Freshrss: Documentation location

Actually all the documentation from https://github.com/FreshRSS/documentation should be under https://github.com/FreshRSS/FreshRSS/tree/master/docs (and so everything on http://doc.freshrss.org/ is on https://freshrss.github.io/FreshRSS/). Or did I forget something?

@marienfressinaud Could you please HTTP 301 Redirect http://doc.freshrss.org/ to https://freshrss.github.io/FreshRSS/ and update the links to the doc on https://freshrss.org?

I'll try to do it along with https://github.com/FreshRSS/freshrss.org/issues/36#event-1253800558 (probably this week). Then I'll try to reconfigure server with Ansible, I already have a bunch of scripts for https://github.com/marienfressinaud/lessy, there's nothing complicated to add some for FRSS I guess :).

@marienfressinaud Great :-) And if you also consider doing something for the demo, I think @oupala has experimented with Ansible for FreshRSS https://github.com/FreshRSS/FreshRSS/issues?q=ansible using the new CLI.

Great! I'll have a look :)

I have an automated Ansible role to install and configure FreshRSS on a debian system (a raspbian one in fact, but it should be the same on debian and on any linux-apache-php system).

I have not yet published the role as I have not finished to polish it, but I can give it to you if you want to.

I'll probably want to rewrite it from scratch because it's better to learn, but it can give me some insights so yes, I'm interested :)

I tried to add doc.freshrss.org as custom domain for freshrss.github.io/FreshRSS but the CNAME record cannot indicate a specific url so doc.freshrss.org would serve freshrss.github.io -> I canceled that to make a redirection with Apache but we'll have to wait a bit to be sure is OK because of DNS cache :/ and I'm pretty sure I made mistake in my configuration so it could be broken for few hours (I'll check tomorrow)

Seems to work fine 👍

Yep, it is now :p (https was not forced yet)

It's been a long time since I proposed an ansible role to install FreshRSS, but my ansible role is now ready.

Should I copy it here, as a comment?

@oupala Great! Please start by copying it here, so I have a better idea of how it looks like, and then we will find it a nice location :-)

Ansible playbooks are usually splitted into multiple files. Here is the main tasks file.

---
- name: delete previous
  file:
    path: "{{ _freshrss.install_path }}"
    state: absent
  when: freshrss.reinstall == true

- name: add ops_user to www-data group
  user:
    name: "{{ _freshrss.ops_user }}"
    groups: www-data
    append: yes
  register: add_user_to_group
  become: yes

# this workaround task is mandatory for group membership
# solution comes with ansible 2.3
# see http://docs.ansible.com/ansible/meta_module.html
- name: kill sshd
  shell: sleep 1; pkill -u {{ ansible_ssh_user }} sshd
  async: 3
  poll: 2
  when: add_user_to_group|changed

- name: unarchive
  unarchive:
    src: "{{ _freshrss.download_url }}"
    dest: "{{ _freshrss.apps_install_path }}"
    copy: no
    group: www-data
    mode: u=rwX,g=rX,o=
    creates: "{{ _freshrss.install_path }}"
  register: _freshrss_download_status
  until: _freshrss_download_status | success
  retries: 3
  delay: 10

- name: install php5 dependencies
  apt:
    pkg: "{{ item }}"
    state: present
  with_items:
    - php5-curl
    - php5-gmp # needed to enable api for easyrss android application
  become: yes
  notify: restart apache2

- name: enable mod_rewrite
  apache2_module:
    name: rewrite
    state: present
  become: yes
  notify: restart apache2

- name: create directory for apps datastore
  file:
    path: "{{ _freshrss.datastore_apps_path }}"
    owner: "{{ _freshrss.ops_user }}"
    group: "{{ _freshrss.ops_group }}"
    mode: "{{ _freshrss.datastore_apps_mode }}"
    state: directory
  become: yes

- name: create directory for config and data
  file:
    path: "{{ _freshrss.data_path }}"
    owner: www-data
    group: www-data
    mode: u=rwx,g=rx,o=
    state: directory
  become: yes

- name: check if original data directoy is a symlink
  stat:
     path: "{{ _freshrss.install_path }}/data"
  register: _original_data_directory_symlink

- name: check if new data directoy is empty
  stat:
     path: "{{ _freshrss.data_path }}/index.html"
  register: _new_data_directory_empty

- name: remove directory for config and data
  file:
    path: "{{ _freshrss.data_path }}"
    state: absent
  when: _new_data_directory_empty.stat.exists == false # remove the data directory if it is empty
  become: yes

- name: move data directory
  command: mv {{ _freshrss.install_path }}/data {{ _freshrss.data_path }}
  args:
    creates: "{{ _freshrss.data_path }}"
  when: _original_data_directory_symlink.stat.islnk is defined and _original_data_directory_symlink.stat.islnk == false
  become: yes

