feat: v1.5.0

README.md

@@ -89,107 +89,12 @@ If you wish to see another distribution on the list, please test on the latest c
 
 ## Upgrading
 
-Since version `1.1.0` we no longer default to using `main` but use tags to make sure deployments are versioned.
-With every new release all migration steps shall be written below so make sure you check out the [Lemmy Releases Changelog](https://github.com/LemmyNet/lemmy/blob/main/RELEASES.md) to see if there are any config changes with the releases since your last read.
-
-### Upgrading to 1.4.0 (Lemmy 0.19.3 & Pict-rs 0.5.4)
-
-This is a semi-major release which upgrades pict-rs to 0.5 which has support for postgres as a backend. This configuration is **not supported** by lemmy-ansible for the moment.
-
-#### Steps
-
-- `git pull && git checkout 1.4.0`
-- Read [Pictrs' Configuration Changes](https://git.asonix.dog/asonix/pict-rs/#configuration-updates)
-- Amend your `vars.yml` file to respect the new changes
-  - Optional: Add: `PICTRS__UPGRADE__CONCURRENCY` with a value between 32 and 512 depending on how much RAM/CPU you want to dedicate to the upgrade process. A value of 32 used about 2.5GB of RAM for the migration.
-  - Optional: Curl `/internal/prepare_upgrade` to minimise downtime while upgrading. See [the instructions below](https://github.com/LemmyNet/lemmy-ansible#update-your-pict-rs-sled-database-optional) or the official documentation [here](https://git.asonix.dog/asonix/pict-rs/releases#user-content-upgrade-preparation-endpoint)
-- Run your regular deployment. Example: `ansible-playbook -i inventory/hosts lemmy.yml --become`
-
-### Upgrading to 1.3.1 (Lemmy 0.19.1)
-
-This is a very minor release but fixes issues relating to federation as part of the Lemmy update.
-
-#### Steps
-
-- `git pull && git checkout 1.3.1`
-- Run your regular deployment. Example: `ansible-playbook -i inventory/hosts lemmy.yml --become`
-
-### Upgrading to 1.3.0 (Lemmy 0.19.0 & Pict-rs 0.4.7)
-
-This is a major change and has required reading! tl;dr
-
-- Lemmy has been upgraded to 0.19.0
-- pict-rs has been upgraded to 0.4.7
-  - pict-rs has not been integrated with postgres yet
-- "Optional Modules" are now available to be added to your lemmy install as provided by the community.
-  - The first being pictrs-safety
-
-#### Steps
-
-- Prepare to have downtime as the database needs to perform migrations!
-- Run `git pull && git checkout 1.3.0`
-- Run your regular deployment. Example: `ansible-playbook -i inventory/hosts lemmy.yml --become`
-- Lemmy will now be down! In testing this takes from 20 to 60 minutes.
-  - If you are bored you can ssh into your server, and check the logs on postgres for updates
-  - `docker compose logs -f postgres` while ssh'd and in your Lemmy directory
-
-#### Update your pict-rs sled-database (Optional)
-
-If you are happy for pict-rs to be down _for a while_ ~go straight to our `1.3.1` git tag which updates pictrs to 0.5.0~. Otherwise keep reading.
-Starting with 0.5.0 your database will automatically upgrade to the latest version, which will cause downtime for your users.
-As such there is an intermediary step where you can upgrade your database in the background to prepare for 0.5 (Reference documentation)[https://git.asonix.dog/asonix/pict-rs/releases#user-content-upgrade-preparation-endpoint]. This ensure no-one is caught out by unforseen downtime of multiple services.
+Please see the dedicated [UPGRADING](UPGRADING.md) document for all upgrade processess
 
