Collect versions and service information in docker/defaults/main.yml #125

Merged
valberg merged 8 commits from unify_configurations into main 2022-11-26 08:15:19 +00:00
14 changed files with 139 additions and 139 deletions
Showing only changes of commit 9e101bff21 - Show all commits

View file

@ -10,31 +10,6 @@
vagrant: "{{ ansible_virtualization_role == 'guest' }}" vagrant: "{{ ansible_virtualization_role == 'guest' }}"
letsencrypt_enabled: "{{ not vagrant }}" letsencrypt_enabled: "{{ not vagrant }}"
services:
- nginx-proxy
- postfix
- openldap
- keycloak
- restic-backup
- nextcloud
- passit
- gitea
- matrix_riot
- privatebin
- codimd
- hedgedoc
- netdata
- docker_registry
- drone
- websites
- ulovliglogning-dk
- watchtower
- mailu
- portainer
- mastodon
- rallly
- membersystem
smtp_host: "postfix" smtp_host: "postfix"
smtp_port: "587" smtp_port: "587"

View file

@ -6,6 +6,7 @@ services:
### Internal services ### ### Internal services ###
nginx_proxy: nginx_proxy:
file: nginx_proxy.yml
version: "1.0-alpine" version: "1.0-alpine"
volume_folder: "{{ volume_root_folder }}/nginx" volume_folder: "{{ volume_root_folder }}/nginx"
@ -13,6 +14,7 @@ services:
version: "2.2" version: "2.2"
openldap: openldap:
file: openldap.yml
domain: "ldap.{{ base_domain }}" domain: "ldap.{{ base_domain }}"
volume_folder: "{{ volume_root_folder }}/openldap" volume_folder: "{{ volume_root_folder }}/openldap"
version: "1.5.0" version: "1.5.0"
@ -21,36 +23,35 @@ services:
version: "0.9.0" version: "0.9.0"
netdata: netdata:
file: netdata.yml
domain: "netdata.{{ base_domain }}" domain: "netdata.{{ base_domain }}"
version: "v1" version: "v1"
portainer: portainer:
file: portainer.yml
domain: "portainer.{{ base_domain }}" domain: "portainer.{{ base_domain }}"
volume_folder: "{{ volume_root_folder }}/portainer" volume_folder: "{{ volume_root_folder }}/portainer"
version: "2.16.2" version: "2.16.2"
keycloak: keycloak:
file: keycloak.yml
domain: sso.{{ base_domain }} domain: sso.{{ base_domain }}
volume_folder: "{{ volume_root_folder }}/keycloak" volume_folder: "{{ volume_root_folder }}/keycloak"
version: "20.0" version: "20.0"
postfix: postfix:
file: postfix.yml
version: "v3.5.0" version: "v3.5.0"
allowed_sender_domains:
- "services.{{ base_domain }}"
- "{{ passit.domain }}"
- "{{ gitea.domain }}"
- "{{ mastodon.domain }}"
- "{{ rallly.domain }}"
- "{{ membersystem.domain }}"
restic: restic:
file: restic_backup.yml
user: "datacoop" user: "datacoop"
domain: "restic.cannedtuna.org" domain: "restic.cannedtuna.org"
repository: "datacoop-hevonen" repository: "datacoop-hevonen"
version: "1.6.0" version: "1.6.0"
docker_registry: docker_registry:
file: docker_registry.yml
domain: "docker.{{ base_domain }}" domain: "docker.{{ base_domain }}"
volume_folder: "{{ volume_root_folder }}/docker-registry" volume_folder: "{{ volume_root_folder }}/docker-registry"
username: "docker" username: "docker"
@ -60,21 +61,25 @@ services:
### External services ### ### External services ###
nextcloud: nextcloud:
file: nextcloud.yml
domain: "cloud.{{ base_domain }}" domain: "cloud.{{ base_domain }}"
volume_folder: "{{ volume_root_folder }}/nextcloud" volume_folder: "{{ volume_root_folder }}/nextcloud"
version: 25-apache version: 25-apache
gitea: gitea:
file: gitea.yml
domain: "git.{{ base_domain }}" domain: "git.{{ base_domain }}"
volume_folder: "{{ volume_root_folder }}/gitea" volume_folder: "{{ volume_root_folder }}/gitea"
version: 1.17.3 version: 1.17.3
passit: passit:
file: passit.yml
domain: "passit.{{ base_domain }}" domain: "passit.{{ base_domain }}"
