Merge branch 'main' into removal/pinafore

This commit is contained in:
Sam A. 2023-01-22 19:28:08 +01:00
commit be450fc8b8
Signed by: samsapti
GPG key ID: CBBBE7371E81C4EA
19 changed files with 61 additions and 59 deletions

View file

@ -44,6 +44,7 @@ services:
domain: sso.{{ base_domain }} domain: sso.{{ base_domain }}
volume_folder: "{{ volume_root_folder }}/keycloak" volume_folder: "{{ volume_root_folder }}/keycloak"
version: "20.0" version: "20.0"
postgres_version: "10"
allowed_sender_domain: true allowed_sender_domain: true
restic: restic:
@ -69,13 +70,15 @@ services:
domain: "cloud.{{ base_domain }}" domain: "cloud.{{ base_domain }}"
volume_folder: "{{ volume_root_folder }}/nextcloud" volume_folder: "{{ volume_root_folder }}/nextcloud"
version: 25-apache version: 25-apache
postgres_version: "10"
redis_version: 7-alpine
allowed_sender_domain: true allowed_sender_domain: true
gitea: gitea:
file: gitea.yml file: gitea.yml
domain: "git.{{ base_domain }}" domain: "git.{{ base_domain }}"
volume_folder: "{{ volume_root_folder }}/gitea" volume_folder: "{{ volume_root_folder }}/gitea"
version: 1.18.0 version: 1.18
allowed_sender_domain: true allowed_sender_domain: true
passit: passit:
@ -83,6 +86,7 @@ services:
domain: "passit.{{ base_domain }}" domain: "passit.{{ base_domain }}"
volume_folder: "{{ volume_root_folder }}/passit" volume_folder: "{{ volume_root_folder }}/passit"
version: stable version: stable
postgres_version: 15-alpine
allowed_sender_domain: true allowed_sender_domain: true
matrix: matrix:
@ -90,6 +94,7 @@ services:
domain: "matrix.{{ base_domain }}" domain: "matrix.{{ base_domain }}"
volume_folder: "{{ volume_root_folder }}/matrix" volume_folder: "{{ volume_root_folder }}/matrix"
version: v1.63.1 version: v1.63.1
postgres_version: "10"
allowed_sender_domain: true allowed_sender_domain: true
riot: riot:
@ -114,13 +119,14 @@ services:
file: hedgedoc.yml file: hedgedoc.yml
domain: "pad.{{ base_domain }}" domain: "pad.{{ base_domain }}"
volume_folder: "{{ volume_root_folder }}/hedgedoc" volume_folder: "{{ volume_root_folder }}/hedgedoc"
version: 1.9.6 version: 1.9.6-alpine
postgres_version: 10-alpine
data_coop_website: data_coop_website:
file: websites/data.coop.yml file: websites/data.coop.yml
domains: domains:
- "{{ base_domain }}" - "{{ base_domain }}"
- "www.{{ base_domain }}" - "www.{{ base_domain }}"
new_data_coop_website: new_data_coop_website:
file: websites/new.data.coop.yml file: websites/new.data.coop.yml
@ -135,21 +141,21 @@ services:
cryptohagen_website: cryptohagen_website:
file: websites/cryptohagen.dk.yml file: websites/cryptohagen.dk.yml
domains: domains:
- "cryptohagen.dk" - "cryptohagen.dk"
- "www.cryptohagen.dk" - "www.cryptohagen.dk"
ulovliglogning_website: ulovliglogning_website:
file: websites/ulovliglogning.dk.yml file: websites/ulovliglogning.dk.yml
domains: domains:
- "ulovliglogning.dk" - "ulovliglogning.dk"
- "www.ulovliglogning.dk" - "www.ulovliglogning.dk"
- "ulovlig-logning.dk" - "ulovlig-logning.dk"
cryptoaarhus_website: cryptoaarhus_website:
file: websites/cryptoaarhus.dk.yml file: websites/cryptoaarhus.dk.yml
domains: domains:
- "cryptoaarhus.dk" - "cryptoaarhus.dk"
- "www.cryptoaarhus.dk" - "www.cryptoaarhus.dk"
drone: drone:
file: drone.yml file: drone.yml
@ -170,6 +176,8 @@ services:
domain: "social.{{ base_domain }}" domain: "social.{{ base_domain }}"
volume_folder: "{{ volume_root_folder }}/mastodon" volume_folder: "{{ volume_root_folder }}/mastodon"
version: v4.0.2 version: v4.0.2
postgres_version: 14-alpine
redis_version: 6-alpine
allowed_sender_domain: true allowed_sender_domain: true
rallly: rallly:
@ -177,12 +185,15 @@ services:
domain: "when.{{ base_domain }}" domain: "when.{{ base_domain }}"
volume_folder: "{{ volume_root_folder }}/rallly" volume_folder: "{{ volume_root_folder }}/rallly"
version: e4482a1edb2fb56292d07ee8811a24f2a0d6b114 version: e4482a1edb2fb56292d07ee8811a24f2a0d6b114
postgres_version: 14-alpine
allowed_sender_domain: true allowed_sender_domain: true
membersystem: membersystem:
file: membersystem.yml file: membersystem.yml
domain: "member.{{ base_domain }}" domain: "member.{{ base_domain }}"
django_admins: "Vidir:valberg@orn.li" django_admins: "Vidir:valberg@orn.li"
version: latest
postgres_version: 13-alpine
allowed_sender_domain: true allowed_sender_domain: true
watchtower: watchtower:

