diff options
author | Sacha Chua <sacha@sachachua.com> | 2024-10-01 19:59:03 -0400 |
---|---|---|
committer | Sacha Chua <sacha@sachachua.com> | 2024-10-01 19:59:03 -0400 |
commit | 2be81b299be9cad0b03495f2ea038a01969c6cb2 (patch) | |
tree | 6f798cdf8233d0c1079eaff3a52fd3bdabf8bdf7 | |
parent | a50799ae2d27ea57f9f470a9ecfb06dd77499c34 (diff) | |
download | emacsconf-ansible-2be81b299be9cad0b03495f2ea038a01969c6cb2.tar.xz emacsconf-ansible-2be81b299be9cad0b03495f2ea038a01969c6cb2.zip |
Update for new ansible version
Diffstat (limited to '')
39 files changed, 360 insertions, 201 deletions
@@ -37,9 +37,14 @@ vaulted_become_pass: "yourpasswordhere" To set the password for this console session: #+begin_src sh :eval no - export ANSIBLE_PASSWORD=... + export VAULT_PASSWORD=... #+end_src +To change the password for a file: + +#+begin_src sh :eval no +ansible-vault rekey $FILE --ask-vault-pass +#+end_src * Processes @@ -169,7 +174,7 @@ ansible-playbook playbook.yml -e '{"slug": "wayland"}' -i inventory.yml --tags p Force-publish the schedule: ansible-playbook -i inventory.yml prod-playbook.yml --tags publish -e force_publish=true - +** Development ** Docker Creating: ansible-playbook -i docker-inventory.yml docker-playbook.yml --tags wiki,publish @@ -381,3 +386,47 @@ ffmpeg -y -i handwritten/reencode.webm -t 60 -vcodec copy -acodec copy test.webm * Other useful things nodemon -w . -e yml -x 'ansible-playbook -i inventory.yml prod-playbook.yml --tags vnc; true' + +* Restreaming + +Add something like this to your ~prod-vars.yml~: + +#+begin_src emacs-lisp +restreaming_platforms: + - name: youtube + streams: + - name: gen + key: xxxx-xxxx-xxxx-xxxx-xxxx + url: https://www.youtube.com/watch?v=xxxxxxxxxxx + studio: https://studio.youtube.com/video/xxxxxxxxxxx/livestreaming + source: gen.webm + - name: dev + key: xxxx-xxxx-xxxx-xxxx-xxxx + url: https://www.youtube.com/watch?v=xxxxx-xxxxx + studio: https://studio.youtube.com/video/xxxxx-xxxxx/livestreaming + source: dev.webm + - name: test + key: xxxx-xxxx-xxxx-xxxx-xxxx + studio: https://studio.youtube.com/video/xxxxxxxxxxx/livestreaming + url: https://youtu.be/xxxxxxxxxxx + source: gen.webm + stream_url: rtmp://a.rtmp.youtube.com/live2 + backup_stream: rtmp://b.rtmp.youtube.com/live2?backup=1 + - name: toobnix + stream_url: rtmp://toobnix.org:1935/live + streams: + - name: gen + key: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx + url: https://toobnix.org/w/xxxxxxxxxxxxxxxxxxxxxx + source: gen.webm + - name: dev + key: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx + url: https://toobnix.org/w/xxxxxxxxxxxxxxxxxxxxxx + source: dev.webm + - name: test + key: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx + url: https://toobnix.org/w/xxxxxxxxxxxxxxxxxxxxxx + source: gen.webm +#+end_src + +It doesn't get automatically started, so you'll also need to call ~screen -S restream-$TRACK_ID-youtube~ and ~screen -S restream-$TRACK_ID-toobnix~. diff --git a/common-playbook.yml b/common-playbook.yml index 2822e41..a523a22 100644 --- a/common-playbook.yml +++ b/common-playbook.yml @@ -1,5 +1,5 @@ - name: Set up wiki - hosts: front + hosts: wiki tags: wiki roles: - wiki diff --git a/group_vars/all.yml b/group_vars/all.yml index b4fa2e1..046baac 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -2,7 +2,7 @@ docker: false res_x: 1280 res_y: 720 fps: 30 -emacsconf_year: 2023 +emacsconf_year: 2024 emacsconf_name: EmacsConf emacsconf_id: emacsconf emacsconf_user: orga @@ -34,8 +34,11 @@ emacs_config_dir: ~{{ emacsconf_user }}/.emacs.d emacsconf_el_dir: ~{{ emacsconf_user }}/emacsconf-el emacsconf_edit_wiki_dir: ~{{ emacsconf_user }}/emacsconf-wiki emacsconf_private_dir: ~{{ emacsconf_user }}/emacsconf-{{ emacsconf_year }}-private -emacsconf_caption_dir: /data/emacsconf/{{ emacsconf_year }} +emacsconf_caption_dir: /data/emacsconf/admin/{{ emacsconf_year }} emacsconf_timezone: US/Eastern etherpad_server_name: pad.emacsconf.org -test_mode: true -media_protect_root: true +emacsconf_qa_start_open: true +test_mode: false +media_protect_root: false +protect_stream_with_password: false +restreaming_platforms: [] diff --git a/inventory.yml b/inventory.yml index 6d87c8f..d889320 100644 --- a/inventory.yml +++ b/inventory.yml @@ -24,6 +24,12 @@ prod: ansible_ssh_user: orga ansible_python_interpreter: /usr/bin/python3 ansible_become: true + wiki: + ansible_host: front0.emacsconf.org + remote_user: orga + ansible_ssh_user: orga + ansible_python_interpreter: /usr/bin/python3 + ansible_become: true pad: ansible_host: front0.emacsconf.org remote_user: orga diff --git a/roles/base/files/keys/sachac b/roles/base/files/keys/sachac index 999b59c..643bd03 100644 --- a/roles/base/files/keys/sachac +++ b/roles/base/files/keys/sachac @@ -1,2 +1,3 @@ ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDK0Vg112xS0SAuCutincht2LWs+2jC8EWC19Irotv8M0ztzLf6wmXEw0xoB8D78LKzXGC/gFcIvYzsNezHFpU5PmlxYBRJkdOYH2zYfnlWQFpJKmk1OelTrugaRE4HywXurf6q6Sot5hzbzPmCWgOlBZshnkDXMAyPCfYvL+RcwTRJWiaiGwwDHlfHCkebr4cwypRQ7Nl2kKajdp4wZXwbuP64pPNMmftZEMEM910w3zPnzQTil4IuLSiVC8K7TSk6xsnrsk10Y6zfoaHkZ71OD58rqPPFqeHYDj8SAvp6W4hHwakbf+r8nfRfr8Tc+gtCf0B6a4Y050OI5FxHlmjh +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCM41Zid5BjgXwEEnuSSLDvuWDqs3FXPAGwWxV9aY4uHb21+05rsbgAddXtxfj3kJd9tOz97nz5zEyet5bMiOxrh0w7R/LRMCRtiCerVd8ABpDnRJ1INXgAO0tOudVpmBwwDPp2njUbNW+POPBD6s5TXINPFK/V2bjTXkuYhmO4/6QS4OJZYMjugkqxk+JjMtF/e2+HR6UPAWXXyKRTPOQlfSQre/+bWSkU41oONuy4kXeXjiB+zQxRvcHptH+bk0v37jUWPN6PKSCoAlKPXxvGM86eDRF+Rs2fr7WJpkhsuVHaiVla6kBhaEKb9tDpSPg9twJZtl5si4cCEG8kP3Cv sachac-surface ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCyMf4V8eCzYNEde8xG4tIJPBv8NwoTzyRG9O5+Bl69osaHV7OZQz81wXil1qZ/xrUu6fc5jMkxq7j5KCCs2MF6gMq12UKe9ESKYe5i+jFL7+V6JNQqcjLcyaEfEFtFCJ95nWCQWpXrMPijvpB3+YxLspFOTz8ZJsGENXU+Rkz5EIdx2VTgHUbddCjE5jndIO58uPKmR4EpMeUWxb20xYLpOwM14aGF/ERVjI++dIwu7mc21kxg42HJjRA/NRV48IxrGl57KKzl7qtMrqwp+ucoLWw4PdqHk4/tApjmrgLiJzLpSZx/4LL3mHTg3I6w9fC5yTgk3k6rJFomb2Jbboxx diff --git a/roles/caption/tasks/main.yml b/roles/caption/tasks/main.yml index fea78f4..d3ee4c0 100644 --- a/roles/caption/tasks/main.yml +++ b/roles/caption/tasks/main.yml @@ -18,7 +18,7 @@ - torchaudio - num2words - name: Set up aeneas - include: aeneas.yml + include_tasks: aeneas.yml - name: Create group group: name: "{{ emacsconf_group }}" diff --git a/roles/caption/templates/process-captions.py b/roles/caption/templates/process-captions.py index a42439b..fde766c 100755 --- a/roles/caption/templates/process-captions.py +++ b/roles/caption/templates/process-captions.py @@ -114,8 +114,8 @@ def extract_audio(work): log("Extracting audio from %s acodec %s" % (work['video'], acodec)) output = subprocess.check_output(['ffmpeg', '-y', '-i', work['video'], '-acodec', acodec, '-vn', new_file], stderr=subprocess.STDOUT) work['audio'] = new_file - if os.path.isfile("/data/emacsconf/{{ emacsconf_year }}/scripts/upload.sh"): - subprocess.call(["/data/emacsconf/{{ emacsconf_year }}/scripts/upload.sh", work['audio']]) + if os.path.isfile("/data/emacsconf/admin/{{ emacsconf_year }}/scripts/upload.sh"): + subprocess.call(["/data/emacsconf/admin/{{ emacsconf_year }}/scripts/upload.sh", work['audio']]) return work def to_sec(time_str): @@ -150,8 +150,8 @@ def generate_captions(work): txt_writer(result, work['audio'], {'max_line_width': 60, 'max_line_count': None, 'highlight_words': None}) work['vtt'] = new_file work['txt'] = work['base'] + '.txt' - if os.path.isfile("/data/emacsconf/{{ emacsconf_year }}/scripts/upload.sh"): - subprocess.call(["/data/emacsconf/{{ emacsconf_year }}/scripts/upload.sh", work['vtt'], work['txt']]) + if os.path.isfile("/data/emacsconf/admin/{{ emacsconf_year }}/scripts/upload.sh"): + subprocess.call(["/data/emacsconf/admin/{{ emacsconf_year }}/scripts/upload.sh", work['vtt'], work['txt']]) if 'srv2' in work: del work['srv2'] return work diff --git a/roles/edit/templates/emacsconf-edit.el b/roles/edit/templates/emacsconf-edit.el index 195170a..65e15b7 100644 --- a/roles/edit/templates/emacsconf-edit.el +++ b/roles/edit/templates/emacsconf-edit.el @@ -84,6 +84,7 @@ (unless (and (boundp 'server-clients) server-clients) (server-start)) (find-file "{{ emacsconf_private_dir }}/conf.org") +(setq emacsconf-cache-dir "{{ emacsconf_caption_dir }}/cache") (emacsconf-add-org-after-todo-state-change-hook) (unless noninteractive (emacsconf-erc-connect)) (setq tab-width 2) diff --git a/roles/live/tasks/main.yml b/roles/live/tasks/main.yml index 3e51765..cb0029a 100644 --- a/roles/live/tasks/main.yml +++ b/roles/live/tasks/main.yml @@ -7,17 +7,3 @@ loop: - "{{ emacsconf_year }}" - "{{ emacsconf_year }}/watch" -- name: Configure Nginx - template: - src: live.emacsconf.org.conf - dest: /etc/nginx/sites-available/live.emacsconf.org -- name: Make sure main configuration is enabled - file: - src: /etc/nginx/sites-available/live.emacsconf.org - dest: /etc/nginx/sites-enabled/live.emacsconf.org - force: no - state: link -- name: Reload configuration - service: - name: nginx - state: reloaded diff --git a/roles/media/templates/nginx-include b/roles/media/templates/nginx-include index b42cacd..f80ed76 100644 --- a/roles/media/templates/nginx-include +++ b/roles/media/templates/nginx-include @@ -1,13 +1,17 @@ rewrite ^/current/bbb-open.html$ {{ bbb_open_url }} redirect; location /{{ emacsconf_year }}/backstage { - auth_basic "Restricted"; - auth_basic_user_file /etc/nginx/sites-available/{{ media_server_name }}-{{ emacsconf_year }}-htpasswd; - autoindex on; - rewrite ^/{{ emacsconf_year }}/backstage/current/pad/([^/]*)$ https://{{ etherpad_server_name }}/{{ emacsconf_year }}-$1 redirect; - rewrite ^/{{ emacsconf_year }}/backstage/current/room/([^/]*)$ https://{{ media_server_name }}/{{ emacsconf_year }}/backstage/assets/redirects/open/bbb-$1.html redirect; - rewrite ^/{{ emacsconf_year }}/backstage/current/([^/]*)/pad/?$ https://{{ etherpad_server_name }}/{{ emacsconf_year }}-$1 redirect; - rewrite ^/{{ emacsconf_year }}/backstage/current/([^/]*)/room/?$ https://{{ media_server_name }}/{{ emacsconf_year }}/backstage/assets/redirects/open/bbb-$1.html redirect; - } + auth_basic "Restricted"; + auth_basic_user_file /etc/nginx/sites-available/{{ media_server_name }}-{{ emacsconf_year }}-htpasswd; + autoindex on; + rewrite ^/{{ emacsconf_year }}/backstage/current/pad/([^/]*)$ https://{{ etherpad_server_name }}/{{ emacsconf_year }}-$1 redirect; + rewrite ^/{{ emacsconf_year }}/backstage/current/room/([^/]*)$ https://{{ media_server_name }}/{{ emacsconf_year }}/backstage/assets/redirects/open/bbb-$1.html redirect; + rewrite ^/{{ emacsconf_year }}/backstage/current/([^/]*)/pad/?