Merge branch 'main' into removal/pinafore

This commit is contained in:
Sam A. 2023-01-22 19:28:08 +01:00
commit be450fc8b8
Signed by untrusted user: samsapti
GPG key ID: CBBBE7371E81C4EA
19 changed files with 61 additions and 59 deletions

View file

@ -44,6 +44,7 @@ services:
domain: sso.{{ base_domain }}
volume_folder: "{{ volume_root_folder }}/keycloak"
version: "20.0"
postgres_version: "10"
allowed_sender_domain: true
restic:
@ -69,13 +70,15 @@ services:
domain: "cloud.{{ base_domain }}"
volume_folder: "{{ volume_root_folder }}/nextcloud"
version: 25-apache
postgres_version: "10"
redis_version: 7-alpine
allowed_sender_domain: true
gitea:
file: gitea.yml
domain: "git.{{ base_domain }}"
volume_folder: "{{ volume_root_folder }}/gitea"
version: 1.18.0
version: 1.18
allowed_sender_domain: true
passit:
@ -83,6 +86,7 @@ services:
domain: "passit.{{ base_domain }}"
volume_folder: "{{ volume_root_folder }}/passit"
version: stable
postgres_version: 15-alpine
allowed_sender_domain: true
matrix:
@ -90,6 +94,7 @@ services:
domain: "matrix.{{ base_domain }}"
volume_folder: "{{ volume_root_folder }}/matrix"
version: v1.63.1
postgres_version: "10"
allowed_sender_domain: true
riot:
@ -114,13 +119,14 @@ services:
file: hedgedoc.yml
domain: "pad.{{ base_domain }}"
volume_folder: "{{ volume_root_folder }}/hedgedoc"
version: 1.9.6
version: 1.9.6-alpine
postgres_version: 10-alpine
data_coop_website:
file: websites/data.coop.yml
domains:
- "{{ base_domain }}"
- "www.{{ base_domain }}"
- "{{ base_domain }}"
- "www.{{ base_domain }}"
new_data_coop_website:
file: websites/new.data.coop.yml
@ -135,21 +141,21 @@ services:
cryptohagen_website:
file: websites/cryptohagen.dk.yml
domains:
- "cryptohagen.dk"
- "www.cryptohagen.dk"
- "cryptohagen.dk"
- "www.cryptohagen.dk"
ulovliglogning_website:
file: websites/ulovliglogning.dk.yml
domains:
- "ulovliglogning.dk"
- "www.ulovliglogning.dk"
- "ulovlig-logning.dk"
- "ulovliglogning.dk"
- "www.ulovliglogning.dk"
- "ulovlig-logning.dk"
cryptoaarhus_website:
file: websites/cryptoaarhus.dk.yml
domains:
- "cryptoaarhus.dk"
- "www.cryptoaarhus.dk"
- "cryptoaarhus.dk"
- "www.cryptoaarhus.dk"
drone:
file: drone.yml
@ -170,6 +176,8 @@ services:
domain: "social.{{ base_domain }}"
volume_folder: "{{ volume_root_folder }}/mastodon"
version: v4.0.2
postgres_version: 14-alpine
redis_version: 6-alpine
allowed_sender_domain: true
rallly:
@ -177,12 +185,15 @@ services:
domain: "when.{{ base_domain }}"
volume_folder: "{{ volume_root_folder }}/rallly"
version: e4482a1edb2fb56292d07ee8811a24f2a0d6b114
postgres_version: 14-alpine
allowed_sender_domain: true
membersystem:
file: membersystem.yml
domain: "member.{{ base_domain }}"
django_admins: "Vidir:valberg@orn.li"
version: latest
postgres_version: 13-alpine
allowed_sender_domain: true
watchtower:

View file

@ -9,7 +9,7 @@
services:
drone:
container_name: "drone"
image: drone/drone:1
image: "drone/drone:{{ services.drone.version }}"
restart: unless-stopped
networks:
- external_services
@ -49,4 +49,4 @@
drone:
external_services:
external:
name: external_services
name: external_services

View file

@ -23,7 +23,7 @@
definition:
services:
database:
image: "postgres:10-alpine"
image: "postgres:{{ services.hedgedoc.postgres_version }}"
environment:
POSTGRES_USER: "codimd"
POSTGRES_PASSWORD: "{{ postgres_passwords.hedgedoc }}"
@ -35,7 +35,7 @@
- "{{ services.hedgedoc.volume_folder }}/db:/var/lib/postgresql/data"
app:
image: quay.io/hedgedoc/hedgedoc:{{ services.hedgedoc.version }}
image: "quay.io/hedgedoc/hedgedoc:{{ services.hedgedoc.version }}"
environment:
CMD_DB_URL: "postgres://codimd:{{ postgres_passwords.hedgedoc }}@hedgedoc_database_1:5432/codimd"
CMD_DOMAIN: "{{ services.hedgedoc.domain }}"

