fanta
/
ansible
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
ansible/ansibleplaybooks/peertube/playbook.yml

321 lines
9.6 KiB
YAML
Raw Permalink Normal View History Unescape Escape

old data
2 weeks ago
---
- name: Instalar peertube sobre Debian 11
hosts: debian
remote_user: ansible
gather_facts: yes
become: false
vars:
#domain: "video.core"
domain: "video.56k.es"
email: "fanta@56k.es"
peertubeVersion: "v5.0.1"
peertubeURL: "https://github.com/Chocobozzz/PeerTube/releases/download/{{peertubeVersion}}/peertube-{{peertubeVersion}}.zip"
nodeURL: "https://deb.nodesource.com/setup_16.x"
sysUser: "peertube"
dbUser: "{{sysUser}}"
dbName: "{{sysUser}}_prod"
vars_prompt:
- name: "ansible_become_pass"
prompt: "Become password (sudo)"
private: yes
- name: "SystemUserPasswd"
prompt: "System Password for USER {{sysUser}}"
private: yes
- name: "dbPasswd"
prompt: "PSQL DB Password"
private: yes
tasks:
- name: "DIR - Comprobamos si existe el directory /var/www/{{sysUser}}"
stat:
path: /var/www/{{sysUser}}
register: peertubeDir
- name: "DIR - Muestra un mensaje cuando el directorio /var/www/{{sysUser}} ya existe"
debug:
msg: "/var/www/{{sysUser}} actualmente ya existe"
when: peertubeDir.stat.exists
- name: "DIR - /var/www/{{sysUser}} no existe y por tanto se crea el directorio"
become: true
file:
path: /var/www/{{sysUser}}
state: directory
mode: 0755
group: root
owner: root
when: peertubeDir.stat.exists == false
- name: "USER - Se crea el usuario {{sysUser}} con /var/www/{{sysUser}} como home"
become: true
ansible.builtin.user:
name: "{{sysUser}}"
comment: "{{sysUser}} User"
home: /var/www/{{sysUser}}
shell: /bin/bash
password: "{{ SystemUserPasswd | password_hash('sha512') }}"
- name: "USER - Cambiamos permisos de /var/www/{{sysUser}} con owner {{sysUser}}"
become: true
ansible.builtin.file:
path: /var/www/{{sysUser}}
owner: "{{sysUser}}"
group: "{{sysUser}}"
mode: '0755'
- name: "DIR - Se crea el directorio /var/www/{{sysUser}}/config"
become: true
file:
path: /var/www/{{sysUser}}/config
state: directory
mode: 0750
group: peertube
owner: peertube
- name: "DIR - Se crea el directorio /var/www/{{sysUser}}/storage"
become: true
file:
path: /var/www/{{sysUser}}/storage
state: directory
mode: 0755
group: peertube
owner: peertube
- name: "DIR - Se crea el directorio /var/www/{{sysUser}}/versions"
become: true
file:
path: /var/www/{{sysUser}}/versions
state: directory
mode: 0755
group: peertube
owner: peertube
- name: "DEPS - Instalamos dependencias"
become: true
ansible.builtin.package:
name:
- python3-apt
- git
- unzip
- curl
- bash
- sudo
- python-dev
- cron
- openssl
- libssl-dev
- libssl-doc
- postgresql
- postgresql-contrib
- postgresql-client
- libpq-dev
- python3-psycopg2
- certbot
- nginx
- openssl
- make
- wget
- ffmpeg
- redis-server
- gcc
- g++
- vim
- nano
state: latest
- name: "DB - PSQL - Drop db {{dbName}}"
ansible.builtin.command: "sudo -u postgres dropdb {{dbName}}"
become: yes
ignore_errors: yes
args:
- name: "DB - PSQL - Drop user {{dbUser}}"
ansible.builtin.command: "sudo -u postgres dropuser {{dbUser}}"
become: yes
ignore_errors: yes
args:
- name: "DB - PSQL - Create user {{dbUser}} with the password"
ansible.builtin.command: sudo -u postgres psql -c "create role {{dbUser}} with login password '{{dbPasswd}}';"
become: yes
ignore_errors: yes
args:
chdir: "/var/www/{{sysUser}}"
- name: "DB - PSQL - Create db {{dbName}}"
ansible.builtin.command: sudo -u postgres createdb -O {{dbUser}} -E UTF8 -T template0 {{dbName}}
become: yes
- name: "DB - PSQL - Create db extension pg_trgm"
ansible.builtin.command: sudo -u postgres psql -c "CREATE EXTENSION pg_trgm;" {{dbName}}
become: yes
- name: "DB - PSQL - Create db extension unaccent"
ansible.builtin.command: sudo -u postgres psql -c "CREATE EXTENSION unaccent;" {{dbName}}
become: yes
- name: "ZIP - Download peertube zip to /tmp/peertube.zip"
become: yes
ansible.builtin.get_url:
url: "{{peertubeURL}}"
dest: "/tmp/peertube.zip"
mode: '0440'
- name: "ZIP - Unzip peertube.zip to /var/www/{{sysUser}}/versions/"
become: yes
ansible.builtin.unarchive:
src: "/tmp/peertube.zip"
dest: "/var/www/{{sysUser}}/versions"
remote_src: yes
- name: "DIR - Cambiamos Owner a peertube de los archivos descomprimidos"
become: yes
file:
path: "/var/www/{{sysUser}}/versions"
owner: peertube
recurse: true
group: peertube
- name: "DIR - Creamos un enlace simbolico peertube-latest apuntando a la versión"
