Compare commits
No commits in common. "62f548d05be9afecd666916e9ca4cf5ea9273a40" and "f50831460c93041cac1bca5f6e75ae3360b28297" have entirely different histories.
62f548d05b
...
f50831460c
|
@ -6,35 +6,38 @@ services:
|
||||||
|
|
||||||
### Internal services ###
|
### Internal services ###
|
||||||
postfix:
|
postfix:
|
||||||
|
file: postfix.yml
|
||||||
domain: "smtp.{{ base_domain }}"
|
domain: "smtp.{{ base_domain }}"
|
||||||
volume_folder: "{{ volume_root_folder }}/postfix"
|
volume_folder: "{{ volume_root_folder }}/postfix"
|
||||||
pre_deploy_tasks: true
|
|
||||||
version: "v3.6.1-alpine"
|
version: "v3.6.1-alpine"
|
||||||
|
|
||||||
nginx_proxy:
|
nginx_proxy:
|
||||||
|
file: nginx_proxy.yml
|
||||||
volume_folder: "{{ volume_root_folder }}/nginx"
|
volume_folder: "{{ volume_root_folder }}/nginx"
|
||||||
pre_deploy_tasks: true
|
|
||||||
version: "1.3-alpine"
|
version: "1.3-alpine"
|
||||||
acme_companion_version: "2.2"
|
acme_companion_version: "2.2"
|
||||||
|
|
||||||
openldap:
|
openldap:
|
||||||
|
file: openldap.yml
|
||||||
domain: "ldap.{{ base_domain }}"
|
domain: "ldap.{{ base_domain }}"
|
||||||
volume_folder: "{{ volume_root_folder }}/openldap"
|
volume_folder: "{{ volume_root_folder }}/openldap"
|
||||||
pre_deploy_tasks: true
|
|
||||||
version: "1.5.0"
|
version: "1.5.0"
|
||||||
phpldapadmin_version: "0.9.0"
|
phpldapadmin_version: "0.9.0"
|
||||||
|
|
||||||
netdata:
|
netdata:
|
||||||
|
file: netdata.yml
|
||||||
domain: "netdata.{{ base_domain }}"
|
domain: "netdata.{{ base_domain }}"
|
||||||
volume_folder: "{{ volume_root_folder }}/netdata"
|
volume_folder: "{{ volume_root_folder }}/netdata"
|
||||||
version: "v1"
|
version: "v1"
|
||||||
|
|
||||||
portainer:
|
portainer:
|
||||||
|
file: portainer.yml
|
||||||
domain: "portainer.{{ base_domain }}"
|
domain: "portainer.{{ base_domain }}"
|
||||||
volume_folder: "{{ volume_root_folder }}/portainer"
|
volume_folder: "{{ volume_root_folder }}/portainer"
|
||||||
version: "2.19.0"
|
version: "2.19.0"
|
||||||
|
|
||||||
keycloak:
|
keycloak:
|
||||||
|
file: keycloak.yml
|
||||||
domain: sso.{{ base_domain }}
|
domain: sso.{{ base_domain }}
|
||||||
volume_folder: "{{ volume_root_folder }}/keycloak"
|
volume_folder: "{{ volume_root_folder }}/keycloak"
|
||||||
version: "22.0"
|
version: "22.0"
|
||||||
|
@ -42,20 +45,19 @@ services:
|
||||||
allowed_sender_domain: true
|
allowed_sender_domain: true
|
||||||
|
|
||||||
restic:
|
restic:
|
||||||
volume_folder: "{{ volume_root_folder }}/restic"
|
file: restic.yml
|
||||||
pre_deploy_tasks: true
|
|
||||||
user: dc-user
|
user: dc-user
|
||||||
domain: rynkeby.skovgaard.tel
|
domain: rynkeby.skovgaard.tel
|
||||||
host_key: ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBLGol2G+a87ssy0nu/STKBZSiGyhZhZKx/ujfe9IeFo
|
host_key: ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBLGol2G+a87ssy0nu/STKBZSiGyhZhZKx/ujfe9IeFo
|
||||||
|
volume_folder: "{{ volume_root_folder }}/restic"
|
||||||
repository: restic
|
repository: restic
|
||||||
version: "1.7.0"
|
version: "1.7.0"
|
||||||
disabled_in_vagrant: true
|
disabled_in_vagrant: true
|
||||||
|
|
||||||
docker_registry:
|
docker_registry:
|
||||||
|
file: docker_registry.yml
|
||||||
domain: "docker.{{ base_domain }}"
|
domain: "docker.{{ base_domain }}"
|
||||||
volume_folder: "{{ volume_root_folder }}/docker-registry"
|
volume_folder: "{{ volume_root_folder }}/docker-registry"
|
||||||
pre_deploy_tasks: true
|
|
||||||
post_deploy_tasks: true
|
|
||||||
username: "docker"
|
username: "docker"
|
||||||
password: "{{ docker_password }}"
|
password: "{{ docker_password }}"
|
||||||
version: "2"
|
version: "2"
|
||||||
|
@ -63,21 +65,23 @@ services:
|
||||||
### External services ###
|
### External services ###
|
||||||
|
|
||||||
nextcloud:
|
nextcloud:
|
||||||
|
file: nextcloud.yml
|
||||||
domain: "cloud.{{ base_domain }}"
|
domain: "cloud.{{ base_domain }}"
|
||||||
volume_folder: "{{ volume_root_folder }}/nextcloud"
|
volume_folder: "{{ volume_root_folder }}/nextcloud"
|
||||||
pre_deploy_tasks: true
|
|
||||||
version: 27-apache
|
version: 27-apache
|
||||||
postgres_version: "10"
|
postgres_version: "10"
|
||||||
redis_version: 7-alpine
|
redis_version: 7-alpine
|
||||||
allowed_sender_domain: true
|
allowed_sender_domain: true
|
||||||
|
|
||||||
forgejo:
|
forgejo:
|
||||||
|
file: forgejo.yml
|
||||||
domain: "git.{{ base_domain }}"
|
domain: "git.{{ base_domain }}"
|
||||||
volume_folder: "{{ volume_root_folder }}/forgejo"
|
volume_folder: "{{ volume_root_folder }}/forgejo"
|
||||||
version: "1.20"
|
version: "1.20"
|
||||||
allowed_sender_domain: true
|
allowed_sender_domain: true
|
||||||
|
|
||||||
passit:
|
passit:
|
||||||
|
file: passit.yml
|
||||||
domain: "passit.{{ base_domain }}"
|
domain: "passit.{{ base_domain }}"
|
||||||
volume_folder: "{{ volume_root_folder }}/passit"
|
volume_folder: "{{ volume_root_folder }}/passit"
|
||||||
version: stable
|
version: stable
|
||||||
|
@ -85,58 +89,63 @@ services:
|
||||||
allowed_sender_domain: true
|
allowed_sender_domain: true
|
||||||
|
|
||||||
matrix:
|
matrix:
|
||||||
|
file: matrix.yml
|
||||||
domain: "matrix.{{ base_domain }}"
|
domain: "matrix.{{ base_domain }}"
|
||||||
volume_folder: "{{ volume_root_folder }}/matrix"
|
volume_folder: "{{ volume_root_folder }}/matrix"
|
||||||
pre_deploy_tasks: true
|
|
||||||
version: v1.90.0
|
version: v1.90.0
|
||||||
postgres_version: 15-alpine
|
postgres_version: 15-alpine
|
||||||
allowed_sender_domain: true
|
allowed_sender_domain: true
|
||||||
|
|
||||||
element:
|
element:
|
||||||
|
file: element.yml
|
||||||
domain: "element.{{ base_domain }}"
|
domain: "element.{{ base_domain }}"
|
||||||
volume_folder: "{{ volume_root_folder }}/element"
|
volume_folder: "{{ volume_root_folder }}/element"
|
||||||
pre_deploy_tasks: true
|
|
||||||
version: v1.11.43
|
version: v1.11.43
|
||||||
|
|
||||||
privatebin:
|
privatebin:
|
||||||
|
file: privatebin.yml
|
||||||
domain: "paste.{{ base_domain }}"
|
domain: "paste.{{ base_domain }}"
|
||||||
volume_folder: "{{ volume_root_folder }}/privatebin"
|
volume_folder: "{{ volume_root_folder }}/privatebin"
|
||||||
pre_deploy_tasks: true
|
|
||||||
version: "20221009"
|
version: "20221009"
|
||||||
|
|
||||||
hedgedoc:
|
hedgedoc:
|
||||||
|
file: hedgedoc.yml
|
||||||
domain: "pad.{{ base_domain }}"
|
domain: "pad.{{ base_domain }}"
|
||||||
volume_folder: "{{ volume_root_folder }}/hedgedoc"
|
volume_folder: "{{ volume_root_folder }}/hedgedoc"
|
||||||
pre_deploy_tasks: true
|
|
||||||
version: 1.9.9-alpine
|
version: 1.9.9-alpine
|
||||||
postgres_version: 10-alpine
|
postgres_version: 10-alpine
|
||||||
|
|
||||||
data_coop_website:
|
data_coop_website:
|
||||||
|
file: websites/data.coop.yml
|
||||||
domain: "{{ base_domain }}"
|
domain: "{{ base_domain }}"
|
||||||
www_domain: "www.{{ base_domain }}"
|
www_domain: "www.{{ base_domain }}"
|
||||||
pre_deploy_tasks: true
|
|
||||||
version: stable
|
version: stable
|
||||||
staging_domain: "staging.{{ base_domain }}"
|
staging_domain: "staging.{{ base_domain }}"
|
||||||
staging_version: staging
|
staging_version: staging
|
||||||
|
|
||||||
slides_2022_website:
|
slides_2022_website:
|
||||||
|
file: websites/2022.slides.data.coop.yml
|
||||||
domain: "2022.slides.{{ base_domain }}"
|
domain: "2022.slides.{{ base_domain }}"
|
||||||
version: latest
|
version: latest
|
||||||
|
|
||||||
fedi_dk_website:
|
fedi_dk_website:
|
||||||
|
file: websites/fedi.dk.yaml
|
||||||
domain: fedi.dk
|
domain: fedi.dk
|
||||||
version: latest
|
version: latest
|
||||||
|
|
||||||
vhs_website:
|
vhs_website:
|
||||||
|
file: websites/vhs.data.coop.yaml
|
||||||
domain: vhs.data.coop
|
domain: vhs.data.coop
|
||||||
version: latest
|
version: latest
|
||||||
|
|
||||||
cryptohagen_website:
|
cryptohagen_website:
|
||||||
|
file: websites/cryptohagen.dk.yml
|
||||||
domains:
|
domains:
|
||||||
- "cryptohagen.dk"
|
- "cryptohagen.dk"
|
||||||
- "www.cryptohagen.dk"
|
- "www.cryptohagen.dk"
|
||||||
|
|
||||||
ulovliglogning_website:
|
ulovliglogning_website:
|
||||||
|
file: websites/ulovliglogning.dk.yml
|
||||||
domains:
|
domains:
|
||||||
- "ulovliglogning.dk"
|
- "ulovliglogning.dk"
|
||||||
- "www.ulovliglogning.dk"
|
- "www.ulovliglogning.dk"
|
||||||
|
@ -144,42 +153,44 @@ services:
|
||||||
- "www.ulovlig-logning.dk"
|
- "www.ulovlig-logning.dk"
|
||||||
|
|
||||||
cryptoaarhus_website:
|
cryptoaarhus_website:
|
||||||
|
file: websites/cryptoaarhus.dk.yml
|
||||||
domains:
|
domains:
|
||||||
- "cryptoaarhus.dk"
|
- "cryptoaarhus.dk"
|
||||||
- "www.cryptoaarhus.dk"
|
- "www.cryptoaarhus.dk"
|
||||||
|
|
||||||
drone:
|
drone:
|
||||||
|
file: drone.yml
|
||||||
domain: "drone.{{ base_domain }}"
|
domain: "drone.{{ base_domain }}"
|
||||||
volume_folder: "{{ volume_root_folder }}/drone"
|
volume_folder: "{{ volume_root_folder }}/drone"
|
||||||
version: "1"
|
version: "1"
|
||||||
|
|
||||||
mailu:
|
mailu:
|
||||||
|
file: mailu.yml
|
||||||
|
version: "1.9"
|
||||||
domain: "mail.{{ base_domain }}"
|
domain: "mail.{{ base_domain }}"
|
||||||
volume_folder: "{{ volume_root_folder }}/mailu"
|
|
||||||
pre_deploy_tasks: true
|
|
||||||
dns: 192.168.203.254
|
dns: 192.168.203.254
|
||||||
subnet: 192.168.203.0/24
|
subnet: 192.168.203.0/24
|
||||||
version: "1.9"
|
volume_folder: "{{ volume_root_folder }}/mailu"
|
||||||
|
|
||||||
mastodon:
|
mastodon:
|
||||||
|
file: mastodon.yml
|
||||||
domain: "social.{{ base_domain }}"
|
domain: "social.{{ base_domain }}"
|
||||||
volume_folder: "{{ volume_root_folder }}/mastodon"
|
volume_folder: "{{ volume_root_folder }}/mastodon"
|
||||||
pre_deploy_tasks: true
|
|
||||||
post_deploy_tasks: true
|
|
||||||
version: v4.2.0
|
version: v4.2.0
|
||||||
postgres_version: 14-alpine
|
postgres_version: 14-alpine
|
||||||
redis_version: 6-alpine
|
redis_version: 6-alpine
|
||||||
allowed_sender_domain: true
|
allowed_sender_domain: true
|
||||||
|
|
||||||
rallly:
|
rallly:
|
||||||
|
file: rallly.yml
|
||||||
domain: "when.{{ base_domain }}"
|
domain: "when.{{ base_domain }}"
|
||||||
volume_folder: "{{ volume_root_folder }}/rallly"
|
volume_folder: "{{ volume_root_folder }}/rallly"
|
||||||
pre_deploy_tasks: true
|
|
||||||
version: "2"
|
version: "2"
|
||||||
postgres_version: 14-alpine
|
postgres_version: 14-alpine
|
||||||
allowed_sender_domain: true
|
allowed_sender_domain: true
|
||||||
|
|
||||||
membersystem:
|
membersystem:
|
||||||
|
file: membersystem.yml
|
||||||
domain: "member.{{ base_domain }}"
|
domain: "member.{{ base_domain }}"
|
||||||
django_admins: "Vidir:valberg@orn.li"
|
django_admins: "Vidir:valberg@orn.li"
|
||||||
volume_folder: "{{ volume_root_folder }}/membersystem"
|
volume_folder: "{{ volume_root_folder }}/membersystem"
|
||||||
|
@ -188,5 +199,6 @@ services:
|
||||||
allowed_sender_domain: true
|
allowed_sender_domain: true
|
||||||
|
|
||||||
watchtower:
|
watchtower:
|
||||||
|
file: watchtower.yml
|
||||||
volume_folder: "{{ volume_root_folder }}/watchtower"
|
volume_folder: "{{ volume_root_folder }}/watchtower"
|
||||||
version: "1.5.3"
|
version: "1.5.3"
|
||||||
|
|
|
@ -1,13 +0,0 @@
|
||||||
# vim: ft=yaml.ansible
|
|
||||||
---
|
|
||||||
- name: Generate htpasswd file
|
|
||||||
shell: docker compose exec registry htpasswd -Bbn docker {{ docker_password }} > auth/htpasswd
|
|
||||||
args:
|
|
||||||
chdir: "{{ services.docker_registry.volume_folder }}"
|
|
||||||
creates: "{{ services.docker_registry.volume_folder }}/auth/htpasswd"
|
|
||||||
|
|
||||||
- name: log in to registry
|
|
||||||
docker_login:
|
|
||||||
registry: "{{ 'docker.data.coop' if vagrant else services.docker_registry.domain }}"
|
|
||||||
username: docker
|
|
||||||
password: "{{ docker_password }}"
|
|
|
@ -1,19 +0,0 @@
|
||||||
# vim: ft=yaml.ansible
|
|
||||||
---
|
|
||||||
- name: Configure cron job to remove old Mastodon media daily
|
|
||||||
cron:
|
|
||||||
name: Clean Mastodon media data older than a week
|
|
||||||
cron_file: ansible_mastodon_clean_media
|
|
||||||
job: docker exec mastodon_web_1 tootctl media remove --days 7
|
|
||||||
special_time: daily
|
|
||||||
user: root
|
|
||||||
state: present
|
|
||||||
|
|
||||||
- name: Configure cron job to remove old Mastodon preview cards daily
|
|
||||||
cron:
|
|
||||||
name: Clean Mastodon preview card data older than two weeks
|
|
||||||
cron_file: ansible_mastodon_clean_preview_cards
|
|
||||||
job: docker exec mastodon_web_1 tootctl preview_cards remove --days 14
|
|
||||||
special_time: daily
|
|
||||||
user: root
|
|
||||||
state: present
|
|
|
@ -1,11 +0,0 @@
|
||||||
# vim: ft=yaml.ansible
|
|
||||||
---
|
|
||||||
- name: Upload vhost config for root domain
|
|
||||||
copy:
|
|
||||||
src: vhost/base_domain
|
|
||||||
dest: "{{ services.nginx_proxy.volume_folder }}/vhost/{{ services.data_coop_website.domain }}"
|
|
||||||
|
|
||||||
- name: Upload vhost config for WWW domain
|
|
||||||
copy:
|
|
||||||
src: vhost/www.base_domain
|
|
||||||
dest: "{{ services.nginx_proxy.volume_folder }}/vhost/{{ services.data_coop_website.www_domain }}"
|
|
|
@ -1,17 +0,0 @@
|
||||||
# vim: ft=yaml.ansible
|
|
||||||
---
|
|
||||||
- name: Create subfolders
|
|
||||||
file:
|
|
||||||
path: "{{ services.docker_registry.volume_folder }}/{{ volume }}"
|
|
||||||
state: directory
|
|
||||||
loop:
|
|
||||||
- auth
|
|
||||||
- registry
|
|
||||||
loop_control:
|
|
||||||
loop_var: volume
|
|
||||||
|
|
||||||
- name: Copy docker registry vhost configuration
|
|
||||||
copy:
|
|
||||||
src: vhost/docker_registry
|
|
||||||
dest: "{{ services.nginx_proxy.volume_folder }}/vhost/{{ services.docker_registry.domain }}"
|
|
||||||
mode: "0644"
|
|
|
@ -1,17 +0,0 @@
|
||||||
# vim: ft=yaml.ansible
|
|
||||||
---
|
|
||||||
- name: Create subfolders
|
|
||||||
file:
|
|
||||||
name: "{{ services.hedgedoc.volume_folder }}/{{ volume }}"
|
|
||||||
state: directory
|
|
||||||
loop:
|
|
||||||
- db
|
|
||||||
- hedgedoc/uploads
|
|
||||||
loop_control:
|
|
||||||
loop_var: volume
|
|
||||||
|
|
||||||
- name: Copy SSO certificate
|
|
||||||
copy:
|
|
||||||
src: sso/sso.data.coop.pem
|
|
||||||
dest: "{{ services.hedgedoc.volume_folder }}/sso.data.coop.pem"
|
|
||||||
mode: "0644"
|
|
|
@ -1,45 +0,0 @@
|
||||||
# vim: ft=yaml.ansible
|
|
||||||
---
|
|
||||||
- name: Create subfolder for Mastodon data
|
|
||||||
file:
|
|
||||||
name: "{{ services.mastodon.volume_folder }}/mastodon_data"
|
|
||||||
state: directory
|
|
||||||
owner: "991"
|
|
||||||
mode: u=rwx,g=rx,o=rx
|
|
||||||
|
|
||||||
- name: Create subfolder for PostgreSQL data
|
|
||||||
file:
|
|
||||||
name: "{{ services.mastodon.volume_folder }}/postgres_data"
|
|
||||||
state: directory
|
|
||||||
owner: "70"
|
|
||||||
mode: u=rwx,go=
|
|
||||||
|
|
||||||
- name: Create subfolder for PostgreSQL config
|
|
||||||
file:
|
|
||||||
name: "{{ services.mastodon.volume_folder }}/postgres_config"