-Once you have deployed lemmy-ansible `1.3.0` tag, please continue (if you want):
-
-- Take note of what your pict-rs API Key is under `vars.yml`
-- Take note of what your docker network name is. (It's normally the domain without any extra characters)
-  - You should be able to find it via: `docker network ls | grep _default` if in doubt.
-- Run the following command replacing `api-key` with the pict-rs api key, & `youdomain` with the network name.
-- `docker run --network yourdomain_default --rm curlimages/curl:8.5.0 --silent -XPOST -H'X-Api-Token: api-key' 'http://pictrs:8080/internal/prepare_upgrade'`
-- This will start the background process updating your database from 0.4 to 0.5 compatible.
-
-This is only Optional, and takes a shorter amount of time than the Lemmy database upgrade, but on huge installations it may take a lot longer.
-
-#### Optional Module(s)
-
-Our first optional module is [pictrs-safety](https://github.com/db0/pictrs-safety). See the repo linked for more information, especially for integration with pictrs (which is what it is for) Thanks to @db0 for their contribution.  
-See the `pictrs_safety_env_vars` under `examples/vars.yml` for relevant options (and the two password variables)  
-To enable this module to be used you must ADD `pictrs_safety: true` to your `vars.yml`.
-
-### Upgrading to 1.2.1 (Lemmy 0.18.5)
-
-This is a minor change which fixes the issue with the Postgres container not using the `customPostgres.conf` file.
-
-#### Steps
-
-- Please regenerate your `customPostgres.conf` from `examples/customPostgres.conf`
-- **OR**
-- Add the following block to your current customPostgres file.
-
-```
-# Listen beyond localhost
-listen_addresses = '*'
-```
-
-### Upgrading to 1.2.0 (Lemmy 0.18.5)
-
-Major changes:
-
-- All variables are not under a singular file so you will not need to modify anything: `inventory/host_vars/{{ domain }}/vars.yml`
-- `--become` is now optional instead of forced on
-
-#### Steps
-
-- Run `git pull && git checkout 1.2.0`
-- When upgrading from older versions of these playbooks, you will need to do the following:
-  - Rename `inventory/host_vars/{{ domain }}/passwords/postgres` file to `inventory/host_vars/{{ domain }}/passwords/postgres.psk`
-  - Copy the `examples/vars.yml` file to `inventory/host_vars/{{ domain }}/vars.yml`
-  - Edit your variables as desired
-- Run your regular deployment. Example: `ansible-playbook -i inventory/hosts lemmy.yml --become`
-
-### Upgrading to 1.1.0 (Lemmy 0.18.3)
+Since version `1.1.0` we no longer default to using `main` but use tags to make sure deployments are versioned.
+With every new release all migration steps shall be written in the [UPGRADING](UPGRADING.md) document. 
+When updating please make sure you check out the [Lemmy Releases Changelog](https://github.com/LemmyNet/lemmy/blob/main/RELEASES.md) to see if there are any config changes with the releases since your last read.
 
