Simplify stuff

This commit is contained in:
Sam A. 2023-11-05 18:27:49 +01:00
parent ab5d357c4d
commit c02389c7ec
Signed by: samsapti
GPG key ID: CBBBE7371E81C4EA
14 changed files with 48 additions and 70 deletions

View file

@ -1,4 +0,0 @@
# vim: ft=yaml.ansible
# code: language=ansible
---
proxy_mode: global

View file

@ -1,4 +0,0 @@
# vim: ft=yaml.ansible
# code: language=ansible
---
proxy_mode: local

View file

@ -14,7 +14,6 @@ sapt-labs-db01 ansible_host=sapt-labs-db01.servers.local.sapti.me
[proxy_shd] [proxy_shd]
sapt-labn-prx01 ansible_host=sapt-labn-prx01.servers.local.sapti.me sapt-labn-prx01 ansible_host=sapt-labn-prx01.servers.local.sapti.me
sapt-labn-prx02 ansible_host=sapt-labn-prx02.servers.local.sapti.me
[monitoring_shd] [monitoring_shd]
sapt-labn-mon01 ansible_host=sapt-labn-mon01.servers.local.sapti.me sapt-labn-mon01 ansible_host=sapt-labn-mon01.servers.local.sapti.me

View file

@ -1,8 +1,8 @@
# vim: ft=yaml.ansible # vim: ft=yaml.ansible
# code: language=ansible # code: language=ansible
--- ---
apps_base_domain: "example.com" apps_base_domain: example.com
apps_local_domain: "local.{{ apps_base_domain }}" apps_local_domain: local.{{ apps_base_domain }}
apps_data_root: /apps apps_data_root: /apps
apps_shared_docker_network: apps_network apps_shared_docker_network: apps_network
apps_postfix_docker_network: postfix_network apps_postfix_docker_network: postfix_network
@ -10,56 +10,48 @@ apps_postfix_docker_network: postfix_network
apps_vars: apps_vars:
postfix: postfix:
domain: smtp.{{ apps_base_domain }} domain: smtp.{{ apps_base_domain }}
volume: "{{ apps_data_root }}/postfix" backup: true
extra_tasks: true extra_tasks: false
version: latest-alpine version: latest-alpine
emby:
domain: watch.{{ apps_base_domain }}
volume: "{{ apps_data_root }}/emby"
extra_tasks: true
version: latest
ipfs: ipfs:
domain: ipfs.{{ apps_local_domain }} domain: ipfs.{{ apps_local_domain }}
gateway_domain: ipfs-gateway.{{ apps_base_domain }} gateway_domain: ipfs-gateway.{{ apps_base_domain }}
volume: "{{ apps_data_root }}/ipfs" backup: false
extra_tasks: true extra_tasks: true
version: v0.23.0 version: v0.23.0
monerod: monerod:
domain: xmr.{{ apps_base_domain }} domain: xmr.{{ apps_base_domain }}
volume: "{{ apps_data_root }}/monerod" backup: false
extra_tasks: true extra_tasks: false
version: latest version: latest
nextcloud: nextcloud:
domain: cloud.{{ apps_base_domain }} domain: cloud.{{ apps_base_domain }}
volume: "{{ apps_data_root }}/nextcloud" backup: true
extra_tasks: true extra_tasks: true
version: 27-apache version: 27-apache
postgres_version: 14-alpine postgres_version: 14-alpine
redis_version: 7-alpine redis_version: 7-alpine
snowflake: snowflake:
backup: false
extra_tasks: false extra_tasks: false
version: latest version: latest
restic: restic:
backup: false
extra_tasks: false extra_tasks: false
version: '1.7.0' version: '1.7.0'
watchtower: watchtower:
backup: false
extra_tasks: false extra_tasks: false
version: '1.6.0' version: '1.6.0'
apps_include: "{{ apps_vars | dict2items | map(attribute='key') | list }}" apps_include: "{{ apps_vars | dict2items | map(attribute='key') | list }}"
apps_backup: "{{ apps_vars | dict2items | selectattr('value.backup', 'true') | map(attribute='key') | list }}"
apps_restic_volumes: |
- "/var/run/docker.sock:/var/run/docker.sock:rw"
- "{{ apps_vars.postfix.volume }}:/mnt/volumes/postfix:ro"
- "{{ apps_vars.emby.volume }}:/mnt/volumes/emby:ro"
- "{{ apps_vars.nextcloud.volume }}:/mnt/volumes/nextcloud:ro"
apps_sender_domains: apps_sender_domains:
- "{{ apps_vars.nextcloud.domain }}" - "{{ apps_vars.nextcloud.domain }}"

