A roles/containers/calckey/README.org => roles/containers/calckey/README.org +15 -0
@@ 0,0 1,15 @@
+* /roles/containers/calckey
+[[https://calckey.org][Calckey]] module.
+
+Before using this,
+you probably want to set/edit the following variables
+in your ~secret.yml~ (or your unencrypted config):
+#+begin_src yaml
+calckey_project_dir: "world"
+calckey_port: "4753"
+calckey_open: "false"
+calckey_domain: "{{ calckey_project_dir }}.ccw.icu"
+calckey_postgres_pass: ""
+calckey_postgres_user: ""
+calckey_sonic_pass: ""
+#+end_src
A roles/containers/calckey/defaults/main.yml => roles/containers/calckey/defaults/main.yml +9 -0
@@ 0,0 1,9 @@
+---
+calckey_project_dir: "world"
+calckey_port: "4753"
+calckey_open: "false"
+calckey_domain: "{{ calckey_project_dir }}.ccw.icu"
+calckey_postgres_pass: ""
+calckey_postgres_user: ""
+calckey_sonic_pass: ""
+calckey_id: "aid"
A roles/containers/calckey/tasks/caddy.yml => roles/containers/calckey/tasks/caddy.yml +24 -0
@@ 0,0 1,24 @@
+---
+- name: Make sure calckey-caddy reverse proxy config exists
+ become: true
+ vars:
+ domain: "{{ calckey_domain }}"
+ port: "{{ calckey_port }}"
+ template:
+ src: ../../../network/caddy/templates/reverse-proxy.template
+ dest: /etc/caddy/calckey
+ validate: caddy validate --adapter caddyfile --config %s
+
+- name: Make sure caddy links to the calckey config
+ become: true
+ lineinfile:
+ path: /etc/caddy/Caddyfile
+ search_string: "^import /etc/caddy/calckey"
+ line: "import /etc/caddy/calckey"
+ validate: caddy validate --adapter caddyfile --config %s
+
+- name: Restart caddy
+ become: true
+ service:
+ name: caddy
+ state: restarted
A roles/containers/calckey/tasks/main.yml => roles/containers/calckey/tasks/main.yml +3 -0
@@ 0,0 1,3 @@
+---
+- include_tasks: setup.yml
+- include_tasks: caddy.yml
A roles/containers/calckey/tasks/setup.yml => roles/containers/calckey/tasks/setup.yml +86 -0
@@ 0,0 1,86 @@
+---
+- name: Ensure calckey-project-dir "{{ calckey_project_dir }}" exists
+ file:
+ path: "{{ container_dir }}/{{ calckey_project_dir }}"
+ state: directory
+ recurse: true
+
+# Copy config files
+- name: Ensure calckey config directory exists
+ file:
+ path: "{{ container_dir }}/{{ calckey_project_dir }}/.config"
+ state: directory
+ recurse: true
+
+- name: Copy calckey config to the project dir
+ template:
+ src: calckey.conf
+ dest: "{{ container_dir }}/{{ calckey_project_dir }}/.config/default.yml"
+
+- name: Copy sonic config to the project dir
+ template:
+ src: sonic.conf
+ dest: "{{ container_dir }}/{{ calckey_project_dir }}/sonic.cfg"
+
+# Setup docker images
+- name: Setup calckey redis
+ docker_container:
+ name: calckey_redis
+ image: docker.io/redis:7.0-alpine
+ restart_policy: unless-stopped
+ volumes:
+ - "{{ container_dir }}\
+ /{{ calckey_project_dir }}\
+ /redis:/data"
+
+- name: Setup calckey db
+ docker_container:
+ name: calckey_db
+ restart_policy: unless-stopped
+ image: docker.io/postgres:12.2-alpine
+ volumes:
+ - "{{ container_dir }}\
+ /{{ calckey_project_dir }}\
+ /db:/var/lib/postgresql/data"
+ links:
+ - calckey_redis
+ env:
+ POSTGRES_PASSWORD: "{{ calckey_postgres_pass }}"
+ POSTGRES_USER: "{{ calckey_postgres_user }}"
+ POSTGRES_DB: "calckey"
+
+- name: Setup calckey sonic
+ docker_container:
+ name: calckey_sonic
+ restart_policy: unless-stopped
+ image: docker.io/valeriansaliou/sonic:v1.4.0
+ volumes:
+ - "{{ container_dir }}\
+ /{{ calckey_project_dir }}\
+ /sonic:/var/lib/sonic/store"
+ - "{{ container_dir }}\
+ /{{ calckey_project_dir }}\
+ /sonic.cfg:/etc/sonic.cfg"
+ links:
+ - calckey_db
+
+- name: Setup calckey web
+ docker_container:
+ name: calckey_web
+ restart_policy: unless-stopped
+ image: docker.io/thatonecalculator/calckey
+ ports:
+ - "{{ calckey_port }}:3000"
+ volumes:
+ - "{{ container_dir }}\
+ /{{ calckey_project_dir }}\
+ /files:/calckey/files"
+ - "{{ container_dir }}\
+ /{{ calckey_project_dir }}\
+ /.config:/calckey/.config:ro"
+ links:
+ - calckey_sonic
+ - calckey_db
+ - calckey_redis
+ env:
+ NODE_ENV: production
A roles/containers/calckey/templates/calckey.conf => roles/containers/calckey/templates/calckey.conf +240 -0
@@ 0,0 1,240 @@
+#━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
+# Calckey configuration
+#━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
+
+# After starting your server, please don't change the URL! Doing so will break federation.
