WIP: feat(sharkey): add ansible role for deployment

README.md

@@ -18,6 +18,9 @@ available.
 - [`mastodon`](roles/mastodon/README.md): deployment using a container based
   setup, able to use webfinger delegation.
 
+- [`sharkey`](roles/sharkey/README.md): deployment of sharkey, a misskey-
+  fork with full mastodon API compatability.
+
 ## License
 
 [CNPLv7+](LICENSE.md): Cooperative Nonviolent Public License

galaxy.yml

@@ -15,5 +15,6 @@ repository: https://git.finally.coffee/finallycoffee/fediverse
 issues: https://codeberg.org/finallycoffee/ansible-collection-fediverse/issues
 tags:
   - fediwall
+  - sharkey
   - gotosocial
   - mastodon

playbooks/sharkey.yml

@@ -0,0 +1,6 @@
+---
+- name: Deploy sharkey
+  hosts: "{{ sharkey_hosts | default('sharkey') }}"
+  become: "{{ sharkey_become | default(false) }}"
+  roles:
+    - role: finallycoffee.fediverse.sharkey

roles/sharkey/README.md

@@ -0,0 +1,11 @@
+# `finallycoffee.fediverse.sharkey` ansible role
+
+## Configuration
+
+## Behind a proxy
+
+The ansible role itself will respect system proxies (in the env var `HTTP_PROXY`/`https_proxy`).
+
+To use this role with a registry like Artifactory or Nexus3,
+set `sharkey_repo_server` to your registry server with full
+protocol, hostname, port. For example `sharkey_repo_server: "https://my.orgs.registry.local:8443/sharkey-internet-proxy/"`

roles/sharkey/defaults/main/compose.yml

@@ -0,0 +1,15 @@
+---
+sharkey_compose_state: "{{ sharkey_state }}"
+sharkey_compose_project_name: "sharkey"
+sharkey_compose_project_src: "/etc/sharkey"
+sharkey_compose_upstream_file: "{{ sharkey_compose_project_src }}/compose.upstream.yml"
+sharkey_compose_file: "{{ sharkey_compose_project_src }}/compose.yml"
+sharkey_compose_build: >-2
+  {{ (sharkey_container_image_source == 'pull') | ternary('never', 'policy') }}
+sharkey_compose_build: "never"
+
+sharkey_repo_server: "https://activitypub.software"
+sharkey_repo_path: "Transfem-org/Sharkey"
+sharkey_repo_tag: "{{ sharkey_version }}"
+sharkey_compose_file_url: >-2
+  {{ sharkey_repo_server }}/{{ sharkey_repo_path }}/-/raw/{{ sharkey_version }}/compose_example.yml?ref_type=tags

roles/sharkey/defaults/main/config.yml

@@ -0,0 +1,3 @@
+---
+sharkey_config_url: ~
+sharkey_config_setup_password: ~

roles/sharkey/defaults/main/container.yml

@@ -0,0 +1,24 @@
+---
+sharkey_container_name: sharkey
+sharkey_container_image_registry: "registry.activitypub.software"
+sharkey_container_iamge_namespace: "transfem-org"
+sharkey_container_image_name: "sharkey"
+sharkey_container_image_repository: >-2
+  {{
+    [
+      sharkey_container_image_registry | default([], true),
+      sharkey_container_iamge_namespace | default([], true),
+      sharkey_container_image_name
+    ] | flatten | join('/')
+  }}
+sharkey_container_image_tag: ~
+sharkey_container_image_source: pull
+sharkey_container_image_force_source: >-2
+  {{ sharkey_container_image_tag | default(false, true) | bool }}
+sharkey_container_image: >-2
+  {{
+    [
+      sharkey_container_image_repository,
+      sharkey_container_image_tag | default(sharkey_version, true)
+    ] | join(':')
+  }}

roles/sharkey/defaults/main/main.yml

@@ -0,0 +1,8 @@
+---
+sharkey_user: sharkey
+sharkey_version: "2025.4.3"
+sharkey_config_dir: "/etc/sharkey"
+sharkey_data_dir: "/var/lib/sharkey"
+
+sharkey_state: present
+sharkey_deployment_method: "docker-compose"

