From 30ccd30fa6e1d50e8334a8892a8d3c6064200ae5 Mon Sep 17 00:00:00 2001 From: Kevin Veen-Birkenbach Date: Mon, 3 Feb 2025 14:54:31 +0100 Subject: [PATCH] Optimized snipe-it role draft --- .../templates/docker-compose.yml | 18 ------ .../templates/docker-compose.yml.j2 | 26 ++++++++ .../docker-snipe-it/templates/{env => env.j2} | 60 +++++++++---------- 3 files changed, 56 insertions(+), 48 deletions(-) delete mode 100644 roles/docker-snipe-it/templates/docker-compose.yml create mode 100644 roles/docker-snipe-it/templates/docker-compose.yml.j2 rename roles/docker-snipe-it/templates/{env => env.j2} (72%) diff --git a/roles/docker-snipe-it/templates/docker-compose.yml b/roles/docker-snipe-it/templates/docker-compose.yml deleted file mode 100644 index 8fc3fa19..00000000 --- a/roles/docker-snipe-it/templates/docker-compose.yml +++ /dev/null @@ -1,18 +0,0 @@ -volumes: - db_data: - storage: - -services: - app: - image: snipe/snipe-it:${APP_VERSION} - restart: unless-stopped - volumes: - - storage:/var/lib/snipeit - ports: - - "${APP_PORT:-8000}:80" - depends_on: - db: - condition: service_healthy - restart: true - env_file: - - .env \ No newline at end of file diff --git a/roles/docker-snipe-it/templates/docker-compose.yml.j2 b/roles/docker-snipe-it/templates/docker-compose.yml.j2 new file mode 100644 index 00000000..18cf3924 --- /dev/null +++ b/roles/docker-snipe-it/templates/docker-compose.yml.j2 @@ -0,0 +1,26 @@ +volumes: + db_data: + storage: + +{% include 'templates/docker/services/redis.yml.j2' %} + +{% include 'templates/docker/services/' + database_type + '.yml.j2' %} + +services: + app: + image: snipe/snipe-it:${APP_VERSION} + restart: {{docker_restart_policy}} + volumes: + - data:/var/lib/snipeit + ports: + - "${APP_PORT}:80" +{% include 'templates/docker/container/depends-on-database-redis.yml.j2' %} + env_file: + - .env # Will also be read, without this parameter +{% include 'templates/docker/container/networks.yml.j2' %} + +{% include 'templates/docker/compose/volumes.yml.j2' %} + redis: + data: + +{% include 'templates/docker/compose/networks.yml.j2' %} \ No newline at end of file diff --git a/roles/docker-snipe-it/templates/env b/roles/docker-snipe-it/templates/env.j2 similarity index 72% rename from roles/docker-snipe-it/templates/env rename to roles/docker-snipe-it/templates/env.j2 index b88d75f7..c9c1ff2e 100644 --- a/roles/docker-snipe-it/templates/env +++ b/roles/docker-snipe-it/templates/env.j2 @@ -1,8 +1,8 @@ # -------------------------------------------- # REQUIRED: DOCKER SPECIFIC SETTINGS # -------------------------------------------- -APP_VERSION= -APP_PORT=8000 +APP_VERSION={{applications.snape-it.version}} +APP_PORT={{ports.localhost.http_ports.snipe-it}} # -------------------------------------------- # REQUIRED: BASIC APP SETTINGS @@ -11,10 +11,10 @@ APP_ENV=production APP_DEBUG=false # Please regenerate the APP_KEY value by calling `docker compose run --rm app php artisan key:generate --show`. Copy paste the value here APP_KEY=base64:3ilviXqB9u6DX1NRcyWGJ+sjySF+H18CPDGb3+IVwMQ= -APP_URL=http://localhost:8000 +APP_URL=https://{{domain}} # https://en.wikipedia.org/wiki/List_of_tz_database_time_zones - TZ identifier -APP_TIMEZONE='UTC' -APP_LOCALE=en-US +APP_TIMEZONE='{{timezone}}' +APP_LOCALE={{locale}} MAX_RESULTS=500 # -------------------------------------------- @@ -27,16 +27,16 @@ PUBLIC_FILESYSTEM_DISK=local_public # REQUIRED: DATABASE SETTINGS # -------------------------------------------- DB_CONNECTION=mysql -DB_HOST=db -DB_PORT='3306' -DB_DATABASE=snipeit -DB_USERNAME=snipeit -DB_PASSWORD=changeme1234 -MYSQL_ROOT_PASSWORD=changeme1234 -DB_PREFIX=null -DB_DUMP_PATH='/usr/bin' -DB_CHARSET=utf8mb4 -DB_COLLATION=utf8mb4_unicode_ci +DB_HOST={{database_host}} +DB_PORT={{database_port}} +DB_DATABASE={{database_name}} +DB_USERNAME={{database_username}} +DB_PASSWORD={{pixelfed_database_password}} +#MYSQL_ROOT_PASSWORD= +#DB_PREFIX=null +#DB_DUMP_PATH='/usr/bin' +#DB_CHARSET=utf8mb4 +#DB_COLLATION=utf8mb4_unicode_ci # -------------------------------------------- # OPTIONAL: SSL DATABASE SETTINGS @@ -52,17 +52,17 @@ DB_SSL_VERIFY_SERVER=null # -------------------------------------------- # REQUIRED: OUTGOING MAIL SERVER SETTINGS # -------------------------------------------- -MAIL_MAILER=smtp -MAIL_HOST=mailhog -MAIL_PORT=1025 -MAIL_USERNAME=null -MAIL_PASSWORD=null -MAIL_TLS_VERIFY_PEER=true -MAIL_FROM_ADDR=you@example.com -MAIL_FROM_NAME='Snipe-IT' -MAIL_REPLYTO_ADDR=you@example.com -MAIL_REPLYTO_NAME='Snipe-IT' -MAIL_AUTO_EMBED_METHOD='attachment' +MAIL_MAILER = smtp +MAIL_HOST = {{system_email.host}} # SMTP server address +MAIL_PORT = {{system_email.host}} # SMTP server address +MAIL_USERNAME = {{system_email.username}} # user to connect the SMTP server +MAIL_PASSWORD = {{system_email.password}} # SMTP user's password +MAIL_TLS_VERIFY_PEER = EMAIL_USE_TLS={{ system_email.tls | lower | capitalize }} # use TLS (secure) connection with the SMTP server +MAIL_FROM_ADDR = {{system_email.from}} # default email address for the automated emails +MAIL_FROM_NAME = 'Snipe-IT' +MAIL_REPLYTO_ADDR = {{system_email.from}} # default email address for the automated emails +MAIL_REPLYTO_NAME = 'Snipe-IT' +MAIL_AUTO_EMBED_METHOD = 'attachment' # -------------------------------------------- # REQUIRED: DATA PROTECTION @@ -97,12 +97,12 @@ API_TOKEN_EXPIRATION_YEARS=40 # -------------------------------------------- # OPTIONAL: SECURITY HEADER SETTINGS # -------------------------------------------- -APP_TRUSTED_PROXIES=192.168.1.1,10.0.0.1,172.16.0.0/12 +APP_TRUSTED_PROXIES=172.17.0.1 # Docker Gateway ALLOW_IFRAMING=false REFERRER_POLICY=same-origin -ENABLE_CSP=false +ENABLE_CSP=true CORS_ALLOWED_ORIGINS=null -ENABLE_HSTS=false +ENABLE_HSTS=false # Certificates managed by nginx # -------------------------------------------- # OPTIONAL: CACHE SETTINGS @@ -115,7 +115,7 @@ CACHE_PREFIX=snipeit # -------------------------------------------- # OPTIONAL: REDIS SETTINGS # -------------------------------------------- -REDIS_HOST=null +REDIS_HOST=redis REDIS_PASSWORD=null REDIS_PORT=6379