Added writefreely backup.
authorLuke Hoersten <luke@hoersten.org>
Sun, 04 Jul 2021 12:05:24 -0500
changeset 159 05d0cf32e077
parent 158 1b7ccb729164
child 160 64abbaff7a7d
Added writefreely backup.
writefreely/aws-s3-backup/files/writefreely-s3-backup-lifecycle.json
writefreely/aws-s3-backup/files/writefreely-s3-backup.sh
writefreely/aws-s3-backup/handlers/main.yaml
writefreely/aws-s3-backup/meta/main.yaml
writefreely/aws-s3-backup/tasks/main.yaml
writefreely/aws-s3-backup/templates/[email protected]
writefreely/defaults/main.yaml
writefreely/handlers/main.yaml
writefreely/server/defaults/main.yaml
writefreely/server/handlers/main.yaml
writefreely/server/tasks/main.yaml
writefreely/server/templates/config.ini.j2
writefreely/server/templates/nginx.conf.j2
writefreely/server/templates/[email protected]
writefreely/tasks/main.yaml
writefreely/templates/config.ini.j2
writefreely/templates/nginx.conf.j2
writefreely/templates/[email protected]
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/writefreely/aws-s3-backup/files/writefreely-s3-backup-lifecycle.json	Sun Jul 04 12:05:24 2021 -0500
@@ -0,0 +1,12 @@
+{
+	 "Rules": [
+		  {
+				"ID": "expiration",
+				"Filter": {},
+				"Status": "Enabled",
+				"NoncurrentVersionExpiration": {
+					 "NoncurrentDays": 30
+				}
+		  }
+	 ]
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/writefreely/aws-s3-backup/files/writefreely-s3-backup.sh	Sun Jul 04 12:05:24 2021 -0500
@@ -0,0 +1,13 @@
+#!/bin/bash
+
+BUCKET=$1
+BACKUP_DIR=$2
+BACKUP_TAR="/tmp/$BUCKET.tgz"
+
+tar -zc -f $BACKUP_TAR $BACKUP_DIR
+aws s3 mb "s3://$BUCKET/"
+aws s3api put-bucket-versioning --bucket "$BUCKET" --versioning-configuration Status=Enabled
+aws s3api put-bucket-lifecycle-configuration --bucket "$BUCKET" --lifecycle-configuration "file:///usr/local/share/writefreely-s3-backup-lifecycle.json"
+aws s3 cp $BACKUP_TAR "s3://$BUCKET/"
+
+rm $BACKUP_TAR
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/writefreely/aws-s3-backup/handlers/main.yaml	Sun Jul 04 12:05:24 2021 -0500
@@ -0,0 +1,5 @@
+---
+
+- name: reload s3 backup service
+  systemd: name="mercurial-s3-backup@{{mercurial_s3_backup_bucket}}.service" enabled="yes" daemon_reload="yes"
+  become: yes
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/writefreely/aws-s3-backup/meta/main.yaml	Sun Jul 04 12:05:24 2021 -0500
@@ -0,0 +1,4 @@
+---
+
+dependencies:
+  - aws-s3-backup
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/writefreely/aws-s3-backup/tasks/main.yaml	Sun Jul 04 12:05:24 2021 -0500
@@ -0,0 +1,26 @@
+---
+
+- name: create writefreely s3 backup shell script
+  become: yes
+  copy:
+    src: "writefreely-s3-backup.sh"
+    dest: "/usr/local/bin/writefreely-s3-backup.sh"
+    mode: "0755"
+
+- name: create s3 backup lifesycle json file
+  become: yes
+  copy:
+    src: "writefreely-s3-backup-lifecycle.json"
+    dest: "/usr/local/share/writefreely-s3-backup-lifecycle.json"
+    mode: "0755"
+
+- name: configure writefreely s3 backup systemd service
+  become: yes
+  template:
+    src: "[email protected]"
+    dest: "/lib/systemd/system/writefreely-s3-backup@{{writefreely_s3_backup_bucket}}.service"
+  notify: reload s3 backup service
+
+- name: ensure writefreely s3 backup service is started
+  become: yes
+  systemd: name="writefreely-s3-backup@{{writefreely_s3_backup_bucket}}.service" enabled="yes"
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/writefreely/aws-s3-backup/templates/[email protected]	Sun Jul 04 12:05:24 2021 -0500
@@ -0,0 +1,9 @@
+[Unit]
+Description=Writefreely s3 backup for "%I"
+
+[Service]
+Type=oneshot
+ExecStart=/usr/local/bin/writefreely-s3-backup.sh %i "{{writefreely_s3_backup_dir}}"
+
+[Install]
+WantedBy=aws-s3-backup.target
