diff options
author | Dessalines <tyhou13@gmx.com> | 2020-06-23 21:11:38 -0400 |
---|---|---|
committer | Dessalines <tyhou13@gmx.com> | 2020-06-23 21:11:38 -0400 |
commit | dc94e58cbf7e7de10d97331a3056380a3416e0b0 (patch) | |
tree | 85ed25783b0470ead3012a9718aea50b39c940dd /ansible | |
parent | fd6a040568239d2e6949394fdc0ce0f7ac70275c (diff) | |
parent | 790b944031f9433be765936763d848ffa6e1b496 (diff) |
Merge branch 'master' into federation_merge_from_master_2
Diffstat (limited to 'ansible')
-rw-r--r-- | ansible/VERSION | 2 | ||||
-rw-r--r-- | ansible/ansible.cfg | 1 | ||||
-rw-r--r-- | ansible/lemmy.yml | 8 | ||||
-rw-r--r-- | ansible/lemmy_dev.yml | 8 | ||||
-rw-r--r-- | ansible/templates/docker-compose.yml | 11 | ||||
-rw-r--r-- | ansible/templates/nginx.conf | 26 |
6 files changed, 34 insertions, 22 deletions
diff --git a/ansible/VERSION b/ansible/VERSION index e31dcbc4..8b20e485 100644 --- a/ansible/VERSION +++ b/ansible/VERSION @@ -1 +1 @@ -v0.6.71 +v0.7.0 diff --git a/ansible/ansible.cfg b/ansible/ansible.cfg index 960a7c40..74b6ab2f 100644 --- a/ansible/ansible.cfg +++ b/ansible/ansible.cfg @@ -1,5 +1,6 @@ [defaults] inventory=inventory +interpreter_python=/usr/bin/python3 [ssh_connection] pipelining = True diff --git a/ansible/lemmy.yml b/ansible/lemmy.yml index bc01623f..7b78ab8d 100644 --- a/ansible/lemmy.yml +++ b/ansible/lemmy.yml @@ -24,10 +24,11 @@ creates: '/etc/letsencrypt/live/{{domain}}/privkey.pem' - name: create lemmy folder - file: path={{item.path}} state=directory + file: path={{item.path}} {{item.owner}} state=directory with_items: - - { path: '/lemmy/' } - - { path: '/lemmy/volumes/' } + - { path: '/lemmy/', owner: 'root' } + - { path: '/lemmy/volumes/', owner: 'root' } + - { path: '/lemmy/volumes/pictrs/', owner: '991' } - block: - name: add template files @@ -59,6 +60,7 @@ project_src: /lemmy/ state: present pull: yes + remove_orphans: yes - name: reload nginx with new config shell: nginx -s reload diff --git a/ansible/lemmy_dev.yml b/ansible/lemmy_dev.yml index e9b8364f..7a368361 100644 --- a/ansible/lemmy_dev.yml +++ b/ansible/lemmy_dev.yml @@ -26,10 +26,11 @@ creates: '/etc/letsencrypt/live/{{domain}}/privkey.pem' - name: create lemmy folder - file: path={{item.path}} state=directory + file: path={{item.path}} owner={{item.owner}} state=directory with_items: - - { path: '/lemmy/' } - - { path: '/lemmy/volumes/' } + - { path: '/lemmy/', owner: 'root' } + - { path: '/lemmy/volumes/', owner: 'root' } + - { path: '/lemmy/volumes/pictrs/', owner: '991' } - block: - name: add template files @@ -88,6 +89,7 @@ project_src: /lemmy/ state: present recreate: always + remove_orphans: yes ignore_errors: yes - name: reload nginx with new config diff --git a/ansible/templates/docker-compose.yml b/ansible/templates/docker-compose.yml index 9ec1bfbc..f4c94fd7 100644 --- a/ansible/templates/docker-compose.yml +++ b/ansible/templates/docker-compose.yml @@ -12,7 +12,7 @@ services: - ./lemmy.hjson:/config/config.hjson:ro depends_on: - postgres - - pictshare + - pictrs - iframely postgres: @@ -25,12 +25,13 @@ services: - ./volumes/postgres:/var/lib/postgresql/data restart: always - pictshare: - image: hascheksolutions/pictshare:latest + pictrs: + image: asonix/pictrs:amd64-v0.1.0-r9 + user: 991:991 ports: - - "127.0.0.1:8537:80" + - "127.0.0.1:8537:8080" volumes: - - ./volumes/pictshare:/usr/share/nginx/html/data + - ./volumes/pictrs:/mnt restart: always iframely: diff --git a/ansible/templates/nginx.conf b/ansible/templates/nginx.conf index a978c189..b710fdb3 100644 --- a/ansible/templates/nginx.conf +++ b/ansible/templates/nginx.conf @@ -48,8 +48,8 @@ server { add_header X-Frame-Options "DENY"; add_header X-XSS-Protection "1; mode=block"; - # Upload limit for pictshare - client_max_body_size 50M; + # Upload limit for pictrs + client_max_body_size 20M; location / { proxy_pass http://0.0.0.0:8536; @@ -70,15 +70,21 @@ server { proxy_cache_min_uses 5; } - location /pictshare/ { - proxy_pass http://0.0.0.0:8537/; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header Host $host; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + # Redirect pictshare images to pictrs + location ~ /pictshare/(.*)$ { + return 301 /pictrs/image/$1; + } - if ($request_uri ~ \.(?:ico|gif|jpe?g|png|webp|bmp|mp4)$) { - add_header Cache-Control "public, max-age=31536000, immutable"; - } + # pict-rs images + location /pictrs { + location /pictrs/image { + proxy_pass http://0.0.0.0:8537/image; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header Host $host; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + } + # Block the import + return 403; } location /iframely/ { |