Update to 2021-12-01 19:13

roles/funkwhale/tasks/archive_post.yml

@@ -0,0 +1,11 @@
+---
+
+- name: Compress previous version
+  command: tar cf {{ funkwhale_root_dir }}/archives/{{ funkwhale_current_version }}.tar.zst --use-compress-program=zstd ./
+  args:
+    chdir: "{{ funkwhale_root_dir }}/archives/{{ funkwhale_current_version }}"
+    warn: False
+  environment:
+    ZSTD_CLEVEL: 10
+  tags: funkwhale
+

roles/funkwhale/tasks/archive_pre.yml

@@ -0,0 +1,32 @@
+---
+
+- name: Create archive dir
+  file: path={{ funkwhale_root_dir }}/archives/{{ funkwhale_current_version }} state=directory
+  tags: funkwhale
+
+- name: Archive previous version
+  synchronize:
+    src: "{{ funkwhale_root_dir }}/{{ item }}"
+    dest: "{{ funkwhale_root_dir }}/archives/{{ funkwhale_current_version }}/"
+    recursive: True
+    delete: True
+  loop:
+    - api
+    - front
+    - venv
+  delegate_to: "{{ inventory_hostname }}"
+  tags: funkwhale
+
+- name: Archive a database dump
+  command: >
+    /usr/pgsql-14/bin/pg_dump
+    --clean
+    --create
+    --host={{ funkwhale_db_server }}
+    --port={{ funkwhale_db_port }}
+    --username=sqladmin {{ funkwhale_db_name }}
+    --file={{ funkwhale_root_dir }}/archives/{{ funkwhale_current_version }}/{{ funkwhale_db_name }}.sql
+  environment:
+    - PGPASSWORD: "{{ pg_admin_pass }}"
+  tags: funkwhale
+

roles/funkwhale/tasks/cleanup.yml

@@ -0,0 +1,12 @@
+---
+
+- name: Remove temp files
+  file: path={{ funkwhale_root_dir }}/{{ item }} state=absent
+  loop:
+    - tmp/api.zip
+    - tmp/api
+    - tmp/front.zip
+    - tmp/front
+    - archives/{{ funkwhale_current_version }}
+    - db_dumps
+  tags: funkwhale

roles/funkwhale/tasks/conf.yml

@@ -0,0 +1,17 @@
+---
+
+- name: Deploy permissions script
+  template: src=perms.sh.j2 dest={{ funkwhale_root_dir }}/perms.sh mode=755
+  register: funkwhale_perms
+  tags: funkwhale
+
+- name: Set optimal permissions
+  command: "{{ funkwhale_root_dir }}/perms.sh"
+  when: funkwhale_install_mode != 'none' or funkwhale_perms.changed
+  tags: funkwhale
+
+- name: Deploy apache config
+  template: src=httpd.conf.j2 dest=/etc/httpd/ansible_conf.d/40-funkwhale_{{ funkwhale_id }}.conf
+  notify: reload httpd
+  tags: funkwhale
+

roles/funkwhale/tasks/directories.yml

@@ -0,0 +1,30 @@
+---
+
+- name: Create directories
+  file:
+    path: "{{ funkwhale_root_dir }}/{{ item.dir }}"
+    state: directory
+    owner: "{{ item.user | default(omit) }}"
+    group: "{{ item.group | default(omit) }}"
+    mode: "{{ item.mode | default(omit) }}"
+  loop:
+    - dir: /
+    - dir: api
+    - dir: front
+    - dir: data
+    - dir: data/media
+    - dir: data/music
+    - dir: data/static
+    - dir: config
+      group: "{{ funkwhale_user }}"
+      mode: 750
+    - dir: archives
+      mode: 700
+    - dir: meta
+      mode: 700
+    - dir: tmp
+      mode: 700
+    - dir: backup
+      mode: 700
+  tags: funkwhale
+

