Enable Watchtower for all services #123

Merged
valberg merged 19 commits from watchtower into main 2023-01-21 17:17:56 +00:00
14 changed files with 251 additions and 242 deletions
Showing only changes of commit 44eb59fb86 - Show all commits

3
Vagrantfile vendored
View file

@ -21,9 +21,6 @@ Vagrant.configure(2) do |config|
ansible.playbook = "playbook.yml"
ansible.ask_vault_pass = true
ansible.verbose = "v"
ansible.extra_vars = {
base_domain: "datacoop.devel"
}
# If the VM is already provisioned, we need to use the new port
if provisioned?

View file

@ -1,141 +1,141 @@
$ANSIBLE_VAULT;1.1;AES256
35343731613336373363633564396639393230633664336338396164303238316564326663643638
3365306264343434623836656435653436396636353866620a646336316338373866313362363664
65363931633031613362383337643038636435303739376131643564633831316435653937353061
6330306330383865640a643937326634393437313864326361373634373930623464613363663831
37373230366262323261316134326333663262643764623639306239623066613335616531613662
32343331313266363630343465376332303862353834653262306536623538383662366562616635
34636561663366323434356337376261373039353931636139656437346165656663653233333266
62353961626665636463396566626330383836383030363032303563633466326339626263306165
31313266636330653933363630396166333339376564333133623237373962386164616332616438
39623132663766633331306636613532333739613938333435393633386166333335393565633963
30363165643038623962353762323338306466353031383531623066363632363033383639393537
31333037626638353830653538373634666432346166373661313531656466383263323262373565
38383766343030643939633830343332666165643661363631633963393632666632643361656139
35346131363539613137396465306663363836666662303932646262383231363634373231373333
34366636346530383736393532646563643139343764333661663033316432386632393139326439
39303661333732376433663539383662363232313135663838616231343863326631353434326337
36313335393262663932666365336334396131393362636637653630653965643662626434323736
65663966306661646131643962336366643235353863646136613463323337663865323262613461
33363636386665646538333334373564396333316665343566653662666331666236303438343962
63396164316561363132306237336365313835346663616339666538643033356637633432383331
64363964356264643038396139383838616131383466666565383131663331336530663832306635
30643630623861633939646665326262393635626265323261653339646263386334353064393534
63303464623433333863386136626566336135346561343964323436643739343037383839373332
34656439333538653461663764323265303064643165663263316164396633623232626535353863
64643766623032653838306134376131623564363735386531383732346438343932353966333062
30613166623138333865343735663530346635383162616635326330636161303863626539663166
31336333643765303635643862666234643538313033663563663034343632653466626661343639
33656436393738326135363166623633366331633065373633313864353333316131346664353532
66646239373166376361326664646263616263323632636235353864656438383038663662376164
37336431306166366561623836373938366336623866653730353861333431383832313039313739
61616435666236373463616162653732373766336365313930383665363661356565613461373165
66636537333333633832366234633066366537646138346233313233376135666666336264316435
64613030323430343764336465353334633836653133343532386435636136336638313162626462
33363830396462616662313030316166646531643238363130613036666631643737306138326234
65323763636363393031616633633338653531633639356238316236303264303034623632626261
36626639633234396230356236643766306232646230623665633866643434313334303265323465
66386461323563343236633864396562306165616338306334353563656461346464353930646161
36653064613736346237363362663835656365616334363238376566316137303737316630316363
65393139313832353461313634393931633761666531316333373762373265613464303365326338
66393165366334636431353836336535636233336332336664613263613465393235363235623037
61313037633761366661303663636364346131326334393765646262393863363062333739376466
65653434336532323365376233646365323537313131306661306363313864326361646432326632
64383533313833333466313231353863656634623135386631363864363834633035636632366164
66356539353264633461396132336435353234333132376130616335613136356364643165346537
62366630363439336432353066323238363233613032343635663731613134393639656535333736
32623733333866393565366661643030376137646437616336386530363230376637316436313763
36323532643763363864336634623132343530333531363231383130333064653233363339646136
35343165623864646530633731373539356665316164653365303965663862313462313362643637
34633163363833626635613634633938656334366366316266636532613065333436663633656530
65623561326565643739303931323539643337373736646663363362646139323333346237353731
32643739626561396664646537376139326339626235336464343964613761396430343461346639
33326631373030653637393865333837386432333634653066353366613334396639626631653737
34353831386366636663323761656431663965303561636236366538393261653333396537326461
31323332613737646364616565393534306131323234633933636638333637623661343334383561
30323464373365626662323062363135333932666163323235633131303566323964343734383238
32376435363737373336363363613738366337626162333236643738373266633933363162303833
37366631343933313934313463363834643835333766663361303335313539363839663231333963
66326261323631386532346637376132646263303466383330373833633034373933616538306330
33386334306330346161633131386130636634643531633233376337343637363235356135383366
31366463323831636438646262613239663830333531386330326131643032653033336339643561
64636439323065343564306163303134623439343963383136633864623633363364646535666565
31393564316234343066303664396534386537303364343234303832346331326430386432636332
38316565346433663639646330393339303530623636386332633666656363376239383535386134
35376135306461333237383562356162326338363435643133653838343535326535326337376130
