mirror of
https://github.com/kevinveenbirkenbach/computer-playbook.git
synced 2025-08-15 08:30:46 +02:00
Optimized openproject for new repository structure
This commit is contained in:
parent
f671678720
commit
d5e5f57f92
2
roles/cmp-rdbms/vars/main.yml
Normal file
2
roles/cmp-rdbms/vars/main.yml
Normal file
@ -0,0 +1,2 @@
|
||||
# Docker
|
||||
docker_pull_git_repository: false # Deactivated here to don't inhire this
|
||||
@ -6,6 +6,7 @@
|
||||
git:
|
||||
repo: "{{ docker_repository_address }}"
|
||||
dest: "{{ docker_repository_path }}"
|
||||
version: "{{ docker_repository_branch | default('main') }}"
|
||||
depth: 1
|
||||
update: yes
|
||||
recursive: yes
|
||||
|
||||
2
roles/srv-web-7-7-inj-compose/vars/main.yml
Normal file
2
roles/srv-web-7-7-inj-compose/vars/main.yml
Normal file
@ -0,0 +1,2 @@
|
||||
# Docker
|
||||
docker_pull_git_repository: false # Deactivated here to don't inhire this
|
||||
@ -11,3 +11,4 @@ openresty_container: "{{ applications | get_app_conf(application_id,
|
||||
|
||||
# Docker
|
||||
docker_compose_flush_handlers: true
|
||||
docker_pull_git_repository: false # Deactivated here to don't inhire this
|
||||
@ -3,23 +3,23 @@
|
||||
include_role:
|
||||
name: cmp-db-docker-proxy
|
||||
|
||||
- name: "Create {{openproject_plugins_folder}}"
|
||||
- name: "Create {{ openproject_plugins_folder }}"
|
||||
file:
|
||||
path: "{{openproject_plugins_folder}}"
|
||||
path: "{{ openproject_plugins_folder }}"
|
||||
state: directory
|
||||
mode: '0755'
|
||||
|
||||
- name: "Transfering Gemfile.plugins to {{openproject_plugins_folder}}"
|
||||
- name: "Transfering Gemfile.plugins to {{ openproject_plugins_folder }}"
|
||||
copy:
|
||||
src: Gemfile.plugins
|
||||
dest: "{{openproject_plugins_folder}}Gemfile.plugins"
|
||||
dest: "{{ openproject_plugins_folder }}Gemfile.plugins"
|
||||
notify:
|
||||
- docker compose up
|
||||
- docker compose build
|
||||
|
||||
- name: "create {{dummy_volume}}"
|
||||
- name: "create {{ openproject_dummy_volume }}"
|
||||
file:
|
||||
path: "{{dummy_volume}}"
|
||||
path: "{{ openproject_dummy_volume }}"
|
||||
state: directory
|
||||
mode: 0755
|
||||
|
||||
@ -35,5 +35,5 @@
|
||||
loop: "{{ openproject_rails_settings | dict2items }}"
|
||||
|
||||
- name: Setup LDAP
|
||||
include_tasks: ldap.yml
|
||||
include_tasks: 01_ldap.yml
|
||||
when: applications | get_app_conf(application_id, 'features.ldap', True) | bool
|
||||
@ -2,7 +2,7 @@
|
||||
x-op-app: &app
|
||||
logging:
|
||||
driver: journald
|
||||
image: {{custom_openproject_image}}
|
||||
image: {{ openproject_custom_image }}
|
||||
build:
|
||||
context: .
