forked from data.coop/ansible
Merge branch 'main' into removal/pinafore
This commit is contained in:
commit
be450fc8b8
roles/docker
defaults
tasks/services
|
@ -44,6 +44,7 @@ services:
|
|||
domain: sso.{{ base_domain }}
|
||||
volume_folder: "{{ volume_root_folder }}/keycloak"
|
||||
version: "20.0"
|
||||
postgres_version: "10"
|
||||
allowed_sender_domain: true
|
||||
|
||||
restic:
|
||||
|
@ -69,13 +70,15 @@ services:
|
|||
domain: "cloud.{{ base_domain }}"
|
||||
volume_folder: "{{ volume_root_folder }}/nextcloud"
|
||||
version: 25-apache
|
||||
postgres_version: "10"
|
||||
redis_version: 7-alpine
|
||||
allowed_sender_domain: true
|
||||
|
||||
gitea:
|
||||
file: gitea.yml
|
||||
domain: "git.{{ base_domain }}"
|
||||
volume_folder: "{{ volume_root_folder }}/gitea"
|
||||
version: 1.18.0
|
||||
version: 1.18
|
||||
allowed_sender_domain: true
|
||||
|
||||
passit:
|
||||
|
@ -83,6 +86,7 @@ services:
|
|||
domain: "passit.{{ base_domain }}"
|
||||
volume_folder: "{{ volume_root_folder }}/passit"
|
||||
version: stable
|
||||
postgres_version: 15-alpine
|
||||
allowed_sender_domain: true
|
||||
|
||||
matrix:
|
||||
|
@ -90,6 +94,7 @@ services:
|
|||
domain: "matrix.{{ base_domain }}"
|
||||
volume_folder: "{{ volume_root_folder }}/matrix"
|
||||
version: v1.63.1
|
||||
postgres_version: "10"
|
||||
allowed_sender_domain: true
|
||||
|
||||
riot:
|
||||
|
@ -114,7 +119,8 @@ services:
|
|||
file: hedgedoc.yml
|
||||
domain: "pad.{{ base_domain }}"
|
||||
volume_folder: "{{ volume_root_folder }}/hedgedoc"
|
||||
version: 1.9.6
|
||||
version: 1.9.6-alpine
|
||||
postgres_version: 10-alpine
|
||||
|
||||
data_coop_website:
|
||||
file: websites/data.coop.yml
|
||||
|
@ -170,6 +176,8 @@ services:
|
|||
domain: "social.{{ base_domain }}"
|
||||
volume_folder: "{{ volume_root_folder }}/mastodon"
|
||||
version: v4.0.2
|
||||
postgres_version: 14-alpine
|
||||
redis_version: 6-alpine
|
||||
allowed_sender_domain: true
|
||||
|
||||
rallly:
|
||||
|
@ -177,12 +185,15 @@ services:
|
|||
domain: "when.{{ base_domain }}"
|
||||
volume_folder: "{{ volume_root_folder }}/rallly"
|
||||
version: e4482a1edb2fb56292d07ee8811a24f2a0d6b114
|
||||
postgres_version: 14-alpine
|
||||
allowed_sender_domain: true
|
||||
|
||||
membersystem:
|
||||
file: membersystem.yml
|
||||
domain: "member.{{ base_domain }}"
|
||||
django_admins: "Vidir:valberg@orn.li"
|
||||
version: latest
|
||||
postgres_version: 13-alpine
|
||||
allowed_sender_domain: true
|
||||
|
||||
watchtower:
|
||||
|
|
|
@ -9,7 +9,7 @@
|
|||
services:
|
||||
drone:
|
||||
container_name: "drone"
|
||||
image: drone/drone:1
|
||||
image: "drone/drone:{{ services.drone.version }}"
|
||||
restart: unless-stopped
|
||||
networks:
|
||||
- external_services
|
||||
|
|
|
@ -23,7 +23,7 @@
|
|||
definition:
|
||||
services:
|
||||
database:
|
||||
image: "postgres:10-alpine"
|
||||
image: "postgres:{{ services.hedgedoc.postgres_version }}"
|
||||
environment:
|
||||
POSTGRES_USER: "codimd"
|
||||
POSTGRES_PASSWORD: "{{ postgres_passwords.hedgedoc }}"
|
||||
|
@ -35,7 +35,7 @@
|
|||
