Add phanpy service #188
|
@ -158,6 +158,11 @@ services:
|
||||||
- "www.cryptoaarhus.dk"
|
- "www.cryptoaarhus.dk"
|
||||||
volume_folder: "{{ volume_website_folder }}/cryptoaarhus"
|
volume_folder: "{{ volume_website_folder }}/cryptoaarhus"
|
||||||
|
|
||||||
reynir marked this conversation as resolved
Outdated
|
|||||||
|
phanpy_website:
|
||||||
|
domain: "phanpy.data.coop"
|
||||||
|
volume_folder: "{{ volume_website_folder }}/phanpy"
|
||||||
|
version: latest
|
||||||
|
|
||||||
drone:
|
drone:
|
||||||
domain: "drone.{{ base_domain }}"
|
domain: "drone.{{ base_domain }}"
|
||||||
volume_folder: "{{ volume_root_folder }}/drone"
|
volume_folder: "{{ volume_root_folder }}/drone"
|
||||||
|
|
22
roles/docker/templates/compose-files/phanpy_website.yml.j2
Normal file
22
roles/docker/templates/compose-files/phanpy_website.yml.j2
Normal file
|
@ -0,0 +1,22 @@
|
||||||
|
# vim: ft=yaml.docker-compose
|
||||||
|
version: "3.8"
|
||||||
|
|
||||||
|
services:
|
||||||
|
web:
|
||||||
|
image: docker.data.coop/unipi:{{ services.phanpy_website.version }}
|
||||||
|
restart: unless-stopped
|
||||||
|
networks:
|
||||||
|
- external_services
|
||||||
|
environment:
|
||||||
|
VIRTUAL_HOST: "{{ services.phanpy_website.domain }}"
|
||||||
|
LETSENCRYPT_HOST: "{{ services.phanpy_website.domain }}"
|
||||||
|
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
|
||||||
|
command: --remote=https://git.data.coop/reynir/phanpy.git#production
|
||||||
|
cap_add:
|
||||||
|
- NET_ADMIN
|
||||||
|
devices:
|
||||||
|
- "/dev/net/tun"
|
||||||
samsapti
commented
What's this needed for? What's this needed for?
reynir
commented
It is needed to deconfigure the network, set up a bridge and a tap device like in the other unipi instances we run. For further details see entrypoint.sh in docker-unipi. Ideally, this would be handled by a docker network provider, but who has time to learn that?! It is needed to deconfigure the network, set up a bridge and a tap device like in the other unipi instances we run. For further details see [entrypoint.sh](https://git.data.coop/reynir/docker-unipi/src/branch/main/entrypoint.sh) in docker-unipi. Ideally, this would be handled by a docker network provider, but who has time to learn that?!
reynir
commented
There is definitely room for deduplicating code. Each unipi instance requires largely the same configuration except the domain name and There is definitely room for deduplicating code. Each unipi instance requires largely the same configuration except the domain name and `--remote` is different. I haven't figured out how to refactor this yet.
samsapti
commented
But doesn't it just need to set up the network interface for the container itself? I.e. inside the container? It doesn't need to modify anything outside the container, right? But doesn't it just need to set up the network interface for the container itself? I.e. inside the container? It doesn't need to modify anything outside the container, right?
reynir
commented
Correct, but you still need Correct, but you still need `CAP_NET_ADMIN`.
|
|||||||
|
|
||||||
|
networks:
|
||||||
|
external_services:
|
||||||
|
external: true
|
Loading…
Reference in a new issue
Let's change this to
phanpy.{{ base_domain }}
.Done in
65527be1f0
.