roles/funkwhale/tasks/facts.yml

@@ -0,0 +1,42 @@
+---
+
+- include_vars: "{{ item }}"
+  with_first_found:
+    - vars/{{ ansible_distribution }}-{{ ansible_distribution_major_version }}.yml
+    - vars/{{ ansible_os_family }}-{{ ansible_distribution_major_version }}.yml
+    - vars/{{ ansible_distribution }}.yml
+    - vars/{{ ansible_os_family }}.yml
+  tags: funkwhale
+
+- fail: msg="pg_admin_pass must be set"
+  when: pg_admin_pass is not defined
+  tags: funkwhale
+
+- import_tasks: ../includes/webapps_set_install_mode.yml
+  vars:
+    - root_dir: "{{ funkwhale_root_dir }}"
+    - version: "{{ funkwhale_version }}"
+  tags: funkwhale
+- block:
+    - set_fact: funkwhale_install_mode={{ (install_mode == 'upgrade' and not funkwhale_manage_upgrade) | ternary('none',install_mode) }}
+    - set_fact: funkwhale_current_version={{ current_version | default('') }}
+  tags: funkwhale
+
+  # Create a random pass for the DB if needed
+- when: funkwhale_db_pass is not defined
+  block:
+    - import_tasks: ../includes/get_rand_pass.yml
+      vars:
+        - pass_file: "{{ funkwhale_root_dir }}/meta/ansible_dbpass"
+    - set_fact: funkwhale_db_pass={{ rand_pass }}
+  tags: funkwhale
+
+  # Create a random django secret key
+- when: funkwhale_secret_key is not defined
+  block:
+    - import_tasks: ../includes/get_rand_pass.yml
+      vars:
+        - pass_file: "{{ funkwhale_root_dir }}/meta/ansible_django_key"
+    - set_fact: funkwhale_secret_key={{ rand_pass }}
+  tags: funkwhale
+

roles/funkwhale/tasks/install.yml

@@ -0,0 +1,183 @@
+---
+
+- name: Install packages
+  yum: name={{ funkwhale_packages }}
+  tags: funkwhale
+
+- name: Check if mod_xsendfile is available
+  stat: path=/usr/lib64/httpd/modules/mod_xsendfile.so
+  register: funkwhale_xsendfile
+  tags: funkwhale
+
+- name: Download funkwhale frontend and api
+  get_url:
+    url: "{{ funkwhale_base_url }}?job=build_{{ item }}"
+    dest: "{{ funkwhale_root_dir }}/tmp/{{ item }}.zip"
+    checksum: sha1:{{ funkwhale_archive_sha1[item] }}
+  when: funkwhale_install_mode != 'none'
+  loop:
+    - front
+    - api
+  tags: funkwhale
+
+- name: Extract funkwhale archives
+  unarchive:
+    src: "{{ funkwhale_root_dir }}/tmp/{{ item }}.zip"
+    dest: "{{ funkwhale_root_dir }}/tmp/"
+    remote_src: True
+  when: funkwhale_install_mode != 'none'
+  loop:
+    - front
+    - api
+  tags: funkwhale
+
+- name: Move files to their final location
+  synchronize:
+    src: "{{ funkwhale_root_dir }}/tmp/{{ item }}/"
+    dest: "{{ funkwhale_root_dir }}/{{ item }}/"
+    recursive: True
+    delete: True
+  loop:
+    - api
+    - front
+  delegate_to: "{{ inventory_hostname }}"
+  when: funkwhale_install_mode != 'none'
+  tags: funkwhale
+
+- name: Create the PostgreSQL role
+  postgresql_user:
+    db: postgres
+    name: "{{ funkwhale_db_user }}"
+    password: "{{ funkwhale_db_pass }}"
+    login_host: "{{ funkwhale_db_server }}"
+    login_user: sqladmin
+    login_password: "{{ pg_admin_pass }}"
+  tags: funkwhale
+
+- name: Create the PostgreSQL database
+  postgresql_db:
+    name: "{{ funkwhale_db_name }}"
+    encoding: UTF-8
+    lc_collate: C
+    lc_ctype: C
+    template: template0
+    owner: "{{ funkwhale_db_user }}"
+    login_host: "{{ funkwhale_db_server }}"
+    login_user: sqladmin
+    login_password: "{{ pg_admin_pass }}"
+  tags: funkwhale
+
+- name: Enable required PostgreSQL extensions
+  postgresql_ext:
+    name: "{{ item }}"
+    db: "{{ funkwhale_db_name }}"
+    login_host: "{{ funkwhale_db_server }}"
+    login_user: sqladmin
+    login_password: "{{ pg_admin_pass }}"
+  loop:
+    - unaccent
+    - citext
+  tags: funkwhale
+
+- name: Wipe the venv on upgrade
+  file: path={{ funkwhale_root_dir }}/venv state=absent
+  when: funkwhale_install_mode == 'upgrade'
+  tags: funkwhale
+
+- name: Create the venv dir
+  file: path={{ funkwhale_root_dir }}/venv state=directory
+  tags: funkwhale
+
+- name: Create the virtualenv
+  pip:
+    name:
+      - wheel
+      - pip
+      - virtualenv
+      - service_identity
+    virtualenv: "{{ funkwhale_root_dir }}/venv"
+    virtualenv_command: /bin/virtualenv-3
+    virtualenv_python: /bin/python3
+  when: funkwhale_install_mode != 'none'
+  notify: restart funkwhale
+  tags: funkwhale
+
+- name: Install python modules in the virtualenv
+  pip:
+    requirements: "{{ funkwhale_root_dir }}/api/requirements.txt"
+    virtualenv: "{{ funkwhale_root_dir }}/venv"
+    virtualenv_command: /bin/virtualenv-3
+    virtualenv_python: /bin/python3
+  when: funkwhale_install_mode != 'none'
+  notify: restart funkwhale
+  tags: funkwhale
+
+- name: Deploy funkwhale configuration
+  template: src=env.j2 dest={{ funkwhale_root_dir }}/config/.env group={{ funkwhale_user }}
+  notify: restart funkwhale
+  tags: funkwhale
+
+- name: Migrate database
+  django_manage:
+    command: migrate
+    app_path: "{{ funkwhale_root_dir }}/api"
+    virtualenv: "{{ funkwhale_root_dir }}/venv"
+  environment:
+    - FUNKWHALE_URL: "{{ funkwhale_public_url }}"
+  when: funkwhale_install_mode != 'none'
+  notify: restart funkwhale
+  tags: funkwhale
+
+- name: Collect static files
+  django_manage:
+    command: collectstatic
+    app_path: "{{ funkwhale_root_dir }}/api"
+    virtualenv: "{{ funkwhale_root_dir }}/venv"
+  when: funkwhale_install_mode != 'none'
+  tags: funkwhale
+
+- name: Deploy systemd units
+  template: src=funkwhale-{{ item }}.service.j2 dest=/etc/systemd/system/funkwhale_{{ funkwhale_id }}-{{ item }}.service
+  register: funkwhale_units
+  loop:
+    - server
+    - worker
+    - beat
+  notify: restart funkwhale
+  tags: funkwhale
+
+- name: Deploy library update units
+  template: src=funkwhale-update-media.{{ item }}.j2 dest=/etc/systemd/system/funkwhale_{{ funkwhale_id }}-update-media.{{ item }}
+  register: funkwhale_media_updater
+  loop:
+    - service
+    - timer
+  tags: funkwhale
+
+- name: Reload systemd
+  systemd: daemon_reload=True
+  when: (funkwhale_units.results + funkwhale_media_updater.results) | selectattr('changed','equalto',True) | list | length > 0
+  tags: funkwhale
+
+- name: Deploy pre and post backup scripts
+  template: src={{ item }}-backup.sh.j2 dest=/etc/backup/{{ item }}.d/funkwhale_{{ funkwhale_id }}.sh mode=750
+  loop:
+    - pre
+    - post
+  tags: funkwhale
+
+  # When upgrading to funkwhale 1.0, we have to rebuild thumbnails
+- block:
+    - name: Wipe the thumbnail directory
+      file: path={{ funkwhale_root_dir }}/data/media/__sized__ state=absent
+
+    - name: Rebuild thumbnails
+      django_manage:
+        command: fw media generate-thumbnails
+        app_path: "{{ funkwhale_root_dir }}/api"
+        virtualenv: "{{ funkwhale_root_dir }}/venv"
+
+  when:
+    - funkwhale_install_mode == 'upgrade'
+    - funkwhale_current_version is version('1.0', '<')
+  tags: funkwhale

