mirror of
https://github.com/kevinveenbirkenbach/computer-playbook.git
synced 2024-11-24 13:41:03 +01:00
Merge branch 'master' of github.com:kevinveenbirkenbach/cymais
This commit is contained in:
commit
1c8b05d88f
@ -49,7 +49,7 @@ on_calendar_renew_lets_encrypt_certificates: "*-*-* 12,00:30:00"
|
|||||||
on_calendar_deploy_mailu_certificates: "*-*-* 13,01:30:00" # Deploy Mailu certificates twice per day
|
on_calendar_deploy_mailu_certificates: "*-*-* 13,01:30:00" # Deploy Mailu certificates twice per day
|
||||||
on_calendar_msi_keyboard_color: "*-*-* *:*:00" # Change the keyboard color every minute
|
on_calendar_msi_keyboard_color: "*-*-* *:*:00" # Change the keyboard color every minute
|
||||||
on_calendar_cleanup_failed_docker: "*-*-* 12:00:00" # Clean up failed docker backups every noon
|
on_calendar_cleanup_failed_docker: "*-*-* 12:00:00" # Clean up failed docker backups every noon
|
||||||
|
on_calendar_btrfs_auto_balancer: "Sat *-*-01..07 00:00:00" # Execute btrfs auto balancer every first Saturday of a month
|
||||||
|
|
||||||
# Storage Space-Related Configurations
|
# Storage Space-Related Configurations
|
||||||
size_percent_maximum_backup: 75 # Maximum storage space in percent for backups
|
size_percent_maximum_backup: 75 # Maximum storage space in percent for backups
|
||||||
@ -119,10 +119,11 @@ nginx_homepage_root: "/usr/share/nginx/homepage/"
|
|||||||
|
|
||||||
### Service Domains
|
### Service Domains
|
||||||
domain_akaunting: "accounting.{{top_domain}}"
|
domain_akaunting: "accounting.{{top_domain}}"
|
||||||
|
domain_attendize: "tickets.{{top_domain}}"
|
||||||
domain_baserow: "baserow.{{top_domain}}"
|
domain_baserow: "baserow.{{top_domain}}"
|
||||||
domain_bigbluebutton: "meet.{{top_domain}}"
|
domain_bigbluebutton: "meet.{{top_domain}}"
|
||||||
domain_elk: "elk.{{top_domain}}"
|
|
||||||
domain_discourse: "forum.{{top_domain}}"
|
domain_discourse: "forum.{{top_domain}}"
|
||||||
|
domain_elk: "elk.{{top_domain}}"
|
||||||
domain_funkwhale: "music.{{top_domain}}"
|
domain_funkwhale: "music.{{top_domain}}"
|
||||||
domain_gitea: "git.{{top_domain}}"
|
domain_gitea: "git.{{top_domain}}"
|
||||||
domain_gitlab: "gitlab.{{top_domain}}"
|
domain_gitlab: "gitlab.{{top_domain}}"
|
||||||
@ -136,13 +137,13 @@ domain_matrix_element: "element.{{top_domain}}"
|
|||||||
domain_moodle: "academy.{{top_domain}}"
|
domain_moodle: "academy.{{top_domain}}"
|
||||||
domain_mediawiki: "wiki.{{top_domain}}"
|
domain_mediawiki: "wiki.{{top_domain}}"
|
||||||
domain_nextcloud: "cloud.{{top_domain}}"
|
domain_nextcloud: "cloud.{{top_domain}}"
|
||||||
|
domain_openproject: "project.{{top_domain}}"
|
||||||
domain_pixelfed: "picture.{{top_domain}}"
|
domain_pixelfed: "picture.{{top_domain}}"
|
||||||
domain_peertube: "video.{{top_domain}}"
|
domain_peertube: "video.{{top_domain}}"
|
||||||
domains_peertube: []
|
domains_peertube: []
|
||||||
domain_roulette: "roulette.{{top_domain}}"
|
domain_roulette: "roulette.{{top_domain}}"
|
||||||
domain_attendize: "tickets.{{top_domain}}"
|
domain_taiga: "kanban.{{top_domain}}"
|
||||||
domain_yourls: "s.{{top_domain}}"
|
domain_yourls: "s.{{top_domain}}"
|
||||||
domain_openproject: "project.{{top_domain}}"
|
|
||||||
domains_wordpress: ["wordpress.{{top_domain}}","blog.{{top_domain}}"]
|
domains_wordpress: ["wordpress.{{top_domain}}","blog.{{top_domain}}"]
|
||||||
|
|
||||||
### Domain Redirects
|
### Domain Redirects
|
||||||
@ -160,6 +161,7 @@ redirect_domain_mappings:
|
|||||||
- { source: "pictures.{{top_domain}}", target: "{{domain_pixelfed}}" }
|
- { source: "pictures.{{top_domain}}", target: "{{domain_pixelfed}}" }
|
||||||
- { source: "pixelfed.{{top_domain}}", target: "{{domain_pixelfed}}" }
|
- { source: "pixelfed.{{top_domain}}", target: "{{domain_pixelfed}}" }
|
||||||
- { source: "short.{{top_domain}}", target: "{{domain_yourls}}" }
|
- { source: "short.{{top_domain}}", target: "{{domain_yourls}}" }
|
||||||
|
- { source: "taiga.{{top_domain}}", target: "{{domain_taiga}}" }
|
||||||
- { source: "videos.{{top_domain}}", target: "{{domain_peertube}}" }
|
- { source: "videos.{{top_domain}}", target: "{{domain_peertube}}" }
|
||||||
|
|
||||||
## Docker Applications
|
## Docker Applications
|
||||||
@ -212,6 +214,9 @@ moodle_user_email: "{{administrator_email}}"
|
|||||||
#### Nextcloud
|
#### Nextcloud
|
||||||
nextcloud_version: "production" # Danger: Nextcloud can't skipp major version updates.