|
||||
dockerfile: Dockerfile
|
||||
@ -16,7 +16,7 @@ x-op-app: &app
|
||||
|
||||
proxy:
|
||||
{% include 'roles/docker-container/templates/base.yml.j2' %}
|
||||
image: {{custom_openproject_image}}
|
||||
image: {{ openproject_custom_image }}
|
||||
container_name: {{ openproject_proxy_name }}
|
||||
command: "./docker/prod/proxy"
|
||||
ports:
|
||||
@ -27,7 +27,7 @@ x-op-app: &app
|
||||
- web
|
||||
volumes:
|
||||
- "data:/var/openproject/assets"
|
||||
- "{{dummy_volume}}:/var/openproject/pgdata" # This mount is unnecessary and just done to prevent anonymous volumes
|
||||
- "{{ openproject_dummy_volume }}:/var/openproject/pgdata" # This mount is unnecessary and just done to prevent anonymous volumes
|
||||
|
||||
web:
|
||||
<<: *app
|
||||
@ -45,7 +45,7 @@ x-op-app: &app
|
||||
{% include 'roles/docker-container/templates/healthcheck/curl.yml.j2' %}
|
||||
volumes:
|
||||
- "data:/var/openproject/assets"
|
||||
- "{{dummy_volume}}:/var/openproject/pgdata" # This mount is unnecessary and just done to prevent anonymous volumes
|
||||
- "{{ openproject_dummy_volume }}:/var/openproject/pgdata" # This mount is unnecessary and just done to prevent anonymous volumes
|
||||
|
||||
worker:
|
||||
<<: *app
|
||||
@ -60,7 +60,7 @@ x-op-app: &app
|
||||
condition: service_started
|
||||
volumes:
|
||||
- "data:/var/openproject/assets"
|
||||
- "{{dummy_volume}}:/var/openproject/pgdata" # This mount is unnecessary and just done to prevent anonymous volumes
|
||||
- "{{ openproject_dummy_volume }}:/var/openproject/pgdata" # This mount is unnecessary and just done to prevent anonymous volumes
|
||||
|
||||
|
||||
cron:
|
||||
@ -76,7 +76,7 @@ x-op-app: &app
|
||||
condition: service_started
|
||||
volumes:
|
||||
- "data:/var/openproject/assets"
|
||||
- "{{dummy_volume}}:/var/openproject/pgdata" # This mount is unnecessary and just done to prevent anonymous volumes
|
||||
- "{{ openproject_dummy_volume }}:/var/openproject/pgdata" # This mount is unnecessary and just done to prevent anonymous volumes
|
||||
|
||||
seeder:
|
||||
<<: *app
|
||||
@ -90,7 +90,7 @@ x-op-app: &app
|
||||
{% include 'roles/docker-container/templates/networks.yml.j2' %}
|
||||
volumes:
|
||||
- "data:/var/openproject/assets"
|
||||
- "{{dummy_volume}}:/var/openproject/pgdata" # This mount is unnecessary and just done to prevent anonymous volumes
|
||||
- "{{ openproject_dummy_volume }}:/var/openproject/pgdata" # This mount is unnecessary and just done to prevent anonymous volumes
|
||||
|
||||
{% include 'roles/docker-compose/templates/volumes.yml.j2' %}
|
||||
data:
|
||||
|
||||
@ -1,18 +1,22 @@
|
||||
application_id: "web-app-openproject"
|
||||
docker_repository_address: "https://github.com/opf/openproject-deploy"
|
||||
database_type: "postgres"
|
||||
docker_pull_git_repository: true
|
||||
openproject_version: "{{ applications | get_app_conf(application_id, 'docker.services.web.version', True) }}"
|
||||
openproject_image: "{{ applications | get_app_conf(application_id, 'docker.services.web.image', True) }}"
|
||||
openproject_volume: "{{ applications | get_app_conf(application_id, 'docker.volumes.data', True) }}"
