Build all roles from source with versioned artifacts

- Add pleroma/build role to compile from source (OTP binaries no longer published) - Install Elixir 1.18.3 manually on Ubuntu Noble (ships 1.14, needs 1.15+) - Standardize all build roles to produce versioned .tar.gz artifacts - Add version defaults to all server roles (bin, dendrite, nostr/relayer) - Switch server roles from get_url to unarchive for .tar.gz installs - Add build_srv_dir variable to all build roles - Deploy pleroma styles.json so custom FE themes appear in picker - Fix pleroma OTP install: version check, root ownership, auto-cleanup old releases - Fix pleroma config: log level :warn -> :warning, remove availableStyles - Add wait_for grafana readiness before dashboard install - Set minecraft ops changed_when: false
author: Luke Hoersten <[email protected]> 2026-04-25 19:54:49 -0500
committer: Luke Hoersten <[email protected]> 2026-04-25 19:54:49 -0500
commit: 6a8cb5f10557733f1521035d57a191b12832d634 (patch)
tree: 159e102eb03c7c04e7f51844fd4da136b9185fdd
parent: 5d5b976e379487e8b1eccc4fc96d5920a930ff0f (diff)
21 files changed, 177 insertions, 87 deletions
diff --git a/bin/build/defaults/main.yaml b/bin/build/defaults/main.yaml
index 06e07d9..2c1d7d9 100644
--- a/bin/build/defaults/main.yaml
+++ b/bin/build/defaults/main.yaml
@@ -4,4 +4,4 @@ bin_version: "2.0.1"
 # https://github.com/w4/bin/releases
 bin_tar: "https://github.com/w4/bin/archive/refs/tags/v{{bin_version}}.tar.gz"
 bin_build_dir: "/tmp/bin-{{bin_version}}"
-bin_srv_dir: "/var/www/build/"
+bin_srv_dir: "{{build_srv_dir}}"
diff --git a/bin/build/tasks/main.yaml b/bin/build/tasks/main.yaml
index 44c722e..f340cb5 100644
--- a/bin/build/tasks/main.yaml
+++ b/bin/build/tasks/main.yaml
@@ -13,7 +13,7 @@
 
 - name: check if bin build exists
   stat:
-    path: "{{bin_build_dir}}/target/release/bin"
+    path: "{{bin_srv_dir}}/bin-{{bin_version}}.tar.gz"
   register: build_file
 
 - name: build bin
@@ -29,9 +29,10 @@
     mode: "0755"
     state: "directory"
 
-- name: copy bin to build server dir
+- name: create gz archive of bin
   become: yes
-  copy:
-    remote_src: yes
-    src: "{{bin_build_dir}}/target/release/bin"
-    dest: "{{bin_srv_dir}}/bin"
+  archive:
+    path: "{{bin_build_dir}}/target/release/bin"
+    dest: "{{bin_srv_dir}}/bin-{{bin_version}}.tar.gz"
+    format: "gz"
+  when: not build_file.stat.exists
diff --git a/bin/server/defaults/main.yaml b/bin/server/defaults/main.yaml
index 4862a99..7834ced 100644
--- a/bin/server/defaults/main.yaml
+++ b/bin/server/defaults/main.yaml
@@ -1,4 +1,5 @@
 ---
 
+bin_version: "2.0.1"
 bin_user: "pastebin"
 bin_port: 8820
diff --git a/bin/server/tasks/main.yaml b/bin/server/tasks/main.yaml
index 2b7634e..451c7bd 100644
--- a/bin/server/tasks/main.yaml
+++ b/bin/server/tasks/main.yaml
@@ -6,10 +6,11 @@
 
 - name: install bin binary
   become: yes
-  get_url:
-    url: "{{bin_url}}"
-    dest: "/usr/local/bin/bin"
-    mode: "0755"
+  unarchive:
+    remote_src: yes
+    src: "{{bin_url}}"
+    dest: "/usr/local/bin/"
+  changed_when: false
   notify: restart service
 
 - name: install systemd service
diff --git a/dendrite/build/defaults/main.yaml b/dendrite/build/defaults/main.yaml
index ce1484a..317204b 100644
--- a/dendrite/build/defaults/main.yaml
+++ b/dendrite/build/defaults/main.yaml
@@ -4,4 +4,4 @@ dendrite_version: "0.15.2"
 # https://github.com/element-hq/dendrite/releases
 dendrite_tar: "https://github.com/element-hq/dendrite/archive/refs/tags/v{{dendrite_version}}.tar.gz"
 dendrite_build_dir: "/tmp/dendrite-{{dendrite_version}}"
-dendrite_srv_dir: "/var/www/build/"
+dendrite_srv_dir: "{{build_srv_dir}}"
diff --git a/dendrite/build/tasks/main.yaml b/dendrite/build/tasks/main.yaml
index 6787622..96c3eab 100644
--- a/dendrite/build/tasks/main.yaml
+++ b/dendrite/build/tasks/main.yaml
@@ -27,7 +27,7 @@
 
