parent
fef821f770
commit
58aeaacc67
8 changed files with 90 additions and 2 deletions
|
|
@ -20,3 +20,4 @@ All services below are implemented using Docker:
|
||||||
- RSS feed reader using [FreshRSS](https://miniflux.app/)
|
- RSS feed reader using [FreshRSS](https://miniflux.app/)
|
||||||
- Metrics using [Prometheus](https://prometheus.io/)
|
- Metrics using [Prometheus](https://prometheus.io/)
|
||||||
- Latex editor using [Overleaf](https://www.overleaf.com/) ([latex.pim.kunis.nl](https://latex.pim.kunis.nl))
|
- Latex editor using [Overleaf](https://www.overleaf.com/) ([latex.pim.kunis.nl](https://latex.pim.kunis.nl))
|
||||||
|
- Markdown editor using [Hedgedoc](https://hedgedoc.org/)
|
||||||
|
|
|
||||||
|
|
@ -21,3 +21,4 @@
|
||||||
- {role: 'inbucket', tags: 'inbucket'}
|
- {role: 'inbucket', tags: 'inbucket'}
|
||||||
- {role: 'prometheus', tags: 'prometheus'}
|
- {role: 'prometheus', tags: 'prometheus'}
|
||||||
- {role: 'overleaf', tags: 'overleaf'}
|
- {role: 'overleaf', tags: 'overleaf'}
|
||||||
|
- {role: 'hedgedoc', tags: 'hedgedoc'}
|
||||||
|
|
|
||||||
|
|
@ -11,4 +11,3 @@
|
||||||
project_src: "{{ service_dir }}"
|
project_src: "{{ service_dir }}"
|
||||||
pull: true
|
pull: true
|
||||||
remove_orphans: true
|
remove_orphans: true
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -3,7 +3,6 @@ data_dir: "{{ base_data_dir }}/{{ service_name }}"
|
||||||
service_dir: "{{ base_service_dir }}/{{ service_name }}"
|
service_dir: "{{ base_service_dir }}/{{ service_name }}"
|
||||||
git_domain: "git.{{ domain_name_pim }}"
|
git_domain: "git.{{ domain_name_pim }}"
|
||||||
|
|
||||||
|
|
||||||
forgejo:
|
forgejo:
|
||||||
root_url: "https://{{ git_domain }}"
|
root_url: "https://{{ git_domain }}"
|
||||||
mailer_host: "smtp.tweak.nl"
|
mailer_host: "smtp.tweak.nl"
|
||||||
|
|
|
||||||
4
ansible/roles/hedgedoc/meta/main.yml
Normal file
4
ansible/roles/hedgedoc/meta/main.yml
Normal file
|
|
@ -0,0 +1,4 @@
|
||||||
|
dependencies:
|
||||||
|
- role: common
|
||||||
|
- role: docker
|
||||||
|
- role: traefik
|
||||||
22
ansible/roles/hedgedoc/tasks/main.yml
Normal file
22
ansible/roles/hedgedoc/tasks/main.yml
Normal file
|
|
@ -0,0 +1,22 @@
|
||||||
|
- name: Create service directory
|
||||||
|
file:
|
||||||
|
path: "{{ service_dir }}"
|
||||||
|
state: directory
|
||||||
|
- name: Copy Docker Compose script
|
||||||
|
template:
|
||||||
|
src: "{{ role_path }}/templates/docker-compose.yml.j2"
|
||||||
|
dest: "{{ service_dir }}/docker-compose.yml"
|
||||||
|
- name: Create data directory
|
||||||
|
file:
|
||||||
|
path: "{{ data_dir }}"
|
||||||
|
state: directory
|
||||||
|
- name: Create uploads directory
|
||||||
|
file:
|
||||||
|
path: "{{ data_dir }}/uploads"
|
||||||
|
state: directory
|
||||||
|
mode: 0777
|
||||||
|
- name: Start the Docker Compose
|
||||||
|
docker_compose:
|
||||||
|
project_src: "{{ service_dir }}"
|
||||||
|
pull: true
|
||||||
|
remove_orphans: true
|
||||||
48
