home/shoarma
Archived
2
0
Fork 0
Code Issues 5 Pull requests Projects Releases Packages Wiki Activity

add hedgedoc stack

Browse source
This commit is contained in:
Pim Kunis 2023-05-02 17:46:56 +02:00
parent 90e07a9898
commit b6feaa023c
5 changed files with 89 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
ansible/inventory/host_vars/manager.yml
View file

@ -10,6 +10,8 @@ docker_node_labels:
radicale: "true" radicale: "true"
mastodon: "true" mastodon: "true"
freshrss: "true" freshrss: "true"
hedgedoc: "true"
overleaf: "true"
data_directories: data_directories:
- 'traefik' - 'traefik'

1
ansible/playbooks/stacks.yml
View file

@ -9,3 +9,4 @@
- {role: radicale, tags: radicale} - {role: radicale, tags: radicale}
- {role: mastodon, tags: mastodon} - {role: mastodon, tags: mastodon}
- {role: freshrss, tags: freshrss} - {role: freshrss, tags: freshrss}
- {role: hedgedoc, tags: hedgedoc}

61
ansible/roles/hedgedoc/docker-stack.yml.j2 Normal file
View file

@ -0,0 +1,61 @@
# vi: ft=yaml
version: '3'
networks:
traefik:
external: true
hedgedoc:
services:
hedgedoc-db:
image: postgres:13.4-alpine
environment:
- POSTGRES_USER=hedgedoc
- POSTGRES_PASSWORD=password
- POSTGRES_DB=hedgedoc
volumes:
- type: bind
source: /mnt/data/hedgedoc/database
target: /var/lib/postgresql/data
networks:
hedgedoc:
aliases:
- database
deploy:
placement:
constraints:
- "node.labels.hedgedoc == true"
hedgedoc-app:
image: quay.io/hedgedoc/hedgedoc:1.9.7
environment:
- CMD_DB_URL=postgres://hedgedoc:password@database:5432/hedgedoc
- CMD_DOMAIN=md.pim.kunis.nl
- CMD_PORT=3000
- CMD_URL_ADDPORT=false
- CMD_ALLOW_ANONYMOUS=true
- CMD_ALLOW_EMAIL_REGISTER=false
- CMD_PROTOCOL_USESSL=true
- CMD_SESSION_SECRET={{ session_secret }}
volumes:
- type: bind
source: /mnt/data/hedgedoc/uploads
target: /hedgedoc/public/uploads
depends_on:
- hedgedoc-db
networks:
- traefik
- hedgedoc
deploy:
placement:
constraints:
- "node.labels.hedgedoc == true"
labels:
- traefik.enable=true
- traefik.http.routers.hedgedoc.entrypoints=websecure
- traefik.http.routers.hedgedoc.rule=Host(`md.pim.kunis.nl`)
- traefik.http.routers.hedgedoc.tls=true
- traefik.http.routers.hedgedoc.tls.certresolver=letsencrypt
- traefik.http.routers.hedgedoc.service=hedgedoc
- traefik.http.services.hedgedoc.loadbalancer.server.port=3000
- traefik.docker.network=traefik

15
ansible/roles/hedgedoc/tasks/main.yml Normal file
View file

@ -0,0 +1,15 @@
- name: Create working directory
file:
path: /srv/hedgedoc
state: directory
- name: Copy Docker stack file
template:
src: "{{ role_path }}/docker-stack.yml.j2"
dest: /srv/hedgedoc/docker-stack.yml
- name: Deploy Docker stack
docker_stack:
name: hedgedoc
compose:
- /srv/hedgedoc/docker-stack.yml

10
ansible/roles/hedgedoc/vars/main.yml Normal file
View file

@ -0,0 +1,10 @@
session_secret: !vault |
$ANSIBLE_VAULT;1.1;AES256
30633835386265643561343033326536653166343630396139303137613138383233666565666330
3032613865333836656566626435383165396539323837350a376331306464643766373839386638
65653865343539633636323833343964636332636461386434386432306230343833343431363134
6563373138626637650a633932313862326231666330343662343765666166373961376237396434
33396131353830323063326266623862353731653665626466653335656434303033353333353164
61613535373037646565386131383631366338616565373261396136616433393462313537313861
35313661616365373231373963323865393635626132343138363230313431636333363130346239
32656335333635613736