|
||||
openproject_web_name: "{{ applications | get_app_conf(application_id, 'docker.services.web.name', True) }}"
|
||||
openproject_seeder_name: "{{ applications | get_app_conf(application_id, 'docker.services.seeder.name', True) }}"
|
||||
openproject_cron_name: "{{ applications | get_app_conf(application_id, 'docker.services.cron.name', True) }}"
|
||||
openproject_proxy_name: "{{ applications | get_app_conf(application_id, 'docker.services.proxy.name', True) }}"
|
||||
openproject_worker_name: "{{ applications | get_app_conf(application_id, 'docker.services.worker.name', True) }}"
|
||||
# General
|
||||
application_id: "web-app-openproject"
|
||||
|
||||
openproject_cache_name: "{{ applications | get_app_conf(application_id, 'docker.services.cache.name', True) }}"
|
||||
openproject_cache_image: "{{ applications
|
||||
# Database
|
||||
database_type: "postgres"
|
||||
|
||||
# Open Project Specific
|
||||
openproject_version: "{{ applications | get_app_conf(application_id, 'docker.services.web.version', True) }}"
|
||||
openproject_image: "{{ applications | get_app_conf(application_id, 'docker.services.web.image', True) }}"
|
||||
openproject_volume: "{{ applications | get_app_conf(application_id, 'docker.volumes.data', True) }}"
|
||||
openproject_web_name: "{{ applications | get_app_conf(application_id, 'docker.services.web.name', True) }}"
|
||||
openproject_seeder_name: "{{ applications | get_app_conf(application_id, 'docker.services.seeder.name', True) }}"
|
||||
openproject_cron_name: "{{ applications | get_app_conf(application_id, 'docker.services.cron.name', True) }}"
|
||||
openproject_proxy_name: "{{ applications | get_app_conf(application_id, 'docker.services.proxy.name', True) }}"
|
||||
openproject_worker_name: "{{ applications | get_app_conf(application_id, 'docker.services.worker.name', True) }}"
|
||||
|
||||
# Open Project Cache
|
||||
openproject_cache_name: "{{ applications | get_app_conf(application_id, 'docker.services.cache.name', True) }}"
|
||||
openproject_cache_image: "{{ applications
|
||||
| get_app_conf(application_id, 'docker.services.cache.image')
|
||||
or applications
|
||||
| get_app_conf('svc-db-memcached', 'docker.services.memcached.image')
|
||||
@ -25,12 +29,12 @@ openproject_cache_version: "{{ applications
|
||||
}}"
|
||||
|
||||
|
||||
openproject_plugins_folder: "{{docker_compose.directories.volumes}}plugins/"
|
||||
openproject_plugins_folder: "{{docker_compose.directories.volumes}}plugins/"
|
||||
|
||||
custom_openproject_image: "custom_openproject"
|
||||
openproject_custom_image: "custom_openproject"
|
||||
|
||||
# The following volume doesn't have a practcical function. It just exist to prevent the creation of unnecessary anonymous volumes
|
||||
dummy_volume: "{{docker_compose.directories.volumes}}dummy_volume"
|
||||
openproject_dummy_volume: "{{docker_compose.directories.volumes}}dummy_volume"
|
||||
|
||||
openproject_rails_settings:
|
||||
email_delivery_method: "smtp"
|
||||
@ -46,3 +50,9 @@ openproject_filters:
|
||||
|
||||
users: "{{ '(memberOf=cn=openproject-users,' ~ ldap.dn.ou.roles ~ ')'
|
||||
