Simplify stuff
This commit is contained in:
parent
ab5d357c4d
commit
c02389c7ec
GPG key ID:
CBBBE7371E81C4EA
|
|
@ -1,4 +0,0 @@
|
||||||
# vim: ft=yaml.ansible
|
|
||||||
# code: language=ansible
|
|
||||||
---
|
|
||||||
proxy_mode: global
|
|
||||||
|
|
@ -1,4 +0,0 @@
|
||||||
# vim: ft=yaml.ansible
|
|
||||||
# code: language=ansible
|
|
||||||
---
|
|
||||||
proxy_mode: local
|
|
||||||
|
|
@ -14,7 +14,6 @@ sapt-labs-db01 ansible_host=sapt-labs-db01.servers.local.sapti.me
|
||||||
|
|
||||||
[proxy_shd]
|
[proxy_shd]
|
||||||
sapt-labn-prx01 ansible_host=sapt-labn-prx01.servers.local.sapti.me
|
sapt-labn-prx01 ansible_host=sapt-labn-prx01.servers.local.sapti.me
|
||||||
sapt-labn-prx02 ansible_host=sapt-labn-prx02.servers.local.sapti.me
|
|
||||||
|
|
||||||
[monitoring_shd]
|
[monitoring_shd]
|
||||||
sapt-labn-mon01 ansible_host=sapt-labn-mon01.servers.local.sapti.me
|
sapt-labn-mon01 ansible_host=sapt-labn-mon01.servers.local.sapti.me
|
||||||
|
|
|
||||||
|
|
@ -1,8 +1,8 @@
|
||||||
# vim: ft=yaml.ansible
|
# vim: ft=yaml.ansible
|
||||||
# code: language=ansible
|
# code: language=ansible
|
||||||
---
|
---
|
||||||
apps_base_domain: "example.com"
|
apps_base_domain: example.com
|
||||||
apps_local_domain: "local.{{ apps_base_domain }}"
|
apps_local_domain: local.{{ apps_base_domain }}
|
||||||
apps_data_root: /apps
|
apps_data_root: /apps
|
||||||
apps_shared_docker_network: apps_network
|
apps_shared_docker_network: apps_network
|
||||||
apps_postfix_docker_network: postfix_network
|
apps_postfix_docker_network: postfix_network
|
||||||
|
|
@ -10,56 +10,48 @@ apps_postfix_docker_network: postfix_network
|
||||||
apps_vars:
|
apps_vars:
|
||||||
postfix:
|
postfix:
|
||||||
domain: smtp.{{ apps_base_domain }}
|
domain: smtp.{{ apps_base_domain }}
|
||||||
volume: "{{ apps_data_root }}/postfix"
|
backup: true
|
||||||
extra_tasks: true
|
extra_tasks: false
|
||||||
version: latest-alpine
|
version: latest-alpine
|
||||||
|
|
||||||
emby:
|
|
||||||
domain: watch.{{ apps_base_domain }}
|
|
||||||
volume: "{{ apps_data_root }}/emby"
|
|
||||||
extra_tasks: true
|
|
||||||
version: latest
|
|
||||||
|
|
||||||
ipfs:
|
ipfs:
|
||||||
domain: ipfs.{{ apps_local_domain }}
|
domain: ipfs.{{ apps_local_domain }}
|
||||||
gateway_domain: ipfs-gateway.{{ apps_base_domain }}
|
gateway_domain: ipfs-gateway.{{ apps_base_domain }}
|
||||||
volume: "{{ apps_data_root }}/ipfs"
|
backup: false
|
||||||
extra_tasks: true
|
extra_tasks: true
|
||||||
version: v0.23.0
|
version: v0.23.0
|
||||||
|
|
||||||
monerod:
|
monerod:
|
||||||
domain: xmr.{{ apps_base_domain }}
|
domain: xmr.{{ apps_base_domain }}
|
||||||
volume: "{{ apps_data_root }}/monerod"
|
backup: false
|
||||||
extra_tasks: true
|
extra_tasks: false
|
||||||
version: latest
|
version: latest
|
||||||
|
|
||||||
nextcloud:
|
nextcloud:
|
||||||
domain: cloud.{{ apps_base_domain }}
|
domain: cloud.{{ apps_base_domain }}
|
||||||
volume: "{{ apps_data_root }}/nextcloud"
|
backup: true
|
||||||
extra_tasks: true
|
extra_tasks: true
|
||||||
version: 27-apache
|
version: 27-apache
|
||||||
postgres_version: 14-alpine
|
postgres_version: 14-alpine
|
||||||
redis_version: 7-alpine
|
redis_version: 7-alpine
|
||||||
|
|
||||||
snowflake:
|