View file

@ -9,7 +9,7 @@
services: services:
drone: drone:
container_name: "drone" container_name: "drone"
image: drone/drone:1 image: "drone/drone:{{ services.drone.version }}"
restart: unless-stopped restart: unless-stopped
networks: networks:
- external_services - external_services
@ -49,4 +49,4 @@
drone: drone:
external_services: external_services:
external: external:
name: external_services name: external_services

View file

@ -23,7 +23,7 @@
definition: definition:
services: services:
database: database:
image: "postgres:10-alpine" image: "postgres:{{ services.hedgedoc.postgres_version }}"
environment: environment:
POSTGRES_USER: "codimd" POSTGRES_USER: "codimd"
POSTGRES_PASSWORD: "{{ postgres_passwords.hedgedoc }}" POSTGRES_PASSWORD: "{{ postgres_passwords.hedgedoc }}"
@ -35,7 +35,7 @@
- "{{ services.hedgedoc.volume_folder }}/db:/var/lib/postgresql/data" - "{{ services.hedgedoc.volume_folder }}/db:/var/lib/postgresql/data"
app: app:
image: quay.io/hedgedoc/hedgedoc:{{ services.hedgedoc.version }} image: "quay.io/hedgedoc/hedgedoc:{{ services.hedgedoc.version }}"
environment: environment:
CMD_DB_URL: "postgres://codimd:{{ postgres_passwords.hedgedoc }}@hedgedoc_database_1:5432/codimd" CMD_DB_URL: "postgres://codimd:{{ postgres_passwords.hedgedoc }}@hedgedoc_database_1:5432/codimd"
CMD_DOMAIN: "{{ services.hedgedoc.domain }}" CMD_DOMAIN: "{{ services.hedgedoc.domain }}"

View file

@ -7,9 +7,8 @@
definition: definition:
version: "3.6" version: "3.6"
services: services:
postgres: postgres:
image: "postgres:10" image: "postgres:{{ services.keycloak.postgres_version }}"
restart: "unless-stopped" restart: "unless-stopped"
networks: networks:
- "keycloak" - "keycloak"
@ -27,7 +26,16 @@
- "keycloak" - "keycloak"
- "postfix" - "postfix"
- "external_services" - "external_services"
command: "start --db=postgres --db-url=jdbc:postgresql://postgres:5432/keycloak --db-username=keycloak --db-password={{ postgres_passwords.keycloak }} --hostname={{ services.keycloak.domain }} --proxy=edge --https-port=8080 --http-relative-path=/auth" command:
- "start"
- "--db=postgres"
- "--db-url=jdbc:postgresql://postgres:5432/keycloak"
- "--db-username=keycloak"
- "--db-password={{ postgres_passwords.keycloak }}"
- "--hostname={{ services.keycloak.domain }}"
- "--proxy=edge"
- "--https-port=8080"
- "--http-relative-path=/auth"
environment: environment:
VIRTUAL_HOST: "{{ services.keycloak.domain }}" VIRTUAL_HOST: "{{ services.keycloak.domain }}"
VIRTUAL_PORT: "8080" VIRTUAL_PORT: "8080"