volume_folder: "{{ volume_root_folder }}/passit" volume_folder: "{{ volume_root_folder }}/passit"
version: stable version: stable
matrix: matrix:
file: matrix_riot.yml
domain: "matrix.{{ base_domain }}" domain: "matrix.{{ base_domain }}"
volume_folder: "{{ volume_root_folder }}/matrix" volume_folder: "{{ volume_root_folder }}/matrix"
version: v1.63.1 version: v1.63.1
@ -87,6 +92,7 @@ services:
version: v1.11.8 version: v1.11.8
privatebin: privatebin:
file: privatebin.yml
domain: "paste.{{ base_domain }}" domain: "paste.{{ base_domain }}"
volume_folder: "{{ volume_root_folder }}/privatebin" volume_folder: "{{ volume_root_folder }}/privatebin"
version: 20221009 version: 20221009
@ -96,57 +102,63 @@ services:
volume_folder: "{{ volume_root_folder }}/codimd" volume_folder: "{{ volume_root_folder }}/codimd"
hedgedoc: hedgedoc:
file: hedgedoc.yml
domain: "pad.{{ base_domain }}" domain: "pad.{{ base_domain }}"
volume_folder: "{{ volume_root_folder }}/hedgedoc" volume_folder: "{{ volume_root_folder }}/hedgedoc"
version: 1.9.0 version: 1.9.0
data_coop_website: data_coop_website:
file: websites/data.coop.yml
domains: domains:
- "{{ base_domain }}" - "{{ base_domain }}"
- "www.{{ base_domain }}" - "www.{{ base_domain }}"
cryptohagen_website: cryptohagen_website:
file: websites/cryptohagen.dk.yml
domains: domains:
- "cryptohagen.dk" - "cryptohagen.dk"
- "www.cryptohagen.dk" - "www.cryptohagen.dk"
ulovliglogning_website: ulovliglogning_website:
file: websites/ulovliglogning.dk.yml
domains: domains:
- "ulovliglogning.dk" - "ulovliglogning.dk"
- "www.ulovliglogning.dk" - "www.ulovliglogning.dk"
- "ulovlig-logning.dk" - "ulovlig-logning.dk"
cryptoaarhus_website: cryptoaarhus_website:
file: websites/cryptoaarhus.dk.yml
domains: domains:
- "cryptoaarhus.dk" - "cryptoaarhus.dk"
- "www.cryptoaarhus.dk" - "www.cryptoaarhus.dk"
drone: drone:
file: drone.yml
domain: "drone.{{ base_domain }}" domain: "drone.{{ base_domain }}"
volume_folder: "{{ volume_root_folder }}/drone" volume_folder: "{{ volume_root_folder }}/drone"
version: 1 version: 1
mailu: mailu:
file: mailu.yml
version: 1.6 version: 1.6
domain: "mail.{{ base_domain }}" domain: "mail.{{ base_domain }}"
dns: 192.168.203.254 dns: 192.168.203.254
subnet: 192.168.203.0/24 subnet: 192.168.203.0/24
volume_folder: "{{ volume_root_folder }}/mailu" volume_folder: "{{ volume_root_folder }}/mailu"
ttrss:
domain: rss.{{ base_domain }}
volume_folder: "{{ volume_root_folder }}/tt-rss"
mastodon: mastodon:
file: mastodon.yml
domain: "social.{{ base_domain }}" domain: "social.{{ base_domain }}"
volume_folder: "{{ volume_root_folder }}/mastodon" volume_folder: "{{ volume_root_folder }}/mastodon"
version: v4.0.2 version: v4.0.2
rallly: rallly:
file: rallly.yml
domain: "when.{{ base_domain }}" domain: "when.{{ base_domain }}"
volume_folder: "{{ volume_root_folder }}/rallly" volume_folder: "{{ volume_root_folder }}/rallly"
version: a21f92bf74308d66cfcd545d49b81eba0211a222 version: a21f92bf74308d66cfcd545d49b81eba0211a222
membersystem: membersystem:
file: membersystem.yml
domain: "member.{{ base_domain }}" domain: "member.{{ base_domain }}"
django_admins: "Vidir:valberg@orn.li" django_admins: "Vidir:valberg@orn.li"

View file

@ -4,5 +4,6 @@
name: external_services name: external_services
- name: setup services - name: setup services
include_tasks: "services/{{ item }}.yml" include_tasks: "services/{{ item.value.file }}"
with_items: "{{ services }}" loop: "{{ services | dict2items }}"
when: item.value.file is defined