if applications | get_app_conf(application_id, 'ldap.filters.users', True) else '' }}"
|
||||
|
||||
# Docker
|
||||
docker_repository_branch: "stable/{{ openproject_version }}"
|
||||
docker_repository_address: "https://github.com/opf/openproject-deploy"
|
||||
docker_pull_git_repository: true
|
||||
docker_compose_flush_handlers: false
|
||||
146
tmp
146
tmp
@ -1,146 +0,0 @@
|
||||
diff --git a/roles/docker-container/meta/main.yml b/roles/docker-container/meta/main.yml
|
||||
index 7b399e6f..37c3365e 100644
|
||||
--- a/roles/docker-container/meta/main.yml
|
||||
+++ b/roles/docker-container/meta/main.yml
|
||||
@@ -21,4 +21,3 @@ galaxy_info:
|
||||
versions: [ all ]
|
||||
dependencies:
|
||||
- docker-core
|
||||
-
|
||||
diff --git a/roles/docker-core/meta/main.yml b/roles/docker-core/meta/main.yml
|
||||
index 3642480a..9a4ffe9e 100644
|
||||
--- a/roles/docker-core/meta/main.yml
|
||||
+++ b/roles/docker-core/meta/main.yml
|
||||
@@ -26,10 +26,3 @@ galaxy_info:
|
||||
issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues"
|
||||
documentation: "https://github.com/kevinveenbirkenbach/infinito-nexus/docker"
|
||||
|
||||
-dependencies:
|
||||
- - sys-bkp-docker-2-loc
|
||||
- - user-administrator
|
||||
- - sys-hlth-docker-container
|
||||
- - sys-hlth-docker-volumes
|
||||
- - sys-rpr-docker-soft
|
||||
- - sys-rpr-docker-hard
|
||||
diff --git a/roles/docker-core/tasks/01_core.yml b/roles/docker-core/tasks/01_core.yml
|
||||
index 183ccd3b..b0b0c5c5 100644
|
||||
--- a/roles/docker-core/tasks/01_core.yml
|
||||
+++ b/roles/docker-core/tasks/01_core.yml
|
||||
@@ -1,6 +1,19 @@
|
||||
+- name: Include backup, repair, health and user dependencies
|
||||
+ include_role:
|
||||
+ name: "{{ item }}"
|
||||
+ loop:
|
||||
+ - sys-bkp-docker-2-loc
|
||||
+ - user-administrator
|
||||
+ - sys-hlth-docker-container
|
||||
+ - sys-hlth-docker-volumes
|
||||
+ - sys-rpr-docker-soft
|
||||
+ - sys-rpr-docker-hard
|
||||
+
|
||||
- name: docker & docker compose install
|
||||
community.general.pacman:
|
||||
- name: ['docker','docker-compose']
|
||||
+ name:
|
||||
+ - 'docker'
|
||||
+ - 'docker-compose'
|
||||
state: present
|
||||
notify: docker restart
|
||||
|
||||
diff --git a/roles/srv-web-7-4-core/meta/main.yml b/roles/srv-web-7-4-core/meta/main.yml
|
||||
index 340879eb..a7c7a044 100644
|
||||
--- a/roles/srv-web-7-4-core/meta/main.yml
|
||||
+++ b/roles/srv-web-7-4-core/meta/main.yml
|
||||
@@ -18,7 +18,4 @@ galaxy_info:
|
||||
- performance
|
||||
repository: "https://github.com/kevinveenbirkenbach/infinito-nexus"
|
||||
issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues"
|
||||
- documentation: "https://github.com/kevinveenbirkenbach/infinito-nexus/roles/srv-web-7-4-core"
|
||||
-dependencies:
|
||||
- - sys-hlth-webserver
|
||||
- - sys-hlth-csp
|
||||
\ No newline at end of file
|
||||
+ documentation: "https://github.com/kevinveenbirkenbach/infinito-nexus/roles/srv-web-7-4-core"
|
||||
\ No newline at end of file
|
||||
diff --git a/roles/srv-web-7-4-core/tasks/01_core.yml b/roles/srv-web-7-4-core/tasks/01_core.yml
|
||||
index 619d972f..ce7f4370 100644
|
||||
--- a/roles/srv-web-7-4-core/tasks/01_core.yml