View file

@ -57,7 +57,7 @@
services: services:
db: db:
restart: always restart: always
image: postgres:14-alpine image: "postgres:{{ services.mastodon.postgres_version }}"
shm_size: 256mb shm_size: 256mb
networks: networks:
- internal_network - internal_network
@ -72,7 +72,7 @@
redis: redis:
restart: always restart: always
image: redis:6-alpine image: "redis:{{ services.mastodon.redis_version }}"
networks: networks:
- internal_network - internal_network
healthcheck: healthcheck:

View file

@ -67,7 +67,7 @@
services: services:
matrix_db: matrix_db:
container_name: matrix_db container_name: matrix_db
image: postgres:10 image: "postgres:{{ services.matrix.postgres_version }}"
restart: unless-stopped restart: unless-stopped
networks: networks:
- matrix - matrix
@ -79,7 +79,7 @@
matrix_app: matrix_app:
container_name: matrix container_name: matrix
image: matrixdotorg/synapse:{{ services.matrix.version }} image: "matrixdotorg/synapse:{{ services.matrix.version }}"
restart: unless-stopped restart: unless-stopped
networks: networks:
- matrix - matrix
@ -97,7 +97,7 @@
riot: riot:
container_name: riot_app container_name: riot_app
image: avhost/docker-matrix-riot:{{ services.riot.version }} image: "avhost/docker-matrix-riot:{{ services.riot.version }}"
restart: unless-stopped restart: unless-stopped
networks: networks:
- matrix - matrix

View file

@ -8,7 +8,7 @@
version: "3" version: "3"
services: services:
backend: backend:
image: docker.data.coop/membersystem:latest image: "docker.data.coop/membersystem:{{ services.membersystem.version }}"
restart: always restart: always
user: $UID:$GID user: $UID:$GID
tty: true tty: true
@ -33,11 +33,9 @@
CSRF_TRUSTED_ORIGINS: "https://{{ services.membersystem.domain }}" CSRF_TRUSTED_ORIGINS: "https://{{ services.membersystem.domain }}"
DJANGO_ADMINS: "{{ services.membersystem.django_admins }}" DJANGO_ADMINS: "{{ services.membersystem.django_admins }}"
DEFAULT_FROM_EMAIL: "noreply@{{ services.membersystem.domain }}" DEFAULT_FROM_EMAIL: "noreply@{{ services.membersystem.domain }}"
labels:
com.centurylinklabs.watchtower.enable: "true"
postgres: postgres:
image: postgres:13-alpine image: "postgres:{{ services.membersystem.postgres_version }}"
restart: always restart: always
volumes: volumes:
- "{{ volume_root_folder }}/membersystem/postgres/data:/var/lib/postgresql/data" - "{{ volume_root_folder }}/membersystem/postgres/data:/var/lib/postgresql/data"

View file

@ -21,7 +21,3 @@
LETSENCRYPT_HOST: "{{ services.netdata.domain }}" LETSENCRYPT_HOST: "{{ services.netdata.domain }}"
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}" LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
PGID: "999" PGID: "999"
labels:
com.centurylinklabs.watchtower.enable: "true"

