parameterize directories
This commit is contained in:
parent
5bf6d7acbc
commit
cd17ed372c
21 changed files with 88 additions and 66 deletions
|
|
@ -1 +1,2 @@
|
||||||
# Group variables for nucs group
|
base_data_dir: /data
|
||||||
|
base_service_dir: /srv
|
||||||
|
|
|
||||||
|
|
@ -5,13 +5,13 @@
|
||||||
state: latest
|
state: latest
|
||||||
update_cache: yes
|
update_cache: yes
|
||||||
cache_valid_time: 86400 # One day
|
cache_valid_time: 86400 # One day
|
||||||
- name: Create /data directory
|
- name: Create base data directory
|
||||||
file:
|
file:
|
||||||
path: /data
|
path: "{{ base_data_dir }}"
|
||||||
state: directory
|
state: directory
|
||||||
- name: Create /srv directory
|
- name: Create base service directory
|
||||||
file:
|
file:
|
||||||
path: /srv
|
path: "{{ base_service_dir }}"
|
||||||
state: directory
|
state: directory
|
||||||
- name: Disable systemd-resolved
|
- name: Disable systemd-resolved
|
||||||
systemd:
|
systemd:
|
||||||
|
|
|
||||||
|
|
@ -1,31 +1,31 @@
|
||||||
- name: Create app directory
|
- name: Create app directory
|
||||||
file:
|
file:
|
||||||
path: /srv/forgejo
|
path: "{{ service_dir }}"
|
||||||
state: directory
|
state: directory
|
||||||
- name: Copy Docker Compose script
|
- name: Copy Docker Compose script
|
||||||
copy:
|
template:
|
||||||
src: "{{ role_path }}/files/docker-compose.yml"
|
src: "{{ role_path }}/templates/docker-compose.yml.j2"
|
||||||
dest: /srv/forgejo/docker-compose.yml
|
dest: "{{ service_dir }}/docker-compose.yml"
|
||||||
- name: Create data directory
|
- name: Create data directory
|
||||||
file:
|
file:
|
||||||
path: /data/forgejo
|
path: "{{ data_dir }}"
|
||||||
state: directory
|
state: directory
|
||||||
owner: 1000
|
owner: 1000
|
||||||
group: 1000
|
group: 1000
|
||||||
- name: Copy conf directory
|
- name: Copy conf directory
|
||||||
file:
|
file:
|
||||||
path: /srv/forgejo/conf
|
path: "{{ service_dir }}/conf"
|
||||||
state: directory
|
state: directory
|
||||||
owner: 1000
|
owner: 1000
|
||||||
group: 1000
|
group: 1000
|
||||||
- name: Copy app.ini
|
- name: Copy app.ini
|
||||||
template:
|
template:
|
||||||
src: "{{ role_path }}/templates/app.ini"
|
src: "{{ role_path }}/templates/app.ini"
|
||||||
dest: /srv/forgejo/conf/app.ini
|
dest: "{{ service_dir }}/conf/app.ini"
|
||||||
register: config
|
register: config
|
||||||
- name: Start the Docker Compose
|
- name: Start the Docker Compose
|
||||||
docker_compose:
|
docker_compose:
|
||||||
project_src: /srv/forgejo
|
project_src: "{{ service_dir }}"
|
||||||
pull: true
|
pull: true
|
||||||
remove_orphans: true
|
remove_orphans: true
|
||||||
restarted: "{{ config.changed }}"
|
restarted: "{{ config.changed }}"
|
||||||
|
|
|
||||||
|
|
@ -15,8 +15,8 @@ services:
|
||||||
networks:
|
networks:
|
||||||
- traefik
|
- traefik
|
||||||
volumes:
|
volumes:
|
||||||
- /data/forgejo:/data
|
- {{ data_dir }}:/data
|
||||||
