forked from data.coop/ansible
Compare commits
28 Commits
2f1c1887ba
...
82aa6f67aa
Author | SHA1 | Date |
---|---|---|
Reynir Björnsson | 82aa6f67aa | |
Sam A. | 593dddd00e | |
Sam A. | 16aec98808 | |
Sam A. | a5d59b9336 | |
Sam A. | 388e0526ca | |
valberg | b445d7db17 | |
Sam A. | 7ca168ae03 | |
Sam A. | 209ccf9916 | |
Sam A. | f81fab3d11 | |
Sam A. | 9733794292 | |
Sam A. | 58f3df7ed0 | |
Sam A. | 44eb59fb86 | |
Sam A. | 2c9c501562 | |
Sam A. | 0dcc0a6d75 | |
Sam A. | 1356aa54c8 | |
Sam A. | 44b5f91eef | |
Sam A. | 74dfcfb5e8 | |
Sam A. | 221ddd987f | |
Sam A. | 687bff35e9 | |
Sam A. | 9261cb1952 | |
Sam A. | 1f61909605 | |
Sam A. | d9de1efc9a | |
Sam A. | 2fa5bf4982 | |
Sam A. | c9ab9f0c66 | |
Sam A. | e5dcfea003 | |
Sam A. | 27b918b46b | |
Sam A. | 5d26e1cdea | |
Sam A. | a4a06d8a58 |
|
@ -9,59 +9,59 @@ services:
|
|||
file: postfix.yml
|
||||
domain: "smtp.{{ base_domain }}"
|
||||
volume_folder: "{{ volume_root_folder }}/postfix"
|
||||
version: v3.5.1-alpine
|
||||
version: "v3.5.1-alpine"
|
||||
|
||||
nginx_proxy:
|
||||
file: nginx_proxy.yml
|
||||
version: 1.0-alpine
|
||||
version: "1.0-alpine"
|
||||
volume_folder: "{{ volume_root_folder }}/nginx"
|
||||
|
||||
nginx_acme_companion:
|
||||
version: 2.2
|
||||
version: "2.2"
|
||||
|
||||
openldap:
|
||||
file: openldap.yml
|
||||
domain: "ldap.{{ base_domain }}"
|
||||
volume_folder: "{{ volume_root_folder }}/openldap"
|
||||
version: 1.5.0
|
||||
version: "1.5.0"
|
||||
|
||||
phpldapadmin:
|
||||
version: 0.9.0
|
||||
version: "0.9.0"
|
||||
|
||||
netdata:
|
||||
file: netdata.yml
|
||||
domain: "netdata.{{ base_domain }}"
|
||||
version: v1
|
||||
version: "v1"
|
||||
|
||||
portainer:
|
||||
file: portainer.yml
|
||||
domain: "portainer.{{ base_domain }}"
|
||||
volume_folder: "{{ volume_root_folder }}/portainer"
|
||||
version: 2.16.2
|
||||
version: "2.16.2"
|
||||
|
||||
keycloak:
|
||||
file: keycloak.yml
|
||||
domain: sso.{{ base_domain }}
|
||||
volume_folder: "{{ volume_root_folder }}/keycloak"
|
||||
version: 20.0
|
||||
postgres_version: 10
|
||||
version: "20.0"
|
||||
postgres_version: "10"
|
||||
allowed_sender_domain: true
|
||||
|
||||
restic:
|
||||
file: restic_backup.yml
|
||||
user: datacoop
|
||||
domain: restic.cannedtuna.org
|
||||
repository: datacoop-hevonen
|
||||
version: 1.6.0
|
||||
user: "datacoop"
|
||||
domain: "restic.cannedtuna.org"
|
||||
repository: "datacoop-hevonen"
|
||||
version: "1.6.0"
|
||||
disabled_in_vagrant: true
|
||||
|
||||
docker_registry:
|
||||
file: docker_registry.yml
|
||||
domain: "docker.{{ base_domain }}"
|
||||
volume_folder: "{{ volume_root_folder }}/docker-registry"
|
||||
username: docker
|
||||
username: "docker"
|
||||
password: "{{ docker_password }}"
|
||||
version: 2
|
||||
version: "2"
|
||||
|
||||
### External services ###
|
||||
|
||||
|
@ -70,7 +70,7 @@ services:
|
|||
domain: "cloud.{{ base_domain }}"
|
||||
volume_folder: "{{ volume_root_folder }}/nextcloud"
|
||||
version: 25-apache
|
||||
postgres_version: 10
|
||||
postgres_version: "10"
|
||||
redis_version: 7-alpine
|
||||
allowed_sender_domain: true
|
||||
|
||||
|
@ -78,7 +78,7 @@ services:
|
|||
file: gitea.yml
|
||||
domain: "git.{{ base_domain }}"
|
||||
volume_folder: "{{ volume_root_folder }}/gitea"
|
||||
version: 1.18.0
|
||||
version: 1.18
|
||||
allowed_sender_domain: true
|
||||
|
||||
passit:
|
||||
|
@ -86,7 +86,7 @@ services:
|
|||
domain: "passit.{{ base_domain }}"
|
||||
volume_folder: "{{ volume_root_folder }}/passit"
|
||||
version: stable
|
||||
postgres_version: 10
|
||||
postgres_version: 15-alpine
|
||||
allowed_sender_domain: true
|
||||
|
||||
matrix:
|
||||
|
@ -94,7 +94,7 @@ services:
|
|||
domain: "matrix.{{ base_domain }}"
|
||||
volume_folder: "{{ volume_root_folder }}/matrix"
|
||||
version: v1.63.1
|
||||
postgres_version: 10
|
||||
postgres_version: "10"
|
||||
allowed_sender_domain: true
|
||||
|
||||
riot:
|
||||
|
@ -119,7 +119,7 @@ services:
|
|||
file: hedgedoc.yml
|
||||
domain: "pad.{{ base_domain }}"
|
||||
volume_folder: "{{ volume_root_folder }}/hedgedoc"
|
||||
version: 1.9.6
|
||||
version: 1.9.6-alpine
|
||||
postgres_version: 10-alpine
|
||||
|
||||
data_coop_website:
|
||||
|
@ -138,24 +138,29 @@ services:
|
|||
domain: "2022.slides.{{ base_domain }}"
|
||||
version: latest
|
||||
|
||||
fedi_dk_website:
|
||||
file: websites/fedi.dk.yaml
|
||||
domain: fedi.dk
|
||||
version: latest
|
||||
|
||||
cryptohagen_website:
|
||||
file: websites/cryptohagen.dk.yml
|
||||
domains:
|
||||
- cryptohagen.dk
|
||||
- www.cryptohagen.dk
|
||||
- "cryptohagen.dk"
|
||||
- "www.cryptohagen.dk"
|
||||
|
||||
ulovliglogning_website:
|
||||
file: websites/ulovliglogning.dk.yml
|
||||
domains:
|
||||
- ulovliglogning.dk
|
||||
- www.ulovliglogning.dk
|
||||
- ulovlig-logning.dk
|
||||
- "ulovliglogning.dk"
|
||||
- "www.ulovliglogning.dk"
|
||||
- "ulovlig-logning.dk"
|
||||
|
||||
cryptoaarhus_website:
|
||||
file: websites/cryptoaarhus.dk.yml
|
||||
domains:
|
||||
- cryptoaarhus.dk
|
||||
- www.cryptoaarhus.dk
|
||||
- "cryptoaarhus.dk"
|
||||
- "www.cryptoaarhus.dk"
|
||||
|
||||
drone:
|
||||
file: drone.yml
|
||||
|
@ -184,12 +189,8 @@ services:
|
|||
file: rallly.yml
|
||||
domain: "when.{{ base_domain }}"
|
||||
volume_folder: "{{ volume_root_folder }}/rallly"
|
||||
<<<<<<< HEAD
|
||||
version: ac55701890cd866ee946deb25e2b2839fb14900e
|
||||
postgres_version: 14-alpine
|
||||
=======
|
||||
version: e4482a1edb2fb56292d07ee8811a24f2a0d6b114
|
||||
>>>>>>> main
|
||||
postgres_version: 14-alpine
|
||||
allowed_sender_domain: true
|
||||
|
||||
pinafore:
|
||||
|
@ -200,7 +201,7 @@ services:
|
|||
membersystem:
|
||||
file: membersystem.yml
|
||||
domain: "member.{{ base_domain }}"
|
||||
django_admins: Vidir:valberg@orn.li
|
||||
django_admins: "Vidir:valberg@orn.li"
|
||||
version: latest
|
||||
postgres_version: 13-alpine
|
||||
allowed_sender_domain: true
|
||||
|
|
|
@ -26,7 +26,16 @@
|
|||
- "keycloak"
|
||||
- "postfix"
|
||||
- "external_services"
|
||||
command: "start --db=postgres --db-url=jdbc:postgresql://postgres:5432/keycloak --db-username=keycloak --db-password={{ postgres_passwords.keycloak }} --hostname={{ services.keycloak.domain }} --proxy=edge --https-port=8080 --http-relative-path=/auth"
|
||||
command:
|
||||
- "start"
|
||||
- "--db=postgres"
|
||||
- "--db-url=jdbc:postgresql://postgres:5432/keycloak"
|
||||
- "--db-username=keycloak"
|
||||
- "--db-password={{ postgres_passwords.keycloak }}"
|
||||
- "--hostname={{ services.keycloak.domain }}"
|
||||
- "--proxy=edge"
|
||||
- "--https-port=8080"
|
||||
- "--http-relative-path=/auth"
|
||||
environment:
|
||||
VIRTUAL_HOST: "{{ services.keycloak.domain }}"
|
||||
VIRTUAL_PORT: "8080"
|
||||
|
|
|
@ -33,8 +33,6 @@
|
|||
CSRF_TRUSTED_ORIGINS: "https://{{ services.membersystem.domain }}"
|
||||
DJANGO_ADMINS: "{{ services.membersystem.django_admins }}"
|
||||
DEFAULT_FROM_EMAIL: "noreply@{{ services.membersystem.domain }}"
|
||||
labels:
|
||||
com.centurylinklabs.watchtower.enable: "true"
|
||||
|
||||
postgres:
|
||||
image: "postgres:{{ services.membersystem.postgres_version }}"
|
||||
|
|
|
@ -21,7 +21,3 @@
|
|||
LETSENCRYPT_HOST: "{{ services.netdata.domain }}"
|
||||
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
|
||||
PGID: "999"
|
||||
labels:
|
||||
com.centurylinklabs.watchtower.enable: "true"
|
||||
|
||||
|
||||
|
|
|
@ -1,5 +1,12 @@
|
|||
# vim: ft=yaml.ansible
|
||||
---
|
||||
- name: Create directory for Passit data
|
||||
file:
|
||||
name: "{{ services.passit.volume_folder }}/data"
|
||||
owner: '70'
|
||||
group: root
|
||||
state: directory
|
||||
|
||||
- name: setup passit containers
|
||||
docker_compose:
|
||||
project_name: "passit"
|
||||
|
@ -19,7 +26,7 @@
|
|||
POSTGRES_PASSWORD: "{{ postgres_passwords.passit }}"
|
||||
|
||||
passit_app:
|
||||
image: "passit/passit:{{ services.passit.version }}"
|
||||
image: "passit/passit@sha256:c4b96bc67222936f58f344d5dd1020227ad8e11ad5f82ed3cbf0bcfa8fe9b2e7" #:{{ services.passit.version }}"
|
||||
command: "bin/start.sh"
|
||||
restart: "always"
|
||||
networks:
|
||||
|
|
|
@ -12,5 +12,3 @@
|
|||
VIRTUAL_PORT: "4002"
|
||||
LETSENCRYPT_HOST: "{{ services.pinafore.domain }}"
|
||||
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
|
||||
labels:
|
||||
com.centurylinklabs.watchtower.enable: "true"
|
||||
|
|
|
@ -33,8 +33,6 @@
|
|||
interval: 5s
|
||||
timeout: 5s
|
||||
retries: 5
|
||||
labels:
|
||||
com.centurylinklabs.watchtower.enable: "true"
|
||||
|
||||
rallly:
|
||||
image: "lukevella/rallly:{{ services.rallly.version }}"
|
||||
|
@ -53,8 +51,6 @@
|
|||
VIRTUAL_PORT: "3000"
|
||||
LETSENCRYPT_HOST: "{{ services.rallly.domain }}"
|
||||
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
|
||||
labels:
|
||||
com.centurylinklabs.watchtower.enable: "true"
|
||||
|
||||
networks:
|
||||
rallly_internal:
|
||||
|
|
|
@ -11,7 +11,7 @@
|
|||
image: mazzolino/restic:{{ services.restic.version }}
|
||||
restart: always
|
||||
environment:
|
||||
RUN_ON_STARTUP: "true"
|
||||
RUN_ON_STARTUP: "false"
|
||||
BACKUP_CRON: "0 30 3 * * *"
|
||||
RESTIC_REPOSITORY: "rest:https://{{ services.restic.user }}:{{ restic_secrets.user_password }}@{{ services.restic.domain }}/{{ services.restic.repository }}"
|
||||
RESTIC_PASSWORD: "{{ restic_secrets.repository_password }}"
|
||||
|
@ -32,7 +32,7 @@
|
|||
restic-prune:
|
||||
image: "mazzolino/restic:{{ services.restic.version }}"
|
||||
environment:
|
||||
RUN_ON_STARTUP: "true"
|
||||
RUN_ON_STARTUP: "false"
|
||||
PRUNE_CRON: "0 0 4 * * *"
|
||||
RESTIC_REPOSITORY: "rest:https://{{ services.restic.user }}:{{ restic_secrets.user_password }}@{{ services.restic.domain }}/{{ services.restic.repository }}"
|
||||
RESTIC_PASSWORD: "{{ restic_secrets.repository_password }}"
|
||||
|
|
|
@ -7,9 +7,8 @@
|
|||
restart_policy: unless-stopped
|
||||
networks:
|
||||
- name: external_services
|
||||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock
|
||||
- "{{ services.docker_registry.volume_folder }}/auth/config.json:/config.json"
|
||||
env:
|
||||
WATCHTOWER_LABEL_ENABLE: "true"
|
||||
WATCHTOWER_POLL_INTERVAL: "60"
|
||||
volumes:
|
||||
- "/var/run/docker.sock:/var/run/docker.sock"
|
||||
- "/root/.docker/config.json:/config.json:ro"
|
||||
|
|
|
@ -17,6 +17,3 @@
|
|||
- NET_ADMIN
|
||||
devices:
|
||||
- "/dev/net/tun"
|
||||
labels:
|
||||
com.centurylinklabs.watchtower.enable: "true"
|
||||
|
||||
|
|
|
@ -11,5 +11,3 @@
|
|||
VIRTUAL_HOST : "{{ services.cryptoaarhus_website.domains|join(',') }}"
|
||||
LETSENCRYPT_HOST: "{{ services.cryptoaarhus_website.domains|join(',') }}"
|
||||
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
|
||||
labels:
|
||||
com.centurylinklabs.watchtower.enable: "true"
|
||||
|
|
|
@ -11,5 +11,3 @@
|
|||
VIRTUAL_HOST : "{{ services.cryptohagen_website.domains|join(',') }}"
|
||||
LETSENCRYPT_HOST: "{{ services.cryptohagen_website.domains|join(',') }}"
|
||||
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
|
||||
labels:
|
||||
com.centurylinklabs.watchtower.enable: "true"
|
||||
|
|
|
@ -21,5 +21,3 @@
|
|||
VIRTUAL_HOST : "{{ services.data_coop_website.domains|join(',') }}"
|
||||
LETSENCRYPT_HOST: "{{ services.data_coop_website.domains|join(',') }}"
|
||||
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
|
||||
labels:
|
||||
com.centurylinklabs.watchtower.enable: "true"
|
||||
|
|
|
@ -0,0 +1,19 @@
|
|||
# vim: ft=yaml.ansible
|
||||
---
|
||||
- name: setup fedi.dk website with unipi
|
||||
docker_container:
|
||||
name: fedi.dk_website
|
||||
image: docker.data.coop/unipi:{{ services.fedi_dk_website.version }}
|
||||
restart_policy: unless-stopped
|
||||
purge_networks: yes
|
||||
networks:
|
||||
- name: external_services
|
||||
env:
|
||||
VIRTUAL_HOST: "{{ services.fedi_dk_website.domain }}"
|
||||
LETSENCRYPT_HOST: "{{ services.fedi_dk_website.domain }}"
|
||||
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
|
||||
command: "--remote=https://git.data.coop/fedi.dk/website.git#main"
|
||||
capabilities:
|
||||
- NET_ADMIN
|
||||
devices:
|
||||
- "/dev/net/tun"
|
|
@ -11,5 +11,3 @@
|
|||
VIRTUAL_HOST : "{{ services.new_data_coop_website.domain }}"
|
||||
LETSENCRYPT_HOST: "{{ services.new_data_coop_website.domain }}"
|
||||
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
|
||||
labels:
|
||||
com.centurylinklabs.watchtower.enable: "true"
|
||||
|
|
|
@ -11,5 +11,3 @@
|
|||
VIRTUAL_HOST: "{{ services.ulovliglogning_website.domains|join(',') }}"
|
||||
LETSENCRYPT_HOST: "{{ services.ulovliglogning_website.domains|join(',') }}"
|
||||
LETSENCRYPT_EMAIL: "{{ letsencrypt_email }}"
|
||||
labels:
|
||||
com.centurylinklabs.watchtower.enable: "true"
|
||||
|
|
Loading…
Reference in New Issue