WIP.
This commit is contained in:
parent
c57becfa03
commit
9e101bff21
25
playbook.yml
25
playbook.yml
|
@ -10,31 +10,6 @@
|
||||||
vagrant: "{{ ansible_virtualization_role == 'guest' }}"
|
vagrant: "{{ ansible_virtualization_role == 'guest' }}"
|
||||||
letsencrypt_enabled: "{{ not vagrant }}"
|
letsencrypt_enabled: "{{ not vagrant }}"
|
||||||
|
|
||||||
services:
|
|
||||||
- nginx-proxy
|
|
||||||
- postfix
|
|
||||||
- openldap
|
|
||||||
- keycloak
|
|
||||||
- restic-backup
|
|
||||||
- nextcloud
|
|
||||||
- passit
|
|
||||||
- gitea
|
|
||||||
- matrix_riot
|
|
||||||
- privatebin
|
|
||||||
- codimd
|
|
||||||
- hedgedoc
|
|
||||||
- netdata
|
|
||||||
- docker_registry
|
|
||||||
- drone
|
|
||||||
- websites
|
|
||||||
- ulovliglogning-dk
|
|
||||||
- watchtower
|
|
||||||
- mailu
|
|
||||||
- portainer
|
|
||||||
- mastodon
|
|
||||||
- rallly
|
|
||||||
- membersystem
|
|
||||||
|
|
||||||
smtp_host: "postfix"
|
smtp_host: "postfix"
|
||||||
smtp_port: "587"
|
smtp_port: "587"
|
||||||
|
|
||||||
|
|
|
@ -6,6 +6,7 @@ services:
|
||||||
### Internal services ###
|
### Internal services ###
|
||||||
|
|
||||||
nginx_proxy:
|
nginx_proxy:
|
||||||
|
file: nginx_proxy.yml
|
||||||
version: "1.0-alpine"
|
version: "1.0-alpine"
|
||||||
volume_folder: "{{ volume_root_folder }}/nginx"
|
volume_folder: "{{ volume_root_folder }}/nginx"
|
||||||
|
|
||||||
|
@ -13,6 +14,7 @@ services:
|
||||||
version: "2.2"
|
version: "2.2"
|
||||||
|
|
||||||
openldap:
|
openldap:
|
||||||
|
file: openldap.yml
|
||||||
domain: "ldap.{{ base_domain }}"
|
domain: "ldap.{{ base_domain }}"
|
||||||
volume_folder: "{{ volume_root_folder }}/openldap"
|
volume_folder: "{{ volume_root_folder }}/openldap"
|
||||||
version: "1.5.0"
|
version: "1.5.0"
|
||||||
|
@ -21,36 +23,35 @@ services:
|
||||||
version: "0.9.0"
|
version: "0.9.0"
|
||||||
|
|
||||||
netdata:
|
netdata:
|
||||||
|
file: netdata.yml
|
||||||
domain: "netdata.{{ base_domain }}"
|
domain: "netdata.{{ base_domain }}"
|
||||||
version: "v1"
|
version: "v1"
|
||||||
|
|
||||||
portainer:
|
portainer:
|
||||||
|
file: portainer.yml
|
||||||
domain: "portainer.{{ base_domain }}"
|
domain: "portainer.{{ base_domain }}"
|
||||||
volume_folder: "{{ volume_root_folder }}/portainer"
|
volume_folder: "{{ volume_root_folder }}/portainer"
|
||||||
version: "2.16.2"
|
version: "2.16.2"
|
||||||
|
|
||||||
keycloak:
|
keycloak:
|
||||||
|
file: keycloak.yml
|
||||||
domain: sso.{{ base_domain }}
|
domain: sso.{{ base_domain }}
|
||||||
volume_folder: "{{ volume_root_folder }}/keycloak"
|
volume_folder: "{{ volume_root_folder }}/keycloak"
|
||||||
version: "20.0"
|
version: "20.0"
|
||||||
|
|
||||||
postfix:
|
postfix:
|
||||||
|
file: postfix.yml
|
||||||
version: "v3.5.0"
|
version: "v3.5.0"
|
||||||
allowed_sender_domains:
|
|
||||||
- "services.{{ base_domain }}"
|
|
||||||
- "{{ passit.domain }}"
|
|
||||||
- "{{ gitea.domain }}"
|
|
||||||
- "{{ mastodon.domain }}"
|
|
||||||
- "{{ rallly.domain }}"
|
|
||||||
- "{{ membersystem.domain }}"
|
|
||||||
|
|
||||||
restic:
|
restic:
|
||||||
|
file: restic_backup.yml
|
||||||
user: "datacoop"
|
user: "datacoop"
|
||||||
domain: "restic.cannedtuna.org"
|
domain: "restic.cannedtuna.org"
|