View file

@ -15,5 +15,13 @@
networks: networks:
- name: postfix - name: postfix
env: env:
ALLOWED_SENDER_DOMAINS: "{{ postfix.allowed_sender_domains|join(' ') }}" ALLOWED_SENDER_DOMAINS: "{{ allowed_sender_domains|join(' ') }}"
HOSTNAME: "smtp.data.coop" # the name the smtp server will identify itself as HOSTNAME: "smtp.data.coop" # the name the smtp server will identify itself as
vars:
allowed_sender_domains:
valberg marked this conversation as resolved Outdated

Jeg synes det her bør flyttes tilbage til defaults/main.yml, så vi har alle vars samlet ét sted.

Jeg synes det her bør flyttes tilbage til `defaults/main.yml`, så vi har alle vars samlet ét sted.

Det er fordi det ikke kan defineres i selve services dictionary'en da der refereres til services dictionary'en før den en færdig defineret. Jeg har muligvis en anden løsning coming up.

Det er fordi det ikke kan defineres i selve services dictionary'en da der refereres til services dictionary'en før den en færdig defineret. Jeg har muligvis en anden løsning coming up.

Aaah, det giver selvfølgelig mening.

Aaah, det giver selvfølgelig mening.
- "services.{{ base_domain }}"
- "{{ services.passit.domain }}"
- "{{ services.gitea.domain }}"
- "{{ services.mastodon.domain }}"
- "{{ services.rallly.domain }}"
- "{{ services.membersystem.domain }}"

View file

@ -1,100 +0,0 @@
---
- name: setup data.coop website docker container
docker_container:
name: data.coop_website
image: docker.data.coop/data-coop-website
restart_policy: unless-stopped
networks:
- name: external_services
env:
VIRTUAL_HOST : "{{ data_coop_website.domains|join(',') }}"
LETSENCRYPT_HOST: "{{ data_coop_website.domains|join(',') }}"
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
labels:
com.centurylinklabs.watchtower.enable: "true"
- name: setup new data.coop website using hugo
docker_container:
name: new.data.coop_website
image: docker.data.coop/data-coop-website:hugo
restart_policy: unless-stopped
networks:
- name: external_services
env:
VIRTUAL_HOST : "new.{{ data_coop_website.domains|join(',') }}"
LETSENCRYPT_HOST: "new.{{ data_coop_website.domains|join(',') }}"
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
labels:
com.centurylinklabs.watchtower.enable: "true"
- name: setup new-new data.coop website using unipi
docker_container:
name: new-new.data.coop_website
image: docker.data.coop/unipi:latest
restart_policy: unless-stopped
purge_networks: yes
networks:
- name: external_services
env:
VIRTUAL_HOST: "new-new.{{ data_coop_website.domains|join(',') }}"
LETSENCRYPT_HOST: "new-new.{{ data_coop_website.domains|join(',') }}"
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
# The ssh-key is for read-only only
command: "--remote=git@git.data.coop:halfd/new-website.git#main --ssh-key ed25519:Ag9RekCyC2eow4P/e5crVvSTQ7dTK46WkG0wqEPVJbU= --ssh-authenticator SHA256:l9kdLkb0kJm46pOJ4tCHCtFUaqV1ImbZWMA5oje10fI"
capabilities:
- NET_ADMIN
devices:
- "/dev/net/tun"
labels:
com.centurylinklabs.watchtower.enable: "true"
- name: setup 2022.slides.data.coop website using unipi
docker_container:
name: 2022.slides.data.coop_website
image: docker.data.coop/unipi:latest
restart_policy: unless-stopped
purge_networks: yes
networks:
- name: external_services
env:
VIRTUAL_HOST: "2022.slides.{{ data_coop_website.domains|join(',') }}"
LETSENCRYPT_HOST: "2022.slides.{{ data_coop_website.domains|join(',') }}"
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
# Temporarily hosting on github
command: "--remote=https://github.com/sorbusursina/datacoop-slides.git#slides2022"
capabilities:
- NET_ADMIN
devices:
- "/dev/net/tun"
labels:
com.centurylinklabs.watchtower.enable: "true"
- name: setup cryptohagen.dk website docker container
docker_container:
name: cryptohagen_website
restart_policy: unless-stopped
image: docker.data.coop/cryptohagen-website
networks:
- name: external_services
env:
VIRTUAL_HOST : "{{ cryptohagen_website.domains|join(',') }}"
LETSENCRYPT_HOST: "{{ cryptohagen_website.domains|join(',') }}"
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
labels:
com.centurylinklabs.watchtower.enable: "true"
- name: setup cryptoaarhus.dk website docker container
docker_container:
name: cryptoaarhus_website
restart_policy: unless-stopped
image: docker.data.coop/cryptoaarhus-website
networks:
- name: external_services
env:
VIRTUAL_HOST : "{{ cryptoaarhus_website.domains|join(',') }}"
LETSENCRYPT_HOST: "{{ cryptoaarhus_website.domains|join(',') }}"
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
labels:
com.centurylinklabs.watchtower.enable: "true"