 - name: check if dendrite build exists
   stat:
-    path: "{{dendrite_build_dir}}/bin/dendrite"
+    path: "{{dendrite_srv_dir}}/dendrite-{{dendrite_version}}.tar.gz"
   register: build_file
 
 - name: build dendrite
@@ -42,7 +42,6 @@
     path: "{{dendrite_srv_dir}}"
     mode: "0755"
     state: "directory"
-  when: not build_file.stat.exists
 
 - name: create a gz archive of dendrite bins
   become: yes
@@ -52,6 +51,6 @@
       - "{{dendrite_build_dir}}/bin/dendrite-demo-pinecone"
       - "{{dendrite_build_dir}}/bin/dendrite-demo-yggdrasil"
       - "{{dendrite_build_dir}}/bin/furl"
-    dest: "{{dendrite_srv_dir}}/dendrite.tar.gz"
+    dest: "{{dendrite_srv_dir}}/dendrite-{{dendrite_version}}.tar.gz"
     format: "gz"
   when: not build_file.stat.exists
diff --git a/dendrite/server/defaults/main.yaml b/dendrite/server/defaults/main.yaml
index bf7e7a0..d4d58ff 100644
--- a/dendrite/server/defaults/main.yaml
+++ b/dendrite/server/defaults/main.yaml
@@ -1,5 +1,6 @@
 ---
 
+dendrite_version: "0.15.2"
 dendrite_user: "dendrite"
 dendrite_old_key: false
 dendrite_registration_disabled: "true"
diff --git a/minecraft/server/tasks/main.yaml b/minecraft/server/tasks/main.yaml
index f81ed4d..c91d575 100644
--- a/minecraft/server/tasks/main.yaml
+++ b/minecraft/server/tasks/main.yaml
@@ -48,6 +48,7 @@
     owner: "{{minecraft_user}}"
     group: "{{minecraft_user}}"
   when: minecraft_ops_file is defined
+  changed_when: false
   notify: restart minecraft
 
 - name: configure minecraft whitelist
diff --git a/nostr/build/defaults/main.yaml b/nostr/build/defaults/main.yaml
index fd93894..ccacda2 100644
--- a/nostr/build/defaults/main.yaml
+++ b/nostr/build/defaults/main.yaml
@@ -4,7 +4,7 @@ relayer_version: "2.2.8"
 # https://github.com/fiatjaf/relayer/releases
 relayer_tar: "https://github.com/fiatjaf/relayer/archive/refs/tags/v{{relayer_version}}.tar.gz"
 relayer_build_dir: "/tmp/relayer-{{relayer_version}}"
-relayer_srv_dir: "/var/www/build/"
+relayer_srv_dir: "{{build_srv_dir}}"
 
 relayer_main_src: "{{relayer_build_dir}}/examples/whitelisted/main.go"
 relayer_handler_src: "{{relayer_build_dir}}/handlers.go"
diff --git a/nostr/build/tasks/main.yaml b/nostr/build/tasks/main.yaml
index 918d8fe..beb2238 100644
--- a/nostr/build/tasks/main.yaml
+++ b/nostr/build/tasks/main.yaml
@@ -52,7 +52,7 @@
 
 - name: check if relayer build exists
   stat:
-    path: "{{relayer_build_dir}}/examples/whitelisted/whitelisted"
+    path: "{{relayer_srv_dir}}/nostr-relayer-whitelisted-{{relayer_version}}.tar.gz"
   register: build_file
 
 - name: build relayer
@@ -67,12 +67,19 @@
     path: "{{relayer_srv_dir}}"
     mode: "0755"
     state: "directory"
-  when: not build_file.stat.exists
 
-- name: copy bin to build server dir
-  become: yes
+- name: stage relayer binary
   copy:
     remote_src: yes
     src: "{{relayer_build_dir}}/examples/whitelisted/whitelisted"
-    dest: "{{relayer_srv_dir}}/nostr-relayer-whitelisted"
+    dest: "/tmp/relayer"
+    mode: "0755"
+  when: not build_file.stat.exists
+
+- name: create gz archive of relayer
+  become: yes
+  archive:
+    path: "/tmp/relayer"
+    dest: "{{relayer_srv_dir}}/nostr-relayer-whitelisted-{{relayer_version}}.tar.gz"
+    format: "gz"
   when: not build_file.stat.exists
diff --git a/nostr/relayer/defaults/main.yaml b/nostr/relayer/defaults/main.yaml
index c89e0e2..5fd0f45 100644
--- a/nostr/relayer/defaults/main.yaml
+++ b/nostr/relayer/defaults/main.yaml
@@ -1,6 +1,7 @@
 ---
 
