# HG changeset patch # User Luke Hoersten # Date 1774723328 18000 # Node ID 433b19646947374e2116341552c58f1954873b96 # Parent 3c105c4c9a39cc65ad28dc552bb0cfc1c80faab6 Added soju role. diff -r 3c105c4c9a39 -r 433b19646947 dendrite/server/tasks/main.yaml --- a/dendrite/server/tasks/main.yaml Sat Mar 28 09:03:56 2026 -0500 +++ b/dendrite/server/tasks/main.yaml Sat Mar 28 13:42:08 2026 -0500 @@ -108,3 +108,4 @@ - name: ensure service is started become: yes systemd: name="dendrite@{{dendrite_port}}.service" enabled="yes" state="started" + diff -r 3c105c4c9a39 -r 433b19646947 dendrite/server/templates/nginx.conf.j2 --- a/dendrite/server/templates/nginx.conf.j2 Sat Mar 28 09:03:56 2026 -0500 +++ b/dendrite/server/templates/nginx.conf.j2 Sat Mar 28 13:42:08 2026 -0500 @@ -1,4 +1,4 @@ -limit_req_zone $binary_remote_addr zone=dendrite_reg:10m rate=2r/m; +limit_req_zone $binary_remote_addr zone=dendrite_reg_{{dendrite_instance}}:10m rate=2r/m; server { listen 80; @@ -39,7 +39,7 @@ proxy_read_timeout 600; location ~* ^/_matrix/client/[^/]+/register { - limit_req zone=dendrite_reg burst=3 nodelay; + limit_req zone=dendrite_reg_{{dendrite_instance}} burst=3 nodelay; proxy_pass http://127.0.0.1:{{nginx_proxy_port}}; } diff -r 3c105c4c9a39 -r 433b19646947 pleroma/otp/tasks/install.yaml --- a/pleroma/otp/tasks/install.yaml Sat Mar 28 09:03:56 2026 -0500 +++ b/pleroma/otp/tasks/install.yaml Sat Mar 28 13:42:08 2026 -0500 @@ -6,12 +6,20 @@ src: "{{pleroma_download_url}}" dest: "/tmp/" remote_src: yes + register: pleroma_download + ignore_errors: true + +- name: warn if pleroma download failed + debug: + msg: "WARNING: Could not download Pleroma release from {{pleroma_download_url}} — skipping install, existing binary unchanged." + when: pleroma_download is failed - name: delete old pleroma release become: yes file: path: "/opt/pleroma/" state: "absent" + when: pleroma_download is succeeded - name: install pleroma release become: yes @@ -21,4 +29,5 @@ dest: "/opt/pleroma/" owner: "pleroma" group: "pleroma" + when: pleroma_download is succeeded notify: restart all pleroma instances diff -r 3c105c4c9a39 -r 433b19646947 rpi-base/tasks/main.yaml --- a/rpi-base/tasks/main.yaml Sat Mar 28 09:03:56 2026 -0500 +++ b/rpi-base/tasks/main.yaml Sat Mar 28 13:42:08 2026 -0500 @@ -30,7 +30,7 @@ - name: update apt package cache become: yes - apt: upgrade="dist" autoremove="yes" autoclean="yes" update_cache="yes" cache_valid_time="3600" + apt: update_cache="yes" cache_valid_time="3600" - name: install extra apt packages become: yes @@ -94,3 +94,16 @@ - name: ensure log2ram service is started become: yes systemd: name="log2ram.service" enabled="yes" state="started" + +- name: get local terminfo + command: infocmp + delegate_to: localhost + register: terminfo + changed_when: false + +- name: install local terminfo on host + become: yes + shell: "tic -x -" + args: + stdin: "{{terminfo.stdout}}" + changed_when: false diff -r 3c105c4c9a39 -r 433b19646947 soju/defaults/main.yaml --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/soju/defaults/main.yaml Sat Mar 28 13:42:08 2026 -0500 @@ -0,0 +1,6 @@ +--- + +soju_user: "soju" +soju_port: "6697" +soju_local_port: "16667" +soju_data_dir: "/var/lib/soju" diff -r 3c105c4c9a39 -r 433b19646947 soju/handlers/main.yaml --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/soju/handlers/main.yaml Sat Mar 28 13:42:08 2026 -0500 @@ -0,0 +1,9 @@ +--- + +- name: restart soju + become: yes + systemd: name="soju.service" state="restarted" + +- name: reload nginx + become: yes + systemd: name="nginx.service" state="reloaded" diff -r 3c105c4c9a39 -r 433b19646947 soju/tasks/main.yaml --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/soju/tasks/main.yaml Sat Mar 28 13:42:08 2026 -0500 @@ -0,0 +1,94 @@ +--- + +- name: install soju + become: yes + apt: name="soju" + notify: restart soju + +- name: install soju db schema file + become: yes + template: + src: "setup_db.psql.j2" + dest: "/tmp/setup_db_soju.psql" + owner: "postgres" + group: "postgres" + mode: "0600" + +- name: setup soju db + become: yes + become_user: "postgres" + command: "psql -f /tmp/setup_db_soju.psql" + changed_when: false + +- name: create soju data dir + become: yes + file: + path: "{{soju_data_dir}}" + state: "directory" + owner: "{{soju_user}}" + group: "{{soju_user}}" + mode: "0755" + +- name: configure soju + become: yes + template: + src: "config.j2" + dest: "/etc/soju/config" + mode: "0644" + notify: restart soju + +- name: enable soju service + become: yes + systemd: name="soju.service" enabled="yes" state="started" + +- name: flush handlers to ensure soju is restarted with latest config + meta: flush_handlers + +- name: create soju admin user + become: yes + become_user: "{{soju_user}}" + shell: "echo '{{soju_admin_password}}' | sojudb -config /etc/soju/config create-user {{soju_admin_user}} -admin" + register: soju_create_user + changed_when: soju_create_user.rc == 0 + failed_when: soju_create_user.rc != 0 and 'duplicate key' not in soju_create_user.stderr + no_log: true + +- name: create soju networks + become: yes + become_user: "{{soju_user}}" + command: > + sojuctl -config /etc/soju/config user run {{soju_admin_user}} + network create + -addr {{item.addr}} + -name {{item.name}} + -nick {{item.nick}} + loop: "{{soju_networks}}" + register: soju_network_create + changed_when: soju_network_create.rc == 0 + failed_when: soju_network_create.rc != 0 and 'already exists' not in soju_network_create.stderr + no_log: true + +- name: configure soju network sasl + become: yes + become_user: "{{soju_user}}" + command: > + sojuctl -config /etc/soju/config user run {{soju_admin_user}} + sasl set-plain -network {{item.name}} {{item.sasl_username}} {{item.sasl_password}} + loop: "{{soju_networks}}" + when: item.sasl_username is defined + no_log: true + +- name: install nginx stream config + become: yes + template: + src: "nginx-stream.conf.j2" + dest: "/etc/nginx/streams-available/soju.conf" + notify: reload nginx + +- name: enable nginx stream config + become: yes + file: + src: "/etc/nginx/streams-available/soju.conf" + dest: "/etc/nginx/streams-enabled/soju.conf" + state: "link" + notify: reload nginx diff -r 3c105c4c9a39 -r 433b19646947 soju/templates/config.j2 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/soju/templates/config.j2 Sat Mar 28 13:42:08 2026 -0500 @@ -0,0 +1,5 @@ +listen irc+insecure://127.0.0.1:{{soju_local_port}} +listen unix+admin:///run/soju/admin +hostname {{soju_hostname}} +db postgres "host=/var/run/postgresql dbname=soju" +message-store db diff -r 3c105c4c9a39 -r 433b19646947 soju/templates/nginx-stream.conf.j2 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/soju/templates/nginx-stream.conf.j2 Sat Mar 28 13:42:08 2026 -0500 @@ -0,0 +1,10 @@ +server { + listen {{soju_port}} ssl; + listen [::]:{{soju_port}} ssl; + + ssl_certificate {{soju_ssl_cert}}; + ssl_certificate_key {{soju_ssl_privkey}}; + ssl_protocols TLSv1.2 TLSv1.3; + + proxy_pass 127.0.0.1:{{soju_local_port}}; +} diff -r 3c105c4c9a39 -r 433b19646947 soju/templates/setup_db.psql.j2 --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/soju/templates/setup_db.psql.j2 Sat Mar 28 13:42:08 2026 -0500 @@ -0,0 +1,2 @@ +CREATE USER soju; +CREATE DATABASE soju WITH OWNER soju; diff -r 3c105c4c9a39 -r 433b19646947 transmission/tasks/main.yaml --- a/transmission/tasks/main.yaml Sat Mar 28 09:03:56 2026 -0500 +++ b/transmission/tasks/main.yaml Sat Mar 28 13:42:08 2026 -0500 @@ -36,7 +36,7 @@ regexp: '^ "umask":' line: ' "umask": 2,' insertafter: ",$" - notify: restart transmission service + changed_when: false - name: config port become: yes