snowflake:
|
||||||
|
backup: false
|
||||||
extra_tasks: false
|
extra_tasks: false
|
||||||
version: latest
|
version: latest
|
||||||
|
|
||||||
restic:
|
restic:
|
||||||
|
backup: false
|
||||||
extra_tasks: false
|
extra_tasks: false
|
||||||
version: '1.7.0'
|
version: '1.7.0'
|
||||||
|
|
||||||
watchtower:
|
watchtower:
|
||||||
|
backup: false
|
||||||
extra_tasks: false
|
extra_tasks: false
|
||||||
version: '1.6.0'
|
version: '1.6.0'
|
||||||
|
|
||||||
apps_include: "{{ apps_vars | dict2items | map(attribute='key') | list }}"
|
apps_include: "{{ apps_vars | dict2items | map(attribute='key') | list }}"
|
||||||
|
apps_backup: "{{ apps_vars | dict2items | selectattr('value.backup', 'true') | map(attribute='key') | list }}"
|
||||||
apps_restic_volumes: |
|
|
||||||
- "/var/run/docker.sock:/var/run/docker.sock:rw"
|
|
||||||
- "{{ apps_vars.postfix.volume }}:/mnt/volumes/postfix:ro"
|
|
||||||
- "{{ apps_vars.emby.volume }}:/mnt/volumes/emby:ro"
|
|
||||||
- "{{ apps_vars.nextcloud.volume }}:/mnt/volumes/nextcloud:ro"
|
|
||||||
|
|
||||||
apps_sender_domains:
|
apps_sender_domains:
|
||||||
- "{{ apps_vars.nextcloud.domain }}"
|
- "{{ apps_vars.nextcloud.domain }}"
|
||||||
|
|
|
||||||
|
|
@ -1,20 +1,27 @@
|
||||||
# vim: ft=yaml.ansible
|
# vim: ft=yaml.ansible
|
||||||
# code: language=ansible
|
# code: language=ansible
|
||||||
---
|
---
|
||||||
- name: Create volume folder for app {{ app_name }}
|
- name: Create app folder for {{ app_name }}
|
||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
name: "{{ app_vars.volume }}"
|
name: "{{ apps_data_root }}/{{ app_name }}"
|
||||||
owner: root
|
owner: root
|
||||||
mode: u=rwx,go=
|
mode: u=rwx,go=
|
||||||
state: directory
|
state: directory
|
||||||
|
|
||||||
- name: Upload Compose file for app {{ app_name }}
|
- name: Upload Compose file for {{ app_name }}
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: compose-files/{{ app_name }}.yml.j2
|
src: compose-files/{{ app_name }}.yml.j2
|
||||||
dest: "{{ app_vars.volume }}/docker-compose.yml"
|
dest: "{{ apps_data_root }}/{{ app_name }}/docker-compose.yml"
|
||||||
owner: root
|
owner: root
|
||||||
mode: u=rw,go=
|
mode: u=rw,go=
|
||||||
|
|
||||||
- name: Run extra configuration tasks for app {{ app_name }}
|
- name: Create data folder for {{ app_name }}
|
||||||
|
ansible.builtin.file:
|
||||||
|
name: "{{ apps_data_root }}/{{ app_name }}/data"
|
||||||
|
owner: root
|
||||||
|
mode: u=rwx,g=rx,o=rx
|
||||||
|
state: directory
|
||||||
|
|
||||||
|
- name: Run extra configuration tasks for {{ app_name }}
|
||||||
ansible.builtin.include_tasks: extra_tasks/{{ app_name }}.yml
|
ansible.builtin.include_tasks: extra_tasks/{{ app_name }}.yml
|
||||||
when: app_vars.extra_tasks is defined and app_vars.extra_tasks
|
when: app_vars.extra_tasks is defined and app_vars.extra_tasks
|
||||||
|
|
|
||||||
|
|
@ -8,14 +8,14 @@
|
||||||
mode: u=rwx,g=rx,o=rx
|
mode: u=rwx,g=rx,o=rx
|
||||||
state: directory
|
state: directory
|
||||||
loop:
|
loop:
|
||||||
- "{{ apps_vars.ipfs.volume }}/data"
|
- "{{ apps_data_root }}/ipfs/data/data"
|
||||||
- "{{ apps_vars.ipfs.volume }}/staging"
|
- "{{ apps_data_root }}/ipfs/data/staging"
|
||||||
loop_control:
|
loop_control:
|
||||||
loop_var: dir
|
loop_var: dir
|
||||||
|
|
||||||
- name: Copy ipfs-config.sh
|
- name: Copy ipfs-config.sh
|
||||||
ansible.builtin.copy:
|
ansible.builtin.copy:
|
||||||
src: ipfs/ipfs-config.sh
|
src: ipfs/ipfs-config.sh
|
||||||
dest: "{{ apps_vars.ipfs.volume }}/ipfs-config.sh"
|
dest: "{{ apps_data_root }}/ipfs/data/ipfs-config.sh"
|
||||||
owner: root
|
owner: root
|
||||||
mode: u=rwx,g=rx,o=rx
|
mode: u=rwx,g=rx,o=rx
|
||||||
|
|
|
||||||
|
|
@ -1,9 +0,0 @@
|
||||||
# vim: ft=yaml.ansible
|
|
||||||
# code: language=ansible
|
|
||||||
---
|
|
||||||
- name: Create subfolder for Monero blockchain
|
|
||||||
ansible.builtin.file:
|
|
||||||
name: "{{ apps_vars.monerod.volume }}/blockchain"
|
|
||||||
owner: '1000'
|
|
||||||
mode: u=rwx,g=rx,o=rx
|
|
||||||
state: directory
|
|
||||||
|
|
@ -3,14 +3,14 @@
|
||||||
---
|
---
|
||||||
- name: Create subfolder for Nextcloud Apache2 config
|
- name: Create subfolder for Nextcloud Apache2 config
|
||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
name: "{{ apps_vars.nextcloud.volume }}/apache2"
|
name: "{{ apps_data_root }}/nextcloud/data/apache2"
|
||||||
owner: root
|
owner: root
|
||||||
mode: u=rwx,g=rx,o=rx
|
mode: u=rwx,g=rx,o=rx
|
||||||
state: directory
|
state: directory
|
||||||
|
|
||||||
- name: Create subfolder for Nextcloud data
|
- name: Create subfolder for Nextcloud data
|
||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
name: "{{ apps_vars.nextcloud.volume }}/app"
|
name: "{{ apps_data_root }}/nextcloud/data/app"
|
||||||
owner: root
|
owner: root
|
||||||
group: '33'
|
group: '33'
|
||||||
mode: u=rwx,g=rx,o=rx
|
mode: u=rwx,g=rx,o=rx
|
||||||
|
|
@ -19,6 +19,6 @@
|
||||||
- name: Copy Apache2 remoteip config file
|
- name: Copy Apache2 remoteip config file
|
||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: nextcloud/remoteip.conf.j2
|
src: nextcloud/remoteip.conf.j2
|
||||||
dest: "{{ apps_vars.nextcloud.volume }}/apache2/remoteip.conf"
|
dest: "{{ apps_data_root }}/nextcloud/data/apache2/remoteip.conf"
|
||||||
owner: root
|
owner: root
|
||||||
mode: u=rw,g=r,o=r
|
mode: u=rw,g=r,o=r
|
||||||
|
|
|
||||||
|
|
@ -1,9 +0,0 @@
|
||||||
# vim: ft=yaml.ansible
|
|
||||||
# code: language=ansible
|
|
||||||
---
|
|
||||||
- name: Create subfolder for Postfix DKIM keys
|
|
||||||
ansible.builtin.file:
|
|
||||||
name: "{{ apps_vars.postfix.volume }}/dkim"
|
|
||||||
owner: root
|
|
||||||
mode: u=rwx,g=rx,o=rx
|
|
||||||
state: directory
|
|
||||||
|
|
@ -17,9 +17,9 @@ services:
|
||||||
- 4001:4001/tcp
|
- 4001:4001/tcp
|
||||||
- 4001:4001/udp
|
- 4001:4001/udp
|
||||||
volumes:
|
volumes:
|
||||||
- "./ipfs-config.sh:/container-init.d/ipfs-config.sh:ro"
|
- "./data/ipfs-config.sh:/container-init.d/ipfs-config.sh:ro"
|
||||||
- "./data:/data/ipfs:rw"
|
- "./data/data:/data/ipfs:rw"
|
||||||
- "./staging:/export:rw"
|
- "./data/staging:/export:rw"
|
||||||
|
|
||||||
networks:
|
networks:
|
||||||
{{ apps_shared_docker_network }}:
|
{{ apps_shared_docker_network }}:
|
||||||
|
|
|
||||||
|
|
@ -12,7 +12,7 @@ services:
|
||||||
ports:
|
ports:
|
||||||
- 18080:18080/tcp
|
- 18080:18080/tcp
|
||||||
volumes:
|
volumes:
|
||||||
- "./blockchain:/home/monero/.bitmonero:rw"
|
- "./data:/home/monero/.bitmonero:rw"
|
||||||
|
|
||||||
networks:
|
networks:
|
||||||
{{ apps_shared_docker_network }}:
|
{{ apps_shared_docker_network }}:
|
||||||
|
|
|
||||||
|
|
@ -38,8 +38,8 @@ services:
|
||||||
aliases:
|
aliases:
|
||||||
- nextcloud
|
- nextcloud
|
||||||
volumes:
|
volumes:
|
||||||
- "./app:/var/www/html:rw"
|
- "./data/app:/var/www/html:rw"
|
||||||
- "./apache2/remoteip.conf:/etc/apache2/conf-enabled/remoteip.conf:ro"
|
- "./data/apache2/remoteip.conf:/etc/apache2/conf-enabled/remoteip.conf:ro"
|
||||||
depends_on:
|
depends_on:
|
||||||
- redis
|
- redis
|
||||||
|
|
||||||
|
|
@ -48,7 +48,7 @@ services:
|
||||||
restart: always
|
restart: always
|
||||||
entrypoint: /cron.sh
|
entrypoint: /cron.sh
|
||||||
volumes:
|
volumes:
|
||||||
- "./app:/var/www/html:rw"
|
- "./data/app:/var/www/html:rw"
|
||||||
depends_on:
|
depends_on:
|
||||||
- app
|
- app
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -12,7 +12,7 @@ services:
|
||||||
networks:
|
networks:
|
||||||
- {{ apps_postfix_docker_network }}
|
- {{ apps_postfix_docker_network }}
|
||||||
volumes:
|
volumes:
|
||||||
- "./dkim:/etc/opendkim/keys:rw"
|
- "./data:/etc/opendkim/keys:rw"
|
||||||
|
|
||||||
networks:
|
networks:
|
||||||
{{ apps_postfix_docker_network }}:
|
{{ apps_postfix_docker_network }}:
|
||||||
|
|
|
||||||
|
|
@ -12,7 +12,7 @@ services:
|
||||||
RESTIC_PASSWORD: {{ restic.repo.password }}
|
RESTIC_PASSWORD: {{ restic.repo.password }}
|
||||||
RESTIC_BACKUP_SOURCES: /mnt/volumes
|
RESTIC_BACKUP_SOURCES: /mnt/volumes
|
||||||
RESTIC_BACKUP_ARGS: >-
|
RESTIC_BACKUP_ARGS: >-
|
||||||
--tag docker-volumes
|
--tag data-volumes
|
||||||
--exclude '*.tmp'
|
--exclude '*.tmp'
|
||||||
--verbose
|
--verbose
|
||||||
RESTIC_FORGET_ARGS: >-
|
RESTIC_FORGET_ARGS: >-
|
||||||
|
|
@ -21,14 +21,20 @@ services:
|
||||||
--keep-weekly 5
|
--keep-weekly 5
|
||||||
--keep-monthly 12
|
--keep-monthly 12
|
||||||
PRE_COMMANDS: |-
|
PRE_COMMANDS: |-
|
||||||
docker exec -u www-data nextcloud_app_1 php occ maintenance:mode --on
|
docker compose -f {{ apps_data_root }}/nextcloud/docker-compose.yml exec -u www-data app php occ maintenance:mode --on
|
||||||
POST_COMMANDS_EXIT: |-
|
POST_COMMANDS_EXIT: |-
|
||||||
docker exec -u www-data nextcloud_app_1 php occ maintenance:mode --off
|
docker compose -f {{ apps_data_root }}/nextcloud/docker-compose.yml exec -u www-data app php occ maintenance:mode --off
|
||||||
B2_ACCOUNT_ID: {{ restic.b2.id }}
|
B2_ACCOUNT_ID: {{ restic.b2.id }}
|
||||||
B2_ACCOUNT_KEY: {{ restic.b2.key }}
|
B2_ACCOUNT_KEY: {{ restic.b2.key }}
|
||||||
TZ: {{ timezone }}
|
TZ: {{ timezone }}
|
||||||
volumes:
|
volumes:
|
||||||
{{ apps_restic_volumes }}
|
- "/var/run/docker.sock:/var/run/docker.sock:rw"
|
||||||
|
- "/usr/libexec/docker/cli-plugins/docker-compose:/usr/libexec/docker/cli-plugins/docker-compose:ro"
|
||||||
|
{% for app in apps_backup %}
|
||||||
|
{% if app in apps_include %}
|
||||||
|
- "{{ apps_data_root }}/{{ app }}/data:/mnt/volumes/{{ app }}:ro"
|
||||||
|
{% endif %}
|
||||||
|
{% endfor %}
|
||||||
|
|
||||||
prune:
|
prune:
|
||||||
image: mazzolino/restic:{{ apps_vars.restic.version }}
|
image: mazzolino/restic:{{ apps_vars.restic.version }}
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue