From faed4037d4a7821a3ca389ad461c7b936cf71915 Mon Sep 17 00:00:00 2001 From: Kevin Veen-Birkenbach Date: Sat, 25 May 2024 10:57:05 +0200 Subject: [PATCH 01/15] Added taiga draft --- roles/docker-taiga/README.md | 0 roles/docker-taiga/tasks/main.yml | 13 ++ .../templates/docker-compose-inits.yml.j2 | 42 +++++ .../templates/docker-compose.yml.j2 | 167 ++++++++++++++++++ roles/docker-taiga/templates/env.j2 | 35 ++++ roles/docker-taiga/vars/main.yml | 6 + 6 files changed, 263 insertions(+) create mode 100644 roles/docker-taiga/README.md create mode 100644 roles/docker-taiga/tasks/main.yml create mode 100644 roles/docker-taiga/templates/docker-compose-inits.yml.j2 create mode 100644 roles/docker-taiga/templates/docker-compose.yml.j2 create mode 100644 roles/docker-taiga/templates/env.j2 create mode 100644 roles/docker-taiga/vars/main.yml diff --git a/roles/docker-taiga/README.md b/roles/docker-taiga/README.md new file mode 100644 index 00000000..e69de29b diff --git a/roles/docker-taiga/tasks/main.yml b/roles/docker-taiga/tasks/main.yml new file mode 100644 index 00000000..308db9ca --- /dev/null +++ b/roles/docker-taiga/tasks/main.yml @@ -0,0 +1,13 @@ +--- +- name: "include docker/compose/database.yml" + include_tasks: docker/compose/database.yml + +- name: "include tasks nginx-docker-proxy-domain.yml" + include_tasks: nginx-docker-proxy-domain.yml + +- name: "include tasks update-repository-with-docker-compose.yml" + include_tasks: update-repository-with-docker-compose.yml + +- name: configure run.env + template: src=env.j2 dest={{docker_compose_instance_directory}}/.env + notify: docker compose project setup diff --git a/roles/docker-taiga/templates/docker-compose-inits.yml.j2 b/roles/docker-taiga/templates/docker-compose-inits.yml.j2 new file mode 100644 index 00000000..19332d79 --- /dev/null +++ b/roles/docker-taiga/templates/docker-compose-inits.yml.j2 @@ -0,0 +1,42 @@ +version: "3.5" + +x-environment: + &default-back-environment + POSTGRES_DB: "taiga" + POSTGRES_USER: "${POSTGRES_USER}" + POSTGRES_PASSWORD: "${POSTGRES_PASSWORD}" + POSTGRES_HOST: "taiga-db" + + TAIGA_SECRET_KEY: "${SECRET_KEY}" + TAIGA_SITES_SCHEME: "${TAIGA_SCHEME}" + TAIGA_SITES_DOMAIN: "${TAIGA_DOMAIN}" + + EMAIL_BACKEND: "django.core.mail.backends.${EMAIL_BACKEND}.EmailBackend" + DEFAULT_FROM_EMAIL: "${EMAIL_DEFAULT_FROM}" + EMAIL_USE_TLS: "${EMAIL_USE_TLS}" + EMAIL_USE_SSL: "${EMAIL_USE_SSL}" + EMAIL_HOST: "${EMAIL_HOST}" + EMAIL_PORT: "${EMAIL_PORT}" + EMAIL_HOST_USER: "${EMAIL_HOST_USER}" + EMAIL_HOST_PASSWORD: "${EMAIL_HOST_PASSWORD}" + + RABBITMQ_USER: "${RABBITMQ_USER}" + RABBITMQ_PASS: "${RABBITMQ_PASS}" + CELERY_ENABLED: "False" + +x-volumes: + &default-back-volumes + - taiga-static-data:/taiga-back/static + - taiga-media-data:/taiga-back/media + # - ./config.py:/taiga-back/settings/config.py + +services: + taiga-manage: + image: taigaio/taiga-back:latest + environment: *default-back-environment + depends_on: + - taiga-db + entrypoint: "python manage.py" + volumes: *default-back-volumes + networks: + - taiga \ No newline at end of file diff --git a/roles/docker-taiga/templates/docker-compose.yml.j2 b/roles/docker-taiga/templates/docker-compose.yml.j2 new file mode 100644 index 00000000..53d388ef --- /dev/null +++ b/roles/docker-taiga/templates/docker-compose.yml.j2 @@ -0,0 +1,167 @@ +version: "3.5" + +x-environment: + &default-back-environment + # These environment variables will be used by taiga-back and taiga-async. + # Database settings + POSTGRES_DB: "taiga" + POSTGRES_USER: "${POSTGRES_USER}" + POSTGRES_PASSWORD: "${POSTGRES_PASSWORD}" + POSTGRES_HOST: "taiga-db" + # Taiga settings + TAIGA_SECRET_KEY: "${SECRET_KEY}" + TAIGA_SITES_SCHEME: "${TAIGA_SCHEME}" + TAIGA_SITES_DOMAIN: "${TAIGA_DOMAIN}" + TAIGA_SUBPATH: "${SUBPATH}" + # Email settings. + EMAIL_BACKEND: "django.core.mail.backends.${EMAIL_BACKEND}.EmailBackend" + DEFAULT_FROM_EMAIL: "${EMAIL_DEFAULT_FROM}" + EMAIL_USE_TLS: "${EMAIL_USE_TLS}" + EMAIL_USE_SSL: "${EMAIL_USE_SSL}" + EMAIL_HOST: "${EMAIL_HOST}" + EMAIL_PORT: "${EMAIL_PORT}" + EMAIL_HOST_USER: "${EMAIL_HOST_USER}" + EMAIL_HOST_PASSWORD: "${EMAIL_HOST_PASSWORD}" + # Rabbitmq settings + RABBITMQ_USER: "${RABBITMQ_USER}" + RABBITMQ_PASS: "${RABBITMQ_PASS}" + # Telemetry settings + ENABLE_TELEMETRY: "${ENABLE_TELEMETRY}" + # ...your customizations go here + +x-volumes: + &default-back-volumes + # These volumens will be used by taiga-back and taiga-async. + - taiga-static-data:/taiga-back/static + - taiga-media-data:/taiga-back/media + # - ./config.py:/taiga-back/settings/config.py + +services: + taiga-db: + image: postgres:12.3 + environment: + POSTGRES_DB: "taiga" + POSTGRES_USER: "${POSTGRES_USER}" + POSTGRES_PASSWORD: "${POSTGRES_PASSWORD}" + healthcheck: + test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER}"] + interval: 2s + timeout: 15s + retries: 5 + start_period: 3s + volumes: + - taiga-db-data:/var/lib/postgresql/data + networks: + - taiga + + taiga-back: + image: taigaio/taiga-back:latest + environment: *default-back-environment + volumes: *default-back-volumes + networks: + - taiga + depends_on: + taiga-db: + condition: service_healthy + taiga-events-rabbitmq: + condition: service_started + taiga-async-rabbitmq: + condition: service_started + + taiga-async: + image: taigaio/taiga-back:latest + entrypoint: ["/taiga-back/docker/async_entrypoint.sh"] + environment: *default-back-environment + volumes: *default-back-volumes + networks: + - taiga + depends_on: + taiga-db: + condition: service_healthy + taiga-events-rabbitmq: + condition: service_started + taiga-async-rabbitmq: + condition: service_started + + taiga-async-rabbitmq: + image: rabbitmq:3.8-management-alpine + environment: + RABBITMQ_ERLANG_COOKIE: "${RABBITMQ_ERLANG_COOKIE}" + RABBITMQ_DEFAULT_USER: "${RABBITMQ_USER}" + RABBITMQ_DEFAULT_PASS: "${RABBITMQ_PASS}" + RABBITMQ_DEFAULT_VHOST: "${RABBITMQ_VHOST}" + hostname: "taiga-async-rabbitmq" + volumes: + - taiga-async-rabbitmq-data:/var/lib/rabbitmq + networks: + - taiga + + taiga-front: + image: taigaio/taiga-front:latest + environment: + TAIGA_URL: "${TAIGA_SCHEME}://${TAIGA_DOMAIN}" + TAIGA_WEBSOCKETS_URL: "${WEBSOCKETS_SCHEME}://${TAIGA_DOMAIN}" + TAIGA_SUBPATH: "${SUBPATH}" + # ...your customizations go here + networks: + - taiga + # volumes: + # - ./conf.json:/usr/share/nginx/html/conf.json + + taiga-events: + image: taigaio/taiga-events:latest + environment: + RABBITMQ_USER: "${RABBITMQ_USER}" + RABBITMQ_PASS: "${RABBITMQ_PASS}" + TAIGA_SECRET_KEY: "${SECRET_KEY}" + networks: + - taiga + depends_on: + taiga-events-rabbitmq: + condition: service_started + + taiga-events-rabbitmq: + image: rabbitmq:3.8-management-alpine + environment: + RABBITMQ_ERLANG_COOKIE: "${RABBITMQ_ERLANG_COOKIE}" + RABBITMQ_DEFAULT_USER: "${RABBITMQ_USER}" + RABBITMQ_DEFAULT_PASS: "${RABBITMQ_PASS}" + RABBITMQ_DEFAULT_VHOST: "${RABBITMQ_VHOST}" + hostname: "taiga-events-rabbitmq" + volumes: + - taiga-events-rabbitmq-data:/var/lib/rabbitmq + networks: + - taiga + + taiga-protected: + image: taigaio/taiga-protected:latest + environment: + MAX_AGE: "${ATTACHMENTS_MAX_AGE}" + SECRET_KEY: "${SECRET_KEY}" + networks: + - taiga + + taiga-gateway: + image: nginx:1.19-alpine + ports: + - "9000:80" + volumes: + - ./taiga-gateway/taiga.conf:/etc/nginx/conf.d/default.conf + - taiga-static-data:/taiga/static + - taiga-media-data:/taiga/media + networks: + - taiga + depends_on: + - taiga-front + - taiga-back + - taiga-events + +volumes: + taiga-static-data: + taiga-media-data: + taiga-db-data: + taiga-async-rabbitmq-data: + taiga-events-rabbitmq-data: + +networks: + taiga: \ No newline at end of file diff --git a/roles/docker-taiga/templates/env.j2 b/roles/docker-taiga/templates/env.j2 new file mode 100644 index 00000000..806e3b4c --- /dev/null +++ b/roles/docker-taiga/templates/env.j2 @@ -0,0 +1,35 @@ +# Taiga's URLs - Variables to define where Taiga should be served +TAIGA_SCHEME=https # serve Taiga using "http" or "https" (secured) connection +TAIGA_DOMAIN= {{domain}} # Taiga's base URL +SUBPATH="" # it'll be appended to the TAIGA_DOMAIN (use either "" or a "/subpath") +WEBSOCKETS_SCHEME=wss # events connection protocol (use either "ws" or "wss") + +# Taiga's Secret Key - Variable to provide cryptographic signing +SECRET_KEY="{{taigaio_secret_key}}" # Please, change it to an unpredictable value!! + +# Taiga's Database settings - Variables to create the Taiga database and connect to it +POSTGRES_USER=taiga # user to connect to PostgreSQL +POSTGRES_PASSWORD=taiga # database user's password + +# Taiga's SMTP settings - Variables to send Taiga's emails to the users +EMAIL_BACKEND=console # use an SMTP server or display the emails in the console (either "smtp" or "console") +EMAIL_HOST=smtp.host.example.com # SMTP server address +EMAIL_PORT=587 # default SMTP port +EMAIL_HOST_USER=user # user to connect the SMTP server +EMAIL_HOST_PASSWORD=password # SMTP user's password +EMAIL_DEFAULT_FROM=changeme@example.com # default email address for the automated emails +# EMAIL_USE_TLS/EMAIL_USE_SSL are mutually exclusive (only set one of those to True) +EMAIL_USE_TLS=True # use TLS (secure) connection with the SMTP server +EMAIL_USE_SSL=False # use implicit TLS (secure) connection with the SMTP server + +# Taiga's RabbitMQ settings - Variables to leave messages for the realtime and asynchronous events +RABBITMQ_USER=taiga # user to connect to RabbitMQ +RABBITMQ_PASS=taiga # RabbitMQ user's password +RABBITMQ_VHOST=taiga # RabbitMQ container name +RABBITMQ_ERLANG_COOKIE=secret-erlang-cookie # unique value shared by any connected instance of RabbitMQ + +# Taiga's Attachments - Variable to define how long the attachments will be accesible +ATTACHMENTS_MAX_AGE=360 # token expiration date (in seconds) + +# Taiga's Telemetry - Variable to enable or disable the anonymous telemetry +ENABLE_TELEMETRY=True \ No newline at end of file diff --git a/roles/docker-taiga/vars/main.yml b/roles/docker-taiga/vars/main.yml new file mode 100644 index 00000000..6da9c93d --- /dev/null +++ b/roles/docker-taiga/vars/main.yml @@ -0,0 +1,6 @@ +docker_compose_project_name: "taigaio" +docker_compose_file_path: "{{docker_compose_instance_directory}}docker-compose.yml" +docker_compose_backup_path: "/tmp/{{docker_compose_project_name}}-docker-compose.yml.backup" +database_type: "mariadb" +database_password: "{{taigaio_database_password}}" +repository_address: "https://github.com/taigaio/taiga-docker" From 4735081128dd17867b3ef1eda8b4b120a16f454b Mon Sep 17 00:00:00 2001 From: Kevin Veen-Birkenbach Date: Sat, 25 May 2024 20:23:06 +0200 Subject: [PATCH 02/15] Adapted taiga standard configuration for cymais --- .../templates/docker-compose-inits.yml.j2 | 12 +-- .../templates/docker-compose.yml.j2 | 78 ++++++++----------- roles/docker-taiga/templates/env.j2 | 20 ++--- roles/docker-taiga/vars/main.yml | 2 +- 4 files changed, 51 insertions(+), 61 deletions(-) diff --git a/roles/docker-taiga/templates/docker-compose-inits.yml.j2 b/roles/docker-taiga/templates/docker-compose-inits.yml.j2 index 19332d79..9faf7634 100644 --- a/roles/docker-taiga/templates/docker-compose-inits.yml.j2 +++ b/roles/docker-taiga/templates/docker-compose-inits.yml.j2 @@ -2,10 +2,10 @@ version: "3.5" x-environment: &default-back-environment - POSTGRES_DB: "taiga" + POSTGRES_DB: "{{database_name}}" POSTGRES_USER: "${POSTGRES_USER}" POSTGRES_PASSWORD: "${POSTGRES_PASSWORD}" - POSTGRES_HOST: "taiga-db" + POSTGRES_HOST: "{{database_host}}" TAIGA_SECRET_KEY: "${SECRET_KEY}" TAIGA_SITES_SCHEME: "${TAIGA_SCHEME}" @@ -34,9 +34,9 @@ services: taiga-manage: image: taigaio/taiga-back:latest environment: *default-back-environment - depends_on: - - taiga-db +{% include 'templates/docker/container/depends-on-just-database.yml.j2' %} + entrypoint: "python manage.py" volumes: *default-back-volumes - networks: - - taiga \ No newline at end of file +{% include 'templates/docker/compose/networks.yml.j2' %} + taiga: \ No newline at end of file diff --git a/roles/docker-taiga/templates/docker-compose.yml.j2 b/roles/docker-taiga/templates/docker-compose.yml.j2 index 53d388ef..06309494 100644 --- a/roles/docker-taiga/templates/docker-compose.yml.j2 +++ b/roles/docker-taiga/templates/docker-compose.yml.j2 @@ -4,10 +4,11 @@ x-environment: &default-back-environment # These environment variables will be used by taiga-back and taiga-async. # Database settings - POSTGRES_DB: "taiga" + POSTGRES_DB: "{{database_name}}" POSTGRES_USER: "${POSTGRES_USER}" POSTGRES_PASSWORD: "${POSTGRES_PASSWORD}" - POSTGRES_HOST: "taiga-db" + POSTGRES_HOST: "{{database_host}}" + # Taiga settings TAIGA_SECRET_KEY: "${SECRET_KEY}" TAIGA_SITES_SCHEME: "${TAIGA_SCHEME}" @@ -37,32 +38,16 @@ x-volumes: # - ./config.py:/taiga-back/settings/config.py services: - taiga-db: - image: postgres:12.3 - environment: - POSTGRES_DB: "taiga" - POSTGRES_USER: "${POSTGRES_USER}" - POSTGRES_PASSWORD: "${POSTGRES_PASSWORD}" - healthcheck: - test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER}"] - interval: 2s - timeout: 15s - retries: 5 - start_period: 3s - volumes: - - taiga-db-data:/var/lib/postgresql/data - networks: - - taiga - +{% include 'templates/docker/services/' + database_type + '.yml.j2' %} taiga-back: image: taigaio/taiga-back:latest environment: *default-back-environment volumes: *default-back-volumes - networks: - - taiga - depends_on: - taiga-db: - condition: service_healthy + +{% include 'templates/docker/container/networks.yml.j2' %} + taiga: + +{% include 'templates/docker/container/depends-on-also-database.yml.j2' %} taiga-events-rabbitmq: condition: service_started taiga-async-rabbitmq: @@ -73,11 +58,11 @@ services: entrypoint: ["/taiga-back/docker/async_entrypoint.sh"] environment: *default-back-environment volumes: *default-back-volumes - networks: - - taiga - depends_on: - taiga-db: - condition: service_healthy + +{% include 'templates/docker/container/networks.yml.j2' %} + taiga: + +{% include 'templates/docker/container/depends-on-also-database.yml.j2' %} taiga-events-rabbitmq: condition: service_started taiga-async-rabbitmq: @@ -93,8 +78,9 @@ services: hostname: "taiga-async-rabbitmq" volumes: - taiga-async-rabbitmq-data:/var/lib/rabbitmq - networks: - - taiga + +{% include 'templates/docker/container/networks.yml.j2' %} + taiga: taiga-front: image: taigaio/taiga-front:latest @@ -103,8 +89,9 @@ services: TAIGA_WEBSOCKETS_URL: "${WEBSOCKETS_SCHEME}://${TAIGA_DOMAIN}" TAIGA_SUBPATH: "${SUBPATH}" # ...your customizations go here - networks: - - taiga + +{% include 'templates/docker/container/networks.yml.j2' %} + taiga: # volumes: # - ./conf.json:/usr/share/nginx/html/conf.json @@ -114,8 +101,9 @@ services: RABBITMQ_USER: "${RABBITMQ_USER}" RABBITMQ_PASS: "${RABBITMQ_PASS}" TAIGA_SECRET_KEY: "${SECRET_KEY}" - networks: - - taiga + +{% include 'templates/docker/container/networks.yml.j2' %} + taiga: depends_on: taiga-events-rabbitmq: condition: service_started @@ -130,16 +118,18 @@ services: hostname: "taiga-events-rabbitmq" volumes: - taiga-events-rabbitmq-data:/var/lib/rabbitmq - networks: - - taiga + +{% include 'templates/docker/container/networks.yml.j2' %} + taiga: taiga-protected: image: taigaio/taiga-protected:latest environment: MAX_AGE: "${ATTACHMENTS_MAX_AGE}" SECRET_KEY: "${SECRET_KEY}" - networks: - - taiga + +{% include 'templates/docker/container/networks.yml.j2' %} + taiga: taiga-gateway: image: nginx:1.19-alpine @@ -149,19 +139,19 @@ services: - ./taiga-gateway/taiga.conf:/etc/nginx/conf.d/default.conf - taiga-static-data:/taiga/static - taiga-media-data:/taiga/media - networks: - - taiga + +{% include 'templates/docker/container/networks.yml.j2' %} + taiga: depends_on: - taiga-front - taiga-back - taiga-events -volumes: +{% include 'templates/docker/compose/volumes.yml.j2' %} taiga-static-data: taiga-media-data: - taiga-db-data: taiga-async-rabbitmq-data: taiga-events-rabbitmq-data: -networks: +{% include 'templates/docker/compose/networks.yml.j2' %} taiga: \ No newline at end of file diff --git a/roles/docker-taiga/templates/env.j2 b/roles/docker-taiga/templates/env.j2 index 806e3b4c..8f138c5b 100644 --- a/roles/docker-taiga/templates/env.j2 +++ b/roles/docker-taiga/templates/env.j2 @@ -8,19 +8,19 @@ WEBSOCKETS_SCHEME=wss # events connection protocol (use either "ws" or "wss") SECRET_KEY="{{taigaio_secret_key}}" # Please, change it to an unpredictable value!! # Taiga's Database settings - Variables to create the Taiga database and connect to it -POSTGRES_USER=taiga # user to connect to PostgreSQL -POSTGRES_PASSWORD=taiga # database user's password +POSTGRES_USER={{database_username}} # user to connect to PostgreSQL +POSTGRES_PASSWORD={{peertube_database_password}} # database user's password # Taiga's SMTP settings - Variables to send Taiga's emails to the users -EMAIL_BACKEND=console # use an SMTP server or display the emails in the console (either "smtp" or "console") -EMAIL_HOST=smtp.host.example.com # SMTP server address -EMAIL_PORT=587 # default SMTP port -EMAIL_HOST_USER=user # user to connect the SMTP server -EMAIL_HOST_PASSWORD=password # SMTP user's password -EMAIL_DEFAULT_FROM=changeme@example.com # default email address for the automated emails +EMAIL_BACKEND = console # use an SMTP server or display the emails in the console (either "smtp" or "console") +EMAIL_HOST = {{system_email_host}} # SMTP server address +EMAIL_PORT = {{system_email_smtp_port}} # default SMTP port +EMAIL_HOST_USER = {{system_email_username}} # user to connect the SMTP server +EMAIL_HOST_PASSWORD = {{system_email_password}} # SMTP user's password +EMAIL_DEFAULT_FROM = {{system_email}} # default email address for the automated emails # EMAIL_USE_TLS/EMAIL_USE_SSL are mutually exclusive (only set one of those to True) -EMAIL_USE_TLS=True # use TLS (secure) connection with the SMTP server -EMAIL_USE_SSL=False # use implicit TLS (secure) connection with the SMTP server +EMAIL_USE_TLS={{ system_email_tls | lower | capitalize }} # use TLS (secure) connection with the SMTP server +EMAIL_USE_SSL={{ 'False' if system_email_start_tls else 'True' }} # use implicit TLS (secure) connection with the SMTP server # Taiga's RabbitMQ settings - Variables to leave messages for the realtime and asynchronous events RABBITMQ_USER=taiga # user to connect to RabbitMQ diff --git a/roles/docker-taiga/vars/main.yml b/roles/docker-taiga/vars/main.yml index 6da9c93d..409e617d 100644 --- a/roles/docker-taiga/vars/main.yml +++ b/roles/docker-taiga/vars/main.yml @@ -1,6 +1,6 @@ docker_compose_project_name: "taigaio" docker_compose_file_path: "{{docker_compose_instance_directory}}docker-compose.yml" docker_compose_backup_path: "/tmp/{{docker_compose_project_name}}-docker-compose.yml.backup" -database_type: "mariadb" +database_type: "postgres" database_password: "{{taigaio_database_password}}" repository_address: "https://github.com/taigaio/taiga-docker" From 06537dfe9a4e73d9f122d44c3dde06980ae32f35 Mon Sep 17 00:00:00 2001 From: Kevin Veen-Birkenbach Date: Sun, 26 May 2024 21:09:36 +0200 Subject: [PATCH 03/15] Implemented update-repository-with-files.yml --- roles/docker-akaunting/vars/main.yml | 1 - roles/docker-attendize/vars/main.yml | 1 - roles/docker-openproject/vars/main.yml | 1 - roles/docker-taiga/tasks/main.yml | 9 ++++- .../templates/{env.j2 => .env.j2} | 0 roles/docker-taiga/vars/main.yml | 1 - .../update-repository-with-docker-compose.yml | 39 +++---------------- tasks/update-repository-with-files.yml | 37 ++++++++++++++++++ 8 files changed, 49 insertions(+), 40 deletions(-) rename roles/docker-taiga/templates/{env.j2 => .env.j2} (100%) create mode 100644 tasks/update-repository-with-files.yml diff --git a/roles/docker-akaunting/vars/main.yml b/roles/docker-akaunting/vars/main.yml index e20e42db..bca7ceff 100644 --- a/roles/docker-akaunting/vars/main.yml +++ b/roles/docker-akaunting/vars/main.yml @@ -1,6 +1,5 @@ docker_compose_project_name: "akaunting" docker_compose_file_path: "{{docker_compose_instance_directory}}docker-compose.yml" -docker_compose_backup_path: "/tmp/{{docker_compose_project_name}}-docker-compose.yml.backup" database_type: "mariadb" database_password: "{{akaunting_database_password}}" repository_address: "https://github.com/akaunting/docker.git" diff --git a/roles/docker-attendize/vars/main.yml b/roles/docker-attendize/vars/main.yml index 99ee1203..3cb4e12a 100644 --- a/roles/docker-attendize/vars/main.yml +++ b/roles/docker-attendize/vars/main.yml @@ -1,7 +1,6 @@ --- docker_compose_project_name: "attendize" docker_compose_file_path: "{{docker_compose_instance_directory}}docker-compose.yml" -docker_compose_backup_path: "/tmp/{{docker_compose_project_name}}-docker-compose.yml.backup" mail_interface_domain: "mail.{{domain}}" database_type: "mariadb" database_password: "{{attendize_database_password}}" diff --git a/roles/docker-openproject/vars/main.yml b/roles/docker-openproject/vars/main.yml index 35ebef68..a663d197 100644 --- a/roles/docker-openproject/vars/main.yml +++ b/roles/docker-openproject/vars/main.yml @@ -2,7 +2,6 @@ docker_compose_project_name: "openproject" repository_directory: "{{ path_docker_compose_instances }}{{docker_compose_project_name}}/" docker_compose_instance_directory: "{{repository_directory}}compose/" docker_compose_file_path: "{{docker_compose_instance_directory}}docker-compose.yml" -docker_compose_backup_path: "/tmp/{{docker_compose_project_name}}-docker-compose.yml.backup" database_password: "{{openproject_database_password}}" repository_address: "https://github.com/opf/openproject-deploy" database_type: "postgres" diff --git a/roles/docker-taiga/tasks/main.yml b/roles/docker-taiga/tasks/main.yml index 308db9ca..13e105da 100644 --- a/roles/docker-taiga/tasks/main.yml +++ b/roles/docker-taiga/tasks/main.yml @@ -5,8 +5,13 @@ - name: "include tasks nginx-docker-proxy-domain.yml" include_tasks: nginx-docker-proxy-domain.yml -- name: "include tasks update-repository-with-docker-compose.yml" - include_tasks: update-repository-with-docker-compose.yml +- name: "include tasks update-repository-with-files.yml" + include_tasks: update-repository-with-files.yml + vars: + detached_files: + - .env + - docker-compose.yml + - docker-compose-init.yml - name: configure run.env template: src=env.j2 dest={{docker_compose_instance_directory}}/.env diff --git a/roles/docker-taiga/templates/env.j2 b/roles/docker-taiga/templates/.env.j2 similarity index 100% rename from roles/docker-taiga/templates/env.j2 rename to roles/docker-taiga/templates/.env.j2 diff --git a/roles/docker-taiga/vars/main.yml b/roles/docker-taiga/vars/main.yml index 409e617d..9f2e839a 100644 --- a/roles/docker-taiga/vars/main.yml +++ b/roles/docker-taiga/vars/main.yml @@ -1,6 +1,5 @@ docker_compose_project_name: "taigaio" docker_compose_file_path: "{{docker_compose_instance_directory}}docker-compose.yml" -docker_compose_backup_path: "/tmp/{{docker_compose_project_name}}-docker-compose.yml.backup" database_type: "postgres" database_password: "{{taigaio_database_password}}" repository_address: "https://github.com/taigaio/taiga-docker" diff --git a/tasks/update-repository-with-docker-compose.yml b/tasks/update-repository-with-docker-compose.yml index c26b4279..d98fe203 100644 --- a/tasks/update-repository-with-docker-compose.yml +++ b/tasks/update-repository-with-docker-compose.yml @@ -1,34 +1,5 @@ -- name: "backup docker-compose.yml if it exists" - command: > - mv "{{ docker_compose_file_path }}" "{{ docker_compose_backup_path }}" - args: - removes: "{{ docker_compose_file_path }}" - become: true - -- name: checkout repository - ansible.builtin.shell: git checkout . - become: true - args: - chdir: "{{docker_compose_instance_directory}}" - ignore_errors: true - -- name: pull docker repository - git: - repo: "{{ repository_address }}" - dest: "{{ repository_directory }}" - update: yes - notify: docker compose project setup - become: true - -- name: "restore docker-compose.yml from backup" - command: > - mv "{{ docker_compose_backup_path }}" "{{ docker_compose_file_path }}" - args: - removes: "{{ docker_compose_backup_path }}" - become: true - -- name: "copy docker-compose.yml" - template: - src: docker-compose.yml.j2 - dest: "{{ docker_compose_file_path }}" - notify: docker compose project setup \ No newline at end of file +- name: "include tasks update-repository-with-files.yml" + include_tasks: update-repository-with-files.yml + vars: + detached_files: + - "{{docker_compose_file_path}}" \ No newline at end of file diff --git a/tasks/update-repository-with-files.yml b/tasks/update-repository-with-files.yml new file mode 100644 index 00000000..f62aecf4 --- /dev/null +++ b/tasks/update-repository-with-files.yml @@ -0,0 +1,37 @@ +- name: "backup docker-compose.yml if it exists" + command: > + mv "{{docker_compose_instance_directory}}{{ item }}" "/tmp/{{docker_compose_project_name}}-{{ item }}.backup" + args: + removes: "{{docker_compose_instance_directory}}{{ item }}" + become: true + loop: "{{ detached_files }}" + +- name: checkout repository + ansible.builtin.shell: git checkout . + become: true + args: + chdir: "{{docker_compose_instance_directory}}" + ignore_errors: true + +- name: pull docker repository + git: + repo: "{{ repository_address }}" + dest: "{{ repository_directory }}" + update: yes + notify: docker compose project setup + become: true + +- name: "restore docker-compose.yml from backup" + command: > + mv "/tmp/{{docker_compose_project_name}}-{{ item }}.backup" "{{docker_compose_instance_directory}}{{ item }}" + args: + removes: "/tmp/{{docker_compose_project_name}}-{{ item }}.backup" + become: true + loop: "{{ detached_files }}" + +- name: "copy {{ item }}" + template: + src: "{{ item }}.j2" + dest: "{{docker_compose_instance_directory}}{{ item }}" + loop: "{{ detached_files }}" + notify: docker compose project setup From 0e45294efa60f0b4aeaaefda4dcdfc9770206bcb Mon Sep 17 00:00:00 2001 From: Kevin Veen-Birkenbach Date: Sun, 26 May 2024 21:20:50 +0200 Subject: [PATCH 04/15] Refactored taiga --- roles/docker-taiga/tasks/main.yml | 4 -- .../templates/docker-compose-inits.yml.j2 | 4 +- .../templates/docker-compose.yml.j2 | 42 +++++++++---------- 3 files changed, 23 insertions(+), 27 deletions(-) diff --git a/roles/docker-taiga/tasks/main.yml b/roles/docker-taiga/tasks/main.yml index 13e105da..3961c332 100644 --- a/roles/docker-taiga/tasks/main.yml +++ b/roles/docker-taiga/tasks/main.yml @@ -12,7 +12,3 @@ - .env - docker-compose.yml - docker-compose-init.yml - -- name: configure run.env - template: src=env.j2 dest={{docker_compose_instance_directory}}/.env - notify: docker compose project setup diff --git a/roles/docker-taiga/templates/docker-compose-inits.yml.j2 b/roles/docker-taiga/templates/docker-compose-inits.yml.j2 index 9faf7634..27ee9bf9 100644 --- a/roles/docker-taiga/templates/docker-compose-inits.yml.j2 +++ b/roles/docker-taiga/templates/docker-compose-inits.yml.j2 @@ -26,8 +26,8 @@ x-environment: x-volumes: &default-back-volumes - - taiga-static-data:/taiga-back/static - - taiga-media-data:/taiga-back/media + - static-data:/taiga-back/static + - media-data:/taiga-back/media # - ./config.py:/taiga-back/settings/config.py services: diff --git a/roles/docker-taiga/templates/docker-compose.yml.j2 b/roles/docker-taiga/templates/docker-compose.yml.j2 index 06309494..13d2b26f 100644 --- a/roles/docker-taiga/templates/docker-compose.yml.j2 +++ b/roles/docker-taiga/templates/docker-compose.yml.j2 @@ -33,13 +33,13 @@ x-environment: x-volumes: &default-back-volumes # These volumens will be used by taiga-back and taiga-async. - - taiga-static-data:/taiga-back/static - - taiga-media-data:/taiga-back/media + - static-data:/taiga-back/static + - media-data:/taiga-back/media # - ./config.py:/taiga-back/settings/config.py services: {% include 'templates/docker/services/' + database_type + '.yml.j2' %} - taiga-back: + back: image: taigaio/taiga-back:latest environment: *default-back-environment volumes: *default-back-volumes @@ -48,7 +48,7 @@ services: taiga: {% include 'templates/docker/container/depends-on-also-database.yml.j2' %} - taiga-events-rabbitmq: + events-rabbitmq: condition: service_started taiga-async-rabbitmq: condition: service_started @@ -63,7 +63,7 @@ services: taiga: {% include 'templates/docker/container/depends-on-also-database.yml.j2' %} - taiga-events-rabbitmq: + events-rabbitmq: condition: service_started taiga-async-rabbitmq: condition: service_started @@ -77,12 +77,12 @@ services: RABBITMQ_DEFAULT_VHOST: "${RABBITMQ_VHOST}" hostname: "taiga-async-rabbitmq" volumes: - - taiga-async-rabbitmq-data:/var/lib/rabbitmq + - async-rabbitmq-data:/var/lib/rabbitmq {% include 'templates/docker/container/networks.yml.j2' %} taiga: - taiga-front: + front: image: taigaio/taiga-front:latest environment: TAIGA_URL: "${TAIGA_SCHEME}://${TAIGA_DOMAIN}" @@ -95,7 +95,7 @@ services: # volumes: # - ./conf.json:/usr/share/nginx/html/conf.json - taiga-events: + events: image: taigaio/taiga-events:latest environment: RABBITMQ_USER: "${RABBITMQ_USER}" @@ -105,19 +105,19 @@ services: {% include 'templates/docker/container/networks.yml.j2' %} taiga: depends_on: - taiga-events-rabbitmq: + events-rabbitmq: condition: service_started - taiga-events-rabbitmq: + events-rabbitmq: image: rabbitmq:3.8-management-alpine environment: RABBITMQ_ERLANG_COOKIE: "${RABBITMQ_ERLANG_COOKIE}" RABBITMQ_DEFAULT_USER: "${RABBITMQ_USER}" RABBITMQ_DEFAULT_PASS: "${RABBITMQ_PASS}" RABBITMQ_DEFAULT_VHOST: "${RABBITMQ_VHOST}" - hostname: "taiga-events-rabbitmq" + hostname: "events-rabbitmq" volumes: - - taiga-events-rabbitmq-data:/var/lib/rabbitmq + - events-rabbitmq-data:/var/lib/rabbitmq {% include 'templates/docker/container/networks.yml.j2' %} taiga: @@ -137,21 +137,21 @@ services: - "9000:80" volumes: - ./taiga-gateway/taiga.conf:/etc/nginx/conf.d/default.conf - - taiga-static-data:/taiga/static - - taiga-media-data:/taiga/media + - static-data:/taiga/static + - media-data:/taiga/media {% include 'templates/docker/container/networks.yml.j2' %} taiga: depends_on: - - taiga-front - - taiga-back - - taiga-events + - front + - back + - events {% include 'templates/docker/compose/volumes.yml.j2' %} - taiga-static-data: - taiga-media-data: - taiga-async-rabbitmq-data: - taiga-events-rabbitmq-data: + static-data: + media-data: + async-rabbitmq-data: + events-rabbitmq-data: {% include 'templates/docker/compose/networks.yml.j2' %} taiga: \ No newline at end of file From ac902b67a57798cea149cf72952b8608bc76c292 Mon Sep 17 00:00:00 2001 From: Kevin Veen-Birkenbach Date: Sun, 26 May 2024 21:32:44 +0200 Subject: [PATCH 05/15] Implemented taiga to playbook.servers.yml --- group_vars/all | 8 +++++--- playbook.servers.yml | 9 +++++++++ roles/docker-taiga/templates/docker-compose.yml.j2 | 2 +- 3 files changed, 15 insertions(+), 4 deletions(-) diff --git a/group_vars/all b/group_vars/all index 28dadcc8..f56917b1 100644 --- a/group_vars/all +++ b/group_vars/all @@ -119,10 +119,11 @@ nginx_homepage_root: "/usr/share/nginx/homepage/" ### Service Domains domain_akaunting: "accounting.{{top_domain}}" +domain_attendize: "tickets.{{top_domain}}" domain_baserow: "baserow.{{top_domain}}" domain_bigbluebutton: "meet.{{top_domain}}" -domain_elk: "elk.{{top_domain}}" domain_discourse: "forum.{{top_domain}}" +domain_elk: "elk.{{top_domain}}" domain_funkwhale: "music.{{top_domain}}" domain_gitea: "git.{{top_domain}}" domain_gitlab: "gitlab.{{top_domain}}" @@ -136,13 +137,13 @@ domain_matrix_element: "element.{{top_domain}}" domain_moodle: "academy.{{top_domain}}" domain_mediawiki: "wiki.{{top_domain}}" domain_nextcloud: "cloud.{{top_domain}}" +domain_openproject: "project.{{top_domain}}" domain_pixelfed: "picture.{{top_domain}}" domain_peertube: "video.{{top_domain}}" domains_peertube: [] domain_roulette: "roulette.{{top_domain}}" -domain_attendize: "tickets.{{top_domain}}" +domain_taiga: "kanban.{{top_domain}}" domain_yourls: "s.{{top_domain}}" -domain_openproject: "project.{{top_domain}}" domains_wordpress: ["wordpress.{{top_domain}}","blog.{{top_domain}}"] ### Domain Redirects @@ -160,6 +161,7 @@ redirect_domain_mappings: - { source: "pictures.{{top_domain}}", target: "{{domain_pixelfed}}" } - { source: "pixelfed.{{top_domain}}", target: "{{domain_pixelfed}}" } - { source: "short.{{top_domain}}", target: "{{domain_yourls}}" } +- { source: "taiga.{{top_domain}}", target: "{{domain_taiga}}" } - { source: "videos.{{top_domain}}", target: "{{domain_peertube}}" } ## Docker Applications diff --git a/playbook.servers.yml b/playbook.servers.yml index a2936dcc..090f5a07 100644 --- a/playbook.servers.yml +++ b/playbook.servers.yml @@ -257,6 +257,15 @@ domain: "{{domain_moodle}}" http_port: 8026 +- name: setup taiga instance + hosts: taiga + become: true + roles: + - role: docker-taiga + vars: + domain: "{{domain_taiga}}" + http_port: 8027 + # Native Webserver Roles - name: setup nginx-homepages hosts: homepage diff --git a/roles/docker-taiga/templates/docker-compose.yml.j2 b/roles/docker-taiga/templates/docker-compose.yml.j2 index 13d2b26f..422d3780 100644 --- a/roles/docker-taiga/templates/docker-compose.yml.j2 +++ b/roles/docker-taiga/templates/docker-compose.yml.j2 @@ -134,7 +134,7 @@ services: taiga-gateway: image: nginx:1.19-alpine ports: - - "9000:80" + - "9000:{{http_port}}" volumes: - ./taiga-gateway/taiga.conf:/etc/nginx/conf.d/default.conf - static-data:/taiga/static From 27b2238167b2027373fe6ec1d31e73fa76a6c6b6 Mon Sep 17 00:00:00 2001 From: Kevin Veen-Birkenbach Date: Sun, 26 May 2024 22:49:31 +0200 Subject: [PATCH 06/15] Refactored and optimized code for taiga --- roles/docker-akaunting/vars/main.yml | 1 - roles/docker-attendize/vars/main.yml | 1 - roles/docker-openproject/vars/main.yml | 1 - roles/docker-taiga/tasks/main.yml | 2 +- roles/docker-taiga/templates/.env.j2 | 2 +- roles/docker-taiga/templates/docker-compose-inits.yml.j2 | 5 ++--- roles/docker-taiga/templates/docker-compose.yml.j2 | 4 +--- roles/docker-taiga/vars/main.yml | 5 ++--- tasks/update-repository-with-docker-compose.yml | 2 +- tasks/update-repository-with-files.yml | 2 +- 10 files changed, 9 insertions(+), 16 deletions(-) diff --git a/roles/docker-akaunting/vars/main.yml b/roles/docker-akaunting/vars/main.yml index bca7ceff..93c204cd 100644 --- a/roles/docker-akaunting/vars/main.yml +++ b/roles/docker-akaunting/vars/main.yml @@ -1,5 +1,4 @@ docker_compose_project_name: "akaunting" -docker_compose_file_path: "{{docker_compose_instance_directory}}docker-compose.yml" database_type: "mariadb" database_password: "{{akaunting_database_password}}" repository_address: "https://github.com/akaunting/docker.git" diff --git a/roles/docker-attendize/vars/main.yml b/roles/docker-attendize/vars/main.yml index 3cb4e12a..91472087 100644 --- a/roles/docker-attendize/vars/main.yml +++ b/roles/docker-attendize/vars/main.yml @@ -1,6 +1,5 @@ --- docker_compose_project_name: "attendize" -docker_compose_file_path: "{{docker_compose_instance_directory}}docker-compose.yml" mail_interface_domain: "mail.{{domain}}" database_type: "mariadb" database_password: "{{attendize_database_password}}" diff --git a/roles/docker-openproject/vars/main.yml b/roles/docker-openproject/vars/main.yml index a663d197..766d3a50 100644 --- a/roles/docker-openproject/vars/main.yml +++ b/roles/docker-openproject/vars/main.yml @@ -1,7 +1,6 @@ docker_compose_project_name: "openproject" repository_directory: "{{ path_docker_compose_instances }}{{docker_compose_project_name}}/" docker_compose_instance_directory: "{{repository_directory}}compose/" -docker_compose_file_path: "{{docker_compose_instance_directory}}docker-compose.yml" database_password: "{{openproject_database_password}}" repository_address: "https://github.com/opf/openproject-deploy" database_type: "postgres" diff --git a/roles/docker-taiga/tasks/main.yml b/roles/docker-taiga/tasks/main.yml index 3961c332..29283caa 100644 --- a/roles/docker-taiga/tasks/main.yml +++ b/roles/docker-taiga/tasks/main.yml @@ -11,4 +11,4 @@ detached_files: - .env - docker-compose.yml - - docker-compose-init.yml + - docker-compose-inits.yml diff --git a/roles/docker-taiga/templates/.env.j2 b/roles/docker-taiga/templates/.env.j2 index 8f138c5b..0589dcac 100644 --- a/roles/docker-taiga/templates/.env.j2 +++ b/roles/docker-taiga/templates/.env.j2 @@ -5,7 +5,7 @@ SUBPATH="" # it'll be appended to the TAIGA_DOMAIN (use either "" or a "/subpath WEBSOCKETS_SCHEME=wss # events connection protocol (use either "ws" or "wss") # Taiga's Secret Key - Variable to provide cryptographic signing -SECRET_KEY="{{taigaio_secret_key}}" # Please, change it to an unpredictable value!! +SECRET_KEY="{{taiga_secret_key}}" # Please, change it to an unpredictable value!! # Taiga's Database settings - Variables to create the Taiga database and connect to it POSTGRES_USER={{database_username}} # user to connect to PostgreSQL diff --git a/roles/docker-taiga/templates/docker-compose-inits.yml.j2 b/roles/docker-taiga/templates/docker-compose-inits.yml.j2 index 27ee9bf9..0cf504ad 