-- No major changes should be required
 
 ## Migrating your existing install to use this deploy
 

UPGRADING.md

@@ -0,0 +1,141 @@
+# Upgrading
+
+This file shows all steps in how to upgrade between "versions" of the lemmy-ansible repository.
+While we specify a version of Lemmy, pict-rs, postgres, etc. at the point in time we make a release, it does not mean that you cannot mix-and-match versions. (ie; you can run pictrs 0.5.10 with Lemmy 0.19.3).
+While you are not strangle-held into running the specific versions, we do not go through thorough testing on all version compatibility matrices, so please make your best judgement and always backup before performing updates.
+
+### Upgrading to 1.5.0 (Lemmy 0.19.4, Pict-rs 0.5.10, postgres 16)
+
+> **DO NOT RUN IT WITHOUT READING THIS WHOLE SECTION**
+
+This is a major release which requires you to update postgres to v16. Once that is done proceed with your regular deployments.
+
+#### Postgres Upgrade from v15 to v16
+
+You need to migrate from v15 to v16. The Lemmy devs have already done this from v12 to v15, and I've performed it myself without issues. The crux of the process is to dump your database, swap postgres container versions, delete your old database volume folder and import from the backup.
+There will be downtime, and it is a little scary as you will be deleting the `volumes/postgres` folder. The only backup you have during this time is the `15_16_dump.sql`.
+On my reference instance (4 CPU, 8GB Memory, 30GB volumes/postgres), it took 10 minutes to dump the backup, and another 20 minutes to import it again. The biggest time sink when importing is when it recreates the indexes.
+If you have a faster system and no noisy neighbours you could get the dump and import to be below 20 minutes, but I'd aim for a 60 minute maintenace window.
+
+- The script you need to download and push onto your server: [postgres_15_to_16_upgrade.sh](https://github.com/LemmyNet/lemmy/blob/main/scripts/postgres_15_to_16_upgrade.sh). This script assumes:
+  1. That it will be run in the same location as your docker-compose.yml file. (Possibly under `/opt/lemmy/{{ domain }}`)
+  2. You have at least 50% storage free available. (As you will be basically duplicating your database).
+  3. Use `sudo` & `docker compose`
+  4. Your regular command
+- If you do not have enough space please create some if possible, or modify the script to save the `15_16.sql` file onto a drive which does have space.
+- If you do not have sudo or use sudo, please modify the commands in the script appropriately. (ie: if running as root, you can remove all of sudo from the file)
+- Test that `sudo docker-compose exec -T postgres pg_dumpall -c -U lemmy > 15_16_dump.sql` works without issues.
+  - This tests to ensure that you can create a backup file. Incase something goes wrong, as long as this file is safe then you won't have any problems.
+- TODO: More things?
+-
+
+#### Steps
+
+- `git checkout main && git pull && git checkout 1.5.0`
+- Check the diff between the two versions to see the changes our examples:
+  - examples/customPostgresql.conf: We added a new autoexplain & stats feature, & enabled jit after v16 upgrade. \
+    - On low memory systems, you might want to disable jit still: `jit=0`
+  - examples/hosts: Add `lemmy_web_port` to have a dedicated port
+  - examples/vars.yml: Add `postgres_shm` to have the correct shared memory for postgres
+  - examples/config.hjson: Changes to the new `uri` format (and a better default for lemmy pool size)
+- Confirm you are already running Postgres v16
+- Run your regular deployment. Example: `ansible-playbook -i inventory/hosts lemmy.yml --become`
+
+### Upgrading to 1.4.0 (Lemmy 0.19.3 & Pict-rs 0.5.4)
+
+This is a semi-major release which upgrades pict-rs to 0.5 which has support for postgres as a backend. This configuration is **not supported** by lemmy-ansible for the moment.
+
+#### Steps
+
+- `git pull && git checkout 1.4.0`
+- Read [Pictrs' Configuration Changes](https://git.asonix.dog/asonix/pict-rs/#configuration-updates)
+- Amend your `vars.yml` file to respect the new changes
+  - Optional: Add: `PICTRS__UPGRADE__CONCURRENCY` with a value between 32 and 512 depending on how much RAM/CPU you want to dedicate to the upgrade process. A value of 32 used about 2.5GB of RAM for the migration.
+  - Optional: Curl `/internal/prepare_upgrade` to minimise downtime while upgrading. See [the instructions below](https://github.com/LemmyNet/lemmy-ansible#update-your-pict-rs-sled-database-optional) or the official documentation [here](https://git.asonix.dog/asonix/pict-rs/releases#user-content-upgrade-preparation-endpoint)
