From 50d16e045a06dccdc1c4bdb482bba43a97c9f3ab Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sun, 2 Apr 2023 18:19:58 +0200 Subject: [PATCH 1/8] Add funkwhale --- docs/funkwhale.md | 161 +++++++++++++++++++++++++++++++++++++ docs/supported-services.md | 1 + group_vars/mash_servers | 14 ++++ requirements.yml | 3 + setup.yml | 2 + 5 files changed, 181 insertions(+) create mode 100644 docs/funkwhale.md diff --git a/docs/funkwhale.md b/docs/funkwhale.md new file mode 100644 index 0000000..8ab5708 --- /dev/null +++ b/docs/funkwhale.md @@ -0,0 +1,161 @@ +# funkwhale + +[Funkwhale](funkwhale.audio/) is a community-driven project that lets you listen and share music and audio within a decentralized, open network. + + +## Dependencies + +This service requires the following other services: + +- a [Postgres](postgres.md) database +- a [Redis](redis.md) data-store, installation details [below](#redis) +- a [Traefik](traefik.md) reverse-proxy server + + +## Configuration + +To enable this service, add the following configuration to your `vars.yml` file and re-run the [installation](../installing.md) process: + +```yaml +######################################################################## +# # +# funkwhale # +# # +######################################################################## +funkwhale_enabled: true +funkwhale_hostname: mash.example.com +# Put a strong secret below, generated with `pwgen -s 64 1` or in another way +funkwhale_django_secret_key: '' +# Redis configuration, as described below +######################################################################## +# # +# /funkwhale # +# # +######################################################################## +``` + +### Redis + +As described on the [Redis](redis.md) documentation page, if you're hosting additional services which require Redis on the same server, you'd better go for installing a separate Redis instance for each service. See [Creating a Redis instance dedicated to funkwhale](#creating-a-redis-instance-dedicated-to-funkwhale). + +If you're only running funkwhale on this server and don't need to use Redis for anything else, you can [use a single Redis instance](#using-the-shared-redis-instance-for-funkwhale). + +#### Using the shared Redis instance for funkwhale + +To install a single (non-dedicated) Redis instance (`mash-redis`) and hook funkwhale to it, add the following **additional** configuration: + +```yaml +######################################################################## +# # +# redis # +# # +######################################################################## +redis_enabled: true +######################################################################## +# # +# /redis # +# # +######################################################################## +######################################################################## +# # +# funkwhale # +# # +######################################################################## +# Base configuration as shown above +# Point funkwhale to the shared Redis instance +funkwhale_config_redis_hostname: "{{ redis_identifier }}" +# Make sure the funkwhale service (mash-funkwhale.service) starts after the shared Redis service (mash-redis.service) +funkwhale_systemd_required_services_list_custom: + - "{{ redis_identifier }}.service" +# Make sure the funkwhale container is connected to the container network of the shared Redis service (mash-redis) +funkwhale_container_additional_networks_custom: + - "{{ redis_identifier }}" +######################################################################## +# # +# /funkwhale # +# # +######################################################################## +``` + +This will create a `mash-redis` Redis instance on this host. + +This is only recommended if you won't be installing other services which require Redis. Alternatively, go for [Creating a Redis instance dedicated to funkwhale](#creating-a-redis-instance-dedicated-to-funkwhale). + + +#### Creating a Redis instance dedicated to funkwhale + +The following instructions are based on the [Running multiple instances of the same service on the same host](../running-multiple-instances.md) documentation. + +Adjust