+
+# ┌─────┐
+#───┘ URL └─────────────────────────────────────────────────────
+
+# Final accessible URL seen by a user.
+url: https://{{ calckey_domain }}/
+
+# ┌───────────────────────┐
+#───┘ Port and TLS settings └───────────────────────────────────
+
+#
+# Calckey requires a reverse proxy to support HTTPS connections.
+#
+# +----- https://example.com/ ------------+
+# +------+ |+-------------+ +----------------+|
+# | User | ---> || Proxy (443) | ---> | Calckey (3000) ||
+# +------+ |+-------------+ +----------------+|
+# +---------------------------------------+
+#
+# You need to set up a reverse proxy. (e.g. nginx, caddy)
+# An encrypted connection with HTTPS is highly recommended
+# because tokens may be transferred in GET requests.
+
+# The port that your Calckey server should listen on.
+port: 3000
+
+# ┌──────────────────────────┐
+#───┘ PostgreSQL configuration └────────────────────────────────
+
+db:
+ host: calckey_db
+ port: 5432
+ #ssl: false
+ # Database name
+ db: calckey
+
+ # Auth
+ user: {{ calckey_postgres_user }}
+ pass: {{ calckey_postgres_pass }}
+
+ # Whether disable Caching queries
+ #disableCache: true
+
+ # Extra Connection options
+ #extra:
+ # ssl:
+ # host: localhost
+ # rejectUnauthorized: false
+
+# ┌─────────────────────┐
+#───┘ Redis configuration └─────────────────────────────────────
+
+redis:
+ host: calckey_redis
+ port: 6379
+ #tls:
+ # host: localhost
+ # rejectUnauthorized: false
+ #family: 0 # 0=Both, 4=IPv4, 6=IPv6
+ #pass: example-pass
+ #prefix: example-prefix
+ #db: 1
+ #user: default
+
+# Please configure either MeiliSearch *or* Sonic.
+# If both MeiliSearch and Sonic configurations are present, MeiliSearch will take precedence.
+
+# ┌───────────────────────────┐
+#───┘ MeiliSearch configuration └─────────────────────────────────────
+#meilisearch:
+# host: meilisearch
+# port: 7700
+# ssl: false
+# apiKey:
+
+# ┌─────────────────────┐
+#───┘ Sonic configuration └─────────────────────────────────────
+
+sonic:
+ host: calckey_sonic
+ port: 1491
+ auth: {{ calckey_sonic_pass }}
+ collection: notes
+ bucket: default
+
+
+# ┌───────────────┐
+#───┘ ID generation └───────────────────────────────────────────
+
+id: {{ calckey_id }}
+# No need to uncomment in most cases, but you may want to change
+# these settings if you plan to run a large and/or distributed server.
+
+# cuid:
+# # Min 16, Max 24
+# length: 16
+#
+# # Set this to a unique string across workers (e.g., machine's hostname)
+# # if your workers are running in multiple hosts.