roles/funkwhale/tasks/main.yml

@@ -0,0 +1,14 @@
+---
+
+- include: user.yml
+- include: directories.yml
+- include: facts.yml
+- include: archive_pre.yml
+  when: funkwhale_install_mode == 'upgrade'
+- include: install.yml
+- include: conf.yml
+- include: service.yml
+- include: write_version.yml
+- include: archive_post.yml
+  when: funkwhale_install_mode == 'upgrade'
+- include: cleanup.yml

roles/funkwhale/tasks/service.yml

@@ -0,0 +1,9 @@
+---
+
+- name: Start and enable funkwhale services
+  systemd: name=funkwhale_{{ funkwhale_id }}-{{ item }} state=started enabled=True
+  loop:
+    - server.service
+    - update-media.timer
+  tags: funkwhale
+

roles/funkwhale/tasks/user.yml

@@ -0,0 +1,10 @@
+---
+
+- name: Create a system user account
+  user:
+    name: "{{ funkwhale_user }}"
+    comment: "Funkwhale system user"
+    system: True
+    shell: /sbin/nologin
+    home: "{{ funkwhale_root_dir }}"
+  tags: funkwhale

roles/funkwhale/tasks/write_version.yml

@@ -0,0 +1,6 @@
+---
+
+- name: Write version
+  copy: content={{ funkwhale_version }} dest={{ funkwhale_root_dir }}/meta/ansible_version
+  tags: funkwhale
+