6 files changed, 263 insertions, 0 deletions

diff --git a/writefreely/server/defaults/main.yaml b/writefreely/server/defaults/main.yaml
new file mode 100644
index 0000000..8a43647
--- /dev/null
+++ b/writefreely/server/defaults/main.yaml
@@ -0,0 +1,11 @@
+---
+
+writefreely_user: "writefreely"
+writefreely_arch: "arm64"
+writefreely_version: "0.12.0"
+writefreely_tar: "https://github.com/writeas/writefreely/releases/download/v{{writefreely_version}}/writefreely_{{writefreely_version}}_linux_{{writefreely_arch}}.tar.gz"
+
+writefreely_dir: "/var/writefreely"
+writefreely_port: "8080"
+writefreely_url: "https://{{writefreely_instance}}"
+writefreely_site_name: "{{writefreely_instance}}"
diff --git a/writefreely/server/handlers/main.yaml b/writefreely/server/handlers/main.yaml
new file mode 100644
index 0000000..7317489
--- /dev/null
+++ b/writefreely/server/handlers/main.yaml
@@ -0,0 +1,12 @@
+---
+
+- name: reload service
+  become: yes
+  systemd: name="writefreely@{{writefreely_instance}}.service" enabled="yes" daemon_reload="yes"
+
+- name: migrate db
+  become: yes
+  become_user: "{{writefreely_user}}"
+  command: "writefreely db migrate"
+  args:
+    chdir: "{{writefreely_dir}}/{{writefreely_instance}}/"
diff --git a/writefreely/server/tasks/main.yaml b/writefreely/server/tasks/main.yaml
new file mode 100644
index 0000000..447cf6f
--- /dev/null
+++ b/writefreely/server/tasks/main.yaml
@@ -0,0 +1,103 @@
+---
+
+- name: add writefreely user
+  become: yes
+  user: name="{{writefreely_user}}"
+
+- name: unarchive writefreely
+  become: yes
+  unarchive:
+    remote_src: yes
+    src: "{{writefreely_tar}}"
+    dest: "/tmp/"
+    creates: "/tmp/writefreely/"
+    owner: "root"
+    group: "root"
+
+- name: install writefreely binary
+  become: yes
+  copy:
+    src: "/tmp/writefreely/writefreely"
+    dest: "/usr/local/bin/"
+    remote_src: yes
+    owner: "{{writefreely_user}}"
+    group: "{{writefreely_user}}"
+    mode: "0755"
+  notify: migrate db
+
+- name: create instance dir
+  become: yes
+  file:
+    path: "{{item}}"
+    state: "directory"
+    owner: "{{writefreely_user}}"
+    group: "{{writefreely_user}}"
+    mode: "0755"
+  notify: reload service
+  loop:
+    - "{{writefreely_dir}}"
+    - "{{writefreely_dir}}/{{writefreely_instance}}"
+
+- name: install static content
+  become: yes
+  copy:
+    src: "/tmp/writefreely/"
+    remote_src: yes
+    dest: "{{writefreely_dir}}/{{writefreely_instance}}/"
+    owner: "{{writefreely_user}}"
+    group: "{{writefreely_user}}"
+    mode: "0755"
+
+- name: configure
+  become: yes
+  template:
+    src: "config.ini.j2"
+    dest: "{{writefreely_dir}}/{{writefreely_instance}}/config.ini"
+    mode: "0644"
+    owner: "{{writefreely_user}}"
+    group: "{{writefreely_user}}"
+  notify: reload service
+
+- name: check if keys exists
+  stat:
+    path: "{{writefreely_dir}}/{{writefreely_instance}}/keys/cookies_auth.aes256"
+  register: keys_file
+
+- name: generate keys
+  become: yes
+  become_user: "{{writefreely_user}}"
+  command: "writefreely keys gen"
+  args:
+    chdir: "{{writefreely_dir}}/{{writefreely_instance}}/"
+  when: not keys_file.stat.exists
+
+- name: check if db exists
+  stat:
+    path: "{{writefreely_dir}}/{{writefreely_instance}}/writefreely.db"
+  register: db_file
+
+- name: create db
+  become: yes
+  become_user: "{{writefreely_user}}"
+  command: "writefreely db init"
+  args:
+    chdir: "{{writefreely_dir}}/{{writefreely_instance}}/"
+  when: not db_file.stat.exists
+
+- name: create admin
+  become: yes
+  become_user: "{{writefreely_user}}"
+  command: "writefreely --create-admin admin:admin"
+  args:
+    chdir: "{{writefreely_dir}}/{{writefreely_instance}}/"
+  when: not db_file.stat.exists
+
+- name: install systemd service
+  become: yes
+  template:
+    src: "[email protected]"
+    dest: "/lib/systemd/system/[email protected]"
+
+- name: ensure service is started
+  become: yes