|
|
||||||
state: directory
|
|
||||||
owner: root
|
|
||||||
mode: u=rwx,g=rx,o=rx
|
|
||||||
|
|
||||||
- name: Create subfolder for Redis data
|
|
||||||
file:
|
|
||||||
name: "{{ services.mastodon.volume_folder }}/redis_data"
|
|
||||||
state: directory
|
|
||||||
owner: "999"
|
|
||||||
group: "1000"
|
|
||||||
mode: u=rwx,g=rx,o=rx
|
|
||||||
|
|
||||||
- name: Upload mastodon.env file
|
|
||||||
template:
|
|
||||||
src: mastodon/env.j2
|
|
||||||
dest: "{{ services.mastodon.volume_folder }}/mastodon.env"
|
|
||||||
|
|
||||||
- name: Upload vhost config for Mastodon domain
|
|
||||||
copy:
|
|
||||||
src: vhost/mastodon
|
|
||||||
dest: "{{ services.nginx_proxy.volume_folder }}/vhost/{{ services.mastodon.domain }}"
|
|
||||||
|
|
||||||
- name: Upload PostgreSQL config
|
|
||||||
copy:
|
|
||||||
src: mastodon/postgresql.conf
|
|
||||||
dest: "{{ services.mastodon.volume_folder }}/postgres_config/postgresql.conf"
|
|
|
@ -1,17 +0,0 @@
|
||||||
# vim: ft=yaml.ansible
|
|
||||||
---
|
|
||||||
- name: Create subfolders
|
|
||||||
file:
|
|
||||||
path: "{{ services.nextcloud.volume_folder }}/{{ volume }}"
|
|
||||||
state: directory
|
|
||||||
loop:
|
|
||||||
- app
|
|
||||||
- postgres
|
|
||||||
loop_control:
|
|
||||||
loop_var: volume
|
|
||||||
|
|
||||||
- name: Upload vhost config for Nextcloud domain
|
|
||||||
copy:
|
|
||||||
src: vhost/nextcloud
|
|
||||||
dest: "{{ services.nginx_proxy.volume_folder }}/vhost/{{ services.nextcloud.domain }}"
|
|
||||||
notify: "restart nginx"
|
|
|
@ -1,14 +0,0 @@
|
||||||
# vim: ft=yaml.ansible
|
|
||||||
---
|
|
||||||
- name: Create subfolders
|
|
||||||
file:
|
|
||||||
name: "{{ services.nginx_proxy.volume_folder }}/{{ volume }}"
|
|
||||||
state: directory
|
|
||||||
loop:
|
|
||||||
- conf
|
|
||||||
- vhost
|
|
||||||
- html
|
|
||||||
- dhparam
|
|
||||||
- certs
|
|
||||||
loop_control:
|
|
||||||
loop_var: volume
|
|
|
@ -1,12 +0,0 @@
|
||||||
# vim: ft=yaml.ansible
|
|
||||||
---
|
|
||||||
- name: Create subfolders
|
|
||||||
file:
|
|
||||||
name: "{{ services.openldap.volume_folder }}/{{ volume }}"
|
|
||||||
state: directory
|
|
||||||
loop:
|
|
||||||
- var/lib/ldap
|
|
||||||
- etc/slapd
|
|
||||||
- certs
|
|
||||||
loop_control:
|
|
||||||
loop_var: volume
|
|
|
@ -1,13 +0,0 @@
|
||||||
# vim: ft=yaml.ansible
|
|
||||||
---
|
|
||||||
- name: Set up network for Postfix
|
|
||||||
docker_network:
|
|
||||||
name: postfix
|
|
||||||
ipam_config:
|
|
||||||
- subnet: '172.16.0.0/16'
|
|
||||||
gateway: 172.16.0.1
|
|
||||||
|
|
||||||
- name: Create subfolder
|
|
||||||
file:
|
|
||||||
name: "{{ services.postfix.volume_folder }}/dkim"
|
|
||||||
state: directory
|
|
|
@ -1,16 +0,0 @@
|
||||||
# vim: ft=yaml.ansible
|
|
||||||
---
|
|
||||||
- name: Create subfolders
|
|
||||||
file:
|
|
||||||
name: "{{ services.privatebin.volume_folder }}/{{ volume }}"
|
|
||||||
state: directory
|
|
||||||
loop:
|
|
||||||
- cfg
|
|
||||||
- data
|
|
||||||
loop_control:
|
|
||||||
loop_var: volume
|
|
||||||
|
|
||||||
- name: Upload PrivateBin config
|
|
||||||
copy:
|
|
||||||
src: privatebin/conf.php
|
|
||||||
dest: "{{ services.privatebin.volume_folder }}/cfg/conf.php"
|
|
|
@ -1,11 +0,0 @@
|
||||||
# vim: ft=yaml.ansible
|
|
||||||
---
|
|
||||||
- name: Create subfolder
|
|
||||||
file:
|
|
||||||
name: "{{ services.rallly.volume_folder }}/postgres"
|
|
||||||
state: directory
|
|
||||||
|
|
||||||
- name: Copy rallly.env file
|
|
||||||
template:
|
|
||||||
src: rallly/env.j2
|
|
||||||
dest: "{{ services.rallly.volume_folder }}/rallly.env"
|
|
|
@ -4,62 +4,18 @@
|
||||||
docker_network:
|
docker_network:
|
||||||
name: external_services
|
name: external_services
|
||||||
|
|
||||||
- name: Service block for all services
|
- name: setup services
|
||||||
loop: "{{ services | dict2items(key_name='name', value_name='vars') }}"
|
include_tasks: "services/{{ item.service.file }}"
|
||||||
loop_control:
|
loop: "{{ services | dict2items(value_name='service') }}"
|
||||||
loop_var: service
|
|
||||||
when: single_service is not defined and
|
when: single_service is not defined and
|
||||||
(service.vars.disabled_in_vagrant is not defined or
|
item.service.file is defined and
|
||||||
not (service.vars.disabled_in_vagrant and vagrant))
|
(item.service.disabled_in_vagrant is not defined or
|
||||||
block:
|
not (item.service.disabled_in_vagrant and vagrant))
|
||||||
- name: Create volume folder
|
|
||||||
file:
|
|
||||||
name: "{{ service.vars.volume_folder }}"
|
|
||||||
state: directory
|
|
||||||
|
|
||||||
- name: Upload Compose file
|
- name: setup single service
|
||||||
template:
|
include_tasks: "services/{{ services[single_service].file }}"
|
||||||
src: compose-files/{{ service.name }}.yml.j2
|
|
||||||
dest: "{{ service.vars.volume_folder }}/docker-compose.yml"
|
|
||||||
|
|
||||||
- name: Run pre-deployment tasks
|
|
||||||
include_tasks: pre_deploy/{{ service.name }}.yml
|
|
||||||
when: service.vars.pre_deploy_tasks is defined and service.vars.pre_deploy_tasks
|
|
||||||
|
|
||||||
- name: Deploy Compose stack
|
|
||||||
command: docker compose up -d --remove-orphans --pull always
|
|
||||||
args:
|
|
||||||
chdir: "{{ service.vars.volume_folder }}"
|
|
||||||
|
|
||||||
- name: Run post-deployment tasks
|
|
||||||
include_tasks: post_deploy/{{ service.name }}.yml
|
|
||||||
when: service.vars.post_deploy_tasks is defined and service.vars.post_deploy_tasks
|
|
||||||
|
|
||||||
- name: Service block for a single service
|
|
||||||
when: single_service is defined and
|
when: single_service is defined and
|
||||||
single_service in services and
|
single_service in services and
|
||||||
|
services[single_service].file is defined and
|
||||||
(services[single_service].disabled_in_vagrant is not defined or
|
(services[single_service].disabled_in_vagrant is not defined or
|
||||||
not (services[single_service].disabled_in_vagrant and vagrant))
|
not (services[single_service].disabled_in_vagrant and vagrant))
|
||||||
block:
|
|
||||||
- name: Create volume folder
|
|
||||||
file:
|
|
||||||
name: "{{ services[single_service].volume_folder }}"
|
|
||||||
state: directory
|
|
||||||
|
|
||||||
- name: Upload Compose file
|
|
||||||
template:
|
|
||||||
src: compose-files/{{ single_service }}.yml.j2
|
|
||||||
dest: "{{ services[single_service].volume_folder }}/docker-compose.yml"
|
|
||||||
|
|
||||||
- name: Run pre-deployment tasks
|
|
||||||
include_tasks: pre_deploy/{{ single_service }}.yml
|
|
||||||
when: services[single_service].pre_deploy_tasks is defined and services[single_service].pre_deploy_tasks
|
|
||||||
|
|
||||||
- name: Deploy Compose stack
|
|
||||||
command: docker compose up -d --remove-orphans --pull always
|
|
||||||
args:
|
|
||||||
chdir: "{{ services[single_service].volume_folder }}"
|
|
||||||
|
|
||||||
- name: Run post-deployment tasks
|
|
||||||
include_tasks: post_deploy/{{ single_service }}.yml
|
|
||||||
when: services[single_service].post_deploy_tasks is defined and services[single_service].post_deploy_tasks
|
|
||||||
|
|
40
roles/docker/tasks/services/docker_registry.yml
Normal file
40
roles/docker/tasks/services/docker_registry.yml
Normal file
|
@ -0,0 +1,40 @@
|
||||||
|
# vim: ft=yaml.ansible
|
||||||
|
---
|
||||||
|
- name: Create Docker registry volume folders
|
||||||
|
file:
|
||||||
|
path: "{{ services.docker_registry.volume_folder }}/{{ volume }}"
|
||||||
|
state: directory
|
||||||
|
loop:
|
||||||