100644 --- a/roles/docker-taiga/templates/docker-compose-inits.yml.j2 +++ b/roles/docker-taiga/templates/docker-compose-inits.yml.j2 @@ -1,5 +1,3 @@ -version: "3.5" - x-environment: &default-back-environment POSTGRES_DB: "{{database_name}}" @@ -35,8 +33,9 @@ services: image: taigaio/taiga-back:latest environment: *default-back-environment {% include 'templates/docker/container/depends-on-just-database.yml.j2' %} +{% include 'templates/docker/container/networks.yml.j2' %} entrypoint: "python manage.py" volumes: *default-back-volumes {% include 'templates/docker/compose/networks.yml.j2' %} - taiga: \ No newline at end of file + taiga: diff --git a/roles/docker-taiga/templates/docker-compose.yml.j2 b/roles/docker-taiga/templates/docker-compose.yml.j2 index 422d3780..bbb7e2d2 100644 --- a/roles/docker-taiga/templates/docker-compose.yml.j2 +++ b/roles/docker-taiga/templates/docker-compose.yml.j2 @@ -1,5 +1,3 @@ -version: "3.5" - x-environment: &default-back-environment # These environment variables will be used by taiga-back and taiga-async. @@ -154,4 +152,4 @@ services: events-rabbitmq-data: {% include 'templates/docker/compose/networks.yml.j2' %} - taiga: \ No newline at end of file + taiga: diff --git a/roles/docker-taiga/vars/main.yml b/roles/docker-taiga/vars/main.yml index 9f2e839a..a93122fc 100644 --- a/roles/docker-taiga/vars/main.yml +++ b/roles/docker-taiga/vars/main.yml @@ -1,5 +1,4 @@ -docker_compose_project_name: "taigaio" -docker_compose_file_path: "{{docker_compose_instance_directory}}docker-compose.yml" +docker_compose_project_name: "taiga" database_type: "postgres" -database_password: "{{taigaio_database_password}}" +database_password: "{{taiga_database_password}}" repository_address: "https://github.com/taigaio/taiga-docker" diff --git a/tasks/update-repository-with-docker-compose.yml b/tasks/update-repository-with-docker-compose.yml index d98fe203..f0dd951c 100644 --- a/tasks/update-repository-with-docker-compose.yml +++ b/tasks/update-repository-with-docker-compose.yml @@ -2,4 +2,4 @@ include_tasks: update-repository-with-files.yml vars: detached_files: - - "{{docker_compose_file_path}}" \ No newline at end of file + - "docker-compose.yml" \ No newline at end of file diff --git a/tasks/update-repository-with-files.yml b/tasks/update-repository-with-files.yml index f62aecf4..4c985139 100644 --- a/tasks/update-repository-with-files.yml +++ b/tasks/update-repository-with-files.yml @@ -16,7 +16,7 @@ - name: pull docker repository git: repo: "{{ repository_address }}" - dest: "{{ repository_directory }}" + dest: "{{ repository_directory | default(docker_compose_instance_directory) }}" update: yes notify: docker compose project setup become: true From 0c5491de9f389bcd34eb632a79208012b91642a5 Mon Sep 17 00:00:00 2001 From: Kevin Veen-Birkenbach Date: Sun, 26 May 2024 22:57:52 +0200 Subject: [PATCH 07/15] Solved typo --- templates/docker/container/depends-on-database-redis.yml.j2 | 2 +- templates/docker/container/depends-on-just-database.yml.j2 | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/templates/docker/container/depends-on-database-redis.yml.j2 b/templates/docker/container/depends-on-database-redis.yml.j2 index f15a5cfb..b770de7b 100644 --- a/templates/docker/container/depends-on-database-redis.yml.j2 +++ b/templates/docker/container/depends-on-database-redis.yml.j2 @@ -1,4 +1,4 @@ -# This template needs to be included in docker-compose.yml contaienrs, which depend on a database, redis and optional additional volumes +# This template needs to be included in docker-compose.yml containers, which depend on a database, redis and optional additional volumes depends_on: {% if not enable_central_database | bool %} database: diff --git a/templates/docker/container/depends-on-just-database.yml.j2 b/templates/docker/container/depends-on-just-database.yml.j2 index 19490a23..fa23fa93 100644 --- a/templates/docker/container/depends-on-just-database.yml.j2 +++ b/templates/docker/container/depends-on-just-database.yml.j2 @@ -1,4 +1,4 @@ -# This template needs to be included in docker-compose.yml contaienrs, which just depend on a database +# This template needs to be included in docker-compose.yml containers, which just depend on a database {% if not enable_central_database | bool %} depends_on: database: From 9871946e3862135989d00616cd69501cf2abf5b1 Mon Sep 17 00:00:00 2001 From: Kevin Veen-Birkenbach Date: Sun, 26 May 2024 23:24:00 +0200 Subject: [PATCH 08/15] Updated README.md --- roles/docker-postgres/README.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/roles/docker-postgres/README.md b/roles/docker-postgres/README.md index d8951d84..2d6b6a63 100644 --- a/roles/docker-postgres/README.md +++ b/roles/docker-postgres/README.md @@ -23,6 +23,12 @@ This Ansible role is designed to deploy a PostgreSQL database using Docker. It i 2. Include this role in your playbook. 3. Run the playbook against the target host. +## Root Access +To access the database via the root account execute the following on the server: +```bash +docker exec -it central-postgres psql -U postgres +``` + ## Notes - The PostgreSQL server is bound to `127.0.0.1:5432` on the host machine, making it accessible only from localhost. - Ensure that the provided passwords are secure and stored securely, preferably using Ansible Vault or another encryption method. \ No newline at end of file From e6ed291f3de8b2c8a9bf33277b2872ff21c3d948 Mon Sep 17 00:00:00 2001 From: Kevin Veen-Birkenbach Date: Mon, 27 May 2024 00:07:51 +0200 Subject: [PATCH 09/15] Solved taiga bugs --- roles/docker-taiga/templates/.env.j2 | 2 +- roles/docker-taiga/templates/docker-compose.yml.j2 | 12 ++++++------ 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/roles/docker-taiga/templates/.env.j2 b/roles/docker-taiga/templates/.env.j2 index 0589dcac..ec9dd0e8 100644 --- a/roles/docker-taiga/templates/.env.j2 +++ b/roles/docker-taiga/templates/.env.j2 @@ -9,7 +9,7 @@ SECRET_KEY="{{taiga_secret_key}}" # Please, change it to an unpredictable value # Taiga's Database settings - Variables to create the Taiga database and connect to it POSTGRES_USER={{database_username}} # user to connect to PostgreSQL -POSTGRES_PASSWORD={{peertube_database_password}} # database user's password +POSTGRES_PASSWORD={{database_password}} # database user's password # Taiga's SMTP settings - Variables to send Taiga's emails to the users EMAIL_BACKEND = console # use an SMTP server or display the emails in the console (either "smtp" or "console") diff --git a/roles/docker-taiga/templates/docker-compose.yml.j2 b/roles/docker-taiga/templates/docker-compose.yml.j2 index bbb7e2d2..3711fc8c 100644 --- a/roles/docker-taiga/templates/docker-compose.yml.j2 +++ b/roles/docker-taiga/templates/docker-compose.yml.j2 @@ -37,7 +37,7 @@ x-volumes: services: {% include 'templates/docker/services/' + database_type + '.yml.j2' %} - back: + taiga-back: image: taigaio/taiga-back:latest environment: *default-back-environment volumes: *default-back-volumes @@ -80,7 +80,7 @@ services: {% include 'templates/docker/container/networks.yml.j2' %} taiga: - front: + taiga-front: image: taigaio/taiga-front:latest environment: TAIGA_URL: "${TAIGA_SCHEME}://${TAIGA_DOMAIN}" @@ -93,7 +93,7 @@ services: # volumes: # - ./conf.json:/usr/share/nginx/html/conf.json - events: + taiga-events: image: taigaio/taiga-events:latest environment: RABBITMQ_USER: "${RABBITMQ_USER}" @@ -141,9 +141,9 @@ services: {% include 'templates/docker/container/networks.yml.j2' %} taiga: depends_on: - - front - - back - - events + - taiga-front + - taiga-back + - taiga-events {% include 'templates/docker/compose/volumes.yml.j2' %} static-data: From 9121c16ab3d80a17f9cebf220408766a294ffcd2 Mon Sep 17 00:00:00 2001 From: Kevin Veen-Birkenbach Date: Mon, 27 May 2024 00:29:54 +0200 Subject: [PATCH 10/15] Solved taiga routing bug --- roles/docker-taiga/templates/docker-compose.yml.