ansible/roles/hedgedoc/templates/docker-compose.yml.j2
Normal file
48
ansible/roles/hedgedoc/templates/docker-compose.yml.j2
Normal file
|
|
@ -0,0 +1,48 @@
|
||||||
|
version: '3'
|
||||||
|
|
||||||
|
networks:
|
||||||
|
traefik:
|
||||||
|
external: true
|
||||||
|
internal:
|
||||||
|
external: false
|
||||||
|
|
||||||
|
services:
|
||||||
|
database:
|
||||||
|
image: postgres:13.4-alpine
|
||||||
|
environment:
|
||||||
|
- POSTGRES_USER=hedgedoc
|
||||||
|
- POSTGRES_PASSWORD=password
|
||||||
|
- POSTGRES_DB=hedgedoc
|
||||||
|
volumes:
|
||||||
|
- {{ data_dir }}/database:/var/lib/postgresql/data
|
||||||
|
restart: always
|
||||||
|
networks:
|
||||||
|
- internal
|
||||||
|
app:
|
||||||
|
image: quay.io/hedgedoc/hedgedoc:1.9.7
|
||||||
|
environment:
|
||||||
|
- CMD_DB_URL=postgres://hedgedoc:password@database:5432/hedgedoc
|
||||||
|
- CMD_DOMAIN={{ hedgedoc_domain }}
|
||||||
|
- CMD_PORT=3000
|
||||||
|
- CMD_URL_ADDPORT=false
|
||||||
|
- CMD_ALLOW_ANONYMOUS=true
|
||||||
|
- CMD_ALLOW_EMAIL_REGISTER=false
|
||||||
|
- CMD_PROTOCOL_USESSL=true
|
||||||
|
- CMD_SESSION_SECRET={{ session_secret }}
|
||||||
|
volumes:
|
||||||
|
- {{ data_dir }}/uploads:/hedgedoc/public/uploads
|
||||||
|
restart: always
|
||||||
|
depends_on:
|
||||||
|
- database
|
||||||
|
networks:
|
||||||
|
- traefik
|
||||||
|
- internal
|
||||||
|
labels:
|
||||||
|
- traefik.enable=true
|
||||||
|
- traefik.http.routers.hedgedoc.entrypoints=websecure
|
||||||
|
- traefik.http.routers.hedgedoc.rule=Host(`{{ hedgedoc_domain }}`)
|
||||||
|
- traefik.http.routers.hedgedoc.tls=true
|
||||||
|
- traefik.http.routers.hedgedoc.tls.certresolver=letsencrypt
|
||||||
|
- treafik.http.routers.hedgedoc.service=hedgedoc
|
||||||
|
- traefik.http.services.hedgedoc.loadbalancer.server.port=3000
|
||||||
|
- traefik.docker.network=traefik
|
||||||
14
ansible/roles/hedgedoc/vars/main.yml
Normal file
14
ansible/roles/hedgedoc/vars/main.yml
Normal file
|
|
@ -0,0 +1,14 @@
|
||||||
|
service_name: hedgedoc
|
||||||
|
data_dir: "{{ base_data_dir }}/{{ service_name }}"
|
||||||
|
service_dir: "{{ base_service_dir }}/{{ service_name }}"
|
||||||
|
hedgedoc_domain: "md.{{ domain_name_pim }}"
|
||||||
|
session_secret: !vault |
|
||||||
|
$ANSIBLE_VAULT;1.1;AES256
|
||||||
|
30633835386265643561343033326536653166343630396139303137613138383233666565666330
|
||||||
|
3032613865333836656566626435383165396539323837350a376331306464643766373839386638
|
||||||
|
65653865343539633636323833343964636332636461386434386432306230343833343431363134
|
||||||
|
6563373138626637650a633932313862326231666330343662343765666166373961376237396434
|
||||||
|
33396131353830323063326266623862353731653665626466653335656434303033353333353164
|
||||||
|
61613535373037646565386131383631366338616565373261396136616433393462313537313861
|
||||||
|
35313661616365373231373963323865393635626132343138363230313431636333363130346239
|
||||||
|
32656335333635613736
|
||||||
Reference in a new issue