 # https://github.com/fiatjaf/relayer/releases
+relayer_version: "2.2.8"
 relayer_user: "relayer"
 relayer_pubkey: ""
 relayer_port: "7447"
diff --git a/nostr/relayer/tasks/main.yaml b/nostr/relayer/tasks/main.yaml
index c868fe8..e28da4b 100644
--- a/nostr/relayer/tasks/main.yaml
+++ b/nostr/relayer/tasks/main.yaml
@@ -13,12 +13,11 @@
 
 - name: install relayer bin
   become: yes
-  get_url:
-    url: "{{relayer_bin_url}}"
-    dest: "/usr/local/bin/relayer"
-    owner: "root"
-    group: "root"
-    mode: "0755"
+  unarchive:
+    remote_src: yes
+    src: "{{relayer_bin_url}}"
+    dest: "/usr/local/bin/"
+  changed_when: false
   notify: restart relayer service
 
 - name: create relayer dirs
diff --git a/pleroma/build/defaults/main.yaml b/pleroma/build/defaults/main.yaml
new file mode 100644
index 0000000..2d16436
--- /dev/null
+++ b/pleroma/build/defaults/main.yaml
@@ -0,0 +1,9 @@
+---
+
+pleroma_version: "2.10.0"
+pleroma_elixir_version: "1.18.3"
+pleroma_erlang_otp_version: "25"
+# https://git.pleroma.social/pleroma/pleroma/releases
+pleroma_tar: "https://git.pleroma.social/pleroma/pleroma/archive/v{{pleroma_version}}.tar.gz"
+pleroma_build_dir: "/tmp/pleroma"
+pleroma_srv_dir: "{{build_srv_dir}}"
diff --git a/pleroma/build/tasks/main.yaml b/pleroma/build/tasks/main.yaml
new file mode 100644
index 0000000..ae3e35d
--- /dev/null
+++ b/pleroma/build/tasks/main.yaml
@@ -0,0 +1,88 @@
+---
+
+- name: install elixir build dependencies
+  become: yes
+  apt:
+    name:
+      - erlang
+      - erlang-dev
+      - build-essential
+      - cmake
+      - libmagic-dev
+      - libvips-dev
+
+# TODO: Ubuntu Noble (24.04) only ships Elixir 1.14, which is too old for Pleroma.
+# When the next Ubuntu LTS (26.04) is available, check if elixir >=1.15 is in the
+# official repos and replace the two tasks below with a simple apt install.
+- name: download elixir release
+  become: yes
+  get_url:
+    url: "https://github.com/elixir-lang/elixir/releases/download/v{{pleroma_elixir_version}}/elixir-otp-{{pleroma_erlang_otp_version}}.zip"
+    dest: "/tmp/elixir-{{pleroma_elixir_version}}.zip"
+    force: false
+
+- name: install elixir
+  become: yes
+  unarchive:
+    remote_src: yes
+    src: "/tmp/elixir-{{pleroma_elixir_version}}.zip"
+    dest: "/usr/local"
+    creates: "/usr/local/bin/elixir"
+
+- name: install hex package manager
+  command: mix local.hex --force
+  changed_when: false
+
+- name: install rebar
+  command: mix local.rebar --force
+  changed_when: false
+
+- name: unarchive pleroma source
+  unarchive:
+    remote_src: yes
+    src: "{{pleroma_tar}}"
+    dest: "/tmp/"
+    creates: "{{pleroma_build_dir}}"
+
+- name: check if pleroma release exists
+  stat:
+    path: "{{pleroma_srv_dir}}/pleroma-{{pleroma_version}}.tar.gz"
+  register: build_file
+
+- name: fetch mix dependencies
+  command: mix deps.get --only prod
+  args:
+    chdir: "{{pleroma_build_dir}}"
+  environment:
+    MIX_ENV: prod
+  when: not build_file.stat.exists
+
+- name: build pleroma release
+  command: mix release
+  args:
+    chdir: "{{pleroma_build_dir}}"
+  environment:
+    MIX_ENV: prod
+  when: not build_file.stat.exists
+
+- name: create build server dir
+  become: yes
+  file:
+    path: "{{pleroma_srv_dir}}"
+    mode: "0755"
+    state: "directory"
+
+- name: copy release to staging directory
+  copy:
+    remote_src: yes
+    src: "{{pleroma_build_dir}}/_build/prod/rel/pleroma/"
+    dest: "/tmp/release/"
+  when: not build_file.stat.exists
+
+- name: create gz archive of pleroma release
+  become: yes
+  archive:
+    path: "/tmp/release"
+    dest: "{{pleroma_srv_dir}}/pleroma-{{pleroma_version}}.tar.gz"
+    format: "gz"
+  when: not build_file.stat.exists
diff --git a/pleroma/otp/defaults/main.yaml b/pleroma/otp/defaults/main.yaml
index 86dac13..827661e 100644
--- a/pleroma/otp/defaults/main.yaml
+++ b/pleroma/otp/defaults/main.yaml
@@ -23,9 +23,6 @@ pleroma_db: "pleroma_{{pleroma_instance}}"
 pleroma_db_user: "pleroma_{{pleroma_instance}}"
 pleroma_data_dir: "/var/lib/pleroma/instance_data"
 