roles/sharkey/defaults/main/user.yml

@@ -0,0 +1,10 @@
+---
+sharkey_user_system: true
+sharkey_user_create_home: false
+sharkey_user_groups: ~
+sharkey_user_append_groups: >-2
+  {{ sharkey_user_groups | default(omit, true) }}
+sharkey_user_uid: >-2
+  {{ sharkey_user_info.uid | default(sharkey_user) }}
+sharkey_user_gid: >-2
+  {{ sharkey_user_info.group | default(sharkey_user) }}

roles/sharkey/tasks/check.yml

@@ -0,0 +1,14 @@
+---
+- name: Ensure 'sharkey_state' is valid
+  ansible.builtin.fail:
+    msg: >-2
+      Unsupported sharkey_state '{{ sharkey_state }}'.
+      Supported values are {{ sharkey_states | join(', ') }}
+  when: sharkey_state not in sharkey_states
+
+- name: Ensure 'sharkey_deployment_method' is valid
+  ansible.builtin.fail:
+    msg: >-2
+      Unsupported sharkey_deployment_method '{{ sharkey_deployment_method }}.
+      Supported values are {{ sharkey_deployment_methods | join(', ') }}
+  when: sharkey_deployment_method not in sharkey_deployment_methods

roles/sharkey/tasks/configure-docker-compose.yml

@@ -0,0 +1,7 @@
+---
+- name: Ensure compose files are downloaded
+  ansible.builtin.get_url:
+    # TODO: how to avoid redownloading default.yml when the role made changes?
+    url: "{{ sharkey_compose_file_url }}"
+    dest: "{{ sharkey_compose_upstream_file }}"
+

roles/sharkey/tasks/configure.yml

@@ -0,0 +1,26 @@
+---
+- name: Ensure sharkey user '{{ sharkey_user }}' is {{ sharkey_state }}
+  ansible.builtin.user:
+    name: "{{ sharkey_user }}"
+    state: "{{ sharkey_state }}"
+    system: "{{ sharkey_user_system }}"
+    create_home: "{{ sharkey_user_create_home }}"
+    groups: "{{ sharkey_user_groups }}"
+    append: "{{ sharkey_user_append_groups }}"
+  register: sharkey_user_info
+
+- name: Ensure sharkey config directory '{{ sharkey_config_dir }}' is {{ sharkey_state }}
+  ansible.builtin.file:
+    path: "{{ sharkey_config_dir }}"
+    state: "{{ (sharkey_state == 'present') | ternary('directory', 'absent') }}"
+    owner: "{{ sharkey_user_uid }}"
+    group: "{{ sharkey_user_gid }}"
+    mode: "0750"
+
+- name: Ensure sharkey data directory '{{ sharkey_data_dir }}' is {{ sharkey_state }}
+  ansible.builtin.file:
+    path: "{{ sharkey_data_dir }}"
+    state: "{{ (sharkey_state == 'present') | ternary('directory', 'absent') }}"
+    owner: "{{ sharkey_user_uid }}"
+    group: "{{ sharkey_user_gid }}"
+    mode: "0750"

roles/sharkey/tasks/deploy-docker-compose.yml

@@ -0,0 +1,14 @@
+---
+- name: Ensure sharkey container image '{{ sharkey_container_image }}' is {{ sharkey_state }}
+  community.docker.docker_image:
+    name: "{{ sharkey_container_image }}"
+    state: "{{ sharkey_state }}"
+    source: "{{ sharkey_container_image_source }}"
+    force_source: "{{ sharkey_container_image_force_source }}"
+
+- name: Ensure docker compose project is {{ sharkey_compose_state }}
+  community.docker.docker_compose_v2:
+    project_name: "{{ sharkey_compose_project_name }}"
+    project_src: "{{ sharkey_compose_project_src }}"
+    state: "{{ sharkey_compose_state }}"
+    build: "{{ sharkey_compose_build }}"

roles/sharkey/tasks/main.yml

@@ -0,0 +1,12 @@
+---
+- name: Check role prerequisites
+  ansible.builtin.include_tasks:
+    file: check.yml
+
+- name: Run common configuration tasks
+  ansible.builtin.include_tasks:
+    file: configure.yml
+
+- name: Deploy using {{ sharkey_deployment_method }}
+  ansible.builtin.include_tasks:
+    file: "deploy-{{ sharkey_deployment_method }}.yml"

roles/sharkey/vars/main.yml

@@ -0,0 +1,6 @@
+---
+sharkey_states:
+  - present
+  - absent
+sharkey_deployment_methods:
+  - "docker-compose"