|
nextcloud_version: "production" # Danger: Nextcloud can't skipp major version updates.
|
||||||
|
|
||||||
|
#### Peertube
|
||||||
|
peertube_version: "bookworm"
|
||||||
|
|
||||||
#### Pixelfed
|
#### Pixelfed
|
||||||
pixelfed_app_name: "Pictures on {{top_domain}}"
|
pixelfed_app_name: "Pictures on {{top_domain}}"
|
||||||
|
|
||||||
|
@ -11,6 +11,8 @@
|
|||||||
- health-disc-space
|
- health-disc-space
|
||||||
- cleanup-disc-space
|
- cleanup-disc-space
|
||||||
- health-btrfs
|
- health-btrfs
|
||||||
|
- system-btrfs-auto-balancer
|
||||||
|
|
||||||
|
|
||||||
# Docker Roles
|
# Docker Roles
|
||||||
- name: setup nextcloud hosts
|
- name: setup nextcloud hosts
|
||||||
@ -257,6 +259,15 @@
|
|||||||
domain: "{{domain_moodle}}"
|
domain: "{{domain_moodle}}"
|
||||||
http_port: 8026
|
http_port: 8026
|
||||||
|
|
||||||
|
- name: setup taiga instance
|
||||||
|
hosts: taiga
|
||||||
|
become: true
|
||||||
|
roles:
|
||||||
|
- role: docker-taiga
|
||||||
|
vars:
|
||||||
|
domain: "{{domain_taiga}}"
|
||||||
|
http_port: 8027
|
||||||
|
|
||||||
# Native Webserver Roles
|
# Native Webserver Roles
|
||||||
- name: setup nginx-homepages
|
- name: setup nginx-homepages
|
||||||
hosts: homepage
|
hosts: homepage
|
||||||
|
@ -1,6 +1,4 @@
|
|||||||
docker_compose_project_name: "akaunting"
|
docker_compose_project_name: "akaunting"
|
||||||
docker_compose_file_path: "{{docker_compose_instance_directory}}docker-compose.yml"
|
|
||||||
docker_compose_backup_path: "/tmp/{{docker_compose_project_name}}-docker-compose.yml.backup"
|
|
||||||
database_type: "mariadb"
|
database_type: "mariadb"
|
||||||
database_password: "{{akaunting_database_password}}"
|
database_password: "{{akaunting_database_password}}"
|
||||||
repository_address: "https://github.com/akaunting/docker.git"
|
repository_address: "https://github.com/akaunting/docker.git"
|
||||||
|
@ -1,7 +1,5 @@
|
|||||||
---
|
---
|
||||||
docker_compose_project_name: "attendize"
|
docker_compose_project_name: "attendize"
|
||||||
docker_compose_file_path: "{{docker_compose_instance_directory}}docker-compose.yml"
|
|
||||||
docker_compose_backup_path: "/tmp/{{docker_compose_project_name}}-docker-compose.yml.backup"
|
|
||||||
mail_interface_domain: "mail.{{domain}}"
|
mail_interface_domain: "mail.{{domain}}"
|
||||||
database_type: "mariadb"
|
database_type: "mariadb"
|
||||||
database_password: "{{attendize_database_password}}"
|
database_password: "{{attendize_database_password}}"
|
||||||
|
@ -1,8 +1,6 @@
|
|||||||
docker_compose_project_name: "openproject"
|
docker_compose_project_name: "openproject"
|
||||||
repository_directory: "{{ path_docker_compose_instances }}{{docker_compose_project_name}}/"
|
repository_directory: "{{ path_docker_compose_instances }}{{docker_compose_project_name}}/"
|
||||||
docker_compose_instance_directory: "{{repository_directory}}compose/"
|
docker_compose_instance_directory: "{{repository_directory}}compose/"
|
||||||
docker_compose_file_path: "{{docker_compose_instance_directory}}docker-compose.yml"
|
|
||||||
docker_compose_backup_path: "/tmp/{{docker_compose_project_name}}-docker-compose.yml.backup"
|
|
||||||
database_password: "{{openproject_database_password}}"
|
database_password: "{{openproject_database_password}}"
|
||||||
repository_address: "https://github.com/opf/openproject-deploy"
|
repository_address: "https://github.com/opf/openproject-deploy"
|
||||||
database_type: "postgres"
|
database_type: "postgres"
|
||||||
|
@ -28,6 +28,9 @@ apt update && apt install nano && nano ./config/default.yaml
|
|||||||
docker logs peertube-application-1 | grep -A1 root
|
docker logs peertube-application-1 | grep -A1 root
|
||||||
```
|
```
|
||||||
|
|
||||||
|
## upgrade version
|
||||||
|
- https://docs.joinpeertube.org/install/docker
|
||||||
|
|
||||||
## further information
|
## further information
|
||||||
- https://docs.joinpeertube.org/install-docker
|
- https://docs.joinpeertube.org/install-docker
|
||||||
- https://github.com/Chocobozzz/PeerTube/issues/3091
|
- https://github.com/Chocobozzz/PeerTube/issues/3091
|
@ -5,7 +5,7 @@ services:
|
|||||||
{% include 'templates/docker/services/' + database_type + '.yml.j2' %}
|
{% include 'templates/docker/services/' + database_type + '.yml.j2' %}
|
||||||
|
|
||||||
application:
|
application:
|
||||||
image: chocobozzz/peertube:production-bullseye
|
image: chocobozzz/peertube:production-{{peertube_version}}
|
||||||
env_file:
|
env_file:
|
||||||
- .env
|
- .env
|
||||||
ports:
|
ports:
|
||||||
|
@ -23,6 +23,12 @@ This Ansible role is designed to deploy a PostgreSQL database using Docker. It i
|
|||||||
2. Include this role in your playbook.
|
2. Include this role in your playbook.
|
||||||
3. Run the playbook against the target host.
|
3. Run the playbook against the target host.
|
||||||
|
|
||||||
|
## Root Access
|
||||||
|
To access the database via the root account execute the following on the server:
|
||||||
|
```bash
|
||||||
|
docker exec -it central-postgres psql -U postgres
|
||||||
|
```
|
||||||
|
|
||||||
## Notes
|
## Notes
|
||||||
- The PostgreSQL server is bound to `127.0.0.1:5432` on the host machine, making it accessible only from localhost.
|
- The PostgreSQL server is bound to `127.0.0.1:5432` on the host machine, making it accessible only from localhost.
|
||||||
- Ensure that the provided passwords are secure and stored securely, preferably using Ansible Vault or another encryption method.
|
- Ensure that the provided passwords are secure and stored securely, preferably using Ansible Vault or another encryption method.
|
38
roles/docker-taiga/README.md
Normal file
38
roles/docker-taiga/README.md
Normal file
@ -0,0 +1,38 @@
|
|||||||
|
# Docker Taiga Role 🐳📋
|
||||||
|
|
||||||
|
This Ansible role sets up and configures a Taiga project management platform using Docker. It includes tasks for setting up the database, Nginx proxy, and updating the repository with necessary files.
|
||||||
|
|
||||||
|
## Table of Contents
|
||||||
|
|
||||||
|
- [Tasks](#tasks)
|
||||||
|
- [Variables](#variables)
|
||||||
|
- [Templates](#templates)
|
||||||
|
- [Author](#author)
|
||||||
|
|
||||||
|
## Tasks
|
||||||
|
|
||||||
|
The main tasks included in this role are:
|
||||||
|
|
||||||
|
- Setting up the database.
|
||||||
|
- Configuring Nginx as a proxy.
|
||||||
|
- Updating the repository with necessary files.
|
||||||
|
|
||||||
|
## Variables
|
||||||
|
|
||||||
|
Key variables used in this role include the Docker Compose project name, database type and password, and the repository address.
|
||||||
|
|
||||||
|
## Templates
|
||||||
|
|
||||||
|
The role includes several Jinja2 templates to configure the environment and Docker Compose setup, including:
|
||||||
|
|
||||||
|
- **docker-compose-inits.yml.j2**
|
||||||
|
- **.env.j2**
|
||||||
|
- **docker-compose.yml.j2**
|
||||||
|
|
||||||
|
## Author
|
||||||
|
|
||||||
|
This role was created by Kevin Veen-Birkenbach. You can reach him at [kevin@veen.world](mailto:kevin@veen.world). Visit his website at [veen.world](https://www.veen.world/).
|
||||||
|
|
||||||
|
## Note
|
||||||
|
|
||||||
|
This README was created with the assistance of ChatGPT. [Link to conversation](https://chatgpt.com/share/fee718ab-cfe1-46f3-b97f-8f8c896ffd11).
|
14
roles/docker-taiga/tasks/main.yml
Normal file
14
roles/docker-taiga/tasks/main.yml
Normal file
@ -0,0 +1,14 @@
|
|||||||
|
---
|
||||||
|
- name: "include docker/compose/database.yml"
|
||||||
|
include_tasks: docker/compose/database.yml
|
||||||
|
|
||||||
|
- name: "include tasks nginx-docker-proxy-domain.yml"
|
||||||
|
include_tasks: nginx-docker-proxy-domain.yml
|
||||||
|
|
||||||
|
- name: "include tasks update-repository-with-files.yml"
|
||||||
|
include_tasks: update-repository-with-files.yml
|
||||||
|
vars:
|
||||||
|
detached_files:
|
||||||
|
- .env
|
||||||
|
- docker-compose.yml
|
||||||
|
- docker-compose-inits.yml
|
35
roles/docker-taiga/templates/.env.j2
Normal file
35
roles/docker-taiga/templates/.env.j2
Normal file
@ -0,0 +1,35 @@
|
|||||||
|
# Taiga's URLs - Variables to define where Taiga should be served
|
||||||
|
TAIGA_SCHEME=https # serve Taiga using "http" or "https" (secured) connection
|
||||||
|
TAIGA_DOMAIN= {{domain}} # Taiga's base URL
|
||||||
|
SUBPATH="" # it'll be appended to the TAIGA_DOMAIN (use either "" or a "/subpath")
|
||||||
|
WEBSOCKETS_SCHEME=wss # events connection protocol (use either "ws" or "wss")
|
||||||
|
|
||||||
|
# Taiga's Secret Key - Variable to provide cryptographic signing
|
||||||
|
SECRET_KEY="{{taiga_secret_key}}" # Please, change it to an unpredictable value!!
