diff --git a/defaults/main.yml b/defaults/main.yml index 7faaf71..9ffcf15 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -1,2 +1,43 @@ --- -# ansible default variables - most variables live here \ No newline at end of file +# defaults file for pinnwand + +pinnwand_config: + database: + scheme: pgsql + username: pinnwand + password: password + hostname: localhost + port: 5432 + database: pinnwand_db + paste_size: 262144 + preferred_lexers: [] + logo_path: /opt/pinnwand/logo.png + page_path: /tmp + page_list: + - about + - removal + - expiry + footer: + paste_help: + report_email: 'example@example.com' + expiries: + - name: 1hour + time: 3600 + - name: 1day + time: 86400 + - name: 1week + time: 604800 + ratelimits: + - name: read + capacity: 100 + consume: 1 + refill: 2 + - name: create + capacity: 2 + consume: 2 + refill: 1 + - name: delete + capacity: 2 + consume: 2 + refill: 1 + spamscore: 50 diff --git a/files/pinnwand.service b/files/pinnwand.service new file mode 100644 index 0000000..ee92340 --- /dev/null +++ b/files/pinnwand.service @@ -0,0 +1,16 @@ +[Unit] +Description=Pinnwand +Requires=network.target +After=multi-user.target + +[Service] +Type=simple +User=pinnwand +Group=pinnwand +WorkingDirectory=/opt/pinnwand/ +ExecStart=/opt/pinnwand/bin/matterbridge --configuration-path pinnwand.toml +Restart=always +RestartSec=60 + +[Install] +WantedBy=multi-user.target diff --git a/handlers/main.yml b/handlers/main.yml new file mode 100644 index 0000000..c647191 --- /dev/null +++ b/handlers/main.yml @@ -0,0 +1,6 @@ +--- +# handlers file for pinnwand +- name: restart pinnwand + service: + name: pinnwand + state: restarted diff --git a/tasks/main.yml b/tasks/main.yml index 2583e53..1d0ae10 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -1,2 +1,2 @@ --- -# tasks \ No newline at end of file +# tasks file for pinnwand diff --git a/templates/pinnwand.toml b/templates/pinnwand.toml new file mode 100644 index 0000000..8cdb075 --- /dev/null +++ b/templates/pinnwand.toml @@ -0,0 +1,116 @@ +{% set config = pinnwand_config %} +# Configuration file for `pinnwand`. Shows what you can adjust. More +# information can be found at `pinnwand`'s documentation: +# https://pinnwand.readthedocs.io/en/latest/ or you can file an issue at our +# GitHub: https://github.com/supakeen/pinnwand + +# Database URI to connect to see: https://docs.sqlalchemy.org/en/13/core/engines.html#database-urls +# if you want to use databases other than sqlite be sure to install the +# appropriate packages and then format this url to correspond to them. +{% set dbconfig = config['database'] %} + +{% if dbconfig is defined %} +database_uri = "{{ dbconfig['scheme'] }}://{{ dbconfig['username'] }}:{{ dbconfig['password'] }}@{{ dbconfig['hostname']}}:{{ dbconfig['port'] | default(5432) }}/{{ dbconfig['database'] }}" +{% else %} +database_uri = "sqlite:///:memory:" +{% endif %} + +# Maximum paste size you want to allow. +paste_size = {{ config['paste_size'] | default(262144) | int}} # 256kB in bytes + +# Preferred lexers. This list of lexers will appear on top of the dropdown +# on the website allowing you to preselect commonly used lexers. Note that the +# names here have to be the identifiers used by pygments, not the human names. +# If empty no preferred lexers are shown. +preferred_lexers = {{ config['preferred_lexers'] | default([]) }} + +# Logo path, used to render your logo. If left out the default logo will be +# used. This file must be a png file. +{% if config['logo_path'] is defined %} +logo_path = "{{ config['logo_path'] }}" +{% else %} +# logo_path = "/path/to/a/file.png" +{% endif %} + +# The page path is used to find the pages listed in the page_list +page_path = "{{ config['page_path'] | default('/tmp')}}" + +# This is the whitelist of files that should exist in the `page_path` +# configuration directive. `pinnwand` will look for `$file.rst` in the +# `page_path` directory and serve it at `/$file`. +{% if config['page_list'] is defined %} +page_list = [{%for page in config['page_list']%}'{{page}}', {%endfor%}] +{% else %} +page_list = ["about", "removal", "expiry"] +{% endif %} + +# The footer in raw HTML, shown at the bottom of the page and handy to link to +# your previously configured pages. +{% if config['footer'] is defined %} +footer = {{ config['footer'] }} +{% else %} +footer = 'View source code,the removal or expiry stories, or read the about page.' +{% endif %} + +# HTML for the 'help text' that can be shown above the paste area, if left empty no help text will be shown. +{% if config['paste_help'] is defined %} +paste_help = {{ config['paste_help'] }} +{% else %} +paste_help = '

Welcome to pinnwand, this site is a pastebin. It allows you to share code with others. If you write code in the text area below and press the paste button you will be given a link you can share with others so they can view your code as well.

People with the link can view your pasted code, only you can remove your paste and it expires automatically. Note that anyone could guess the URI to your paste so don't rely on it being private.

' +{% endif %} + +# Email used for file reporting. If the value is not None then a href with a mailto +# link will be added to every paste page thus allowing the users to report pastes +# that may need removal. +report_email = {{ config['report_email'] | default('maintainer@example.com') }} + +# Expiries are given by a name and their duration in seconds, if you want to do +# 'forever' set a really large number... +{% set expiries = config['expiries'] %} +{% if expiries is defined %} + +{% for expiry in expiries %} +expires.{{expiry.name}} = {{expiry.time}} +{% endfor %} + +{% else %} +expiries.1hour = 3600 +expiries.1day = 86400 +expiries.1week = 604800 +{% endif %} + +# These are application level ratelimits, if you use proxies for your pinnwand +# instance you should set limits there as well. These limits describe a token +# bucket and are per-IP. +# +# The capacity is how many tokens there are available, the consumption is how +# many tokens are used by an action and the refill is how many tokens are added +# per second. So the read bucket below allows a burst of a 100 reads then another +# 2 per second. +{% set ratelimits = config['ratelimits'] %} + +{% if ratelimits is defined %} +{% for bucket in ratelimits %} +ratelimit.{{ bucket.name }}.capacity = {{ bucket.capacity }} +ratelimit.{{ bucket.name }}.consume = {{ bucket.consume }} +ratelimit.{{ bucket.name }}.refill = {{ bucket.refill }} +{% endfor %} +{% else %} +ratelimit.read.capacity = 100 +ratelimit.read.consume = 1 +ratelimit.read.refill = 2 + +ratelimit.create.capacity = 2 +ratelimit.create.consume = 2 +ratelimit.create.refill = 1 + +ratelimit.delete.capacity = 2 +ratelimit.delete.consume = 2 +ratelimit.delete.refill = 1 +{% endif %} + +# pinnwand uses a naive anti-spam measure where a regex is ran over the text +# that is pasted. It then checks how large a percentage of the incoming bytes +# consist of links. If that percentage is larger than the number below the +# paste is denied. Set to a 100 to disable. +spamscore = {{ config['spamscore'] | default(50) }}