- /srv/forgejo/conf:/data/gitea/conf
|
- {{ service_dir }}/conf:/data/gitea/conf
|
||||||
- /etc/timezone:/etc/timezone:ro
|
- /etc/timezone:/etc/timezone:ro
|
||||||
- /etc/localtime:/etc/localtime:ro
|
- /etc/localtime:/etc/localtime:ro
|
||||||
labels:
|
labels:
|
||||||
|
|
@ -1,3 +1,7 @@
|
||||||
|
service_name: forgejo
|
||||||
|
data_dir: "{{ base_data_dir }}/{{ service_name }}"
|
||||||
|
service_dir: "{{ base_service_dir }}/{{ service_name }}"
|
||||||
|
|
||||||
forgejo:
|
forgejo:
|
||||||
root_url: "https://git.pizzapim.nl"
|
root_url: "https://git.pizzapim.nl"
|
||||||
mailer_host: "smtp.tweak.nl"
|
mailer_host: "smtp.tweak.nl"
|
||||||
|
|
|
||||||
|
|
@ -1,14 +1,14 @@
|
||||||
- name: Create app directory
|
- name: Create app directory
|
||||||
file:
|
file:
|
||||||
path: /srv/kms
|
path: "{{ service_dir }}"
|
||||||
state: directory
|
state: directory
|
||||||
- name: Copy Docker Compose script
|
- name: Copy Docker Compose script
|
||||||
copy:
|
copy:
|
||||||
src: "{{ role_path }}/files/docker-compose.yml"
|
src: "{{ role_path }}/files/docker-compose.yml"
|
||||||
dest: /srv/kms/docker-compose.yml
|
dest: "{{ service_dir }}/docker-compose.yml"
|
||||||
- name: Start the Docker Compose
|
- name: Start the Docker Compose
|
||||||
docker_compose:
|
docker_compose:
|
||||||
project_src: /srv/kms
|
project_src: "{{ service_dir }}"
|
||||||
pull: true
|
pull: true
|
||||||
remove_orphans: true
|
remove_orphans: true
|
||||||
|
|
||||||
|
|
|
||||||
2
roles/kms/vars/main.yml
Normal file
2
roles/kms/vars/main.yml
Normal file
|
|
@ -0,0 +1,2 @@
|
||||||
|
service_name: kms
|
||||||
|
service_dir: "{{ base_service_dir }}/{{ service_name }}"
|
||||||
|
|
@ -1,22 +1,22 @@
|
||||||
- name: Create Mastodon app directory
|
- name: Create Mastodon app directory
|
||||||
file:
|
file:
|
||||||
path: /srv/mastodon
|
path: "{{ service_dir }}"
|
||||||
state: directory
|
state: directory
|
||||||
- name: Copy .env.production
|
- name: Copy .env.production
|
||||||
copy:
|
copy:
|
||||||
src: "{{ role_path }}/files/.env.production"
|
src: "{{ role_path }}/files/.env.production"
|
||||||
dest: /srv/mastodon/.env.production
|
dest: "{{ service_dir }}.env.production"
|
||||||
- name: Copy Docker Compose script
|
- name: Copy Docker Compose script
|
||||||
template:
|
template:
|
||||||
src: "{{ role_path }}/templates/docker-compose.yml.j2"
|
src: "{{ role_path }}/templates/docker-compose.yml.j2"
|
||||||
dest: /srv/mastodon/docker-compose.yml
|
dest: "{{ service_dir }}/docker-compose.yml"
|
||||||
- name: Create Mastodon data directory
|
- name: Create Mastodon data directory
|
||||||
file:
|
file:
|
||||||
path: /data/mastodon
|
path: "{{ data_dir }}"
|
||||||
state: directory
|
state: directory
|
||||||
mode: 0777
|
mode: 0777
|
||||||
- name: Start Docker Compose
|
- name: Start Docker Compose
|
||||||
docker_compose:
|
docker_compose:
|
||||||
project_src: /srv/mastodon
|
