Merge branch 'main' of https://github.com/mother-of-all-self-hosting/mash-playbook into firezone

docs/services/gotosocial.md

@@ -0,0 +1,91 @@
+# GoToSocial
+
+[GoToSocial](https://gotosocial.org/) is a self-hosted [ActivityPub](https://activitypub.rocks/) social network server, that this playbook can install, powered by the [mother-of-all-self-hosting/ansible-role-gotosocial](https://github.com/mother-of-all-self-hosting/ansible-role-gotosocial) Ansible role.
+
+## Configuration
+
+To enable this service, add the following configuration to your `vars.yml` file and re-run the [installation](../installing.md) process:
+
+```yaml
+########################################################################
+#                                                                      #
+# gotosocial                                                           #
+#                                                                      #
+########################################################################
+
+gotosocial_enabled: true
+
+
+# Hostname that this server will be reachable at.
+# DO NOT change this after your server has already run once, or you will break things!
+# Examples: ["gts.example.org","some.server.com"]
+gotosocial_hostname: 'social.example.org'
+
+# Domain to use when federating profiles. It defaults to `gotosocial_hostname` but you can cange it when you want your server to be at
+# eg., `gotosocial_hostname: gts.example.org`, but you want the domain on accounts to be "example.org" because it looks better
+# or is just shorter/easier to remember.
+#
+# Please read the appropriate section of the installation guide before you go messing around with this setting:
+# https://docs.gotosocial.org/installation_guide/advanced/#can-i-host-my-instance-at-fediexampleorg-but-have-just-exampleorg-in-my-username
+# gotosocial_account_domain: "example.org"
+
+########################################################################
+#                                                                      #
+# /gotosocial                                                          #
+#                                                                      #
+########################################################################
+```
+
+After installation, you can use `just run-tags gotosocial-add-user --extra-vars=username=<username> --extra-vars=password=<password> --extra-vars=email=<email>"`
+to create your a user. Change `--tags=gotosocial-add-user` to `--tags=gotosocial-add-admin` to create an admin account.
+
+### Usage
+
+After [installing](../installing.md), you can visit at the URL specified in `gotosocial_hostname` and should see your instance.
+Start to customize it at `social.example.org/admin`.
+
+Use the [GtS CLI Tool](https://docs.gotosocial.org/en/latest/admin/cli/) to do admin & maintenance tasks. E.g. use 
+```bash
+docker exec -it mash-gotosocial /gotosocial/gotosocial admin account demote --username <username>
+```
+to demote a user from admin to normal user.
+
+Refer to the [great official documentation](https://docs.gotosocial.org/en/latest/) for more information on GoToSocial.
+
+
+## Migrate an existing instance
+
+The following assumes you want to migrate from `serverA` to `serverB` (managed by mash) but you just cave to adjust the copy commands if you are on the same server.
+
+Stop the initial instance on `serverA`
+
+```bash
+serverA$ systemctl stop gotosocial
+```
+
+Dump the database (depending on your existing setup you might have to adjust this)
+```
+serverA$ pg_dump gotosocial > latest.sql
+```
+
+Copy the files to the new server
+
+```bash
+serverA$ rsync -av -e "ssh" latest.sql root@serverB:/mash/gotosocial/
+serverA$ rsync -av -e "ssh" data/* root@serverB:/mash/gotosocial/data/
+```
+
+Install (but don't start) the service and database on the server.
+
+```bash
+yourPC$ just run-tags install-all
+yourPC$ just run-tags import-postgres --extra-vars=server_path_postgres_dump=/mash/gotosocial/latest.sql --extra-vars=postgres_default_import_database=mash-gotosocial
+```
+
+Start the services on the new server
+
+```bash
+yourPC$ just run-tags start
+```
+
+Done 🥳

docs/supported-services.md

@@ -12,6 +12,7 @@
 | [Focalboard](https://www.focalboard.com/) | An open source, self-hosted alternative to [Trello](https://trello.com/), [Notion](https://www.notion.so/), and [Asana](https://asana.com/). | [Link](services/focalboard.md) |
 | [Firezone](https://www.firezone.dev/) | A self-hosted VPN server (based on [WireGuard](https://en.wikipedia.org/wiki/WireGuard)) with a Web UI | [Link](services/firezone.md) |
 | [Gitea](https://gitea.io/) | A painless self-hosted [Git](https://git-scm.com/) service. | [Link](services/gitea.md) |
+| [GotoSocial](https://gotosocial.org/) | [GoToSocial](https://gotosocial.org/) is a self-hosted [ActivityPub](https://activitypub.rocks/) social network server | [Link](services/gotosocial.md) |
 | [Grafana](https://grafana.com/) | An open and composable observability and data visualization platform, often used with [Prometheus](services/prometheus.md) | [Link](services/grafana.md) |
 | [Hubsite](https://github.com/moan0s/hubsite) | A simple, static site that shows an overview of the available services | [Link](services/hubsite.md) |
 | [Keycloak](https://www.keycloak.org/) | An open source identity and access management solution. | [Link](services/keycloak.md) |