||||||
repository: "datacoop-hevonen"
|
repository: "datacoop-hevonen"
|
||||||
version: "1.6.0"
|
version: "1.6.0"
|
||||||
|
|
||||||
docker_registry:
|
docker_registry:
|
||||||
|
file: docker_registry.yml
|
||||||
domain: "docker.{{ base_domain }}"
|
domain: "docker.{{ base_domain }}"
|
||||||
volume_folder: "{{ volume_root_folder }}/docker-registry"
|
volume_folder: "{{ volume_root_folder }}/docker-registry"
|
||||||
username: "docker"
|
username: "docker"
|
||||||
|
@ -60,21 +61,25 @@ services:
|
||||||
### External services ###
|
### External services ###
|
||||||
|
|
||||||
nextcloud:
|
nextcloud:
|
||||||
|
file: nextcloud.yml
|
||||||
domain: "cloud.{{ base_domain }}"
|
domain: "cloud.{{ base_domain }}"
|
||||||
volume_folder: "{{ volume_root_folder }}/nextcloud"
|
volume_folder: "{{ volume_root_folder }}/nextcloud"
|
||||||
version: 25-apache
|
version: 25-apache
|
||||||
|
|
||||||
gitea:
|
gitea:
|
||||||
|
file: gitea.yml
|
||||||
domain: "git.{{ base_domain }}"
|
domain: "git.{{ base_domain }}"
|
||||||
volume_folder: "{{ volume_root_folder }}/gitea"
|
volume_folder: "{{ volume_root_folder }}/gitea"
|
||||||
version: 1.17.3
|
version: 1.17.3
|
||||||
|
|
||||||
passit:
|
passit:
|
||||||
|
file: passit.yml
|
||||||
domain: "passit.{{ base_domain }}"
|
domain: "passit.{{ base_domain }}"
|
||||||
volume_folder: "{{ volume_root_folder }}/passit"
|
volume_folder: "{{ volume_root_folder }}/passit"
|
||||||
version: stable
|
version: stable
|
||||||
|
|
||||||
matrix:
|
matrix:
|
||||||
|
file: matrix_riot.yml
|
||||||
domain: "matrix.{{ base_domain }}"
|
domain: "matrix.{{ base_domain }}"
|
||||||
volume_folder: "{{ volume_root_folder }}/matrix"
|
volume_folder: "{{ volume_root_folder }}/matrix"
|
||||||
version: v1.63.1
|
version: v1.63.1
|
||||||
|
@ -87,6 +92,7 @@ services:
|
||||||
version: v1.11.8
|
version: v1.11.8
|
||||||
|
|
||||||
privatebin:
|
privatebin:
|
||||||
|
file: privatebin.yml
|
||||||
domain: "paste.{{ base_domain }}"
|
domain: "paste.{{ base_domain }}"
|
||||||
volume_folder: "{{ volume_root_folder }}/privatebin"
|
volume_folder: "{{ volume_root_folder }}/privatebin"
|
||||||
version: 20221009
|
version: 20221009
|
||||||
|
@ -96,57 +102,63 @@ services:
|
||||||
volume_folder: "{{ volume_root_folder }}/codimd"
|
volume_folder: "{{ volume_root_folder }}/codimd"
|
||||||
|
|
||||||
hedgedoc:
|
hedgedoc:
|
||||||
|
file: hedgedoc.yml
|
||||||
domain: "pad.{{ base_domain }}"
|
domain: "pad.{{ base_domain }}"
|
||||||
volume_folder: "{{ volume_root_folder }}/hedgedoc"
|
volume_folder: "{{ volume_root_folder }}/hedgedoc"
|
||||||
version: 1.9.0
|
version: 1.9.0
|
||||||
|
|
||||||
data_coop_website:
|
data_coop_website:
|
||||||
|
file: websites/data.coop.yml
|
||||||
domains:
|
domains:
|
||||||
- "{{ base_domain }}"
|
- "{{ base_domain }}"
|
||||||
- "www.{{ base_domain }}"
|
- "www.{{ base_domain }}"
|
||||||
|
|
||||||
cryptohagen_website:
|
cryptohagen_website:
|
||||||
|
file: websites/cryptohagen.dk.yml
|
||||||
domains:
|
domains:
|
||||||
- "cryptohagen.dk"
|
- "cryptohagen.dk"
|
||||||
- "www.cryptohagen.dk"
|
- "www.cryptohagen.dk"
|
||||||
|
|
||||||
ulovliglogning_website:
|
ulovliglogning_website:
|
||||||
|
file: websites/ulovliglogning.dk.yml