--- a/writefreely/defaults/main.yaml	Sat Jul 03 13:38:02 2021 -0500
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,11 +0,0 @@
----
-
-writefreely_user: "writefreely"
-writefreely_arch: "arm64"
-writefreely_version: "0.12.0"
-writefreely_tar: "https://github.com/writeas/writefreely/releases/download/v{{writefreely_version}}/writefreely_{{writefreely_version}}_linux_{{writefreely_arch}}.tar.gz"
-
-writefreely_dir: "/var/writefreely"
-writefreely_port: "8080"
-writefreely_url: "https://{{writefreely_instance}}"
-writefreely_site_name: "{{writefreely_instance}}"
--- a/writefreely/handlers/main.yaml	Sat Jul 03 13:38:02 2021 -0500
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,12 +0,0 @@
----
-
-- name: reload service
-  become: yes
-  systemd: name="writefreely@{{writefreely_instance}}.service" enabled="yes" daemon_reload="yes"
-
-- name: migrate db
-  become: yes
-  become_user: "{{writefreely_user}}"
-  command: "writefreely db migrate"
-  args:
-    chdir: "{{writefreely_dir}}/{{writefreely_instance}}/"
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/writefreely/server/defaults/main.yaml	Sun Jul 04 12:05:24 2021 -0500
@@ -0,0 +1,11 @@
+---
+
+writefreely_user: "writefreely"
+writefreely_arch: "arm64"
+writefreely_version: "0.12.0"
+writefreely_tar: "https://github.com/writeas/writefreely/releases/download/v{{writefreely_version}}/writefreely_{{writefreely_version}}_linux_{{writefreely_arch}}.tar.gz"
+
+writefreely_dir: "/var/writefreely"
+writefreely_port: "8080"
+writefreely_url: "https://{{writefreely_instance}}"
+writefreely_site_name: "{{writefreely_instance}}"
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/writefreely/server/handlers/main.yaml	Sun Jul 04 12:05:24 2021 -0500
@@ -0,0 +1,12 @@
+---
+
+- name: reload service
+  become: yes
+  systemd: name="writefreely@{{writefreely_instance}}.service" enabled="yes" daemon_reload="yes"
+
+- name: migrate db
+  become: yes
+  become_user: "{{writefreely_user}}"
+  command: "writefreely db migrate"
+  args:
+    chdir: "{{writefreely_dir}}/{{writefreely_instance}}/"
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/writefreely/server/tasks/main.yaml	Sun Jul 04 12:05:24 2021 -0500
@@ -0,0 +1,103 @@
+---
+
+- name: add writefreely user
+  become: yes
+  user: name="{{writefreely_user}}"
+
+- name: unarchive writefreely
+  become: yes
+  unarchive:
+    remote_src: yes
+    src: "{{writefreely_tar}}"
+    dest: "/tmp/"
+    creates: "/tmp/writefreely/"
+    owner: "root"
+    group: "root"
+
+- name: install writefreely binary
+  become: yes
+  copy:
+    src: "/tmp/writefreely/writefreely"
+    dest: "/usr/local/bin/"
+    remote_src: yes
+    owner: "{{writefreely_user}}"
+    group: "{{writefreely_user}}"
+    mode: "0755"
+  notify: migrate db
+
+- name: create instance dir
+  become: yes
+  file:
+    path: "{{item}}"
+    state: "directory"
+    owner: "{{writefreely_user}}"
+    group: "{{writefreely_user}}"
+    mode: "0755"
+  notify: reload service
+  loop:
+    - "{{writefreely_dir}}"
+    - "{{writefreely_dir}}/{{writefreely_instance}}"
+
+- name: install static content
+  become: yes
+  copy:
+    src: "/tmp/writefreely/"
+    remote_src: yes
+    dest: "{{writefreely_dir}}/{{writefreely_instance}}/"
+    owner: "{{writefreely_user}}"
+    group: "{{writefreely_user}}"
+    mode: "0755"
+
+- name: configure
+  become: yes
+  template:
+    src: "config.ini.j2"
+    dest: "{{writefreely_dir}}/{{writefreely_instance}}/config.ini"
+    mode: "0644"
+    owner: "{{writefreely_user}}"
+    group: "{{writefreely_user}}"
+  notify: reload service
+
+- name: check if keys exists
+  stat:
+    path: "{{writefreely_dir}}/{{writefreely_instance}}/keys/cookies_auth.aes256"
+  register: keys_file
+