group_vars/mash_servers

@@ -93,6 +93,8 @@ devture_systemd_service_manager_services_list_auto: |
     +
     ([{'name': (gitea_identifier + '.service'), 'priority': 2000, 'groups': ['mash', 'gitea', 'gitea-server']}] if gitea_enabled else [])
     +
+    ([{'name': (gotosocial_identifier + '.service'), 'priority': 2000, 'groups': ['mash', 'gotosocial']}] if gotosocial_enabled else [])
+    +
     ([{'name': (grafana_identifier + '.service'), 'priority': 2000, 'groups': ['mash', 'grafana']}] if grafana_enabled else [])
     +
     ([{'name': (keycloak_identifier + '.service'), 'priority': 2000, 'groups': ['mash', 'keycloak']}] if keycloak_enabled else [])
@@ -188,6 +190,12 @@ devture_postgres_managed_databases_auto: |
       'password': devture_woodpecker_ci_server_database_datasource_password,
     }] if devture_woodpecker_ci_server_enabled else [])
     +
+    ([{
+      'name': gotosocial_database_name,
+      'username': gotosocial_database_username,
+      'password': gotosocial_database_password,
+    }] if gotosocial_enabled else [])
+    +
     ([{
       'name': keycloak_database_name,
       'username': keycloak_database_username,
@@ -831,14 +839,12 @@ nextcloud_base_path: "{{ mash_playbook_base_path }}/{{ mash_playbook_service_bas
 nextcloud_uid: "{{ mash_playbook_uid }}"
 nextcloud_gid: "{{ mash_playbook_gid }}"
 
-nextcloud_systemd_required_systemd_services_list: |
+nextcloud_systemd_required_services_list_auto: |
   {{
-    (['docker.service'])
-    +
     ([devture_postgres_identifier ~ '.service'] if devture_postgres_enabled and nextcloud_database_hostname == devture_postgres_identifier else [])
   }}
 
-nextcloud_container_additional_networks: |
+nextcloud_container_additional_networks_auto: |
   {{
     ([mash_playbook_reverse_proxyable_services_additional_network] if mash_playbook_reverse_proxyable_services_additional_network else [])
     +
@@ -1462,6 +1468,14 @@ hubsite_service_gitea_logo_location: "{{ role_path }}/assets/gitea.png"
 hubsite_service_gitea_description: "A git service"
 hubsite_service_gitea_priority: 1000
 
+# GoToSocial
+hubsite_service_gotosocial_enabled: "{{ gotosocial_enabled }}"
+hubsite_service_gotosocial_name: GoToSocial
+hubsite_service_gotosocial_url: "https://{{ gotosocial_hostname }}"
+hubsite_service_gotosocial_logo_location: "{{ role_path }}/assets/gotosocial.png"
+hubsite_service_gotosocial_description: "A fediverse server"
+hubsite_service_gotosocial_priority: 1000
+
 # Grafana
 hubsite_service_grafana_enabled: "{{ grafana_enabled }}"
 hubsite_service_grafana_name: Grafana
@@ -1470,7 +1484,6 @@ hubsite_service_grafana_logo_location: "{{ role_path }}/assets/grafana.png"
 hubsite_service_grafana_description: "Check how your server is doing"
 hubsite_service_grafana_priority: 1000
 
