home/max
Archived
2
1
Fork 0
Code Issues 9 Pull requests Projects Releases Packages Wiki Activity

parameterize directories

Browse source
This commit is contained in:
Pim Kunis 2023-01-07 20:32:42 +01:00
parent 5bf6d7acbc
commit cd17ed372c
21 changed files with 88 additions and 66 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
inventory/group_vars/nucs.yml
View file

@ -1 +1,2 @@
# Group variables for nucs group
base_data_dir: /data
base_service_dir: /srv

8
roles/common/tasks/main.yml
View file

@ -5,13 +5,13 @@
state: latest
update_cache: yes
cache_valid_time: 86400 # One day
- name: Create /data directory
- name: Create base data directory
file:
path: /data
path: "{{ base_data_dir }}"
state: directory
- name: Create /srv directory
- name: Create base service directory
file:
path: /srv
path: "{{ base_service_dir }}"
state: directory
- name: Disable systemd-resolved
systemd:

16
roles/forgejo/tasks/main.yml
View file

@ -1,31 +1,31 @@
- name: Create app directory
file:
path: /srv/forgejo
path: "{{ service_dir }}"
state: directory
- name: Copy Docker Compose script
copy:
src: "{{ role_path }}/files/docker-compose.yml"
dest: /srv/forgejo/docker-compose.yml
template:
src: "{{ role_path }}/templates/docker-compose.yml.j2"
dest: "{{ service_dir }}/docker-compose.yml"
- name: Create data directory
file:
path: /data/forgejo
path: "{{ data_dir }}"
state: directory
owner: 1000
group: 1000
- name: Copy conf directory
file:
path: /srv/forgejo/conf
path: "{{ service_dir }}/conf"
state: directory
owner: 1000
group: 1000
- name: Copy app.ini
template:
src: "{{ role_path }}/templates/app.ini"
dest: /srv/forgejo/conf/app.ini
dest: "{{ service_dir }}/conf/app.ini"
register: config
- name: Start the Docker Compose
docker_compose:
project_src: /srv/forgejo
project_src: "{{ service_dir }}"
pull: true
remove_orphans: true
restarted: "{{ config.changed }}"

4
roles/forgejo/files/docker-compose.yml → roles/forgejo/templates/docker-compose.yml.j2
View file

@ -15,8 +15,8 @@ services:
networks:
- traefik
volumes:
- /data/forgejo:/data
- /srv/forgejo/conf:/data/gitea/conf
- {{ data_dir }}:/data
- {{ service_dir }}/conf:/data/gitea/conf
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
labels:

4
roles/forgejo/vars/main.yml
View file

@ -1,3 +1,7 @@
service_name: forgejo
data_dir: "{{ base_data_dir }}/{{ service_name }}"
service_dir: "{{ base_service_dir }}/{{ service_name }}"
forgejo:
root_url: "https://git.pizzapim.nl"
mailer_host: "smtp.tweak.nl"

6
roles/kms/tasks/main.yml
View file

@ -1,14 +1,14 @@
- name: Create app directory
file:
path: /srv/kms
path: "{{ service_dir }}"
state: directory
- name: Copy Docker Compose script
copy:
src: "{{ role_path }}/files/docker-compose.yml"
dest: /srv/kms/docker-compose.yml
dest: "{{ service_dir }}/docker-compose.yml"
- name: Start the Docker Compose
docker_compose:
project_src: /srv/kms
project_src: "{{ service_dir }}"
pull: true
remove_orphans: true

2
roles/kms/vars/main.yml Normal file
View file

@ -0,0 +1,2 @@
service_name: kms
service_dir: "{{ base_service_dir }}/{{ service_name }}"

10
roles/mastodon/tasks/main.yml
View file

@ -1,22 +1,22 @@
- name: Create Mastodon app directory
file:
path: /srv/mastodon
path: "{{ service_dir }}"
state: directory
- name: Copy .env.production
copy:
src: "{{ role_path }}/files/.env.production"
dest: /srv/mastodon/.env.production
dest: "{{ service_dir }}.env.production"
- name: Copy Docker Compose script
template:
src: "{{ role_path }}/templates/docker-compose.yml.j2"
dest: /srv/mastodon/docker-compose.yml
dest: "{{ service_dir }}/docker-compose.yml"
- name: Create Mastodon data directory
file:
path: /data/mastodon
path: "{{ data_dir }}"
state: directory
mode: 0777
- name: Start Docker Compose
docker_compose:
project_src: /srv/mastodon
project_src: "{{ service_dir }}"
pull: true
remove_orphans: true

8
roles/mastodon/templates/docker-compose.yml.j2
View file

@ -9,7 +9,7 @@ services:
healthcheck:
test: ['CMD', 'pg_isready', '-U', 'postgres']
volumes:
- /data/mastodon/postgres14:/var/lib/postgresql/data
- {{ data_dir }}/postgres14:/var/lib/postgresql/data
environment:
- 'POSTGRES_HOST_AUTH_METHOD=trust'
- 'POSTGRES_PASSWORD={{ mastodon_postgres_password }}'
@ -24,7 +24,7 @@ services:
healthcheck:
test: ['CMD', 'redis-cli', 'ping']
volumes:
- /data/mastodon/redis:/data
- {{ data_dir }}/redis:/data
environment:
- 'REDIS_PASSWORD={{ mastodon_redis_password }}'
@ -46,7 +46,7 @@ services:
- db
- redis
volumes:
- /data/mastodon/public/system:/mastodon/public/system
- {{ data_dir }}/public/system:/mastodon/public/system
labels:
- traefik.http.routers.mastodon.entrypoints=websecure
- traefik.http.routers.mastodon.rule=Host(`social.pizzapim.nl`)
@ -91,7 +91,7 @@ services:
networks:
- default
volumes:
- /data/mastodon/public/system:/mastodon/public/system
- {{ data_dir }}/public/system:/mastodon/public/system
healthcheck:
test: ['CMD-SHELL', "ps aux | grep '[s]idekiq\ 6' || false"]

4
roles/mastodon/vars/main.yml
View file

@ -1,3 +1,7 @@
service_name: mastodon
data_dir: "{{ base_data_dir }}/{{ service_name }}"
service_dir: "{{ base_service_dir }}/{{ service_name }}"
mastodon_postgres_password: !vault |
$ANSIBLE_VAULT;1.1;AES256
34643131323762373635383736636432643161646130373565333432323337646435656233383131

6
roles/pizzeria/tasks/main.yml
View file

@ -1,9 +1,9 @@
- name: Clone pizzeria repository
git:
repo: "{{ pizzeria.git_origin }}"
dest: /srv/pizzeria
repo: "{{ git_origin }}"
dest: "{{ service_dir }}"
- name: Start the Docker Compose
docker_compose:
project_src: /srv/pizzeria
project_src: "{{ service_dir }}"
pull: true
remove_orphans: true

6
roles/pizzeria/vars/main.yml
View file

@ -1,2 +1,4 @@
pizzeria:
git_origin: https://git.pizzapim.nl/pim/pizzeria.git
service_name: pizzeria
data_dir: "{{ base_data_dir }}/{{ service_name }}"
service_dir: "{{ base_service_dir }}/{{ service_name }}"
git_origin: https://git.pizzapim.nl/pim/pizzeria.git

18
roles/radicale/tasks/main.yml
View file

@ -1,29 +1,29 @@
- name: Create Radicale app directory
file:
path: /srv/radicale
path: "{{ service_dir }}"
state: directory
- name: Copy docker-compose.yml file
copy:
src: "{{ role_path }}/files/docker-compose.yml"
dest: /srv/radicale/docker-compose.yml
template:
src: "{{ role_path }}/templates/docker-compose.yml.j2"
dest: "{{ service_dir }}/docker-compose.yml"
- name: Create Radicale config directory
file:
path: /srv/radicale/config
path: "{{ service_dir }}/config"
state: directory
- name: Copy radicale.conf
copy:
src: "{{ role_path }}/files/radicale.conf"
dest: /srv/radicale/config/radicale.conf
dest: "{{ service_dir }}/config/radicale.conf"
- name: Copy users file
copy:
src: "{{ role_path }}/files/users"
dest: /srv/radicale/config/users
dest: "{{ service_dir }}/config/users"
- name: Create Radicale data directory
file:
path: /data/radicale
path: "{{ data_dir }}"
state: directory
- name: Start Docker Compose
docker_compose:
project_src: /srv/radicale
project_src: "{{ service_dir }}"
pull: true
remove_orphans: true

4
roles/radicale/files/docker-compose.yml → roles/radicale/templates/docker-compose.yml.j2
View file

@ -9,8 +9,8 @@ services:
restart: always
image: mailu/radicale:1.9
volumes:
- /data/radicale:/data
- /srv/radicale/config:/radicale
- {{ data_dir }}:/data
- {{ service_dir }}/config:/radicale
command: radicale -S -C /radicale/radicale.conf
networks:
- traefik

3
roles/radicale/vars/main.yml Normal file
View file

@ -0,0 +1,3 @@
service_name: radicale
data_dir: "{{ base_data_dir }}/{{ service_name }}"
service_dir: "{{ base_service_dir }}/{{ service_name }}"

20
roles/syncthing/tasks/main.yml
View file

@ -1,34 +1,34 @@
- name: Create Syncthing app directory
file:
path: /srv/syncthing
path: "{{ service_dir }}"
state: directory
- name: Create Syncthing configuration directory
file:
path: /srv/syncthing/config
path: "{{ service_dir }}/config"
state: directory
- name: Copy Syncthing private key
copy:
src: "{{ role_path }}/files/key.pem"
dest: /srv/syncthing/config/key.pem
dest: "{{ service_dir }}/config/key.pem"
- name: Copy Syncthing certificate
copy:
src: "{{ role_path }}/files/cert.pem"
dest: /srv/syncthing/config/cert.pem
dest: "{{ service_dir }}/config/cert.pem"
- name: Copy Syncthing configuration
template:
src: "{{ role_path }}/templates/config.xml.j2"
dest: /srv/syncthing/config/config.xml
dest: "{{ service_dir }}/config/config.xml"
- name: Create Syncthing data directory
file:
path: /data/syncthing
path: "{{ data_dir }}"
state: directory
mode: 0777
- name: Copy Docker Compose script
copy:
src: "{{ role_path }}/files/docker-compose.yml"
dest: /srv/syncthing/docker-compose.yml
template:
src: "{{ role_path }}/templates/docker-compose.yml.j2"
dest: "{{ service_dir }}/docker-compose.yml"
- name: Start Docker Compose
docker_compose:
project_src: /srv/syncthing
project_src: "{{ service_dir }}"
pull: true
remove_orphans: true

4
roles/syncthing/files/docker-compose.yml → roles/syncthing/templates/docker-compose.yml.j2
View file

@ -10,8 +10,8 @@ services:
- PGID=1000
- TZ=Europe/Amsterdam
volumes:
- /srv/syncthing/config:/config
- /data/syncthing:/data
- {{ service_dir }}/config:/config
- {{ data_dir }}:/data
ports:
- 8384:8384
- 22000:22000/tcp

4
roles/syncthing/vars/main.yml
View file

@ -1,3 +1,7 @@
service_name: syncthing
data_dir: "{{ base_data_dir }}/{{ service_name }}"
service_dir: "{{ base_service_dir }}/{{ service_name }}"
syncthing:
apikey: !vault |
$ANSIBLE_VAULT;1.1;AES256

16
roles/traefik/tasks/main.yml
View file

@ -1,30 +1,30 @@
- name: Create traefik app directory
file:
path: /srv/traefik
path: "{{ service_dir }}"
state: directory
- name: Create acme file
copy:
content: ""
dest: /srv/traefik/acme.json
dest: "{{ service_dir }}/acme.json"
force: no
mode: 0600
- name: Copy Docker Compose script
copy:
src: "{{ role_path }}/files/docker-compose.yml"
dest: /srv/traefik/docker-compose.yml
template:
src: "{{ role_path }}/templates/docker-compose.yml.j2"
dest: "{{ service_dir }}/docker-compose.yml"
- name: Copy traefik.toml
copy:
src: "{{ role_path }}/files/traefik.toml"
dest: /srv/traefik/traefik.toml
dest: "{{ service_dir }}/traefik.toml"
- name: Copy services.toml
copy:
src: "{{ role_path }}/files/services.toml"
dest: /srv/traefik/services.toml
dest: "{{ service_dir }}/services.toml"
- name: Create traefik network
docker_network:
name: "traefik"
- name: Start Docker Compose
docker_compose:
project_src: /srv/traefik
project_src: "{{ service_dir }}"
pull: true
remove_orphans: true

6
roles/traefik/files/docker-compose.yml → roles/traefik/templates/docker-compose.yml.j2
View file

@ -20,9 +20,9 @@ services:
- "56287:56287"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /srv/traefik/traefik.toml:/etc/traefik/traefik.toml
- /srv/traefik/services.toml:/etc/traefik/services.toml
- /srv/traefik/acme.json:/acme.json
- {{ service_dir }}/traefik.toml:/etc/traefik/traefik.toml
- {{ service_dir }}/services.toml:/etc/traefik/services.toml
- {{ service_dir }}/acme.json:/acme.json
networks:
- traefik
labels:

2
roles/traefik/vars/main.yml Normal file
View file

@ -0,0 +1,2 @@
service_name: traefik
service_dir: "{{ base_service_dir }}/{{ service_name }}"