become: yes
ansible.builtin.file:
src: "/var/www/{{sysUser}}/versions/peertube-{{peertubeVersion}}"
dest: "/var/www/{{sysUser}}/peertube-latest"
owner: peertube
group: peertube
state: link
- name: "DIR - Cambiamos Owner a peertube del directorio enlace simbolico"
become: true
ansible.builtin.file:
path: "/var/www/{{sysUser}}/peertube-latest"
owner: peertube
group: peertube
- name: "NODE - Descargamos script para instalar repositorio de nodejs"
become: yes
ansible.builtin.get_url:
url: "{{nodeURL}}"
dest: "/tmp/setup.x"
mode: '0777'
- name: "NODE - Ejecutamos script para instalar repositorio de nodejs"
ansible.builtin.command: "bash /tmp/setup.x"
become: yes
- name: "NODE - Instalamos nodejs"
become: true
ansible.builtin.package:
name:
- nodejs
state: latest
- name: "NODE - Instalamos yarn desde npm"
ansible.builtin.command: "npm install --global yarn"
become: yes
- name: "NODE - Instalamos peertube con yarn"
become: yes
ansible.builtin.command: "sudo -H -u {{sysUser}} yarn install --production --pure-lockfile"
args:
chdir: "/var/www/{{sysUser}}/{{sysUser}}-latest"
- name: "CONFIG - Copiamos configuracion default.yaml"
become: yes
ansible.builtin.command: "sudo -u peertube cp /var/www/peertube/peertube-latest/config/default.yaml /var/www/peertube/config/default.yaml"
- name: "CONFIG - Copiamos configuracion production.yaml"
become: yes
ansible.builtin.command: "sudo -u peertube cp /var/www/peertube/peertube-latest/config/production.yaml.example /var/www/peertube/config/production.yaml"
- name: "CONFIG - Cambiamos en production.yaml el dominio example.com por {{domain}}"
become: yes
ansible.builtin.command: "sed -i 's/example.com/{{domain}}/g' /var/www/peertube/config/production.yaml"
- name: "CONFIG - Generamos clave con openssl rand -hex 32"
become: yes
ansible.builtin.command: "openssl rand -hex 32"
register: peertubeOpenSSLKey
- name: "CONFIG - Mostramos la key {{peertubeOpenSSLKey.stdout}}"
debug:
msg: "{{peertubeOpenSSLKey.stdout}}"
- name: "CONFIG - Metemos en production.yaml la key que hemos generado"
become: yes
ansible.builtin.command: "sed -i \"s/peertube: ''/peertube: '{{peertubeOpenSSLKey.stdout}}'/g\" /var/www/peertube/config/production.yaml"
- name: "CONFIG - Metemos en production.yaml la password de la base de datos"
become: yes
ansible.builtin.command: "sed -i \"s/password: 'peertube'/password: '{{dbPasswd}}'/g\" /var/www/peertube/config/production.yaml"
- name: "CONFIG - Copiamos nginx config"
become: yes
ansible.builtin.command: "sudo cp /var/www/peertube/peertube-latest/support/nginx/peertube /etc/nginx/sites-available/peertube"
- name: "CONFIG - Cambiamos dominio en nginx config"
become: yes
ansible.builtin.command: "sed -i \"s/${WEBSERVER_HOST}/{{domain}}/g\" /etc/nginx/sites-available/peertube"
- name: "CONFIG - Cambiamos host en nginx config"
become: yes
ansible.builtin.command: "sed -i \"s/${PEERTUBE_HOST}/127.0.0.1:9000/g\" /etc/nginx/sites-available/peertube"
- name: "CONFIG - Creamos un enlace simbolico para activar la nginx config"
become: yes
ansible.builtin.file:
src: "/etc/nginx/sites-available/peertube"
dest: "/etc/nginx/sites-enabled/peertube"
state: link
- name: "NGINX paramos el servicio nginx"
become: yes
ansible.builtin.service:
name: nginx
state: stopped
- name: "DIR - Comprobamos si tiene ya el certificado SSL"
become: yes
stat:
path: "/etc/letsencrypt/live/{{domain}}"
register: certDir
- name: "NGINX - Obtenemos certificado SSL letsencrypt con certbot [{{domain}} {{email}} ]"
become: yes
ansible.builtin.command: "certbot certonly --standalone -d {{domain}} --email {{email}} --agree-tos"
when: certDir.stat.exists == false
- name: "NGINX iniciamos el servicio nginx"
become: yes
ansible.builtin.service:
name: nginx
state: started
- name: "SYSTEMD - Copiamos el template de servicio"
become: yes
ansible.builtin.command: "sudo cp /var/www/peertube/peertube-latest/support/systemd/peertube.service /etc/systemd/system/"
- name: "SYSTEMD - Daemon reload"
become: yes
ansible.builtin.systemd:
state: restarted
daemon_reload: yes
name: nginx
- name: "SYSTEMD - Enable service"
become: yes
ansible.builtin.service:
name: peertube
enabled: yes
- name: "SYSTEMD - Iniciamos el servicio peertube"
become: yes
ansible.builtin.service:
name: peertube
state: started
# NODE_CONFIG_DIR=/var/www/peertube/config NODE_ENV=production npm run reset-password -- -u root