your `inventory/hosts` file as described in [Re-do your inventory to add supplementary hosts](../running-multiple-instances.md#re-do-your-inventory-to-add-supplementary-hosts), adding a new supplementary host (e.g. if `funkwhale.example.com` is your main one, create `funkwhale.example.com-deps`). + +Then, create a new `vars.yml` file for the + +`inventory/host_vars/funkwhale.example.com-deps/vars.yml`: + +```yaml +--- +######################################################################## +# # +# Playbook # +# # +######################################################################## +# Put a strong secret below, generated with `pwgen -s 64 1` or in another way +# Various other secrets will be derived from this secret automatically. +mash_playbook_generic_secret_key: '' +# Override service names and directory path prefixes +mash_playbook_service_identifier_prefix: 'mash-funkwhale-' +mash_playbook_service_base_directory_name_prefix: 'funkwhale-' +######################################################################## +# # +# /Playbook # +# # +######################################################################## +######################################################################## +# # +# redis # +# # +######################################################################## +redis_enabled: true +######################################################################## +# # +# /redis # +# # +######################################################################## +``` + +This will create a `mash-funkwhale-redis` instance on this host with its data in `/mash/funkwhale-redis`. + +Then, adjust your main inventory host's variables file (`inventory/host_vars/funkwhale.example.com/vars.yml`) like this: + +```yaml +######################################################################## +# # +# funkwhale # +# # +######################################################################## +# Base configuration as shown above +# Point funkwhale to its dedicated Redis instance +funkwhale_environment_variable_redis_host: mash-funkwhale-redis +funkwhale_environment_variable_redis_cache_host: mash-funkwhale-redis +# Make sure the funkwhale service (mash-funkwhale.service) starts after its dedicated Redis service (mash-funkwhale-redis.service) +funkwhale_systemd_required_services_list_custom: + - "mash-funkwhale-redis.service" +# Make sure the funkwhale container is connected to the container network of its dedicated Redis service (mash-funkwhale-redis) +funkwhale_container_additional_networks_custom: + - "mash-funkwhale-redis" +######################################################################## +# # +# /funkwhale # +# # +######################################################################## +``` + + +## Installation + +If you've decided to install a dedicated Redis instance for funkwhale, make sure to first do [installation](../installing.md) for the supplementary inventory host (e.g. `funkwhale.example.com-deps`), before running installation for the main one (e.g. `funkwhale.example.com`). + + +## Usage + +After installation, you can go to the funkwhale URL, as defined in `funkwhale_hostname`. \ No newline at end of file diff --git a/docs/supported-services.md b/docs/supported-services.md index 0245a3e..fb04e46 100644 --- a/docs/supported-services.md +++ b/docs/supported-services.md @@ -11,6 +11,7 @@ | [Docker Registry Purger](https://github.com/devture/docker-registry-purger) | A small tool used for purging a private Docker Registry's old tags | [Link](services/docker-registry-purger.md) | | [Focalboard](https://www.focalboard.com/) | An open source, self-hosted alternative to [Trello](https://trello.com/), [Notion](https://www.notion.so/), and [Asana](https://asana.com/). | [Link](services/focalboard.md) | | [Firezone](https://www.firezone.dev/) | A self-hosted VPN server (based on [WireGuard](https://en.wikipedia.org/wiki/WireGuard)) with a Web UI | [Link](services/firezone.md) | +| [Funkwhale](https://funkwhale.audio/) | Listen and share music with a selfhosted streaming server.