data.coop/ansible
8
3
Fork 7
Code Issues 49 Pull requests 9 Projects 1 Releases Wiki Activity

Compare commits

base: data.coop:209ccf99168f27250cec1b9660cf68dc72229570
Branches Tags
data.coop:main
data.coop:reynir-patch-1
data.coop:proxmox
data.coop:diun
data.coop:use_sudo
data.coop:woodpeckerci
data.coop:linting
data.coop:mailman
data.coop:listmonk
data.coop:sshd-password
...
compare: data.coop:b445d7db17edadb5a40793d605125636e4c0356c
Branches Tags
data.coop:reynir-patch-1
data.coop:proxmox
data.coop:main
data.coop:diun
data.coop:use_sudo
data.coop:woodpeckerci
data.coop:linting
data.coop:mailman
data.coop:listmonk
data.coop:sshd-password

20 commits
209ccf9916 ... b445d7db17

Author SHA1 Message Date
valberg b445d7db17 Merge pull request 'Enable Watchtower for all services' (#123) from watchtower into main 
Reviewed-on: #123
 2023-01-21 17:17:55 +00:00
Sam A. 7ca168ae03
Merge branch 'main' into watchtower 2023-01-21 17:33:45 +01:00
Sam A. 58f3df7ed0
Merge branch 'main' into watchtower 2023-01-06 14:53:59 +01:00
Sam A. 44eb59fb86
Merge branch 'main' into watchtower 2022-12-27 19:48:32 +01:00
Sam A. 2c9c501562
Remove label from Pinafore 2022-12-06 18:06:31 +01:00
Sam A. 0dcc0a6d75
Merge branch 'main' into watchtower 2022-12-06 18:05:15 +01:00
Sam A. 1356aa54c8
Merge branch 'main' into watchtower 2022-11-26 16:49:53 +01:00
Sam A. 44b5f91eef
Merge branch 'main' into watchtower 2022-11-25 22:12:47 +01:00
Sam A. 74dfcfb5e8
Keycloak: avoid very long lines :( 2022-11-23 21:09:05 +01:00
Sam A. 221ddd987f
Upgrade Postfix to 3.5.1 and use Alpine-based image 2022-11-23 21:05:01 +01:00
Sam A. 687bff35e9
Pin netdata to v1 2022-11-23 21:00:48 +01:00
Sam A. 9261cb1952
Pin Keycoak to 20.0 (minor version) 2022-11-23 20:34:43 +01:00
Sam A. 1f61909605
Pin HedgeDoc to major version 1 
From https://docs.hedgedoc.org/setup/getting-started/#upgrading-hedgedoc

> HedgeDoc follows [Semantic Versioning](https://semver.org/).
> This means that minor and patch releases should not introduce
> user-facing backwards-incompatible changes.
 2022-11-23 20:16:36 +01:00
Sam A. d9de1efc9a
Pin Gitea to 1.17 instead of 1.17.3 
Gitea's "minor" version change seems to be the one that occasionally
introduces breaking changes, so let's not update that automatically.
Only keep the patch-releases automatically updated.
 2022-11-23 20:02:30 +01:00
Sam A. 2fa5bf4982
Merge branch 'main' into watchtower 2022-11-23 19:51:58 +01:00
Sam A. c9ab9f0c66
Watchtower doesn't need external_services network 2022-11-19 18:20:10 +01:00
Sam A. e5dcfea003
Pin Watchtower version 2022-11-19 18:19:43 +01:00
Sam A. 27b918b46b
Remove labels 2022-11-18 21:07:12 +01:00
Sam A. 5d26e1cdea
Fix mount point for Watchtower 
The auth file created by the registry login task doesn't need to be
stored in a non-default path.
 2022-11-18 20:58:22 +01:00
Sam A. a4a06d8a58
Upgrade Watchtower and disable filter by enable label 2022-11-18 18:59:00 +01:00
13 changed files with 15 additions and 32 deletions
Show stats Expand all files Collapse all files

4
roles/docker/defaults/main.yml
View file

@ -78,7 +78,7 @@ services:
file: gitea.yml file: gitea.yml
domain: "git.{{ base_domain }}" domain: "git.{{ base_domain }}"
volume_folder: "{{ volume_root_folder }}/gitea" volume_folder: "{{ volume_root_folder }}/gitea"
version: 1.18.0 version: 1.18
allowed_sender_domain: true allowed_sender_domain: true
passit: passit:
@ -119,7 +119,7 @@ services:
file: hedgedoc.yml file: hedgedoc.yml
domain: "pad.{{ base_domain }}" domain: "pad.{{ base_domain }}"
volume_folder: "{{ volume_root_folder }}/hedgedoc" volume_folder: "{{ volume_root_folder }}/hedgedoc"
version: 1.9.6 version: 1
postgres_version: 10-alpine postgres_version: 10-alpine
data_coop_website: data_coop_website:

11
roles/docker/tasks/services/keycloak.yml
View file

@ -26,7 +26,16 @@
- "keycloak" - "keycloak"
- "postfix" - "postfix"
- "external_services" - "external_services"
command: "start --db=postgres --db-url=jdbc:postgresql://postgres:5432/keycloak --db-username=keycloak --db-password={{ postgres_passwords.keycloak }} --hostname={{ services.keycloak.domain }} --proxy=edge --https-port=8080 --http-relative-path=/auth" command:
- "start"
- "--db=postgres"
- "--db-url=jdbc:postgresql://postgres:5432/keycloak"
- "--db-username=keycloak"
- "--db-password={{ postgres_passwords.keycloak }}"
- "--hostname={{ keycloak.domain }}"
- "--proxy=edge"
- "--https-port=8080"
- "--http-relative-path=/auth"
environment: environment:
VIRTUAL_HOST: "{{ services.keycloak.domain }}" VIRTUAL_HOST: "{{ services.keycloak.domain }}"
VIRTUAL_PORT: "8080" VIRTUAL_PORT: "8080"

2
roles/docker/tasks/services/membersystem.yml
View file

@ -33,8 +33,6 @@
CSRF_TRUSTED_ORIGINS: "https://{{ services.membersystem.domain }}" CSRF_TRUSTED_ORIGINS: "https://{{ services.membersystem.domain }}"
DJANGO_ADMINS: "{{ services.membersystem.django_admins }}" DJANGO_ADMINS: "{{ services.membersystem.django_admins }}"
DEFAULT_FROM_EMAIL: "noreply@{{ services.membersystem.domain }}" DEFAULT_FROM_EMAIL: "noreply@{{ services.membersystem.domain }}"
labels:
com.centurylinklabs.watchtower.enable: "true"
postgres: postgres:
image: "postgres:{{ services.membersystem.postgres_version }}" image: "postgres:{{ services.membersystem.postgres_version }}"

4
roles/docker/tasks/services/netdata.yml
View file

@ -21,7 +21,3 @@
LETSENCRYPT_HOST: "{{ services.netdata.domain }}" LETSENCRYPT_HOST: "{{ services.netdata.domain }}"
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}" LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
PGID: "999" PGID: "999"
labels:
com.centurylinklabs.watchtower.enable: "true"

2
roles/docker/tasks/services/pinafore.yml
View file

@ -12,5 +12,3 @@
VIRTUAL_PORT: "4002" VIRTUAL_PORT: "4002"
LETSENCRYPT_HOST: "{{ services.pinafore.domain }}" LETSENCRYPT_HOST: "{{ services.pinafore.domain }}"
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}" LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
labels:
com.centurylinklabs.watchtower.enable: "true"

4
roles/docker/tasks/services/rallly.yml
View file

@ -33,8 +33,6 @@
interval: 5s interval: 5s
timeout: 5s timeout: 5s
retries: 5 retries: 5
labels:
com.centurylinklabs.watchtower.enable: "true"
rallly: rallly:
image: "lukevella/rallly:{{ services.rallly.version }}" image: "lukevella/rallly:{{ services.rallly.version }}"
@ -53,8 +51,6 @@
VIRTUAL_PORT: "3000" VIRTUAL_PORT: "3000"
LETSENCRYPT_HOST: "{{ services.rallly.domain }}" LETSENCRYPT_HOST: "{{ services.rallly.domain }}"
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}" LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
labels:
com.centurylinklabs.watchtower.enable: "true"
networks: networks:
rallly_internal: rallly_internal:

7
roles/docker/tasks/services/watchtower.yml
View file

@ -7,9 +7,8 @@
restart_policy: unless-stopped restart_policy: unless-stopped
networks: networks:
- name: external_services - name: external_services
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- "{{ services.docker_registry.volume_folder }}/auth/config.json:/config.json"
env: env:
WATCHTOWER_LABEL_ENABLE: "true"
WATCHTOWER_POLL_INTERVAL: "60" WATCHTOWER_POLL_INTERVAL: "60"
volumes:
- "/var/run/docker.sock:/var/run/docker.sock"
- "/root/.docker/config.json:/config.json:ro"

3
roles/docker/tasks/services/websites/2022.slides.data.coop.yml
View file

@ -17,6 +17,3 @@
- NET_ADMIN - NET_ADMIN
devices: devices:
- "/dev/net/tun" - "/dev/net/tun"
labels:
com.centurylinklabs.watchtower.enable: "true"

2
roles/docker/tasks/services/websites/cryptoaarhus.dk.yml
View file

@ -11,5 +11,3 @@
VIRTUAL_HOST : "{{ services.cryptoaarhus_website.domains|join(',') }}" VIRTUAL_HOST : "{{ services.cryptoaarhus_website.domains|join(',') }}"
LETSENCRYPT_HOST: "{{ services.cryptoaarhus_website.domains|join(',') }}" LETSENCRYPT_HOST: "{{ services.cryptoaarhus_website.domains|join(',') }}"
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}" LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
labels:
com.centurylinklabs.watchtower.enable: "true"

2
roles/docker/tasks/services/websites/cryptohagen.dk.yml
View file

@ -11,5 +11,3 @@
VIRTUAL_HOST : "{{ services.cryptohagen_website.domains|join(',') }}" VIRTUAL_HOST : "{{ services.cryptohagen_website.domains|join(',') }}"
LETSENCRYPT_HOST: "{{ services.cryptohagen_website.domains|join(',') }}" LETSENCRYPT_HOST: "{{ services.cryptohagen_website.domains|join(',') }}"
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}" LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
labels:
com.centurylinklabs.watchtower.enable: "true"

2
roles/docker/tasks/services/websites/data.coop.yml
View file

@ -21,5 +21,3 @@
VIRTUAL_HOST : "{{ services.data_coop_website.domains|join(',') }}" VIRTUAL_HOST : "{{ services.data_coop_website.domains|join(',') }}"
LETSENCRYPT_HOST: "{{ services.data_coop_website.domains|join(',') }}" LETSENCRYPT_HOST: "{{ services.data_coop_website.domains|join(',') }}"
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}" LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
labels:
com.centurylinklabs.watchtower.enable: "true"

2
roles/docker/tasks/services/websites/new.data.coop.yml
View file

@ -11,5 +11,3 @@
VIRTUAL_HOST : "{{ services.new_data_coop_website.domain }}" VIRTUAL_HOST : "{{ services.new_data_coop_website.domain }}"
LETSENCRYPT_HOST: "{{ services.new_data_coop_website.domain }}" LETSENCRYPT_HOST: "{{ services.new_data_coop_website.domain }}"
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}" LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
labels:
com.centurylinklabs.watchtower.enable: "true"

2
roles/docker/tasks/services/websites/ulovliglogning.dk.yml
View file

@ -11,5 +11,3 @@
VIRTUAL_HOST: "{{ services.ulovliglogning_website.domains|join(',') }}" VIRTUAL_HOST: "{{ services.ulovliglogning_website.domains|join(',') }}"
LETSENCRYPT_HOST: "{{ services.ulovliglogning_website.domains|join(',') }}" LETSENCRYPT_HOST: "{{ services.ulovliglogning_website.domains|join(',') }}"
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}" LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
labels:
com.centurylinklabs.watchtower.enable: "true"