$ https://{{ etherpad_server_name }}/{{ emacsconf_year }}-$1 redirect; + rewrite ^/{{ emacsconf_year }}/backstage/current/([^/]*)/room/?$ https://{{ media_server_name }}/{{ emacsconf_year }}/backstage/assets/redirects/open/bbb-$1.html redirect; + add_header Cache-Control no-cache; + if_modified_since off; + expires off; + etag off; +} location /{{ emacsconf_year }}/{{ emacsconf_id }}.ics { auth_basic off; } diff --git a/roles/obs/defaults/main.yml b/roles/obs/defaults/main.yml index 6eb9451..1c193e0 100644 --- a/roles/obs/defaults/main.yml +++ b/roles/obs/defaults/main.yml @@ -5,3 +5,5 @@ ff_vgopsize: 120 obs_profile_path: /home/{{ emacsconf_user }}/.config/obs-studio/basic/profiles emacsconf_asset_dir: /data/{{ emacsconf_id }}/assets mumble_server: mumble.emacsconf.org +background_music_dir: "{{ emacsconf_asset_dir }}/music" +background_music_volume: 30 diff --git a/roles/obs/tasks/main.yml b/roles/obs/tasks/main.yml index 249a0bb..5df7d56 100644 --- a/roles/obs/tasks/main.yml +++ b/roles/obs/tasks/main.yml @@ -49,9 +49,9 @@ dest: /etc/X11/xorg.conf - name: Set up MPV and MPVC tags: mpv - include: mpv.yml + include_tasks: mpv.yml - name: Set up track-specific things - include: track.yml + include_tasks: track.yml loop: "{{ emacsconf_tracks }}" - debug: var: emacsconf_home @@ -82,14 +82,29 @@ line: export TZ={{ emacsconf_timezone }} dest: "/home/{{ emacsconf_user }}/.bashrc" - name: Allow sudo from {{ emacsconf_user }} to the stream users + tags: obs-sudo become: true become_user: root - copy: - content: | - {% for item in emacsconf_tracks %} - {{ emacsconf_user }} ALL=({{ emacsconf_id }}-{{ item.id }}) NOPASSWD: ALL - {% endfor %} - dest: /etc/sudoers.d/50_emacsconf + community.general.sudoers: + name: "{{ emacsconf_user }}-{{ emacsconf_id }}-{{ item.id }}" + user: "{{ emacsconf_user }}" + runas: "{{emacsconf_id }}-{{ item.id }}" + commands: ALL + nopassword: true + with_items: + - "{{ emacsconf_tracks }}" +- name: Allow sudo from the stream users to the {{ emacsconf_user }} + tags: obs-sudo + become: true + become_user: root + community.general.sudoers: + name: "{{ emacsconf_id }}-{{ item.id }}-{{ emacsconf_user }}" + user: "{{emacsconf_id }}-{{ item.id }}" + runas: "{{ emacsconf_user }}" + commands: ALL + nopassword: true + with_items: + - "{{ emacsconf_tracks }}" - name: Create directories file: owner: "{{ emacsconf_user }}" @@ -106,9 +121,13 @@ loop: - overlay - music + - stop-music - play - play-with-intro - intro - bbb - pad + - handle-qa - handle-session + - reset-state + - rebroadcast diff --git a/roles/obs/tasks/obs-setup.yml b/roles/obs/tasks/obs-setup.yml index 5b0fba4..4e53e8c 100644 --- a/roles/obs/tasks/obs-setup.yml +++ b/roles/obs/tasks/obs-setup.yml @@ -71,11 +71,3 @@ loop: - obs-track - obs-cli-track -- name: Fix permissions - become: true - become_user: root - file: - path: "~{{ emacsconf_user }}" - owner: "{{ emacsconf_user }}" - group: "{{ emacsconf_group }}" - recurse: true diff --git a/roles/obs/tasks/track.yml b/roles/obs/tasks/track.yml index d615336..3d3a8d6 100644 --- a/roles/obs/tasks/track.yml +++ b/roles/obs/tasks/track.yml @@ -9,10 +9,15 @@ var: emacsconf_home - name: Set up user tags: obs-track-scripts - include: user.yml + include_tasks: user.yml - name: Set up user-related things become_user: "{{ emacsconf_user }}" block: + - name: Set up symlink to current + file: + src: "~{{ old_emacsconf_user }}/current" + dest: "~{{ emacsconf_user }}/current" + state: link - name: Set up track bins for addition to paths file: path: "~{{ emacsconf_user }}/bin/{{ item.id }}" @@ -20,7 +25,7 @@ group: "{{ emacsconf_group }}" state: directory - name: Set up VNC - include: tigervnc.yml + include_tasks: tigervnc.yml - name: Create MPV profile directory file: path: "~{{ emacsconf_user }}/.config/mpv" @@ -65,7 +70,7 @@ # shell: jackd -r -ddummy # async: 2592000 - name: Set up pulse - include: pulse.yml + include_tasks: pulse.yml tags: pulse - name: Set up I3 directory file: @@ -95,7 +100,7 @@ group: "{{ emacsconf_group }}" - name: Set up Emacs configuration tags: wip - include: emacs.yml + include_tasks: emacs.yml - name: Set up symbolic links file: src: "/data/{{ emacsconf_id }}/assets/stream" diff --git a/roles/obs/templates/bbb b/roles/obs/templates/bbb index c12702c..b7c508f 100755 --- a/roles/obs/templates/bbb +++ b/roles/obs/templates/bbb @@ -3,17 +3,13 @@ # {{ ansible_managed }} # Kill the background music if playing -if screen -list | grep -q background; then - screen -S background -X quit -fi +/usr/local/bin/reset-state # Update the overlay SLUG=$1 overlay $SLUG -killall -s TERM firefox-esr firefox https://media.emacsconf.org/{{ emacsconf_year }}/backstage/assets/redirects/open/bbb-$SLUG.html & sleep 5 -xdotool search --class firefox windowactivate --sync xdotool key Return xdotool key F11 wait diff --git a/roles/obs/templates/music b/roles/obs/templates/music index 29c5ddb..3e729ec 100755 --- a/roles/obs/templates/music +++ b/roles/obs/templates/music @@ -1,5 +1,5 @@ if screen -list | grep -q background; then echo "Already running in screen, attach with screen -x background" else - screen -dmS background /bin/bash -c "mpv ~/stream/background.wav --loop=yes" + screen -dmS background /bin/bash -c "mpv {{ background_music_dir }}/* --shuffle --loop=inf --volume={{ background_music_volume }}" fi diff --git a/roles/obs/templates/play b/roles/obs/templates/play index 20fd24c..22f58c7 100755 --- a/roles/obs/templates/play +++ b/roles/obs/templates/play @@ -2,19 +2,53 @@ # Play intro if recorded, then play files # {{ ansible_managed }} -# Kill the background music if playing -if screen -list | grep -q background; then - screen -S background -X quit -fi +shopt -s nullglob + +# play-with-intro $SLUG +YEAR="{{ emacsconf_year }}" +BASE_DIR="{{ emacsconf_caption_dir }}" +CACHE_DIR="{{ emacsconf_caption_dir }}/cache" +FIREFOX_NAME=firefox-esr +SLUG=$1 +PREFIX=$(get-file-prefix $SLUG) + +/usr/local/bin/reset-state # Update the overlay -FILE=$1 -if [[ ! -f $FILE ]]; then - LIST=({{ emacsconf_caption_dir }}/assets/stream/emacsconf-{{ emacsconf_year }}-$FILE*--main.webm) +overlay $SLUG + +# Play the video if it exists. If it doesn't exist, switch to the BBB room and stop processing. +if [ "x$TEST_MODE" = "x" ]; then + LIST=($BASE_DIR/assets/stream/{{ emacsconf_id }}-{{ emacsconf_year }}-$SLUG*--main.webm) +else + LIST=($BASE_DIR/assets/test/{{ emacsconf_id }}-{{ emacsconf_year }}-$SLUG*--main.webm) +fi +FILE="${LIST[0]}" +# No file in the stream directory; check for original files in the stream directory, then check the cache +NOSUB="" +if [[ ! -f "$FILE" ]]; then + # Is there a cache file or an original file? + LIST=($CACHE_DIR/{{ emacsconf_id }}-{{ emacsconf_year }}-$SLUG*--main.webm) FILE="${LIST[0]}" - BY_SLUG=1 + if [[ ! -f $FILE ]]; then + LIST=($CACHE_DIR/{{ emacsconf_id }}-{{ emacsconf_year }}-$SLUG*--original.*) + FILE="${LIST[0]}" + fi + echo "Candidate: " $FILE + SUBS=($CACHE_DIR/{{ emacsconf_id }}-{{ emacsconf_year }}-$SLUG*--main.vtt) + if [[ -f "${SUBS[0]}" ]]; then + if ! cat ${SUBS[0]} | head -1 | grep -q captioned ; then + echo "Skipping subtitles because they're not edited" + NOSUB="--sub-visibility=no" + else + NOSUB="--sub-visibility=yes" + fi + fi +fi + +if [[ -f "$FILE" ]]; then + screen -mS talk /bin/bash -c "mpv $NOSUB $FILE" +else + /usr/local/bin/bbb $SLUG + exit 0 fi -shift -SLUG=$(echo "$FILE" | perl -ne 'if (/emacsconf-[0-9]*-(.*?)--/) { print $1; } else { print; }') -overlay $SLUG -mpv $FILE $* & diff --git a/roles/obs/templates/play-with-intro b/roles/obs/templates/play-with-intro index 1b1b9a5..7f7865b 100755 --- a/roles/obs/templates/play-with-intro +++ b/roles/obs/templates/play-with-intro @@ -2,23 +2,26 @@ # Play intro if recorded, then play files # {{ ansible_managed }} -# Kill the background music if playing -if screen -list | grep -q background; then - screen -S background -X quit -fi +# play-with-intro $SLUG +YEAR="{{ emacsconf_year }}" +BASE_DIR="{{ emacsconf_caption_dir }}" +CACHE_DIR="{{ emacsconf_caption_dir }}/cache" +FIREFOX_NAME=firefox-esr +SLUG=$1 +PREFIX=$(get-file-prefix $SLUG) + +/usr/local/bin/reset-state # Update the overlay -FILE=$1 -if [[ ! -f $FILE ]]; then - LIST=({{ emacsconf_caption_dir }}/assets/stream/emacsconf-{{ emacsconf_year }}-$FILE*.webm) - FILE="${LIST[0]}" - BY_SLUG=1 -fi -shift -SLUG=$(echo "$FILE" | perl -ne 'if (/emacsconf-[0-9]*-(.*?)--/) { print $1; } else { print; }') overlay $SLUG -# Play the video -if [[ -f {{ emacsconf_caption_dir }}/assets/intros/$SLUG.webm ]]; then - intro $SLUG + +# Play the intro if it exists. If it doesn't exist, switch to the intro slide and stop processing. + +if [[ -f $CACHE_DIR/$PREFIX--intro.webm ]]; then + mpv $CACHE_DIR/$PREFIX--intro.webm +else + firefox --kiosk $BASE_DIR/assets/in-between/$SLUG.png + exit 0 fi -mpv $FILE $* & + +/usr/local/bin/play $SLUG diff --git a/roles/obs/templates/xstartup-track b/roles/obs/templates/xstartup-track index e09c081..f2f6716 100755 --- a/roles/obs/templates/xstartup-track +++ b/roles/obs/templates/xstartup-track @@ -5,7 +5,7 @@ export PATH="/usr/local/bin:/usr/bin:/bin:{{ emacsconf_home }}/bin" xrdb $HOME/.Xresources pulseaudio --start pacmd set-default-sink qa -firefox file:///data/emacsconf/{{ emacsconf_year }}/index-{{ item.id }}.html & +firefox file:///data/emacsconf/admin/{{ emacsconf_year }}/index-{{ item.id }}.html & $HOME/bin/track-obs & mumble mumble://{{ emacsconf_id }}-{{ item.id }}@{{ mumble_server }}/{{ item.mumble_channel }} & termit & diff --git a/roles/pad/tasks/main.yml b/roles/pad/tasks/main.yml index 9851d66..103ba14 100644 --- a/roles/pad/tasks/main.yml +++ b/roles/pad/tasks/main.yml @@ -34,7 +34,7 @@ home: /home/etherpad shell: /bin/bash state: present -- include: mariadb.yml +- import_tasks: mariadb.yml become: true - name: Set up etherpad as the etherpad user tags: etherpad-src diff --git a/roles/prerec/tasks/main.yml b/roles/prerec/tasks/main.yml index 8144e28..5b39977 100644 --- a/roles/prerec/tasks/main.yml +++ b/roles/prerec/tasks/main.yml @@ -33,7 +33,7 @@ owner: "{{ emacsconf_user }}" group: "{{ emacsconf_group }}" - name: Recreate encoding script and backup old one - tags: process-prerec + tags: process-prerec, prerec-scripts template: src: "reencode.sh" dest: "{{ emacsconf_caption_dir }}/scripts/reencode.sh" @@ -41,8 +41,12 @@ group: "{{ emacsconf_group }}" backup: yes mode: 0775 +- name: Get UIDs + tags: process-prerec, prerec-scripts + getent: + database: passwd - name: Copy scripts for processing - tags: process-prerec + tags: process-prerec, prerec-scripts template: src: "{{ item }}" dest: "/usr/local/bin/{{ item }}" @@ -59,9 +63,11 @@ - reencode.sh - run-aeneas.sh - rename-original.sh + - copy-original.sh - mux-subs.sh - verify-main.sh - remux.sh + - get-file-prefix - name: Copy Makefile template: src: Makefile diff --git a/roles/prerec/templates/process-prerec.sh b/roles/prerec/templates/process-prerec.sh index 795753d..d98337f 100755 --- a/roles/prerec/templates/process-prerec.sh +++ b/roles/prerec/templates/process-prerec.sh @@ -5,14 +5,9 @@ ORIGINAL=$1 REENCODED=$(echo "$ORIGINAL" | perl -pe 's/^(emacsconf-[0-9]*-.