View file

@ -7,9 +7,8 @@
definition:
version: "3.6"
services:
postgres:
image: "postgres:10"
image: "postgres:{{ services.keycloak.postgres_version }}"
restart: "unless-stopped"
networks:
- "keycloak"
@ -27,7 +26,16 @@
- "keycloak"
- "postfix"
- "external_services"
command: "start --db=postgres --db-url=jdbc:postgresql://postgres:5432/keycloak --db-username=keycloak --db-password={{ postgres_passwords.keycloak }} --hostname={{ services.keycloak.domain }} --proxy=edge --https-port=8080 --http-relative-path=/auth"
command:
- "start"
- "--db=postgres"
- "--db-url=jdbc:postgresql://postgres:5432/keycloak"
- "--db-username=keycloak"
- "--db-password={{ postgres_passwords.keycloak }}"
- "--hostname={{ services.keycloak.domain }}"
- "--proxy=edge"
- "--https-port=8080"
- "--http-relative-path=/auth"
environment:
VIRTUAL_HOST: "{{ services.keycloak.domain }}"
VIRTUAL_PORT: "8080"

View file

@ -57,7 +57,7 @@
services:
db:
restart: always
image: postgres:14-alpine
image: "postgres:{{ services.mastodon.postgres_version }}"
shm_size: 256mb
networks:
- internal_network
@ -72,7 +72,7 @@
redis:
restart: always
image: redis:6-alpine
image: "redis:{{ services.mastodon.redis_version }}"
networks:
- internal_network
healthcheck:

View file

@ -67,7 +67,7 @@
services:
matrix_db:
container_name: matrix_db
image: postgres:10
image: "postgres:{{ services.matrix.postgres_version }}"
restart: unless-stopped
networks:
- matrix
@ -79,7 +79,7 @@
matrix_app:
container_name: matrix
image: matrixdotorg/synapse:{{ services.matrix.version }}
image: "matrixdotorg/synapse:{{ services.matrix.version }}"
restart: unless-stopped
networks:
- matrix
@ -97,7 +97,7 @@
riot:
container_name: riot_app
image: avhost/docker-matrix-riot:{{ services.riot.version }}
image: "avhost/docker-matrix-riot:{{ services.riot.version }}"
restart: unless-stopped
networks:
- matrix

View file

@ -8,7 +8,7 @@
version: "3"
services:
backend:
image: docker.data.coop/membersystem:latest
image: "docker.data.coop/membersystem:{{ services.membersystem.version }}"
restart: always
user: $UID:$GID
tty: true
@ -33,11 +33,9 @@
CSRF_TRUSTED_ORIGINS: "https://{{ services.membersystem.domain }}"
DJANGO_ADMINS: "{{ services.membersystem.django_admins }}"
DEFAULT_FROM_EMAIL: "noreply@{{ services.membersystem.domain }}"
labels:
com.centurylinklabs.watchtower.enable: "true"
postgres:
image: postgres:13-alpine
image: "postgres:{{ services.membersystem.postgres_version }}"
restart: always
volumes:
- "{{ volume_root_folder }}/membersystem/postgres/data:/var/lib/postgresql/data"

View file

@ -21,7 +21,3 @@
LETSENCRYPT_HOST: "{{ services.netdata.domain }}"
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
PGID: "999"
labels:
com.centurylinklabs.watchtower.enable: "true"

View file

@ -13,7 +13,7 @@
definition:
services:
postgres:
image: "postgres:10"
image: "postgres:{{ services.nextcloud.postgres_version }}"
restart: "unless-stopped"
networks:
- "nextcloud"
@ -25,7 +25,7 @@
POSTGRES_USER: "nextcloud"
redis:
image: "redis:7-alpine"
image: "redis:{{ services.nextcloud.redis_version }}"
restart: "unless-stopped"
command: "redis-server --requirepass {{ nextcloud_secrets.redis_password }}"
tmpfs:

View file

@ -1,5 +1,12 @@
# vim: ft=yaml.ansible
---
- name: Create directory for Passit data
file:
name: "{{ services.passit.volume_folder }}/data"
owner: '70'
group: root
state: directory
- name: setup passit containers
docker_compose:
project_name: "passit"
@ -8,7 +15,7 @@
version: "3.6"
services:
passit_db:
image: "postgres:10"
image: "postgres:{{ services.passit.postgres_version }}"
restart: "always"
networks:
- "passit"
@ -19,7 +26,7 @@
POSTGRES_PASSWORD: "{{ postgres_passwords.passit }}"
passit_app:
image: "passit/passit:{{ services.passit.version }}"
image: "passit/passit@sha256:c4b96bc67222936f58f344d5dd1020227ad8e11ad5f82ed3cbf0bcfa8fe9b2e7" #:{{ services.passit.version }}"
command: "bin/start.sh"
restart: "always"
networks:

View file

@ -18,7 +18,7 @@
version: "3.8"
services:
rallly_db:
image: "postgres:14-alpine"
image: "postgres:{{ services.rallly.postgres_version }}"
restart: "always"
shm_size: "256mb"
networks:
@ -33,8 +33,6 @@
interval: 5s
timeout: 5s
retries: 5
labels:
com.centurylinklabs.watchtower.enable: "true"
rallly:
image: "lukevella/rallly:{{ services.rallly.version }}"
@ -53,8 +51,6 @@
VIRTUAL_PORT: "3000"
LETSENCRYPT_HOST: "{{ services.rallly.domain }}"
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
labels:
com.centurylinklabs.watchtower.enable: "true"
networks:
rallly_internal:

View file

@ -11,7 +11,7 @@
image: mazzolino/restic:{{ services.restic.version }}
restart: always
environment:
RUN_ON_STARTUP: "true"
RUN_ON_STARTUP: "false"
BACKUP_CRON: "0 30 3 * * *"
RESTIC_REPOSITORY: "rest:https://{{ services.restic.user }}:{{ restic_secrets.user_password }}@{{ services.restic.domain }}/{{ services.restic.repository }}"
RESTIC_PASSWORD: "{{ restic_secrets.repository_password }}"
@ -32,7 +32,7 @@
restic-prune:
image: "mazzolino/restic:{{ services.restic.version }}"
environment:
RUN_ON_STARTUP: "true"
RUN_ON_STARTUP: "false"
PRUNE_CRON: "0 0 4 * * *"
RESTIC_REPOSITORY: "rest:https://{{ services.restic.user }}:{{ restic_secrets.user_password }}@{{ services.restic.domain }}/{{ services.restic.repository }}"
RESTIC_PASSWORD: "{{ restic_secrets.repository_password }}"

View file

@ -7,9 +7,8 @@
restart_policy: unless-stopped
networks:
- name: external_services
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- "{{ services.docker_registry.volume_folder }}/auth/config.json:/config.json"
env:
WATCHTOWER_LABEL_ENABLE: "true"
WATCHTOWER_POLL_INTERVAL: "60"
volumes:
- "/var/run/docker.sock:/var/run/docker.sock"
- "/root/.docker/config.json:/config.json:ro"

View file

@ -17,6 +17,3 @@
- NET_ADMIN
devices:
- "/dev/net/tun"
labels:
com.centurylinklabs.watchtower.enable: "true"

View file

@ -11,5 +11,3 @@
VIRTUAL_HOST : "{{ services.cryptoaarhus_website.domains|join(',') }}"
LETSENCRYPT_HOST: "{{ services.cryptoaarhus_website.domains|join(',') }}"
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
labels:
com.centurylinklabs.watchtower.enable: "true"

View file

@ -11,5 +11,3 @@
VIRTUAL_HOST : "{{ services.cryptohagen_website.domains|join(',') }}"
LETSENCRYPT_HOST: "{{ services.cryptohagen_website.domains|join(',') }}"
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
labels:
com.centurylinklabs.watchtower.enable: "true"

View file

@ -21,5 +21,3 @@
VIRTUAL_HOST : "{{ services.data_coop_website.domains|join(',') }}"
LETSENCRYPT_HOST: "{{ services.data_coop_website.domains|join(',') }}"
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
labels:
com.centurylinklabs.watchtower.enable: "true"

View file

@ -11,5 +11,3 @@
VIRTUAL_HOST : "{{ services.new_data_coop_website.domain }}"
LETSENCRYPT_HOST: "{{ services.new_data_coop_website.domain }}"
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
labels:
com.centurylinklabs.watchtower.enable: "true"

View file

@ -11,5 +11,3 @@
VIRTUAL_HOST: "{{ services.ulovliglogning_website.domains|join(',') }}"
LETSENCRYPT_HOST: "{{ services.ulovliglogning_website.domains|join(',') }}"
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
labels:
com.centurylinklabs.watchtower.enable: "true"