ern_st/data.coop-ansible
1
0
Fork 0
forked from data.coop/ansible
Code Issues Pull requests Releases Wiki Activity

Compare commits

base: ern_st:gluu
Branches Tags
ern_st:master
ern_st:add-ulovliglogning-website
ern_st:gluu
ern_st:mailman
ern_st:service/mailu
ern_st:watchtower
data.coop:reynir-patch-1
data.coop:proxmox
data.coop:main
data.coop:diun
data.coop:use_sudo
data.coop:woodpeckerci
data.coop:linting
data.coop:mailman
data.coop:listmonk
data.coop:sshd-password
..
compare: ern_st:master
Branches Tags
ern_st:master
ern_st:add-ulovliglogning-website
ern_st:gluu
ern_st:mailman
ern_st:service/mailu
ern_st:watchtower
data.coop:reynir-patch-1
data.coop:proxmox
data.coop:main
data.coop:diun
data.coop:use_sudo
data.coop:woodpeckerci
data.coop:linting
data.coop:mailman
data.coop:listmonk
data.coop:sshd-password

22 commits
gluu ... master

Author SHA1 Message Date
Jeppe Ernst aa789988e5 add user 'ernst' 2020-01-25 12:17:31 +01:00
Jesper Hess cd2424999f
Add www.[domain] to hosted websites 2020-01-14 08:11:19 +01:00
Jesper Hess 4e0332cc79
Add www.[domain] to hosted websites 2020-01-14 08:10:03 +01:00
Jesper Hess ef3e0993da
Add www.[domain] to hosted websites 2020-01-14 07:58:32 +01:00
valberg 625e83e0d3 Merge branch 'add-ulovliglogning-website' of data.coop/ansible into master 2020-01-13 18:25:21 +00:00
Jesper Hess 1adc11e9c4 Add ulovliglogning.dk website to the stack 2020-01-13 19:24:54 +01:00
Jesper Hess 447b82326c
Add ulovliglogning.dk website to the stack 2020-01-13 17:29:09 +01:00
Jesper Hess edfd530afe
Upgrade Synapse to v1.7.1 and Riot v1.5.6 2019-12-19 11:18:41 +01:00
Jesper Hess 67443d23d4 Merge branch 'master' of deni/ansible into master 2019-11-28 10:26:50 +00:00
Denis Smajlović 9195016a40 Add user deni 2019-11-24 17:49:06 +00:00
valberg 2e5dc7158d Merge branch 'mailu-smtps' of reynir/ansible into master 2019-11-21 18:39:40 +00:00
Reynir Björnsson 6331805793 Add smtps port 2019-11-19 11:10:05 +01:00
Jesper Hess 97fe0e16ef Merge branch 'upgrade-matrix-riot' of data.coop/ansible into master 
As above. Just forgot to merge :)
 2019-11-11 09:03:31 +00:00
Jesper Hess 3f2c7b1547
Upgrade Synapse to v1.5.1 and Riot to v1.5.3 2019-11-11 09:56:02 +01:00
Jesper Hess 71664653b0
Upgrade to Synapse 1.0.0 and Riot-Web 1.2.1 2019-06-12 14:33:35 +02:00
Jesper Hess 57cf5103c5
Upgrade to Matrix 0.99.5 and Riot 1.2.0 2019-05-30 19:59:37 +02:00
Jesper Hess 5566be7da9
Make netdata update via ouroboros 2019-05-30 18:53:26 +02:00
Jesper Hess 70632c26c2
Add tt-rss service 2019-04-25 12:05:28 +02:00
Jesper Hess fb67e038a8
Upgrade riot to 1.0.7 2019-04-10 18:01:58 +02:00
Jesper Hess 999f266af5
Update synapse to v0.99.3 2019-04-10 17:53:46 +02:00
Jesper Hess e42937736e
Enable group/community creation for all matrix users 2019-04-10 17:46:39 +02:00
Jesper Hess ba28b1eb0c
Add SYNAPSE_CACHE_FACTOR env var 2019-03-30 09:35:04 +01:00
11 changed files with 154 additions and 300 deletions
Show stats Expand all files Collapse all files