- name: delete original data directory
  file:
    path: "{{ _freshrss.install_path }}/data"
    state: absent
  when: _original_data_directory_symlink.stat.isdir is defined and _original_data_directory_symlink.stat.isdir

- name: create symlinks for data directory
  file:
    src: "{{ _freshrss.data_path }}"
    dest: "{{ _freshrss.install_path }}/data"
    state: link
    force: yes

- name: set data directory tree readable by owner and group
  file:
    path: "{{ _freshrss.data_path }}"
    owner: www-data
    group: www-data
    mode: u=rwX,g=rX,o=
    recurse: yes
  become: yes

- name: generate or update freshrss.conf configuration file
  template:
    src: freshrss.conf.j2
    dest: /etc/apache2/{{ _freshrss.apache_services_available_segment }}/freshrss.conf
  become: yes
  notify: restart apache2

- name: create symlinks for freshrss apache conf
  file:
    src: ../{{ _freshrss.apache_services_available_segment }}/freshrss.conf
    dest: /etc/apache2/{{ _freshrss.apache_services_enabled_segment }}/freshrss.conf
    state: link
  become: yes
  notify: restart apache2

- name: create symlinks for web space
  file:
    src: "{{ _freshrss.install_path }}/p/"
    dest: "{{ _freshrss.apache_path }}"
    state: link
  become: yes

# use shell task and umask workaround to set correct umask on generated files and directories
- name: process installation
  shell: "umask u=rwx,g=rx,o= && {{ _freshrss.install_path }}/cli/do-install.php --default_user {{ _freshrss.end_user.login }} --language {{ _freshrss.locale }} --api_enabled --db-type sqlite"
  args:
    removes: "{{ _freshrss.data_path }}/do-install.txt"
  become: yes
  become_user: www-data

- name: check if the user exists
  command: "{{ _freshrss.install_path }}/cli/user-info.php -h --user {{ _freshrss.end_user.login }}"
  register: freshrss_user_data
  changed_when: freshrss_user_data.rc > 1
  failed_when: freshrss_user_data.rc > 1
  become: yes
  become_user: www-data

# use shell task and umask workaround to set correct umask on generated files and directories
- name: create user
  shell: "umask u=rwx,g=rx,o= && {{ _freshrss.install_path }}/cli/create-user.php --user {{ _freshrss.end_user.login }} --password '{{ _freshrss.end_user.password }}' --api_password '{{ _freshrss.end_user.password }}' --language {{ _freshrss.locale }} --email {{ _freshrss.end_user.email }} --token {{ _freshrss.token }}"
  when: freshrss_user_data.rc == 1
  become: yes
  become_user: www-data

# use umask workaround to set correct umask on generated files and directories
- name: create a cron job
  cron:
    name: freshrss cron job
    cron_file: freshrss
    user: www-data
    minute: 0
    job: umask u=rwx,g=rx,o= && php -f {{ _freshrss.install_path }}/app/actualize_script.php > /tmp/freshrss.log 2>&1
    state: present
  become: yes

- name: check that apache config is valid
  command: apache2ctl configtest
  changed_when: false
  become: yes

There is also some other files:

• handlers (to restart apache when its configuration changes)
• meta (to manage dependencies to other ansible roles)
• templates ( with a default apache configuration file for FreshRSS, mainly to configure CSP)
• vars (to manage all local vars used in the tasks

Each task have en explanatory name, and some comments when necessary. Some task are also linked to specificity of my playbook, but may not be useful in all cases.

This task file could in any way be an inspiration for anyone willing to install FreshRSS using ansible.

Enjoy!

@oupala

• Would it be possible to update it to PHP7?
• How do you typically deploy an Ansible configuration?
• Do you have examples of how other projects make their Ansible playbooks available?
• I think it might make sense to make a new ./ansible/ folder, either in ./docs/ or at the root of the FreshRSS directory.

I'm currently deploying that on a debian jessie. But I'm planning to move to stretch in the next weeks. This will be the right moment to switch to php7.

To deploy an ansible configuration, you have to have a host that execute the playbook on one or more targets.

Usually, roles are shared using Ansible Galaxy. I don't think playbooks are really often shared, are playbooks are mainly for variables management and to call roles.

I was thinking about making some snippets or example available in the FreshRSS tree.

@oupala I see. I suggest to put in ./docs/Ansible/ , which should include a little README.md at its root to explain what it is and how to use it

No problem.

Does @marienfressinaud still want to use it as a base for rewrite as he said around one year ago?

I'll probably want to rewrite it from scratch because it's better to learn, but it can give me some insights so yes, I'm interested :)

I believe Marien will have other priorities in the coming months :-)
https://tutut.delire.party/@marien/100968018942455598

I forgot about this discussion ^^ In fact I have my own Ansible role to deploy rss.freshrss.org and demo.freshrss.org but it is not really reusable so I didn't share it. Yours is way more complete :)