|
||||
+++ b/roles/srv-web-7-4-core/tasks/01_core.yml
|
||||
@@ -1,3 +1,10 @@
|
||||
+- name: Include health dependencies
|
||||
+ include_role:
|
||||
+ name: "{{ item }}"
|
||||
+ loop:
|
||||
+ - sys-hlth-webserver
|
||||
+ - sys-hlth-csp
|
||||
+
|
||||
- name: Include openresty
|
||||
# Outside of run_once block is necessary for handler loading
|
||||
# Otherwise the when: condition from the block is added to the handlers
|
||||
diff --git a/roles/srv-web-7-6-https/meta/main.yml b/roles/srv-web-7-6-https/meta/main.yml
|
||||
index 9b959ebe..4579d6f1 100644
|
||||
--- a/roles/srv-web-7-6-https/meta/main.yml
|
||||
+++ b/roles/srv-web-7-6-https/meta/main.yml
|
||||
@@ -22,8 +22,7 @@ galaxy_info:
|
||||
repository: "https://github.com/kevinveenbirkenbach/infinito-nexus"
|
||||
documentation: "https://docs.infinito.nexus"
|
||||
issue_tracker_url: "https://github.com/kevinveenbirkenbach/infinito-nexus/issues"
|
||||
-
|
||||
dependencies:
|
||||
- srv-web-7-4-core
|
||||
- sys-cln-domains
|
||||
- - srv-web-7-7-letsencrypt
|
||||
\ No newline at end of file
|
||||
+ - srv-web-7-7-letsencrypt
|
||||
diff --git a/roles/srv-web-7-7-inj-compose/tasks/main.yml b/roles/srv-web-7-7-inj-compose/tasks/main.yml
|
||||
index 068c25cd..9d56405f 100644
|
||||
--- a/roles/srv-web-7-7-inj-compose/tasks/main.yml
|
||||
+++ b/roles/srv-web-7-7-inj-compose/tasks/main.yml
|
||||
@@ -38,14 +38,14 @@
|
||||
matomo: "{{ applications | get_app_conf(application_id, 'features.matomo', False) }}"
|
||||
port_ui: "{{ applications | get_app_conf(application_id, 'features.port-ui-desktop', False) }}"
|
||||
|
||||
-- name: "Activate Global CSS for {{domain}}"
|
||||
+- name: "Activate Corporate CSS for {{domain}}"
|
||||
include_role:
|
||||
name: srv-web-7-7-inj-css
|
||||
when:
|
||||
- inj_enabled.css
|
||||
- run_once_srv_web_7_7_inj_css is not defined
|
||||
|
||||
-- name: "Activate Global Matomo Tracking for {{domain}}"
|
||||
+- name: "Activate Matomo Tracking for {{domain}}"
|
||||
include_role:
|
||||
name: srv-web-7-7-inj-matomo
|
||||
when: inj_enabled.matomo
|
||||
diff --git a/roles/sys-svc-sshd/tasks/main.yml b/roles/sys-svc-sshd/tasks/main.yml
|
||||
index af2ff0d1..010bbb37 100644
|
||||
--- a/roles/sys-svc-sshd/tasks/main.yml
|
||||
+++ b/roles/sys-svc-sshd/tasks/main.yml
|
||||
@@ -1,14 +1,14 @@
|
||||
-- name: create sshd_config
|
||||
- template:
|
||||
- src: "sshd_config.j2"
|
||||
- dest: /etc/ssh/sshd_config
|
||||
- owner: root
|
||||
- group: root
|
||||
- mode: '0644'
|
||||
- notify: sshd restart
|
||||
- when: run_once_sys_svc_sshd is not defined
|
||||
+- block:
|
||||
+ - name: create sshd_config
|
||||
+ template:
|
||||
+ src: "sshd_config.j2"
|
||||
+ dest: /etc/ssh/sshd_config
|
||||
+ owner: root
|
||||
+ group: root
|
||||
+ mode: '0644'
|
||||
+ notify: sshd restart
|
||||
|
||||
-- name: run the sshd tasks once
|
||||
- set_fact:
|
||||
- run_once_sys_svc_sshd: true
|
||||
+ - name: run the sshd tasks once
|
||||
+ set_fact:
|
||||
+ run_once_sys_svc_sshd: true
|
||||
when: run_once_sys_svc_sshd is not defined
|
||||
Loading…
x
Reference in New Issue
Block a user