- "{{ services.hedgedoc.volume_folder }}/db:/var/lib/postgresql/data"
|
||||
|
||||
app:
|
||||
image: quay.io/hedgedoc/hedgedoc:{{ services.hedgedoc.version }}
|
||||
image: "quay.io/hedgedoc/hedgedoc:{{ services.hedgedoc.version }}"
|
||||
environment:
|
||||
CMD_DB_URL: "postgres://codimd:{{ postgres_passwords.hedgedoc }}@hedgedoc_database_1:5432/codimd"
|
||||
CMD_DOMAIN: "{{ services.hedgedoc.domain }}"
|
||||
|
|
|
@ -7,9 +7,8 @@
|
|||
definition:
|
||||
version: "3.6"
|
||||
services:
|
||||
|
||||
postgres:
|
||||
image: "postgres:10"
|
||||
image: "postgres:{{ services.keycloak.postgres_version }}"
|
||||
restart: "unless-stopped"
|
||||
networks:
|
||||
- "keycloak"
|
||||
|
@ -27,7 +26,16 @@
|
|||
- "keycloak"
|
||||
- "postfix"
|
||||
- "external_services"
|
||||
command: "start --db=postgres --db-url=jdbc:postgresql://postgres:5432/keycloak --db-username=keycloak --db-password={{ postgres_passwords.keycloak }} --hostname={{ services.keycloak.domain }} --proxy=edge --https-port=8080 --http-relative-path=/auth"
|
||||
command:
|
||||
- "start"
|
||||
- "--db=postgres"
|
||||
- "--db-url=jdbc:postgresql://postgres:5432/keycloak"
|
||||
- "--db-username=keycloak"
|
||||
- "--db-password={{ postgres_passwords.keycloak }}"
|
||||
- "--hostname={{ services.keycloak.domain }}"
|
||||
- "--proxy=edge"
|
||||
- "--https-port=8080"
|
||||
- "--http-relative-path=/auth"
|
||||
environment:
|
||||
VIRTUAL_HOST: "{{ services.keycloak.domain }}"
|
||||
VIRTUAL_PORT: "8080"
|
||||
|
|
|
@ -57,7 +57,7 @@
|
|||
services:
|
||||
db:
|
||||
restart: always
|
||||
image: postgres:14-alpine
|
||||
image: "postgres:{{ services.mastodon.postgres_version }}"
|
||||
shm_size: 256mb
|
||||
networks:
|
||||
- internal_network
|
||||
|
@ -72,7 +72,7 @@
|
|||
|
||||
redis:
|
||||
restart: always
|
||||
image: redis:6-alpine
|
||||
image: "redis:{{ services.mastodon.redis_version }}"
|
||||
networks:
|
||||
- internal_network
|
||||
healthcheck:
|
||||
|
|
|
@ -67,7 +67,7 @@
|
|||
services:
|
||||
matrix_db:
|
||||
container_name: matrix_db
|
||||
image: postgres:10
|
||||
image: "postgres:{{ services.matrix.postgres_version }}"
|
||||
restart: unless-stopped
|
||||
networks:
|
||||
- matrix
|
||||
|
@ -79,7 +79,7 @@
|
|||
|
||||
matrix_app:
|
||||
container_name: matrix
|
||||
image: matrixdotorg/synapse:{{ services.matrix.version }}
|
||||
image: "matrixdotorg/synapse:{{ services.matrix.version }}"
|
||||
restart: unless-stopped
|
||||
networks:
|
||||
- matrix
|
||||
|
@ -97,7 +97,7 @@
|
|||
|
||||
riot:
|
||||
container_name: riot_app
|
||||
image: avhost/docker-matrix-riot:{{ services.riot.version }}
|
||||
image: "avhost/docker-matrix-riot:{{ services.riot.version }}"
|
||||
restart: unless-stopped
|
||||
networks:
|
||||
- matrix
|
||||
|
|
|
@ -8,7 +8,7 @@
|
|||
version: "3"
|
||||
services:
|
||||
backend:
|
||||
image: docker.data.coop/membersystem:latest
|
||||
image: "docker.data.coop/membersystem:{{ services.membersystem.version }}"
|
||||
restart: always
|
||||
user: $UID:$GID
|
||||
tty: true
|
||||
|
@ -33,11 +33,9 @@
|
|||
CSRF_TRUSTED_ORIGINS: "https://{{ services.membersystem.domain }}"
