Merge pull request 'Enable Watchtower for all services' (#123) from watchtower into main

Reviewed-on: data.coop/ansible#123

roles/docker/defaults/main.yml

@@ -78,7 +78,7 @@ services:
     file: gitea.yml
     domain: "git.{{ base_domain }}"
     volume_folder: "{{ volume_root_folder }}/gitea"
-    version: 1.18.0
+    version: 1.18
     allowed_sender_domain: true
 
   passit:
@@ -119,7 +119,7 @@ services:
     file: hedgedoc.yml
     domain: "pad.{{ base_domain }}"
     volume_folder: "{{ volume_root_folder }}/hedgedoc"
-    version: 1.9.6
+    version: 1
     postgres_version: 10-alpine
 
   data_coop_website:

roles/docker/tasks/services/keycloak.yml

@@ -26,7 +26,16 @@
             - "keycloak"
             - "postfix"
             - "external_services"
-          command: "start --db=postgres --db-url=jdbc:postgresql://postgres:5432/keycloak --db-username=keycloak --db-password={{ postgres_passwords.keycloak }} --hostname={{ services.keycloak.domain }} --proxy=edge --https-port=8080 --http-relative-path=/auth"
+          command:
+            - "start"
+            - "--db=postgres"
+            - "--db-url=jdbc:postgresql://postgres:5432/keycloak"
+            - "--db-username=keycloak"
+            - "--db-password={{ postgres_passwords.keycloak }}"
+            - "--hostname={{ keycloak.domain }}"
+            - "--proxy=edge"
+            - "--https-port=8080"
+            - "--http-relative-path=/auth"
           environment:
             VIRTUAL_HOST: "{{ services.keycloak.domain }}"
             VIRTUAL_PORT: "8080"

roles/docker/tasks/services/membersystem.yml

@@ -33,8 +33,6 @@
             CSRF_TRUSTED_ORIGINS: "https://{{ services.membersystem.domain }}"
             DJANGO_ADMINS: "{{ services.membersystem.django_admins }}"
             DEFAULT_FROM_EMAIL: "noreply@{{ services.membersystem.domain }}"
-          labels:
-            com.centurylinklabs.watchtower.enable: "true"
 
         postgres:
           image: "postgres:{{ services.membersystem.postgres_version }}"

roles/docker/tasks/services/netdata.yml

@@ -21,7 +21,3 @@
       LETSENCRYPT_HOST: "{{ services.netdata.domain }}"
       LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
       PGID: "999"
-    labels:
-      com.centurylinklabs.watchtower.enable: "true"
-
-

roles/docker/tasks/services/pinafore.yml

@@ -12,5 +12,3 @@
       VIRTUAL_PORT: "4002"
       LETSENCRYPT_HOST: "{{ services.pinafore.domain }}"
       LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
-    labels:
-      com.centurylinklabs.watchtower.enable: "true"

roles/docker/tasks/services/rallly.yml

@@ -33,8 +33,6 @@
             interval: 5s
             timeout: 5s
             retries: 5
-          labels:
-            com.centurylinklabs.watchtower.enable: "true"
 
         rallly:
           image: "lukevella/rallly:{{ services.rallly.version }}"
@@ -53,8 +51,6 @@
             VIRTUAL_PORT: "3000"
             LETSENCRYPT_HOST: "{{ services.rallly.domain }}"
             LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
-          labels:
-            com.centurylinklabs.watchtower.enable: "true"
 
       networks:
         rallly_internal:

roles/docker/tasks/services/watchtower.yml

@@ -7,9 +7,8 @@
     restart_policy: unless-stopped
     networks:
       - name: external_services
-    volumes:
-      - /var/run/docker.sock:/var/run/docker.sock
-      - "{{ services.docker_registry.volume_folder }}/auth/config.json:/config.json"
     env:
-      WATCHTOWER_LABEL_ENABLE: "true"
       WATCHTOWER_POLL_INTERVAL: "60"
+    volumes:
+      - "/var/run/docker.sock:/var/run/docker.sock"
+      - "/root/.docker/config.json:/config.json:ro"

roles/docker/tasks/services/websites/2022.slides.data.coop.yml

@@ -17,6 +17,3 @@
       - NET_ADMIN
     devices:
       - "/dev/net/tun"
-    labels:
-      com.centurylinklabs.watchtower.enable: "true"
-

roles/docker/tasks/services/websites/cryptoaarhus.dk.yml

@@ -11,5 +11,3 @@
       VIRTUAL_HOST : "{{ services.cryptoaarhus_website.domains|join(',') }}"
       LETSENCRYPT_HOST: "{{ services.cryptoaarhus_website.domains|join(',') }}"
       LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
-    labels:
-      com.centurylinklabs.watchtower.enable: "true"

roles/docker/tasks/services/websites/cryptohagen.dk.yml

@@ -11,5 +11,3 @@
       VIRTUAL_HOST : "{{ services.cryptohagen_website.domains|join(',') }}"
       LETSENCRYPT_HOST: "{{ services.cryptohagen_website.domains|join(',') }}"
       LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
-    labels:
-      com.centurylinklabs.watchtower.enable: "true"

roles/docker/tasks/services/websites/data.coop.yml

@@ -21,5 +21,3 @@
       VIRTUAL_HOST : "{{ services.data_coop_website.domains|join(',') }}"
       LETSENCRYPT_HOST: "{{ services.data_coop_website.domains|join(',') }}"
       LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
-    labels:
-      com.centurylinklabs.watchtower.enable: "true"

roles/docker/tasks/services/websites/new.data.coop.yml

@@ -11,5 +11,3 @@
       VIRTUAL_HOST : "{{ services.new_data_coop_website.domain }}"
       LETSENCRYPT_HOST: "{{ services.new_data_coop_website.domain }}"
       LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
-    labels:
-      com.centurylinklabs.watchtower.enable: "true"

roles/docker/tasks/services/websites/ulovliglogning.dk.yml

@@ -11,5 +11,3 @@
       VIRTUAL_HOST: "{{ services.ulovliglogning_website.domains|join(',') }}"
       LETSENCRYPT_HOST: "{{ services.ulovliglogning_website.domains|join(',') }}"
       LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
-    labels:
-      com.centurylinklabs.watchtower.enable: "true"