View file

@ -13,7 +13,7 @@
definition: definition:
services: services:
postgres: postgres:
image: "postgres:10" image: "postgres:{{ services.nextcloud.postgres_version }}"
restart: "unless-stopped" restart: "unless-stopped"
networks: networks:
- "nextcloud" - "nextcloud"
@ -25,7 +25,7 @@
POSTGRES_USER: "nextcloud" POSTGRES_USER: "nextcloud"
redis: redis:
image: "redis:7-alpine" image: "redis:{{ services.nextcloud.redis_version }}"
restart: "unless-stopped" restart: "unless-stopped"
command: "redis-server --requirepass {{ nextcloud_secrets.redis_password }}" command: "redis-server --requirepass {{ nextcloud_secrets.redis_password }}"
tmpfs: tmpfs:

View file

@ -1,5 +1,12 @@
# vim: ft=yaml.ansible # vim: ft=yaml.ansible
--- ---
- name: Create directory for Passit data
file:
name: "{{ services.passit.volume_folder }}/data"
owner: '70'
group: root
state: directory
- name: setup passit containers - name: setup passit containers
docker_compose: docker_compose:
project_name: "passit" project_name: "passit"
@ -8,7 +15,7 @@
version: "3.6" version: "3.6"
services: services:
passit_db: passit_db:
image: "postgres:10" image: "postgres:{{ services.passit.postgres_version }}"
restart: "always" restart: "always"
networks: networks:
- "passit" - "passit"
@ -19,7 +26,7 @@
POSTGRES_PASSWORD: "{{ postgres_passwords.passit }}" POSTGRES_PASSWORD: "{{ postgres_passwords.passit }}"
passit_app: passit_app:
image: "passit/passit:{{ services.passit.version }}" image: "passit/passit@sha256:c4b96bc67222936f58f344d5dd1020227ad8e11ad5f82ed3cbf0bcfa8fe9b2e7" #:{{ services.passit.version }}"
command: "bin/start.sh" command: "bin/start.sh"
restart: "always" restart: "always"
networks: networks:

View file

@ -18,7 +18,7 @@
version: "3.8" version: "3.8"
services: services:
rallly_db: rallly_db:
image: "postgres:14-alpine" image: "postgres:{{ services.rallly.postgres_version }}"
restart: "always" restart: "always"
shm_size: "256mb" shm_size: "256mb"
networks: networks:
@ -33,8 +33,6 @@
interval: 5s interval: 5s
timeout: 5s timeout: 5s
retries: 5 retries: 5
labels:
com.centurylinklabs.watchtower.enable: "true"
rallly: rallly:
image: "lukevella/rallly:{{ services.rallly.version }}" image: "lukevella/rallly:{{ services.rallly.version }}"
@ -53,8 +51,6 @@
VIRTUAL_PORT: "3000" VIRTUAL_PORT: "3000"
LETSENCRYPT_HOST: "{{ services.rallly.domain }}" LETSENCRYPT_HOST: "{{ services.rallly.domain }}"
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}" LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
labels:
com.centurylinklabs.watchtower.enable: "true"
networks: networks:
rallly_internal: rallly_internal:

View file

@ -11,7 +11,7 @@
image: mazzolino/restic:{{ services.restic.version }} image: mazzolino/restic:{{ services.restic.version }}
restart: always restart: always
environment: environment:
RUN_ON_STARTUP: "true" RUN_ON_STARTUP: "false"
BACKUP_CRON: "0 30 3 * * *" BACKUP_CRON: "0 30 3 * * *"
RESTIC_REPOSITORY: "rest:https://{{ services.restic.user }}:{{ restic_secrets.user_password }}@{{ services.restic.domain }}/{{ services.restic.repository }}" RESTIC_REPOSITORY: "rest:https://{{ services.restic.user }}:{{ restic_secrets.user_password }}@{{ services.restic.domain }}/{{ services.restic.repository }}"
RESTIC_PASSWORD: "{{ restic_secrets.repository_password }}" RESTIC_PASSWORD: "{{ restic_secrets.repository_password }}"
@ -32,7 +32,7 @@
restic-prune: restic-prune:
image: "mazzolino/restic:{{ services.restic.version }}" image: "mazzolino/restic:{{ services.restic.version }}"
environment: environment:
RUN_ON_STARTUP: "true" RUN_ON_STARTUP: "false"
PRUNE_CRON: "0 0 4 * * *" PRUNE_CRON: "0 0 4 * * *"
RESTIC_REPOSITORY: "rest:https://{{ services.restic.user }}:{{ restic_secrets.user_password }}@{{ services.restic.domain }}/{{ services.restic.repository }}" RESTIC_REPOSITORY: "rest:https://{{ services.restic.user }}:{{ restic_secrets.user_password }}@{{ services.restic.domain }}/{{ services.restic.repository }}"
RESTIC_PASSWORD: "{{ restic_secrets.repository_password }}" RESTIC_PASSWORD: "{{ restic_secrets.repository_password }}"

