From 90e07a98980b7fb6e74d43acbc47df25caef5390 Mon Sep 17 00:00:00 2001 From: Pim Kunis Date: Tue, 2 May 2023 17:25:42 +0200 Subject: [PATCH] add freshrss stack --- ansible/inventory/host_vars/manager.yml | 1 + ansible/playbooks/stacks.yml | 1 + ansible/roles/freshrss/docker-stack.yml.j2 | 39 ++++++++++++++++++++++ ansible/roles/freshrss/tasks/main.yml | 15 +++++++++ ansible/roles/freshrss/vars/main.yml | 8 +++++ 5 files changed, 64 insertions(+) create mode 100644 ansible/roles/freshrss/docker-stack.yml.j2 create mode 100644 ansible/roles/freshrss/tasks/main.yml create mode 100644 ansible/roles/freshrss/vars/main.yml diff --git a/ansible/inventory/host_vars/manager.yml b/ansible/inventory/host_vars/manager.yml index 267239e..3b5ad94 100644 --- a/ansible/inventory/host_vars/manager.yml +++ b/ansible/inventory/host_vars/manager.yml @@ -9,6 +9,7 @@ docker_node_labels: seafile: "true" radicale: "true" mastodon: "true" + freshrss: "true" data_directories: - 'traefik' diff --git a/ansible/playbooks/stacks.yml b/ansible/playbooks/stacks.yml index 5de5b05..19ff0d2 100644 --- a/ansible/playbooks/stacks.yml +++ b/ansible/playbooks/stacks.yml @@ -8,3 +8,4 @@ - {role: seafile, tags: seafile} - {role: radicale, tags: radicale} - {role: mastodon, tags: mastodon} + - {role: freshrss, tags: freshrss} diff --git a/ansible/roles/freshrss/docker-stack.yml.j2 b/ansible/roles/freshrss/docker-stack.yml.j2 new file mode 100644 index 0000000..43cbd85 --- /dev/null +++ b/ansible/roles/freshrss/docker-stack.yml.j2 @@ -0,0 +1,39 @@ +# vi: ft=yaml +version: "3" + +networks: + traefik: + external: true + +services: + freshrss: + image: freshrss/freshrss:edge + networks: + - traefik + volumes: + - type: bind + source: /mnt/data/freshrss/data + target: /var/www/FreshRSS/data + - type: bind + source: /mnt/data/freshrss/extensions + target: /var/www/FreshRSS/extensions + environment: + TZ: Europe/Amsterdam + CRON_MIN: '2,32' + ADMIN_EMAIL: pim@kunis.nl + ADMIN_PASSWORD: {{ admin_password }} + ADMIN_API_PASSWORD: {{ admin_password }} + PUBLISHED_PORT: 443 + deploy: + placement: + constraints: + - "node.labels.freshrss == true" + labels: + - traefik.enable=true + - traefik.http.routers.freshrss.entrypoints=websecure + - traefik.http.routers.freshrss.rule=Host(`rss.pim.kunis.nl`) + - traefik.http.routers.freshrss.tls=true + - traefik.http.routers.freshrss.tls.certresolver=letsencrypt + - traefik.http.routers.freshrss.service=freshrss + - traefik.http.services.freshrss.loadbalancer.server.port=80 + - traefik.docker.network=traefik diff --git a/ansible/roles/freshrss/tasks/main.yml b/ansible/roles/freshrss/tasks/main.yml new file mode 100644 index 0000000..3cde06f --- /dev/null +++ b/ansible/roles/freshrss/tasks/main.yml @@ -0,0 +1,15 @@ +- name: Create working directory + file: + path: /srv/freshrss + state: directory + +- name: Copy Docker stack file + template: + src: "{{ role_path }}/docker-stack.yml.j2" + dest: /srv/freshrss/docker-stack.yml + +- name: Deploy Docker stack + docker_stack: + name: freshrss + compose: + - /srv/freshrss/docker-stack.yml diff --git a/ansible/roles/freshrss/vars/main.yml b/ansible/roles/freshrss/vars/main.yml new file mode 100644 index 0000000..0a4891c --- /dev/null +++ b/ansible/roles/freshrss/vars/main.yml @@ -0,0 +1,8 @@ +admin_password: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 38363734333534376665616439306566613632303739373661333338356533653334323366326130 + 3031316133383432366639613565656134666338326639360a633263363066613964643665316334 + 63373830663239393137653131326630326465343333346430376536393162383836333130353562 + 3336306561636134650a646433633063316431643466326161303666313765323034343233646566 + 66613330616463346561343561616438643763643465373839303861356133313831303338356430 + 6634653635383833303265316662663631376163636134666565