|
||||||
|
|
||||||
|
# Taiga's Database settings - Variables to create the Taiga database and connect to it
|
||||||
|
POSTGRES_USER={{database_username}} # user to connect to PostgreSQL
|
||||||
|
POSTGRES_PASSWORD={{database_password}} # database user's password
|
||||||
|
|
||||||
|
# Taiga's SMTP settings - Variables to send Taiga's emails to the users
|
||||||
|
EMAIL_BACKEND = console # use an SMTP server or display the emails in the console (either "smtp" or "console")
|
||||||
|
EMAIL_HOST = {{system_email_host}} # SMTP server address
|
||||||
|
EMAIL_PORT = {{system_email_smtp_port}} # default SMTP port
|
||||||
|
EMAIL_HOST_USER = {{system_email_username}} # user to connect the SMTP server
|
||||||
|
EMAIL_HOST_PASSWORD = {{system_email_password}} # SMTP user's password
|
||||||
|
EMAIL_DEFAULT_FROM = {{system_email}} # default email address for the automated emails
|
||||||
|
# EMAIL_USE_TLS/EMAIL_USE_SSL are mutually exclusive (only set one of those to True)
|
||||||
|
EMAIL_USE_TLS={{ system_email_tls | lower | capitalize }} # use TLS (secure) connection with the SMTP server
|
||||||
|
EMAIL_USE_SSL={{ 'False' if system_email_start_tls else 'True' }} # use implicit TLS (secure) connection with the SMTP server
|
||||||
|
|
||||||
|
# Taiga's RabbitMQ settings - Variables to leave messages for the realtime and asynchronous events
|
||||||
|
RABBITMQ_USER=taiga # user to connect to RabbitMQ
|
||||||
|
RABBITMQ_PASS=taiga # RabbitMQ user's password
|
||||||
|
RABBITMQ_VHOST=taiga # RabbitMQ container name
|
||||||
|
RABBITMQ_ERLANG_COOKIE=secret-erlang-cookie # unique value shared by any connected instance of RabbitMQ
|
||||||
|
|
||||||
|
# Taiga's Attachments - Variable to define how long the attachments will be accesible
|
||||||
|
ATTACHMENTS_MAX_AGE=360 # token expiration date (in seconds)
|
||||||
|
|
||||||
|
# Taiga's Telemetry - Variable to enable or disable the anonymous telemetry
|
||||||
|
ENABLE_TELEMETRY=True
|
41
roles/docker-taiga/templates/docker-compose-inits.yml.j2
Normal file
41
roles/docker-taiga/templates/docker-compose-inits.yml.j2
Normal file
@ -0,0 +1,41 @@
|
|||||||
|
x-environment:
|
||||||
|
&default-back-environment
|
||||||
|
POSTGRES_DB: "{{database_name}}"
|
||||||
|
POSTGRES_USER: "${POSTGRES_USER}"
|
||||||
|
POSTGRES_PASSWORD: "${POSTGRES_PASSWORD}"
|
||||||
|
POSTGRES_HOST: "{{database_host}}"
|
||||||
|
|
||||||
|
TAIGA_SECRET_KEY: "${SECRET_KEY}"
|
||||||
|
TAIGA_SITES_SCHEME: "${TAIGA_SCHEME}"
|
||||||
|
TAIGA_SITES_DOMAIN: "${TAIGA_DOMAIN}"
|
||||||
|
|
||||||
|
EMAIL_BACKEND: "django.core.mail.backends.${EMAIL_BACKEND}.EmailBackend"
|
||||||
|
DEFAULT_FROM_EMAIL: "${EMAIL_DEFAULT_FROM}"
|
||||||
|
EMAIL_USE_TLS: "${EMAIL_USE_TLS}"
|
||||||
|
EMAIL_USE_SSL: "${EMAIL_USE_SSL}"
|
||||||
|
EMAIL_HOST: "${EMAIL_HOST}"
|
||||||
|
EMAIL_PORT: "${EMAIL_PORT}"
|
||||||
|
EMAIL_HOST_USER: "${EMAIL_HOST_USER}"
|
||||||
|
EMAIL_HOST_PASSWORD: "${EMAIL_HOST_PASSWORD}"
|
||||||
|
|
||||||
|
RABBITMQ_USER: "${RABBITMQ_USER}"
|
||||||
|
RABBITMQ_PASS: "${RABBITMQ_PASS}"
|
||||||
|
CELERY_ENABLED: "False"
|
||||||
|
|
||||||
|
x-volumes:
|
||||||
|
&default-back-volumes
|
||||||
|
- static-data:/taiga-back/static
|
||||||
|
- media-data:/taiga-back/media
|
||||||
|
# - ./config.py:/taiga-back/settings/config.py
|
||||||
|
|
||||||
|
services:
|
||||||
|
taiga-manage:
|
||||||
|
image: taigaio/taiga-back:latest
|
||||||
|
environment: *default-back-environment
|
||||||
|
{% include 'templates/docker/container/depends-on-just-database.yml.j2' %}
|
||||||
|
{% include 'templates/docker/container/networks.yml.j2' %}
|
||||||
|
|
||||||
|
entrypoint: "python manage.py"
|
||||||
|
volumes: *default-back-volumes
|
||||||
|
{% include 'templates/docker/compose/networks.yml.j2' %}
|
||||||
|
taiga:
|
179
roles/docker-taiga/templates/docker-compose.yml.j2
Normal file
179
roles/docker-taiga/templates/docker-compose.yml.j2
Normal file
@ -0,0 +1,179 @@
|
|||||||
|
x-environment:
|
||||||
|
&default-back-environment
|
||||||
|
# These environment variables will be used by taiga-back and taiga-async.
|
||||||
|
# Database settings
|
||||||
|
POSTGRES_DB: "{{database_name}}"
|
||||||
|
POSTGRES_USER: "${POSTGRES_USER}"
|
||||||
|
POSTGRES_PASSWORD: "${POSTGRES_PASSWORD}"
|
||||||
|
POSTGRES_HOST: "{{database_host}}"
|
||||||
|
|
||||||
|
# Taiga settings
|
||||||
|
TAIGA_SECRET_KEY: "${SECRET_KEY}"
|
||||||
|
TAIGA_SITES_SCHEME: "${TAIGA_SCHEME}"
|
||||||
|
TAIGA_SITES_DOMAIN: "${TAIGA_DOMAIN}"
|
||||||
|
TAIGA_SUBPATH: "${SUBPATH}"
|
||||||
|
# Email settings.
|
||||||
|
EMAIL_BACKEND: "django.core.mail.backends.${EMAIL_BACKEND}.EmailBackend"
|
||||||
|
DEFAULT_FROM_EMAIL: "${EMAIL_DEFAULT_FROM}"
|
||||||
|
EMAIL_USE_TLS: "${EMAIL_USE_TLS}"
|
||||||
|
EMAIL_USE_SSL: "${EMAIL_USE_SSL}"
|
||||||
|
EMAIL_HOST: "${EMAIL_HOST}"
|
||||||
|
EMAIL_PORT: "${EMAIL_PORT}"
|
||||||
|
EMAIL_HOST_USER: "${EMAIL_HOST_USER}"
|
||||||
|
EMAIL_HOST_PASSWORD: "${EMAIL_HOST_PASSWORD}"
|
||||||
|
# Rabbitmq settings
|
||||||
|
RABBITMQ_USER: "${RABBITMQ_USER}"
|
||||||
|
RABBITMQ_PASS: "${RABBITMQ_PASS}"
|
||||||
|
# Telemetry settings
|
||||||
|
ENABLE_TELEMETRY: "${ENABLE_TELEMETRY}"
|
||||||
|
# ...your customizations go here
|
||||||
|
|
||||||
|
x-volumes:
|
||||||
|
&default-back-volumes
|
||||||
|
# These volumens will be used by taiga-back and taiga-async.
|
||||||
|
- static-data:/taiga-back/static
|
||||||
|
- media-data:/taiga-back/media
|
||||||
|
# - ./config.py:/taiga-back/settings/config.py
|
||||||
|
|
||||||
|
services:
|
||||||
|
{% include 'templates/docker/services/' + database_type + '.yml.j2' %}
|
||||||
|
taiga-back:
|
||||||
|
restart: {{docker_restart_policy}}
|
||||||
|
logging:
|
||||||
|
driver: journald
|
||||||
|
image: taigaio/taiga-back:latest
|
||||||
|
environment: *default-back-environment
|
||||||
|
volumes: *default-back-volumes
|
||||||
|
|
||||||
|
{% include 'templates/docker/container/networks.yml.j2' %}
|
||||||
|
taiga:
|
||||||
|
|
||||||
|
{% include 'templates/docker/container/depends-on-also-database.yml.j2' %}
|
||||||
|
taiga-events-rabbitmq:
|
||||||
|
condition: service_started
|
||||||
|
taiga-async-rabbitmq:
|
||||||
|
condition: service_started
|
||||||
|
|
||||||
|
taiga-async:
|
||||||
|
restart: {{docker_restart_policy}}
|
||||||
|
logging:
|
||||||
|
driver: journald
|
||||||
|
image: taigaio/taiga-back:latest
|
||||||
|
entrypoint: ["/taiga-back/docker/async_entrypoint.sh"]
|
||||||
|
environment: *default-back-environment
|
||||||
|
volumes: *default-back-volumes
|
||||||
|
|
||||||
|
{% include 'templates/docker/container/networks.yml.j2' %}
|
||||||
|
taiga:
|
||||||
|
|
||||||
|
{% include 'templates/docker/container/depends-on-also-database.yml.j2' %}
|
||||||
|
taiga-events-rabbitmq:
|
||||||
|
condition: service_started
|
||||||
|
taiga-async-rabbitmq:
|
||||||
|
condition: service_started
|
||||||
|
|
||||||
|
taiga-async-rabbitmq:
|
||||||
|
image: rabbitmq:3.8-management-alpine
|
||||||
|
environment:
|
||||||
|
RABBITMQ_ERLANG_COOKIE: "${RABBITMQ_ERLANG_COOKIE}"
|
||||||
|
RABBITMQ_DEFAULT_USER: "${RABBITMQ_USER}"
|
||||||
|
RABBITMQ_DEFAULT_PASS: "${RABBITMQ_PASS}"
|
||||||
|
RABBITMQ_DEFAULT_VHOST: "${RABBITMQ_VHOST}"
|
||||||
|
hostname: "taiga-async-rabbitmq"
|
||||||
|
volumes:
|
||||||
|
- async-rabbitmq-data:/var/lib/rabbitmq
|
||||||
|
restart: {{docker_restart_policy}}
|
||||||
|
logging:
|
||||||
|
driver: journald
|
||||||
|
|
||||||
|
{% include 'templates/docker/container/networks.yml.j2' %}
|
||||||
|
taiga:
|
||||||
|
|
||||||
|
taiga-front:
|
||||||
|
image: taigaio/taiga-front:latest
|
||||||
|