View file

@ -7,9 +7,8 @@
restart_policy: unless-stopped restart_policy: unless-stopped
networks: networks:
- name: external_services - name: external_services
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- "{{ services.docker_registry.volume_folder }}/auth/config.json:/config.json"
env: env:
WATCHTOWER_LABEL_ENABLE: "true"
WATCHTOWER_POLL_INTERVAL: "60" WATCHTOWER_POLL_INTERVAL: "60"
volumes:
- "/var/run/docker.sock:/var/run/docker.sock"
- "/root/.docker/config.json:/config.json:ro"

View file

@ -17,6 +17,3 @@
- NET_ADMIN - NET_ADMIN
devices: devices:
- "/dev/net/tun" - "/dev/net/tun"
labels:
com.centurylinklabs.watchtower.enable: "true"

View file

@ -11,5 +11,3 @@
VIRTUAL_HOST : "{{ services.cryptoaarhus_website.domains|join(',') }}" VIRTUAL_HOST : "{{ services.cryptoaarhus_website.domains|join(',') }}"
LETSENCRYPT_HOST: "{{ services.cryptoaarhus_website.domains|join(',') }}" LETSENCRYPT_HOST: "{{ services.cryptoaarhus_website.domains|join(',') }}"
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}" LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
labels:
com.centurylinklabs.watchtower.enable: "true"

View file

@ -11,5 +11,3 @@
VIRTUAL_HOST : "{{ services.cryptohagen_website.domains|join(',') }}" VIRTUAL_HOST : "{{ services.cryptohagen_website.domains|join(',') }}"
LETSENCRYPT_HOST: "{{ services.cryptohagen_website.domains|join(',') }}" LETSENCRYPT_HOST: "{{ services.cryptohagen_website.domains|join(',') }}"
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}" LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
labels:
com.centurylinklabs.watchtower.enable: "true"

View file

@ -21,5 +21,3 @@
VIRTUAL_HOST : "{{ services.data_coop_website.domains|join(',') }}" VIRTUAL_HOST : "{{ services.data_coop_website.domains|join(',') }}"
LETSENCRYPT_HOST: "{{ services.data_coop_website.domains|join(',') }}" LETSENCRYPT_HOST: "{{ services.data_coop_website.domains|join(',') }}"
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}" LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
labels:
com.centurylinklabs.watchtower.enable: "true"

View file

@ -11,5 +11,3 @@
VIRTUAL_HOST : "{{ services.new_data_coop_website.domain }}" VIRTUAL_HOST : "{{ services.new_data_coop_website.domain }}"
LETSENCRYPT_HOST: "{{ services.new_data_coop_website.domain }}" LETSENCRYPT_HOST: "{{ services.new_data_coop_website.domain }}"
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}" LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
labels:
com.centurylinklabs.watchtower.enable: "true"

View file

@ -11,5 +11,3 @@
VIRTUAL_HOST: "{{ services.ulovliglogning_website.domains|join(',') }}" VIRTUAL_HOST: "{{ services.ulovliglogning_website.domains|join(',') }}"
LETSENCRYPT_HOST: "{{ services.ulovliglogning_website.domains|join(',') }}" LETSENCRYPT_HOST: "{{ services.ulovliglogning_website.domains|join(',') }}"
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}" LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
labels:
com.centurylinklabs.watchtower.enable: "true"