-pleroma_download_url: "https://git.pleroma.social/api/v4/projects/2/jobs/artifacts/stable/download?job={{pleroma_arch}}"
+pleroma_version: "2.10.0"
+pleroma_download_url: "http://{{build_server_host}}:{{build_server_port}}/pleroma-{{pleroma_version}}.tar.gz"
 
-pleroma_soapbox: false
-# https://gitlab.com/soapbox-pub/soapbox/-/releases
-pleroma_soapbox_version: "v3.2.0"
-pleroma_soapbox_download_url: "https://gitlab.com/soapbox-pub/soapbox-fe/-/jobs/artifacts/{{pleroma_soapbox_version}}/download?job=build-production"
diff --git a/pleroma/otp/tasks/install.yaml b/pleroma/otp/tasks/install.yaml
index 2759729..65ab2c1 100644
--- a/pleroma/otp/tasks/install.yaml
+++ b/pleroma/otp/tasks/install.yaml
@@ -1,25 +1,24 @@
 ---
 
+- name: check if pleroma version already installed
+  stat:
+    path: "/opt/pleroma/releases/{{pleroma_version}}"
+  register: installed_version
+
 - name: download and unarchive pleroma release
   become: yes
   unarchive:
     src: "{{pleroma_download_url}}"
     dest: "/tmp/"
     remote_src: yes
-  register: pleroma_download
-  ignore_errors: true
-
-- name: warn if pleroma download failed
-  debug:
-    msg: "WARNING: Could not download Pleroma release from {{pleroma_download_url}} — skipping install, existing binary unchanged."
-  when: pleroma_download is failed
+  when: not installed_version.stat.exists
 
 - name: delete old pleroma release
   become: yes
   file:
     path: "/opt/pleroma/"
     state: "absent"
-  when: pleroma_download is succeeded
+  when: not installed_version.stat.exists
 
 - name: install pleroma release
   become: yes
@@ -27,7 +26,5 @@
     remote_src: true
     src: "/tmp/release/"
     dest: "/opt/pleroma/"
-    owner: "pleroma"
-    group: "pleroma"
-  when: pleroma_download is succeeded
+  when: not installed_version.stat.exists
   notify: restart all pleroma instances
diff --git a/pleroma/otp/tasks/instance.yaml b/pleroma/otp/tasks/instance.yaml
index d8983e4..3a48991 100644
--- a/pleroma/otp/tasks/instance.yaml
+++ b/pleroma/otp/tasks/instance.yaml
@@ -22,6 +22,8 @@
     - "{{pleroma_data_dir}}/{{pleroma_instance}}"
     - "{{pleroma_data_dir}}/{{pleroma_instance}}/uploads"
     - "{{pleroma_data_dir}}/{{pleroma_instance}}/static"
+    - "{{pleroma_data_dir}}/{{pleroma_instance}}/static/static"
+    - "{{pleroma_data_dir}}/{{pleroma_instance}}/static/static/themes"
 
 - name: install pleroma db schema file
   become: yes
@@ -40,8 +42,25 @@
   changed_when: false
   no_log: true
 
