diff --git a/roles/docker-taiga/README.md b/roles/docker-taiga/README.md new file mode 100644 index 00000000..e69de29b diff --git a/roles/docker-taiga/tasks/main.yml b/roles/docker-taiga/tasks/main.yml new file mode 100644 index 00000000..308db9ca --- /dev/null +++ b/roles/docker-taiga/tasks/main.yml @@ -0,0 +1,13 @@ +--- +- name: "include docker/compose/database.yml" + include_tasks: docker/compose/database.yml + +- name: "include tasks nginx-docker-proxy-domain.yml" + include_tasks: nginx-docker-proxy-domain.yml + +- name: "include tasks update-repository-with-docker-compose.yml" + include_tasks: update-repository-with-docker-compose.yml + +- name: configure run.env + template: src=env.j2 dest={{docker_compose_instance_directory}}/.env + notify: docker compose project setup diff --git a/roles/docker-taiga/templates/docker-compose-inits.yml.j2 b/roles/docker-taiga/templates/docker-compose-inits.yml.j2 new file mode 100644 index 00000000..19332d79 --- /dev/null +++ b/roles/docker-taiga/templates/docker-compose-inits.yml.j2 @@ -0,0 +1,42 @@ +version: "3.5" + +x-environment: + &default-back-environment + POSTGRES_DB: "taiga" + POSTGRES_USER: "${POSTGRES_USER}" + POSTGRES_PASSWORD: "${POSTGRES_PASSWORD}" + POSTGRES_HOST: "taiga-db" + + TAIGA_SECRET_KEY: "${SECRET_KEY}" + TAIGA_SITES_SCHEME: "${TAIGA_SCHEME}" + TAIGA_SITES_DOMAIN: "${TAIGA_DOMAIN}" + + EMAIL_BACKEND: "django.core.mail.backends.${EMAIL_BACKEND}.EmailBackend" + DEFAULT_FROM_EMAIL: "${EMAIL_DEFAULT_FROM}" + EMAIL_USE_TLS: "${EMAIL_USE_TLS}" + EMAIL_USE_SSL: "${EMAIL_USE_SSL}" + EMAIL_HOST: "${EMAIL_HOST}" + EMAIL_PORT: "${EMAIL_PORT}" + EMAIL_HOST_USER: "${EMAIL_HOST_USER}" + EMAIL_HOST_PASSWORD: "${EMAIL_HOST_PASSWORD}" + + RABBITMQ_USER: "${RABBITMQ_USER}" + RABBITMQ_PASS: "${RABBITMQ_PASS}" + CELERY_ENABLED: "False" + +x-volumes: + &default-back-volumes + - taiga-static-data:/taiga-back/static + - taiga-media-data:/taiga-back/media + # - ./config.py:/taiga-back/settings/config.py + +services: + taiga-manage: + image: taigaio/taiga-back:latest + environment: *default-back-environment + depends_on: + - taiga-db + entrypoint: "python manage.py" + volumes: *default-back-volumes + networks: + - taiga \ No newline at end of file diff --git a/roles/docker-taiga/templates/docker-compose.yml.j2 b/roles/docker-taiga/templates/docker-compose.yml.j2 new file mode 100644 index 00000000..53d388ef --- /dev/null +++ b/roles/docker-taiga/templates/docker-compose.yml.j2 @@ -0,0 +1,167 @@ +version: "3.5" + +x-environment: + &default-back-environment + # These environment variables will be used by taiga-back and taiga-async. + # Database settings + POSTGRES_DB: "taiga" + POSTGRES_USER: "${POSTGRES_USER}" + POSTGRES_PASSWORD: "${POSTGRES_PASSWORD}" + POSTGRES_HOST: "taiga-db" + # Taiga settings + TAIGA_SECRET_KEY: "${SECRET_KEY}" + TAIGA_SITES_SCHEME: "${TAIGA_SCHEME}" + TAIGA_SITES_DOMAIN: "${TAIGA_DOMAIN}" + TAIGA_SUBPATH: "${SUBPATH}" + # Email settings. + EMAIL_BACKEND: "django.core.mail.backends.