project_src: "{{ service_dir }}"
|
||||||
pull: true
|
pull: true
|
||||||
remove_orphans: true
|
remove_orphans: true
|
||||||
|
|
|
||||||
|
|
@ -9,7 +9,7 @@ services:
|
||||||
healthcheck:
|
healthcheck:
|
||||||
test: ['CMD', 'pg_isready', '-U', 'postgres']
|
test: ['CMD', 'pg_isready', '-U', 'postgres']
|
||||||
volumes:
|
volumes:
|
||||||
- /data/mastodon/postgres14:/var/lib/postgresql/data
|
- {{ data_dir }}/postgres14:/var/lib/postgresql/data
|
||||||
environment:
|
environment:
|
||||||
- 'POSTGRES_HOST_AUTH_METHOD=trust'
|
- 'POSTGRES_HOST_AUTH_METHOD=trust'
|
||||||
- 'POSTGRES_PASSWORD={{ mastodon_postgres_password }}'
|
- 'POSTGRES_PASSWORD={{ mastodon_postgres_password }}'
|
||||||
|
|
@ -24,7 +24,7 @@ services:
|
||||||
healthcheck:
|
healthcheck:
|
||||||
test: ['CMD', 'redis-cli', 'ping']
|
test: ['CMD', 'redis-cli', 'ping']
|
||||||
volumes:
|
volumes:
|
||||||
- /data/mastodon/redis:/data
|
- {{ data_dir }}/redis:/data
|
||||||
environment:
|
environment:
|
||||||
- 'REDIS_PASSWORD={{ mastodon_redis_password }}'
|
- 'REDIS_PASSWORD={{ mastodon_redis_password }}'
|
||||||
|
|
||||||
|
|
@ -46,7 +46,7 @@ services:
|
||||||
- db
|
- db
|
||||||
- redis
|
- redis
|
||||||
volumes:
|
volumes:
|
||||||
- /data/mastodon/public/system:/mastodon/public/system
|
- {{ data_dir }}/public/system:/mastodon/public/system
|
||||||
labels:
|
labels:
|
||||||
- traefik.http.routers.mastodon.entrypoints=websecure
|
- traefik.http.routers.mastodon.entrypoints=websecure
|
||||||
- traefik.http.routers.mastodon.rule=Host(`social.pizzapim.nl`)
|
- traefik.http.routers.mastodon.rule=Host(`social.pizzapim.nl`)
|
||||||
|
|
@ -91,7 +91,7 @@ services:
|
||||||
networks:
|
networks:
|
||||||
- default
|
- default
|
||||||
volumes:
|
volumes:
|
||||||
- /data/mastodon/public/system:/mastodon/public/system
|
- {{ data_dir }}/public/system:/mastodon/public/system
|
||||||
healthcheck:
|
healthcheck:
|
||||||
test: ['CMD-SHELL', "ps aux | grep '[s]idekiq\ 6' || false"]
|
test: ['CMD-SHELL', "ps aux | grep '[s]idekiq\ 6' || false"]
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,3 +1,7 @@
|
||||||
|
service_name: mastodon
|
||||||
|
data_dir: "{{ base_data_dir }}/{{ service_name }}"
|
||||||
|
service_dir: "{{ base_service_dir }}/{{ service_name }}"
|
||||||
|
|
||||||
mastodon_postgres_password: !vault |
|
mastodon_postgres_password: !vault |
|
||||||
$ANSIBLE_VAULT;1.1;AES256
|
$ANSIBLE_VAULT;1.1;AES256
|
||||||
34643131323762373635383736636432643161646130373565333432323337646435656233383131
|
34643131323762373635383736636432643161646130373565333432323337646435656233383131
|
||||||
|
|
|
||||||
|
|
@ -1,9 +1,9 @@
|
||||||
- name: Clone pizzeria repository
|
- name: Clone pizzeria repository
|
||||||
git:
|
git:
|
||||||
repo: "{{ pizzeria.git_origin }}"
|
repo: "{{ git_origin }}"
|
||||||
dest: /srv/pizzeria
|
dest: "{{ service_dir }}"
|
||||||
- name: Start the Docker Compose
|