|
||||||
domains:
|
domains:
|
||||||
- "ulovliglogning.dk"
|
- "ulovliglogning.dk"
|
||||||
- "www.ulovliglogning.dk"
|
- "www.ulovliglogning.dk"
|
||||||
- "ulovlig-logning.dk"
|
- "ulovlig-logning.dk"
|
||||||
|
|
||||||
cryptoaarhus_website:
|
cryptoaarhus_website:
|
||||||
|
file: websites/cryptoaarhus.dk.yml
|
||||||
domains:
|
domains:
|
||||||
- "cryptoaarhus.dk"
|
- "cryptoaarhus.dk"
|
||||||
- "www.cryptoaarhus.dk"
|
- "www.cryptoaarhus.dk"
|
||||||
|
|
||||||
drone:
|
drone:
|
||||||
|
file: drone.yml
|
||||||
domain: "drone.{{ base_domain }}"
|
domain: "drone.{{ base_domain }}"
|
||||||
volume_folder: "{{ volume_root_folder }}/drone"
|
volume_folder: "{{ volume_root_folder }}/drone"
|
||||||
version: 1
|
version: 1
|
||||||
|
|
||||||
mailu:
|
mailu:
|
||||||
|
file: mailu.yml
|
||||||
version: 1.6
|
version: 1.6
|
||||||
domain: "mail.{{ base_domain }}"
|
domain: "mail.{{ base_domain }}"
|
||||||
dns: 192.168.203.254
|
dns: 192.168.203.254
|
||||||
subnet: 192.168.203.0/24
|
subnet: 192.168.203.0/24
|
||||||
volume_folder: "{{ volume_root_folder }}/mailu"
|
volume_folder: "{{ volume_root_folder }}/mailu"
|
||||||
|
|
||||||
ttrss:
|
|
||||||
domain: rss.{{ base_domain }}
|
|
||||||
volume_folder: "{{ volume_root_folder }}/tt-rss"
|
|
||||||
|
|
||||||
mastodon:
|
mastodon:
|
||||||
|
file: mastodon.yml
|
||||||
domain: "social.{{ base_domain }}"
|
domain: "social.{{ base_domain }}"
|
||||||
volume_folder: "{{ volume_root_folder }}/mastodon"
|
volume_folder: "{{ volume_root_folder }}/mastodon"
|
||||||
version: v4.0.2
|
version: v4.0.2
|
||||||
|
|
||||||
rallly:
|
rallly:
|
||||||
|
file: rallly.yml
|
||||||
domain: "when.{{ base_domain }}"
|
domain: "when.{{ base_domain }}"
|
||||||
volume_folder: "{{ volume_root_folder }}/rallly"
|
volume_folder: "{{ volume_root_folder }}/rallly"
|
||||||
version: a21f92bf74308d66cfcd545d49b81eba0211a222
|
version: a21f92bf74308d66cfcd545d49b81eba0211a222
|
||||||
|
|
||||||
membersystem:
|
membersystem:
|
||||||
|
file: membersystem.yml
|
||||||
domain: "member.{{ base_domain }}"
|
domain: "member.{{ base_domain }}"
|
||||||
django_admins: "Vidir:valberg@orn.li"
|
django_admins: "Vidir:valberg@orn.li"
|
||||||
|
|
|
@ -4,5 +4,6 @@
|
||||||
name: external_services
|
name: external_services
|
||||||
|
|
||||||
- name: setup services
|
- name: setup services
|
||||||
include_tasks: "services/{{ item }}.yml"
|
include_tasks: "services/{{ item.value.file }}"
|
||||||
with_items: "{{ services }}"
|
loop: "{{ services | dict2items }}"
|
||||||
|
when: item.value.file is defined
|
||||||
|
|
|
@ -15,5 +15,13 @@
|
||||||
networks:
|
networks:
|
||||||
- name: postfix
|
- name: postfix
|
||||||
env:
|
env:
|
||||||
ALLOWED_SENDER_DOMAINS: "{{ postfix.allowed_sender_domains|join(' ') }}"
|
ALLOWED_SENDER_DOMAINS: "{{ allowed_sender_domains|join(' ') }}"
|
||||||
HOSTNAME: "smtp.data.coop" # the name the smtp server will identify itself as
|
HOSTNAME: "smtp.data.coop" # the name the smtp server will identify itself as
|
||||||
|
vars:
|
||||||
|
allowed_sender_domains:
|
||||||
|
- "services.{{ base_domain }}"
|
||||||
|
- "{{ services.passit.domain }}"
|
||||||
|
- "{{ services.gitea.domain }}"
|
||||||
|
