Update to 2020-09-19 11:00

master
Daniel Berteaud 4 years ago
parent d8e45c38dd
commit c1cb8e316b
  1. 6
      roles/funkwhale/defaults/main.yml
  2. 1
      roles/funkwhale/meta/main.yml
  3. 9
      roles/funkwhale/tasks/archive_post.yml
  4. 31
      roles/funkwhale/tasks/archive_pre.yml
  5. 12
      roles/funkwhale/tasks/cleanup.yml
  6. 22
      roles/funkwhale/tasks/conf.yml
  7. 30
      roles/funkwhale/tasks/directories.yml
  8. 36
      roles/funkwhale/tasks/facts.yml
  9. 187
      roles/funkwhale/tasks/install.yml
  10. 328
      roles/funkwhale/tasks/main.yml
  11. 9
      roles/funkwhale/tasks/service.yml
  12. 10
      roles/funkwhale/tasks/user.yml
  13. 6
      roles/funkwhale/tasks/write_version.yml

@ -1,12 +1,12 @@
---
funkwhale_version: 0.21.2
funkwhale_version: 1.0
funkwhale_id: 1
#funkwhale_archive_url: https://dev.funkwhale.audio/funkwhale/funkwhale/-/archive/{{ funkwhale_version }}/funkwhale-{{ funkwhale_version }}.tar.gz
funkwhale_base_url: https://dev.funkwhale.audio/funkwhale/funkwhale/-/jobs/artifacts/{{ funkwhale_version }}/download
funkwhale_archive_sha1:
api: 7411d5e506ab1f720202ec77e0a7b26f2d146ebb
front: a2b0b62c2311258675a74abebfef495e1d8a49a9
api: 9b97d4f5e6f2891fdbb9f51ca7fd066ec50d090d
front: bc07a1626949725356431d95fa2cabb180e6cce0
funkwhale_root_dir: /opt/funkwhale_{{ funkwhale_id }}
# Should ansible manage upgrades of funkwhale, or only initial install

@ -1,7 +1,6 @@
---
allow_duplicates: true
dependencies:
- role: repo_scl # for python36
- role: repo_nux_dextop # for ffmpeg
- role: httpd_common
- role: redis_server

@ -0,0 +1,9 @@
---
- name: Compress previous version
command: tar cf {{ funkwhale_root_dir }}/archives/{{ funkwhale_current_version }}.tar.zst --use-compress-program=zstd ./
args:
chdir: "{{ funkwhale_root_dir }}/archives/{{ funkwhale_current_version }}"
warn: False
tags: funkwhale

@ -0,0 +1,31 @@
---
- name: Create archive dir
file: path={{ funkwhale_root_dir }}/archives/{{ funkwhale_current_version }} state=directory
tags: funkwhale
- name: Archive previous version
synchronize:
src: "{{ funkwhale_root_dir }}/{{ item }}"
dest: "{{ funkwhale_root_dir }}/archives/{{ funkwhale_current_version }}/"
recursive: True
delete: True
loop:
- api
- front
- venv
delegate_to: "{{ inventory_hostname }}"
tags: funkwhale
- name: Archive a database dump
command: >
/usr/pgsql-12/bin/pg_dump
--clean
--host={{ funkwhale_db_server }}
--port={{ funkwhale_db_port }}
--username=sqladmin {{ funkwhale_db_name }}
--file={{ funkwhale_root_dir }}/archives/{{ funkwhale_current_version }}/{{ funkwhale_db_name }}.sql
environment:
- PGPASSWORD: "{{ pg_admin_pass }}"
tags: funkwhale

@ -0,0 +1,12 @@
---
- name: Remove temp files
file: path={{ funkwhale_root_dir }}/{{ item }} state=absent
loop:
- tmp/api.zip
- tmp/api
- tmp/front.zip
- tmp/front
- archives/{{ funkwhale_current_version }}
- db_dumps
tags: funkwhale