environment:
|
||||||
|
TAIGA_URL: "${TAIGA_SCHEME}://${TAIGA_DOMAIN}"
|
||||||
|
TAIGA_WEBSOCKETS_URL: "${WEBSOCKETS_SCHEME}://${TAIGA_DOMAIN}"
|
||||||
|
TAIGA_SUBPATH: "${SUBPATH}"
|
||||||
|
# ...your customizations go here
|
||||||
|
restart: {{docker_restart_policy}}
|
||||||
|
logging:
|
||||||
|
driver: journald
|
||||||
|
|
||||||
|
{% include 'templates/docker/container/networks.yml.j2' %}
|
||||||
|
taiga:
|
||||||
|
# volumes:
|
||||||
|
# - ./conf.json:/usr/share/nginx/html/conf.json
|
||||||
|
|
||||||
|
taiga-events:
|
||||||
|
image: taigaio/taiga-events:latest
|
||||||
|
environment:
|
||||||
|
RABBITMQ_USER: "${RABBITMQ_USER}"
|
||||||
|
RABBITMQ_PASS: "${RABBITMQ_PASS}"
|
||||||
|
TAIGA_SECRET_KEY: "${SECRET_KEY}"
|
||||||
|
restart: {{docker_restart_policy}}
|
||||||
|
logging:
|
||||||
|
driver: journald
|
||||||
|
|
||||||
|
{% include 'templates/docker/container/networks.yml.j2' %}
|
||||||
|
taiga:
|
||||||
|
depends_on:
|
||||||
|
taiga-events-rabbitmq:
|
||||||
|
condition: service_started
|
||||||
|
|
||||||
|
taiga-events-rabbitmq:
|
||||||
|
image: rabbitmq:3.8-management-alpine
|
||||||
|
environment:
|
||||||
|
RABBITMQ_ERLANG_COOKIE: "${RABBITMQ_ERLANG_COOKIE}"
|
||||||
|
RABBITMQ_DEFAULT_USER: "${RABBITMQ_USER}"
|
||||||
|
RABBITMQ_DEFAULT_PASS: "${RABBITMQ_PASS}"
|
||||||
|
RABBITMQ_DEFAULT_VHOST: "${RABBITMQ_VHOST}"
|
||||||
|
hostname: "events-rabbitmq"
|
||||||
|
volumes:
|
||||||
|
- events-rabbitmq-data:/var/lib/rabbitmq
|
||||||
|
restart: {{docker_restart_policy}}
|
||||||
|
logging:
|
||||||
|
driver: journald
|
||||||
|
|
||||||
|
{% include 'templates/docker/container/networks.yml.j2' %}
|
||||||
|
taiga:
|
||||||
|
|
||||||
|
taiga-protected:
|
||||||
|
image: taigaio/taiga-protected:latest
|
||||||
|
environment:
|
||||||
|
MAX_AGE: "${ATTACHMENTS_MAX_AGE}"
|
||||||
|
SECRET_KEY: "${SECRET_KEY}"
|
||||||
|
restart: {{docker_restart_policy}}
|
||||||
|
logging:
|
||||||
|
driver: journald
|
||||||
|
|
||||||
|
{% include 'templates/docker/container/networks.yml.j2' %}
|
||||||
|
taiga:
|
||||||
|
|
||||||
|
taiga-gateway:
|
||||||
|
image: nginx:1.19-alpine
|
||||||
|
ports:
|
||||||
|
- "{{http_port}}:80"
|
||||||
|
volumes:
|
||||||
|
- ./taiga-gateway/taiga.conf:/etc/nginx/conf.d/default.conf
|
||||||
|
- static-data:/taiga/static
|
||||||
|
- media-data:/taiga/media
|
||||||
|
restart: {{docker_restart_policy}}
|
||||||
|
logging:
|
||||||
|
driver: journald
|
||||||
|
|
||||||
|
{% include 'templates/docker/container/networks.yml.j2' %}
|
||||||
|
taiga:
|
||||||
|
depends_on:
|
||||||
|
- taiga-front
|
||||||
|
- taiga-back
|
||||||
|
- taiga-events
|
||||||
|
|
||||||
|
{% include 'templates/docker/compose/volumes.yml.j2' %}
|
||||||
|
static-data:
|
||||||
|
media-data:
|
||||||
|
async-rabbitmq-data:
|
||||||
|
events-rabbitmq-data:
|
||||||
|
|
||||||
|
{% include 'templates/docker/compose/networks.yml.j2' %}
|
||||||
|
taiga:
|
4
roles/docker-taiga/vars/main.yml
Normal file
4
roles/docker-taiga/vars/main.yml
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
docker_compose_project_name: "taiga"
|
||||||
|
database_type: "postgres"
|
||||||
|
database_password: "{{taiga_database_password}}"
|
||||||
|
repository_address: "https://github.com/taigaio/taiga-docker"
|
30
roles/system-btrfs-auto-balancer/README.md
Normal file
30
roles/system-btrfs-auto-balancer/README.md
Normal file
@ -0,0 +1,30 @@
|
|||||||
|
# System Btrfs Auto Balancer Role 📦
|
||||||
|
|
||||||
|
This Ansible role automates the management and balancing of Btrfs file systems. It ensures that the Btrfs file system is maintained efficiently without manual intervention.