View file

@ -1,20 +1,27 @@
# vim: ft=yaml.ansible # vim: ft=yaml.ansible
# code: language=ansible # code: language=ansible
--- ---
- name: Create volume folder for app {{ app_name }} - name: Create app folder for {{ app_name }}
ansible.builtin.file: ansible.builtin.file:
name: "{{ app_vars.volume }}" name: "{{ apps_data_root }}/{{ app_name }}"
owner: root owner: root
mode: u=rwx,go= mode: u=rwx,go=
state: directory state: directory
- name: Upload Compose file for app {{ app_name }} - name: Upload Compose file for {{ app_name }}
ansible.builtin.template: ansible.builtin.template:
src: compose-files/{{ app_name }}.yml.j2 src: compose-files/{{ app_name }}.yml.j2
dest: "{{ app_vars.volume }}/docker-compose.yml" dest: "{{ apps_data_root }}/{{ app_name }}/docker-compose.yml"
owner: root owner: root
mode: u=rw,go= mode: u=rw,go=
- name: Run extra configuration tasks for app {{ app_name }} - name: Create data folder for {{ app_name }}
ansible.builtin.file:
name: "{{ apps_data_root }}/{{ app_name }}/data"
owner: root
mode: u=rwx,g=rx,o=rx
state: directory
- name: Run extra configuration tasks for {{ app_name }}
ansible.builtin.include_tasks: extra_tasks/{{ app_name }}.yml ansible.builtin.include_tasks: extra_tasks/{{ app_name }}.yml
when: app_vars.extra_tasks is defined and app_vars.extra_tasks when: app_vars.extra_tasks is defined and app_vars.extra_tasks

View file

@ -8,14 +8,14 @@
mode: u=rwx,g=rx,o=rx mode: u=rwx,g=rx,o=rx
state: directory state: directory
loop: loop:
- "{{ apps_vars.ipfs.volume }}/data" - "{{ apps_data_root }}/ipfs/data/data"
- "{{ apps_vars.ipfs.volume }}/staging" - "{{ apps_data_root }}/ipfs/data/staging"
loop_control: loop_control:
loop_var: dir loop_var: dir
- name: Copy ipfs-config.sh - name: Copy ipfs-config.sh
ansible.builtin.copy: ansible.builtin.copy:
src: ipfs/ipfs-config.sh src: ipfs/ipfs-config.sh
dest: "{{ apps_vars.ipfs.volume }}/ipfs-config.sh" dest: "{{ apps_data_root }}/ipfs/data/ipfs-config.sh"
owner: root owner: root
mode: u=rwx,g=rx,o=rx mode: u=rwx,g=rx,o=rx

View file

@ -1,9 +0,0 @@
# vim: ft=yaml.ansible
# code: language=ansible
---
- name: Create subfolder for Monero blockchain
ansible.builtin.file:
name: "{{ apps_vars.monerod.volume }}/blockchain"
owner: '1000'
mode: u=rwx,g=rx,o=rx
state: directory

View file

@ -3,14 +3,14 @@
--- ---
- name: Create subfolder for Nextcloud Apache2 config - name: Create subfolder for Nextcloud Apache2 config
ansible.builtin.file: ansible.builtin.file:
name: "{{ apps_vars.nextcloud.volume }}/apache2" name: "{{ apps_data_root }}/nextcloud/data/apache2"
owner: root owner: root
mode: u=rwx,g=rx,o=rx mode: u=rwx,g=rx,o=rx
state: directory state: directory
- name: Create subfolder for Nextcloud data - name: Create subfolder for Nextcloud data
ansible.builtin.file: ansible.builtin.file:
name: "{{ apps_vars.nextcloud.volume }}/app" name: "{{ apps_data_root }}/nextcloud/data/app"
owner: root owner: root
group: '33' group: '33'
mode: u=rwx,g=rx,o=rx mode: u=rwx,g=rx,o=rx
@ -19,6 +19,6 @@
- name: Copy Apache2 remoteip config file - name: Copy Apache2 remoteip config file
ansible.builtin.template: ansible.builtin.template:
src: nextcloud/remoteip.conf.j2 src: nextcloud/remoteip.conf.j2
dest: "{{ apps_vars.nextcloud.volume }}/apache2/remoteip.conf" dest: "{{ apps_data_root }}/nextcloud/data/apache2/remoteip.conf"
owner: root owner: root
mode: u=rw,g=r,o=r mode: u=rw,g=r,o=r