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/docker-taiga/templates/docker-compose.yml.j2 b/roles/docker-taiga/templates/docker-compose.yml.j2 index 3711fc8c..2edba8a1 100644 --- a/roles/docker-taiga/templates/docker-compose.yml.j2 +++ b/roles/docker-taiga/templates/docker-compose.yml.j2 @@ -132,7 +132,7 @@ services: taiga-gateway: image: nginx:1.19-alpine ports: - - "9000:{{http_port}}" + - "{{http_port}}:80" volumes: - ./taiga-gateway/taiga.conf:/etc/nginx/conf.d/default.conf - static-data:/taiga/static From 3c1133b2d125b79e5e9280d1efd75ab41da7a6b1 Mon Sep 17 00:00:00 2001 From: Kevin Veen-Birkenbach Date: Mon, 27 May 2024 01:05:43 +0200 Subject: [PATCH 11/15] Solved taiga container naming bug and added logging and restart policies --- .../templates/docker-compose.yml.j2 | 32 ++++++++++++++++--- 1 file changed, 28 insertions(+), 4 deletions(-) diff --git a/roles/docker-taiga/templates/docker-compose.yml.j2 b/roles/docker-taiga/templates/docker-compose.yml.j2 index 2edba8a1..b4d0b84c 100644 --- a/roles/docker-taiga/templates/docker-compose.yml.j2 +++ b/roles/docker-taiga/templates/docker-compose.yml.j2 @@ -38,6 +38,9 @@ x-volumes: services: {% include 'templates/docker/services/' + database_type + '.yml.j2' %} taiga-back: + restart: {{docker_restart_policy}} + logging: + driver: journald image: taigaio/taiga-back:latest environment: *default-back-environment volumes: *default-back-volumes @@ -46,12 +49,15 @@ services: taiga: {% include 'templates/docker/container/depends-on-also-database.yml.j2' %} - events-rabbitmq: + taiga-events-rabbitmq: condition: service_started taiga-async-rabbitmq: condition: service_started taiga-async: + restart: {{docker_restart_policy}} + logging: + driver: journald image: taigaio/taiga-back:latest entrypoint: ["/taiga-back/docker/async_entrypoint.sh"] environment: *default-back-environment @@ -61,7 +67,7 @@ services: taiga: {% include 'templates/docker/container/depends-on-also-database.yml.j2' %} - events-rabbitmq: + taiga-events-rabbitmq: condition: service_started taiga-async-rabbitmq: condition: service_started @@ -76,6 +82,9 @@ services: hostname: "taiga-async-rabbitmq" volumes: - async-rabbitmq-data:/var/lib/rabbitmq + restart: {{docker_restart_policy}} + logging: + driver: journald {% include 'templates/docker/container/networks.yml.j2' %} taiga: @@ -87,6 +96,9 @@ services: TAIGA_WEBSOCKETS_URL: "${WEBSOCKETS_SCHEME}://${TAIGA_DOMAIN}" TAIGA_SUBPATH: "${SUBPATH}" # ...your customizations go here + restart: {{docker_restart_policy}} + logging: + driver: journald {% include 'templates/docker/container/networks.yml.j2' %} taiga: @@ -99,14 +111,17 @@ services: RABBITMQ_USER: "${RABBITMQ_USER}" RABBITMQ_PASS: "${RABBITMQ_PASS}" TAIGA_SECRET_KEY: "${SECRET_KEY}" + restart: {{docker_restart_policy}} + logging: + driver: journald {% include 'templates/docker/container/networks.yml.j2' %} taiga: depends_on: - events-rabbitmq: + taiga-events-rabbitmq: condition: service_started - events-rabbitmq: + taiga-events-rabbitmq: image: rabbitmq:3.8-management-alpine environment: RABBITMQ_ERLANG_COOKIE: "${RABBITMQ_ERLANG_COOKIE}" @@ -116,6 +131,9 @@ services: hostname: "events-rabbitmq" volumes: - events-rabbitmq-data:/var/lib/rabbitmq + restart: {{docker_restart_policy}} + logging: + driver: journald {% include 'templates/docker/container/networks.yml.j2' %} taiga: @@ -125,6 +143,9 @@ services: environment: MAX_AGE: "${ATTACHMENTS_MAX_AGE}" SECRET_KEY: "${SECRET_KEY}" + restart: {{docker_restart_policy}} + logging: + driver: journald {% include 'templates/docker/container/networks.yml.j2' %} taiga: @@ -137,6 +158,9 @@ services: - ./taiga-gateway/taiga.conf:/etc/nginx/conf.d/default.conf - static-data:/taiga/static - media-data:/taiga/media + restart: {{docker_restart_policy}} + logging: + driver: journald {% include 'templates/docker/container/networks.yml.j2' %} taiga: From 0866b498acd474dedf24883c60f00d631dbb95ad Mon Sep 17 00:00:00 2001 From: Kevin Veen-Birkenbach Date: Mon, 27 May 2024 01:35:14 +0200 Subject: [PATCH 12/15] Added README.md for taiga --- roles/docker-taiga/README.md | 38 ++++++++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) diff --git a/roles/docker-taiga/README.md b/roles/docker-taiga/README.md index e69de29b..acfae32b 100644 --- a/roles/docker-taiga/README.md +++ b/roles/docker-taiga/README.md @@ -0,0 +1,38 @@ +# Docker Taiga Role 🐳📋 + +This Ansible role sets up and configures a Taiga project management platform using Docker. It includes tasks for setting up the database, Nginx proxy, and updating the repository with necessary files. + +## Table of Contents + +- [Tasks](#tasks) +- [Variables](#variables) +- [Templates](#templates) +- [Author](#author) + +## Tasks + +The main tasks included in this role are: + +- Setting up the database. +- Configuring Nginx as a proxy. +- Updating the repository with necessary files. + +## Variables + +Key variables used in this role include the Docker Compose project name, database type and password, and the repository address. + +## Templates + +The role includes several Jinja2 templates to configure the environment and Docker Compose setup, including: + +- **docker-compose-inits.yml.j2** +- **.env.j2** +- **docker-compose.yml.j2** + +## Author + +This role was created by Kevin Veen-Birkenbach. You can reach him at [kevin@veen.world](mailto:kevin@veen.world). Visit his website at [veen.world](https://www.veen.world/). + +## Note + +This README was created with the assistance of ChatGPT. [Link to conversation](https://chatgpt.com/share/fee718ab-cfe1-46f3-b97f-8f8c896ffd11). From f7a93a18d1158929f551c62ef9386dbd111a4a20 Mon Sep 17 00:00:00 2001 From: Kevin Veen-Birkenbach Date: Mon, 27 May 2024 23:24:21 +0200 Subject: [PATCH 13/15] Implemented System Btrfs Auto Balancer Role --- group_vars/all | 2 +- playbook.servers.yml | 2 ++ roles/system-btrfs-auto-balancer/README.md | 30 ++++++++++++++++++ .../handlers/main.yml | 4 +++ .../system-btrfs-auto-balancer/meta/main.yml | 3 ++ .../system-btrfs-auto-balancer/tasks/main.yml | 31 +++++++++++++++++++ .../system-btrfs-auto-balancer.service.j2 | 7 +++++ .../system-btrfs-auto-balancer/vars/main.yml | 1 + 8 files changed, 79 insertions(+), 1 deletion(-) create mode 100644 roles/system-btrfs-auto-balancer/README.md create mode 100644 roles/system-btrfs-auto-balancer/handlers/main.yml create mode 100644 roles/system-btrfs-auto-balancer/meta/main.yml create mode 100644 roles/system-btrfs-auto-balancer/tasks/main.yml create mode 100644 roles/system-btrfs-auto-balancer/templates/system-btrfs-auto-balancer.service.j2 create mode 100644 roles/system-btrfs-auto-balancer/vars/main.yml diff --git a/group_vars/all b/group_vars/all index f56917b1..927fdbf1 100644 --- a/group_vars/all +++ b/group_vars/all @@ -49,7 +49,7 @@ on_calendar_renew_lets_encrypt_certificates: "*-*-* 12,00:30:00" on_calendar_deploy_mailu_certificates: "*-*-* 