| [Link](services/funkwhale.md) | | [Gitea](https://gitea.io/) | A painless self-hosted [Git](https://git-scm.com/) service. | [Link](services/gitea.md) | | [GoToSocial](https://gotosocial.org/) | A self-hosted [ActivityPub](https://activitypub.rocks/) social network server | [Link](services/gotosocial.md) | | [Grafana](https://grafana.com/) | An open and composable observability and data visualization platform, often used with [Prometheus](services/prometheus.md) | [Link](services/grafana.md) | diff --git a/group_vars/mash_servers b/group_vars/mash_servers index c1c9a67..3416b0e 100644 --- a/group_vars/mash_servers +++ b/group_vars/mash_servers @@ -91,6 +91,14 @@ devture_systemd_service_manager_services_list_auto: | + ([{'name': (focalboard_identifier + '.service'), 'priority': 2000, 'groups': ['mash', 'focalboard']}] if focalboard_enabled else []) + + ([{'name': (funkwhale_api_identifier + '.service'), 'priority': 2000, 'groups': ['mash', 'funkwhale']}] if funkwhale_enabled else []) + + + ([{'name': (funkwhale_frontend_identifier + '.service'), 'priority': 2000, 'groups': ['mash', 'funkwhale']}] if funkwhale_enabled else []) + + + ([{'name': (funkwhale_celery_beat_identifier + '.service'), 'priority': 2000, 'groups': ['mash', 'funkwhale']}] if funkwhale_enabled else []) + + + ([{'name': (funkwhale_celery_worker_identifier + '.service'), 'priority': 2000, 'groups': ['mash', 'funkwhale']}] if funkwhale_enabled else []) + + ([{'name': (gitea_identifier + '.service'), 'priority': 2000, 'groups': ['mash', 'gitea', 'gitea-server']}] if gitea_enabled else []) + ([{'name': (gotosocial_identifier + '.service'), 'priority': 2000, 'groups': ['mash', 'gotosocial']}] if gotosocial_enabled else []) @@ -188,6 +196,12 @@ devture_postgres_managed_databases_auto: | 'password': focalboard_database_password, }] if focalboard_enabled and focalboard_database_type == 'postgres' and focalboard_database_hostname == devture_postgres_identifier else []) + + ([{ + 'name': funkwhale_database_name, + 'username': funkwhale_database_username, + 'password': funkwhale_database_password, + }] if funkwhale_enabled and funkwhale_database_hostname == devture_postgres_identifier else []) + + ([{ 'name': gitea_config_database_name, 'username': gitea_config_database_username, diff --git a/requirements.yml b/requirements.yml index c43d5de..f902c0c 100644 --- a/requirements.yml +++ b/requirements.yml @@ -50,6 +50,9 @@ - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-focalboard.git version: v7.8.0-0 name: focalboard +- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-funkwhale.git + version: v1.3.0-rc5-0 + name: funkwhale - src: git+https://github.com/geerlingguy/ansible-role-docker version: 6.1.0 name: geerlingguy.docker diff --git a/setup.yml b/setup.yml index e99ddb4..debe2f7 100644 --- a/setup.yml +++ b/setup.yml @@ -66,6 +66,8 @@ - role: galaxy/focalboard + - role: galaxy/funkwhale + - role: galaxy/gitea - role: galaxy/gotosocial From e53913b69c3cdf282b722f4f9c16654445d56090 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sun, 2 Apr 2023 19:13:35 +0200 Subject: [PATCH 2/8] Bump funkwhale role version --- requirements.yml | 2 +- setup.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/requirements.yml b/requirements.yml index f902c0c..0f22231 100644 --- a/requirements.yml +++ b/requirements.yml @@ -51,7 +51,7 @@ version: v7.8.0-0 name: focalboard - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-funkwhale.git - version: v1.3.0-rc5-0 + version: v1.3.0-rc5-1 name: funkwhale - src: git+https://github.com/geerlingguy/ansible-role-docker version: 6.1.0 diff --git a/setup.yml b/setup.yml index debe2f7..0cfdb1d 100644 --- a/setup.yml +++ b/setup.yml @@ -66,7 +66,7 @@ - role: galaxy/focalboard - - role: galaxy/funkwhale + - role: galaxy/funkwhale - role: galaxy/gitea From 171989871f6a262c557d3dd45040f4d877496eab Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sun, 2 Apr 2023 19:41:22 +0200 Subject: [PATCH 3/8] Move docs, add user creation --- docs/{ => services}/funkwhale.md | 37 ++++++++++++++++++++++++++++++-- 1 file changed, 35 insertions(+), 2 deletions(-) rename docs/{ => services}/funkwhale.md (96%) diff --git a/docs/funkwhale.md b/docs/services/funkwhale.md similarity index 96% rename from docs/funkwhale.md rename to docs/services/funkwhale.md index 