View file

@ -1,9 +0,0 @@
# vim: ft=yaml.ansible
# code: language=ansible
---
- name: Create subfolder for Postfix DKIM keys
ansible.builtin.file:
name: "{{ apps_vars.postfix.volume }}/dkim"
owner: root
mode: u=rwx,g=rx,o=rx
state: directory

View file

@ -17,9 +17,9 @@ services:
- 4001:4001/tcp - 4001:4001/tcp
- 4001:4001/udp - 4001:4001/udp
volumes: volumes:
- "./ipfs-config.sh:/container-init.d/ipfs-config.sh:ro" - "./data/ipfs-config.sh:/container-init.d/ipfs-config.sh:ro"
- "./data:/data/ipfs:rw" - "./data/data:/data/ipfs:rw"
- "./staging:/export:rw" - "./data/staging:/export:rw"
networks: networks:
{{ apps_shared_docker_network }}: {{ apps_shared_docker_network }}:

View file

@ -12,7 +12,7 @@ services:
ports: ports:
- 18080:18080/tcp - 18080:18080/tcp
volumes: volumes:
- "./blockchain:/home/monero/.bitmonero:rw" - "./data:/home/monero/.bitmonero:rw"
networks: networks:
{{ apps_shared_docker_network }}: {{ apps_shared_docker_network }}:

View file

@ -38,8 +38,8 @@ services:
aliases: aliases:
- nextcloud - nextcloud
volumes: volumes:
- "./app:/var/www/html:rw" - "./data/app:/var/www/html:rw"
- "./apache2/remoteip.conf:/etc/apache2/conf-enabled/remoteip.conf:ro" - "./data/apache2/remoteip.conf:/etc/apache2/conf-enabled/remoteip.conf:ro"
depends_on: depends_on:
- redis - redis
@ -48,7 +48,7 @@ services:
restart: always restart: always
entrypoint: /cron.sh entrypoint: /cron.sh
volumes: volumes:
- "./app:/var/www/html:rw" - "./data/app:/var/www/html:rw"
depends_on: depends_on:
- app - app

View file

@ -12,7 +12,7 @@ services:
networks: networks:
- {{ apps_postfix_docker_network }} - {{ apps_postfix_docker_network }}
volumes: volumes:
- "./dkim:/etc/opendkim/keys:rw" - "./data:/etc/opendkim/keys:rw"
networks: networks:
{{ apps_postfix_docker_network }}: {{ apps_postfix_docker_network }}:

View file

@ -12,7 +12,7 @@ services:
RESTIC_PASSWORD: {{ restic.repo.password }} RESTIC_PASSWORD: {{ restic.repo.password }}
RESTIC_BACKUP_SOURCES: /mnt/volumes RESTIC_BACKUP_SOURCES: /mnt/volumes
RESTIC_BACKUP_ARGS: >- RESTIC_BACKUP_ARGS: >-
--tag docker-volumes --tag data-volumes
--exclude '*.tmp' --exclude '*.tmp'
--verbose --verbose
RESTIC_FORGET_ARGS: >- RESTIC_FORGET_ARGS: >-
@ -21,14 +21,20 @@ services:
--keep-weekly 5 --keep-weekly 5
--keep-monthly 12 --keep-monthly 12
PRE_COMMANDS: |- PRE_COMMANDS: |-
docker exec -u www-data nextcloud_app_1 php occ maintenance:mode --on docker compose -f {{ apps_data_root }}/nextcloud/docker-compose.yml exec -u www-data app php occ maintenance:mode --on
POST_COMMANDS_EXIT: |- POST_COMMANDS_EXIT: |-
docker exec -u www-data nextcloud_app_1 php occ maintenance:mode --off docker compose -f {{ apps_data_root }}/nextcloud/docker-compose.yml exec -u www-data app php occ maintenance:mode --off
B2_ACCOUNT_ID: {{ restic.b2.id }} B2_ACCOUNT_ID: {{ restic.b2.id }}
B2_ACCOUNT_KEY: {{ restic.b2.key }} B2_ACCOUNT_KEY: {{ restic.b2.key }}
TZ: {{ timezone }} TZ: {{ timezone }}
volumes: volumes:
{{ apps_restic_volumes }} - "/var/run/docker.sock:/var/run/docker.sock:rw"
- "/usr/libexec/docker/cli-plugins/docker-compose:/usr/libexec/docker/cli-plugins/docker-compose:ro"
{% for app in apps_backup %}
{% if app in apps_include %}
- "{{ apps_data_root }}/{{ app }}/data:/mnt/volumes/{{ app }}:ro"
{% endif %}
{% endfor %}
prune: prune:
image: mazzolino/restic:{{ apps_vars.restic.version }} image: mazzolino/restic:{{ apps_vars.restic.version }}