- "{{ services.mastodon.domain }}"
|
||||||
|
- "{{ services.rallly.domain }}"
|
||||||
|
- "{{ services.membersystem.domain }}"
|
||||||
|
|
|
@ -1,100 +0,0 @@
|
||||||
---
|
|
||||||
|
|
||||||
- name: setup data.coop website docker container
|
|
||||||
docker_container:
|
|
||||||
name: data.coop_website
|
|
||||||
image: docker.data.coop/data-coop-website
|
|
||||||
restart_policy: unless-stopped
|
|
||||||
networks:
|
|
||||||
- name: external_services
|
|
||||||
env:
|
|
||||||
VIRTUAL_HOST : "{{ data_coop_website.domains|join(',') }}"
|
|
||||||
LETSENCRYPT_HOST: "{{ data_coop_website.domains|join(',') }}"
|
|
||||||
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
|
|
||||||
labels:
|
|
||||||
com.centurylinklabs.watchtower.enable: "true"
|
|
||||||
|
|
||||||
|
|
||||||
- name: setup new data.coop website using hugo
|
|
||||||
docker_container:
|
|
||||||
name: new.data.coop_website
|
|
||||||
image: docker.data.coop/data-coop-website:hugo
|
|
||||||
restart_policy: unless-stopped
|
|
||||||
networks:
|
|
||||||
- name: external_services
|
|
||||||
env:
|
|
||||||
VIRTUAL_HOST : "new.{{ data_coop_website.domains|join(',') }}"
|
|
||||||
LETSENCRYPT_HOST: "new.{{ data_coop_website.domains|join(',') }}"
|
|
||||||
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
|
|
||||||
labels:
|
|
||||||
com.centurylinklabs.watchtower.enable: "true"
|
|
||||||
|
|
||||||
- name: setup new-new data.coop website using unipi
|
|
||||||
docker_container:
|
|
||||||
name: new-new.data.coop_website
|
|
||||||
image: docker.data.coop/unipi:latest
|
|
||||||
restart_policy: unless-stopped
|
|
||||||
purge_networks: yes
|
|
||||||
networks:
|
|
||||||
- name: external_services
|
|
||||||
env:
|
|
||||||
VIRTUAL_HOST: "new-new.{{ data_coop_website.domains|join(',') }}"
|
|
||||||
LETSENCRYPT_HOST: "new-new.{{ data_coop_website.domains|join(',') }}"
|
|
||||||
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
|
|
||||||
# The ssh-key is for read-only only
|
|
||||||
command: "--remote=git@git.data.coop:halfd/new-website.git#main --ssh-key ed25519:Ag9RekCyC2eow4P/e5crVvSTQ7dTK46WkG0wqEPVJbU= --ssh-authenticator SHA256:l9kdLkb0kJm46pOJ4tCHCtFUaqV1ImbZWMA5oje10fI"
|
|
||||||
capabilities:
|
|
||||||
- NET_ADMIN
|
|
||||||
devices:
|
|
||||||
- "/dev/net/tun"
|
|
||||||
labels:
|
|
||||||
com.centurylinklabs.watchtower.enable: "true"
|
|
||||||
|
|
||||||
- name: setup 2022.slides.data.coop website using unipi
|
|
||||||
docker_container:
|
|
||||||
name: 2022.slides.data.coop_website
|
|
||||||
image: docker.data.coop/unipi:latest
|
|
||||||
restart_policy: unless-stopped
|
|
||||||
purge_networks: yes
|
|
||||||
networks:
|
|
||||||
- name: external_services
|
|
||||||
env:
|
|
||||||
VIRTUAL_HOST: "2022.slides.{{ data_coop_website.domains|join(',') }}"
|
|
||||||
LETSENCRYPT_HOST: "2022.slides.{{ data_coop_website.domains|join(',') }}"
|
|
||||||
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
|
|
||||||
# Temporarily hosting on github
|
|
||||||
command: "--remote=https://github.com/sorbusursina/datacoop-slides.git#slides2022"
|
|
||||||
capabilities:
|
|
||||||
- NET_ADMIN
|
|
||||||
devices:
|
|
||||||
- "/dev/net/tun"
|
|
||||||
labels:
|
|
||||||
com.centurylinklabs.watchtower.enable: "true"
