Adding letsencrypt to the nginx-proxy. Also added thelounge irc client.

group_vars/all.yml

@@ -10,6 +10,6 @@ users:
   valberg:
     comment: Vidir Valberg Gudmundsson
     key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDUmGeHc6QXDcJHkmVxbTUv04Q3vs20avquoGr6eOkkvYbcgjuFnBOOtvs2Nul1odcvvnHa1nN7DfL8XJamiwsB1B/xe2seaNS1axgwk9XowlVN9pgga8gsC+4gZWBtSObG2GR8n4NtPENzPmW5deNn8dRpTvULPMxZ0VRE9yNQOx8v8w85yYh+vxbbkWGVDYJU23yuJI50U9y6bXxNHinsACDFBeR/giXDlw29TaOaSxz0R6zrRPBoX+V68RyWwBL+KWQKtX2ULtJI40S98Ohd6p41bIxYHCBS/zroqNne8PjYOLcHHsjHUGfTvhcS5a3zdz/iHsvsaOOjFjsydAXH valberg
-    password: $6$4.yieWiRAD$SSWS7pmagJk3OYaXDaQu7uQLp5pJuAyXRXpYQvE70LWx0nUX/Rx0pOjhgFDjhouJ4xBYohA441TKIOZ5PNBZ00
+    password: $6$qt3G.E.CxhC$OwBDn4rZUbCz06HLEMBHjgvKjxiv/eeerbklTHi.gpHIn1OejzX3k2.0NM0Dforaw6Yn5Y8Cgn8kL2FdbQLZ3/
     groups:
       - sudo

playbook.yml

@@ -6,9 +6,12 @@
     # Services are the names of the compose files in docker/files/composefiles
     services:
       - nginx-proxy
+      - thelounge
       - gitea
       - nextcloud
 
-  roles:
+  tasks:
-    - ubuntu_base
+    - import_role:
-    - docker
+        name: ubuntu_base
+    - import_role:
+        name: docker

roles/docker/files/composefiles/nginx-proxy.yml

@@ -2,15 +2,48 @@
 version: '3'
 
 services:
+
   nginx-proxy:
     image: jwilder/nginx-proxy
-    ports:
+    container_name: nginx-proxy
-      - "80:80"
-    volumes:
-      - /var/run/docker.sock:/tmp/docker.sock:ro
     networks:
       - external_services
-    container_name: nginx-proxy
+    ports:
+      - "80:80"
+      - "443:443"
+    volumes:
+      - conf:/etc/nginx/conf.d
+      - vhost:/etc/nginx/vhost.d
+      - html:/usr/share/nginx/html
+      - dhparam:/etc/nginx/dhparam
+      - certs:/etc/nginx/certs:ro
+      - /var/run/docker.sock:/tmp/docker.sock:ro
+    restart: always
+
+
+  letsencrypt:
+    image: jrcs/letsencrypt-nginx-proxy-companion
+    container_name: nginx-proxy-le
+    depends_on:
+      - nginx-proxy
+    volumes:
+      - vhost:/etc/nginx/vhost.d
+      - html:/usr/share/nginx/html
+      - dhparam:/etc/nginx/dhparam:ro
+      - certs:/etc/nginx/certs
+      - /var/run/docker.sock:/var/run/docker.sock:ro
+    environment:
+      - NGINX_PROXY_CONTAINER=nginx-proxy
+    restart: always
+
+volumes:
+  conf:
+  vhost:
+  html:
+  dhparam:
+  certs:
+
 networks:
   external_services:
     external: true
+

roles/docker/files/composefiles/thelounge.yml

@@ -0,0 +1,23 @@
+version: '3'
+services:
+  thelounge:
+    image: thelounge/lounge:latest
+    container_name: thelounge
+    restart: always
+    ports:
+      - "9000:9000"
+    volumes:
+      - thelounge:/home/lounge/data # bind lounge config from the host's file system
+    networks:
+      - external_services
+    environment:
+      - VIRTUAL_HOST=irc.kva.li
+      - LETSENCRYPT_HOST=irc.kva.li
+      - LETSENCRYPT_EMAIL=valberg@orn.li
+
+volumes:
+  thelounge:
+
+networks:
+  external_services:
+    external: true

roles/docker/tasks/main.yml

@@ -19,10 +19,10 @@
 - name: install docker python bindings
   pip:
     executable: "pip3"
-    name: "{{ item }}"
+    name: "docker-compose"
     state: present
-  with_items:
-    - docker-compose
 
 - name: setup services
-  include_tasks: services.yml
+  import_tasks: services.yml
+  tags:
+    - setup_services

roles/docker/tasks/services.yml

@@ -1,3 +1,4 @@
+---
 - name: setup external services network
   docker_network:
     name: external_services

roles/ubuntu_base/tasks/base.yml

@@ -1,8 +1,8 @@
 ---
 - name: Install necessary packages
   apt:
-    name: "{{ item }}"
+    name: "{{ packages }}"
-    state: present
+  vars:
-  with_items:
+    packages:
     - aptitude
     - python3-pip