*?--.*?--.*?--).*/$1reencoded.webm/') SLUG=$(echo "$ORIGINAL" | perl -ne '/^emacsconf-[0-9]*-(.*?)--/ && print $1') MAIN=$(echo "$ORIGINAL" | perl -pe 's/^(emacsconf-[0-9]*-.*?--.*?--.*?--).*/$1main.webm/') -SCREEN=reencode-$SLUG -if ! ( screen -ls | grep -q $SLUG ); then - screen -dmS $SCREEN -fi # ( cd /data/emacsconf/cache; ./update-cache ) -# /data/emacsconf/{{ emacsconf_year }}/scripts/talk $SLUG "WAITING_FOR_PREREC" "PROCESSING" +# /data/emacsconf/admin/{{ emacsconf_year }}/scripts/talk $SLUG "WAITING_FOR_PREREC" "PROCESSING" if [[ ! -f "$REENCODED" ]]; then - screen -S $SCREEN -X screen -t reencode-$SLUG /bin/bash -c "/data/emacsconf/{{ emacsconf_year }}/scripts/reencode.sh \"$ORIGINAL\" \"$REENCODED\" && /data/emacsconf/{{ emacsconf_year }}/scripts/upload.sh $REENCODED $MAIN && /data/emacsconf/{{ emacsconf_year }}/scripts/thumbnail.sh \"$MAIN\" && /data/emacsconf/{{ emacsconf_year }}/scripts/upload.sh $(echo "$MAIN" | sed s/webm$/png/) exec /bin/bash" & + screen -dmS reencode-$SLUG /bin/bash -c "reencode.sh \"$ORIGINAL\" \"$REENCODED\" && upload.sh $REENCODED $MAIN && thumbnail.sh \"$MAIN\" && upload.sh $(echo "$MAIN" | sed s/webm$/png/); echo $(date -Iminutes) $SLUG reencoded >> ~/emacsconf.log && exec /bin/bash" & fi -screen -S $SCREEN -X screen -t captions-$SLUG /bin/bash -c "/data/emacsconf/{{ emacsconf_year }}/scripts/process-captions.py $(dirname $ORIGINAL); exec /bin/bash" -screen -x $SCREEN +screen -dmS captions-$SLUG /bin/bash -c "/data/emacsconf/admin/{{ emacsconf_year }}/scripts/process-captions.py $(dirname $ORIGINAL); echo $(date -Iminutes) $SLUG captioned >> ~/emacsconf.log; exec /bin/bash" diff --git a/roles/prerec/templates/reencode.sh b/roles/prerec/templates/reencode.sh index b0bdfc7..665fee2 100755 --- a/roles/prerec/templates/reencode.sh +++ b/roles/prerec/templates/reencode.sh @@ -33,7 +33,7 @@ shift `expr $OPTIND - 1` OPTIND=1 input="$1" -output="$2" +output="${2:-$(echo $input | sed 's/--original.*/--reencoded.webm/')}" command="$(cat<<EOF ffmpeg -y -i "$input" $time_limit \ diff --git a/roles/prerec/templates/remux.sh b/roles/prerec/templates/remux.sh index c378133..2d2320b 100755 --- a/roles/prerec/templates/remux.sh +++ b/roles/prerec/templates/remux.sh @@ -1,20 +1,29 @@ #!/usr/bin/env bash # {{ ansible_managed }} # Mix in the normalized audio -# Usage: remux.sh $input_video +# Usage: remux.sh $input_video_or_slug with_suffix() { - echo "$input_video" | sed "s/--\(reencoded\|original\).webm\$/--$1/" + echo "$input_video" | sed "s/--\(main\|reencoded\|original\).webm\$/--$1/" } input_video="$1" +if [ ! -f $input_video ]; then + # treat it as a slug + input_video=$(get-file-prefix $1)--reencoded.webm +fi + input_audio="$(with_suffix "normalized.opus")" output_video="$(with_suffix "final.webm")" main_video="$(with_suffix "main.webm")" main_subs="$(with_suffix "main.vtt")" +if cat $main_subs | head -1 | grep captioned; then + $subs = "-i $main_subs" +fi + command="$(cat<<EOF -ffmpeg -i "$input_video" -i "$input_audio" -c:v copy -c:a copy -map 0:v:0 -map 1:a:0 "$output_video" && +ffmpeg -y -i "$input_video" -i "$input_audio" $subs -c:v copy -c:a copy -map 0:v:0 -map 1:a:0 "$output_video" && cp "$output_video" "$main_video" && if [[ -f "$main_subs" ]]; then touch -m "$main_subs"; fi EOF @@ -23,14 +32,18 @@ EOF printf "input: %s\ncomputed output: %s\nrelated main: %s\n\n" "$input_video" "$output_video" "$main_video" printf "Produced incantation:\n%s\n\n" "$command" -while true; -do - read -r -p "Run it? y/n " -n 1 -r response - if [[ $response =~ ^([yY])$ ]]; then - eval "$command" - exit 0 - else - printf "\nExiting\n" - exit 3 - fi -done +if [ -z "$CONFIRMED" ]; then + eval "$command" +else + while true; + do + read -r -p "Run it? y/n " -n 1 -r response + if [[ $response =~ ^([yY])$ ]]; then + eval "$command" + exit 0 + else + printf "\nExiting\n" + exit 3 + fi + done +fi diff --git a/roles/prerec/templates/rename-original.sh b/roles/prerec/templates/rename-original.sh index 0499ae8..ed085ed 100755 --- a/roles/prerec/templates/rename-original.sh +++ b/roles/prerec/templates/rename-original.sh @@ -8,7 +8,7 @@ EXTRA="" if [ -z ${3-unset} ]; then EXTRA="" elif [ -n "$3" ]; then - EXTRA="--$3" + EXTRA="$3" elif echo "$FILE" | grep -e '\(webm\|mp4\|mov\)'; then EXTRA="--original" fi @@ -16,8 +16,13 @@ filename=$(basename -- "$FILE") extension="${filename##*.}" filename="${filename%.*}" FILE_PREFIX=$(jq -r '.talks[] | select(.slug=="'$SLUG'")["file-prefix"]' < $TALKS_JSON) -mv "$FILE" $FILE_PREFIX$EXTRA.