Deploy bluesky PDS
All checks were successful
/ ansible (push) Successful in 1m43s
/ terraform (push) Successful in 54s

This commit is contained in:
Jake Howard 2024-11-17 20:52:24 +00:00
parent e1ee73e0fa
commit 13066ed8f1
Signed by: jake
GPG key ID: 57AFB45680EDD477
7 changed files with 108 additions and 0 deletions

View file

@ -71,6 +71,7 @@
- minio
- ntfy
- baby_buddy
- bsky
- hosts: ingress
roles:

View file

@ -0,0 +1,19 @@
services:
pds:
image: ghcr.io/bluesky-social/pds:latest
user: "{{ docker_user.id }}"
restart: unless-stopped
env_file:
- /opt/bsky/pds.env
labels:
- traefik.enable=true
- traefik.http.routers.bsky.rule=Host(`bsky.theorangeone.net`)
volumes:
- "{{ app_data_dir }}/bsky:/pds"
networks:
- default
- traefik
networks:
traefik:
external: true

View file

@ -0,0 +1,18 @@
TZ={{ timezone }}
LOG_ENABLED=false
PDS_HOSTNAME=bsky.theorangeone.net
PDS_JWT_SECRET={{ vault_jwt_secret }}
PDS_ADMIN_PASSWORD={{ vault_admin_password }}
PDS_PLC_ROTATION_KEY_K256_PRIVATE_KEY_HEX={{ vault_plc_rotation_private_key }}
PDS_DATA_DIRECTORY=/pds
PDS_BLOBSTORE_DISK_LOCATION=/pds/blocks
PDS_BLOB_UPLOAD_LIMIT=52428800
PDS_DID_PLC_URL=https://plc.directory
PDS_BSKY_APP_VIEW_URL=https://api.bsky.app
PDS_BSKY_APP_VIEW_DID=did:web:api.bsky.app
PDS_REPORT_SERVICE_URL=https://mod.bsky.app
PDS_REPORT_SERVICE_DID=did:plc:ar7c4by46qjdydhdevvrndac
PDS_CRAWLERS=https://bsky.network
LOG_ENABLED=false
PDS_EMAIL_SMTP_URL={{ vault_smtp_url }}
PDS_EMAIL_FROM_ADDRESS={{ vault_smtp_from_address }}

View file

@ -0,0 +1,4 @@
- name: restart bsky
shell:
chdir: /opt/bsky
cmd: "{{ docker_update_command }}"

View file

@ -0,0 +1,26 @@
- name: Include vault
include_vars: vault.yml
- name: Create install directory
file:
path: /opt/bsky
state: directory
owner: "{{ docker_user.name }}"
mode: "{{ docker_compose_directory_mask }}"
- name: Install environment variables
template:
src: files/pds.env
dest: /opt/bsky/pds.env
mode: "660"
owner: "{{ docker_user.name }}"
notify: restart bsky
- name: Install compose file
template:
src: files/docker-compose.yml
dest: /opt/bsky/docker-compose.yml
mode: "{{ docker_compose_file_mask }}"
owner: "{{ docker_user.name }}"
validate: docker-compose -f %s config
notify: restart bsky

24
ansible/roles/bsky/vars/vault.yml generated Normal file
View file

@ -0,0 +1,24 @@
$ANSIBLE_VAULT;1.1;AES256
35316238376465633461333439343331636238346532623336316231653664653963643331346362
3763363363333066636166356465373233323138643961390a343232623866303961316431363534
31653234383465356637363636363838393130396364623261353266396533326563303838643366
6339666332326439610a666235636432616565643839663234336134343632316538353331396337
33303836373037336533623864613966646463333161663965653663326266376234633530393530
63303938376338613531623065316339653938666439643035663231646566643334356337343861
65353264613465626532643935313262323766666538386239613163366536636335616562613635
31643637333266373336323035366465636261346263666239323934616238616366383330336661
38386536326137363531636635626232333465613031633031336330316337303237303736656639
37313331346165363465326336663536646438363835393138646238353661303937346430303333
39663236663530396562626133666434396132356638643563626362636563373464356636313337
63303730656338313036313937323462326366366231363265363335636536396335323561663235
65333666333033376334303463376666373738376361316463343836323839383735666530656135
33316238356536663362646437633866323531353439393561626331326562663366663839393438
35653262653262326532386431373336393737363665393030363538356262346435343333373636
34343261623832306139623337353137646435613433346630643865333965303334393666336534
61353035373034323864356636643930333638396564616134353536663164363932643364656162
35366139363939663632353066373932363961656464393131373239356663303736653334336531
35303236303065363764313432643664333532343134393965323963636664663536376632323538
38356335383934636631643436356563636364646136333637666331363261656236346539373233
37306330306531623464663031626337346339613630363635633161336366653638626339356662
63383836613863646436346233376563353037373666313631393161333133633132666633663361
326132663033396335306165333862666433

View file

@ -221,6 +221,22 @@ resource "cloudflare_record" "theorangeonenet_comentario" {
ttl = 1
}
resource "cloudflare_record" "theorangeonenet_bsky" {
zone_id = cloudflare_zone.theorangeonenet.id
name = "bsky"
value = cloudflare_record.sys_domain_pve.hostname
type = "CNAME"
ttl = 1
}
resource "cloudflare_record" "theorangeonenet_atproto" {
zone_id = cloudflare_zone.theorangeonenet.id
name = "_atproto"
value = "did=did:plc:pgyg4ih7zsqkwdon34jqkbuz"
type = "TXT"
ttl = 1
}
resource "cloudflare_record" "theorangeonenet_caa" {
zone_id = cloudflare_zone.theorangeonenet.id
name = "@"