View file

@ -0,0 +1,23 @@
---
- name: setup 2022.slides.data.coop website using unipi
docker_container:
name: 2022.slides.data.coop_website
image: docker.data.coop/unipi:latest
restart_policy: unless-stopped
purge_networks: yes
networks:
- name: external_services
env:
VIRTUAL_HOST: "2022.slides.{{ data_coop_website.domains|join(',') }}"
LETSENCRYPT_HOST: "2022.slides.{{ data_coop_website.domains|join(',') }}"
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
# Temporarily hosting on github
command: "--remote=https://github.com/sorbusursina/datacoop-slides.git#slides2022"
capabilities:
- NET_ADMIN
devices:
- "/dev/net/tun"
labels:
com.centurylinklabs.watchtower.enable: "true"

View file

@ -0,0 +1,15 @@
---
- name: setup cryptoaarhus.dk website docker container
docker_container:
name: cryptoaarhus_website
restart_policy: unless-stopped
image: docker.data.coop/cryptoaarhus-website
networks:
- name: external_services
env:
VIRTUAL_HOST : "{{ cryptoaarhus_website.domains|join(',') }}"
LETSENCRYPT_HOST: "{{ cryptoaarhus_website.domains|join(',') }}"
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
labels:
com.centurylinklabs.watchtower.enable: "true"

View file

@ -0,0 +1,15 @@
---
- name: setup cryptohagen.dk website docker container
docker_container:
name: cryptohagen_website
restart_policy: unless-stopped
image: docker.data.coop/cryptohagen-website
networks:
- name: external_services
env:
VIRTUAL_HOST : "{{ cryptohagen_website.domains|join(',') }}"
LETSENCRYPT_HOST: "{{ cryptohagen_website.domains|join(',') }}"
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
labels:
com.centurylinklabs.watchtower.enable: "true"

View file

@ -0,0 +1,15 @@
---
- name: setup data.coop website docker container
docker_container:
name: data.coop_website
image: docker.data.coop/data-coop-website
restart_policy: unless-stopped
networks:
- name: external_services
env:
VIRTUAL_HOST : "{{ data_coop_website.domains|join(',') }}"
LETSENCRYPT_HOST: "{{ data_coop_website.domains|join(',') }}"
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
labels:
com.centurylinklabs.watchtower.enable: "true"

View file

@ -0,0 +1,21 @@
- name: setup new-new data.coop website using unipi
docker_container:
name: new-new.data.coop_website
image: docker.data.coop/unipi:latest
restart_policy: unless-stopped
purge_networks: yes
networks:
- name: external_services
env:
VIRTUAL_HOST: "new-new.{{ data_coop_website.domains|join(',') }}"
LETSENCRYPT_HOST: "new-new.{{ data_coop_website.domains|join(',') }}"
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
# The ssh-key is for read-only only
command: "--remote=git@git.data.coop:halfd/new-website.git#main --ssh-key ed25519:Ag9RekCyC2eow4P/e5crVvSTQ7dTK46WkG0wqEPVJbU= --ssh-authenticator SHA256:l9kdLkb0kJm46pOJ4tCHCtFUaqV1ImbZWMA5oje10fI"
capabilities:
- NET_ADMIN
devices:
- "/dev/net/tun"
labels:
com.centurylinklabs.watchtower.enable: "true"

View file

@ -0,0 +1,15 @@
---
- name: setup new data.coop website using hugo
docker_container:
name: new.data.coop_website
image: docker.data.coop/data-coop-website:hugo
restart_policy: unless-stopped
networks:
- name: external_services
env:
VIRTUAL_HOST : "new.{{ data_coop_website.domains|join(',') }}"
LETSENCRYPT_HOST: "new.{{ data_coop_website.domains|join(',') }}"
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
labels:
com.centurylinklabs.watchtower.enable: "true"