feat(pixelfed): add ansible role

roles/pixelfed/defaults/main.yml

@@ -0,0 +1,40 @@
+---
+
+pixelfed_user: pixelfed
+pixelfed_version: 0.11.2
+pixelfed_base_path: /opt/pixelfed
+
+pixelfed_deployment_method: docker_selfbuilt
+
+# user to run pixelfed as
+pixelfed_run_user: "{{ pixelfed_user_stat.uid | default(pixelfed_user) }}"
+pixelfed_run_group: "{{ pixelfed_user_stat.group | default(pixelfed_user) }}"
+
+# container settings
+pixelfed_container_name: pixelfed
+pixelfed_container_image_name: pixelfed
+pixelfed_container_image_tag: ~
+pixelfed_container_image: "{{ pixelfed_container_image_name }}:{{ pixelfed_container_image_tag | default('v' + pixelfed_version, True) }}"
+pixelfed_container_image_local_build: true
+pixelfed_container_ports: []
+pixelfed_container_networks: []
+pixelfed_container_extra_volumes: []
+pixelfed_container_extra_labels: {}
+pixelfed_container_extra_env: {}
+pixelfed_container_restart_policy: unless-stopped
+pixelfed_worker_container_name: "{{ pixelfed_container_name }}-worker"
+
+# host filesystem paths
+pixelfed_config_path: "{{ pixelfed_base_path }}/config"
+pixelfed_storage_path: "{{ pixelfed_base_path }}/storage"
+pixelfed_source_path: "{{ pixelfed_base_path }}/source"
+
+pixelfed_app_paths:
+  - path: "{{ pixelfed_base_path }}"
+    mode: "0750"
+  - path: "{{ pixelfed_config_path }}"
+    mode: "0750"
+  - path: "{{ pixelfed_storage_path }}"
+    mode: "0750"
+  - path: "{{ pixelfed_source_path }}"
+    mode: "0750"

roles/pixelfed/tasks/docker-deploy.yml

@@ -0,0 +1,28 @@
+---
+
+- name: Ensure docker container '{{ pixelfed_container_name }}' is running
+  docker_container:
+    name: "{{ pixelfed_container_name }}"
+    image: "{{ pixelfed_container_image }}"
+    env: "{{ pixelfed_container_env }}"
+    env_file: "{{ pixelfed_config_path }}/env"
+    labels: "{{ pixelfed_container_labels }}"
+    volumes: "{{ pixelfed_container_volumes }}"
+    ports: "{{ pixelfed_container_ports | default(omit, True) }}"
+    networks: "{{ pixelfed_container_networks | default(omit, True) }}"
+    purge_networks: "{{ pixelfed_container_purge_networks|default(False) }}"
+    restart_policy: "{{ pixelfed_container_restart_policy }}"
+    state: started
+
+- name: Ensure docker container '{{ pixelfed_worker_container_name }}' is running
+  docker_container:
+    name: "{{ pixelfed_worker_container_name }}"
+    image: "{{ pixelfed_container_image }}"
+    env: "{{ pixelfed_container_env }}"
+    env_file: "{{ pixelfed_config_path }}/env"
+    volumes: "{{ pixelfed_container_volumes }}"
+    networks: "{{ pixelfed_container_networks | default(omit, True) }}"
+    purge_networks: "{{ pixelfed_container_purge_networks|default(False) }}"
+    restart_policy: "{{ pixelfed_container_restart_policy }}"
+    command: "gosu www-data php artisan horizon"
+    state: started

roles/pixelfed/tasks/docker-image.yml

@@ -0,0 +1,28 @@
+---
+
+- name: Ensure docker container image is pulled
+  docker_image:
+    name: "{{ pixelfed_container_image }}"
+    state: present
+    source: pull
+    force_source: "{{ true if docker_container_image_tag else false }}"
+  when: not pixelfed_container_image_local_build
+
+- name: Ensure upstream git repository is cloned to source folder
+  git:
+    repo: "{{ pixelfed_source_upstream_git_repo }}"
+    dest: "{{ pixelfed_source_path }}"
+    update: yes
+    clone: yes
+  when: pixelfed_container_image_local_build
+
+- name: Build docker container image '{{ pixelfed_container_image }}' locally
+  docker_image:
+    name: "{{ pixelfed_container_image_name }}"
+    tag: "{{ pixelfed_container_image_tag | default('v' + pixelfed_version) }}"
+    state: present
+    source: build
+    build:
+      dockerfile: "contrib/docker/Dockerfile.apache"
+      path: "{{ pixelfed_source_path }}"
+  when: pixelfed_container_image_local_build

roles/pixelfed/tasks/main.yml

@@ -0,0 +1,39 @@
+---
+
+- name: Ensure user '{{ pixelfed_user }}' for pixelfed is created
+  user:
+    name: "{{ pixelfed_user }}"
+    state: present
+    system: true
+  register: pixelfed_user_stat
+
+- name: Ensure file system paths exist for persisting data
+  file:
+    path: "{{ dir.path }}"
+    state: directory
+    owner: "{{ dir.user | default(pixelfed_run_user) }}"
+    group: "{{ dir.group | default(pixelfed_run_group) }}"
+    mode: "{{ dir.mode }}"
+  loop: "{{ pixelfed_app_paths }}"
+  loop_control:
+    loop_var: dir
+    label: "{{ dir.path }}"
+
+- name: Ensure env file for pixelfed is templated
+  template:
+    src: env.docker.j2
+    dest: "{{ pixelfed_config_path }}/env"
+    owner: "{{ pixelfed_run_user }}"
+    group: "{{ pixelfed_run_group }}"
+    mode: "0640"
+
+- name: Ensure docker container image is available
+  include_tasks:
+    file: docker-image.yml
+  when: 'docker' in pixelfed_deployment_method
+
+- name: Ensure pixelfed instance is started
+  block:
+    - name: Ensure pixelfed instance is started (docker)
+      include_tasks:
+        file: docker-deploy.yml

roles/pixelfed/templates/env.docker.j2

@@ -0,0 +1,148 @@
+## Crypto
+APP_KEY=
+
+## General Settings
+APP_NAME="Pixelfed Prod"
+APP_ENV=production
+APP_DEBUG=false
+APP_URL=https://real.domain
+APP_DOMAIN="real.domain"
+ADMIN_DOMAIN="real.domain"
+SESSION_DOMAIN="real.domain"
+
+OPEN_REGISTRATION=true
+ENFORCE_EMAIL_VERIFICATION=false
+PF_MAX_USERS=1000
+OAUTH_ENABLED=true
+
+APP_TIMEZONE=UTC
+APP_LOCALE=en
+
+## Pixelfed Tweaks
+LIMIT_ACCOUNT_SIZE=true
+MAX_ACCOUNT_SIZE=1000000
+MAX_PHOTO_SIZE=15000
+MAX_AVATAR_SIZE=2000
+MAX_CAPTION_LENGTH=500
+MAX_BIO_LENGTH=125
+MAX_NAME_LENGTH=30
+MAX_ALBUM_LENGTH=4
+IMAGE_QUALITY=80
+PF_OPTIMIZE_IMAGES=true
+PF_OPTIMIZE_VIDEOS=true
+ADMIN_ENV_EDITOR=false
+ACCOUNT_DELETION=true
+ACCOUNT_DELETE_AFTER=false
+MAX_LINKS_PER_POST=0
+
+## Instance
+#INSTANCE_DESCRIPTION=
+INSTANCE_PUBLIC_HASHTAGS=false
+#INSTANCE_CONTACT_EMAIL=
+INSTANCE_PUBLIC_LOCAL_TIMELINE=false
+#BANNED_USERNAMES=
+STORIES_ENABLED=false
+RESTRICTED_INSTANCE=false
+
+## Mail
+MAIL_DRIVER=log
+MAIL_HOST=smtp.mailtrap.io
+MAIL_PORT=2525
+MAIL_FROM_ADDRESS="pixelfed@example.com"
+MAIL_FROM_NAME="Pixelfed"
+MAIL_USERNAME=null
+MAIL_PASSWORD=null
+MAIL_ENCRYPTION=null
+
+## Databases (MySQL)
+DB_CONNECTION=mysql
+DB_DATABASE=pixelfed_prod
+DB_HOST=db
+DB_PASSWORD=pixelfed_db_pass
+DB_PORT=3306
+DB_USERNAME=pixelfed
+# pass the same values to the db itself
+MYSQL_DATABASE=pixelfed_prod
+MYSQL_PASSWORD=pixelfed_db_pass
+MYSQL_RANDOM_ROOT_PASSWORD=true
+MYSQL_USER=pixelfed
+
+## Databases (Postgres)
+#DB_CONNECTION=pgsql
+#DB_HOST=postgres
+#DB_PORT=5432
+#DB_DATABASE=pixelfed
+#DB_USERNAME=postgres
+#DB_PASSWORD=postgres
+
+## Cache (Redis)
+REDIS_CLIENT=phpredis
+REDIS_SCHEME=tcp
+REDIS_HOST=redis
+REDIS_PASSWORD=redis_password
+REDIS_PORT=6379
+REDIS_DATABASE=0
+
+## EXPERIMENTS 
+EXP_LC=false
+EXP_REC=false
+EXP_LOOPS=false
+
+## ActivityPub Federation
+ACTIVITY_PUB=false
+AP_REMOTE_FOLLOW=false
+AP_SHAREDINBOX=false
+AP_INBOX=false
+AP_OUTBOX=false
+ATOM_FEEDS=true
+NODEINFO=true
+WEBFINGER=true
+
+## S3
+FILESYSTEM_DRIVER=local
+FILESYSTEM_CLOUD=s3
+PF_ENABLE_CLOUD=false
+#AWS_ACCESS_KEY_ID=
+#AWS_SECRET_ACCESS_KEY=
+#AWS_DEFAULT_REGION=
+#AWS_BUCKET=
+#AWS_URL=
+#AWS_ENDPOINT=
+#AWS_USE_PATH_STYLE_ENDPOINT=false
+
+## Horizon
+HORIZON_DARKMODE=false
+
+## COSTAR - Confirm Object Sentiment Transform and Reduce
+PF_COSTAR_ENABLED=false
+
+# Media
+MEDIA_EXIF_DATABASE=false
+
+## Logging
+LOG_CHANNEL=stderr
+
+## Image
+IMAGE_DRIVER=imagick
+
+## Broadcasting
+BROADCAST_DRIVER=log  # log driver for local development
+
+## Cache
+CACHE_DRIVER=redis
+
+## Purify
+RESTRICT_HTML_TYPES=true
+
+## Queue
+QUEUE_DRIVER=redis
+
+## Session
+SESSION_DRIVER=redis
+
+## Trusted Proxy
+TRUST_PROXIES="*"
+
+## Passport
+#PASSPORT_PRIVATE_KEY=
+#PASSPORT_PUBLIC_KEY=

roles/pixelfed/vars/main.yml

@@ -0,0 +1,21 @@
+---
+
+pixelfed_container_base_volumes:
+  - "{{ pixelfed_storage_path }}:/var/www/storage:z"
+  - "{{ pixelfed_config_path/env:/var/www/.env:ro"
+
+pixelfed_container_base_env:
+
+
+pixelfed_container_base_labels:
+  VERSION: "{{ pixelfed_version }}"
+
+pixelfed_container_volumes: "{{ pixelfed_container_base_volumes + pixelfed_container_extra_volumes }}"
+pixelfed_container_labels: "{{ pixelfed_container_base_labels + pixelfed_container_extra_labels }}"
+pixelfed_container_env: "{{ pixelfed_container_base_env + pixelfed_container_extra_env }}"
+
+pixelfed_source_upstream_git_repo: "https://github.com/pixelfed/pixelfed.git"
+
+pixelfed_supported_deployment_methods:
+  - docker_selfbuilt
+  - docker_pulled