-
 # Miniflux
 hubsite_service_miniflux_enabled: "{{ miniflux_enabled }}"
 hubsite_service_miniflux_name: Miniflux
@@ -1544,6 +1557,8 @@ hubsite_service_list_auto: |
     +
     ([{'name': hubsite_service_gitea_name, 'url': hubsite_service_gitea_url, 'logo_location': hubsite_service_gitea_logo_location, 'description': hubsite_service_gitea_description, 'priority': hubsite_service_gitea_priority}] if hubsite_service_gitea_enabled else [])
     +
+    ([{'name': hubsite_service_gotosocial_name, 'url': hubsite_service_gotosocial_url, 'logo_location': hubsite_service_gotosocial_logo_location, 'description': hubsite_service_gotosocial_description, 'priority': hubsite_service_gotosocial_priority}] if hubsite_service_gotosocial_enabled else [])
+    +
     ([{'name': hubsite_service_grafana_name, 'url': hubsite_service_grafana_url, 'logo_location': hubsite_service_grafana_logo_location, 'description': hubsite_service_grafana_description, 'priority': hubsite_service_grafana_priority}] if hubsite_service_grafana_enabled else [])
     +
     ([{'name': hubsite_service_miniflux_name, 'url': hubsite_service_miniflux_url, 'logo_location': hubsite_service_miniflux_logo_location, 'description': hubsite_service_miniflux_description, 'priority': hubsite_service_miniflux_priority}] if hubsite_service_miniflux_enabled else [])
@@ -1615,3 +1630,49 @@ firezone_container_labels_traefik_tls_certResolver: "{{ devture_traefik_certReso
 # /firezone                                                             #
 #                                                                      #
 ########################################################################
+
+
+########################################################################
+#                                                                      #
+# gotsocial                                                            #
+#                                                                      #
+########################################################################
+
+gotosocial_enabled: false
+
+gotosocial_identifier: "{{ mash_playbook_service_identifier_prefix }}gotosocial"
+
+gotosocial_base_path: "{{ mash_playbook_base_path }}/{{ mash_playbook_service_base_directory_name_prefix }}gotosocial"
+
+gotosocial_uid: "{{ mash_playbook_uid }}"
+gotosocial_gid: "{{ mash_playbook_gid }}"
+
+gotosocial_database_host: "{{ devture_postgres_identifier if devture_postgres_enabled else '' }}"
+gotosocial_database_port: "{{ '5432' if devture_postgres_enabled else '' }}"
+gotosocial_database_password: "{{ '%s' | format(mash_playbook_generic_secret_key) | password_hash('sha512', 'db.gotosocial', rounds=655555) | to_uuid }}"
+gotosocial_database_username: "{{ gotosocial_identifier }}"
+
+gotosocial_systemd_required_services_list: |
+  {{
+    (['docker.service'])
+    +
+    ([devture_postgres_identifier ~ '.service'] if devture_postgres_enabled and gotosocial_database_host == devture_postgres_identifier else [])
+  }}
+
+gotosocial_container_additional_networks: |
+  {{
+    ([mash_playbook_reverse_proxyable_services_additional_network] if mash_playbook_reverse_proxyable_services_additional_network else [])
+    +
+    ([devture_postgres_container_network] if devture_postgres_enabled and gotosocial_database_host == devture_postgres_identifier and gotosocial_container_network != devture_postgres_container_network else [])
+  }}
+
+gotosocial_container_labels_traefik_enabled: "{{ mash_playbook_traefik_labels_enabled }}"
+gotosocial_container_labels_traefik_docker_network: "{{ mash_playbook_reverse_proxyable_services_additional_network }}"
+gotosocial_container_labels_traefik_entrypoints: "{{ devture_traefik_entrypoint_primary }}"
+gotosocial_container_labels_traefik_tls_certResolver: "{{ devture_traefik_certResolver_primary }}"
+
+########################################################################
+#                                                                      #
+# /gotosocial                                                          #
+#                                                                      #
+########################################################################

requirements.yml

@@ -79,13 +79,13 @@
   version: v21.0.1-1
   name: keycloak
 - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-navidrome.git
-  version: v0.49.3-0
+  version: v0.49.3-1
   name: navidrome
 - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-netbox.git
   version: v3.4.6-2.5.1-0
   name: netbox
 - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-nextcloud.git
-  version: v26.0.0-0
+  version: v26.0.0-1
   name: nextcloud
 - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-peertube.git
   version: v5.1.0-2
@@ -105,3 +105,6 @@
 - src: git+https://github.com/moan0s/role-firezone.git
   version: ac8564d5e11a75107ba93aec6427b83be824c30a
   name: firezone
+- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-gotosocial.git
+  name: gotosocial
+  version: d608eb330af28b75d3e4881b2e8c09af64d078f1

setup.yml

@@ -68,6 +68,8 @@
 
     - role: galaxy/gitea
 
+    - role: galaxy/gotosocial
+
     - role: galaxy/grafana
 
     - role: galaxy/keycloak