37306462633835666132653466373163613566633863343363653539343239316233616661633532
64386538363163653963363331623531313237636431343934643136656536323734636261656333
39636132613431653562393238346565323330656539666230643566633663316239353436383566
64303535353031636662643062326565313837393932346431326137316337376361363338383533
34613632323230393233666437346466626232363636636636393836333832633335393734343565
33333461343530333135663436343333623966363230666330323562363136383166666665333861
65366436643363383331353361656434336631396437616562303861666263353533313738326138
33653735333230636437643038633763343063336262386663313237653661346262653834616665
37343834323937623761386639653736313232323166373561643235336261306430393533376139
31653132613331626435623333343862393038643364616236626466333338646639663930663436
66636462646130653537343739646437363130313766636438663130616665333232396331303531
30373762343531383239653132633363386239643666316166363931326563343633653433383538
36333733626363626464636435626131653439313862666230393334353938356436376664323961
62326566646463396536633265333461306430616437646630363239653333643732366430373133
32323636636161623932376235383430366661636439643565366532376239613366303039376434
39646437363636633265313838616463383231643030643732306364333161656236303131333533
62343539613264383830306639303164643233653032616566646163656564356262323065303134
61613563646538316232353833636536633435336663326262663062663030326234316131353835
34363564306335356633343438396434363261646665653665633235303932383266393630623238
31323037336566633035366464386232616561383566343061343031623630383238643433376231
64633634616133386138326138393138353937363332646637663363363064393065336438303932
38393139306330396338646233366235316435313838633563353838303832616630633731323535
31393039306630613734343433633662343831313336616561656136323039333235383733363364
66383836363239376539316362646232356636336665316664653565653439353932663433346438
65306365623334656133636332393265643163313939363537323738646664326364343064396337
37383637383064643763363135386434316664306231376462653066653063313962316231386162
63343533386262616631333233316330666263656532306466623733343764646361666165393863
62326435346532623635343535353263626566313061643563613937346562643962386565396439
62616661626464613366656462353932323732313062363566316562396134346433376237326664
39333238346464393930653435363336333365323537356531313830626437303736333635356534
62653766323065373662366162333363343466373135623262663436626438306337333365633633
37333931623434666564366430666462343162303030643733623637656337393763393437656335
36393162363765383464316562306532336265373130623566646134666337333133363863373964
33666437323733396139653436323262383336306561643738366463646461646462333338623662
30656135343934633335376634326533313663653761656235626165313834356464636535326439
32343834316433393236353739646663393930663635646366623835633363653662626535366361
64626561613064646431306634393330333265366530353063653132353735663564326563323961
39663535346539326165313263383933653633306330303930376336316632636537363437663063
64376465663634363838623230386139636231353665616165323065633661343339373432373732
63356130653535303934396335306566646538383938636331333362353534366632663930393732
37353365343532646137343631383833616430326631323564666361323934383839303130636333
38653139303663356337376261616463303665623431613963643137356439326162386337326161
61383434383534353732343733326139313462396432366336653139363466653336626338366365
31386438333438633465666337393732343533373363646234383265323132303433316135396232
39373764333863626634343636306533393361643135323531383963366137626464353064613065
61623063303865646161363432643765323361363364383635646538636232353337636235613861
36396631383639633263303131383537326464313433663032346230386432633864613335616533
61373238363930653866643933623561613363333139373135633332643563613838346434623033
34353161396433663632656633356536323662386332626566393636323463363334613234376137
38643465656262656236666332383361616164366230323936346565303961333761613136353435
63643839636464323362396235333738626132393030393737373438393032323931643936306239
31643537353462626238306563316132663139393635356631373839653462613238323831303537
33626362636362383530386333343266383061646436353635396230396231343364323631343037
65663363656463393234313465386233663635626333346132353539366464653532333830326661
64343136323366346239373737666435366363663237663039636631656266333562376532396661
35666430626233333166356139613233306536303365313262363366316135326662636166393031
38356661396232366236303732326666353864353735336161326663623030343766633266623236
65626237636133626335656663323533386236353164303230313237643130386133613466613933
31343261356632643265623866373965326561363538326336656561373631373938343334653662
32616366373839373737393262633064666437303538386363616431386138346439353534623631
63323063346564646462313034623630396462623565646430363338393239343761396235303863
31636531323732303230626437363764306631366363643766633734353336373564393731366238
32623563633661646465396136396462663363376333613434666632383637616133626132616362
61343032643966323539353033643136616463353563666462313731386261633333623832643439
38323666666330356538313730306334336433613364313065313761636261363433356438323136
61343233643138646263626333306265366239613266646663323733636162323332643531643331
39396433636233366365336166356661623132656261656666386361326164643634366436303737
61653832373162356634313163363233323964303738366266376665346365396635343332396166
35393263373732313734353332663238326563366534623131386233633365303664616562386231
36326138356230663731306339666138343161386331313137313861633039303930623663646333
65336461653033333332323162363539663366653762303266656366386665396463626265303264
35666437663966663130633663643861326563336466633133646562383230363332646639616436
