aboutsummaryrefslogtreecommitdiffstats
path: root/roles/invidious/tasks
diff options
context:
space:
mode:
Diffstat (limited to 'roles/invidious/tasks')
-rw-r--r--roles/invidious/tasks/database.yml69
-rw-r--r--roles/invidious/tasks/main.yml116
2 files changed, 185 insertions, 0 deletions
diff --git a/roles/invidious/tasks/database.yml b/roles/invidious/tasks/database.yml
new file mode 100644
index 0000000..d8a44e1
--- /dev/null
+++ b/roles/invidious/tasks/database.yml
@@ -0,0 +1,69 @@
+- name: create postgresql database
+ postgresql_db:
+ name: '{{ invidious_db_name }}'
+ state: present
+ delegate_to: "{{ postgresql_host.split('.')[0] }}"
+ become: True
+ become_user: postgres
+
+- name: create postgresql user
+ postgresql_user:
+ name: '{{ invidious_db_user }}'
+ db: '{{ invidious_db_name }}'
+ password: '{{ invidious_db_password }}'
+ priv: ALL
+ state: present
+ environment:
+ PGOPTIONS: "-c password_encryption=scram-sha-256"
+ delegate_to: "{{ postgresql_host.split('.')[0] }}"
+ become: True
+ become_user: postgres
+
+- name: check if database schema is initialized
+ postgresql_query:
+ login_user: '{{ invidious_db_user }}'
+ login_password: '{{ invidious_db_password }}'
+ login_host: '{{ invidious_db_host }}'
+ db: '{{ invidious_db_name }}'
+ query: SELECT 1 FROM channels LIMIT 1
+ register: invidious_check_db
+ failed_when: false
+
+- name: initialize database schema
+ postgresql_query:
+ login_user: '{{ invidious_db_user }}'
+ login_password: '{{ invidious_db_password }}'
+ login_host: '{{ invidious_db_host }}'
+ db: '{{ invidious_db_name }}'
+ path_to_script: '{{ invidious_install_dir }}/config/sql/{{ item }}.sql'
+ as_single_query: yes
+ loop: '{{ invidious_schema_files }}'
+ when:
+ - invidious_check_db.msg is defined
+ - invidious_check_db.msg is search('relation "channels" does not exist')
+
+- name: create pgpass file
+ copy:
+ content: |
+ {{ invidious_db_host }}:*:{{ invidious_db_name }}:{{ invidious_db_user }}:{{ invidious_db_password }}
+ dest: '{{ invidious_home }}/.pgpass'
+ mode: 0600
+ owner: '{{ invidious_user }}'
+ group: '{{ invidious_user }}'
+
+- name: generate database cleanup script
+ template:
+ src: '{{ invidious_home[1:] }}/invidious-db-cleanup.sh.j2'
+ dest: '{{ invidious_home }}/invidious-db-cleanup.sh'
+ mode: 0555
+
+- name: set up invidious-db-cleanup timer
+ include_role:
+ name: systemd_timer
+ vars:
+ timer_name: invidious-db-cleanup
+ timer_description: Prune invidious database
+ timer_after: network.target
+ timer_user: '{{ invidious_user }}'
+ timer_on_calendar: '{{ invidious_db_cleanup_on_calendar }}'
+ timer_exec: '{{ invidious_home }}/invidious-db-cleanup.sh'
diff --git a/roles/invidious/tasks/main.yml b/roles/invidious/tasks/main.yml
new file mode 100644
index 0000000..4a2cf0c
--- /dev/null
+++ b/roles/invidious/tasks/main.yml
@@ -0,0 +1,116 @@
+- name: install dependencies
+ dnf:
+ name: '{{ invidious_packages }}'
+ state: present
+
+- name: create crystal directory
+ file:
+ path: '{{ invidious_crystal_install_dir }}'
+ state: directory
+
+- name: download crystal-lang
+ unarchive:
+ src: '{{ invidious_crystal_url }}'
+ dest: '{{ invidious_crystal_install_dir }}'
+ remote_src: yes
+ extra_opts: --strip-components=1
+
+- name: create local user
+ user:
+ name: '{{ invidious_user }}'
+ system: yes
+ home: '{{ invidious_home }}'
+ shell: /sbin/nologin
+ create_home: no
+
+- name: create home home directory
+ file:
+ path: '{{ invidious_home }}'
+ owner: '{{ invidious_user }}'
+ group: '{{ invidious_user }}'
+ mode: 0755
+ state: directory
+
+- name: clone repo
+ git:
+ repo: '{{ invidious_git_repo }}'
+ dest: '{{ invidious_install_dir }}'
+ version: '{{ invidious_version }}'
+ update: yes
+ force: yes
+ become: yes
+ become_user: '{{ invidious_user }}'
+ register: invidious_git
+
+- name: build invidious
+ command:
+ cmd: '{{ item }}'
+ chdir: '{{ invidious_install_dir }}'
+ environment:
+ PATH: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:{{ invidious_crystal_install_dir }}/bin
+ loop:
+ - shards install --production
+ - crystal build src/invidious.cr -Ddisable_quic --release
+ when: invidious_git.changed
+ become: yes
+ become_user: '{{ invidious_user }}'
+
+- name: create systemd unit
+ template:
+ src: etc/systemd/system/invidious.service.j2
+ dest: /etc/systemd/system/invidious.service
+ register: invidious_unit
+ notify: restart invidious
+
+- name: reload systemd daemons
+ systemd:
+ daemon_reload: yes
+ when: invidious_unit.changed
+
+- name: generate config file
+ template:
+ src: '{{ invidious_install_dir[1:] }}/config/config.yml.j2'
+ dest: '{{ invidious_install_dir }}/config/config.yml'
+ owner: '{{ invidious_user }}'
+ group: '{{ invidious_user }}'
+ mode: 0600
+ notify: restart invidious
+
+- import_tasks: database.yml
+
+- name: allow apache to connect to invidious port
+ seport:
+ ports: '{{ invidious_port }}'
+ proto: tcp
+ setype: http_port_t
+ state: present
+ tags: selinux
+
+- name: start invidious
+ systemd:
+ name: invidious
+ enabled: yes
+ state: started
+
+- name: generate update script
+ template:
+ src: '{{ invidious_home[1:] }}/invidious-update.sh.j2'
+ dest: '{{ invidious_home }}/invidious-update.sh'
+ mode: 0555
+
+- name: create invidious-update timer
+ include_role:
+ name: systemd_timer
+ vars:
+ timer_name: invidious-update
+ timer_description: Update invidious
+ timer_after: network.target
+ timer_on_calendar: '{{ invidious_update_on_calendar }}'
+ timer_exec: '{{ invidious_home }}/invidious-update.sh'
+
+- name: restart invidious daily at 3:30am
+ cron:
+ name: restart invidious
+ minute: 30
+ hour: 3
+ job: systemctl restart invidious
generated by cgit (git 2.34.1) at 2024-09-19 17:20:36 -0400