+  systemd: name="writefreely@{{writefreely_instance}}.service" enabled="yes" state="started"
diff --git a/writefreely/server/templates/config.ini.j2 b/writefreely/server/templates/config.ini.j2
new file mode 100644
index 0000000..bb5fe7f
--- /dev/null
+++ b/writefreely/server/templates/config.ini.j2
@@ -0,0 +1,71 @@
+[server]
+hidden_host          =
+port                 = {{writefreely_port}}
+bind                 = localhost
+tls_cert_path        =
+tls_key_path         =
+autocert             = false
+templates_parent_dir =
+static_parent_dir    =
+pages_parent_dir     =
+keys_parent_dir      =
+hash_seed            =
+
+[database]
+type     = sqlite3
+filename = writefreely.db
+username =
+password =
+database = writefreely
+host     = localhost
+port     = 3306
+
+[app]
+site_name          = {{writefreely_site_name}}
+site_description   =
+host               = {{writefreely_url}}
+theme              = write
+editor             =
+disable_js         = false
+webfonts           = true
+landing            = /read
+simple_nav         = false
+wf_modesty         = false
+chorus             = false
+forest             = false
+disable_drafts     = false
+single_user        = false
+open_registration  = false
+min_username_len   = 3
+max_blogs          = 1
+federation         = true
+public_stats       = true
+private            = false
+local_timeline     = true
+user_invites       = admin
+default_visibility = public
+update_checks      = false
+
+[oauth.slack]
+client_id          =
+client_secret      =
+team_id            =
+callback_proxy     =
+callback_proxy_api =
+
+[oauth.writeas]
+client_id          =
+client_secret      =
+auth_location      =
+token_location     =
+inspect_location   =
+callback_proxy     =
+callback_proxy_api =
+
+[oauth.gitlab]
+client_id          =
+client_secret      =
+host               =
+display_name       =
+callback_proxy     =
+callback_proxy_api =
diff --git a/writefreely/server/templates/nginx.conf.j2 b/writefreely/server/templates/nginx.conf.j2
new file mode 100644
index 0000000..4f1cf4d
--- /dev/null
+++ b/writefreely/server/templates/nginx.conf.j2
@@ -0,0 +1,54 @@
+server {
+    listen 80;
+    server_name {{nginx_server_name}};
+    return 301 https://$host$request_uri;
+}
+
+server {
+    listen 443 ssl http2;
+    server_name {{nginx_server_name}};
+
+    ssl_certificate {{nginx_ssl_cert}};
+    ssl_certificate_key {{nginx_ssl_privkey}};
+    ssl_ecdh_curve X25519:prime256v1:secp384r1:secp521r1;
+
+    gzip on;
+    gzip_types
+      application/javascript
+      application/x-javascript
+      application/json
+      application/rss+xml
+      application/xml
+      image/svg+xml
+      image/x-icon
+      application/vnd.ms-fontobject
+      application/font-sfnt
+      text/css
+      text/plain;
+    gzip_min_length 256;
+    gzip_comp_level 5;
+    gzip_http_version 1.1;
+    gzip_vary on;
+
+    location ~ ^/.well-known/(webfinger|nodeinfo|host-meta) {
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $remote_addr;
+        proxy_pass http://127.0.0.1:{{nginx_proxy_port}};
+        proxy_redirect off;
+    }
+
+    location ~ ^/(css|img|js|fonts)/ {
+        root {{nginx_static_content}};
+        # Optionally cache these files in the browser:
+        # expires 12M;
+    }
+
+    location / {
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $remote_addr;
+        proxy_pass http://127.0.0.1:{{nginx_proxy_port}};
+        proxy_redirect off;
+    }
+}
diff --git a/writefreely/server/templates/[email protected] b/writefreely/server/templates/[email protected]
new file mode 100644
index 0000000..bf0d03b
--- /dev/null
+++ b/writefreely/server/templates/[email protected]
@@ -0,0 +1,12 @@
+[Unit]
+Description=WriteFreely %I Instance
+After=syslog.target network.target
+
+[Service]
+WorkingDirectory={{writefreely_dir}}/%i/
+ExecStart=/usr/local/bin/writefreely
+Restart=always
+User={{writefreely_user}}
+
+[Install]
+WantedBy=multi-user.target