commit 8829d332fb2ce0f3521b3779dd130e29c11e51b0
parent 4c3b28eabdd636071bdeaa7e0d96b13e3d4fc3e0
Author: Leah Thein <leah@toaster.fritz.box>
Date: Mon, 16 Nov 2020 17:11:42 +0100
parent 4c3b28eabdd636071bdeaa7e0d96b13e3d4fc3e0
Author: Leah Thein <leah@toaster.fritz.box>
Date: Mon, 16 Nov 2020 17:11:42 +0100
update pleroma configs
3 files changed, 30 insertions(+), 67 deletions(-)
M
|
69
+++++----------------------------------------------------------------
diff --git a/config-files/pleroma/config.exs b/config-files/pleroma/config.exs @@ -40,6 +40,7 @@ if not File.exists?("/var/lib/pleroma/secret.exs") do File.write("/var/lib/pleroma/secret.exs", secret_file) end +import_config("/var/lib/pleroma/secret.exs") # Configure web push notifications config :web_push_encryption, :vapid_details, subject: "mailto:pleroma@ctu.cx"
diff --git a/roles/pleroma/tasks/main.yml b/roles/pleroma/tasks/main.yml @@ -1,75 +1,16 @@ --- -- name: Install dependencys of pleroma - apk: - name: curl unzip ncurses - state: present - update_cache: yes - -- name: Install optional dependencys - apk: - name: imagemagick ffmpeg exiftool - state: present - update_cache: yes - - name: Install postgres apk: name: postgresql postgresql-contrib state: present update_cache: yes -- service: +- name: Install pleroma + apk: name: pleroma - enabled: no - state: stopped - - -- name: create pleroma group - group: - name: pleroma - state: present - -- name: create pleroma user - user: - name: pleroma - create_home: no - home: /opt/pleroma - shell: /bin/false - group: pleroma - system: yes - -- file: - path=/opt/pleroma - state=absent - -- name: crate required directorys - file: - path: "{{ item }}" - state: directory - mode: 0755 - owner: pleroma - group: pleroma - loop: - - /opt/pleroma - - /var/lib/pleroma - - /var/lib/pleroma/uploads - - /var/lib/pleroma/static - - /etc/pleroma - -- name: get and unpack pleroma - unarchive: - remote_src: yes - src: "http://home.f2k1.de:8080/pleroma.tar.gz" - dest: /opt/pleroma - owner: pleroma - group: pleroma - -- name: copy service file into place - copy: - remote_src: yes - src: /opt/pleroma/installation/init.d/pleroma - dest: /etc/init.d/pleroma - mode: 0755 + state: present + update_cache: yes - name: copy config file into place copy: @@ -95,7 +36,7 @@ - service: name: pleroma enabled: yes - state: stopped + state: started - service: name: nginx
diff --git a/roles/pleroma/templates/pleroma-vhost.conf.j2 b/roles/pleroma/templates/pleroma-vhost.conf.j2 @@ -8,12 +8,33 @@ server { server_name {{pleroma.domain}}; + gzip_vary on; + gzip_proxied any; + gzip_comp_level 6; + gzip_buffers 16 8k; + gzip_http_version 1.1; + gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript application/activity+json application/atom+xml; + + client_max_body_size 150m; + ignore_invalid_headers off; + location / { proxy_pass http://localhost:4000/; - proxy_http_version 1.1; - proxy_set_header Upgrade $http_upgrade; - proxy_set_header Connection "upgrade"; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + + proxy_redirect off; + proxy_connect_timeout 90; + proxy_send_timeout 90; + proxy_read_timeout 90; + proxy_set_header Host $host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Forwarded-Host $host; + proxy_set_header X-Forwarded-Server $host; } }