|
- auth
|
||||||
|
- registry
|
||||||
|
loop_control:
|
||||||
|
loop_var: volume
|
||||||
|
|
||||||
|
- name: Copy docker registry vhost configuration
|
||||||
|
copy:
|
||||||
|
src: vhost/docker_registry
|
||||||
|
dest: "{{ services.nginx_proxy.volume_folder }}/vhost/{{ services.docker_registry.domain }}"
|
||||||
|
mode: "0644"
|
||||||
|
|
||||||
|
- name: Upload Compose file for Docker registry
|
||||||
|
template:
|
||||||
|
src: compose-files/docker_registry.yml.j2
|
||||||
|
dest: "{{ services.docker_registry.volume_folder }}/docker-compose.yml"
|
||||||
|
|
||||||
|
- name: Deploy Docker registry
|
||||||
|
docker_compose:
|
||||||
|
project_src: "{{ services.docker_registry.volume_folder }}"
|
||||||
|
pull: true
|
||||||
|
state: present
|
||||||
|
|
||||||
|
- name: Generate htpasswd file
|
||||||
|
shell: "docker compose exec registry htpasswd -Bbn docker {{ docker_password }} > auth/htpasswd"
|
||||||
|
args:
|
||||||
|
chdir: "{{ services.docker_registry.volume_folder }}"
|
||||||
|
creates: "{{ services.docker_registry.volume_folder }}/auth/htpasswd"
|
||||||
|
|
||||||
|
- name: log in to registry
|
||||||
|
docker_login:
|
||||||
|
registry: "{{ 'docker.data.coop' if vagrant else services.docker_registry.domain }}"
|
||||||
|
username: "docker"
|
||||||
|
password: "{{ docker_password }}"
|
17
roles/docker/tasks/services/drone.yml
Normal file
17
roles/docker/tasks/services/drone.yml
Normal file
|
@ -0,0 +1,17 @@
|
||||||
|
# vim: ft=yaml.ansible
|
||||||
|
---
|
||||||
|
- name: Create Drone volume folder
|
||||||
|
file:
|
||||||
|
path: "{{ services.drone.volume_folder }}"
|
||||||
|
state: directory
|
||||||
|
|
||||||
|
- name: Upload Compose file for Drone
|
||||||
|
template:
|
||||||
|
src: compose-files/drone.yml.j2
|
||||||
|
dest: "{{ services.drone.volume_folder }}/docker-compose.yml"
|
||||||
|
|
||||||
|
- name: Deploy Drone
|
||||||
|
docker_compose:
|
||||||
|
project_src: "{{ services.drone.volume_folder }}"
|
||||||
|
pull: true
|
||||||
|
state: present
|
|
@ -1,16 +1,16 @@
|
||||||
# vim: ft=yaml.ansible
|
# vim: ft=yaml.ansible
|
||||||
---
|
---
|
||||||
- name: Create subfolder
|
- name: Create Element volume folder
|
||||||
file:
|
file:
|
||||||
name: "{{ services.element.volume_folder }}/data"
|
name: "{{ services.element.volume_folder }}/data"
|
||||||
state: directory
|
state: directory
|
||||||
|
|
||||||
- name: Upload config.json
|
- name: Upload Element config.json
|
||||||
template:
|
template:
|
||||||
src: element/config.json.j2
|
src: element/config.json.j2
|
||||||
dest: "{{ services.element.volume_folder }}/data/config.json"
|
dest: "{{ services.element.volume_folder }}/data/config.json"
|
||||||
|
|
||||||
- name: Upload riot.im.conf
|
- name: Upload Element riot.im.conf
|
||||||
copy:
|
copy:
|
||||||
src: element/riot.im.conf
|
src: element/riot.im.conf
|
||||||
dest: "{{ services.element.volume_folder }}/data/riot.im.conf"
|
dest: "{{ services.element.volume_folder }}/data/riot.im.conf"
|
||||||
|
@ -19,3 +19,14 @@
|
||||||
copy:
|
copy:
|
||||||
src: vhost/element
|
src: vhost/element
|
||||||
dest: "{{ services.nginx_proxy.volume_folder }}/vhost/{{ services.element.domain }}"
|
dest: "{{ services.nginx_proxy.volume_folder }}/vhost/{{ services.element.domain }}"
|
||||||
|
|
||||||
|
- name: Upload Compose file for Element
|
||||||
|
template:
|
||||||
|
src: compose-files/element.yml.j2
|
||||||
|
dest: "{{ services.element.volume_folder }}/docker-compose.yml"
|
||||||
|
|
||||||
|
- name: Deploy Element
|
||||||
|
docker_compose:
|
||||||
|
project_src: "{{ services.element.volume_folder }}"
|
||||||
|
pull: true
|
||||||
|
state: present
|
17
roles/docker/tasks/services/forgejo.yml
Normal file
17
roles/docker/tasks/services/forgejo.yml
Normal file
|
@ -0,0 +1,17 @@
|
||||||
|
# vim: ft=yaml.ansible
|
||||||
|
---
|
||||||
|
- name: Create Forgejo volume folder
|
||||||
|
file:
|
||||||
|
name: "{{ services.portainer.volume_folder }}"
|
||||||
|
state: directory
|
||||||
|
|
||||||
|
- name: Upload Compose file for Forgejo
|
||||||
|
template:
|
||||||
|
src: compose-files/forgejo.yml.j2
|
||||||
|
dest: "{{ services.forgejo.volume_folder }}/docker-compose.yml"
|
||||||
|
|
||||||
|
- name: Deploy Forgejo
|
||||||
|
docker_compose:
|
||||||
|
project_src: "{{ services.forgejo.volume_folder }}"
|
||||||
|
pull: true
|
||||||
|
state: present
|
28
roles/docker/tasks/services/hedgedoc.yml
Normal file
28
roles/docker/tasks/services/hedgedoc.yml
Normal file
|
@ -0,0 +1,28 @@
|
||||||
|
# vim: ft=yaml.ansible
|
||||||
|
---
|
||||||
|
- name: create hedgedoc volume folders
|
||||||
|
file:
|
||||||
|
name: "{{ services.hedgedoc.volume_folder }}/{{ volume }}"
|
||||||
|
state: directory
|
||||||
|
loop:
|
||||||
|
- "db"
|
||||||
|
- "hedgedoc/uploads"
|
||||||
|
loop_control:
|
||||||
|
loop_var: volume
|
||||||
|
|
||||||
|
- name: copy sso public certificate
|
||||||
|
copy:
|
||||||
|
src: sso/sso.data.coop.pem
|
||||||
|
dest: "{{ services.hedgedoc.volume_folder }}/sso.data.coop.pem"
|
||||||
|
mode: "0644"
|
||||||
|
|
||||||
|
- name: Upload Compose file for for HedgeDoc
|
||||||
|
template:
|
||||||
|
src: compose-files/hedgedoc.yml.j2
|
||||||
|
dest: "{{ services.hedgedoc.volume_folder }}/docker-compose.yml"
|
||||||
|
|
||||||
|
- name: setup hedgedoc
|
||||||
|
docker_compose:
|
||||||
|
project_src: "{{ services.hedgedoc.volume_folder }}"
|
||||||
|
pull: true
|
||||||
|
state: present
|
17
roles/docker/tasks/services/keycloak.yml
Normal file
17
roles/docker/tasks/services/keycloak.yml
Normal file
|
@ -0,0 +1,17 @@
|
||||||
|
# vim: ft=yaml.ansible
|
||||||
|
---
|
||||||
|
- name: Create Keycloak volume folder
|
||||||
|
file:
|
||||||
|
path: "{{ services.keycloak.volume_folder }}/data"
|
||||||
|
state: directory
|
||||||
|
|
||||||
|
- name: Upload Compose file for for Keycloak
|
||||||
|
template:
|
||||||
|
src: compose-files/keycloak.yml.j2
|
||||||
|
dest: "{{ services.keycloak.volume_folder }}/docker-compose.yml"
|
||||||
|
|
||||||
|
- name: Deploy Keycloak
|
||||||
|
docker_compose:
|
||||||
|
project_src: "{{ services.keycloak.volume_folder }}"
|
||||||
|
pull: true
|
||||||
|
state: present
|
|
@ -1,6 +1,6 @@
|
||||||
# vim: ft=yaml.ansible
|
# vim: ft=yaml.ansible
|
||||||
---
|
---
|
||||||
- name: Create subfolders
|
- name: create mailu volume folders
|
||||||
file:
|
file:
|
||||||
name: "{{ services.mailu.volume_folder }}/{{ volume }}"
|
name: "{{ services.mailu.volume_folder }}/{{ volume }}"
|
||||||
state: directory
|
state: directory
|
||||||
|
@ -23,12 +23,12 @@
|
||||||
loop_control:
|
loop_control:
|
||||||
loop_var: volume
|
loop_var: volume
|
||||||
|
|
||||||
- name: Upload mailu.env file
|
- name: upload mailu.env file
|
||||||
template:
|
template:
|
||||||
src: mailu/env.j2
|
src: mailu/env.j2
|
||||||
dest: "{{ services.mailu.volume_folder }}/mailu.env"
|
dest: "{{ services.mailu.volume_folder }}/mailu.env"
|
||||||
|
|
||||||
- name: Hard link to Let's Encrypt TLS certificate
|
- name: hard link to Let's Encrypt TLS certificate
|
||||||
file:
|
file:
|
||||||
src: "{{ services.nginx_proxy.volume_folder }}/certs/{{ services.mailu.domain }}/fullchain.pem"
|
src: "{{ services.nginx_proxy.volume_folder }}/certs/{{ services.mailu.domain }}/fullchain.pem"
|
||||||
dest: "{{ services.mailu.volume_folder }}/certs/cert.pem"
|
dest: "{{ services.mailu.volume_folder }}/certs/cert.pem"
|
||||||
|
@ -36,10 +36,21 @@
|
||||||
force: true
|
force: true
|
||||||
when: letsencrypt_enabled
|
when: letsencrypt_enabled
|
||||||
|
|
||||||
- name: Hard link to Let's Encrypt TLS key
|
- name: hard link to Let's Encrypt TLS key
|
||||||
file:
|
file:
|
||||||
src: "{{ services.nginx_proxy.volume_folder }}/certs/{{ services.mailu.domain }}/key.pem"
|
src: "{{ services.nginx_proxy.volume_folder }}/certs/{{ services.mailu.domain }}/key.pem"
|
||||||
dest: "{{ services.mailu.volume_folder }}/certs/key.pem"
|
dest: "{{ services.mailu.volume_folder }}/certs/key.pem"
|
||||||
state: hard
|
state: hard
|
||||||
force: true
|
force: true
|
||||||
when: letsencrypt_enabled
|
when: letsencrypt_enabled
|
||||||
|
|
||||||
|
- name: Upload Compose file for for Mailu
|
||||||
|
template:
|
||||||
|
src: compose-files/mailu.yml.j2
|
||||||
|
dest: "{{ services.mailu.volume_folder }}/docker-compose.yml"
|
||||||
|
|
||||||
|
- name: Deploy Mailu
|
||||||
|
docker_compose:
|
||||||
|
project_src: "{{ services.mailu.volume_folder }}"
|
||||||
|
pull: true
|
||||||
|
state: present
|
75
roles/docker/tasks/services/mastodon.yml
Normal file
75
roles/docker/tasks/services/mastodon.yml
Normal file
|
@ -0,0 +1,75 @@
|
||||||
|
# vim: ft=yaml.ansible
|
||||||
|
---
|
||||||
|
- name: Create volume folder for Mastodon data
|
||||||
|
file:
|
||||||
|
name: "{{ services.mastodon.volume_folder }}/mastodon_data"
|
||||||
|
state: directory
|
||||||
|
owner: "991"
|
||||||
|
mode: u=rwx,g=rx,o=rx
|
||||||
|
|
||||||
|
- name: Create volume folder for PostgreSQL data
|
||||||
|
file:
|
||||||
|
name: "{{ services.mastodon.volume_folder }}/postgres_data"
|
||||||
|
state: directory
|
||||||
|
owner: "70"
|
||||||
|
mode: u=rwx,go=
|
||||||
|
|
||||||
|
- name: Create volume folder for PostgreSQL config
|
||||||
|
file:
|
||||||
|
name: "{{ services.mastodon.volume_folder }}/postgres_config"
|
||||||
|
state: directory
|
||||||
|
owner: root
|
||||||
|
mode: u=rwx,g=rx,o=rx
|
||||||
|
|
||||||
|
- name: Create volume folder for Redis data
|
||||||
|
file:
|
||||||
|
name: "{{ services.mastodon.volume_folder }}/redis_data"
|
||||||
|
state: directory
|
||||||
|
owner: "999"
|
||||||
|
group: "1000"
|
||||||
|
mode: u=rwx,g=rx,o=rx
|
||||||
|
|
||||||
|
- name: Copy mastodon environment file
|
||||||
|
template:
|
||||||
|
src: mastodon/env.j2
|
||||||
|
dest: "{{ services.mastodon.volume_folder }}/mastodon.env"
|
||||||
|
|
||||||
|
- name: Upload vhost config for Mastodon domain
|
||||||
|
copy:
|
||||||
|
src: vhost/mastodon
|
||||||
|
dest: "{{ services.nginx_proxy.volume_folder }}/vhost/{{ services.mastodon.domain }}"
|
||||||
|
|
||||||
|
- name: Copy PostgreSQL config
|
||||||
|
copy:
|
||||||
|
src: mastodon/postgresql.conf
|
||||||
|
dest: "{{ services.mastodon.volume_folder }}/postgres_config/postgresql.conf"
|
||||||
|
|
||||||
|
- name: Upload Compose file for Mastodon
|
||||||
|
template:
|
||||||
|
src: compose-files/mastodon.yml.j2
|
||||||
|
dest: "{{ services.mastodon.volume_folder }}/docker-compose.yml"
|
||||||
|
|
||||||
|
- name: Deploy Mastodon
|
||||||
|
docker_compose:
|
||||||
|
project_src: "{{ services.mastodon.volume_folder }}"
|
||||||
|
pull: true
|
||||||
|
restarted: true
|
||||||
|
state: present
|
||||||
|
|
||||||
|
- name: Configure cron job to remove old Mastodon media daily
|
||||||
|
cron:
|
||||||
|
name: Clean Mastodon media data older than a week
|
||||||
|
cron_file: ansible_mastodon_clean_media
|
||||||
|
job: docker exec mastodon_web_1 tootctl media remove --days 7
|
||||||
|
special_time: daily
|
||||||
|
user: root
|
||||||
|
state: present
|
||||||
|
|
||||||
|
- name: Configure cron job to remove old Mastodon preview cards daily
|
||||||
|
cron:
|
||||||
|
name: Clean Mastodon preview card data older than two weeks
|
||||||
|
cron_file: ansible_mastodon_clean_preview_cards
|
||||||
|
job: docker exec mastodon_web_1 tootctl preview_cards remove --days 14
|
||||||
|
special_time: daily
|
||||||
|
user: root
|
||||||
|
state: present
|
|
@ -1,24 +1,24 @@
|
||||||
# vim: ft=yaml.ansible
|
# vim: ft=yaml.ansible
|
||||||
---
|
---
|
||||||
- name: Create subfolders
|
- name: Create Matrix volume folders
|
||||||
file:
|
file:
|
||||||
name: "{{ services.matrix.volume_folder }}/{{ volume }}"
|
name: "{{ services.matrix.volume_folder }}/{{ volume }}"
|
||||||
state: directory
|
state: directory
|
||||||
owner: "991"
|
owner: "991"
|
||||||
group: "991"
|
group: "991"
|
||||||
loop:
|
loop:
|
||||||
- data
|
- "data"
|
||||||
- data/uploads
|
- "data/uploads"
|
||||||
- data/media
|
- "data/media"
|
||||||
loop_control:
|
loop_control:
|
||||||
loop_var: volume
|
loop_var: volume
|
||||||
|
|
||||||
- name: Create Matrix DB subfolder
|
- name: Create Matrix DB folder
|
||||||
file:
|
file:
|
||||||
name: "{{ services.matrix.volume_folder }}/db"
|
name: "{{ services.matrix.volume_folder }}/db"
|
||||||
state: directory
|
state: directory
|
||||||
|
|
||||||
- name: Upload vhost config for Matrix domain
|
- name: upload vhost config for matrix domain
|
||||||
copy:
|
copy:
|
||||||
src: vhost/matrix
|
src: vhost/matrix
|
||||||
dest: "{{ services.nginx_proxy.volume_folder }}/vhost/{{ services.matrix.domain }}"
|
dest: "{{ services.nginx_proxy.volume_folder }}/vhost/{{ services.matrix.domain }}"
|
||||||
|
@ -28,7 +28,18 @@
|
||||||
src: matrix/homeserver.yaml.j2
|
src: matrix/homeserver.yaml.j2
|
||||||
dest: "{{ services.matrix.volume_folder }}/data/homeserver.yaml"
|
dest: "{{ services.matrix.volume_folder }}/data/homeserver.yaml"
|
||||||
|
|
||||||
- name: Upload Matrix logging config
|
- name: upload matrix logging config
|
||||||
copy:
|
copy:
|
||||||
src: matrix/log.config
|
src: matrix/log.config
|
||||||
dest: "{{ services.matrix.volume_folder }}/data/matrix.data.coop.log.config"
|
dest: "{{ services.matrix.volume_folder }}/data/matrix.data.coop.log.config"
|
||||||
|
|
||||||
|
- name: Upload Compose file for Matrix
|
||||||
|
template:
|
||||||
|
src: compose-files/matrix.yml.j2
|
||||||
|
dest: "{{ services.matrix.volume_folder }}/docker-compose.yml"
|
||||||
|
|
||||||
|
- name: Deploy Matrix
|
||||||
|
docker_compose:
|
||||||
|
project_src: "{{ services.matrix.volume_folder }}"
|
||||||
|
pull: true
|
||||||
|
state: present
|
17
roles/docker/tasks/services/membersystem.yml
Normal file
17
roles/docker/tasks/services/membersystem.yml
Normal file
|
@ -0,0 +1,17 @@
|
||||||
|
# vim: ft=yaml.ansible
|
||||||
|
---
|
||||||
|
- name: Create Membersystem volume folder
|
||||||
|
file:
|
||||||
|
name: "{{ services.membersystem.volume_folder }}"
|
||||||
|
state: directory
|
||||||
|
|
||||||
|
- name: Upload Compose file for Membersystem
|
||||||
|
template:
|
||||||
|
src: compose-files/membersystem.yml.j2
|
||||||
|
dest: "{{ services.membersystem.volume_folder }}/docker-compose.yml"
|
||||||
|
|
||||||
|
- name: Deploy Membersystem
|
||||||
|
docker_compose:
|
||||||
|
project_src: "{{ services.membersystem.volume_folder }}"
|
||||||
|
pull: true
|
||||||
|
state: present
|
17
roles/docker/tasks/services/netdata.yml
Normal file
17
roles/docker/tasks/services/netdata.yml
Normal file
|
@ -0,0 +1,17 @@
|
||||||
|
# vim: ft=yaml.ansible
|
||||||
|
---
|
||||||
|
- name: Create Netdata volume folder
|
||||||
|
file:
|
||||||
|
path: "{{ services.netdata.volume_folder }}"
|
||||||
|
state: directory
|
||||||
|
|
||||||
|
- name: Upload Compose file for Netdata
|
||||||
|
template:
|
||||||
|
src: compose-files/netdata.yml.j2