@ -0,0 +1,22 @@
---
- name: Deploy funkwhale configuration
template: src=env.j2 dest={{ funkwhale_root_dir }}/config/.env group={{ funkwhale_user }}
notify: restart funkwhale
tags: funkwhale
- name: Deploy permissions script
template: src=perms.sh.j2 dest={{ funkwhale_root_dir }}/perms.sh mode=755
register: funkwhale_perms
tags: funkwhale
- name: Set optimal permissions
command: "{{ funkwhale_root_dir }}/perms.sh"
when: funkwhale_install_mode != 'none' or funkwhale_perms.changed
tags: funkwhale
- name: Deploy apache config
template: src=httpd.conf.j2 dest=/etc/httpd/ansible_conf.d/40-funkwhale_{{ funkwhale_id }}.conf
notify: reload httpd
tags: funkwhale

@ -0,0 +1,30 @@
---
- name: Create directories
file:
path: "{{ funkwhale_root_dir }}/{{ item.dir }}"
state: directory
owner: "{{ item.user | default(omit) }}"
group: "{{ item.group | default(omit) }}"
mode: "{{ item.mode | default(omit) }}"
loop:
- dir: /
- dir: api
- dir: front
- dir: data
- dir: data/media
- dir: data/music
- dir: data/static
- dir: config
group: "{{ funkwhale_user }}"
mode: 750
- dir: archives
mode: 700
- dir: meta
mode: 700
- dir: tmp
mode: 700
- dir: backup
mode: 700
tags: funkwhale

@ -0,0 +1,36 @@
---
- fail: msg="pg_admin_pass must be set"
when: pg_admin_pass is not defined
tags: funkwhale
- import_tasks: ../includes/webapps_set_install_mode.yml
vars:
- root_dir: "{{ funkwhale_root_dir }}"
- version: "{{ funkwhale_version }}"
tags: funkwhale
- set_fact: funkwhale_install_mode={{ (install_mode == 'upgrade' and not funkwhale_manage_upgrade) | ternary('none',install_mode) }}
tags: funkwhale
- set_fact: funkwhale_current_version={{ current_version | default('') }}
tags: funkwhale
# Create a random pass for the DB if needed
- import_tasks: ../includes/get_rand_pass.yml
vars:
- pass_file: "{{ funkwhale_root_dir }}/meta/ansible_dbpass"
when: funkwhale_db_pass is not defined
tags: funkwhale
- set_fact: funkwhale_db_pass={{ rand_pass }}
when: funkwhale_db_pass is not defined
tags: funkwhale
# Create a random django secret key
- import_tasks: ../includes/get_rand_pass.yml
vars:
- pass_file: "{{ funkwhale_root_dir }}/meta/ansible_django_key"
when: funkwhale_secret_key is not defined
tags: funkwhale
- set_fact: funkwhale_secret_key={{ rand_pass }}
when: funkwhale_secret_key is not defined
tags: funkwhale