13,01:30:00" # Deploy Mailu certificates twice per day on_calendar_msi_keyboard_color: "*-*-* *:*:00" # Change the keyboard color every minute on_calendar_cleanup_failed_docker: "*-*-* 12:00:00" # Clean up failed docker backups every noon - +on_calendar_btrfs_auto_balancer: "Sat *-*-01..07 00:00:00" # Execute btrfs auto balancer every first Saturday of a month # Storage Space-Related Configurations size_percent_maximum_backup: 75 # Maximum storage space in percent for backups diff --git a/playbook.servers.yml b/playbook.servers.yml index 090f5a07..a7587fa7 100644 --- a/playbook.servers.yml +++ b/playbook.servers.yml @@ -11,6 +11,8 @@ - health-disc-space - cleanup-disc-space - health-btrfs + - system-btrfs-auto-balancer + # Docker Roles - name: setup nextcloud hosts diff --git a/roles/system-btrfs-auto-balancer/README.md b/roles/system-btrfs-auto-balancer/README.md new file mode 100644 index 00000000..a905353f --- /dev/null +++ b/roles/system-btrfs-auto-balancer/README.md @@ -0,0 +1,30 @@ +# System Btrfs Auto Balancer Role 📦 + +This Ansible role automates the management and balancing of Btrfs file systems. It ensures that the Btrfs file system is maintained efficiently without manual intervention. + +## Features ✨ + +- **Automatic Cloning of Repository:** Fetches the latest `auto-btrfs-balancer` repository from GitHub. +- **Systemd Service Configuration:** Creates and configures a Systemd service to automatically run the balancing script. +- **Systemd Timer Integration:** Integrates a Systemd timer to run the balancing service at regular intervals. +- **Error Notification:** Notifies via Systemd in case of errors during the balancing process. + +## Prerequisites 📋 + +- **Ansible:** This role requires Ansible to run. +- **Systemd:** Target systems must support Systemd. +- **Git:** Git must be installed to clone the repository. + + +## Author ✍️ + +This role was created by [Kevin Veen-Birkenbach](https://www.veen.world). +- **Email:** kevin@veen.world +- **Website:** [veen.world](https://www.veen.world) + +## Contact ☎️ + +For questions or support, you can reach Kevin Veen-Birkenbach via [email](mailto:kevin@veen.world). + +## Created with AI +This README.md was created with the assistance of ChatGPT. You can view the conversation [here](https://chatgpt.com/share/dcec1b4a-c7a8-4cf8-a87a-987eb0500857). diff --git a/roles/system-btrfs-auto-balancer/handlers/main.yml b/roles/system-btrfs-auto-balancer/handlers/main.yml new file mode 100644 index 00000000..cbd52a8b --- /dev/null +++ b/roles/system-btrfs-auto-balancer/handlers/main.yml @@ -0,0 +1,4 @@ +- name: "reload system-btrfs-auto-balancer.cymais.service" + systemd: + name: system-btrfs-auto-balancer.cymais.service + daemon_reload: yes \ No newline at end of file diff --git a/roles/system-btrfs-auto-balancer/meta/main.yml b/roles/system-btrfs-auto-balancer/meta/main.yml new file mode 100644 index 00000000..23ff4d5f --- /dev/null +++ b/roles/system-btrfs-auto-balancer/meta/main.yml @@ -0,0 +1,3 @@ +dependencies: + - git + - systemd-notifier \ No newline at end of file diff --git a/roles/system-btrfs-auto-balancer/tasks/main.yml b/roles/system-btrfs-auto-balancer/tasks/main.yml new file mode 100644 index 00000000..4c665390 --- /dev/null +++ b/roles/system-btrfs-auto-balancer/tasks/main.yml @@ -0,0 +1,31 @@ +- name: pull auto-btrfs-balancer.git + git: + repo: "https://github.com/kevinveenbirkenbach/auto-btrfs-balancer.git" + dest: "{{system_btrfs_auto_balancer_folder}}" + update: yes + ignore_errors: true + when: run_once_system_btrfs_auto_balancer is not defined + +- name: configure system-btrfs-auto-balancer.cymais.service + template: + src: system-btrfs-auto-balancer.service.j2 + dest: /etc/systemd/system/system-btrfs-auto-balancer.cymais.service + notify: reload system-btrfs-auto-balancer.cymais.service + when: run_once_system_btrfs_auto_balancer is not defined + +- name: set service_name to the name of the current role + set_fact: + service_name: "{{ role_name }}" + when: run_once_system_btrfs_auto_balancer is not defined + +- name: "include role for systemd-timer for {{service_name}}" + include_role: + name: systemd-timer + vars: + on_calendar: "{{on_calendar_btrfs_auto_balancer}}" + when: run_once_system_btrfs_auto_balancer is not defined + +- name: run the system_btrfs_auto_balancer tasks once + set_fact: + run_once_system_btrfs_auto_balancer: true + when: run_once_system_btrfs_auto_balancer is not defined diff --git a/roles/system-btrfs-auto-balancer/templates/system-btrfs-auto-balancer.service.j2 b/roles/system-btrfs-auto-balancer/templates/system-btrfs-auto-balancer.service.j2 new file mode 100644 index 00000000..2be59062 --- /dev/null +++ b/roles/system-btrfs-auto-balancer/templates/system-btrfs-auto-balancer.service.j2 @@ -0,0 +1,7 @@ +[Unit] +Description=auto balance btrfs +OnFailure=systemd-notifier.cymais@%n.service + +[Service] +Type=oneshot +ExecStart=/bin/sh -c '/usr/bin/python {{system_btrfs_auto_balancer_folder}}main.py 90 10' \ No newline at end of file diff --git a/roles/system-btrfs-auto-balancer/vars/main.yml b/roles/system-btrfs-auto-balancer/vars/main.yml new file mode 100644 index 00000000..fc4d7ccf --- /dev/null +++ b/roles/system-btrfs-auto-balancer/vars/main.yml @@ -0,0 +1 @@ +system_btrfs_auto_balancer_folder: "{{path_administrator_scripts}}auto-btrfs-balancer/" \ No newline at end of file From b28c8ba24755b1c96886275e003cea6a966998e6 Mon Sep 17 00:00:00 2001 From: Kevin Veen-Birkenbach Date: Wed, 10 Jul 2024 19:24:52 +0200 Subject: [PATCH 14/15] Implemented peertube version --- group_vars/all | 3 +++ roles/docker-peertube/templates/docker-compose.yml.j2 | 2 +- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/group_vars/all b/group_vars/all index 927fdbf1..07809234 100644 --- a/group_vars/all +++ b/group_vars/all @@ -214,6 +214,9 @@ moodle_user_email: "{{administrator_email}}" #### Nextcloud nextcloud_version: "production" # Danger: Nextcloud can't skipp major version updates. +#### Peertube +peertube_version: "bookworm" + #### Pixelfed pixelfed_app_name: "Pictures on {{top_domain}}" diff --git a/roles/docker-peertube/templates/docker-compose.yml.j2 b/roles/docker-peertube/templates/docker-compose.yml.j2 index 919e912b..71e8d4d0 100644 --- a/roles/docker-peertube/templates/docker-compose.yml.j2 +++ b/roles/docker-peertube/templates/docker-compose.yml.j2 @@ -5,7 +5,7 @@ services: {% include 'templates/docker/services/' + database_type + '.yml.j2' %} application: - image: chocobozzz/peertube:production-bullseye + image: chocobozzz/peertube:production-{{peertube_version}} env_file: - .env ports: From e9d50b0e268c7c8e4d49da38f42d3a734ea94ebe Mon Sep 17 00:00:00 2001 From: Kevin Veen-Birkenbach Date: Wed, 10 Jul 2024 19:56:53 +0200 Subject: [PATCH 15/15] Added upgrade hints --- roles/docker-peertube/README.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/roles/docker-peertube/README.md b/roles/docker-peertube/README.md index 8e5f840e..c21009ae 100644 --- a/roles/docker-peertube/README.md +++ b/roles/docker-peertube/README.md @@ -28,6 +28,9 @@ apt update && apt install nano && nano ./config/default.yaml docker logs peertube-application-1 | grep -A1 root ``` +## upgrade version +- https://docs.joinpeertube.org/install/docker + ## further information - https://docs.joinpeertube.org/install-docker - https://github.com/Chocobozzz/PeerTube/issues/3091 \ No newline at end of file