+- name: generate keys
+  become: yes
+  become_user: "{{writefreely_user}}"
+  command: "writefreely keys gen"
+  args:
+    chdir: "{{writefreely_dir}}/{{writefreely_instance}}/"
+  when: not keys_file.stat.exists
+
+- name: check if db exists
+  stat:
+    path: "{{writefreely_dir}}/{{writefreely_instance}}/writefreely.db"
+  register: db_file
+
+- name: create db
+  become: yes
+  become_user: "{{writefreely_user}}"
+  command: "writefreely db init"
+  args:
+    chdir: "{{writefreely_dir}}/{{writefreely_instance}}/"
+  when: not db_file.stat.exists
+
+- name: create admin
+  become: yes
+  become_user: "{{writefreely_user}}"
+  command: "writefreely --create-admin admin:admin"
+  args:
+    chdir: "{{writefreely_dir}}/{{writefreely_instance}}/"
+  when: not db_file.stat.exists
+
+- name: install systemd service
+  become: yes
+  template:
+    src: "[email protected]"
+    dest: "/lib/systemd/system/[email protected]"
+
+- name: ensure service is started
+  become: yes
+  systemd: name="writefreely@{{writefreely_instance}}.service" enabled="yes" state="started"
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/writefreely/server/templates/config.ini.j2	Sun Jul 04 12:05:24 2021 -0500
@@ -0,0 +1,71 @@
+[server]
+hidden_host          =
+port                 = {{writefreely_port}}
+bind                 = localhost
+tls_cert_path        =
+tls_key_path         =
+autocert             = false
+templates_parent_dir =
+static_parent_dir    =
+pages_parent_dir     =
+keys_parent_dir      =
+hash_seed            =
+
+[database]
+type     = sqlite3
+filename = writefreely.db
+username =
+password =
+database = writefreely
+host     = localhost
+port     = 3306
+
+[app]
+site_name          = {{writefreely_site_name}}
+site_description   =
+host               = {{writefreely_url}}
+theme              = write
+editor             =
+disable_js         = false
+webfonts           = true
+landing            = /read
+simple_nav         = false
+wf_modesty         = false
+chorus             = false
+forest             = false
+disable_drafts     = false
+single_user        = false
+open_registration  = false
+min_username_len   = 3
+max_blogs          = 1
+federation         = true
+public_stats       = true
+private            = false
+local_timeline     = true
+user_invites       = admin
+default_visibility = public
+update_checks      = false
+
+[oauth.slack]
+client_id          =
+client_secret      =
+team_id            =
+callback_proxy     =
+callback_proxy_api =
+
+[oauth.writeas]
+client_id          =
+client_secret      =
+auth_location      =
+token_location     =
+inspect_location   =
+callback_proxy     =
+callback_proxy_api =
+
+[oauth.gitlab]
+client_id          =
+client_secret      =
+host               =
+display_name       =
+callback_proxy     =
+callback_proxy_api =
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/writefreely/server/templates/nginx.conf.j2	Sun Jul 04 12:05:24 2021 -0500
@@ -0,0 +1,54 @@
+server {
+    listen 80;
+    server_name {{nginx_server_name}};
+    return 301 https://$host$request_uri;
+}
+
+server {
+    listen 443 ssl http2;
+    server_name {{nginx_server_name}};
+
+    ssl_certificate {{nginx_ssl_cert}};
+    ssl_certificate_key {{nginx_ssl_privkey}};
+    ssl_ecdh_curve X25519:prime256v1:secp384r1:secp521r1;
+
+    gzip on;
+    gzip_types
+      application/javascript
+      application/x-javascript
+      application/json
+      application/rss+xml
+      application/xml
+      image/svg+xml
+      image/x-icon
+      application/vnd.ms-fontobject
+      application/font-sfnt
+      text/css
+      text/plain;
+    gzip_min_length 256;
+    gzip_comp_level 5;
+    gzip_http_version 1.1;
+    gzip_vary on;
+