114
group_vars/all/secrets.yml
View file

@ -1,58 +1,58 @@
$ANSIBLE_VAULT;1.1;AES256 $ANSIBLE_VAULT;1.1;AES256
63333365303665346136333263333734363333616230313931356131633966646263316436356536 32393230646466336565653530386632356235653437356237393163313033663066393963343031
3565366362616366393362636336383565366531333839620a333939613332646665633236343336 3339346530316430666632666230316165663564313464390a666539666265326235666266306231
36633835396234643233643936396565636564343538633838343438353030306433346262393739 38383466343364646333343132333338306434613961663765353566353166626539306335653537
6339346565653237370a313237653734353130343334306366323633636639383261306166306530 3466326433316166370a376639363235326363323234313630336330613733616362653838396464
32326636653937633233353639663035383437636638653932653639373763623433633431643231 36623733643261633730306537613132333432333239353638636363646464633665643832646238
34396237653832616638623137666530326466393966323533313261353030343165636330396631 34663635343437643534633232346466373336316664343335313435366636303136303239643834
62386331323336326665343262363232376131613365393465613334643936326263316137396633 63623436323831613862343938303137643735336637306433376237643032633738376563666265
63336135356264613461616461316630636533373961373263373165356632643738366338373366 33383032643461653763653231333132633034383431303165646439393266616634386431313565
36663432386538323836613665646664313330336363633064373337383764663937316261636661 38656530306538343239323864303538376165313330623231646265626261303235343130653665
38373632316136636337396561373738376466613165653266313434393264646130663938653739 62363839346630343461323136363037666135373733303864623737313634316136336537323464
36393933326231626466613665373964313661663464383735663765336639663436336261613834 37633539396462313462386364373733313566373332343834353164393161636161356537303237
39616239366637373462363934656239653731383063373536363338326161633831343031636565 39646561376138613433633431626530346430356264653932636163393663356565393464393161
61616133333539393464323032636235633934343339356562343234373062353830336138386138 37313661633466636437623233623937353234313962633131383365396631643631346261386439
31393661303930656334343637646335656565303161363033353762623638323537643863643134 65393162633965353538626133636534336635623364353963626135333637343662353765633161
39393539393263313836623161633465386338653336633263633336316431666333393565386435 34373337653730333032396663306663653830643761633730663432366433346631363463323464
64363631316432636637633364646365323838386630626164383266386534316639393961663534 38356163363836636562376431373933623930643236636239663065306536396236633130306165
65666166653737646336303732333063313932336261323631306661613662643334316566666434 62343730306465333361663530363462666439343438633965393965623239623836333335366438
37623463646231346461643839386365333431353738626264663535366635623634653431356463 65336463333539303366376635303432643538666362643335393834336231646562366234623832
32356232383837666466383765353561666236363337666434623335363230363966323362666536 33623632653932636662653933623362356431393739646166353136346235333231643530323738
62646238633632626162363134373036353234393134626636366565353935333339346431316461 62643135386563353933616632363664363430393035343263393736393736623831666239363866
38306430663532396132656663313964346434656462373663616639323234306330666664383166 63333163646631396266366164633562653633333536663763643364616666323262666633663265
38346430613338303136643666613765333636306537346534633162323739343537303039353938 65386238366131343432646164383061373635346165303064626632303234663730356130636436
38613264666339303436353133323763306134343935396230396639623937376634666133393133 63396237313338656533393062363133643631346563303139306230333137383734333764616165
32643832313561613138656633306236383933303365626161373366313265626639383662356634 61303632393363396565383731353066633666353835313665303532656635356465343861613132
65353366613162616366343766333830633930323433643434366635646664636362666636336435 38613530376165376666303536303263383039613533393731396663376431616561656564316336
39343236636166653736623833386333356533326266633131666262353839306538656335643230 39613134666531303638323230316365333432376165303361303361383339363539353938633931
37656430663962333666376138326662376436383736643065316163396264663830356337323339 61373765366133643263373233626436333735393130373461383333613363626135666663633637
31346130613665656438623666363764643466366331303064386237363331383030373036633637 33633061316661313930333133343262666636343835633234383264613966656438646430316636