|
||||||
|
|
||||||
|
## Features ✨
|
||||||
|
|
||||||
|
- **Automatic Cloning of Repository:** Fetches the latest `auto-btrfs-balancer` repository from GitHub.
|
||||||
|
- **Systemd Service Configuration:** Creates and configures a Systemd service to automatically run the balancing script.
|
||||||
|
- **Systemd Timer Integration:** Integrates a Systemd timer to run the balancing service at regular intervals.
|
||||||
|
- **Error Notification:** Notifies via Systemd in case of errors during the balancing process.
|
||||||
|
|
||||||
|
## Prerequisites 📋
|
||||||
|
|
||||||
|
- **Ansible:** This role requires Ansible to run.
|
||||||
|
- **Systemd:** Target systems must support Systemd.
|
||||||
|
- **Git:** Git must be installed to clone the repository.
|
||||||
|
|
||||||
|
|
||||||
|
## Author ✍️
|
||||||
|
|
||||||
|
This role was created by [Kevin Veen-Birkenbach](https://www.veen.world).
|
||||||
|
- **Email:** kevin@veen.world
|
||||||
|
- **Website:** [veen.world](https://www.veen.world)
|
||||||
|
|
||||||
|
## Contact ☎️
|
||||||
|
|
||||||
|
For questions or support, you can reach Kevin Veen-Birkenbach via [email](mailto:kevin@veen.world).
|
||||||
|
|
||||||
|
## Created with AI
|
||||||
|
This README.md was created with the assistance of ChatGPT. You can view the conversation [here](https://chatgpt.com/share/dcec1b4a-c7a8-4cf8-a87a-987eb0500857).
|
4
roles/system-btrfs-auto-balancer/handlers/main.yml
Normal file
4
roles/system-btrfs-auto-balancer/handlers/main.yml
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
- name: "reload system-btrfs-auto-balancer.cymais.service"
|
||||||
|
systemd:
|
||||||
|
name: system-btrfs-auto-balancer.cymais.service
|
||||||
|
daemon_reload: yes
|
3
roles/system-btrfs-auto-balancer/meta/main.yml
Normal file
3
roles/system-btrfs-auto-balancer/meta/main.yml
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
dependencies:
|
||||||
|
- git
|
||||||
|
- systemd-notifier
|
31
roles/system-btrfs-auto-balancer/tasks/main.yml
Normal file
31
roles/system-btrfs-auto-balancer/tasks/main.yml
Normal file
@ -0,0 +1,31 @@
|
|||||||
|
- name: pull auto-btrfs-balancer.git
|
||||||
|
git:
|
||||||
|
repo: "https://github.com/kevinveenbirkenbach/auto-btrfs-balancer.git"
|
||||||
|
dest: "{{system_btrfs_auto_balancer_folder}}"
|
||||||
|
update: yes
|
||||||
|
ignore_errors: true
|
||||||
|
when: run_once_system_btrfs_auto_balancer is not defined
|
||||||
|
|
||||||
|
- name: configure system-btrfs-auto-balancer.cymais.service
|
||||||
|
template:
|
||||||
|
src: system-btrfs-auto-balancer.service.j2
|
||||||
|
dest: /etc/systemd/system/system-btrfs-auto-balancer.cymais.service
|
||||||
|
notify: reload system-btrfs-auto-balancer.cymais.service
|
||||||
|
when: run_once_system_btrfs_auto_balancer is not defined
|
||||||
|
|
||||||
|
- name: set service_name to the name of the current role
|
||||||
|
set_fact:
|
||||||
|
service_name: "{{ role_name }}"
|
||||||
|
when: run_once_system_btrfs_auto_balancer is not defined
|
||||||
|
|
||||||
|
- name: "include role for systemd-timer for {{service_name}}"
|
||||||
|
include_role:
|
||||||
|
name: systemd-timer
|
||||||
|
vars:
|
||||||
|
on_calendar: "{{on_calendar_btrfs_auto_balancer}}"
|
||||||
|
when: run_once_system_btrfs_auto_balancer is not defined
|
||||||
|
|
||||||
|
- name: run the system_btrfs_auto_balancer tasks once
|
||||||
|
set_fact:
|
||||||
|
run_once_system_btrfs_auto_balancer: true
|
||||||
|
when: run_once_system_btrfs_auto_balancer is not defined
|
@ -0,0 +1,7 @@
|
|||||||
|
[Unit]
|
||||||
|
Description=auto balance btrfs
|
||||||
|
OnFailure=systemd-notifier.cymais@%n.service
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
Type=oneshot
|
||||||
|
ExecStart=/bin/sh -c '/usr/bin/python {{system_btrfs_auto_balancer_folder}}main.py 90 10'
|
1
roles/system-btrfs-auto-balancer/vars/main.yml
Normal file
1
roles/system-btrfs-auto-balancer/vars/main.yml
Normal file
@ -0,0 +1 @@
|
|||||||
|
system_btrfs_auto_balancer_folder: "{{path_administrator_scripts}}auto-btrfs-balancer/"
|
@ -1,34 +1,5 @@
|
|||||||
- name: "backup docker-compose.yml if it exists"
|
- name: "include tasks update-repository-with-files.yml"
|
||||||
command: >
|
include_tasks: update-repository-with-files.yml
|
||||||
mv "{{ docker_compose_file_path }}" "{{ docker_compose_backup_path }}"
|
vars:
|
||||||
args:
|
detached_files:
|
||||||
removes: "{{ docker_compose_file_path }}"
|
- "docker-compose.yml"
|
||||||
become: true
|
|
||||||
|
|
||||||
- name: checkout repository
|
|
||||||
ansible.builtin.shell: git checkout .