+    location ~ ^/.well-known/(webfinger|nodeinfo|host-meta) {
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $remote_addr;
+        proxy_pass http://127.0.0.1:{{nginx_proxy_port}};
+        proxy_redirect off;
+    }
+
+    location ~ ^/(css|img|js|fonts)/ {
+        root {{nginx_static_content}};
+        # Optionally cache these files in the browser:
+        # expires 12M;
+    }
+
+    location / {
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $remote_addr;
+        proxy_pass http://127.0.0.1:{{nginx_proxy_port}};
+        proxy_redirect off;
+    }
+}
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/writefreely/server/templates/[email protected]	Sun Jul 04 12:05:24 2021 -0500
@@ -0,0 +1,12 @@
+[Unit]
+Description=WriteFreely %I Instance
+After=syslog.target network.target
+
+[Service]
+WorkingDirectory={{writefreely_dir}}/%i/
+ExecStart=/usr/local/bin/writefreely
+Restart=always
+User={{writefreely_user}}
+
+[Install]
+WantedBy=multi-user.target
--- a/writefreely/tasks/main.yaml	Sat Jul 03 13:38:02 2021 -0500
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,103 +0,0 @@
----
-
-- name: add writefreely user
-  become: yes
-  user: name="{{writefreely_user}}"
-
-- name: unarchive writefreely
-  become: yes
-  unarchive:
-    remote_src: yes
-    src: "{{writefreely_tar}}"
-    dest: "/tmp/"
-    creates: "/tmp/writefreely/"
-    owner: "root"
-    group: "root"
-
-- name: install writefreely binary
-  become: yes
-  copy:
-    src: "/tmp/writefreely/writefreely"
-    dest: "/usr/local/bin/"
-    remote_src: yes
-    owner: "{{writefreely_user}}"
-    group: "{{writefreely_user}}"
-    mode: "0755"
-  notify: migrate db
-
-- name: create instance dir
-  become: yes
-  file:
-    path: "{{item}}"
-    state: "directory"
-    owner: "{{writefreely_user}}"
-    group: "{{writefreely_user}}"
-    mode: "0755"
-  notify: reload service
-  loop:
-    - "{{writefreely_dir}}"
-    - "{{writefreely_dir}}/{{writefreely_instance}}"
-
-- name: install static content
-  become: yes
-  copy:
-    src: "/tmp/writefreely/"
-    remote_src: yes
-    dest: "{{writefreely_dir}}/{{writefreely_instance}}/"
-    owner: "{{writefreely_user}}"
-    group: "{{writefreely_user}}"
-    mode: "0755"
-
-- name: configure
-  become: yes
-  template:
-    src: "config.ini.j2"
-    dest: "{{writefreely_dir}}/{{writefreely_instance}}/config.ini"
-    mode: "0644"
-    owner: "{{writefreely_user}}"
-    group: "{{writefreely_user}}"
-  notify: reload service
-
-- name: check if keys exists
-  stat:
-    path: "{{writefreely_dir}}/{{writefreely_instance}}/keys/cookies_auth.aes256"
-  register: keys_file
-
-- name: generate keys
-  become: yes
-  become_user: "{{writefreely_user}}"
-  command: "writefreely keys gen"
-  args:
-    chdir: "{{writefreely_dir}}/{{writefreely_instance}}/"
-  when: not keys_file.stat.exists
-
-- name: check if db exists
-  stat:
-    path: "{{writefreely_dir}}/{{writefreely_instance}}/writefreely.db"
-  register: db_file
-
-- name: create db
-  become: yes
-  become_user: "{{writefreely_user}}"
-  command: "writefreely db init"
-  args:
-    chdir: "{{writefreely_dir}}/{{writefreely_instance}}/"
-  when: not db_file.stat.exists
-
-- name: create admin
-  become: yes
-  become_user: "{{writefreely_user}}"
-  command: "writefreely --create-admin admin:admin"
-  args:
-    chdir: "{{writefreely_dir}}/{{writefreely_instance}}/"
-  when: not db_file.stat.exists
-
-- name: install systemd service
-  become: yes
-  template:
-    src: "[email protected]"
-    dest: "/lib/systemd/system/[email protected]"
-
-- name: ensure service is started
-  become: yes
-  systemd: name="writefreely@{{writefreely_instance}}.service" enabled="yes" state="started"
--- a/writefreely/templates/config.ini.j2	Sat Jul 03 13:38:02 2021 -0500
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,71 +0,0 @@
-[server]
-hidden_host          =
-port                 = {{writefreely_port}}
-bind                 = localhost
-tls_cert_path        =
-tls_key_path         =
-autocert             = false
-templates_parent_dir =
-static_parent_dir    =
-pages_parent_dir     =
-keys_parent_dir      =
-hash_seed            =
-
-[database]
-type     = sqlite3
-filename = writefreely.db
-username =
-password =
-database = writefreely
-host     = localhost
-port     = 3306
-
-[app]
-site_name          = {{writefreely_site_name}}
-site_description   =
-host               = {{writefreely_url}}
-theme              = write
-editor             =
-disable_js         = false
-webfonts           = true
-landing            = /read
-simple_nav         = false
-wf_modesty         = false
-chorus             = false
-forest             = false
-disable_drafts     = false
-single_user        = false
-open_registration  = false
-min_username_len   = 3
-max_blogs          = 1
-federation         = true
-public_stats       = true
-private            = false
-local_timeline     = true
-user_invites       = admin
-default_visibility = public
-update_checks      = false
-
-[oauth.slack]
-client_id          =
-client_secret      =
-team_id            =
-callback_proxy     =
-callback_proxy_api =
-
-[oauth.writeas]
-client_id          =
-client_secret      =
-auth_location      =
-token_location     =
-inspect_location   =
-callback_proxy     =
-callback_proxy_api =
-
-[oauth.gitlab]
-client_id          =
-client_secret      =
-host               =
-display_name       =
-callback_proxy     =
-callback_proxy_api =
--- a/writefreely/templates/nginx.conf.j2	Sat Jul 03 13:38:02 2021 -0500
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,54 +0,0 @@
-server {
-    listen 80;
-    server_name {{nginx_server_name}};
-    return 301 https://$host$request_uri;
-}
-
-server {
-    listen 443 ssl http2;
-    server_name {{nginx_server_name}};
-
-    ssl_certificate {{nginx_ssl_cert}};
-    ssl_certificate_key {{nginx_ssl_privkey}};
-    ssl_ecdh_curve X25519:prime256v1:secp384r1:secp521r1;
-
-    gzip on;
-    gzip_types
-      application/javascript
-      application/x-javascript
-      application/json
-      application/rss+xml
-      application/xml
-      image/svg+xml
-      image/x-icon
-      application/vnd.ms-fontobject
-      application/font-sfnt
-      text/css
-      text/plain;
-    gzip_min_length 256;
-    gzip_comp_level 5;
-    gzip_http_version 1.1;
-    gzip_vary on;
-
-    location ~ ^/.well-known/(webfinger|nodeinfo|host-meta) {
-        proxy_set_header Host $host;
-        proxy_set_header X-Real-IP $remote_addr;
-        proxy_set_header X-Forwarded-For $remote_addr;
-        proxy_pass http://127.0.0.1:{{nginx_proxy_port}};
-        proxy_redirect off;
-    }
-
-    location ~ ^/(css|img|js|fonts)/ {
-        root {{nginx_static_content}};
-        # Optionally cache these files in the browser:
-        # expires 12M;
-    }
-
-    location / {
-        proxy_set_header Host $host;
-        proxy_set_header X-Real-IP $remote_addr;
-        proxy_set_header X-Forwarded-For $remote_addr;
-        proxy_pass http://127.0.0.1:{{nginx_proxy_port}};
-        proxy_redirect off;
-    }
-}
--- a/writefreely/templates/[email protected]	Sat Jul 03 13:38:02 2021 -0500
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,12 +0,0 @@
-[Unit]
-Description=WriteFreely %I Instance
-After=syslog.target network.target
-
-[Service]
-WorkingDirectory={{writefreely_dir}}/%i/
-ExecStart=/usr/local/bin/writefreely
-Restart=always
-User={{writefreely_user}}
-
-[Install]
-WantedBy=multi-user.target