move hedgedoc to nfs
fix database user passwords
This commit is contained in:
parent
932b930567
commit
aba119e127
4 changed files with 29 additions and 33 deletions
|
@ -14,6 +14,8 @@ nfs_shares:
|
|||
path: /mnt/data/pihole/data
|
||||
- name: pihole_dnsmasq
|
||||
path: /mnt/data/pihole/dnsmasq
|
||||
- name: hedgedoc_uploads
|
||||
path: /mnt/data/hedgedoc/uploads
|
||||
|
||||
database_passwords:
|
||||
nextcloud: !vault |
|
||||
|
@ -24,3 +26,11 @@ database_passwords:
|
|||
3466343563353162320a376437353933656166323364323166376663323531373338656563653463
|
||||
33346263626430616164613937363836343430383233393061643231346661656539623938333631
|
||||
3632373964346139316637663364646132636636373461613534
|
||||
hedgedoc: !vault |
|
||||
$ANSIBLE_VAULT;1.1;AES256
|
||||
63363464666633663762393135333362613966636338623533393132376338343339653431396465
|
||||
6634643863623163366235393434343662313735363438610a373065363361326565633766633835
|
||||
38383637343230363031636634623930666365333739323162313937656239646166613738393965
|
||||
3533666462303563360a313233306335396234393932396331313238376464363964363839396164
|
||||
66366662356135343035363935616664613831626131376330643133313530636431613266636165
|
||||
6265613666616164373637356235396165383662333561393939
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
- name: Create database user
|
||||
postgresql_user:
|
||||
name: swarm
|
||||
name: "{{ database_name }}"
|
||||
password: "{{ database_password }}"
|
||||
become: true
|
||||
become_user: postgres
|
||||
|
@ -8,7 +8,7 @@
|
|||
- name: Create database
|
||||
postgresql_db:
|
||||
name: "{{ database_name }}"
|
||||
owner: swarm
|
||||
owner: "{{ database_name }}"
|
||||
become: true
|
||||
become_user: postgres
|
||||
|
||||
|
@ -16,7 +16,7 @@
|
|||
postgresql_privs:
|
||||
type: database
|
||||
database: "{{ database_name }}"
|
||||
role: swarm
|
||||
role: "{{ database_name }}"
|
||||
grant_option: no
|
||||
privs: all
|
||||
become: true
|
||||
|
@ -28,7 +28,7 @@
|
|||
dest: /etc/postgresql/15/main/pg_hba.conf
|
||||
contype: host
|
||||
databases: "{{ database_name }}"
|
||||
users: swarm
|
||||
users: "{{ database_name }}"
|
||||
address: all
|
||||
create: true
|
||||
become: true
|
||||
|
|
|
@ -4,32 +4,19 @@ version: '3'
|
|||
networks:
|
||||
traefik:
|
||||
external: true
|
||||
hedgedoc:
|
||||
|
||||
volumes:
|
||||
uploads:
|
||||
driver_opts:
|
||||
type: "nfs"
|
||||
o: "addr=192.168.30.10,nolock,soft,rw"
|
||||
device: ":/mnt/data/hedgedoc/uploads"
|
||||
|
||||
services:
|
||||
hedgedoc-db:
|
||||
image: postgres:13.4-alpine
|
||||
environment:
|
||||
- POSTGRES_USER=hedgedoc
|
||||
- POSTGRES_PASSWORD=password
|
||||
- POSTGRES_DB=hedgedoc
|
||||
volumes:
|
||||
- type: bind
|
||||
source: /mnt/data/hedgedoc/database
|
||||
target: /var/lib/postgresql/data
|
||||
networks:
|
||||
hedgedoc:
|
||||
aliases:
|
||||
- database
|
||||
deploy:
|
||||
placement:
|
||||
constraints:
|
||||
- "node.labels.hedgedoc == true"
|
||||
|
||||
hedgedoc-app:
|
||||
image: quay.io/hedgedoc/hedgedoc:1.9.7
|
||||
environment:
|
||||
- CMD_DB_URL=postgres://hedgedoc:password@database:5432/hedgedoc
|
||||
- CMD_DB_URL=postgres://hedgedoc:{{ database_passwords.hedgedoc }}@192.168.30.10:5432/hedgedoc
|
||||
- CMD_DOMAIN=md.pim.kunis.nl
|
||||
- CMD_PORT=3000
|
||||
- CMD_URL_ADDPORT=false
|
||||
|
@ -38,18 +25,14 @@ services:
|
|||
- CMD_PROTOCOL_USESSL=true
|
||||
- CMD_SESSION_SECRET={{ session_secret }}
|
||||
volumes:
|
||||
- type: bind
|
||||
source: /mnt/data/hedgedoc/uploads
|
||||
- type: volume
|
||||
source: uploads
|
||||
target: /hedgedoc/public/uploads
|
||||
depends_on:
|
||||
- hedgedoc-db
|
||||
volume:
|
||||
nocopy: true
|
||||
networks:
|
||||
- traefik
|
||||
- hedgedoc
|
||||
deploy:
|
||||
placement:
|
||||
constraints:
|
||||
- "node.labels.hedgedoc == true"
|
||||
labels:
|
||||
- traefik.enable=true
|
||||
- traefik.http.routers.hedgedoc.entrypoints=websecure
|
||||
|
|
|
@ -1,3 +1,6 @@
|
|||
- name: asdfasdf
|
||||
debug:
|
||||
msg: "{{ lookup('template', '{{ role_path }}/docker-stack.yml.j2') | from_yaml }}"
|
||||
- name: Deploy Docker stack
|
||||
docker_stack:
|
||||
name: hedgedoc
|
||||
|
|
Reference in a new issue