From c8d98b8675f5f959ede7dbc59b14b8d8a179df83 Mon Sep 17 00:00:00 2001 From: Jakob Meier Date: Sun, 2 Jul 2023 15:38:25 +0200 Subject: [PATCH] Added calckey role --- roles/containers/calckey/README.org | 15 ++ roles/containers/calckey/defaults/main.yml | 9 + roles/containers/calckey/tasks/caddy.yml | 24 ++ roles/containers/calckey/tasks/main.yml | 3 + roles/containers/calckey/tasks/setup.yml | 86 +++++++ .../containers/calckey/templates/calckey.conf | 240 ++++++++++++++++++ roles/containers/calckey/templates/sonic.conf | 69 +++++ run.yml | 5 + 8 files changed, 451 insertions(+) create mode 100644 roles/containers/calckey/README.org create mode 100644 roles/containers/calckey/defaults/main.yml create mode 100644 roles/containers/calckey/tasks/caddy.yml create mode 100644 roles/containers/calckey/tasks/main.yml create mode 100644 roles/containers/calckey/tasks/setup.yml create mode 100644 roles/containers/calckey/templates/calckey.conf create mode 100644 roles/containers/calckey/templates/sonic.conf diff --git a/roles/containers/calckey/README.org b/roles/containers/calckey/README.org new file mode 100644 index 0000000..1e8d92d --- /dev/null +++ b/roles/containers/calckey/README.org @@ -0,0 +1,15 @@ +* /roles/containers/calckey +[[https://calckey.org][Calckey]] module. + +Before using this, +you probably want to set/edit the following variables +in your ~secret.yml~ (or your unencrypted config): +#+begin_src yaml +calckey_project_dir: "world" +calckey_port: "4753" +calckey_open: "false" +calckey_domain: "{{ calckey_project_dir }}.ccw.icu" +calckey_postgres_pass: "" +calckey_postgres_user: "" +calckey_sonic_pass: "" +#+end_src diff --git a/roles/containers/calckey/defaults/main.yml b/roles/containers/calckey/defaults/main.yml new file mode 100644 index 0000000..5cd0652 --- /dev/null +++ b/roles/containers/calckey/defaults/main.yml @@ -0,0 +1,9 @@ +--- +calckey_project_dir: "world" +calckey_port: "4753" +calckey_open: "false" +calckey_domain: "{{ calckey_project_dir }}.ccw.icu" +calckey_postgres_pass: "" +calckey_postgres_user: "" +calckey_sonic_pass: "" +calckey_id: "aid" diff --git a/roles/containers/calckey/tasks/caddy.yml b/roles/containers/calckey/tasks/caddy.yml new file mode 100644 index 0000000..beb2953 --- /dev/null +++ b/roles/containers/calckey/tasks/caddy.yml @@ -0,0 +1,24 @@ +--- +- name: Make sure calckey-caddy reverse proxy config exists + become: true + vars: + domain: "{{ calckey_domain }}" + port: "{{ calckey_port }}" + template: + src: ../../../network/caddy/templates/reverse-proxy.template + dest: /etc/caddy/calckey + validate: caddy validate --adapter caddyfile --config %s + +- name: Make sure caddy links to the calckey config + become: true + lineinfile: + path: /etc/caddy/Caddyfile + search_string: "^import /etc/caddy/calckey" + line: "import /etc/caddy/calckey" + validate: caddy validate --adapter caddyfile --config %s + +- name: Restart caddy + become: true + service: + name: caddy + state: restarted diff --git a/roles/containers/calckey/tasks/main.yml b/roles/containers/calckey/tasks/main.yml new file mode 100644 index 0000000..415dc21 --- /dev/null +++ b/roles/containers/calckey/tasks/main.yml @@ -0,0 +1,3 @@ +--- +- include_tasks: setup.yml +- include_tasks: caddy.yml diff --git a/roles/containers/calckey/tasks/setup.yml b/roles/containers/calckey/tasks/setup.yml new file mode 100644 index 0000000..b74d09f --- /dev/null +++ b/roles/containers/calckey/tasks/setup.yml @@ -0,0 +1,86 @@ +--- +- name: Ensure calckey-project-dir "{{ calckey_project_dir }}" exists + file: + path: "{{ container_dir }}/{{ calckey_project_dir }}" + state: directory + recurse: true + +# Copy config files +- name: Ensure calckey config directory exists + file: + path: "{{ container_dir }}/{{ calckey_project_dir }}/.config" + state: directory + recurse: true + +- name: Copy calckey config to the project dir + template: + src: calckey.conf + dest: "{{ container_dir }}/{{ calckey_project_dir }}/.config/default.yml" + +- name: Copy sonic config to the project dir + template: + src: sonic.conf + dest: "{{ container_dir }}/{{ calckey_project_dir }}/sonic.cfg" + +# Setup docker images +- name: Setup calckey redis + docker_container: + name: calckey_redis + image: docker.io/redis:7.0-alpine + restart_policy: unless-stopped + volumes: + - "{{ container_dir }}\ + /{{ calckey_project_dir }}\ + /redis:/data" + +- name: Setup