- name: Start the Docker Compose
|
||||||
docker_compose:
|
docker_compose:
|
||||||
project_src: /srv/pizzeria
|
project_src: "{{ service_dir }}"
|
||||||
pull: true
|
pull: true
|
||||||
remove_orphans: true
|
remove_orphans: true
|
||||||
|
|
|
||||||
|
|
@ -1,2 +1,4 @@
|
||||||
pizzeria:
|
service_name: pizzeria
|
||||||
git_origin: https://git.pizzapim.nl/pim/pizzeria.git
|
data_dir: "{{ base_data_dir }}/{{ service_name }}"
|
||||||
|
service_dir: "{{ base_service_dir }}/{{ service_name }}"
|
||||||
|
git_origin: https://git.pizzapim.nl/pim/pizzeria.git
|
||||||
|
|
|
||||||
|
|
@ -1,29 +1,29 @@
|
||||||
- name: Create Radicale app directory
|
- name: Create Radicale app directory
|
||||||
file:
|
file:
|
||||||
path: /srv/radicale
|
path: "{{ service_dir }}"
|
||||||
state: directory
|
state: directory
|
||||||
- name: Copy docker-compose.yml file
|
- name: Copy docker-compose.yml file
|
||||||
copy:
|
template:
|
||||||
src: "{{ role_path }}/files/docker-compose.yml"
|
src: "{{ role_path }}/templates/docker-compose.yml.j2"
|
||||||
dest: /srv/radicale/docker-compose.yml
|
dest: "{{ service_dir }}/docker-compose.yml"
|
||||||
- name: Create Radicale config directory
|
- name: Create Radicale config directory
|
||||||
file:
|
file:
|
||||||
path: /srv/radicale/config
|
path: "{{ service_dir }}/config"
|
||||||
state: directory
|
state: directory
|
||||||
- name: Copy radicale.conf
|
- name: Copy radicale.conf
|
||||||
copy:
|
copy:
|
||||||
src: "{{ role_path }}/files/radicale.conf"
|
src: "{{ role_path }}/files/radicale.conf"
|
||||||
dest: /srv/radicale/config/radicale.conf
|
dest: "{{ service_dir }}/config/radicale.conf"
|
||||||
- name: Copy users file
|
- name: Copy users file
|
||||||
copy:
|
copy:
|
||||||
src: "{{ role_path }}/files/users"
|
src: "{{ role_path }}/files/users"
|
||||||
dest: /srv/radicale/config/users
|
dest: "{{ service_dir }}/config/users"
|
||||||
- name: Create Radicale data directory
|
- name: Create Radicale data directory
|
||||||
file:
|
file:
|
||||||
path: /data/radicale
|
path: "{{ data_dir }}"
|
||||||
state: directory
|
state: directory
|
||||||
- name: Start Docker Compose
|
- name: Start Docker Compose
|
||||||
docker_compose:
|
docker_compose:
|
||||||
project_src: /srv/radicale
|
project_src: "{{ service_dir }}"
|
||||||
pull: true
|
pull: true
|
||||||
remove_orphans: true
|
remove_orphans: true
|
||||||
|
|
|
||||||
|
|
@ -9,8 +9,8 @@ services:
|
||||||
restart: always
|
restart: always
|
||||||
image: mailu/radicale:1.9
|
image: mailu/radicale:1.9
|
||||||
volumes:
|
volumes:
|
||||||
- /data/radicale:/data
|
- {{ data_dir }}:/data
|
||||||
- /srv/radicale/config:/radicale
|
- {{ service_dir }}/config:/radicale
|
||||||
command: radicale -S -C /radicale/radicale.conf
|
command: radicale -S -C /radicale/radicale.conf
|
||||||
networks:
|
networks:
|
||||||
- traefik
|
- traefik
|
||||||
3
roles/radicale/vars/main.yml
Normal file
3
roles/radicale/vars/main.yml
Normal file
|
|
@ -0,0 +1,3 @@
|
||||||
|
service_name: radicale
|
||||||
|
data_dir: "{{ base_data_dir }}/{{ service_name }}"
|
||||||
|
service_dir: "{{ base_service_dir }}/{{ service_name }}"
|
||||||
|
|
@ -1,34 +1,34 @@
|
||||||
- name: Create Syncthing app directory
|
- name: Create Syncthing app directory
|
||||||
file:
|
file:
|
||||||
path: /srv/syncthing
|
path: "{{ service_dir }}"
|
||||||
state: directory
|
state: directory
|
||||||
- name: Create Syncthing configuration directory
|
- name: Create Syncthing configuration directory
|
||||||
file:
|
file:
|
||||||
path: /srv/syncthing/config
|
path: "{{ service_dir }}/config"
|
||||||
state: directory
|
state: directory
|
||||||
- name: Copy Syncthing private key
|
- name: Copy Syncthing private key
|
||||||
copy:
|
copy:
|
||||||
src: "{{ role_path }}/files/key.pem"
|
src: "{{ role_path }}/files/key.pem"
|
||||||
dest: /srv/syncthing/config/key.pem
|
dest: "{{ service_dir }}/config/key.pem"
|
||||||
- name: Copy Syncthing certificate
|
- name: Copy Syncthing certificate
|
||||||
copy:
|
copy:
|
||||||
src: "{{ role_path }}/files/cert.pem"
|
src: "{{ role_path }}/files/cert.pem"
|
||||||
dest: /srv/syncthing/config/cert.pem
|
dest: "{{ service_dir }}/config/cert.pem"
|
||||||
- name: Copy Syncthing configuration
|
- name: Copy Syncthing configuration
|
||||||
template:
|
template:
|
||||||
src: "{{ role_path }}/templates/config.xml.j2"
|
src: "{{ role_path }}/templates/config.xml.j2"
|
||||||
dest: /srv/syncthing/config/config.xml
|
dest: "{{ service_dir }}/config/config.xml"
|
||||||
- name: Create Syncthing data directory
|
- name: Create Syncthing data directory
|
||||||
file:
|
file:
|
||||||
path: /data/syncthing
|
path: "{{ data_dir }}"
|
||||||
state: directory
|
state: directory
|
||||||
mode: 0777
|
mode: 0777
|
||||||
- name: Copy Docker Compose script
|
- name: Copy Docker Compose script
|
||||||
copy:
|
template:
|
||||||
src: "{{ role_path }}/files/docker-compose.yml"
|
src: "{{ role_path }}/templates/docker-compose.yml.j2"
|
||||||
dest: /srv/syncthing/docker-compose.yml
|
dest: "{{ service_dir }}/docker-compose.yml"
|
||||||
- name: Start Docker Compose
|
- name: Start Docker Compose
|
||||||
docker_compose:
|
docker_compose:
|
||||||
project_src: /srv/syncthing
|
project_src: "{{ service_dir }}"
|
||||||
pull: true
|
pull: true
|
||||||
remove_orphans: true
|
remove_orphans: true
|
||||||
|
|
|
||||||
|
|
@ -10,8 +10,8 @@ services:
|
||||||
- PGID=1000
|
- PGID=1000
|
||||||
- TZ=Europe/Amsterdam
|
- TZ=Europe/Amsterdam
|
||||||
volumes:
|
volumes:
|
||||||
- /srv/syncthing/config:/config
|
- {{ service_dir }}/config:/config
|
||||||
- /data/syncthing:/data
|
- {{ data_dir }}:/data
|
||||||
ports:
|
ports:
|
||||||
- 8384:8384
|
- 8384:8384
|
||||||
- 22000:22000/tcp
|
- 22000:22000/tcp
|
||||||
|
|
@ -1,3 +1,7 @@
|
||||||
|
service_name: syncthing
|
||||||
|
data_dir: "{{ base_data_dir }}/{{ service_name }}"
|
||||||
|
service_dir: "{{ base_service_dir }}/{{ service_name }}"
|
||||||
|
|
||||||
syncthing:
|
syncthing:
|
||||||
apikey: !vault |
|
apikey: !vault |
|
||||||
$ANSIBLE_VAULT;1.1;AES256
|
$ANSIBLE_VAULT;1.1;AES256
|
||||||
|
|
|
||||||
|
|
@ -1,30 +1,30 @@
|
||||||
- name: Create traefik app directory
|
- name: Create traefik app directory
|
||||||
file:
|
file:
|
||||||
path: /srv/traefik
|
path: "{{ service_dir }}"
|
||||||
state: directory
|
state: directory
|
||||||
- name: Create acme file
|
- name: Create acme file
|
||||||
copy:
|
copy:
|
||||||
content: ""
|
content: ""
|
||||||
dest: /srv/traefik/acme.json
|
dest: "{{ service_dir }}/acme.json"
|
||||||
force: no
|
force: no
|
||||||
mode: 0600
|
mode: 0600
|
||||||
- name: Copy Docker Compose script
|
- name: Copy Docker Compose script
|
||||||
copy:
|
template:
|
||||||
src: "{{ role_path }}/files/docker-compose.yml"
|
src: "{{ role_path }}/templates/docker-compose.yml.j2"
|
||||||
dest: /srv/traefik/docker-compose.yml
|
dest: "{{ service_dir }}/docker-compose.yml"
|
||||||
- name: Copy traefik.toml
|
- name: Copy traefik.toml
|
||||||
copy:
|
copy:
|
||||||
src: "{{ role_path }}/files/traefik.toml"
|
src: "{{ role_path }}/files/traefik.toml"
|
||||||
dest: /srv/traefik/traefik.toml
|
dest: "{{ service_dir }}/traefik.toml"
|
||||||
- name: Copy services.toml
|
- name: Copy services.toml
|
||||||
copy:
|
copy:
|
||||||
src: "{{ role_path }}/files/services.toml"
|
src: "{{ role_path }}/files/services.toml"
|
||||||
dest: /srv/traefik/services.toml
|
dest: "{{ service_dir }}/services.toml"
|
||||||
- name: Create traefik network
|
- name: Create traefik network
|
||||||
docker_network:
|
docker_network:
|
||||||
name: "traefik"
|
name: "traefik"
|
||||||
- name: Start Docker Compose
|
- name: Start Docker Compose
|
||||||
docker_compose:
|
docker_compose:
|
||||||
project_src: /srv/traefik
|
project_src: "{{ service_dir }}"
|
||||||
pull: true
|
pull: true
|
||||||
remove_orphans: true
|
remove_orphans: true
|
||||||
|
|
|
||||||
|
|
@ -20,9 +20,9 @@ services:
|
||||||
- "56287:56287"
|
- "56287:56287"
|
||||||
volumes:
|
volumes:
|
||||||
- /var/run/docker.sock:/var/run/docker.sock
|
- /var/run/docker.sock:/var/run/docker.sock
|
||||||
- /srv/traefik/traefik.toml:/etc/traefik/traefik.toml
|
- {{ service_dir }}/traefik.toml:/etc/traefik/traefik.toml
|
||||||
- /srv/traefik/services.toml:/etc/traefik/services.toml
|
- {{ service_dir }}/services.toml:/etc/traefik/services.toml
|
||||||
- /srv/traefik/acme.json:/acme.json
|
- {{ service_dir }}/acme.json:/acme.json
|
||||||
networks:
|
networks:
|
||||||
- traefik
|
- traefik
|
||||||
labels:
|
labels:
|
||||||
2
roles/traefik/vars/main.yml
Normal file
2
roles/traefik/vars/main.yml
Normal file
|
|
@ -0,0 +1,2 @@
|
||||||
|
service_name: traefik
|
||||||
|
service_dir: "{{ base_service_dir }}/{{ service_name }}"
|
||||||
Reference in a new issue