|
||||
DJANGO_ADMINS: "{{ services.membersystem.django_admins }}"
|
||||
DEFAULT_FROM_EMAIL: "noreply@{{ services.membersystem.domain }}"
|
||||
labels:
|
||||
com.centurylinklabs.watchtower.enable: "true"
|
||||
|
||||
postgres:
|
||||
image: postgres:13-alpine
|
||||
image: "postgres:{{ services.membersystem.postgres_version }}"
|
||||
restart: always
|
||||
volumes:
|
||||
- "{{ volume_root_folder }}/membersystem/postgres/data:/var/lib/postgresql/data"
|
||||
|
|
|
@ -21,7 +21,3 @@
|
|||
LETSENCRYPT_HOST: "{{ services.netdata.domain }}"
|
||||
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
|
||||
PGID: "999"
|
||||
labels:
|
||||
com.centurylinklabs.watchtower.enable: "true"
|
||||
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@
|
|||
definition:
|
||||
services:
|
||||
postgres:
|
||||
image: "postgres:10"
|
||||
image: "postgres:{{ services.nextcloud.postgres_version }}"
|
||||
restart: "unless-stopped"
|
||||
networks:
|
||||
- "nextcloud"
|
||||
|
@ -25,7 +25,7 @@
|
|||
POSTGRES_USER: "nextcloud"
|
||||
|
||||
redis:
|
||||
image: "redis:7-alpine"
|
||||
image: "redis:{{ services.nextcloud.redis_version }}"
|
||||
restart: "unless-stopped"
|
||||
command: "redis-server --requirepass {{ nextcloud_secrets.redis_password }}"
|
||||
tmpfs:
|
||||
|
|
|
@ -1,5 +1,12 @@
|
|||
# vim: ft=yaml.ansible
|
||||
---
|
||||
- name: Create directory for Passit data
|
||||
file:
|
||||
name: "{{ services.passit.volume_folder }}/data"
|
||||
owner: '70'
|
||||
group: root
|
||||
state: directory
|
||||
|
||||
- name: setup passit containers
|
||||
docker_compose:
|
||||
project_name: "passit"
|
||||
|
@ -8,7 +15,7 @@
|
|||
version: "3.6"
|
||||
services:
|
||||
passit_db:
|
||||
image: "postgres:10"
|
||||
image: "postgres:{{ services.passit.postgres_version }}"
|
||||
restart: "always"
|
||||
networks:
|
||||
- "passit"
|
||||
|
@ -19,7 +26,7 @@
|
|||
POSTGRES_PASSWORD: "{{ postgres_passwords.passit }}"
|
||||
|
||||
passit_app:
|
||||
image: "passit/passit:{{ services.passit.version }}"
|
||||
image: "passit/passit@sha256:c4b96bc67222936f58f344d5dd1020227ad8e11ad5f82ed3cbf0bcfa8fe9b2e7" #:{{ services.passit.version }}"
|
||||
command: "bin/start.sh"
|
||||
restart: "always"
|
||||
networks:
|
||||
|
|
|
@ -18,7 +18,7 @@
|
|||
version: "3.8"
|
||||
services:
|
||||
rallly_db:
|
||||
image: "postgres:14-alpine"
|
||||
image: "postgres:{{ services.rallly.postgres_version }}"
|
||||
restart: "always"
|
||||
shm_size: "256mb"
|
||||
networks:
|
||||
|
@ -33,8 +33,6 @@
|
|||
interval: 5s
|
||||
timeout: 5s
|
||||
retries: 5
|
||||
labels:
|
||||
com.centurylinklabs.watchtower.enable: "true"
|
||||
|
||||
rallly:
|
||||
image: "lukevella/rallly:{{ services.rallly.version }}"
|
||||
|
@ -53,8 +51,6 @@
|
|||
VIRTUAL_PORT: "3000"
|
||||
LETSENCRYPT_HOST: "{{ services.rallly.domain }}"
|
||||
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
|
||||
labels:
|
||||
com.centurylinklabs.watchtower.enable: "true"
|
||||
|
||||
networks:
|
||||
rallly_internal:
|
||||
|
|
|
@ -11,7 +11,7 @@
|
|||
