{{ mastodon_path }}" + when: production_config.stat.exists + + - name: Precompile assets + shell: "RAILS_ENV=production ~/.rbenv/shims/bundle exec rails assets:precompile" + args: + chdir: "{{ mastodon_home }}/{{ mastodon_path }}" + when: production_config.stat.exists - name: Install systemd sidekiq Service Files template: src: mastodon-sidekiq.service.j2 dest: /etc/systemd/system/mastodon-sidekiq.service - become: true - become_user: root - + - name: Install systemd web Service Files template: src: mastodon-web.service.j2 dest: /etc/systemd/system/mastodon-web.service - become: true - become_user: root - + - name: Install systemd streaming Service Files template: src: mastodon-streaming.service.j2 dest: /etc/systemd/system/mastodon-streaming.service - become: true - become_user: root - -- name: Media cleanup cronjob - cron: - name: "media cleanup" - minute: "15" - hour: "1" - job: '/bin/bash -c ''export PATH="$HOME/.rbenv/bin:$PATH"; eval "$(rbenv init -)"; cd {{ mastodon_home }}/{{ mastodon_path }} && RAILS_ENV=production ./bin/tootctl media remove''' - -- stat: path={{ mastodon_home }}/{{ mastodon_path }}/.env.production - register: production_config - -- name: Migrate database - shell: "RAILS_ENV=production ~/.rbenv/shims/bundle exec rails db:migrate" - args: - chdir: "{{ mastodon_home }}/{{ mastodon_path }}" - when: production_config.stat.exists - -- name: Precompile assets - shell: "RAILS_ENV=production ~/.rbenv/shims/bundle exec rails assets:precompile" - args: - chdir: "{{ mastodon_home }}/{{ mastodon_path }}" - when: production_config.stat.exists - + - name: Enable mastodon-web command: systemctl enable mastodon-web.service - become: true - become_user: root - name: Enable mastodon-streaming command: systemctl enable mastodon-streaming.service - become: true - become_user: root - name: Enable mastodon-sidekiq command: systemctl enable mastodon-sidekiq.service - become: true - become_user: root - name: Restart mastodon-web command: systemctl restart mastodon-web.service when: production_config.stat.exists - become: true - become_user: root - name: Restart mastodon-streaming command: systemctl restart mastodon-streaming.service when: production_config.stat.exists - become: true - become_user: root - + - name: Restart mastodon-sidekiq command: systemctl restart mastodon-sidekiq.service - when: production_config.stat.exists - become: true - become_user: root \ No newline at end of file + when: production_config.stat.exists \ No newline at end of file diff --git a/roles/mastodon/tasks/system_setup/ruby.yml b/roles/mastodon/tasks/system_setup/ruby.yml index 15608ec..3faa10f 100644 --- a/roles/mastodon/tasks/system_setup/ruby.yml +++ b/roles/mastodon/tasks/system_setup/ruby.yml @@ -1,58 +1,62 @@ --- -- name: mastodon | Clone rbenv - git: - repo: "https://github.com/rbenv/rbenv.git" - dest: "~/.rbenv" - clone: true - version: "{{ rbenv_version }}" +- block: + become: true + become_user: "{{ mastodon_user }}" -- name: mastodon | Clone ruby-build - git: - repo: "https://github.com/rbenv/ruby-build.git" - dest: "~/.rbenv/plugins/ruby-build" - clone: true - version: "{{ ruby_build_version }}" - register: ruby_build + - name: mastodon | Clone rbenv + git: + repo: "https://github.com/rbenv/rbenv.git" + dest: "~/.rbenv" + clone: true + version: "{{ rbenv_version }}" -- name: mastodon | Configure rbenv - command: ./configure - args: - chdir: "~/.rbenv/src" - register: rbenv_configure + - name: mastodon | Clone ruby-build + git: + repo: "https://github.com/rbenv/ruby-build.git" + dest: "~/.rbenv/plugins/ruby-build" + clone: true + version: "{{ ruby_build_version }}" + register: ruby_build -- name: mastodon | Build rbenv - command: make - args: - chdir: "~/.rbenv/src" - when: rbenv_configure is succeeded + - name: mastodon | Configure rbenv + command: ./configure + args: + chdir: "~/.rbenv/src" + register: rbenv_configure -- name: mastodon | Update profile settings - blockinfile: - dest: "~/.profile" - content: | - export PATH="~/.rbenv/bin:${PATH}" - eval "$(rbenv init -)" + - name: mastodon | Build rbenv + command: make + args: + chdir: "~/.rbenv/src" + when: rbenv_configure is succeeded -- name: mastodon | Check if the Ruby version is already installed - shell: "~/.rbenv/bin/rbenv versions | grep -q {{ ruby_version }}" - register: ruby_installed - ignore_errors: yes - check_mode: no + - name: mastodon | Update profile settings + blockinfile: + dest: "~/.profile" + content: | + export PATH="~/.rbenv/bin:${PATH}" + eval "$(rbenv init -)" -- name: mastodon | Install Ruby {{ ruby_version }} - shell: "~/.rbenv/bin/rbenv install {{ ruby_version }}" - args: - executable: /bin/bash - when: ruby_installed is failed + - name: mastodon | Check if the Ruby version is already installed + shell: "~/.rbenv/bin/rbenv versions | grep -q {{ ruby_version }}" + register: ruby_installed + ignore_errors: yes + check_mode: no -- name: mastodon | Set the default Ruby version to {{ ruby_version }} - shell: "~/.rbenv/bin/rbenv global {{ ruby_version }}" - args: - executable: /bin/bash - register: default_ruby_version + - name: mastodon | Install Ruby {{ ruby_version }} + shell: "~/.rbenv/bin/rbenv install {{ ruby_version }}" + args: + executable: /bin/bash + when: ruby_installed is failed -- name: mastodon | Install bundler - shell: 'export PATH="$HOME/.rbenv/bin:$PATH"; eval "$(rbenv init -)"; gem install bundler:{{ bundler_version }}' - args: - executable: /bin/bash - when: default_ruby_version is succeeded \ No newline at end of file + - name: mastodon | Set the default Ruby version to {{ ruby_version }} + shell: "~/.rbenv/bin/rbenv global {{ ruby_version }}" + args: + executable: /bin/bash + register: default_ruby_version + + - name: mastodon | Install bundler + shell: 'export PATH="$HOME/.rbenv/bin:$PATH"; eval "$(rbenv init -)"; gem install bundler:{{ bundler_version }}' + args: + executable: /bin/bash + when: default_ruby_version is succeeded \ No newline at end of file