@ -0,0 +1,187 @@
---
- name: Install packages
yum:
name:
- gcc
- git
- postgresql12
- postgresql-devel
- openldap-devel
- cyrus-sasl-devel
- libjpeg-turbo-devel
- python-psycopg2
- python-setuptools
- python3-virtualenv
- python3-pip
- ffmpeg
- mod_xsendfile
tags: funkwhale
- name: Download funkwhale frontend and api
get_url:
url: "{{ funkwhale_base_url }}?job=build_{{ item }}"
dest: "{{ funkwhale_root_dir }}/tmp/{{ item }}.zip"
checksum: sha1:{{ funkwhale_archive_sha1[item] }}
when: funkwhale_install_mode != 'none'
loop:
- front
- api
tags: funkwhale
- name: Extract funkwhale archives
unarchive:
src: "{{ funkwhale_root_dir }}/tmp/{{ item }}.zip"
dest: "{{ funkwhale_root_dir }}/tmp/"
remote_src: True
when: funkwhale_install_mode != 'none'
loop:
- front
- api
tags: funkwhale
- name: Move files to their final location
synchronize:
src: "{{ funkwhale_root_dir }}/tmp/{{ item }}/"
dest: "{{ funkwhale_root_dir }}/{{ item }}/"
recursive: True
delete: True
loop:
- api
- front
delegate_to: "{{ inventory_hostname }}"
when: funkwhale_install_mode != 'none'
tags: funkwhale
- name: Create the PostgreSQL role
postgresql_user:
db: postgres
name: "{{ funkwhale_db_user }}"
password: "{{ funkwhale_db_pass }}"
login_host: "{{ funkwhale_db_server }}"
login_user: sqladmin
login_password: "{{ pg_admin_pass }}"
tags: funkwhale
- name: Create the PostgreSQL database
postgresql_db:
name: "{{ funkwhale_db_name }}"
encoding: UTF-8
lc_collate: C
lc_ctype: C
template: template0
owner: "{{ funkwhale_db_user }}"
login_host: "{{ funkwhale_db_server }}"
login_user: sqladmin
login_password: "{{ pg_admin_pass }}"
tags: funkwhale
- name: Enable required PostgreSQL extensions
postgresql_ext:
name: "{{ item }}"
db: "{{ funkwhale_db_name }}"
login_host: "{{ funkwhale_db_server }}"
login_user: sqladmin
login_password: "{{ pg_admin_pass }}"
loop:
- unaccent
- citext
tags: funkwhale
- name: Wipe the venv on upgrade
file: path={{ funkwhale_root_dir }}/venv state=absent
when: funkwhale_install_mode == 'upgrade'
tags: funkwhale
- name: Create the venv dir
file: path={{ funkwhale_root_dir }}/venv state=directory
tags: funkwhale
- name: Create the virtualenv
pip:
name:
- wheel
- pip
- virtualenv
- service_identity
state: latest
virtualenv: "{{ funkwhale_root_dir }}/venv"
virtualenv_command: /bin/virtualenv-3
virtualenv_python: /bin/python3
when: funkwhale_install_mode != 'none'
notify: restart funkwhale
tags: funkwhale
- name: Install python modules in the virtualenv
pip:
requirements: "{{ funkwhale_root_dir }}/api/requirements.txt"
state: latest
virtualenv: "{{ funkwhale_root_dir }}/venv"
virtualenv_command: /bin/virtualenv-3
virtualenv_python: /bin/python3
when: funkwhale_install_mode != 'none'
notify: restart funkwhale
tags: funkwhale
- name: Migrate database
django_manage:
command: migrate
app_path: "{{ funkwhale_root_dir }}/api"
virtualenv: "{{ funkwhale_root_dir }}/venv"
when: funkwhale_install_mode != 'none'
notify: restart funkwhale
tags: funkwhale
- name: Collect static files
django_manage:
command: collectstatic
app_path: "{{ funkwhale_root_dir }}/api"
virtualenv: "{{ funkwhale_root_dir }}/venv"
when: funkwhale_install_mode != 'none'
tags: funkwhale
- name: Deploy systemd units
template: src=funkwhale-{{ item }}.service.j2 dest=/etc/systemd/system/funkwhale_{{ funkwhale_id }}-{{ item }}.service
register: funkwhale_units
loop:
- server
- worker
- beat
notify: restart funkwhale
tags: funkwhale
- name: Deploy library update units
template: src=funkwhale-update-media.{{ item }}.j2 dest=/etc/systemd/system/funkwhale_{{ funkwhale_id }}-update-media.{{ item }}
register: funkwhale_media_updater
loop:
- service
- timer
tags: funkwhale
- name: Reload systemd
systemd: daemon_reload=True
when: (funkwhale_units.results + funkwhale_media_updater.results) | selectattr('changed','equalto',True) | list | length > 0
tags: funkwhale
- name: Deploy pre and post backup scripts
template: src={{ item }}-backup.sh.j2 dest=/etc/backup/{{ item }}.d/funkwhale_{{ funkwhale_id }}.sh mode=750
loop:
- pre
- post
tags: funkwhale
# When upgrading to funkwhale 1.0, we have to rebuild thumbnails
- block:
- name: Wipe the thumbnail directory
file: path={{ funkwhale_root_dir }}/data/media/__sized__ state=absent
- name: Rebuild thumbnails
django_manage:
command: fw media generate-thumbnails
app_path: "{{ funkwhale_root_dir }}/api"
virtualenv: "{{ funkwhale_root_dir }}/venv"
when:
- funkwhale_install_mode == 'upgrade'
- funkwhale_current_version is version('1.0', '<')
tags: funkwhale