image: mazzolino/restic:{{ services.restic.version }}
|
||||
restart: always
|
||||
environment:
|
||||
RUN_ON_STARTUP: "true"
|
||||
RUN_ON_STARTUP: "false"
|
||||
BACKUP_CRON: "0 30 3 * * *"
|
||||
RESTIC_REPOSITORY: "rest:https://{{ services.restic.user }}:{{ restic_secrets.user_password }}@{{ services.restic.domain }}/{{ services.restic.repository }}"
|
||||
RESTIC_PASSWORD: "{{ restic_secrets.repository_password }}"
|
||||
|
@ -32,7 +32,7 @@
|
|||
restic-prune:
|
||||
image: "mazzolino/restic:{{ services.restic.version }}"
|
||||
environment:
|
||||
RUN_ON_STARTUP: "true"
|
||||
RUN_ON_STARTUP: "false"
|
||||
PRUNE_CRON: "0 0 4 * * *"
|
||||
RESTIC_REPOSITORY: "rest:https://{{ services.restic.user }}:{{ restic_secrets.user_password }}@{{ services.restic.domain }}/{{ services.restic.repository }}"
|
||||
RESTIC_PASSWORD: "{{ restic_secrets.repository_password }}"
|
||||
|
|
|
@ -7,9 +7,8 @@
|
|||
restart_policy: unless-stopped
|
||||
networks:
|
||||
- name: external_services
|
||||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock
|
||||
- "{{ services.docker_registry.volume_folder }}/auth/config.json:/config.json"
|
||||
env:
|
||||
WATCHTOWER_LABEL_ENABLE: "true"
|
||||
WATCHTOWER_POLL_INTERVAL: "60"
|
||||
volumes:
|
||||
- "/var/run/docker.sock:/var/run/docker.sock"
|
||||
- "/root/.docker/config.json:/config.json:ro"
|
||||
|
|
|
@ -17,6 +17,3 @@
|
|||
- NET_ADMIN
|
||||
devices:
|
||||
- "/dev/net/tun"
|
||||
labels:
|
||||
com.centurylinklabs.watchtower.enable: "true"
|
||||
|
||||
|
|
|
@ -11,5 +11,3 @@
|
|||
VIRTUAL_HOST : "{{ services.cryptoaarhus_website.domains|join(',') }}"
|
||||
LETSENCRYPT_HOST: "{{ services.cryptoaarhus_website.domains|join(',') }}"
|
||||
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
|
||||
labels:
|
||||
com.centurylinklabs.watchtower.enable: "true"
|
||||
|
|
|
@ -11,5 +11,3 @@
|
|||
VIRTUAL_HOST : "{{ services.cryptohagen_website.domains|join(',') }}"
|
||||
LETSENCRYPT_HOST: "{{ services.cryptohagen_website.domains|join(',') }}"
|
||||
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
|
||||
labels:
|
||||
com.centurylinklabs.watchtower.enable: "true"
|
||||
|
|
|
@ -21,5 +21,3 @@
|
|||
VIRTUAL_HOST : "{{ services.data_coop_website.domains|join(',') }}"
|
||||
LETSENCRYPT_HOST: "{{ services.data_coop_website.domains|join(',') }}"
|
||||
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
|
||||
labels:
|
||||
com.centurylinklabs.watchtower.enable: "true"
|
||||
|
|
|
@ -11,5 +11,3 @@
|
|||
VIRTUAL_HOST : "{{ services.new_data_coop_website.domain }}"
|
||||
LETSENCRYPT_HOST: "{{ services.new_data_coop_website.domain }}"
|
||||
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
|
||||
labels:
|
||||
com.centurylinklabs.watchtower.enable: "true"
|
||||
|
|
|
@ -11,5 +11,3 @@
|
|||
VIRTUAL_HOST: "{{ services.ulovliglogning_website.domains|join(',') }}"
|
||||
LETSENCRYPT_HOST: "{{ services.ulovliglogning_website.domains|join(',') }}"
|
||||
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
|
||||
labels:
|
||||
com.centurylinklabs.watchtower.enable: "true"
|
||||
|
|
Loading…
Reference in a new issue