From 07a8fae83fcfbe5d315ed11b870592c069ba9cb9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Hugo=20H=C3=B6rnquist?= Date: Tue, 28 Sep 2021 04:16:03 +0200 Subject: Configure shiori. --- files/shiori.service | 13 +++++++ manifests/init.pp | 97 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 110 insertions(+) create mode 100644 files/shiori.service create mode 100644 manifests/init.pp diff --git a/files/shiori.service b/files/shiori.service new file mode 100644 index 0000000..6c8de29 --- /dev/null +++ b/files/shiori.service @@ -0,0 +1,13 @@ +[Unit] +Description=Bookmark server + +[Service] +User=shiori +Environment=SHIORI_DIR=/var/www/shiori +Environment=PORT=8080 +EnvironmentFile=-/etc/conf.d/shiori +ExecStart=shiori serve -p $PORT +Restart=always + +[Install] +WantedBy=multi-user.target diff --git a/manifests/init.pp b/manifests/init.pp new file mode 100644 index 0000000..a8622e8 --- /dev/null +++ b/manifests/init.pp @@ -0,0 +1,97 @@ +class shiori ( + $port = 8080, + Array[String] $group_members = [], + Optional[Hash] $nginx = undef, +) { + + # on arch this is available through the aur + package { 'shiori-bin': + ensure => installed, + } + + user { 'shiori': + ensure => present, + system => true, + home => '/var/www/shiori', + } + + group { 'shiori': + ensure => present, + members => $group_members, + } + + file { '/var/www/shiori': + ensure => directory, + owner => shiori, + group => shiori, + mode => '0750', + } + + file { [ + '/var/www/shiori/archive', + '/var/www/shiori/thumb', + ] : + ensure => directory, + owner => shiori, + group => shiori, + mode => '0770', + } + + file { '/var/www/shiori/shiori.db': + owner => 'shiori', + group => 'shiori', + mode => '0660', + } + + file { '/etc/systemd/system/shiori.service': + ensure => file, + source => 'puppet:///modules/shiori/shiori.service', + } + + file { '/etc/conf.d/shiori': + ensure => 'file', + content => @("EOF") + # This file is managed by Puppet. + # Editing it might also lead to inconsistencies with nginx + PORT=${port} + | EOF + } + + service { 'shiori': + ensure => running, + enable => true, + require => [ + File['/etc/systemd/system/shiori.service'], + File['/etc/conf.d/shiori'], + ], + } + + # TODO only run this if Class['profiles::group_profile'] is loaded + file { '/etc/profile.d/group.d/shiori': + ensure => file, + content => "export SHIORI_DIR=/var/www/shiori\n", + } + + if ($nginx) { + $certname = $nginx['certname'] + nginx::resource::server { $nginx['server_name']: + ipv6_enable => true, + ipv6_listen_options => '', + ssl => true, + ssl_redirect => true, + ssl_cert => "/etc/letsencrypt/live/${certname}/fullchain.pem", + ssl_key => "/etc/letsencrypt/live/${certname}/privkey.pem", + www_root => '/var/www/shiori', + use_default_location => false, + } + + nginx::resource::location { 'shiori /': + location => '/', + proxy => "http://[::]:$port", + index_files => [], + ssl => true, + ssl_only => true, + server => $nginx['server_name'], + } + } +} -- cgit v1.2.3