manage lewis with nix

move docker swarm ansible to this repo
move thecloud ansible to this repo
support data disks in terraform

legacy/projects/docker_swarm/ansible/roles/seafile/docker-stack.yml.j2

@@ -0,0 +1,73 @@
+# vi: ft=yaml
+version: '3' 
+
+networks:
+  traefik:
+    external: true
+  seafile:
+
+volumes:
+  data:
+    driver_opts:
+      type: "nfs"
+      o: "addr=192.168.30.10,nolock,soft,rw"
+      device: ":/mnt/data/seafile/data"
+  db:
+    driver_opts:
+      type: "nfs"
+      o: "addr=192.168.30.10,nolock,soft,rw"
+      device: ":/mnt/data/seafile/db"
+
+services: 
+  db:
+    image: mariadb:10.5 
+    environment: 
+      - MYSQL_ROOT_PASSWORD={{ db_root_passwd }}
+      - MYSQL_LOG_CONSOLE=true 
+    volumes: 
+      - type: volume
+        source: db
+        target: /var/lib/mysql
+        volume:
+          nocopy: true
+    networks: 
+      - seafile
+ 
+  memcached: 
+    image: memcached:1.6 
+    entrypoint: memcached -m 256 
+    networks: 
+      - seafile
+           
+  seafile: 
+    image: seafileltd/seafile-mc:9.0.10 
+    volumes: 
+      - type: volume
+        source: data
+        target: /shared
+        volume:
+          nocopy: true
+    environment: 
+      - DB_HOST=db
+      - DB_ROOT_PASSWD={{ db_root_passwd }}
+      - TIME_ZONE=Europe/Amsterdam 
+      - SEAFILE_ADMIN_EMAIL={{ seafile_admin_email }}
+      - SEAFILE_ADMIN_PASSWORD={{ seafile_admin_password }}
+      - SEAFILE_SERVER_LETSENCRYPT=false
+      - SEAFILE_SERVER_HOSTNAME={{ seafile_domain }}
+    deploy:
+      labels:
+        - traefik.enable=true
+        - traefik.http.routers.seafile.entrypoints=websecure
+        - traefik.http.routers.seafile.rule=Host(`{{ seafile_domain }}`)
+        - traefik.http.routers.seafile.tls=true
+        - traefik.http.routers.seafile.tls.certresolver=letsencrypt
+        - traefik.http.services.seafile.loadbalancer.server.port=80
+        - traefik.http.routers.seafile.service=seafile
+        - traefik.docker.network=traefik
+    depends_on: 
+      - db 
+      - memcached 
+    networks: 
+      - traefik
+      - seafile

legacy/projects/docker_swarm/ansible/roles/seafile/tasks/main.yml

@@ -0,0 +1,5 @@
+- name: Deploy Docker stack
+  docker_stack:
+    name: seafile
+    compose:
+      - "{{ lookup('template', '{{ role_path }}/docker-stack.yml.j2') | from_yaml }}"

legacy/projects/docker_swarm/ansible/roles/seafile/vars/main.yml

@@ -0,0 +1,18 @@
+db_root_passwd: !vault |
+  $ANSIBLE_VAULT;1.1;AES256
+  62376163363033396161363264613836623734623835316439666331356464636633393237313236
+  3731383961393939366165393537663435356166643966650a353132616166353630333733636639
+  63616163346566336461313264326562393964643661613831316233326165623463613865636637
+  6363363331333430320a366661356232393036383765353066623334656133313661636130666238
+  32336561323431303730373262343534326539383932613533623232376330646230363363636135
+  3266336663623037663838643936366437663831356634333930
+seafile_admin_email: niels@kunis.nl
+seafile_admin_password: !vault |
+  $ANSIBLE_VAULT;1.1;AES256
+  34366163396632343065636232363435633039373236363461383563363162626561653763383438
+  3263393539663030363532353238633262616339343436370a613631323064303637623266653832
+  64323834356664316265376132633863666136316239623862643962366637306238343933386134
+  6237396238383232360a386637303639646136653134643737393735383661626539386134643333
+  35313536323963303734353338636162666236343430623062373464653531353230366238326231
+  6661363038393534373861643261383561386536613337396539
+seafile_domain: files.geokunis2.nl