8ab5708..95378d7 100644 --- a/docs/funkwhale.md +++ b/docs/services/funkwhale.md @@ -1,4 +1,4 @@ -# funkwhale +# Funkwhale [Funkwhale](funkwhale.audio/) is a community-driven project that lets you listen and share music and audio within a decentralized, open network. @@ -22,11 +22,16 @@ To enable this service, add the following configuration to your `vars.yml` file # funkwhale # # # ######################################################################## + funkwhale_enabled: true + funkwhale_hostname: mash.example.com + # Put a strong secret below, generated with `pwgen -s 64 1` or in another way funkwhale_django_secret_key: '' + # Redis configuration, as described below + ######################################################################## # # # /funkwhale # @@ -50,26 +55,35 @@ To install a single (non-dedicated) Redis instance (`mash-redis`) and hook funkw # redis # # # ######################################################################## + redis_enabled: true + ######################################################################## # # # /redis # # # ######################################################################## + + ######################################################################## # # # funkwhale # # # ######################################################################## + # Base configuration as shown above + # Point funkwhale to the shared Redis instance funkwhale_config_redis_hostname: "{{ redis_identifier }}" + # Make sure the funkwhale service (mash-funkwhale.service) starts after the shared Redis service (mash-redis.service) funkwhale_systemd_required_services_list_custom: - "{{ redis_identifier }}.service" + # Make sure the funkwhale container is connected to the container network of the shared Redis service (mash-redis) funkwhale_container_additional_networks_custom: - "{{ redis_identifier }}" + ######################################################################## # # # /funkwhale # @@ -94,28 +108,36 @@ Then, create a new `vars.yml` file for the ```yaml --- + ######################################################################## # # # Playbook # # # ######################################################################## + # Put a strong secret below, generated with `pwgen -s 64 1` or in another way # Various other secrets will be derived from this secret automatically. mash_playbook_generic_secret_key: '' + # Override service names and directory path prefixes mash_playbook_service_identifier_prefix: 'mash-funkwhale-' mash_playbook_service_base_directory_name_prefix: 'funkwhale-' + ######################################################################## # # # /Playbook # # # ######################################################################## + + ######################################################################## # # # redis # # # ######################################################################## + redis_enabled: true + ######################################################################## # # # /redis # @@ -133,16 +155,22 @@ Then, adjust your main inventory host's variables file (`inventory/host_vars/fun # funkwhale # # # ######################################################################## + # Base configuration as shown above + + # Point funkwhale to its dedicated Redis instance funkwhale_environment_variable_redis_host: mash-funkwhale-redis funkwhale_environment_variable_redis_cache_host: mash-funkwhale-redis + # Make sure the funkwhale service (mash-funkwhale.service) starts after its dedicated Redis service (mash-funkwhale-redis.service) funkwhale_systemd_required_services_list_custom: - "mash-funkwhale-redis.service" + # Make sure the funkwhale container is connected to the container network of its dedicated Redis service (mash-funkwhale-redis) funkwhale_container_additional_networks_custom: - "mash-funkwhale-redis" + ######################################################################## # # # /funkwhale # @@ -158,4 +186,9 @@ If you've decided to install a dedicated Redis instance for funkwhale, make sure ## Usage -After installation, you can go to the funkwhale URL, as defined in `funkwhale_hostname`. \ No newline at end of file +After installation, you can go to the funkwhale URL, as defined in `funkwhale_hostname`. To login and get started you first have to create a user. You need to log onto your server and execute +```bash +docker exec -it mash-funkwhale-api funkwhale-manage createsuperuser --username USERNAME --email YOURNAME@invalid.org +``` + +All other users can be created in the Web GUI. From 88383037156a24fff8b2a49282fd0ac9dfcf5dd9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sun, 2 Apr 2023 20:00:52 +0200 Subject: [PATCH 4/8] Add group vars --- group_vars/mash_servers | 60 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 60 insertions(+) diff --git a/group_vars/mash_servers b/group_vars/mash_servers index 3416b0e..965232d 100644 --- a/group_vars/mash_servers +++ b/group_vars/mash_servers @@ -690,6 +690,66 @@ focalboard_container_labels_traefik_tls_certResolver: "{{ devture_traefik_certRe +######################################################################## +# # +# funkwhale # +# # +######################################################################## + +funkwhale_enabled: false + +funkwhale_identifier: "{{ mash_playbook_service_identifier_prefix }}funkwhale" + +funkwhale_base_path: "{{ mash_playbook_base_path }}/{{ mash_playbook_service_base_directory_name_prefix }}funkwhale" + +funkwhale_uid: "{{ mash_playbook_uid }}" +funkwhale_gid: "{{ mash_playbook_gid }}" + +funkwhale_database_hostname: "{{ devture_postgres_identifier if devture_postgres_enabled else '' }}" +funkwhale_database_port: "{{ '5432' if devture_postgres_enabled else '' }}" +funkwhale_database_password: "{{ '%s' | format(mash_playbook_generic_secret_key) | password_hash('sha512', 'db.funkwhale', rounds=655555) | to_uuid }}" +funkwhale_database_username: "{{ funkwhale_identifier }}" + +funkwhale_systemd_required_services_list: | + {{ + (['docker.service']) + + + ([devture_postgres_identifier ~ '.service'] if devture_postgres_enabled and funkwhale_database_hostname == devture_postgres_identifier else []) + }} + +funkwhale_api_container_additional_networks_auto: | + {{ + ([mash_playbook_reverse_proxyable_services_additional_network] if mash_playbook_reverse_proxyable_services_additional_network else []) + + + ([devture_postgres_container_network] if devture_postgres_enabled and funkwhale_database_hostname == devture_postgres_identifier and funkwhale_api_container_network != devture_postgres_container_network else []) + }} + +funkwhale_frontend_container_additional_networks_auto: | + {{ + ([devture_postgres_container_network] if devture_postgres_enabled and funkwhale_database_hostname == devture_postgres_identifier and funkwhale_frontend_container_network != devture_postgres_container_network else []) + + + ([mash_playbook_reverse_proxyable_services_additional_network] if mash_playbook_reverse_proxyable_services_additional_network else []) + }} + +funkwhale_api_container_labels_traefik_enabled: "{{ mash_playbook_traefik_labels_enabled }}" +funkwhale_api_container_labels_traefik_docker_network: "{{ mash_playbook_reverse_proxyable_services_additional_network }}" +funkwhale_api_container_labels_traefik_entrypoints: "{{ devture_traefik_entrypoint_primary }}" +funkwhale_api_container_labels_traefik_tls_certResolver: "{{ devture_traefik_certResolver_primary }}" + +funkwhale_frontend_container_labels_traefik_enabled: "{{ mash_playbook_traefik_labels_enabled }}" +funkwhale_frontend_container_labels_traefik_docker_network: "{{ mash_playbook_reverse_proxyable_services_additional_network }}" +funkwhale_frontend_container_labels_traefik_entrypoints: "{{ devture_traefik_entrypoint_primary }}" +funkwhale_frontend_container_labels_traefik_tls_certResolver: "{{ devture_traefik_certResolver_primary }}" + + +######################################################################## +# # +# /funkwhale # +# # +######################################################################## + + + ######################################################################## # # # gitea # From 5a2729ef20a2345129ec15b0aca4941a2db9beb8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sun, 2 Apr 2023 21:38:37 +0200 Subject: [PATCH 5/8] Add easier way to create superuser --- docs/services/funkwhale.md | 4 ++-- requirements.yml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/services/funkwhale.md b/docs/services/funkwhale.md index 95378d7..d1957e6 100644 --- a/docs/services/funkwhale.md +++ b/docs/services/funkwhale.md @@ -186,9 +186,9 @@ If you've decided to install a dedicated Redis instance for funkwhale, make sure ## Usage -After installation, you can go to the funkwhale URL, as defined in `funkwhale_hostname`. To login and get started you first have to create a user. You need to log onto your server and execute +After installation, you can go to the funkwhale URL, as defined in `funkwhale_hostname`. To login and get started you first have to create a user. you can do this with ```bash -docker exec -it mash-funkwhale-api funkwhale-manage createsuperuser --username USERNAME --email YOURNAME@invalid.org +just run-tags funkwhale-add-superuser --extra-vars=username=USERNAME --extra-vars=password=PASSWORD --extra-vars=email=EMAIL ``` All other users can be created in the Web GUI. diff --git a/requirements.yml b/requirements.yml index 0f22231..2fbbda4 100644 --- a/requirements.yml +++ b/requirements.yml @@ -51,7 +51,7 @@ version: v7.8.0-0 name: focalboard - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-funkwhale.git - version: v1.3.0-rc5-1 + version: v1.3.0-rc5-2 name: funkwhale - src: git+https://github.com/geerlingguy/ansible-role-docker version: 6.1.0 From b33515c815b65ee77a62ae890e5369d0ba0f133c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Sun, 2 Apr 2023 23:50:49 +0200 Subject: [PATCH 6/8] Fix celery worker path --- requirements.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.yml b/requirements.yml index 64bf2fe..d451fd6 100644 --- a/requirements.yml +++ b/requirements.yml @@ -51,7 +51,7 @@ version: v7.8.0-0 name: focalboard - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-funkwhale.git - version: v1.3.0-rc5-2 + version: v1.3.0-rc5-3 name: funkwhale - src: git+https://github.com/geerlingguy/ansible-role-docker version: 6.1.0 From e2bf29cb8ed4d4aa941832ae1a043e05dd6654ed Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Mon, 3 Apr 2023 15:02:08 +0200 Subject: [PATCH 7/8] Define required services per service --- group_vars/mash_servers | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/group_vars/mash_servers b/group_vars/mash_servers index 751fa62..39b334b 100644 --- a/group_vars/mash_servers +++ b/group_vars/mash_servers @@ -710,13 +710,17 @@ funkwhale_database_port: "{{ '5432' if devture_postgres_enabled else '' }}" funkwhale_database_password: "{{ '%s' | format(mash_playbook_generic_secret_key) | password_hash('sha512', 'db.funkwhale', rounds=655555) | to_uuid }}" funkwhale_database_username: "{{ funkwhale_identifier }}" -funkwhale_systemd_required_services_list: | +funkwhale_api_systemd_required_services_list_auto: | {{ - (['docker.service']) - + ([devture_postgres_identifier ~ '.service'] if devture_postgres_enabled and funkwhale_database_hostname == devture_postgres_identifier else []) }} +funkwhale_frontend_systemd_required_services_list_auto: | + {{ + ([devture_postgres_identifier ~ '.service'] if devture_postgres_enabled and funkwhale_database_hostname == devture_postgres_identifier else []) + }} + + funkwhale_api_container_additional_networks_auto: | {{ ([mash_playbook_reverse_proxyable_services_additional_network] if mash_playbook_reverse_proxyable_services_additional_network else []) From 667a45b3d39f5a7c0860bc9a3bbff54d6b0432f8 Mon Sep 17 00:00:00 2001 From: Slavi Pantaleev Date: Mon, 3 Apr 2023 16:13:26 +0300 Subject: [PATCH 8/8] Update mash_servers --- group_vars/mash_servers | 1 - 1 file changed, 1 deletion(-) diff --git a/group_vars/mash_servers b/group_vars/mash_servers index 39b334b..8af0e9a 100644 --- a/group_vars/mash_servers +++ b/group_vars/mash_servers @@ -745,7 +745,6 @@ funkwhale_frontend_container_labels_traefik_docker_network: "{{ mash_playbook_re funkwhale_frontend_container_labels_traefik_entrypoints: "{{ devture_traefik_entrypoint_primary }}" funkwhale_frontend_container_labels_traefik_tls_certResolver: "{{ devture_traefik_certResolver_primary }}" - ######################################################################## # # # /funkwhale #