simonas/wtf
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
43395ee775435c9de2bc46212c522ea1782b444f
wtf/roles/mastodon/tasks/web.yml
Simonas Kareiva 43395ee775 Deploy mastodon v0.1
2026-02-03 10:57:37 +02:00

65 lines
2.6 KiB
YAML
Raw Blame History

---
- name: Populate active record variables
ansible.builtin.include_vars:
file: web.yml
- name: Create Web instance of mastodon
containers.podman.podman_container:
name: mastodon
image: ghcr.io/mastodon/mastodon:v4.5.5
network:
- "{{ mastodon_networks['mastodon_internal']['name'] }}"
- "{{ mastodon_networks['mastodon_external']['name'] }}"
command: "bundle exec puma -C config/puma.rb"
env:
LOCAL_DOMAIN: "wtf.lt"
REDIS_HOST: redis
REDIS_PORT: 6379
DB_HOST: database
DB_NAME: mastodon
DB_USER: "{{ mastodon_database.username }}"
DB_PASS: "{{ mastodon_database.password }}"
DB_PORT: 5432
ES_ENABLED: true
ES_HOST: elasticsearch
ES_PORT: 9200
ES_PRESET: single_node_cluster
ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY: "{{ active_record_encryption.DETERMINISTIC_KEY }}"
ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT: "{{ active_record_encryption.KEY_DERIVATION_SALT }}"
ACTIVE_RECORD_ENCRYPTION_PRIMARY_KEY: "{{ active_record_encryption.PRIMARY_KEY }}"
VAPID_PRIVATE_KEY: "{{ vapid.PRIVATE_KEY }}"
VAPID_PUBLIC_KEY: "{{ vapid.PUBLIC_KEY }}"
SECRET_KEY_BASE: "{{ secret_key_base }}"
SMTP_SERVER: "{{ smtp.SERVER }}"
SMTP_PORT: "{{ smtp.PORT }}"
SMTP_LOGIN: "{{ smtp.LOGIN }}"
SMTP_PASSWORD: "{{ smtp.PASSWORD }}"
SMTP_FROM_ADDRESS: "{{ smtp.FROM_ADDRESS }}"
# inspect traefik container and add the IP address here
TRUSTED_PROXY_IP: "127.0.0.1/8,::1/128,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16,fc00::/7"
label:
traefik.enable: "true"
traefik.http.routers.mastodon.rule: "Host(`wtf.lt`)"
traefik.http.middlewares.mastodon-https-redirect.redirectscheme.scheme: "https"
traefik.http.routers.mastodon.middlewares: "mastodon-https-redirect"
traefik.http.routers.mastodon-secure.entrypoints: "https"
traefik.http.routers.mastodon-secure.rule: "Host(`wtf.lt`)"
traefik.http.routers.mastodon-secure.tls: "true"
traefik.http.routers.mastodon-secure.tls.certresolver: "lets-encrypt"
traefik.http.services.mastodon.loadbalancer.server.port: "3000"
volumes:
- "/home/apps/mastodon/system:/mastodon/public/system:z"
generate_systemd:
new: true
restart_policy: "always"
path: "~/.config/systemd/user/"
force: true
healthcheck: "curl -s --noproxy localhost localhost:3000/health | grep -q OK"
- name: Activate mastodon web container service
ansible.builtin.systemd_service:
name: container-mastodon.service
state: started
enabled: true
scope: user
Reference in New Issue View Git Blame Copy Permalink