home/nixos-servers
home/nixos-servers
Archived
2
0
Fork 0
Code Issues 8 Pull requests Projects Releases Packages Wiki Activity Actions

manage lewis with nix

Browse source 
move docker swarm ansible to this repo
move thecloud ansible to this repo
support data disks in terraform
This commit is contained in:
Pim Kunis 2023-12-25 19:22:22 +01:00
parent d7ef46b642
commit 111bf68a0a
92 changed files with 2730 additions and 26 deletions
Download patch file Download diff file Expand all files Collapse all files

131
legacy/projects/docker_swarm/ansible/roles/mastodon/docker-stack.yml.j2 Normal file
View file

@ -0,0 +1,131 @@
# vi: ft=yaml
version: '3'
networks:
traefik:
external: true
mastodon:
volumes:
system:
driver_opts:
type: "nfs"
o: "addr=192.168.30.10,nolock,soft,rw"
device: ":/mnt/data/mastodon/system"
redis:
driver_opts:
type: "nfs"
o: "addr=192.168.30.10,nolock,soft,rw"
device: ":/mnt/data/mastodon/redis"
services:
redis:
image: redis:7-alpine
networks:
mastodon:
aliases:
- redis
healthcheck:
test: ['CMD', 'redis-cli', 'ping']
volumes:
- type: volume
source: redis
target: /data
volume:
nocopy: true
web:
image: tootsuite/mastodon:v4.1
environment:
- 'OTP_SECRET={{ otp_secret }}'
- 'SECRET_KEY_BASE={{ secret_key_base }}'
- 'REDIS_HOST=redis'
- 'DB_HOST=192.168.30.10'
- 'DB_USER=mastodon'
- 'DB_NAME=mastodon'
- 'DB_PASS={{ database_passwords.mastodon }}'
- 'VAPID_PRIVATE_KEY={{ vapid_private_key }}'
- 'VAPID_PUBLIC_KEY=BDcpOP2ThgD13i2ENjnlVXG7QH-m3xuNE4rySx6_NBYQz34UxSM3N4nT7GUxN5zBF-Kehlv0CpqBDDa78QFiS0g='
- 'SMTP_SERVER=smtp.tweak.nl'
- 'SMTP_PORT=587'
- 'SMTP_LOGIN='
- 'SMTP_PASSWORD='
- 'SMTP_FROM_ADDRESS=mastodon@kunis.nl'
- 'LOCAL_DOMAIN=social.pizzapim.nl'
command: bash -c "rm -f /mastodon/tmp/pids/server.pid; bundle exec rails s -p 3000"
networks:
- mastodon
- traefik
healthcheck:
test: ['CMD-SHELL', 'wget -q --spider --proxy=off localhost:3000/health || exit 1']
volumes:
- type: volume
source: system
target: /mastodon/public/system
volume:
nocopy: true
deploy:
labels:
- traefik.enable=true
- traefik.http.routers.mastodon.entrypoints=websecure
- traefik.http.routers.mastodon.rule=Host(`social.pizzapim.nl`)
- traefik.http.routers.mastodon.tls=true
- traefik.http.routers.mastodon.tls.certresolver=letsencrypt
- traefik.http.services.mastodon.loadbalancer.server.port=3000
- traefik.http.routers.mastodon.service=mastodon
- traefik.docker.network=traefik
depends_on:
- redis
streaming:
image: tootsuite/mastodon:v4.1
command: node ./streaming
environment:
- 'REDIS_HOST=redis'
- 'LOCAL_DOMAIN=social.pizzapim.nl'
- 'DB_HOST=192.168.30.10'
- 'DB_USER=mastodon'
- 'DB_NAME=mastodon'
- 'DB_PASS={{ database_passwords.mastodon }}'
networks:
- mastodon
- traefik
healthcheck:
# prettier-ignore
test: ['CMD-SHELL', 'wget -q --spider --proxy=off localhost:4000/api/v1/streaming/health || exit 1']
deploy:
labels:
- traefik.enable=true
- traefik.http.routers.mastodon-streaming.entrypoints=websecure
- "traefik.http.routers.mastodon-streaming.rule=(Host(`social.pizzapim.nl`) && PathPrefix(`/api/v1/streaming`))"
- traefik.http.routers.mastodon-streaming.service=mastodon-streaming
- traefik.http.services.mastodon-streaming.loadbalancer.server.port=4000
- traefik.http.routers.mastodon-streaming.tls=true
- traefik.http.routers.mastodon-streaming.tls.certresolver=letsencrypt
- traefik.docker.network=traefik
depends_on:
- redis
sidekiq:
image: tootsuite/mastodon:v4.1
command: bundle exec sidekiq
environment:
- 'OTP_SECRET={{ otp_secret }}'
- 'SECRET_KEY_BASE={{ secret_key_base }}'
- 'REDIS_HOST=redis'
- 'DB_HOST=192.168.30.10'
- 'DB_USER=mastodon'
- 'DB_NAME=mastodon'
- 'DB_PASS={{ database_passwords.mastodon }}'
networks:
- mastodon
volumes:
- type: volume
source: system
target: /mastodon/public/system
volume:
nocopy: true
healthcheck:
test: ['CMD-SHELL', "ps aux | grep '[s]idekiq\ 6' || false"]
depends_on:
- redis