calckey db + docker_container: + name: calckey_db + restart_policy: unless-stopped + image: docker.io/postgres:12.2-alpine + volumes: + - "{{ container_dir }}\ + /{{ calckey_project_dir }}\ + /db:/var/lib/postgresql/data" + links: + - calckey_redis + env: + POSTGRES_PASSWORD: "{{ calckey_postgres_pass }}" + POSTGRES_USER: "{{ calckey_postgres_user }}" + POSTGRES_DB: "calckey" + +- name: Setup calckey sonic + docker_container: + name: calckey_sonic + restart_policy: unless-stopped + image: docker.io/valeriansaliou/sonic:v1.4.0 + volumes: + - "{{ container_dir }}\ + /{{ calckey_project_dir }}\ + /sonic:/var/lib/sonic/store" + - "{{ container_dir }}\ + /{{ calckey_project_dir }}\ + /sonic.cfg:/etc/sonic.cfg" + links: + - calckey_db + +- name: Setup calckey web + docker_container: + name: calckey_web + restart_policy: unless-stopped + image: docker.io/thatonecalculator/calckey + ports: + - "{{ calckey_port }}:3000" + volumes: + - "{{ container_dir }}\ + /{{ calckey_project_dir }}\ + /files:/calckey/files" + - "{{ container_dir }}\ + /{{ calckey_project_dir }}\ + /.config:/calckey/.config:ro" + links: + - calckey_sonic + - calckey_db + - calckey_redis + env: + NODE_ENV: production diff --git a/roles/containers/calckey/templates/calckey.conf b/roles/containers/calckey/templates/calckey.conf new file mode 100644 index 0000000..700c5b7 --- /dev/null +++ b/roles/containers/calckey/templates/calckey.conf @@ -0,0 +1,240 @@ +#━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ +# Calckey configuration +#━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ + +# After starting your server, please don't change the URL! Doing so will break federation. + +# ┌─────┐ +#───┘ URL └───────────────────────────────────────────────────── + +# Final accessible URL seen by a user. +url: https://{{ calckey_domain }}/ + +# ┌───────────────────────┐ +#───┘ Port and TLS settings └─────────────────────────────────── + +# +# Calckey requires a reverse proxy to support HTTPS connections. +# +# +----- https://example.com/ ------------+ +# +------+ |+-------------+ +----------------+| +# | User | ---> || Proxy (443) | ---> | Calckey (3000) || +# +------+ |+-------------+ +----------------+| +# +---------------------------------------+ +# +# You need to set up a reverse proxy. (e.g. nginx, caddy) +# An encrypted connection with HTTPS is highly recommended +# because tokens may be transferred in GET requests. + +# The port that your Calckey server should listen on. +port: 3000 + +# ┌──────────────────────────┐ +#───┘ PostgreSQL configuration └──────────────────────────────── + +db: + host: calckey_db + port: 5432 + #ssl: false + # Database name + db: calckey + + # Auth + user: {{ calckey_postgres_user }} + pass: {{ calckey_postgres_pass }} + + # Whether disable Caching queries + #disableCache: true + + # Extra Connection options + #extra: + # ssl: + # host: localhost + # rejectUnauthorized: false + +# ┌─────────────────────┐ +#───┘ Redis configuration └───────────────────────────────────── + +redis: + host: calckey_redis + port: 6379 + #tls: + # host: localhost + # rejectUnauthorized: false + #family: 0 # 0=Both, 4=IPv4, 6=IPv6 + #pass: example-pass + #prefix: example-prefix + #db: 1 + #user: default + +# Please configure either MeiliSearch *or* Sonic. +# If both MeiliSearch and Sonic configurations are present, MeiliSearch will take precedence. + +# ┌───────────────────────────┐ +#───┘ MeiliSearch configuration └───────────────────────────────────── +#meilisearch: +# host: meilisearch +# port: 7700 +# ssl: false +# apiKey: + +# ┌─────────────────────┐ +#───┘ Sonic configuration └───────────────────────────────────── + +sonic: + host: calckey_sonic + port: 1491 + auth: {{ calckey_sonic_pass }} + collection: notes + bucket: default + + +# ┌───────────────┐ +#───┘ ID generation └─────────────────────────────────────────── + +id: {{ calckey_id }} +# No need to uncomment in most cases, but you may want to change +# these settings if you plan to run a large and/or distributed server. + +# cuid: +# # Min 16, Max 24 +# length: 16 +# +# # Set this to a unique string across workers (e.g., machine's hostname) +# # if your workers are running in multiple hosts. +# fingerprint: my-fingerprint + + +# ┌─────────────────────┐ +#───┘ Other configuration └───────────────────────────────────── + +# Maximum length of a post (default 3000, max 8192) +#maxNoteLength: 3000 + +# Maximum length of an image caption (default 1500, max 8192) +#maxCaptionLength: 1500 + +# Reserved usernames that only the administrator can register with +reservedUsernames: [ + 'root', + 'admin', + 'administrator', + 'me', + 'system' +] + +# Whether disable HSTS +#disableHsts: true + +# Number of worker processes +#clusterLimit: 1 + +# Worker only mode +#onlyQueueProcessor: 1 + +# Job concurrency per worker +# deliverJobConcurrency: 128 +# inboxJobConcurrency: 16 + +# Job rate limiter +# deliverJobPerSec: 128 +# inboxJobPerSec: 16 + +# Job attempts +# deliverJobMaxAttempts: 12 +# inboxJobMaxAttempts: 8 + +# IP address family used for outgoing request (ipv4, ipv6 or dual) +#outgoingAddressFamily: ipv4 + +# Syslog option +#syslog: +# host: localhost +# port: 514 + +# Proxy for HTTP/HTTPS +#proxy: http://127.0.0.1:3128 + +#proxyBypassHosts: [ +# 'web.kaiteki.app', +# 'example.com', +# '192.0.2.8' +#] + +# Proxy for SMTP/SMTPS +#proxySmtp: http://127.0.0.1:3128 # use HTTP/1.1 CONNECT +#proxySmtp: socks4://127.0.0.1:1080 # use SOCKS4 +#proxySmtp: socks5://127.0.0.1:1080 # use SOCKS5 + +# Media Proxy +#mediaProxy: https://example.com/proxy + +# Proxy remote files (default: false) +#proxyRemoteFiles: true + +#allowedPrivateNetworks: [ +# '127.0.0.1/32' +#] + +# TWA +#twa: +# nameSpace: android_app +# packageName: tld.domain.twa +# sha256CertFingerprints: ['AB:CD:EF'] + +# Upload or download file size limits (bytes) +#maxFileSize: 262144000 + +#━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ +# Congrats, you've reached the end of the config file needed for most deployments! +# Enjoy your Calckey server! +#━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ + + + + +#━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ +# Managed hosting settings +# >>> NORMAL SELF-HOSTERS, STAY AWAY! <<< +# >>> YOU DON'T NEED THIS! <<< +# Each category is optional, but if each item in each category is mandatory! +# If you mess this up, that's on you, you've been warned... +#━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ + +#maxUserSignups: 100 +#isManagedHosting: true +#deepl: +# managed: true +# authKey: '' +# isPro: false +# +#email: +# managed: true +# address: 'example@email.com' +# host: 'email.com' +# port: 587 +# user: 'example@email.com' +# pass: '' +# useImplicitSslTls: false +# +#objectStorage: +# managed: true +# baseUrl: '' +# bucket: '' +# prefix: '' +# endpoint: '' +# region: '' +# accessKey: '' +# secretKey: '' +# useSsl: true +# connnectOverProxy: false +# setPublicReadOnUpload: true +# s3ForcePathStyle: true + +# !!!!!!!!!! +# >>>>>> AGAIN, NORMAL SELF-HOSTERS, STAY AWAY! <<<<<< +# >>>>>> YOU DON'T NEED THIS, ABOVE SETTINGS ARE FOR MANAGED HOSTING ONLY! <<<<<< +# !!!!!!!!!! + +# Seriously. Do NOT fill out the above settings if you're self-hosting. +# They're much better off being set from the control panel. diff --git a/roles/containers/calckey/templates/sonic.conf b/roles/containers/calckey/templates/sonic.conf new file mode 100644 index 0000000..9a768d9 --- /dev/null +++ b/roles/containers/calckey/templates/sonic.conf @@ -0,0 +1,69 @@ +# Sonic +# Fast, lightweight and schema-less search backend +# Configuration file +# Example: https://github.com/valeriansaliou/sonic/blob/master/config.cfg + + +[server] + +log_level = "debug" + + +[channel] + +inet = "0.0.0.0:1491" +tcp_timeout = 300 + +auth_password = "{{ calckey_sonic_pass }}" + +[channel.search] + +query_limit_default = 10 +query_limit_maximum = 100 +query_alternates_try = 4 + +suggest_limit_default = 5 +suggest_limit_maximum = 20 + +list_limit_default = 100 +list_limit_maximum = 500 + + +[store] + +[store.kv] + +path = "/var/lib/sonic/store/kv/" + +retain_word_objects = 1000 + +[store.kv.pool] + +inactive_after = 1800 + +[store.kv.database] + +flush_after = 900 + +compress = true +parallelism = 2 +max_files = 100 +max_compactions = 1 +max_flushes = 1 +write_buffer = 16384 +write_ahead_log = true + +[store.fst] + +path = "/var/lib/sonic/store/fst/" + +[store.fst.pool] + +inactive_after = 300 + +[store.fst.graph] + +consolidate_after = 180 + +max_size = 2048 +max_words = 250000 diff --git a/run.yml b/run.yml index b2abf95..0125bec 100644 --- a/run.yml +++ b/run.yml @@ -27,3 +27,8 @@ roles: - role: containers/woodpecker-ci tags: ci +- name: setup Calckey + hosts: all + roles: + - role: containers/calckey + tags: calckey -- 2.38.5