+# fingerprint: my-fingerprint
+
+
+# ┌─────────────────────┐
+#───┘ Other configuration └─────────────────────────────────────
+
+# Maximum length of a post (default 3000, max 8192)
+#maxNoteLength: 3000
+
+# Maximum length of an image caption (default 1500, max 8192)
+#maxCaptionLength: 1500
+
+# Reserved usernames that only the administrator can register with
+reservedUsernames: [
+ 'root',
+ 'admin',
+ 'administrator',
+ 'me',
+ 'system'
+]
+
+# Whether disable HSTS
+#disableHsts: true
+
+# Number of worker processes
+#clusterLimit: 1
+
+# Worker only mode
+#onlyQueueProcessor: 1
+
+# Job concurrency per worker
+# deliverJobConcurrency: 128
+# inboxJobConcurrency: 16
+
+# Job rate limiter
+# deliverJobPerSec: 128
+# inboxJobPerSec: 16
+
+# Job attempts
+# deliverJobMaxAttempts: 12
+# inboxJobMaxAttempts: 8
+
+# IP address family used for outgoing request (ipv4, ipv6 or dual)
+#outgoingAddressFamily: ipv4
+
+# Syslog option
+#syslog:
+# host: localhost
+# port: 514
+
+# Proxy for HTTP/HTTPS
+#proxy: http://127.0.0.1:3128
+
+#proxyBypassHosts: [
+# 'web.kaiteki.app',
+# 'example.com',
+# '192.0.2.8'
+#]
+
+# Proxy for SMTP/SMTPS
+#proxySmtp: http://127.0.0.1:3128 # use HTTP/1.1 CONNECT
+#proxySmtp: socks4://127.0.0.1:1080 # use SOCKS4
+#proxySmtp: socks5://127.0.0.1:1080 # use SOCKS5
+
+# Media Proxy
+#mediaProxy: https://example.com/proxy
+
+# Proxy remote files (default: false)
+#proxyRemoteFiles: true
+
+#allowedPrivateNetworks: [
+# '127.0.0.1/32'
+#]
+
+# TWA
+#twa:
+# nameSpace: android_app
+# packageName: tld.domain.twa
+# sha256CertFingerprints: ['AB:CD:EF']
+
+# Upload or download file size limits (bytes)
+#maxFileSize: 262144000
+
+#━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
+# Congrats, you've reached the end of the config file needed for most deployments!
+# Enjoy your Calckey server!
+#━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
+
+
+
+
+#━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
+# Managed hosting settings
+# >>> NORMAL SELF-HOSTERS, STAY AWAY! <<<
+# >>> YOU DON'T NEED THIS! <<<
+# Each category is optional, but if each item in each category is mandatory!
+# If you mess this up, that's on you, you've been warned...
+#━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
+
+#maxUserSignups: 100
+#isManagedHosting: true
+#deepl:
+# managed: true
+# authKey: ''
+# isPro: false
+#
+#email:
+# managed: true
+# address: 'example@email.com'
+# host: 'email.com'
+# port: 587
+# user: 'example@email.com'
+# pass: ''
+# useImplicitSslTls: false
+#
+#objectStorage:
+# managed: true
+# baseUrl: ''
+# bucket: ''
+# prefix: ''
+# endpoint: ''
+# region: ''
+# accessKey: ''
+# secretKey: ''
+# useSsl: true
+# connnectOverProxy: false
+# setPublicReadOnUpload: true
+# s3ForcePathStyle: true
+
+# !!!!!!!!!!
+# >>>>>> AGAIN, NORMAL SELF-HOSTERS, STAY AWAY! <<<<<<
+# >>>>>> YOU DON'T NEED THIS, ABOVE SETTINGS ARE FOR MANAGED HOSTING ONLY! <<<<<<
+# !!!!!!!!!!
+
+# Seriously. Do NOT fill out the above settings if you're self-hosting.
+# They're much better off being set from the control panel.
A roles/containers/calckey/templates/sonic.conf => roles/containers/calckey/templates/sonic.conf +69 -0
@@ 0,0 1,69 @@
+# Sonic
+# Fast, lightweight and schema-less search backend
+# Configuration file
+# Example: https://github.com/valeriansaliou/sonic/blob/master/config.cfg
+
+
+[server]
+
+log_level = "debug"
+
+
+[channel]
+
+inet = "0.0.0.0:1491"
+tcp_timeout = 300
+
+auth_password = "{{ calckey_sonic_pass }}"
+
+[channel.search]
+
+query_limit_default = 10
+query_limit_maximum = 100
+query_alternates_try = 4
+
+suggest_limit_default = 5
+suggest_limit_maximum = 20
+
+list_limit_default = 100
+list_limit_maximum = 500
+
+
+[store]
+
+[store.kv]
+
+path = "/var/lib/sonic/store/kv/"
+
+retain_word_objects = 1000
+
+[store.kv.pool]
+
+inactive_after = 1800
+
+[store.kv.database]
+
+flush_after = 900
+
+compress = true
+parallelism = 2
+max_files = 100
+max_compactions = 1
+max_flushes = 1
+write_buffer = 16384
+write_ahead_log = true
+
+[store.fst]
+
+path = "/var/lib/sonic/store/fst/"
+
+[store.fst.pool]
+
+inactive_after = 300
+
+[store.fst.graph]
+
+consolidate_after = 180
+
+max_size = 2048
+max_words = 250000
M run.yml => run.yml +5 -0
@@ 27,3 27,8 @@
roles:
- role: containers/woodpecker-ci
tags: ci
+- name: setup Calckey
+ hosts: all
+ roles:
+ - role: containers/calckey
+ tags: calckey