35323437383066323962353132383462383631633435306530336666623133306636643835653837 34333866616634306239333238356261333336343930353361656263326135656163353937316434
36646438623437333566633663613932616163666137313734666137376565626334323539623637 63623831333939653264326638366230333636663234303762393966386539653932346436303965
33633435303131656538616165643238313433316534616337316464383263633430663662323933 35383137323661663862313764653064353030626662353365623663653565623866626266333335
35323766303564643237316166646539396266633765653266663861653031346139316561326239 39633538303566333061383938383739396266396533666231316534323161666331333632663963
63373939363564353563623836373831303862306637323738396434363166653433323431343837 38383332623561383164336633316534326635323435356135383736303536643133383631393339
65363437623461383936626331636138373035666264363363313034613235643864336365643464 36353732393263626661346563356663356436363465393639613631366332353938663535356137
39306433333131306136313432646464613565346536353430326264363632316661333632343862 32393138323662646166386139653833313536656434363461383565636232333630653462343934
37653138666662663632303535623737633765323731633439323664363834333262326461366463 61363535363332353131393265353031643964303766363431343332666634353166303435303165
36323339643434636134356434353332313639376164373237396562396630353433373136623332 34356363326539383139396536643338316631333630393839623339616263666661366462313236
62366638623664333765323565393464373333366332623065653034626463313336633932316637 34303939623335353366613865363530333338643364633862336337373737653863643239386132
36323465623330643731303561336366303337626432356538643561343162326339643735323061 38633065623365326136656538663839313563313435653733336633613737393739623334303938
61303237306164353339663137386337363166303935363438373733386238636463653536313733 39623161353939663935373838316137633262373435353335323537363637623834363030343839
39363063393739663030376464616661393638333030633061653466396234656530343762346663 64666565633534326662636530383733396531613939613431646136396366323764393363343231
36313664316130643837313364656230386539633330363937333132623363633161376633636134 38393239663762623932626537613763353065643564303766663932346666393938616562376666
33383764356638376135633538646638626130646530386261313964353661656335376230346430 38383939643632313931343063323838613461633161643434353532623433303434396262363764
37383263646463623166633932376335633536383131343664646336326436316637376661396466 30303361303832363765316265346534313637663462303362633039363163356535356565343964
31356461656439306436646264626265356561333264323166303165346565376237663835323536 66653639356661373231653630646338393835656435386566623263353363376365353565333961
35663935393165656365323138346236363161353161333338363632333832636536646139656532 62646634323730633364366137326434663661383165373066303062396432373361346436316338
61633666306433343332343762373061316134396130653635663435396265363933626138353338 38663264663235333938363538353736636161633639383937336365323732353161643365616264
38363331396136343065633631626663306537376461643131636532313931356666633331333231 39643234643238646332613934343666323736666261366164383034303637623133303365313062
61663338313165663734356636323732336434396465316436383961313033313965303833636162 38353832353366383637626532386339306438333035313563333464326539363661633564316534
36333937623130653062613334353438306137653238356635313132666535643131323763636137 62613538356366343566303339383863343265633161396162353962356366333432623438343039
39636462393662633765626238636136636637643335373535653436376666326134376264323539 63303662643339636366623630616339363363633434383731376334323736373265326138356161
39353437303262343664313238306364353964633161366630663233633064313163386338643662 66336636613138666465623635343163386537376263353437333765323832333539386336326564
63303830643230303334336362653639323463336631323663613433336334383962663664303764 37356331343139653339313337383461333834353166353838643666376439376237353032363164
33653635626136633530356435383164383865633333353133346564666531303735643664313530 66613530633538666436366563343232326334613432363162383163383031343763653864646331
63333831343666623364623834396162636439396639343430313064303739636465323937653634 36303463316637336132353832643761386332643130353839363833346532626162643661366464
33333963326131353335326138326530393938353533383832656335623536643064643762636462 34336438306661343961663163386361316338303930343364656561326363623630303036616264
6262 3232

14
group_vars/all/vars.yml
View file

@ -21,4 +21,18 @@ users:
groups: groups:
- sudo - sudo
deni:
comment: Denis Smajlović
key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQC0pB42dtqruXr2Ha8Rdp3QoSrMOLU5cbLMfuNTNmgwPZmprhGGRTAsz8E0aG+5HCFBmW6JxiTGyHGdIZrhYWpKYshxxn4zODfitP7IzDgvg9Pz0Ugw/c5i5eKjkVfw9xLZKjO/H3Ql8R+wFMawpdw7j+Q9G+J3eIidEI6TmSvJVWijBxpLI4qrLceL084qg93XpJENYBOcvx9fYQQ+Es0jo4hmPuHWq5VIkIoIfvVvdhwjlaBsqv2je5BNx8uTMVIyV34ZHpJc95wJ6MOcqpQunW2bR4mGc9FLh67eP2ba9nDoQ0pnnlWGqAIKx5P1ELIg7RM3HhuwfRVh4DxCfjXpMz3l1gr1dA1wVD9bOtzbPWLjo7LNkRcT/loba/jpznTNIEv+kawmm/H0aTZZdlofkGHuX0iOpLV1c1tCDMH1s/MCqwosSRihrXhSOozsABvaaZpJiHcpE4DcNr+xJhe1XrHMqR30KU0r7ulIP8JdhzMNEsq3HxZQh9s8XLIUukrpcpOgJYyGuQK3kG6li5kYbmVqjLDQ1xHi/4r/4TXjJYpsFCZ71SURLzxoF1nauHpBLKcHI3MPFvqr27SQcM92fO14wKDAmAtHINwzMQjlda6B0jFNC+2xUfHrH7yIhwSktytq5qbhiFKK71DSLiMKFvOqoTVWRckO2+Zw1HZB+Q== deni@deni.dk
password: $6$ooKtdqASOxYJN2CJ$ziMrGG/qIOeyiTGjx.hPYjVBlHpzM9YY6qCJB9/L8aR33feUvXxZNBCgME93ZhbwDBjblS/tP796LsCF4i17D.
groups:
- sudo
ernst:
comment: Jeppe Ernst
key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCmwvwEE8WJCbBHFa0PgzoI+cDFqJDvTctlgHC6JSCT2CQD7xWDgwg4yWuVmrM4w7aS6TEoe9ra0ZDtCsVEBmv+bMPEH2ecVUHn4ejf2f8ajmxdGy60tWmaXIwddc8v8T4lI1motj3250fW5cHtD9EZeD0YdFa/u2T1X6JznKx+KC8fYvSW3qrXV7re6Xwtq79w0h6zVQVsRSbkR4Nolmzky0ymRiJ59J0j4dZ+SSYoyAFE1oTtDzFyx9Wv9o+DZLlRy5OKjUrVpo2G/TKfmjCuFLB8mp7ipcw19g2fzR8FNlvis2dFVSDOwpf+qP2ho8bBB51IwBPywiO43tfLQbbD ernst
password: $6$0GuugV.hig0D/L4G$4tqa7.zb0wpY3V08/MLY2S4.T7ZO9RC4aOL9LE26nRV/Pzamu/Xpl3vKgHoNCmdbtuokguHiC17VdqKdMjEK70
groups:
- sudo
volume_root_folder: "/docker-volumes" volume_root_folder: "/docker-volumes"

2
playbook.yml
View file

@ -23,9 +23,11 @@
- docker_registry - docker_registry
- drone - drone
- websites - websites
- ulovliglogning-dk
- ouroboros - ouroboros
- mailu - mailu
- portainer - portainer
- tt-rss
smtp_host: "postfix" smtp_host: "postfix"
smtp_port: "587" smtp_port: "587"

13
roles/docker/defaults/main.yml
View file

@ -49,10 +49,13 @@ docker_registry:
password: "{{ docker_password }}" password: "{{ docker_password }}"
data_coop_website: data_coop_website:
domain: "{{ base_domain }}" domain: "{{ base_domain }},www.{{ base_domain }}"
cryptohagen_website: cryptohagen_website:
domain: "cryptohagen.dk" domain: "cryptohagen.dk,www.cryptohagen.dk"
ulovliglogning_website:
domain: "ulovliglogning.dk,www.ulovliglogning.dk"
drone: drone:
domain: "drone.{{ base_domain }}" domain: "drone.{{ base_domain }}"
@ -69,7 +72,7 @@ portainer:
domain: "portainer.{{ base_domain }}" domain: "portainer.{{ base_domain }}"
volume_folder: "{{ volume_root_folder }}/portainer" volume_folder: "{{ volume_root_folder }}/portainer"
gluu: ttrss:
domain: "gluu.{{ base_domain }}" domain: rss.{{ base_domain }}
volume_folder: "{{ volume_root_folder }}/gluu" volume_folder: "{{ volume_root_folder }}/tt-rss"

2
roles/docker/files/configs/matrix/homeserver.yaml
View file

@ -881,7 +881,7 @@ password_config:
# Whether to allow non server admins to create groups on this server # Whether to allow non server admins to create groups on this server
# #
enable_group_creation: false enable_group_creation: true
# If enabled, non server admins can only create groups with local parts # If enabled, non server admins can only create groups with local parts
# starting with this prefix # starting with this prefix

235
roles/docker/tasks/services/gluu.yml
View file

@ -1,235 +0,0 @@
- name: create gluu volume folders
file:
name: "{{ gluu.volume_folder }}/{{ volume }}"
state: directory
loop:
- "config-init/db"
- "consul/data"
- "opendj/config"
- "opendj/ldif"
- "opendj/logs"
- "opendj/db"
- "opendj/flag"
- "opendj/backup"
- "oxauth/custom"
- "oxauth/custom/pages"
- "oxauth/custom/static"
- "oxauth/lib/ext"
- "oxauth/logs"
- "oxtrust/custom/pages"
- "oxtrust/lib/ext"
- "oxtrust/logs"
- "shared-shibboleth-idp"
- "vault/config:/vault/config"
- "vault/data:/vault/data"
- "vault/logs:/vault/logs"
loop_control:
loop_var: "volume"
- name: set up gluu
docker_service:
project_name: gluu
pull: yes
definition:
version: "2.3"
services:
consul:
image: consul
container_name: consul
command: agent -server -bootstrap -ui
hostname: consul-1
environment:
- CONSUL_BIND_INTERFACE=eth0
- CONSUL_CLIENT_INTERFACE=eth0
restart: unless-stopped
volumes:
- "{{ gluu.volume_folder }}/consul:/consul/data"
networks:
- "gluu"
labels:
- "SERVICE_IGNORE=yes"
vault:
container_name: vault
image: vault:1.0.1
command: vault server -config=/vault/config
volumes:
- "{{ gluu.volume_folder }}/vault/config:/vault/config"
- "{{ gluu.volume_folder }}/vault/data:/vault/data"
- "{{ gluu.volume_folder }}/vault/logs:/vault/logs"
- "{{ gluu.volume_folder }}/vault/vault_gluu_policy.hcl:/vault/config/policy.hcl"
- "{{ gluu.volume_folder }}/vault/gcp_kms_stanza.hcl:/vault/config/stanza.hcl"
- "{{ gluu.volume_folder }}/vault/gcp_kms_creds.json:/vault/config/creds.json"
cap_add:
- IPC_LOCK
environment:
- VAULT_REDIRECT_INTERFACE=eth0
- VAULT_CLUSTER_INTERFACE=eth0
- VAULT_ADDR=http://0.0.0.0:8200
- VAULT_LOCAL_CONFIG={"backend":{"consul":{"address":"consul:8500","path":"vault/"}},"listener":{"tcp":{"address":"0.0.0.0:8200","tls_disable":1}}}
restart: unless-stopped
networks:
- "gluu"
depends_on:
- consul
labels:
- "SERVICE_IGNORE=yes"
registrator:
container_name: registrator
image: gluufederation/registrator:dev
command: registrator -internal -cleanup -resync 30 -retry-attempts 5 -retry-interval 10 consul://consul:8500
volumes:
- /var/run/docker.sock:/tmp/docker.sock
networks:
- "gluu"
restart: unless-stopped
depends_on:
- consul
nginx:
container_name: nginx
image: gluufederation/nginx:3.1.5_02
environment:
- GLUU_CONFIG_CONSUL_HOST=consul
- GLUU_SECRET_VAULT_HOST=vault
- VIRTUAL_HOST="{{ gluu.domain }}"
- LETSENCRYPT_HOST="{{ gluu.domain }}"
- LETSENCRYPT_EMAIL="{{ letsencrypt_email }}"
ports:
- "80"
- "443"
networks:
- "external_services"
- "gluu"
restart: unless-stopped
labels:
- "SERVICE_IGNORE=yes"
ldap:
container_name: ldap
image: gluufederation/opendj:3.1.5_02
environment:
- GLUU_CONFIG_CONSUL_HOST=consul
- GLUU_SECRET_VAULT_HOST=vault
- GLUU_LDAP_INIT=true
- GLUU_LDAP_INIT_HOST=ldap
- GLUU_LDAP_INIT_PORT=1636
- GLUU_OXTRUST_CONFIG_GENERATION=true
- GLUU_CACHE_TYPE=NATIVE_PERSISTENCE
# - GLUU_CACHE_TYPE=REDIS # don't forget to enable redis service
# - GLUU_REDIS_URL=redis:6379
# - GLUU_REDIS_TYPE=STANDALONE
# the value must match service name `ldap` because other containers
# use this value as LDAP hostname
- GLUU_CERT_ALT_NAME=ldap
volumes:
- "{{ gluu.volume_folder }}/opendj/config:/opt/opendj/config"
- "{{ gluu.volume_folder }}/opendj/ldif:/opt/opendj/ldif"
- "{{ gluu.volume_folder }}/opendj/logs:/opt/opendj/logs"
- "{{ gluu.volume_folder }}/opendj/db:/opt/opendj/db"
- "{{ gluu.volume_folder }}/opendj/flag:/flag"
- "{{ gluu.volume_folder }}/opendj/backup:/opt/opendj/bak"
networks:
- "gluu"
restart: unless-stopped
labels:
- "SERVICE_IGNORE=yes"
oxauth:
container_name: oxauth
image: gluufederation/oxauth:3.1.5_02
environment:
- GLUU_CONFIG_CONSUL_HOST=consul
- GLUU_SECRET_VAULT_HOST=consul
- GLUU_LDAP_URL=ldap:1636
extra_hosts:
- "{{ gluu.domain }}:85.235.225.231"
volumes:
- "{{ gluu.volume_folder }}/oxauth/custom/pages:/opt/gluu/jetty/oxauth/custom/pages"
- "{{ gluu.volume_folder }}/oxauth/custom/static:/opt/gluu/jetty/oxauth/custom/static"
- "{{ gluu.volume_folder }}/oxauth/lib/ext:/opt/gluu/jetty/oxauth/lib/ext"
- "{{ gluu.volume_folder }}/oxauth/logs:/opt/gluu/jetty/oxauth/logs"
networks:
- "gluu"
mem_limit: 1536M
restart: unless-stopped
labels:
- "SERVICE_NAME=oxauth"
- "SERVICE_8080_CHECK_HTTP=/oxauth/.well-known/openid-configuration"
- "SERVICE_8080_CHECK_INTERVAL=15s"
- "SERVICE_8080_CHECK_TIMEOUT=5s"
oxtrust:
container_name: oxtrust
image: gluufederation/oxtrust:3.1.5_02
environment:
- GLUU_CONFIG_CONSUL_HOST=consul
- GLUU_SECRET_VAULT_HOST=vault
- GLUU_LDAP_URL=ldap:1636
- GLUU_OXAUTH_BACKEND=oxauth:8080
extra_hosts:
- "{{ gluu.domain }}:85.235.225.231"
volumes:
- "{{ gluu.volume_folder }}/oxtrust/custom/pages:/opt/gluu/jetty/identity/custom/pages"
- "{{ gluu.volume_folder }}/oxtrust/custom/static:/opt/gluu/jetty/identity/custom/static"
- "{{ gluu.volume_folder }}/oxtrust/lib/ext:/opt/gluu/jetty/identity/lib/ext"
- "{{ gluu.volume_folder }}/oxtrust/logs:/opt/gluu/jetty/identity/logs"
- "{{ gluu.volume_folder }}/shared-shibboleth-idp:/opt/shared-shibboleth-idp"
networks:
- "gluu"
mem_limit: 1536M
restart: unless-stopped
labels:
- "SERVICE_NAME=oxtrust"
- "SERVICE_8080_CHECK_HTTP=/identity/restv1/scim-configuration"
- "SERVICE_8080_CHECK_INTERVAL=15s"
- "SERVICE_8080_CHECK_TIMEOUT=5s"
oxshibboleth:
container_name: oxshibboleth
image: gluufederation/oxshibboleth:3.1.5_02
environment:
- GLUU_CONFIG_CONSUL_HOST=consul
- GLUU_SECRET_VAULT_HOST=vault
- GLUU_LDAP_URL=ldap:1636
extra_hosts:
- "{{gluu.domain}}:85.235.225.231"
volumes:
- "{{ gluu.volume_folder }}/volumes/shared-shibboleth-idp:/opt/shared-shibboleth-idp"
networks:
- "gluu"
mem_limit: 1024M
restart: unless-stopped
labels:
- "SERVICE_NAME=oxshibboleth"
- "SERVICE_8086_CHECK_HTTP=/idp"
- "SERVICE_8086_CHECK_INTERVAL=15s"
- "SERVICE_8086_CHECK_TIMEOUT=5s"
oxpassport:
container_name: oxpassport
image: gluufederation/oxpassport:3.1.5_02
environment:
- GLUU_CONFIG_CONSUL_HOST=consul
- GLUU_SECRET_VAULT_HOST=vault
- GLUU_LDAP_URL=ldap:1636
# required by wait-for-it script
- GLUU_OXAUTH_BACKEND=oxauth:8080
- GLUU_OXTRUST_BACKEND=oxtrust:8080
extra_hosts:
- "{{gluu.domain}}:85.235.225.231"
networks:
- "gluu"
restart: unless-stopped
labels:
- "SERVICE_NAME=oxpassport"
- "SERVICE_8090_CHECK_HTTP=/passport"
- "SERVICE_8090_CHECK_INTERVAL=15s"
- "SERVICE_8090_CHECK_TIMEOUT=5s"
networks:
external_services:
external: true
gluu:
name: "gluu"

1
roles/docker/tasks/services/mailu.yml
View file

@ -78,6 +78,7 @@
- "993:993" - "993:993"
- "25:25" - "25:25"
- "587:587" - "587:587"
- "465:465"
networks: networks:
- default - default
- external_services - external_services

5
roles/docker/tasks/services/matrix_riot.yml
View file

@ -77,7 +77,7 @@
matrix_app: matrix_app:
container_name: matrix container_name: matrix
image: matrixdotorg/synapse:v0.99.2 image: matrixdotorg/synapse:v1.7.1
restart: unless-stopped restart: unless-stopped
networks: networks:
- matrix - matrix
@ -88,6 +88,7 @@
- "{{ matrix.volume_folder }}/data:/data" - "{{ matrix.volume_folder }}/data:/data"
environment: environment:
SYNAPSE_CONFIG_PATH: "/data/homeserver.yaml" SYNAPSE_CONFIG_PATH: "/data/homeserver.yaml"
SYNAPSE_CACHE_FACTOR: "2"
SYNAPSE_LOG_LEVEL: "INFO" SYNAPSE_LOG_LEVEL: "INFO"
VIRTUAL_HOST: "{{ matrix.domain }}" VIRTUAL_HOST: "{{ matrix.domain }}"
VIRTUAL_PORT: "8008" VIRTUAL_PORT: "8008"
@ -96,7 +97,7 @@
riot: riot:
container_name: riot_app container_name: riot_app
image: avhost/docker-matrix-riot:v1.0.3 image: avhost/docker-matrix-riot:v1.5.6
restart: unless-stopped restart: unless-stopped
networks: networks:
- matrix - matrix

2
roles/docker/tasks/services/netdata.yml
View file

@ -21,5 +21,7 @@
LETSENCRYPT_HOST: "{{ netdata.domain }}" LETSENCRYPT_HOST: "{{ netdata.domain }}"
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}" LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
PGID: "999" PGID: "999"
labels:
com.ouroboros.enable: "true"

53
roles/docker/tasks/services/tt-rss.yml Normal file
View file

@ -0,0 +1,53 @@
---
- name: create tt-rss folders
file:
name: "{{ ttrss.volume_folder }}/{{ volume }}"
state: directory
loop:
- "config"
- "db"
loop_control:
loop_var: volume
- name: "set up tt-rss"
docker_service:
project_name: "tt-rss"
pull: yes
definition:
version: "3.6"
services:
ttrss_db:
container_name: "ttrss_db"
image: "postgres:11"
restart: "unless-stopped"
networks:
- "ttrss"
volumes:
- "{{ ttrss.volume_folder }}/db:/var/lib/postgresql/data"
environment:
POSTGRES_USER: "ttrss"
POSTGRES_PASSWORD: "{{ postgres_passwords.ttrss }}"
ttrss_app:
container_name: ttrss_app
image: "linuxserver/tt-rss"
restart: unless-stopped
networks:
- ttrss
- external_services
volumes:
- "{{ ttrss.volume_folder }}/config:/config"
environment:
VIRTUAL_HOST: "{{ ttrss.domain }}"
LETSENCRYPT_HOST: "{{ ttrss.domain }}"
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
TZ: "Europe/Copenhagen"
labels:
com.ouroboros.enable: "true"
networks:
external_services:
external:
name: external_services
ttrss:
name: "ttrss"

13
roles/docker/tasks/services/ulovliglogning-dk.yml Normal file
View file

@ -0,0 +1,13 @@
- name: setup ulovliglogning.dk website docker container
docker_container:
name: ulovliglogning_website
restart_policy: unless-stopped
image: ulovliglogning/ulovliglogning.dk:latest
networks:
- name: external_services
env:
VIRTUAL_HOST: "{{ ulovliglogning_website.domain }}"
LETSENCRYPT_HOST: "{{ ulovliglogning_website.domain }}"
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
labels:
com.ouroboros.enable: "true"