36656137653061303262633736653433343838323666646261386266353735326564386465646334
34633339336336613531666132633832363838343333353862333136616532613462343364616539
37363437613236323235383936613763383966366265303731303034373430333936366339323437
32303537653062663233
66323763353537626539666332316663373864616237386436666239366561366431396430626530
3132383163653632383133393861373235623931636136390a353132383763626437373065663430
64643662393961303936323265343663656431666563653633646532373563663263616634333764
3766333631343961370a373237343531383863336632373862663435643239353934626637356365
30666332626666333530656135343866613161643034383634373736636436636166346562666331
30396437306263363564363862303737646232623266653032343230303965366338623238343134
61353835663136383531663765653038323762313932313733646338623931353865363933333338
39336434373137353738316336663038366334663231616263633565613464306439356235656630
33396331313036623661353464626263393962306638353433343535613964353966313462613235
36383563386461353036323164353539616135353761346361313363373266393464363864373633
33636637366235383264353765383438646130373162323730663363303862333564383439633261
64663961363161623037393830616466366632633661393463303732323365353665373435633537
66356166336232366438333533616233363465623034623233363438346139656138336631366231
33383238633532323665306338643562636135396566663537643733393931316131623262373164
66393062376666383734393334646463616162363935343363303165393665613066306431366164
64326564393464646664663839373563353966663063396434313362623664613834626636363233
33343562343539663332346361316330383830623436306362373966366438653534313561366539
34356166623562396361356161303739613230333663613232663861313331663233326633643530
64353933626237636435303736623063373463326265633236653366303039313233623837306132
65366235663666316631623361303634383539396661323232616338386133373330646365303238
39306431366337333764373965623563383061323364396564366435376163663139346164323231
63366435343761303562393933313263303265383237616261663838333430333935626563666162
31363264356333663337313833353239316163643961393131346136633561623037636130353166
38646239623433613031646465326431623461383036356266643534346430363033316230656662
39643636383863336436363134633336613638356635623035313766633335323731343837393536
31343861336237356234633366643932323366653461373636646131393935656162613238343263
32333962333239643733333363303233633333383733336262373463623935663531313830653935
32346334393463636465383738306163326464373961376436663264356165306463353861306361
37356134346135633137643634656432633366643761616433393239363831323335356639343337
37623330363333356466636637336563303465343738363638663837653534303364663935313463
36653333376233343637346365666364393237306531626165333966393663633165356339663765
66663361643533616539653833303562373834663932626539383363653338636362383633623534
36653666343835663530393665383863393133353261616139616362353062623137393565323634
35356163323432303435626336353866303836623064366464336161636162343862333761343030
64613165646362643366373730643665303261323635313632353439353736376565333662653437
38396438366539383765653635326265633535363738323835636563666663386435633331616239
36313166363138653531373061633966633337643530623333646537383231336639343932653634
32393335636534333963663035303236356436393637363030313031353832623432656233376430
64333563333433373334643530366164353765346138303730663561356335613239333136326237
63356566663033313363646664643639386366383765646230343632623061626334623564613338
34313633326565353839396164663536613561643232353736303336613864313330323638356364
30633335323438613636343964323431366364633031643235636330623935363266623939336631
63393733396332636335366539333939383831663039313933343336663539323435373963666131
33343638303537636134666236616566356234393031343461376439363133393834363565313065
63333638393236663538616436386164303732383539393261633135643930643435636637373736
64653333656235656161303166336233393864386263363330643264636263303563636463316364
65396231393531343265663234366530396665333830343434316433303361333539303734383934
35383936363435393231353532613534396231366630366461346235613436373537656335393966
35666661633364326336666238346261616334303936613864633936613130333030343334396235
30623136343934633636613062353230323961376639373033386132316132623932343432356266
31333037656630333761633236303136633235636138653133363430613963393738383032643737
36363037353630643137396661393736383035663963653465613437663865393565626438353264
61646330343730656539373866363666393636373962366131306264313364366530653035373031
61306461323038353261353430323133386135623433306564326237643334326264643932316434
61623066323935373761616463636537666133303863333161393361626661623632656637336639
36383538346633393265323130633037616364613934376337326566656237373363393738386366
36386335646432646234336137623663336637323461663538316232656130633863336330383363
34646530353539336432633165353039663338653139396365373664393030663164666432313265
63396563306138383166396366616638373631616637633330666463343035333633346437393664
64353736626432393632643263616139653131663264313466306664616437323739613936653839
36653366396336376430623962373361343762363465373133663739313536323263633164373230
35613466643839643831623138393137316661386234336131633763303731393663373364616131
36383834633738326234663765383662383832323465383534353834633461333265656539633238
64646665323938613735366165353361356236636163626535376131303464353365366234646438
65316531356239663838323130393061646562653464633230353337316133333036626161336432
66303438633139333964633766366262333235303262653733383934313638343336633566666338
31633132653738326439326439616630323636666361646634663334366566396234633065626162
38643565353738616232666330326365633264646637623836323761343866336635393436336331