|
||||||
|
dest: "{{ services.netdata.volume_folder }}/docker-compose.yml"
|
||||||
|
|
||||||
|
- name: Deploy Netdata
|
||||||
|
docker_compose:
|
||||||
|
project_src: "{{ services.netdata.volume_folder }}"
|
||||||
|
pull: true
|
||||||
|
state: present
|
28
roles/docker/tasks/services/nextcloud.yml
Normal file
28
roles/docker/tasks/services/nextcloud.yml
Normal file
|
@ -0,0 +1,28 @@
|
||||||
|
# vim: ft=yaml.ansible
|
||||||
|
---
|
||||||
|
- name: Create Nextcloud volume folders
|
||||||
|
file:
|
||||||
|
path: "{{ services.nextcloud.volume_folder }}/{{ volume }}"
|
||||||
|
state: directory
|
||||||
|
loop:
|
||||||
|
- app
|
||||||
|
- postgres
|
||||||
|
loop_control:
|
||||||
|
loop_var: volume
|
||||||
|
|
||||||
|
- name: upload vhost config for cloud.data.coop
|
||||||
|
copy:
|
||||||
|
src: vhost/nextcloud
|
||||||
|
dest: "{{ services.nginx_proxy.volume_folder }}/vhost/{{ services.nextcloud.domain }}"
|
||||||
|
notify: "restart nginx"
|
||||||
|
|
||||||
|
- name: Upload Compose file for Nextcloud
|
||||||
|
template:
|
||||||
|
src: compose-files/nextcloud.yml.j2
|
||||||
|
dest: "{{ services.nextcloud.volume_folder }}/docker-compose.yml"
|
||||||
|
|
||||||
|
- name: Deploy Nextcloud
|
||||||
|
docker_compose:
|
||||||
|
project_src: "{{ services.nextcloud.volume_folder }}"
|
||||||
|
pull: true
|
||||||
|
state: present
|
25
roles/docker/tasks/services/nginx_proxy.yml
Normal file
25
roles/docker/tasks/services/nginx_proxy.yml
Normal file
|
@ -0,0 +1,25 @@
|
||||||
|
# vim: ft=yaml.ansible
|
||||||
|
---
|
||||||
|
- name: create nginx-proxy volume folders
|
||||||
|
file:
|
||||||
|
name: "{{ services.nginx_proxy.volume_folder }}/{{ volume }}"
|
||||||
|
state: directory
|
||||||
|
loop:
|
||||||
|
- conf
|
||||||
|
- vhost
|
||||||
|
- html
|
||||||
|
- dhparam
|
||||||
|
- certs
|
||||||
|
loop_control:
|
||||||
|
loop_var: volume
|
||||||
|
|
||||||
|
- name: Upload Compose file for nginx-proxy
|
||||||
|
template:
|
||||||
|
src: compose-files/nginx_proxy.yml.j2
|
||||||
|
dest: "{{ services.nginx_proxy.volume_folder }}/docker-compose.yml"
|
||||||
|
|
||||||
|
- name: Deploy nginx-proxy
|
||||||
|
docker_compose:
|
||||||
|
project_src: "{{ services.nginx_proxy.volume_folder }}"
|
||||||
|
pull: true
|
||||||
|
state: present
|
23
roles/docker/tasks/services/openldap.yml
Normal file
23
roles/docker/tasks/services/openldap.yml
Normal file
|
@ -0,0 +1,23 @@
|
||||||
|
# vim: ft=yaml.ansible
|
||||||
|
---
|
||||||
|
- name: Create OpenLDAP volume folders
|
||||||
|
file:
|
||||||
|
name: "{{ services.openldap.volume_folder }}/{{ volume }}"
|
||||||
|
state: directory
|
||||||
|
loop:
|
||||||
|
- var/lib/ldap
|
||||||
|
- etc/slapd
|
||||||
|
- certs
|
||||||
|
loop_control:
|
||||||
|
loop_var: volume
|
||||||
|
|
||||||
|
- name: Upload Compose file for OpenLDAP
|
||||||
|
template:
|
||||||
|
src: compose-files/openldap.yml.j2
|
||||||
|
dest: "{{ services.openldap.volume_folder }}/docker-compose.yml"
|
||||||
|
|
||||||
|
- name: Deploy OpenLDAP
|
||||||
|
docker_compose:
|
||||||
|
project_src: "{{ services.openldap.volume_folder }}"
|
||||||
|
pull: true
|
||||||
|
state: present
|
19
roles/docker/tasks/services/passit.yml
Normal file
19
roles/docker/tasks/services/passit.yml
Normal file
|
@ -0,0 +1,19 @@
|
||||||
|
# vim: ft=yaml.ansible
|
||||||
|
---
|
||||||
|
- name: Create directory for Passit data
|
||||||
|
file:
|
||||||
|
name: "{{ services.passit.volume_folder }}/data"
|
||||||
|
owner: '70'
|
||||||
|
group: root
|
||||||
|
state: directory
|
||||||
|
|
||||||
|
- name: Upload Compose file for Passit
|
||||||
|
template:
|
||||||
|
src: compose-files/passit.yml.j2
|
||||||
|
dest: "{{ services.passit.volume_folder }}/docker-compose.yml"
|
||||||
|
|
||||||
|
- name: Deploy Passit
|
||||||
|
docker_compose:
|
||||||
|
project_src: "{{ services.passit.volume_folder }}"
|
||||||
|
pull: true
|
||||||
|
state: present
|
17
roles/docker/tasks/services/portainer.yml
Normal file
17
roles/docker/tasks/services/portainer.yml
Normal file
|
@ -0,0 +1,17 @@
|
||||||
|
# vim: ft=yaml.ansible
|
||||||
|
---
|
||||||
|
- name: create portainer volume folder
|
||||||
|
file:
|
||||||
|
name: "{{ services.portainer.volume_folder }}"
|
||||||
|
state: directory
|
||||||
|
|
||||||
|
- name: Upload Compose file for Portainer
|
||||||
|
template:
|
||||||
|
src: compose-files/portainer.yml.j2
|
||||||
|
dest: "{{ services.portainer.volume_folder }}/docker-compose.yml"
|
||||||
|
|
||||||
|
- name: Deploy Portainer
|
||||||
|
docker_compose:
|
||||||
|
project_src: "{{ services.portainer.volume_folder }}"
|
||||||
|
pull: true
|
||||||
|
state: present
|
24
roles/docker/tasks/services/postfix.yml
Normal file
24
roles/docker/tasks/services/postfix.yml
Normal file
|
@ -0,0 +1,24 @@
|
||||||
|
# vim: ft=yaml.ansible
|
||||||
|
---
|
||||||
|
- name: Set up network for Postfix
|
||||||
|
docker_network:
|
||||||
|
name: postfix
|
||||||
|
ipam_config:
|
||||||
|
- subnet: '172.16.0.0/16'
|
||||||
|
gateway: 172.16.0.1
|
||||||
|
|
||||||
|
- name: Create volume folders for Postfix
|
||||||
|
file:
|
||||||
|
name: "{{ services.postfix.volume_folder }}/dkim"
|
||||||
|
state: directory
|
||||||
|
|
||||||
|
- name: Upload Compose file for Postfix
|
||||||
|
template:
|
||||||
|
src: compose-files/postfix.yml.j2
|
||||||
|
dest: "{{ services.forgejo.volume_folder }}/docker-compose.yml"
|
||||||
|
|
||||||
|
- name: Deploy Postfix
|
||||||
|
docker_compose:
|
||||||
|
project_src: "{{ services.postfix.volume_folder }}"
|
||||||
|
pull: true
|
||||||
|
state: present
|
27
roles/docker/tasks/services/privatebin.yml
Normal file
27
roles/docker/tasks/services/privatebin.yml
Normal file
|
@ -0,0 +1,27 @@
|
||||||
|
# vim: ft=yaml.ansible
|
||||||
|
---
|
||||||
|
- name: create privatebin volume folders
|
||||||
|
file:
|
||||||
|
name: "{{ services.privatebin.volume_folder }}/{{ volume }}"
|
||||||
|
state: directory
|
||||||
|
loop:
|
||||||
|
- cfg
|
||||||
|
- data
|
||||||
|
loop_control:
|
||||||
|
loop_var: volume
|
||||||
|
|
||||||
|
- name: upload privatebin config
|
||||||
|
copy:
|
||||||
|
src: privatebin/conf.php
|
||||||
|
dest: "{{ services.privatebin.volume_folder }}/cfg/conf.php"
|
||||||
|
|
||||||
|
- name: Upload Compose file for PrivateBin
|
||||||
|
template:
|
||||||
|
src: compose-files/privatebin.yml.j2
|
||||||
|
dest: "{{ services.privatebin.volume_folder }}/docker-compose.yml"
|
||||||
|
|
||||||
|
- name: Deploy PrivateBin
|
||||||
|
docker_compose:
|
||||||
|
project_src: "{{ services.private.volume_folder }}"
|
||||||
|
pull: true
|
||||||
|
state: present
|
22
roles/docker/tasks/services/rallly.yml
Normal file
22
roles/docker/tasks/services/rallly.yml
Normal file
|
@ -0,0 +1,22 @@
|
||||||
|
# vim: ft=yaml.ansible
|
||||||
|
---
|
||||||
|
- name: Create Rallly volume folders
|
||||||
|
file:
|
||||||
|
name: "{{ services.rallly.volume_folder }}/postgres"
|
||||||
|
state: directory
|
||||||
|
|
||||||
|
- name: Copy Rallly environment file
|
||||||
|
template:
|
||||||
|
src: rallly/env.j2
|
||||||
|
dest: "{{ services.rallly.volume_folder }}/rallly.env"
|
||||||
|
|
||||||
|
- name: Upload Compose file for Rallly
|
||||||
|
template:
|
||||||
|
src: compose-files/rallly.yml.j2
|
||||||
|
dest: "{{ services.rallly.volume_folder }}/docker-compose.yml"
|
||||||
|
|
||||||
|
- name: Deploy Rallly
|
||||||
|
docker_compose:
|
||||||
|
project_src: "{{ services.rallly.volume_folder }}"
|
||||||
|
pull: true
|
||||||
|
state: present
|
|
@ -8,7 +8,7 @@
|
||||||
mode: '0755'
|
mode: '0755'
|
||||||
state: directory
|
state: directory
|
||||||
|
|
||||||
- name: Upload private SSH key
|
- name: Copy private SSH key
|
||||||
copy:
|
copy:
|
||||||
dest: "{{ services.restic.volume_folder }}/ssh/id_ed25519"
|
dest: "{{ services.restic.volume_folder }}/ssh/id_ed25519"
|
||||||
owner: root
|
owner: root
|
||||||
|
@ -31,7 +31,7 @@
|
||||||
mode: '0644'
|
mode: '0644'
|
||||||
state: touch
|
state: touch
|
||||||
|
|
||||||
- name: Upload SSH config
|
- name: Create SSH config
|
||||||
template:
|
template:
|
||||||
src: restic/ssh.config.j2
|
src: restic/ssh.config.j2
|
||||||
dest: "{{ services.restic.volume_folder }}/ssh/config"
|
dest: "{{ services.restic.volume_folder }}/ssh/config"
|
||||||
|
@ -39,10 +39,21 @@
|
||||||
group: root
|
group: root
|
||||||
mode: '0600'
|
mode: '0600'
|
||||||
|
|
||||||
- name: Upload SSH known_hosts file
|
- name: Create SSH known_hosts file
|
||||||
template:
|
template:
|
||||||
src: restic/ssh.known_hosts.j2
|
src: restic/ssh.known_hosts.j2
|
||||||
dest: "{{ services.restic.volume_folder }}/ssh/known_hosts"
|
dest: "{{ services.restic.volume_folder }}/ssh/known_hosts"
|
||||||
owner: root
|
owner: root
|
||||||
group: root
|
group: root
|
||||||
mode: '0600'
|
mode: '0600'
|
||||||
|
|
||||||
|
- name: Upload Compose file for Restic
|
||||||
|
template:
|
||||||
|
src: compose-files/restic.yml.j2
|
||||||
|
dest: "{{ services.restic.volume_folder }}/docker-compose.yml"
|
||||||
|
|
||||||
|
- name: Deploy Restic
|
||||||
|
docker_compose:
|
||||||
|
project_src: "{{ services.restic.volume_folder }}"
|
||||||
|
pull: true
|
||||||
|
state: present
|
17
roles/docker/tasks/services/watchtower.yml
Normal file
17
roles/docker/tasks/services/watchtower.yml
Normal file
|
@ -0,0 +1,17 @@
|
||||||
|
# vim: ft=yaml.ansible
|
||||||
|
---
|
||||||
|
- name: Create Watchtower volume folder
|
||||||
|
file:
|
||||||
|
name: "{{ services.watchtower.volume_folder }}"
|
||||||
|
state: directory
|
||||||
|
|
||||||
|
- name: Upload Compose file for Watchtower
|
||||||
|
template:
|
||||||
|
src: compose-files/watchtower.yml.j2
|
||||||
|
dest: "{{ services.watchtower.volume_folder }}/docker-compose.yml"
|
||||||
|
|
||||||
|
- name: Deploy Watchtower
|
||||||
|
docker_compose:
|
||||||
|
project_src: "{{ services.watchtower.volume_folder }}"
|
||||||
|
pull: true
|
||||||
|
state: present
|
|
@ -0,0 +1,19 @@
|
||||||
|
# vim: ft=yaml.ansible
|
||||||
|
---
|
||||||
|
- name: setup 2022.slides.data.coop website using unipi
|
||||||
|
docker_container:
|
||||||
|
name: 2022.slides.data.coop_website
|
||||||
|
image: docker.data.coop/unipi:{{ services.slides_2022_website.version }}
|
||||||
|
restart_policy: unless-stopped
|
||||||
|
purge_networks: yes
|
||||||
|
networks:
|
||||||
|
- name: external_services
|
||||||
|
env:
|
||||||
|
VIRTUAL_HOST: "{{ services.slides_2022_website.domain }}"
|
||||||
|
LETSENCRYPT_HOST: "{{ services.slides_2022_website.domain }}"
|
||||||
|
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
|
||||||
|
command: "--remote=https://git.data.coop/data.coop/slides.git#slides2022"
|
||||||
|
capabilities:
|
||||||
|
- NET_ADMIN
|
||||||
|
devices:
|
||||||
|
- "/dev/net/tun"
|
13
roles/docker/tasks/services/websites/cryptoaarhus.dk.yml
Normal file
13
roles/docker/tasks/services/websites/cryptoaarhus.dk.yml
Normal file
|
@ -0,0 +1,13 @@
|
||||||
|
# vim: ft=yaml.ansible
|
||||||
|
---
|
||||||
|
- name: setup cryptoaarhus.dk website docker container
|
||||||
|
docker_container:
|
||||||
|
name: cryptoaarhus_website
|
||||||
|
restart_policy: unless-stopped
|
||||||
|
image: docker.data.coop/cryptoaarhus-website
|
||||||
|
networks:
|
||||||
|
- name: external_services
|
||||||
|
env:
|
||||||
|
VIRTUAL_HOST : "{{ services.cryptoaarhus_website.domains|join(',') }}"
|
||||||
|
LETSENCRYPT_HOST: "{{ services.cryptoaarhus_website.domains|join(',') }}"
|
||||||
|
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
|
13
roles/docker/tasks/services/websites/cryptohagen.dk.yml
Normal file
13
roles/docker/tasks/services/websites/cryptohagen.dk.yml
Normal file
|
@ -0,0 +1,13 @@
|
||||||
|
# vim: ft=yaml.ansible
|
||||||
|
---
|
||||||
|
- name: setup cryptohagen.dk website docker container
|
||||||
|
docker_container:
|
||||||
|
name: cryptohagen_website
|
||||||
|
restart_policy: unless-stopped
|
||||||
|
image: docker.data.coop/cryptohagen-website
|
||||||
|
networks:
|
||||||
|
- name: external_services
|
||||||
|
env:
|
||||||
|
VIRTUAL_HOST : "{{ services.cryptohagen_website.domains|join(',') }}"
|
||||||
|
LETSENCRYPT_HOST: "{{ services.cryptohagen_website.domains|join(',') }}"
|
||||||
|
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
|
47
roles/docker/tasks/services/websites/data.coop.yml
Normal file
47
roles/docker/tasks/services/websites/data.coop.yml
Normal file
|
@ -0,0 +1,47 @@
|
||||||
|
# vim: ft=yaml.ansible
|
||||||
|
---
|
||||||
|
- name: Upload vhost config for root domain
|
||||||
|
copy:
|
||||||
|
<<<<<<< HEAD
|
||||||
|
src: vhost/base_domain
|
||||||
|
dest: "{{ services.nginx_proxy.volume_folder }}/vhost/{{ base_domain }}"
|
||||||
|
|
||||||
|
- name: Upload vhost config for WWW domain
|
||||||
|
copy:
|
||||||
|
src: vhost/www.base_domain
|
||||||
|
dest: "{{ services.nginx_proxy.volume_folder }}/vhost/www.{{ base_domain }}"
|
||||||
|
=======
|
||||||
|
src: files/configs/matrix/vhost-root
|
||||||
|
dest: "{{ services.nginx_proxy.volume_folder }}/vhost/{{ services.data_coop_website.domain }}"
|
||||||
|
|
||||||
|
- name: Upload vhost config for WWW domain
|
||||||
|
copy:
|
||||||
|
src: files/configs/vhost-www
|
||||||
|
dest: "{{ services.nginx_proxy.volume_folder }}/vhost/{{ services.data_coop_website.www_domain }}"
|
||||||
|
>>>>>>> main
|
||||||
|
|
||||||
|
- name: setup data.coop website docker container
|
||||||
|
docker_container:
|
||||||
|
name: "{{ services.data_coop_website.domain }}_website"
|
||||||
|
image: docker.data.coop/data-coop-website:{{ services.data_coop_website.version }}
|
||||||
|
pull: true
|
||||||
|
restart_policy: unless-stopped
|
||||||
|
networks:
|
||||||
|
- name: external_services
|
||||||
|
env:
|
||||||
|
VIRTUAL_HOST: "{{ services.data_coop_website.domain }},{{ services.data_coop_website.www_domain }}"
|
||||||
|
LETSENCRYPT_HOST: "{{ services.data_coop_website.domain }},{{ services.data_coop_website.www_domain }}"
|
||||||
|
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
|
||||||
|
|
||||||
|
- name: setup staging data.coop website using hugo
|
||||||
|
docker_container:
|
||||||
|
name: "{{ services.data_coop_website.staging_domain }}_website"
|
||||||
|
image: docker.data.coop/data-coop-website:{{ services.data_coop_website.staging_version }}
|
||||||
|
pull: true
|
||||||
|
restart_policy: unless-stopped
|
||||||
|
networks:
|
||||||
|
- name: external_services
|
||||||
|
env:
|
||||||
|
VIRTUAL_HOST: "{{ services.data_coop_website.staging_domain }}"
|
||||||
|
LETSENCRYPT_HOST: "{{ services.data_coop_website.staging_domain }}"
|
||||||
|
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
|
|
@ -1,22 +1,19 @@
|
||||||
# vim: ft=yaml.docker-compose
|
# vim: ft=yaml.ansible
|
||||||
version: "3.8"
|
---
|
||||||
|
- name: setup fedi.dk website with unipi
|
||||||
services:
|
docker_container:
|
||||||
web:
|
name: fedi.dk_website
|
||||||
image: docker.data.coop/unipi:{{ services.fedi_dk_website.version }}
|
image: docker.data.coop/unipi:{{ services.fedi_dk_website.version }}
|
||||||
restart: unless-stopped
|
restart_policy: unless-stopped
|
||||||
|
purge_networks: yes
|
||||||
networks:
|
networks:
|
||||||
- external_services
|
- name: external_services
|
||||||
environment:
|
env:
|
||||||
VIRTUAL_HOST: "{{ services.fedi_dk_website.domain }}"
|
VIRTUAL_HOST: "{{ services.fedi_dk_website.domain }}"
|
||||||
LETSENCRYPT_HOST: "{{ services.fedi_dk_website.domain }}"
|
LETSENCRYPT_HOST: "{{ services.fedi_dk_website.domain }}"
|
||||||
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
|
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
|
||||||
command: --remote=https://git.data.coop/fedi.dk/website.git#main
|
command: "--remote=https://git.data.coop/fedi.dk/website.git#main"
|
||||||
cap_add:
|
capabilities:
|
||||||
- NET_ADMIN
|
- NET_ADMIN
|
||||||
devices:
|
devices:
|
||||||
- "/dev/net/tun"
|
- "/dev/net/tun"
|
||||||
|
|
||||||
networks:
|
|
||||||
external_services:
|
|
||||||
external: true
|
|
13
roles/docker/tasks/services/websites/ulovliglogning.dk.yml
Normal file
13
roles/docker/tasks/services/websites/ulovliglogning.dk.yml
Normal file
|
@ -0,0 +1,13 @@
|
||||||
|
# vim: ft=yaml.ansible
|
||||||
|
---
|
||||||
|
- name: setup ulovliglogning.dk website docker container
|
||||||
|
docker_container:
|
||||||
|
name: ulovliglogning_website
|
||||||
|
restart_policy: unless-stopped
|
||||||
|
image: ulovliglogning/ulovliglogning.dk:latest
|
||||||
|
networks:
|
||||||
|
- name: external_services
|
||||||
|
env:
|
||||||
|
VIRTUAL_HOST: "{{ services.ulovliglogning_website.domains|join(',') }}"
|
||||||
|
LETSENCRYPT_HOST: "{{ services.ulovliglogning_website.domains|join(',') }}"
|
||||||
|
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
|
19
roles/docker/tasks/services/websites/vhs.data.coop.yaml
Normal file
19
roles/docker/tasks/services/websites/vhs.data.coop.yaml
Normal file
|
@ -0,0 +1,19 @@
|
||||||
|
# vim: ft=yaml.ansible
|
||||||
|
---
|
||||||
|
- name: setup vhs.data.coop website with unipi
|
||||||
|
docker_container:
|
||||||
|
name: vhs.data.coop_website
|
||||||
|
image: docker.data.coop/unipi:{{ services.vhs_website.version }}
|
||||||
|
restart_policy: unless-stopped
|
||||||
|
purge_networks: yes
|
||||||
|
networks:
|
||||||
|
- name: external_services
|
||||||
|
env:
|
||||||
|
VIRTUAL_HOST: "{{ services.vhs_website.domain }}"
|
||||||
|
LETSENCRYPT_HOST: "{{ services.vhs_website.domain }}"
|
||||||
|
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
|
||||||
|
command: "--remote=https://git.data.coop/vhs.data.coop/website.git#main"
|
||||||
|
capabilities:
|
||||||
|
- NET_ADMIN
|
||||||
|
devices:
|
||||||
|
- "/dev/net/tun"
|
|
@ -1,17 +0,0 @@
|
||||||
# vim: ft=yaml.docker-compose
|
|
||||||
version: "3.8"
|
|
||||||
|
|
||||||
services:
|
|
||||||
web:
|
|
||||||
image: docker.data.coop/cryptoaarhus-website
|
|
||||||
restart: unless-stopped
|
|
||||||
networks:
|
|
||||||
- external_services
|
|
||||||
environment:
|
|
||||||
VIRTUAL_HOST : "{{ services.cryptoaarhus_website.domains | join(',') }}"
|
|
||||||
LETSENCRYPT_HOST: "{{ services.cryptoaarhus_website.domains | join(',') }}"
|
|
||||||
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
|
|
||||||
|
|
||||||
networks:
|
|
||||||
external_services:
|
|
||||||
external: true
|
|
|
@ -1,17 +0,0 @@
|
||||||
# vim: ft=yaml.docker-compose
|
|
||||||
version: "3.8"
|
|
||||||
|
|
||||||
services:
|
|
||||||
web:
|
|
||||||
image: docker.data.coop/cryptohagen-website
|
|
||||||
restart: unless-stopped
|
|
||||||
networks:
|
|
||||||
- external_services
|
|
||||||
environment:
|
|
||||||
VIRTUAL_HOST : "{{ services.cryptohagen_website.domains | join(',') }}"
|
|
||||||
LETSENCRYPT_HOST: "{{ services.cryptohagen_website.domains | join(',') }}"
|
|
||||||
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
|
|
||||||
|
|
||||||
networks:
|
|
||||||
external_services:
|
|
||||||
external: true
|
|
|
@ -1,27 +0,0 @@
|
||||||
# vim: ft=yaml.docker-compose
|
|
||||||
version: "3.8"
|
|
||||||
|
|
||||||
services:
|
|
||||||
prod:
|
|
||||||
image: docker.data.coop/data-coop-website:{{ services.data_coop_website.version }}
|
|
||||||
restart: unless-stopped
|
|
||||||
networks:
|
|
||||||
- external_services
|
|
||||||
environment:
|
|
||||||
VIRTUAL_HOST: "{{ services.data_coop_website.domain }},{{ services.data_coop_website.www_domain }}"
|
|
||||||
LETSENCRYPT_HOST: "{{ services.data_coop_website.domain }},{{ services.data_coop_website.www_domain }}"
|
|
||||||
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
|
|
||||||
|
|
||||||
staging:
|
|
||||||
image: docker.data.coop/data-coop-website:{{ services.data_coop_website.staging_version }}
|
|
||||||
restart: unless-stopped
|
|
||||||
networks:
|
|
||||||
- external_services
|
|
||||||
environment:
|
|
||||||
VIRTUAL_HOST: "{{ services.data_coop_website.staging_domain }}"
|
|
||||||
LETSENCRYPT_HOST: "{{ services.data_coop_website.staging_domain }}"
|
|
||||||
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
|
|
||||||
|
|
||||||
networks:
|
|
||||||
external_services:
|
|
||||||
external: true
|
|
|
@ -1,22 +0,0 @@
|
||||||
# vim: ft=yaml.docker-compose
|
|
||||||
version: "3.8"
|
|
||||||
|
|
||||||
services:
|
|
||||||
web:
|
|
||||||
image: docker.data.coop/unipi:{{ services.slides_2022_website.version }}
|
|
||||||
restart: unless-stopped
|
|
||||||
networks:
|
|
||||||
- external_services
|
|
||||||
environment:
|
|
||||||
VIRTUAL_HOST: "{{ services.slides_2022_website.domain }}"
|
|
||||||
LETSENCRYPT_HOST: "{{ services.slides_2022_website.domain }}"
|
|
||||||
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
|
|
||||||
command: --remote=https://git.data.coop/data.coop/slides.git#slides2022
|
|
||||||
cap_add:
|
|
||||||
- NET_ADMIN
|
|
||||||
devices:
|
|
||||||
- "/dev/net/tun"
|
|
||||||
|
|
||||||
networks:
|
|
||||||
external_services:
|
|
||||||
external: true
|
|
|
@ -1,17 +0,0 @@
|
||||||
# vim: ft=yaml.docker-compose
|
|
||||||
version: "3.8"
|
|
||||||
|
|
||||||
services:
|
|
||||||
web:
|
|
||||||
image: ulovliglogning/ulovliglogning.dk:latest
|
|
||||||
restart: unless-stopped
|
|
||||||
networks:
|
|
||||||
- external_services
|
|
||||||
environment:
|
|
||||||
VIRTUAL_HOST: "{{ services.ulovliglogning_website.domains | join(',') }}"
|
|
||||||
LETSENCRYPT_HOST: "{{ services.ulovliglogning_website.domains | join(',') }}"
|
|
||||||
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
|
|
||||||
|
|
||||||
networks:
|
|
||||||
external_services:
|
|
||||||
external: true
|
|
|
@ -1,22 +0,0 @@
|
||||||
# vim: ft=yaml.docker-compose
|
|
||||||
version: "3.8"
|
|
||||||
|
|
||||||
services:
|
|
||||||
web:
|
|
||||||
image: docker.data.coop/unipi:{{ services.vhs_website.version }}
|
|
||||||
restart: unless-stopped
|
|
||||||
networks:
|
|
||||||
- external_services
|
|
||||||
environment:
|
|
||||||
VIRTUAL_HOST: "{{ services.vhs_website.domain }}"
|
|
||||||
LETSENCRYPT_HOST: "{{ services.vhs_website.domain }}"
|
|
||||||
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
|
|
||||||
command: --remote=https://git.data.coop/vhs.data.coop/website.git#main
|
|
||||||
cap_add:
|
|
||||||
- NET_ADMIN
|
|
||||||
devices:
|
|
||||||
- "/dev/net/tun"
|
|
||||||
|
|
||||||
networks:
|
|
||||||
external_services:
|
|
||||||
external: true
|
|
Loading…
Reference in a new issue