|
|
||||||
|
|
||||||
- name: setup cryptohagen.dk website docker container
|
|
||||||
docker_container:
|
|
||||||
name: cryptohagen_website
|
|
||||||
restart_policy: unless-stopped
|
|
||||||
image: docker.data.coop/cryptohagen-website
|
|
||||||
networks:
|
|
||||||
- name: external_services
|
|
||||||
env:
|
|
||||||
VIRTUAL_HOST : "{{ cryptohagen_website.domains|join(',') }}"
|
|
||||||
LETSENCRYPT_HOST: "{{ cryptohagen_website.domains|join(',') }}"
|
|
||||||
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
|
|
||||||
labels:
|
|
||||||
com.centurylinklabs.watchtower.enable: "true"
|
|
||||||
|
|
||||||
- name: setup cryptoaarhus.dk website docker container
|
|
||||||
docker_container:
|
|
||||||
name: cryptoaarhus_website
|
|
||||||
restart_policy: unless-stopped
|
|
||||||
image: docker.data.coop/cryptoaarhus-website
|
|
||||||
networks:
|
|
||||||
- name: external_services
|
|
||||||
env:
|
|
||||||
VIRTUAL_HOST : "{{ cryptoaarhus_website.domains|join(',') }}"
|
|
||||||
LETSENCRYPT_HOST: "{{ cryptoaarhus_website.domains|join(',') }}"
|
|
||||||
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
|
|
||||||
labels:
|
|
||||||
com.centurylinklabs.watchtower.enable: "true"
|
|
|
@ -0,0 +1,23 @@
|
||||||
|
---
|
||||||
|
|
||||||
|
- name: setup 2022.slides.data.coop website using unipi
|
||||||
|
docker_container:
|
||||||
|
name: 2022.slides.data.coop_website
|
||||||
|
image: docker.data.coop/unipi:latest
|
||||||
|
restart_policy: unless-stopped
|
||||||
|
purge_networks: yes
|
||||||
|
networks:
|
||||||
|
- name: external_services
|
||||||
|
env:
|
||||||
|
VIRTUAL_HOST: "2022.slides.{{ data_coop_website.domains|join(',') }}"
|
||||||
|
LETSENCRYPT_HOST: "2022.slides.{{ data_coop_website.domains|join(',') }}"
|
||||||
|
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
|
||||||
|
# Temporarily hosting on github
|
||||||
|
command: "--remote=https://github.com/sorbusursina/datacoop-slides.git#slides2022"
|
||||||
|
capabilities:
|
||||||
|
- NET_ADMIN
|
||||||
|
devices:
|
||||||
|
- "/dev/net/tun"
|
||||||
|
labels:
|
||||||
|
com.centurylinklabs.watchtower.enable: "true"
|
||||||
|
|
15
roles/docker/tasks/services/websites/cryptoaarhus.dk.yml
Normal file
15
roles/docker/tasks/services/websites/cryptoaarhus.dk.yml
Normal file
|
@ -0,0 +1,15 @@
|
||||||
|
---
|
||||||
|
|
||||||
|
- name: setup cryptoaarhus.dk website docker container
|
||||||
|
docker_container:
|
||||||
|
name: cryptoaarhus_website
|
||||||
|
restart_policy: unless-stopped
|
||||||
|
image: docker.data.coop/cryptoaarhus-website
|
||||||
|
networks:
|
||||||
|
- name: external_services
|
||||||
|
env:
|
||||||
|
VIRTUAL_HOST : "{{ cryptoaarhus_website.domains|join(',') }}"
|
||||||
|
LETSENCRYPT_HOST: "{{ cryptoaarhus_website.domains|join(',') }}"
|
||||||
|
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
|
||||||
|
labels:
|
||||||
|
com.centurylinklabs.watchtower.enable: "true"
|
15
roles/docker/tasks/services/websites/cryptohagen.dk.yml
Normal file
15
roles/docker/tasks/services/websites/cryptohagen.dk.yml
Normal file
|
@ -0,0 +1,15 @@
|
||||||
|
---
|
||||||
|
|
||||||
|
- name: setup cryptohagen.dk website docker container
|
||||||
|
docker_container:
|
||||||
|
name: cryptohagen_website
|
||||||
|
restart_policy: unless-stopped
|
||||||
|
image: docker.data.coop/cryptohagen-website
|
||||||
|
networks:
|
||||||
|
- name: external_services
|
||||||
|
env:
|
||||||
|
VIRTUAL_HOST : "{{ cryptohagen_website.domains|join(',') }}"
|
||||||
|
LETSENCRYPT_HOST: "{{ cryptohagen_website.domains|join(',') }}"
|
||||||
|
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
|
||||||
|
labels:
|
||||||
|
com.centurylinklabs.watchtower.enable: "true"
|
15
roles/docker/tasks/services/websites/data.coop.yml
Normal file
15
roles/docker/tasks/services/websites/data.coop.yml
Normal file
|
@ -0,0 +1,15 @@
|
||||||
|
---
|
||||||
|
|
||||||
|
- name: setup data.coop website docker container
|
||||||
|
docker_container:
|
||||||
|
name: data.coop_website
|
||||||
|
image: docker.data.coop/data-coop-website
|
||||||
|
restart_policy: unless-stopped
|
||||||
|
networks:
|
||||||
|
- name: external_services
|
||||||
|
env:
|
||||||
|
VIRTUAL_HOST : "{{ data_coop_website.domains|join(',') }}"
|
||||||
|
LETSENCRYPT_HOST: "{{ data_coop_website.domains|join(',') }}"
|
||||||
|
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
|
||||||
|
labels:
|
||||||
|
com.centurylinklabs.watchtower.enable: "true"
|
21
roles/docker/tasks/services/websites/new-new.data.coop.yml
Normal file
21
roles/docker/tasks/services/websites/new-new.data.coop.yml
Normal file
|
@ -0,0 +1,21 @@
|
||||||
|
- name: setup new-new data.coop website using unipi
|
||||||
|
docker_container:
|
||||||
|
name: new-new.data.coop_website
|
||||||
|
image: docker.data.coop/unipi:latest
|
||||||
|
restart_policy: unless-stopped
|
||||||
|
purge_networks: yes
|
||||||
|
networks:
|
||||||
|
- name: external_services
|
||||||
|
env:
|
||||||
|
VIRTUAL_HOST: "new-new.{{ data_coop_website.domains|join(',') }}"
|
||||||
|
LETSENCRYPT_HOST: "new-new.{{ data_coop_website.domains|join(',') }}"
|
||||||
|
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
|
||||||
|
# The ssh-key is for read-only only
|
||||||
|
command: "--remote=git@git.data.coop:halfd/new-website.git#main --ssh-key ed25519:Ag9RekCyC2eow4P/e5crVvSTQ7dTK46WkG0wqEPVJbU= --ssh-authenticator SHA256:l9kdLkb0kJm46pOJ4tCHCtFUaqV1ImbZWMA5oje10fI"
|
||||||
|
capabilities:
|
||||||
|
- NET_ADMIN
|
||||||
|
devices:
|
||||||
|
- "/dev/net/tun"
|
||||||
|
labels:
|
||||||
|
com.centurylinklabs.watchtower.enable: "true"
|
||||||
|
|
15
roles/docker/tasks/services/websites/new.data.coop.yml
Normal file
15
roles/docker/tasks/services/websites/new.data.coop.yml
Normal file
|
@ -0,0 +1,15 @@
|
||||||
|
---
|
||||||
|
|
||||||
|
- name: setup new data.coop website using hugo
|
||||||
|
docker_container:
|
||||||
|
name: new.data.coop_website
|
||||||
|
image: docker.data.coop/data-coop-website:hugo
|
||||||
|
restart_policy: unless-stopped
|
||||||
|
networks:
|
||||||
|
- name: external_services
|
||||||
|
env:
|
||||||
|
VIRTUAL_HOST : "new.{{ data_coop_website.domains|join(',') }}"
|
||||||
|
LETSENCRYPT_HOST: "new.{{ data_coop_website.domains|join(',') }}"
|
||||||
|
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
|
||||||
|
labels:
|
||||||
|
com.centurylinklabs.watchtower.enable: "true"
|
Loading…
Reference in a new issue