33663830643934633163353438343436303030343531666335326236376564333466343163643430
35393031333834366335656431313033643936313839316431396333386135663761633562626163
39366438393532363430326432356135356532646162306333663163613031336136353132656538
31653762386538656663346263663531653063626463326534636337303639303561626334633935
65666139663461343466643861393762316330316431613765653239316537616434626535396139
35376434356533656336623839656138386565303266396532303665346264623034643664656137
62633064356566366438626331633933373630363164373434613233386535633532653130376436
34353336633966313365373439623633353364393838343335306665383361323766353431393662
31356533333834383832333031386365316461376563646561646333313063393532303162393231
61336165663938363437396564626430376362353736623232653430613464626234326234663335
37373633306533363830353662633038306139626136663839383631623230396333313937653733
39313163316161326263306530353465336363626530333966343934373866303664316536363466
33343766393561643864366665353239366336323335656665303735326633323432333938323862
66656230373937396465323731616133336533383966353564663364303538613362313139343865
64383233613038626437613162663232373666363062373531373331343237306135333230303636
31626537633637653961666638393330643932656234316363323339353930303738346336646266
63346234333833376563656264383834363630613932306262376666356663613831393732636532
64333638616364633965383034356232373065333232623961643239326565623063386339303064
64653162663239376335383732383838386631333837323238393366363836373463656639646261
32616238363463333339393138303333326461666663303238343839376632323539396235373766
66356464393739616138346235643564386664393130613336343235633531646530306236616361
61656465666566336132383035393636356134633131666438363661646364323764373961343864
33613963343961626665353733356432346439646638643939626562326364386533366135306433
34343961323537333233383633343635383436363232666166336131323262613135393532616161
38633635646563646563303262383461333439653562383564303261303033376337343831343431
35343632633138626364313433656364613439633531343136316436613231373233326362663736
33323664306430336235666238336631303735626630336139353764643366353931306437653039
34383433323662306164363462333934333463646136386564323764663862366235373632666662
30386266373830636664613332353265366164353035306232353230393838303363613666396539
66386663366439373566396334653335633662323230656132666631306432663836616462346264
63346338666337663062626532353835316135616661323563636662333238653933613530313765
30303864653037393131626631633338326235656632656339326463383061393635346333373730
65386631336462363436346166366130383235396664303631383065666566343461393838633739
63636334333462666131393430663335383466313762666134393062373238653730633864323137
66643639383265656338323063356463626531346561336164656364633733343731373833376261
33616663323837333266646635393564383439613630336566383336313036333933333230666230
34646334306666626138333233343332366237646165636538326264663635373438656431636435
35666334323035663933333764313564393536663335336561343734343662623939336531303235
64393333313962333737616639663234393833633332643430326163323865613632663463346635
35326632626363346536663563616334663366613734616562626165376335613165306531303932
65623031386563326665303536646531306235613034336263393436363536303565656138303931
30663237306161626130653663663365323030613635343563653465386561626361353532643737
36626466626234376462373732653936326363376639613563653361366339363538383431383136
61303134333665393039633263323238623539653233323732363163353762623730306366306134
65663661633331393137396661313530663638383236656333393638356164643537663935343063
34383039363832623663323661663530303534636635653631393536653837333766616161623839
38383830326266353362613232643036393365633261333933363931313830666537363338633337
66303166393430653263646338653539316234613432373763393664636631383737306236643431
33396234386562346165346239343838323133653461646165643538666231323561376166393231
39333534393961656234373235616332306639373764653164393232363535646239383432343963
36343134363631626434323335303136346536393266363735316437333165366538373535333866
36626537636465376533616130363564626238356162623539316133306663333763393033333663
63383462643938373262643435623132653730346564383537633537303034326366616661393062
31316532383035383632633535303564626238613438653265366261663033326463316366656266
65636462323832353565383334646239393636323635623230343537646338613861633532343962
36616432653936356266626533383433376663373838653533366631386262353337383236373166
33373139323765326135356431613235346431623931333362663463646630336332616337333535
34336130366564303136653933303233663538353561396430313937363536663961333431323435
35316537393462316334366163346663623933653861376637336338383837303233623434353238
34383866636361333061393630376431323165353036373435646566326461333737313038656135
31623466316339353463393165626236333763396434396638646461393434353132373030613633
32393032353730656562666431383236653461656566643332363034636134653737343537306136
65316437376265323439326234653363353336343631363630613533303837313535306666313461
63623339383432353739616664396666336638316131653133363066633461646336356636376534
34663730666436613733336439653031306561616263373235346461306335616166303637343462
38663364636536663764383164306436373563346562643038613065336366363939376136646332
65353261346434316534313766633139623937366265316130646138656535303031626230326463
32653530613139313534316132653531613438313339333163376665666539313661663430353336
32663930326561646536393232393730386464643364366130356464633934316261643435303734
39363666333362396266343331633266653539343862386535363736333363623035353866363335
64626339313631306266373338323163393632353433643036353762396162666562653831623235
39373332626536323866

View file

@ -7,7 +7,7 @@ services:
postfix:
file: postfix.yml
domain: "smtp.{{ base_domain }}"
version: "v3.5.1"
version: "v3.5.1-alpine"
nginx_proxy:
file: nginx_proxy.yml
@ -42,6 +42,7 @@ services:
domain: sso.{{ base_domain }}
volume_folder: "{{ volume_root_folder }}/keycloak"
version: "20.0"
allowed_sender_domain: true
restic:
file: restic_backup.yml
@ -117,6 +118,16 @@ services:
- "{{ base_domain }}"
- "www.{{ base_domain }}"
new_data_coop_website:
file: websites/new.data.coop.yml
domain: "new.{{ base_domain }}"
version: hugo
slides_2022_website:
file: websites/2022.slides.data.coop.yml
domain: "2022.slides.{{ base_domain }}"
version: latest
cryptohagen_website:
file: websites/cryptohagen.dk.yml
domains:
@ -144,7 +155,7 @@ services:
mailu:
file: mailu.yml
version: 1.6
version: 1.9
domain: "mail.{{ base_domain }}"
dns: 192.168.203.254
subnet: 192.168.203.0/24
@ -161,16 +172,20 @@ services:
file: rallly.yml
domain: "when.{{ base_domain }}"
volume_folder: "{{ volume_root_folder }}/rallly"
version: a21f92bf74308d66cfcd545d49b81eba0211a222
version: ac55701890cd866ee946deb25e2b2839fb14900e
allowed_sender_domain: true
pinafore:
file: pinafore.yml
domain: "pinafore.{{ base_domain }}"
version: v2.4.0
version: v2.5.0
membersystem:
file: membersystem.yml
domain: "member.{{ base_domain }}"
django_admins: "Vidir:valberg@orn.li"
allowed_sender_domain: true
watchtower:
file: watchtower.yml
version: amd64-1.5.1

View file

@ -0,0 +1,2 @@
server_name www.data.coop;
return 301 $scheme://data.coop$request_uri;

View file

@ -18,9 +18,13 @@
- name: install docker python bindings
pip:
executable: "pip3"
name: "docker-compose"
executable: pip3
name: "{{ packages }}"
state: present
vars:
packages:
- docker
- docker-compose
- name: create folder structure for bind mounts
file:

View file

@ -1,5 +1,4 @@
---
- name: create mailu volume folders
file:
name: "{{ services.mailu.volume_folder }}/{{ volume }}"
@ -7,13 +6,19 @@
loop:
- redis
- certs
- overrides
- data
- dkim
- mail
- mailqueue
- filter
- dav
- postgres
- webmail
- overrides
- overrides/nginx
- overrides/dovecot
- overrides/postfix
- overrides/rspamd
- overrides/rainloop
loop_control:
loop_var: volume
@ -45,22 +50,27 @@
definition:
version: '3.6'
services:
postgres:
image: postgres:14-alpine
restart: always
environment:
POSTGRES_DB: mailu
POSTGRES_USER: mailu
POSTGRES_PASSWORD: "{{ postgres_passwords.mailu }}"
volumes:
- "{{ services.mailu.volume_folder }}/postgres:/var/lib/postgresql/data"
dns:
- "{{ services.mailu.dns }}"
redis:
image: redis:alpine
restart: always
volumes:
- "{{ services.mailu.volume_folder }}/redis:/data"
database:
image: mailu/postgresql:{{ services.mailu.version }}
restart: always
env_file: "{{ services.mailu.volume_folder}}/mailu.env"
volumes:
- "{{ services.mailu.volume_folder }}/data/psql_db:/data"
- "{{ services.mailu.volume_folder }}/data/psql_backup:/backup"
networks:
- default
- external_services
depends_on:
- resolver
dns:
- "{{ services.mailu.dns }}"
front:
image: mailu/nginx:{{ services.mailu.version }}
@ -72,7 +82,7 @@
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
volumes:
- "{{ services.mailu.volume_folder }}/certs:/certs"
- "{{ services.mailu.volume_folder }}/overrides/nginx:/overrides"
- "{{ services.mailu.volume_folder }}/overrides/nginx:/overrides:ro"
expose:
- "80"
ports:
@ -101,6 +111,9 @@
- "{{ services.mailu.volume_folder }}/dkim:/dkim"
depends_on:
- redis
- resolver
dns:
- "{{ services.mailu.dns }}"
imap:
image: mailu/dovecot:{{ services.mailu.version }}
@ -108,16 +121,20 @@
env_file: "{{ services.mailu.volume_folder}}/mailu.env"
volumes:
- "{{ services.mailu.volume_folder }}/mail:/mail"
- "{{ services.mailu.volume_folder }}/overrides:/overrides"
- "{{ services.mailu.volume_folder }}/overrides/dovecot:/overrides:ro"
depends_on:
- front
- resolver
dns:
- "{{ services.mailu.dns }}"
smtp:
image: mailu/postfix:{{ services.mailu.version }}
restart: always
env_file: "{{ services.mailu.volume_folder}}/mailu.env"
volumes:
- "{{ services.mailu.volume_folder }}/overrides:/overrides"
- "{{ services.mailu.volume_folder }}/mailqueue:/queue"
- "{{ services.mailu.volume_folder }}/overrides/postfix:/overrides:ro"
depends_on:
- front
- resolver
@ -126,12 +143,12 @@
antispam:
image: mailu/rspamd:{{ services.mailu.version }}
hostname: antispam
restart: always
env_file: "{{ services.mailu.volume_folder}}/mailu.env"
volumes:
- "{{ services.mailu.volume_folder }}/filter:/var/lib/rspamd"
- "{{ services.mailu.volume_folder }}/dkim:/dkim"
- "{{ services.mailu.volume_folder }}/overrides/rspamd:/etc/rspamd/override.d"
- "{{ services.mailu.volume_folder }}/overrides/rspamd:/etc/rspamd/override.d:ro"
depends_on:
- front
- resolver
@ -139,13 +156,14 @@
- "{{ services.mailu.dns }}"
webmail:
image: mailu/rainloop:1.6
image: mailu/rainloop:{{ services.mailu.version }}
restart: always
env_file: "{{ services.mailu.volume_folder}}/mailu.env"
volumes:
- "{{ services.mailu.volume_folder }}/webmail:/data"
- "{{ services.mailu.volume_folder }}/overrides/rainloop:/overrides:ro"
depends_on:
- front
- imap
- resolver
dns:
- "{{ services.mailu.dns }}"

View file

@ -36,11 +36,6 @@
src: files/configs/riot/riot.im.conf
dest: "{{ services.riot.volume_folder }}/data/riot.im.conf"
- name: upload vhost config for root domain
template:
src: files/configs/matrix/vhost-root
dest: "{{ services.nginx_proxy.volume_folder }}/vhost/{{ base_domain }}"
- name: upload vhost config for matrix domain
template:
src: files/configs/matrix/vhost-matrix

View file

@ -2,12 +2,12 @@
- name: watchtower container
docker_container:
name: watchtower
image: containrrr/watchtower:amd64-1.5.1
image: containrrr/watchtower:{{ services.watchtower.version }}
samsapti marked this conversation as resolved Outdated

Let's pin this to a version instead of latest.

Let's pin this to a version instead of latest.

Why not latest?

Why not latest?

Because I want to avoid confusion due to an unintended upgrade.

Because I want to avoid confusion due to an unintended upgrade.

I don't fully agree. I think it's better to always use the latest version security-wise, especially when it has access to the Docker socket.

I don't fully agree. I think it's better to always use the latest version security-wise, especially when it has access to the Docker socket.

I agree, and we should strive to upgrade whenever a new version is available. But I don't want stuff to suddenly break behaviour without us knowing why.

I agree, and we should strive to upgrade whenever a new version is available. But I don't want stuff to suddenly break behaviour without us knowing why.

I'll pin it then. GitHub supports RSS feeds for releases, maybe we could use that to be notified about new releases? We could set up notifications in our Matrix channel somehow.

https://github.com/containrrr/watchtower/releases.atom

I'll pin it then. GitHub supports RSS feeds for releases, maybe we could use that to be notified about new releases? We could set up notifications in our Matrix channel somehow. https://github.com/containrrr/watchtower/releases.atom

Sounds like a great idea!

Sounds like a great idea!
restart_policy: unless-stopped
networks:
- name: external_services
env:
WATCHTOWER_POLL_INTERVAL: 60
WATCHTOWER_POLL_INTERVAL: "60"
volumes:
- "/var/run/docker.sock:/var/run/docker.sock"
- "/root/.docker/config.json:/config.json:ro"
samsapti marked this conversation as resolved Outdated

This means that docker-registry should be run before watchtower right?

This means that `docker-registry` should be run before `watchtower` right?

Yes, which is currently also the case.

Yes, which is currently also the case.

View file

@ -1,19 +1,17 @@
---
- name: setup 2022.slides.data.coop website using unipi
docker_container:
name: 2022.slides.data.coop_website
image: docker.data.coop/unipi:latest
image: docker.data.coop/unipi:{{ services.slides_2022_website.version }}
restart_policy: unless-stopped
purge_networks: yes
networks:
- name: external_services
env:
VIRTUAL_HOST: "2022.slides.{{ services.data_coop_website.domains|join(',') }}"
LETSENCRYPT_HOST: "2022.slides.{{ services.data_coop_website.domains|join(',') }}"
VIRTUAL_HOST: "{{ services.slides_2022_website.domain }}"
LETSENCRYPT_HOST: "{{ services.slides_2022_website.domain }}"
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
# Temporarily hosting on github
command: "--remote=https://github.com/sorbusursina/datacoop-slides.git#slides2022"
command: "--remote=https://git.data.coop/data.coop/slides.git#slides2022"
capabilities:
- NET_ADMIN
devices:

View file

@ -1,4 +1,13 @@
---
- name: Upload vhost config for root domain
copy:
src: files/configs/matrix/vhost-root
dest: "{{ services.nginx_proxy.volume_folder }}/vhost/{{ base_domain }}"
- name: Upload vhost config for WWW domain
copy:
src: files/configs/vhost-www
dest: "{{ services.nginx_proxy.volume_folder }}/vhost/www.{{ base_domain }}"
- name: setup data.coop website docker container
docker_container:

View file

@ -1,18 +0,0 @@
- name: setup new-new data.coop website using unipi
docker_container:
name: new-new.data.coop_website
image: docker.data.coop/unipi:latest
restart_policy: unless-stopped
purge_networks: yes
networks:
- name: external_services
env:
VIRTUAL_HOST: "new-new.{{ services.data_coop_website.domains|join(',') }}"
LETSENCRYPT_HOST: "new-new.{{ services.data_coop_website.domains|join(',') }}"
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
# The ssh-key is for read-only only
command: "--remote=git@git.data.coop:halfd/new-website.git#main --ssh-key ed25519:Ag9RekCyC2eow4P/e5crVvSTQ7dTK46WkG0wqEPVJbU= --ssh-authenticator SHA256:l9kdLkb0kJm46pOJ4tCHCtFUaqV1ImbZWMA5oje10fI"
capabilities:
- NET_ADMIN
devices:
- "/dev/net/tun"

View file

@ -1,13 +1,12 @@
---
- name: setup new data.coop website using hugo
docker_container:
name: new.data.coop_website
image: docker.data.coop/data-coop-website:hugo
image: docker.data.coop/data-coop-website:{{ services.new_data_coop_website.version }}
restart_policy: unless-stopped
networks:
- name: external_services
env:
VIRTUAL_HOST : "new.{{ services.data_coop_website.domains|join(',') }}"
LETSENCRYPT_HOST: "new.{{ services.data_coop_website.domains|join(',') }}"
VIRTUAL_HOST : "{{ services.new_data_coop_website.domain }}"
LETSENCRYPT_HOST: "{{ services.new_data_coop_website.domain }}"
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"

View file

@ -1,8 +1,6 @@
# Mailu main configuration file
#
# Generated for compose flavor
#
# This file is autogenerated by the configuration management wizard.
# This file is autogenerated by the configuration management wizard for compose flavor.
# For a detailed list of configuration variables, see the documentation at
# https://mailu.io
@ -10,21 +8,9 @@
# Common configuration variables
###################################
# Set this to the path where Mailu data and configuration is stored
# This variable is now set directly in `docker-compose.yml by the setup utility
# ROOT=/mailu
# Mailu version to run (1.0, 1.1, etc. or master)
#VERSION=1.6
# Set to a randomly generated 16 bytes string
SECRET_KEY={{ mailu_secret_key }}
# Address where listening ports should bind
# This variables are now set directly in `docker-compose.yml by the setup utility
# PUBLIC_IPV4= 127.0.0.1 (default: 127.0.0.1)
# PUBLIC_IPV6= ::1 (default: ::1)
# Subnet of the docker network. This should not conflict with any networks to which your system is connected. (Internal and external!)
SUBNET={{ services.mailu.subnet }}
@ -40,8 +26,11 @@ POSTMASTER=admin
# Choose how secure connections will behave (value: letsencrypt, cert, notls, mail, mail-letsencrypt)
TLS_FLAVOR=mail
# Authentication rate limit (per source IP address)
AUTH_RATELIMIT=120/minute;1200/hour
# Authentication rate limit per IP (per /24 on ipv4 and /56 on ipv6)
AUTH_RATELIMIT_IP=1200/hour
# Authentication rate limit per user (regardless of the source-IP)
AUTH_RATELIMIT_USER=100/day
# Opt-out of statistics, replace with "True" to opt out
DISABLE_STATISTICS=True
@ -57,13 +46,10 @@ ADMIN=true
WEBMAIL=rainloop
# Dav server implementation (value: radicale, none)
WEBDAV=radicale
WEBDAV=none
# Antivirus solution (value: clamav, none)
#ANTIVIRUS=clamav
#Antispam solution
ANTISPAM=none
ANTIVIRUS=none
###################################
# Mail settings
@ -74,6 +60,9 @@ ANTISPAM=none
# Max attachment size will be 33% smaller
MESSAGE_SIZE_LIMIT=50000000
# Message rate limit (per user)
MESSAGE_RATELIMIT=200/day
# Networks granted relay permissions
# Use this with care, all hosts in this networks will be able to send mail without authentication!
RELAYNETS=
@ -98,11 +87,14 @@ WELCOME_SUBJECT=Welcome to your new email account
WELCOME_BODY=Welcome to your new email account, if you can read this, then it is configured properly!
# Maildir Compression
# choose compression-method, default: none (value: bz2, gz)
# choose compression-method, default: none (value: gz, bz2, lz4, zstd)
COMPRESSION=
# change compression-level, default: 6 (value: 1-9)
COMPRESSION_LEVEL=
# IMAP full-text search is enabled by default. Set the following variable to off in order to disable the feature.
# FULL_TEXT_SEARCH=off
###################################
# Web settings
###################################
@ -135,17 +127,16 @@ WEBSITE=https://{{ services.mailu.domain }}
# LOG_DRIVER=json-file
# Docker-compose project name, this will prepended to containers names.
COMPOSE_PROJECT_NAME=mailu
COMPOSE_PROJECT_NAME=mail_server
# Default password scheme used for newly created accounts and changed passwords
# (value: BLF-CRYPT, SHA512-CRYPT, SHA256-CRYPT, MD5-CRYPT, CRYPT)
PASSWORD_SCHEME=BLF-CRYPT
# Number of rounds used by the password hashing scheme
CREDENTIAL_ROUNDS=12
# Header to take the real ip from
REAL_IP_HEADER=
REAL_IP_HEADER=X-Forwarded-For
# IPs for nginx set_real_ip_from (CIDR list separated by commas)
REAL_IP_FROM=
REAL_IP_FROM={{ services.mailu.subnet }}
# choose wether mailu bounces (no) or rejects (yes) mail when recipient is unknown (value: yes, no)
REJECT_UNLISTED_RECIPIENT=
@ -153,8 +144,15 @@ REJECT_UNLISTED_RECIPIENT=
# Log level threshold in start.py (value: CRITICAL, ERROR, WARNING, INFO, DEBUG, NOTSET)
LOG_LEVEL=WARNING
# Timezone for the Mailu containers. See this link for all possible values https://en.wikipedia.org/wiki/List_of_tz_database_time_zones
TZ=Europe/Copenhagen
###################################
# Database settings
###################################
DB_FLAVOR=postgresql
DB_USER=mailu
DB_PW={{ postgres_passwords.mailu }}
DB_HOST=postgres
DB_NAME=mailu

View file

@ -14,11 +14,3 @@
apt:
name: srvadmin-all
when: not vagrant
- name: Install necessary packages via pip
pip:
name: "{{ packages }}"
vars:
packages:
- docker
- docker-compose