|
|
||||||
become: true
|
|
||||||
args:
|
|
||||||
chdir: "{{docker_compose_instance_directory}}"
|
|
||||||
ignore_errors: true
|
|
||||||
|
|
||||||
- name: pull docker repository
|
|
||||||
git:
|
|
||||||
repo: "{{ repository_address }}"
|
|
||||||
dest: "{{ repository_directory }}"
|
|
||||||
update: yes
|
|
||||||
notify: docker compose project setup
|
|
||||||
become: true
|
|
||||||
|
|
||||||
- name: "restore docker-compose.yml from backup"
|
|
||||||
command: >
|
|
||||||
mv "{{ docker_compose_backup_path }}" "{{ docker_compose_file_path }}"
|
|
||||||
args:
|
|
||||||
removes: "{{ docker_compose_backup_path }}"
|
|
||||||
become: true
|
|
||||||
|
|
||||||
- name: "copy docker-compose.yml"
|
|
||||||
template:
|
|
||||||
src: docker-compose.yml.j2
|
|
||||||
dest: "{{ docker_compose_file_path }}"
|
|
||||||
notify: docker compose project setup
|
|
37
tasks/update-repository-with-files.yml
Normal file
37
tasks/update-repository-with-files.yml
Normal file
@ -0,0 +1,37 @@
|
|||||||
|
- name: "backup docker-compose.yml if it exists"
|
||||||
|
command: >
|
||||||
|
mv "{{docker_compose_instance_directory}}{{ item }}" "/tmp/{{docker_compose_project_name}}-{{ item }}.backup"
|
||||||
|
args:
|
||||||
|
removes: "{{docker_compose_instance_directory}}{{ item }}"
|
||||||
|
become: true
|
||||||
|
loop: "{{ detached_files }}"
|
||||||
|
|
||||||
|
- name: checkout repository
|
||||||
|
ansible.builtin.shell: git checkout .
|
||||||
|
become: true
|
||||||
|
args:
|
||||||
|
chdir: "{{docker_compose_instance_directory}}"
|
||||||
|
ignore_errors: true
|
||||||
|
|
||||||
|
- name: pull docker repository
|
||||||
|
git:
|
||||||
|
repo: "{{ repository_address }}"
|
||||||
|
dest: "{{ repository_directory | default(docker_compose_instance_directory) }}"
|
||||||
|
update: yes
|
||||||
|
notify: docker compose project setup
|
||||||
|
become: true
|
||||||
|
|
||||||
|
- name: "restore docker-compose.yml from backup"
|
||||||
|
command: >
|
||||||
|
mv "/tmp/{{docker_compose_project_name}}-{{ item }}.backup" "{{docker_compose_instance_directory}}{{ item }}"
|
||||||
|
args:
|
||||||
|
removes: "/tmp/{{docker_compose_project_name}}-{{ item }}.backup"
|
||||||
|
become: true
|
||||||
|
loop: "{{ detached_files }}"
|
||||||
|
|
||||||
|
- name: "copy {{ item }}"
|
||||||
|
template:
|
||||||
|
src: "{{ item }}.j2"
|
||||||
|
dest: "{{docker_compose_instance_directory}}{{ item }}"
|
||||||
|
loop: "{{ detached_files }}"
|
||||||
|
notify: docker compose project setup
|
@ -1,4 +1,4 @@
|
|||||||
# This template needs to be included in docker-compose.yml contaienrs, which depend on a database, redis and optional additional volumes
|
# This template needs to be included in docker-compose.yml containers, which depend on a database, redis and optional additional volumes
|
||||||
depends_on:
|
depends_on:
|
||||||
{% if not enable_central_database | bool %}
|
{% if not enable_central_database | bool %}
|
||||||
database:
|
database:
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
# This template needs to be included in docker-compose.yml contaienrs, which just depend on a database
|
# This template needs to be included in docker-compose.yml containers, which just depend on a database
|
||||||
{% if not enable_central_database | bool %}
|
{% if not enable_central_database | bool %}
|
||||||
depends_on:
|
depends_on:
|
||||||
database:
|
database:
|
||||||
|
Loading…
Reference in New Issue
Block a user