manage lewis with nix

move docker swarm ansible to this repo move thecloud ansible to this repo support data disks in terraform
2023-12-25 19:22:22 +01:00 · 2023-12-25 19:22:22 +01:00 · 111bf68a0a
commit 111bf68a0a
parent d7ef46b642
92 changed files with 2730 additions and 26 deletions
--- a/legacy/projects/docker_swarm/ansible/roles/kitchenowl/docker-stack.yml.j2
+++ b/legacy/projects/docker_swarm/ansible/roles/kitchenowl/docker-stack.yml.j2
@ -0,0 +1,45 @@
+# vi: ft=yaml
+version: '3.7'
+
+networks:
+  traefik:
+    external: true
+  kitchenowl:
+
+volumes:
+  data:
+    driver_opts:
+      type: "nfs"
+      o: "addr=192.168.30.10,nolock,soft,rw"
+      device: ":/mnt/data/kitchenowl/data"
+
+services:
+  front:
+    image: tombursch/kitchenowl-web:v0.4.17
+    depends_on:
+      - back
+    networks:
+      - traefik
+      - kitchenowl
+    deploy:
+      labels:
+        - traefik.enable=true
+        - traefik.http.routers.kitchenowl.entrypoints=websecure
+        - traefik.http.routers.kitchenowl.rule=Host(`boodschappen.kun.is`)
+        - traefik.http.routers.kitchenowl.tls=true
+        - traefik.http.routers.kitchenowl.tls.certresolver=letsencrypt
+        - traefik.http.routers.kitchenowl.service=kitchenowl
+        - traefik.http.services.kitchenowl.loadbalancer.server.port=80
+        - traefik.docker.network=traefik
+  back:
+    image: tombursch/kitchenowl:v88
+    networks:
+      - kitchenowl
+    environment:
+      - JWT_SECRET_KEY={{ jwt_secret_key }}
+    volumes:
+      - type: volume
+        source: data
+        target: /data
+        volume:
+          nocopy: true
--- a/legacy/projects/docker_swarm/ansible/roles/kitchenowl/tasks/main.yml
+++ b/legacy/projects/docker_swarm/ansible/roles/kitchenowl/tasks/main.yml
@ -0,0 +1,5 @@
+- name: Deploy Docker stack
+  docker_stack:
+    name: kitchenowl
+    compose:
+      - "{{ lookup('template', '{{ role_path }}/docker-stack.yml.j2') | from_yaml }}"
--- a/legacy/projects/docker_swarm/ansible/roles/kitchenowl/vars/main.yml
+++ b/legacy/projects/docker_swarm/ansible/roles/kitchenowl/vars/main.yml
@ -0,0 +1,7 @@
+jwt_secret_key: !vault |
+  $ANSIBLE_VAULT;1.1;AES256
+  37376338663532376135613331303737626633666138643132316336306164393134633639303865
+  3134613830323335663466373262316262353464323535300a636163633439323035643033623363
+  36316361656133663235333834343233363134313938656664356538366166653336656562623664
+  3332393330616636630a646139393937313932373963623764346134323635336539346562346635
+  36613637396133383664323561666464346336386233363434653765356334633831