+- Run your regular deployment. Example: `ansible-playbook -i inventory/hosts lemmy.yml --become`
+
+### Upgrading to 1.3.1 (Lemmy 0.19.1)
+
+This is a very minor release but fixes issues relating to federation as part of the Lemmy update.
+
+#### Steps
+
+- `git pull && git checkout 1.3.1`
+- Run your regular deployment. Example: `ansible-playbook -i inventory/hosts lemmy.yml --become`
+
+### Upgrading to 1.3.0 (Lemmy 0.19.0 & Pict-rs 0.4.7)
+
+This is a major change and has required reading! tl;dr
+
+- Lemmy has been upgraded to 0.19.0
+- pict-rs has been upgraded to 0.4.7
+  - pict-rs has not been integrated with postgres yet
+- "Optional Modules" are now available to be added to your lemmy install as provided by the community.
+  - The first being pictrs-safety
+
+#### Steps
+
+- Prepare to have downtime as the database needs to perform migrations!
+- Run `git pull && git checkout 1.3.0`
+- Run your regular deployment. Example: `ansible-playbook -i inventory/hosts lemmy.yml --become`
+- Lemmy will now be down! In testing this takes from 20 to 60 minutes.
+  - If you are bored you can ssh into your server, and check the logs on postgres for updates
+  - `docker compose logs -f postgres` while ssh'd and in your Lemmy directory
+
+#### Update your pict-rs sled-database (Optional)
+
+If you are happy for pict-rs to be down _for a while_ ~go straight to our `1.3.1` git tag which updates pictrs to 0.5.0~. Otherwise keep reading.
+Starting with 0.5.0 your database will automatically upgrade to the latest version, which will cause downtime for your users.
+As such there is an intermediary step where you can upgrade your database in the background to prepare for 0.5 (Reference documentation)[https://git.asonix.dog/asonix/pict-rs/releases#user-content-upgrade-preparation-endpoint]. This ensure no-one is caught out by unforseen downtime of multiple services.
+
+Once you have deployed lemmy-ansible `1.3.0` tag, please continue (if you want):
+
+- Take note of what your pict-rs API Key is under `vars.yml`
+- Take note of what your docker network name is. (It's normally the domain without any extra characters)
+  - You should be able to find it via: `docker network ls | grep _default` if in doubt.
+- Run the following command replacing `api-key` with the pict-rs api key, & `youdomain` with the network name.
+- `docker run --network yourdomain_default --rm curlimages/curl:8.5.0 --silent -XPOST -H'X-Api-Token: api-key' 'http://pictrs:8080/internal/prepare_upgrade'`
+- This will start the background process updating your database from 0.4 to 0.5 compatible.
+
+This is only Optional, and takes a shorter amount of time than the Lemmy database upgrade, but on huge installations it may take a lot longer.
+
+#### Optional Module(s)
+
+Our first optional module is [pictrs-safety](https://github.com/db0/pictrs-safety). See the repo linked for more information, especially for integration with pictrs (which is what it is for) Thanks to @db0 for their contribution.  
+See the `pictrs_safety_env_vars` under `examples/vars.yml` for relevant options (and the two password variables)  
+To enable this module to be used you must ADD `pictrs_safety: true` to your `vars.yml`.
+
+### Upgrading to 1.2.1 (Lemmy 0.18.5)
+
+This is a minor change which fixes the issue with the Postgres container not using the `customPostgres.conf` file.
+
+#### Steps
+
+- Please regenerate your `customPostgres.conf` from `examples/customPostgres.conf`
+- **OR**
+- Add the following block to your current customPostgres file.
+
+```
+# Listen beyond localhost
+listen_addresses = '*'
+```
+
+### Upgrading to 1.2.0 (Lemmy 0.18.5)
+
+Major changes:
+
+- All variables are not under a singular file so you will not need to modify anything: `inventory/host_vars/{{ domain }}/vars.yml`
+- `--become` is now optional instead of forced on
+
+#### Steps
+
+- Run `git pull && git checkout 1.2.0`
+- When upgrading from older versions of these playbooks, you will need to do the following:
+  - Rename `inventory/host_vars/{{ domain }}/passwords/postgres` file to `inventory/host_vars/{{ domain }}/passwords/postgres.psk`
+  - Copy the `examples/vars.yml` file to `inventory/host_vars/{{ domain }}/vars.yml`
+  - Edit your variables as desired
+- Run your regular deployment. Example: `ansible-playbook -i inventory/hosts lemmy.yml --become`
+
+### Upgrading to 1.1.0 (Lemmy 0.18.3)
+
+- No major changes should be required

