[server] Deploy miniflux.

diff --git a/server.git/hooks/post-receive b/server.git/hooks/post-receive
index e80b7a6c3b86e4643bd79ee11cfc78eeee6bd874..fa812150774e57393a0c679e4b3fa03e56037c58 100755 (executable)
--- a/server.git/hooks/post-receive
+++ b/server.git/hooks/post-receive
@@ -2,8 +2,8 @@
 # Copyright (c) 2023-2024 Jakub Czajka <jakub@ekhem.eu.org>
 # License: GPL-3.0 or later.
 
-DEPLOYABLE="dovecot fail2ban git matrix nginx opendkim postfix postgres rsyslog\
- sshd"
+DEPLOYABLE="dovecot fail2ban git matrix nginx miniflux opendkim postfix postgres\
+ rsyslog sshd"
 
 while read old_revision new_revision branch
 do
@@ -21,7 +21,7 @@ do
     do
         if $(echo "${DEPLOYABLE}" | grep --word-regexp --quiet "${dir}")
         then
-           sudo ansible-playbook --connection=local "${dir}".yaml
+            sudo ansible-playbook --connection=local "${dir}".yaml
         fi
     done
 done

diff --git a/server.git/miniflux.yaml b/server.git/miniflux.yaml
new file mode 100644 (file)
index 0000000..c8eb5ce
--- /dev/null
+++ b/server.git/miniflux.yaml
@@ -0,0 +1,85 @@
+# Copyright (c) 2024 Jakub Czajka <jakub@ekhem.eu.org>
+# License: GPL-3.0 or later.
+
+- hosts: servers
+  vars:
+    dest: "{{ ansible_local.env.vars.prod_dir }}/{{ ansible_local.env.vars.rss }}"
+    repo: "{{ ansible_local.env.vars.git_home_dir }}/server.git"
+    site: rss.conf
+  tasks:
+    # Miniflux is currently only available in Debian's testing repository. See
+    # https://tracker.debian.org/pkg/miniflux.
+    - name: Add miniflux's package
+      apt_repository:
+        repo: "deb [trusted=yes] https://repo.miniflux.app/apt/ * *"
+        state: present
+    - name: Install miniflux's packages
+      package:
+        name:
+          - miniflux
+          - postgresql-contrib
+        state: latest
+      become: true
+    - name: Create destination directory
+      file:
+        path: "{{ dest }}"
+        state: directory
+        mode: 0775
+        owner: git
+        group: www-data
+      become: true
+    - name: Checkout miniflux's configuration files to /tmp
+      command: git --work-tree=/tmp --git-dir={{ repo }} checkout main --force \
+        miniflux/*
+      become: true
+    - name: Copy miniflux.conf to /etc
+      shell: envsubst < /tmp/miniflux/{{ item }} > /etc/{{ item }}
+      environment: "{{ ansible_local.env.vars }}"
+      become: true
+      with_items:
+        - miniflux.conf
+    - name: Copy scripts to destination directory
+      copy:
+        src: /tmp/miniflux/{{ item }}
+        dest: "{{ dest }}"
+        remote_src: true
+      become: true
+      with_items:
+        - download.sh
+        - ydlpd.css
+        - ydlpd.sh
+    - find:
+        paths: "{{ dest }}"
+        file_type: file
+        patterns: "*.sh"
+      register: scripts
+    - name: Make miniflux scripts executable
+      file:
+        path: "{{ item.path }}"
+        mode: 0744
+        owner: www-data
+        group: www-data
+      become: true
+      with_items: "{{ scripts.files }}"
+
+    - name: Copy site from /tmp to /etc/nginx/sites-available
+      copy:
+        src: /tmp/miniflux/{{ item }}
+        dest: /etc/nginx/sites-available
+        remote_src: true
+      become: true
+      with_items:
+        - rss.conf
+    - name: Enable site in nginx
+      shell: envsubst < /etc/nginx/sites-available/{{ site }} \
+        > /etc/nginx/sites-enabled/{{ site }}
+      environment: "{{ ansible_local.env.vars }}"
+      become: true
+    - name: Restart fcgiwrap and nginx
+      service:
+        name: "{{ item }}"
+        state: restarted
+      become: true
+      with_items:
+        - fcgiwrap
+        - nginx