Ansible playbook for installing Mastodon
This playbook contains several roles for provisioning a ready-to-go Mastodon instance.
Prerequisites for running the playbook
- Python 2.x (>= 2.7.12)
- Virtualenv (>= 15.0.3)
- pip/python-pip (>= 8.x)
for testing purposes:
- Vagrant >= 1.9.3
Setup
$ virtualenv env
$ source env/bin/activate
$ pip install -r requirements.txt
Running the playbook
$ ansible-playbook playbook.yml -i <your-host-here>, -u <remote-user> --extra-vars="<extra-variables>"
The playbook is using become
for some of its tasks, hence the user you connect to the instance with will have to have access to sudo. It should ask you for the password in due time.
Note: This assumes you're within the virtualenv already.
Roles
By default, the playbook runs all of the roles defined here in sequence. You can skip any of them by specifying --skip-tags=<role-name>
.
Example
Skipping the postgres
role:
$ ansible-playbook playbook.yml --skip-tags=postgres -i <your-host>, -u <your-user>
web
This role contains the following tasks:
repositories.yml
: Adds required package repositories to pull in the latest software (e.g. yarn, nodejs)packages.yml
: Installs all the required packages for Mastodon to run (seevars/<distro>_vars.yml
for a list)ruby.yml
: Installs rbenv/ruby globally so you can run Mastodon (it's a Ruby on Rails app)user.yml
: Adds a user to run Mastodon with since you shouldn't be running Mastodon under a priviledged account.
postgres
This role installs PostgresSQL, adds a database (named mastodon_development
by default) and a user (named mastodon
by default). For connecting to the database it can either use a local socket by setting the variable mastodon_db_login_unix_socket
to the directory the Postgres socket lives in (/var/run/postgresql
by default under Ubuntu 16.04) or a remote PostgreSQL instance you have installed somewhere else. You will than have to set the mastodon_db_login_host
(IP address or hostname of database), mastodon_db_port
(the port the database is accessible on; default 5432
), mastodon_db_login_user
(the administrative user to connect to the database with) and mastodon_db_login_password
.
Examples
- Install PostgresSQL, create the database and user:
$ ansible-playbook playbook -i <your-host-here>, -u <remote-user> --extra-vars="mastodon_db_password=your-password mastodon_db_login_unix_socket='/var/run/postgresql'"
- PostgreSQL installed on host
mastodob-db
, create the database and the user:
$ ansible-playbook playbook -i <your-host-here>, -u <remote-user> --extra-vars="mastodon_db_password=your-password mastodon_db_login_host=mastodon-db mastodon_db_port=5432 mastodon_db_login_user=your-admin-db-user mastodon_db_login_password=your-password"
redis
This role installs the Redis key-value store, used by Mastodon, and its client libraries.
Testing
Testing is done using ServerSpec. The tests are located in spec/
. The tests are incorporating a rubocop run.
CircleCI
This repository is regularly running tests using CircleCI. Its configuration can be found in .circleci/config.yml
.
Local testing
$ vagrant up
This should provision a new instance within VirtualBox and run all the tests necessary to verify the Ansible playbook is valid.
TODO
- Add a firewall/sysctl role for hardening
- Add CentOS/RedHat/Amazon Linux support
- Add LB role
- Add role for actually cloning/initializing Mastodon, including systemd service configurations