From 0acc23bc3f3bced1109997ee9834c213ab941c63 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?V=C3=AD=C3=B0ir=20Valberg=20Gu=C3=B0mundsson?= Date: Sat, 19 Jan 2019 14:56:23 +0100 Subject: [PATCH] Adding letsencrypt to the nginx-proxy. Also added thelounge irc client. --- group_vars/all.yml | 2 +- playbook.yml | 9 ++-- roles/docker/files/composefiles/nextcloud.yml | 2 +- .../docker/files/composefiles/nginx-proxy.yml | 45 ++++++++++++++++--- roles/docker/files/composefiles/thelounge.yml | 23 ++++++++++ roles/docker/tasks/main.yml | 8 ++-- roles/docker/tasks/services.yml | 1 + roles/ubuntu_base/tasks/base.yml | 6 +-- 8 files changed, 78 insertions(+), 18 deletions(-) create mode 100644 roles/docker/files/composefiles/thelounge.yml diff --git a/group_vars/all.yml b/group_vars/all.yml index 1cfc6280..9edd0c2b 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -10,6 +10,6 @@ users: valberg: comment: Vidir Valberg Gudmundsson key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDUmGeHc6QXDcJHkmVxbTUv04Q3vs20avquoGr6eOkkvYbcgjuFnBOOtvs2Nul1odcvvnHa1nN7DfL8XJamiwsB1B/xe2seaNS1axgwk9XowlVN9pgga8gsC+4gZWBtSObG2GR8n4NtPENzPmW5deNn8dRpTvULPMxZ0VRE9yNQOx8v8w85yYh+vxbbkWGVDYJU23yuJI50U9y6bXxNHinsACDFBeR/giXDlw29TaOaSxz0R6zrRPBoX+V68RyWwBL+KWQKtX2ULtJI40S98Ohd6p41bIxYHCBS/zroqNne8PjYOLcHHsjHUGfTvhcS5a3zdz/iHsvsaOOjFjsydAXH valberg - password: $6$4.yieWiRAD$SSWS7pmagJk3OYaXDaQu7uQLp5pJuAyXRXpYQvE70LWx0nUX/Rx0pOjhgFDjhouJ4xBYohA441TKIOZ5PNBZ00 + password: $6$qt3G.E.CxhC$OwBDn4rZUbCz06HLEMBHjgvKjxiv/eeerbklTHi.gpHIn1OejzX3k2.0NM0Dforaw6Yn5Y8Cgn8kL2FdbQLZ3/ groups: - sudo diff --git a/playbook.yml b/playbook.yml index 91fbb76e..3d1ff8b1 100644 --- a/playbook.yml +++ b/playbook.yml @@ -6,9 +6,12 @@ # Services are the names of the compose files in docker/files/composefiles services: - nginx-proxy + - thelounge - gitea - nextcloud - roles: - - ubuntu_base - - docker + tasks: + - import_role: + name: ubuntu_base + - import_role: + name: docker diff --git a/roles/docker/files/composefiles/nextcloud.yml b/roles/docker/files/composefiles/nextcloud.yml index 6b211473..2a094d5e 100644 --- a/roles/docker/files/composefiles/nextcloud.yml +++ b/roles/docker/files/composefiles/nextcloud.yml @@ -35,4 +35,4 @@ volumes: networks: external_services: external: true - nextcloud: \ No newline at end of file + nextcloud: diff --git a/roles/docker/files/composefiles/nginx-proxy.yml b/roles/docker/files/composefiles/nginx-proxy.yml index b8355155..32b9db27 100644 --- a/roles/docker/files/composefiles/nginx-proxy.yml +++ b/roles/docker/files/composefiles/nginx-proxy.yml @@ -2,15 +2,48 @@ version: '3' services: + nginx-proxy: image: jwilder/nginx-proxy - ports: - - "80:80" - volumes: - - /var/run/docker.sock:/tmp/docker.sock:ro + container_name: nginx-proxy networks: - external_services - container_name: nginx-proxy + ports: + - "80:80" + - "443:443" + volumes: + - conf:/etc/nginx/conf.d + - vhost:/etc/nginx/vhost.d + - html:/usr/share/nginx/html + - dhparam:/etc/nginx/dhparam + - certs:/etc/nginx/certs:ro + - /var/run/docker.sock:/tmp/docker.sock:ro + restart: always + + + letsencrypt: + image: jrcs/letsencrypt-nginx-proxy-companion + container_name: nginx-proxy-le + depends_on: + - nginx-proxy + volumes: + - vhost:/etc/nginx/vhost.d + - html:/usr/share/nginx/html + - dhparam:/etc/nginx/dhparam:ro + - certs:/etc/nginx/certs + - /var/run/docker.sock:/var/run/docker.sock:ro + environment: + - NGINX_PROXY_CONTAINER=nginx-proxy + restart: always + +volumes: + conf: + vhost: + html: + dhparam: + certs: + networks: - external_services: + external_services: external: true + diff --git a/roles/docker/files/composefiles/thelounge.yml b/roles/docker/files/composefiles/thelounge.yml new file mode 100644 index 00000000..82385520 --- /dev/null +++ b/roles/docker/files/composefiles/thelounge.yml @@ -0,0 +1,23 @@ +version: '3' +services: + thelounge: + image: thelounge/lounge:latest + container_name: thelounge + restart: always + ports: + - "9000:9000" + volumes: + - thelounge:/home/lounge/data # bind lounge config from the host's file system + networks: + - external_services + environment: + - VIRTUAL_HOST=irc.kva.li + - LETSENCRYPT_HOST=irc.kva.li + - LETSENCRYPT_EMAIL=valberg@orn.li + +volumes: + thelounge: + +networks: + external_services: + external: true diff --git a/roles/docker/tasks/main.yml b/roles/docker/tasks/main.yml index ba626fc9..4d8f8638 100644 --- a/roles/docker/tasks/main.yml +++ b/roles/docker/tasks/main.yml @@ -19,10 +19,10 @@ - name: install docker python bindings pip: executable: "pip3" - name: "{{ item }}" + name: "docker-compose" state: present - with_items: - - docker-compose - name: setup services - include_tasks: services.yml + import_tasks: services.yml + tags: + - setup_services diff --git a/roles/docker/tasks/services.yml b/roles/docker/tasks/services.yml index b4334b62..642fc085 100644 --- a/roles/docker/tasks/services.yml +++ b/roles/docker/tasks/services.yml @@ -1,3 +1,4 @@ +--- - name: setup external services network docker_network: name: external_services diff --git a/roles/ubuntu_base/tasks/base.yml b/roles/ubuntu_base/tasks/base.yml index eddff22b..002a6f00 100644 --- a/roles/ubuntu_base/tasks/base.yml +++ b/roles/ubuntu_base/tasks/base.yml @@ -1,8 +1,8 @@ --- - name: Install necessary packages apt: - name: "{{ item }}" - state: present - with_items: + name: "{{ packages }}" + vars: + packages: - aptitude - python3-pip