examples/config.hjson

@@ -5,6 +5,8 @@
   database: {
     host: postgres
     password: "{{ postgres_password }}"
+    # Alternative way:
+    #uri: "postgresql://lemmy:{{ postgres_password }}@postgres/lemmy"
   }
   hostname: "{{ domain }}"
   pictrs: {

examples/customPostgresql.conf

@@ -6,7 +6,8 @@
 # Data Storage: ssd
 
 max_connections = 200
-shared_buffers = 2GB
+# This needs to match your shm_size in docker-compose.yml
+shared_buffers = 2GB 
 effective_cache_size = 6GB
 maintenance_work_mem = 512MB
 checkpoint_completion_target = 0.9
@@ -33,4 +34,8 @@ listen_addresses = '*'
 
 # Fix a memory leak issue with postgres 15
 # https://github.com/LemmyNet/lemmy/issues/4406
-jit = 0
+#jit = 0
+
+# Autoexplain and take stats by default 
+shared_preload_libraries = 'auto_explain,pg_stat_statements'
+auto_explain.log_min_duration = 5000ms

examples/hosts

@@ -9,8 +9,11 @@
 #                                if you are upgrading from a previous version, set this to `/lemmy`
 # - `lemmy_version`: <Optional> The back end version.
 # - `lemmy_ui_version`: <Optional> overrides the front end version.
-# - `pictrs_safety`: <Optional> If true, a docker container for pictrs-safety will be deployed and pict-rs will be configured to validate images through it. You will also need to set up a fedi-safety worker to validate the images.
-example.com  ansible_user=root domain=example.com  letsencrypt_contact_email=your@email.com  lemmy_base_dir=/srv/lemmy pictrs_safety=false
+# - `pictrs_safety`: <Optional> If true, a docker container for pictrs-safety will be deployed and pict-rs
+#                   will be configured to validate images through it. You will also need to set up a 
+#                   fedi-safety worker to validate the images.
+# - `lemmy_web_port`: <Optional> Sets the host->docker nginx upstream port to allow a static host nginx configuration
+example.com  ansible_user=root domain=example.com  letsencrypt_contact_email=your@email.com  lemmy_base_dir=/srv/lemmy pictrs_safety=false lemmy_web_port=9633
 
 [all:vars]
 ansible_connection=ssh

examples/vars.yml

@@ -35,6 +35,8 @@ postgres_env_vars:
   - POSTGRES_PASSWORD: "{{ postgres_password }}"
   - POSTGRES_DB: lemmy
 
+postgres_shm: 2g
+
 lemmy_env_vars:
   - RUST_LOG: warn
 

lemmy.yml

@@ -163,12 +163,14 @@
           owner: "root"
         - path: "{{ lemmy_base_dir }}/{{ domain }}/volumes/pictrs/"
           owner: "991"
+        - path: "/var/cache/lemmy/{{ domain }}/"
+          owner: "www-data"
 
     - name: Deploy configuration files
       block:
         - name: Generate random port for lemmy service
           ansible.builtin.set_fact:
-            lemmy_port: "{{ 32767 | random(start=1024) }}"
+            lemmy_port: "{{ lemmy_web_port | default(32767 | random(start=1024)) }}"
 
         - name: Distribute nginx proxy_params configuration
           ansible.builtin.copy:
@@ -241,18 +243,11 @@
         enabled: true
         state: started
 
-    # - name: Change the working directory to /opt
-    #   ansible.builtin.shell:
-    #     cmd: find .                    # To list files under /opt directory
-    #     chdir: /opt                    # changes to /opt directory
-    #     register: shell_output
-    # - debug: var=shell_output
-
     - name: Start docker-compose
-      community.docker.docker_compose:
+      community.docker.docker_compose_v2:
         project_src: "{{ lemmy_base_dir }}/{{ domain }}"
         state: present
-        pull: true
+        pull: always
         remove_orphans: true
 
     - name: Certbot renewal cronjob

templates/docker-compose.yml

@@ -1,5 +1,3 @@
-version: "3.7"
-
 x-logging: &default-logging
   driver: "json-file"
   options:
@@ -60,7 +58,7 @@ services:
     logging: *default-logging
 
   pictrs:
-    image: docker.io/asonix/pictrs:0.5.4
+    image: docker.io/asonix/pictrs:0.5.13
     # this needs to match the pictrs url in lemmy.hjson
     hostname: pictrs
     # we can set options to pictrs like this, here we set max. image size and forced format for conversion
@@ -87,7 +85,7 @@ services:
           memory: 690m
 
   postgres:
-    image: docker.io/postgres:15-alpine
+    image: docker.io/postgres:16-alpine
     hostname: postgres
     environment:
 {% if postgres_env_vars is defined and postgres_env_vars|length > 0 %}
@@ -102,7 +100,7 @@ services:
       - ./customPostgresql.conf:/etc/postgresql.conf:Z
     restart: always
     command: postgres -c config_file=/etc/postgresql.conf
-    shm_size: 1g
+    shm_size: {{ postgres_shm }}
     logging: *default-logging
 
   postfix: