add tasks/piped.py
This commit is contained in:
parent
da5a86620e
commit
93e11c515f
1 changed files with 100 additions and 0 deletions
100
tasks/piped.py
Normal file
100
tasks/piped.py
Normal file
|
|
@ -0,0 +1,100 @@
|
|||
from pyinfra import host
|
||||
from pyinfra.api import deploy
|
||||
from pyinfra.operations import files, server, dnf, postgresql, lxd
|
||||
from pyinfra.facts.server import Which
|
||||
from pyinfra.facts.lxd import LxdContainers
|
||||
|
||||
from .operations.git import repo
|
||||
from .postgresql import install as install_postgresql
|
||||
from .pleroma import WithSecrets
|
||||
from .install_consul_server import template_and_install_systemd
|
||||
from .yts import lxc_shell
|
||||
|
||||
|
||||
@deploy(
|
||||
"create lxc container that'll run piped",
|
||||
data_defaults={"piped_container_name": "piped"},
|
||||
)
|
||||
def install_lxc_container():
|
||||
containers = host.get_fact(LxdContainers)
|
||||
ct_name = host.data.piped_container_name
|
||||
|
||||
found_piped_container = False
|
||||
for container in containers:
|
||||
if container["name"] == ct_name:
|
||||
found_piped_container = True
|
||||
|
||||
if not found_piped_container:
|
||||
lxd.container(
|
||||
name="create piped container",
|
||||
id=ct_name,
|
||||
image="images:fedora/38",
|
||||
)
|
||||
|
||||
# validate the ct is good
|
||||
lxc_shell(ct_name, "env")
|
||||
|
||||
|
||||
@deploy("install piped backend")
|
||||
def install():
|
||||
install_postgresql()
|
||||
dnf.packages(
|
||||
[
|
||||
"java-17-openjdk-headless",
|
||||
]
|
||||
)
|
||||
|
||||
with_secrets = WithSecrets(("piped_db_password",))
|
||||
|
||||
# TODO remove copypaste of this between piped and pleroma
|
||||
has_postgres = host.get_fact(Which, command="psql")
|
||||
postgres_kwargs = {}
|
||||
if has_postgres:
|
||||
postgres_kwargs = {"_sudo": True, "_sudo_user": "postgres"}
|
||||
|
||||
postgresql.role(
|
||||
role=host.data.piped_db_user,
|
||||
password=with_secrets.piped_db_password,
|
||||
login=True,
|
||||
**postgres_kwargs,
|
||||
)
|
||||
|
||||
postgresql.database(
|
||||
database=host.data.piped_db_name,
|
||||
owner=host.data.piped_db_user,
|
||||
encoding="UTF8",
|
||||
**postgres_kwargs,
|
||||
)
|
||||
|
||||
runner_user = "piped"
|
||||
remote_main_home_path = f"/opt/piped"
|
||||
|
||||
# we really dont need to build the whole thing
|
||||
# just croc the jar file manually
|
||||
|
||||
server.group(runner_user)
|
||||
server.user(
|
||||
user=runner_user,
|
||||
present=True,
|
||||
home=remote_main_home_path,
|
||||
shell="/bin/false",
|
||||
group=runner_user,
|
||||
ensure_home=True,
|
||||
)
|
||||
|
||||
config_output = files.template(
|
||||
"./files/piped/config.properties",
|
||||
dest=f"{remote_main_home_path}/config.properties",
|
||||
user=runner_user,
|
||||
group=runner_user,
|
||||
mode=500,
|
||||
env_dict=with_secrets,
|
||||
)
|
||||
|
||||
template_and_install_systemd(
|
||||
"./files/piped/piped.service.j2",
|
||||
env_dict={
|
||||
"user": runner_user,
|
||||
"remote_main_home_path": remote_main_home_path,
|
||||
},
|
||||
)
|
||||
Loading…
Reference in a new issue