@ -1,318 +1,14 @@
---
- name: Install packages
yum:
name:
- gcc
- git
- postgresql12
- postgresql-devel
- openldap-devel
- cyrus-sasl-devel
- libjpeg-turbo-devel
- python-psycopg2
- python-setuptools
- rh-python36-python-virtualenv
- rh-python36-python-pip
- ffmpeg
- mod_xsendfile
tags: funkwhale
- fail: msg="pg_admin_pass must be set"
when: pg_admin_pass is not defined
tags: funkwhale
- import_tasks: ../includes/webapps_set_install_mode.yml
vars:
- root_dir: "{{ funkwhale_root_dir }}"
- version: "{{ funkwhale_version }}"
tags: funkwhale
- set_fact: funkwhale_install_mode={{ (install_mode == 'upgrade' and not funkwhale_manage_upgrade) | ternary('none',install_mode) }}
tags: funkwhale
- set_fact: funkwhale_current_version={{ current_version | default('') }}
tags: funkwhale
- name: Create a system user account
user:
name: "{{ funkwhale_user }}"
comment: "Funkwhale system user"
system: True
shell: /sbin/nologin
home: "{{ funkwhale_root_dir }}"
tags: funkwhale
- name: Create directories
file:
path: "{{ funkwhale_root_dir }}/{{ item.dir }}"
state: directory
owner: "{{ item.user | default(omit) }}"
group: "{{ item.group | default(omit) }}"
mode: "{{ item.mode | default(omit) }}"
loop:
- dir: /
- dir: api
- dir: front
- dir: data
- dir: data/media
- dir: data/music
- dir: data/static
- dir: config
group: "{{ funkwhale_user }}"
mode: 750
- dir: archives
mode: 700
- dir: meta
mode: 700
- dir: tmp
mode: 700
- dir: venv
- dir: backup
mode: 700
tags: funkwhale
- name: Create archive dir
file: path={{ funkwhale_root_dir }}/archives/{{ funkwhale_current_version }} state=directory
when: funkwhale_install_mode == 'upgrade'
tags: funkwhale
- name: Archive previous version
synchronize:
src: "{{ funkwhale_root_dir }}/{{ item }}"
dest: "{{ funkwhale_root_dir }}/archives/{{ funkwhale_current_version }}/"
recursive: True
delete: True
loop:
- api
- front
delegate_to: "{{ inventory_hostname }}"
when: funkwhale_install_mode == 'upgrade'
tags: funkwhale
- name: Archive a database dump
command: >
/usr/pgsql-12/bin/pg_dump
--clean
--host={{ funkwhale_db_server }}
--port={{ funkwhale_db_port }}
--username=sqladmin {{ funkwhale_db_name }}
--file={{ funkwhale_root_dir }}/archives/{{ funkwhale_current_version }}/{{ funkwhale_db_name }}.sql
environment:
- PGPASSWORD: "{{ pg_admin_pass }}"
when: funkwhale_install_mode == 'upgrade'
tags: funkwhale
- name: Download funkwhale frontend and api
get_url:
url: "{{ funkwhale_base_url }}?job=build_{{ item }}"
dest: "{{ funkwhale_root_dir }}/tmp/{{ item }}.zip"
checksum: sha1:{{ funkwhale_archive_sha1[item] }}
when: funkwhale_install_mode != 'none'
loop:
- front
- api
tags: funkwhale
- name: Extract funkwhale archives
unarchive:
src: "{{ funkwhale_root_dir }}/tmp/{{ item }}.zip"
dest: "{{ funkwhale_root_dir }}/tmp/"
remote_src: True
when: funkwhale_install_mode != 'none'
loop:
- front
- api
tags: funkwhale
- name: Move files to their final location
synchronize:
src: "{{ funkwhale_root_dir }}/tmp/{{ item }}/"
dest: "{{ funkwhale_root_dir }}/{{ item }}/"
recursive: True
delete: True
loop:
- api
- front
delegate_to: "{{ inventory_hostname }}"
when: funkwhale_install_mode != 'none'
tags: funkwhale
# Create a random pass for the DB if needed
- import_tasks: ../includes/get_rand_pass.yml
vars:
- pass_file: "{{ funkwhale_root_dir }}/meta/ansible_dbpass"
when: funkwhale_db_pass is not defined
tags: funkwhale
- set_fact: funkwhale_db_pass={{ rand_pass }}
when: funkwhale_db_pass is not defined
tags: funkwhale
- name: Create the PostgreSQL role
postgresql_user:
db: postgres
name: "{{ funkwhale_db_user }}"
password: "{{ funkwhale_db_pass }}"
login_host: "{{ funkwhale_db_server }}"
login_user: sqladmin
login_password: "{{ pg_admin_pass }}"
tags: funkwhale
- name: Create the PostgreSQL database
postgresql_db:
name: "{{ funkwhale_db_name }}"
encoding: UTF-8
lc_collate: C
lc_ctype: C
template: template0
owner: "{{ funkwhale_db_user }}"
login_host: "{{ funkwhale_db_server }}"
login_user: sqladmin
login_password: "{{ pg_admin_pass }}"
tags: funkwhale
- name: Enable required PostgreSQL extensions
postgresql_ext:
name: "{{ item }}"
db: "{{ funkwhale_db_name }}"
login_host: "{{ funkwhale_db_server }}"
login_user: sqladmin
login_password: "{{ pg_admin_pass }}"
loop:
- unaccent
- citext
tags: funkwhale
- name: Create the virtualenv
pip:
name:
- wheel
- pip
- virtualenv
- service_identity
state: latest
virtualenv: "{{ funkwhale_root_dir }}/venv"
virtualenv_command: /opt/rh/rh-python36/root/usr/bin/virtualenv
virtualenv_python: /opt/rh/rh-python36/root/usr/bin/python
when: funkwhale_install_mode != 'none'
notify: restart funkwhale
tags: funkwhale
- name: Install python modules in the virtualenv
pip:
requirements: "{{ funkwhale_root_dir }}/api/requirements.txt"
state: latest
virtualenv: "{{ funkwhale_root_dir }}/venv"
virtualenv_command: /opt/rh/rh-python36/root/usr/bin/virtualenv
virtualenv_python: /opt/rh/rh-python36/root/usr/bin/python
when: funkwhale_install_mode != 'none'
notify: restart funkwhale
tags: funkwhale
# Create a random django secret key
- import_tasks: ../includes/get_rand_pass.yml
vars:
- pass_file: "{{ funkwhale_root_dir }}/meta/ansible_django_key"
when: funkwhale_secret_key is not defined
tags: funkwhale
- set_fact: funkwhale_secret_key={{ rand_pass }}
when: funkwhale_secret_key is not defined
tags: funkwhale
- name: Deploy funkwhale configuration
template: src=env.j2 dest={{ funkwhale_root_dir }}/config/.env group={{ funkwhale_user }}
notify: restart funkwhale
tags: funkwhale
- name: Deploy permissions script
template: src=perms.sh.j2 dest={{ funkwhale_root_dir }}/perms.sh mode=755
register: funkwhale_perms
tags: funkwhale
- name: Set optimal permissions
command: "{{ funkwhale_root_dir }}/perms.sh"
when: funkwhale_install_mode != 'none' or funkwhale_perms.changed
tags: funkwhale
- name: Deploy apache config
template: src=httpd.conf.j2 dest=/etc/httpd/ansible_conf.d/40-funkwhale_{{ funkwhale_id }}.conf
notify: reload httpd
tags: funkwhale
- name: Migrate database
django_manage:
command: migrate
app_path: "{{ funkwhale_root_dir }}/api"
virtualenv: "{{ funkwhale_root_dir }}/venv"
when: funkwhale_install_mode != 'none'
notify: restart funkwhale
tags: funkwhale
- name: Collect static files
django_manage:
command: collectstatic
app_path: "{{ funkwhale_root_dir }}/api"
virtualenv: "{{ funkwhale_root_dir }}/venv"
when: funkwhale_install_mode != 'none'
tags: funkwhale
- name: Deploy systemd units
template: src=funkwhale-{{ item }}.service.j2 dest=/etc/systemd/system/funkwhale_{{ funkwhale_id }}-{{ item }}.service
register: funkwhale_units
loop:
- server
- worker
- beat
notify: restart funkwhale
tags: funkwhale
- name: Deploy library update units
template: src=funkwhale-update-media.{{ item }}.j2 dest=/etc/systemd/system/funkwhale_{{ funkwhale_id }}-update-media.{{ item }}
register: funkwhale_media_updater
loop:
- service
- timer
tags: funkwhale
- name: Reload systemd
systemd: daemon_reload=True
when: (funkwhale_units.results + funkwhale_media_updater.results) | selectattr('changed','equalto',True) | list | length > 0
tags: funkwhale
- name: Deploy pre and post backup scripts
template: src={{ item }}-backup.sh.j2 dest=/etc/backup/{{ item }}.d/funkwhale_{{ funkwhale_id }}.sh mode=750
loop:
- pre
- post
tags: funkwhale
- name: Start and enable funkwhale services
systemd: name=funkwhale_{{ funkwhale_id }}-{{ item }} state=started enabled=True
loop:
- server.service
- update-media.timer
tags: funkwhale
- name: Write version
copy: content={{ funkwhale_version }} dest={{ funkwhale_root_dir }}/meta/ansible_version
when: funkwhale_install_mode != "none"
tags: funkwhale
- name: Compress previous version
command: tar cf {{ funkwhale_root_dir }}/archives/{{ funkwhale_current_version }}.txz ./
environment:
XZ_OPT: -T0
args:
chdir: "{{ funkwhale_root_dir }}/archives/{{ funkwhale_current_version }}"
warn: False
when: funkwhale_install_mode == 'upgrade'
tags: funkwhale
- name: Remove temp files
file: path={{ funkwhale_root_dir }}/{{ item }} state=absent
loop:
- tmp/api.zip
- tmp/api
- tmp/front.zip
- tmp/front
- archives/{{ funkwhale_current_version }}
- db_dumps
tags: funkwhale
- include: user.yml
- include: directories.yml
- include: facts.yml
- include: archive_pre.yml
when: funkwhale_install_mode == 'upgrade'
- include: install.yml
- include: conf.yml
- include: service.yml
- include: write_version.yml
- include: archive_post.yml
when: funkwhale_install_mode == 'upgrade'
- include: cleanup.yml

@ -0,0 +1,9 @@
---
- name: Start and enable funkwhale services
systemd: name=funkwhale_{{ funkwhale_id }}-{{ item }} state=started enabled=True
loop:
- server.service
- update-media.timer
tags: funkwhale

@ -0,0 +1,10 @@
---
- name: Create a system user account
user:
name: "{{ funkwhale_user }}"
comment: "Funkwhale system user"
system: True
shell: /sbin/nologin
home: "{{ funkwhale_root_dir }}"
tags: funkwhale

@ -0,0 +1,6 @@
---
- name: Write version
copy: content={{ funkwhale_version }} dest={{ funkwhale_root_dir }}/meta/ansible_version
tags: funkwhale
Loading…
Cancel
Save