-- include_tasks: soapbox.yaml
-  when: pleroma_soapbox
+- name: install pleroma fe theme
+  become: yes
+  copy:
+    src: "files/{{pleroma_link_host}}/{{pleroma_fe_theme}}.json"
+    dest: "{{pleroma_data_dir}}/{{pleroma_instance}}/static/static/themes/{{pleroma_fe_theme}}.json"
+    owner: "pleroma"
+    group: "pleroma"
+    mode: "0644"
+  when: pleroma_fe_theme is defined
+
+- name: install pleroma styles index
+  become: yes
+  copy:
+    src: "files/{{pleroma_link_host}}/styles.json"
+    dest: "{{pleroma_data_dir}}/{{pleroma_instance}}/static/styles.json"
+    owner: "pleroma"
+    group: "pleroma"
+    mode: "0644"
+  when: pleroma_fe_theme is defined
 
 - name: ensure pleroma instance is enabled and started
   become: yes
@@ -49,7 +68,6 @@
 
 - name: migrate db
   become: yes
-  become_user: "pleroma"
   command: "/opt/pleroma/bin/pleroma_ctl migrate"
   args:
     chdir: "/opt/pleroma/"
diff --git a/pleroma/otp/tasks/main.yaml b/pleroma/otp/tasks/main.yaml
index 1052644..6f8427e 100644
--- a/pleroma/otp/tasks/main.yaml
+++ b/pleroma/otp/tasks/main.yaml
@@ -30,11 +30,6 @@
     dest: "/lib/systemd/system/[email protected]"
   notify: restart pleroma instance
 
-- name: check if pleroma release exists
-  stat: path="/tmp/release/"
-  register: release
-
 - include_tasks: install.yaml
-  when: not release.stat.exists
 
 - include_tasks: instance.yaml
diff --git a/pleroma/otp/tasks/soapbox.yaml b/pleroma/otp/tasks/soapbox.yaml
deleted file mode 100644
index d004aec..0000000
--- a/pleroma/otp/tasks/soapbox.yaml
+++ /dev/null
@@ -1,36 +0,0 @@
----
-
-- name: download and unarchive soapbox frontend
-  unarchive:
-    src: "{{pleroma_soapbox_download_url}}"
-    dest: "/tmp/"
-    creates: "/tmp/static"
-    remote_src: yes
-
-- name: delete old soapbox frontend
-  become: yes
-  file:
-    path: "{{pleroma_data_dir}}/{{pleroma_instance}}/static/"
-    state: "absent"
-  changed_when: false
-
-- name: install soapbox frontend
-  become: yes
-  copy:
-    remote_src: true
-    src: "/tmp/static/"
-    dest: "{{pleroma_data_dir}}/{{pleroma_instance}}/static/"
-    owner: "pleroma"
-    group: "pleroma"
-    mode: "0755"
-  changed_when: false
-
-- name: install soapbox config
-  become: yes
-  copy:
-    src: "files/{{pleroma_link_host}}/soapbox.json"
-    dest: "{{pleroma_data_dir}}/{{pleroma_instance}}/static/instance/soapbox.json"
-    owner: "pleroma"
-    group: "pleroma"
-    mode: "0755"
-  changed_when: false
diff --git a/pleroma/otp/templates/config.exs.j2 b/pleroma/otp/templates/config.exs.j2
index 0db1828..eb1be5b 100644
--- a/pleroma/otp/templates/config.exs.j2
+++ b/pleroma/otp/templates/config.exs.j2
@@ -55,6 +55,11 @@ config :pleroma, Pleroma.PromEx,
   ],
   datasource: "Prometheus"
 
+{% if pleroma_fe_theme is defined %}
+config :pleroma, :frontend_configurations,
+  pleroma_fe: %{theme: "{{pleroma_fe_theme}}"}
+{% endif %}
+
 config :logger,
   backends: [{ExSyslogger, :ex_syslogger}]
 
diff --git a/prometheus/server/tasks/main.yaml b/prometheus/server/tasks/main.yaml
index 35ab0d3..0bff5fc 100644
--- a/prometheus/server/tasks/main.yaml
+++ b/prometheus/server/tasks/main.yaml
@@ -46,6 +46,12 @@
   become: yes
   systemd: name="grafana-server.service" enabled="yes" state="started"
 
+- name: wait for grafana to be ready
+  wait_for:
+    port: 3000
+    host: localhost
+    timeout: 30
+
 ### TODO: This is broken and not sure why. Started having errors one day. I
 ### supect bug with anisble module
 # - name: install grafana prometheus data source
author	Luke Hoersten <[email protected]>	2026-04-25 19:54:49 -0500
committer	Luke Hoersten <[email protected]>	2026-04-25 19:54:49 -0500
commit	6a8cb5f10557733f1521035d57a191b12832d634 (patch)
tree	159e102eb03c7c04e7f51844fd4da136b9185fdd
parent	5d5b976e379487e8b1eccc4fc96d5920a930ff0f (diff)