$extension -echo $FILE_PREFIX$EXTRA.$extension +if echo "$FILE" | grep -q \\. ; then + mv "$FILE" $FILE_PREFIX$EXTRA.$extension + echo $FILE_PREFIX$EXTRA.$extension +else + mv "$FILE" $FILE_PREFIX$EXTRA + echo $FILE_PREFIX$EXTRA +fi # Copy to original if needed if [ -f $FILE_PREFIX--original.webm ] && [ ! -f $FILE_PREFIX--main.$extension ]; then cp $FILE_PREFIX--original.$extension $FILE_PREFIX--main.webm diff --git a/roles/prerec/templates/run-aeneas.sh b/roles/prerec/templates/run-aeneas.sh index 8246c85..a9e27f4 100755 --- a/roles/prerec/templates/run-aeneas.sh +++ b/roles/prerec/templates/run-aeneas.sh @@ -11,4 +11,4 @@ if [ ! -f $BASE--whisper.vtt ]; then fi python3 -m aeneas.tools.execute_task $AUDIO *.txt "task_language=eng|os_task_file_format=vtt|is_text_type=plain" ${BASE}--aeneas.vtt cp ${BASE}--aeneas.vtt ${BASE}--main.vtt -/data/emacsconf/{{ emacsconf_year }}/scripts/upload.sh ${BASE}--main.vtt +/data/emacsconf/admin/{{ emacsconf_year }}/scripts/upload.sh ${BASE}--main.vtt diff --git a/roles/prerec/templates/talk b/roles/prerec/templates/talk index 0531cda..fa2e5f0 100755 --- a/roles/prerec/templates/talk +++ b/roles/prerec/templates/talk @@ -6,6 +6,8 @@ SLUG="$1" FROM_STATUS="$2" TO_STATUS="$3" +XDG_RUNTIME_DIR=/run/user/{{ getent_passwd[emacsconf_user].1 }} + if [ "x$TO_STATUS" == "x" ]; then FROM_STATUS=. TO_STATUS="$2" @@ -14,7 +16,7 @@ cd {{ emacsconf_private_dir }} #echo "Pulling conf.org..." #git pull echo "Updating status..." -emacsclient --eval "(emacsconf-with-todo-hooks (emacsconf-update-talk-status \"$SLUG\" \"$FROM_STATUS\" \"$TO_STATUS\"))" -a emacs +XDG_RUNTIME_DIR=$XDG_RUNTIME_DIR emacsclient --eval "(emacsconf-with-todo-hooks (emacsconf-update-talk-status \"$SLUG\" \"$FROM_STATUS\" \"$TO_STATUS\"))" -a emacs #echo "Committing and pushing in the background" #git commit -m "Update task status for $SLUG from $FROM_STATUS to $TO_STATUS" conf.org #git push & diff --git a/roles/prerec/templates/upload.sh b/roles/prerec/templates/upload.sh index f3dc9c5..fbf3025 100755 --- a/roles/prerec/templates/upload.sh +++ b/roles/prerec/templates/upload.sh @@ -2,5 +2,5 @@ # {{ ansible_managed }} scp $* orga@media.emacsconf.org:~/backstage -/data/emacsconf/{{ emacsconf_year }}/scripts/publish-backstage-index.sh -rsync -avze ssh orga@media.emacsconf.org:~/backstage/ /data/emacsconf/cache/ +/data/emacsconf/admin/{{ emacsconf_year }}/scripts/publish-backstage-index.sh +rsync -avze ssh orga@media.emacsconf.org:~/backstage/ /data/emacsconf/admin/cache/ diff --git a/roles/publish/defaults/main.yml b/roles/publish/defaults/main.yml index 52ec596..19a12d8 100644 --- a/roles/publish/defaults/main.yml +++ b/roles/publish/defaults/main.yml @@ -1,6 +1,6 @@ emacsconf_org_file: "{{ emacsconf_private_dir }}/conf.org" emacsconf_publishing_phase: schedule -emacs_version: 28.2 +emacs_version: 29.1 emacs_build_parent: /usr/src/emacs emacs_build_dir: "{{ emacs_build_parent }}/emacs-{{ emacs_version }}" emacsconf_wiki_branch: master diff --git a/roles/publish/tasks/main.yml b/roles/publish/tasks/main.yml index 0724bdd..546a4f0 100644 --- a/roles/publish/tasks/main.yml +++ b/roles/publish/tasks/main.yml @@ -25,7 +25,7 @@ register: emacs - name: Set up Emacs become: yes - include: emacs.yml + import_tasks: emacs.yml when: not emacs.stat.exists - name: Configure git template: @@ -68,7 +68,7 @@ dest: "~{{ emacsconf_user }}/subed" - name: Check out wiki repository ansible.builtin.git: - repo: anon@git.emacsconf.org:emacsconf-wiki + repo: "{{ emacsconf_publishing_source }}" dest: "{{ emacsconf_edit_wiki_dir }}" ssh_opts: "-i /home/{{ emacsconf_user }}/.ssh/id_rsa_anon_git_emacsconf" register: wiki_clone diff --git a/roles/publish/templates/emacsconf-config.el b/roles/publish/templates/emacsconf-config.el index 0c7a80b..05f705a 100644 --- a/roles/publish/templates/emacsconf-config.el +++ b/roles/publish/templates/emacsconf-config.el @@ -15,9 +15,10 @@ (setq emacsconf-ansible-directory "{{ emacsconf_ansible_directory }}") {% endif %} (setq emacsconf-pad-api-key "{{ etherpad_api_key }}") -(setq emacsconf-publishing-phase '{{ emacsconf_publishing_phase }}) +(setq emacsconf-publishing-phase 'conference) (setq emacsconf-backstage-password "{{ emacsconf_backstage_password }}") +(setq emacsconf-public-media-directory "/ssh:orga@media.emacsconf.org:/var/www/media.emacsconf.org/{{ emacsconf_year }}") (setq emacsconf-backstage-dir "/ssh:orga@media.emacsconf.org:/var/www/media.emacsconf.org/{{ emacsconf_year }}/backstage") (setq emacsconf-upload-dir "/ssh:orga@media.emacsconf.org:/srv/upload") @@ -28,9 +29,10 @@ (setq emacsconf-stream-overlay-dir "{{ emacsconf_caption_dir }}/assets/overlays") (setq emacsconf-stream-asset-dir "{{ emacsconf_caption_dir }}/assets") {% else %} -(setq emacsconf-res-dir (format "/ssh:orga@res.emacsconf.org:/data/emacsconf/%s" emacsconf-year)) +(setq emacsconf-res-dir (format "/ssh:orga@res.emacsconf.org:/data/emacsconf/admin/%s" emacsconf-year)) {% endif %} +(setq emacsconf-publish-autocommit-wiki t) (add-to-list 'load-path "~/compile-media") (add-to-list 'load-path "~/subed/subed") (require 'compile-media) diff --git a/roles/stream/tasks/main.yml b/roles/stream/tasks/main.yml index d821d5e..eaf2fc8 100644 --- a/roles/stream/tasks/main.yml +++ b/roles/stream/tasks/main.yml @@ -8,40 +8,55 @@ package: name: icecast2 state: present +- name: Install package for setting htpasswd + package: + name: python3-passlib + when: protect_stream_with_password +- name: Create htpasswd entry + htpasswd: + create: yes + name: "{{ emacsconf_backstage_user }}" + password: "{{ emacsconf_backstage_password }}" + path: /etc/nginx/{{ emacsconf_id }}-htpasswd + when: protect_stream_with_password - name: Set up config become: true template: src: icecast.xml - dest: /etc/icecast2/icecast-emacsconf.xml + dest: /etc/icecast2/icecast-{{ emacsconf_id }}.xml - name: Create restream dir file: path: "{{ icecast_restream_dir }}" owner: "{{ icecast_user }}" state: directory - name: Set up track-specific things - include: track.yml + include_tasks: track.yml loop: "{{ emacsconf_tracks }}" - name: Set up init file become: true template: src: icecast-emacsconf.init.d - dest: /etc/init.d/emacsconf + dest: /etc/init.d/{{ emacsconf_id }} mode: 0755 - name: Set up nginx config tags: stream-nginx become: true template: src: emacsconf.nginx.conf - dest: /etc/nginx/emacsconf.nginx.conf + dest: /etc/nginx/{{ emacsconf_id }}.nginx.conf mode: 0644 - name: Include emacsconf in nginx config become: true lineinfile: - line: include /etc/nginx/emacsconf.nginx.conf; - regexp: '^\s*include /etc/nginx/emacsconf.nginx.conf;' + line: include /etc/nginx/{{ emacsconf_id }}.nginx.conf; + regexp: '^\s*include /etc/nginx/{{ emacsconf_id }}.nginx.conf;' insertafter: '.*tls/live0.conf.*' backup: yes - path: /etc/nginx/sites-available/live0.emacsconf.org + path: /etc/nginx/sites-available/live0.{{ emacsconf_id }}.org +- name: Reload nginx config + service: + name: nginx + state: reloaded - name: Enable icecast become: true service: @@ -57,7 +72,7 @@ register: port_check ignore_errors: yes - name: Try to restart icecast if not started - service: name=emacsconf state=started enabled=yes + service: name={{ emacsconf_id }} state=started enabled=yes when: port_check.failed == true - name: Set up restream scripts tags: restream @@ -67,7 +82,7 @@ owner: orga mode: 0755 loop: "{{ restreaming_platforms | subelements('streams') | list }}" - no_log: True + # no_log: True - name: Set up restream scripts tags: restream template: @@ -76,7 +91,7 @@ owner: orga mode: 0755 loop: "{{ restreaming_platforms | subelements('streams') | list }}" - no_log: True + # no_log: True - name: Copy fallback files copy: src: sorry.webm diff --git a/roles/stream/templates/emacsconf.nginx.conf b/roles/stream/templates/emacsconf.nginx.conf index ac84ef5..cf5e2b8 100644 --- a/roles/stream/templates/emacsconf.nginx.conf +++ b/roles/stream/templates/emacsconf.nginx.conf @@ -11,6 +11,10 @@ location ~ ^/((gen|dev)(-480p|-fallback)?.webm)$ { proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-Server $host; proxy_set_header X-Real-IP $remote_addr; + {% if protect_stream_with_password %} + auth_basic {{ emacsconf_name }}; + auth_basic_user_file /etc/nginx/{{ emacsconf_id }}-htpasswd; + {% endif %} } location ~ ^/emacsconf/(.*)$ { @@ -26,5 +30,8 @@ location ~ ^/emacsconf/(.*)$ { proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-Server $host; proxy_set_header X-Real-IP $remote_addr; + {% if protect_stream_with_password %} + auth_basic {{ emacsconf_name }}; + auth_basic_user_file /etc/nginx/{{ emacsconf_id }}-htpasswd; + {% endif %} } -
\ No newline at end of file diff --git a/roles/stream/templates/icecast.xml b/roles/stream/templates/icecast.xml index 06830d3..b01bc48 100644 --- a/roles/stream/templates/icecast.xml +++ b/roles/stream/templates/icecast.xml @@ -192,7 +192,6 @@ <mount-name>/{{ track.id }}.webm</mount-name> <username>{{ icecast_emacsconf_user }}</username> <password>{{ icecast_emacsconf_password }}</password> - {% if not test_mode %}<dump-file>/data/{{ emacsconf_id }}-{{ emacsconf_year }}-{{ track.id }}_%Y-%m-%d_%H-%M-%S.webm</dump-file>{% endif %} <stream-name>{{ emacsconf_name }} {{ emacsconf_year }} - {{ track.name }} track</stream-name> <stream-description>The livestream for the {{ track.name }} track of {{ emacsconf_name }} {{ emacsconf_year }}</stream-description> <stream-url>{{ track.watch }}</stream-url> @@ -202,6 +201,7 @@ <on-disconnect>/usr/local/bin/{{ emacsconf_id }}-lowres-{{ track.id }}-on-disconnect</on-disconnect> <fallback-mount>/{{ track.id }}-sorry.webm</fallback-mount> <fallback-override>1</fallback-override> + {% if not test_mode %}<dump-file>/data/{{ emacsconf_id }}-{{ emacsconf_year }}-{{ track.id }}_%Y-%m-%d_%H-%M-%S.webm</dump-file>{% endif %} </mount> <mount type="normal"> <mount-name>/{{ track.id }}-host.webm</mount-name> diff --git a/roles/upload/tasks/main.yml b/roles/upload/tasks/main.yml index 3e7e615..ca87a1c 100644 --- a/roles/upload/tasks/main.yml +++ b/roles/upload/tasks/main.yml @@ -111,7 +111,15 @@ when: not use_initd - name: Restart Upload become: true + when: upload_enabled service: name: upload state: restarted - enabled: yes + enabled: true +- name: Stop upload + become: true + when: not upload_enabled + service: + name: upload + state: stopped + enabled: false diff --git a/roles/wiki/defaults/main.yml b/roles/wiki/defaults/main.yml index fedf090..66e570a 100644 --- a/roles/wiki/defaults/main.yml +++ b/roles/wiki/defaults/main.yml @@ -20,4 +20,4 @@ ikiwiki_git_wrapper: "{{ ikiwiki_path }}/hooks/emacsconf" ikiwiki_git_test_receive_wrapper: "{{ ikiwiki_path }}/hooks/emacsconf-pre" ikiwiki_git_base_url: //git.emacsconf.org/emacsconf-wiki ikiwiki_cgi_wrapper: "{{ ikiwiki_path }}/ikiwiki.cgi" - +ikiwiki_bare_git_dir: git://git.emacsconf.org/emacsconf-wiki diff --git a/roles/wiki/tasks/docker.yml b/roles/wiki/tasks/docker.yml index 4c7fd06..2bfe613 100644 --- a/roles/wiki/tasks/docker.yml +++ b/roles/wiki/tasks/docker.yml @@ -4,50 +4,6 @@ - lighttpd - supervisor - sudo -- name: Create the anon user - user: - name: anon - state: present - when: docker -- name: Set up Ikiwiki setup - template: - src: emacsconf.setup - dest: "{{ ikiwiki_path }}/emacsconf.setup" - owner: www-data - group: www-data -- name: Set up the ikiwiki directories - file: - dest: "{{ ikiwiki_dest }}" - state: directory - owner: ikiwiki - group: www-data - recurse: true -- name: Clone the bare git repo - git: - bare: true - repo: "{{ ikiwiki_git_source_mount }}" - dest: "{{ ikiwiki_bare_git_dir }}" - version: "{{ ikiwiki_git_branch }}" -- name: Set up post-update hook - template: - src: post-update - dest: "{{ ikiwiki_bare_git_dir }}/hooks/post-update" - mode: 0755 -- name: Remove sample - file: - path: "{{ ikiwiki_bare_git_dir }}/hooks/post-update.sample" - state: absent -- name: Set up ikiwiki post-update hook - template: - src: post-update.h00-ikiwiki-wrapper - dest: "{{ ikiwiki_bare_git_dir }}/hooks/post-update.h00-ikiwiki-wrapper" - mode: 0755 -- name: Change owner - file: - dest: "{{ ikiwiki_bare_git_dir }}" - recurse: true - owner: ikiwiki - group: www-data - name: Clone the working git repo git: repo: "{{ ikiwiki_bare_git_dir }}" @@ -67,19 +23,6 @@ service: name: lighttpd state: started -- name: Start ssh - tags: ssh - service: - name: ssh - state: started -- name: Set up SSH directory - tags: ssh - file: - path: /home/ikiwiki/.ssh - owner: ikiwiki - group: ikiwiki - state: directory - mode: 0700 - name: Set up SSH authentication tags: ssh block: diff --git a/roles/wiki/tasks/main.yml b/roles/wiki/tasks/main.yml index cd7cbdc..3ee7d4f 100644 --- a/roles/wiki/tasks/main.yml +++ b/roles/wiki/tasks/main.yml @@ -13,6 +13,11 @@ - nginx - wget state: present +- name: Start ssh + tags: ssh + service: + name: ssh + state: started - name: Create ikiwiki group group: name: ikiwiki @@ -22,11 +27,63 @@ name: ikiwiki group: ikiwiki state: present +- name: Create anon group + group: + name: anon + state: present +- name: Create anon user + user: + name: anon + group: anon + state: present +- include_tasks: bare-git.yml + when: docker or test_mode +- name: Configure safe directory + shell: git config --global --add safe.directory "{{ ikiwiki_src_dir }}" +- name: Clone the working git repo + git: + repo: "{{ ikiwiki_bare_git_dir }}" + dest: "{{ ikiwiki_src_dir }}" +- name: Switch the source git repo to the branch + shell: git checkout "{{ ikiwiki_git_branch }}" 2>/dev/null || git checkout -b "{{ ikiwiki_git_branch }}" + args: + chdir: "{{ ikiwiki_src_dir }}" +- name: Set the default branch policy + shell: git config --global pull.rebase false + become: true + become_user: ikiwiki +- name: Set up SSH directory + tags: ssh + file: + path: /home/ikiwiki/.ssh + owner: ikiwiki + group: ikiwiki + state: directory + mode: 0700 +- name: Set up SSH key access + tags: wiki-test-keys + template: + src: authorized_keys + dest: "/home/ikiwiki/.ssh/authorized_keys" + mode: 0600 + owner: ikiwiki + group: ikiwiki + when: test_mode +- name: Set up the ikiwiki directories + file: + dest: "{{ ikiwiki_dest }}" + state: directory + owner: ikiwiki + group: ikiwiki + recurse: true - name: Template the config ansible.builtin.template: src: emacsconf.setup dest: "{{ ikiwiki_path }}/emacsconf.setup" owner: ikiwiki + group: ikiwiki +- include_tasks: nginx.yml + when: test_mode - name: Create the plugin directory file: path: "{{ ikiwiki_plugin_path }}/IkiWiki/Plugin" @@ -40,7 +97,7 @@ - copyright.pm - htmlscrubber.pm - license.pm -- include: docker.yml +- include_tasks: docker.yml when: docker - name: Chown all the files to ikiwiki tags: wiki-plugins @@ -48,7 +105,12 @@ dest: "{{ ikiwiki_path }}" owner: ikiwiki group: ikiwiki + state: directory recurse: true +- name: Debug + tags: dev-wiki + debug: + var: ikiwiki_path - name: Regenerate all the files tags: wiki-regenerate, wiki-plugins become: true diff --git a/roles/wiki/templates/emacsconf.setup b/roles/wiki/templates/emacsconf.setup index d74fbb0..2cb114f 100644 --- a/roles/wiki/templates/emacsconf.setup +++ b/roles/wiki/templates/emacsconf.setup @@ -150,7 +150,7 @@ diffurl: {{ ikiwiki_git_base_url }}/diff/[[file]]?id=[[sha1_commit]]&id2=[[sha1_ # where to pull and push changes (set to empty string to disable) #gitorigin_branch: origin # branch that the wiki is stored in -gitmaster_branch: {{ ikiwiki_git_branch }} +#gitorigin_branch: {{ ikiwiki_git_branch }} # htmlscrubber plugin # PageSpec specifying pages not to scrub @@ -200,7 +200,7 @@ atom: 1 # PageSpec controlling which pages are locked #locked_pages: '!*/Discussion' #locked_pages: 'index or edit' -locked_pages: 'edit' +locked_pages: 'edit or donate or donors' # moderatedcomments plugin # PageSpec matching users or comment locations to moderate |