${EMAIL_BACKEND}.EmailBackend" + DEFAULT_FROM_EMAIL: "${EMAIL_DEFAULT_FROM}" + EMAIL_USE_TLS: "${EMAIL_USE_TLS}" + EMAIL_USE_SSL: "${EMAIL_USE_SSL}" + EMAIL_HOST: "${EMAIL_HOST}" + EMAIL_PORT: "${EMAIL_PORT}" + EMAIL_HOST_USER: "${EMAIL_HOST_USER}" + EMAIL_HOST_PASSWORD: "${EMAIL_HOST_PASSWORD}" + # Rabbitmq settings + RABBITMQ_USER: "${RABBITMQ_USER}" + RABBITMQ_PASS: "${RABBITMQ_PASS}" + # Telemetry settings + ENABLE_TELEMETRY: "${ENABLE_TELEMETRY}" + # ...your customizations go here + +x-volumes: + &default-back-volumes + # These volumens will be used by taiga-back and taiga-async. + - taiga-static-data:/taiga-back/static + - taiga-media-data:/taiga-back/media + # - ./config.py:/taiga-back/settings/config.py + +services: + taiga-db: + image: postgres:12.3 + environment: + POSTGRES_DB: "taiga" + POSTGRES_USER: "${POSTGRES_USER}" + POSTGRES_PASSWORD: "${POSTGRES_PASSWORD}" + healthcheck: + test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER}"] + interval: 2s + timeout: 15s + retries: 5 + start_period: 3s + volumes: + - taiga-db-data:/var/lib/postgresql/data + networks: + - taiga + + taiga-back: + image: taigaio/taiga-back:latest + environment: *default-back-environment + volumes: *default-back-volumes + networks: + - taiga + depends_on: + taiga-db: + condition: service_healthy + taiga-events-rabbitmq: + condition: service_started + taiga-async-rabbitmq: + condition: service_started + + taiga-async: + image: taigaio/taiga-back:latest + entrypoint: ["/taiga-back/docker/async_entrypoint.sh"] + environment: *default-back-environment + volumes: *default-back-volumes + networks: + - taiga + depends_on: + taiga-db: + condition: service_healthy + taiga-events-rabbitmq: + condition: service_started + taiga-async-rabbitmq: + condition: service_started + + taiga-async-rabbitmq: + image: rabbitmq:3.8-management-alpine + environment: + RABBITMQ_ERLANG_COOKIE: "${RABBITMQ_ERLANG_COOKIE}" + RABBITMQ_DEFAULT_USER: "${RABBITMQ_USER}" + RABBITMQ_DEFAULT_PASS: "${RABBITMQ_PASS}" + RABBITMQ_DEFAULT_VHOST: "${RABBITMQ_VHOST}" + hostname: "taiga-async-rabbitmq" + volumes: + - taiga-async-rabbitmq-data:/var/lib/rabbitmq + networks: + - taiga + + taiga-front: + image: taigaio/taiga-front:latest + environment: + TAIGA_URL: "${TAIGA_SCHEME}://${TAIGA_DOMAIN}" + TAIGA_WEBSOCKETS_URL: "${WEBSOCKETS_SCHEME}://${TAIGA_DOMAIN}" + TAIGA_SUBPATH: "${SUBPATH}" + # ...your customizations go here + networks: + - taiga + # volumes: + # - ./conf.json:/usr/share/nginx/html/conf.json + + taiga-events: + image: taigaio/taiga-events:latest + environment: + RABBITMQ_USER: "${RABBITMQ_USER}" + RABBITMQ_PASS: "${RABBITMQ_PASS}" + TAIGA_SECRET_KEY: "${SECRET_KEY}" + networks: + - taiga + depends_on: + taiga-events-rabbitmq: + condition: service_started + + taiga-events-rabbitmq: + image: rabbitmq:3.8-management-alpine + environment: + RABBITMQ_ERLANG_COOKIE: "${RABBITMQ_ERLANG_COOKIE}" + RABBITMQ_DEFAULT_USER: "${RABBITMQ_USER}" + RABBITMQ_DEFAULT_PASS: "${RABBITMQ_PASS}" + RABBITMQ_DEFAULT_VHOST: "${RABBITMQ_VHOST}" + hostname: "taiga-events-rabbitmq" + volumes: + - taiga-events-rabbitmq-data:/var/lib/rabbitmq + networks: + - taiga + + taiga-protected: + image: taigaio/taiga-protected:latest + environment: + MAX_AGE: "${ATTACHMENTS_MAX_AGE}" + SECRET_KEY: "${SECRET_KEY}" + networks: + - taiga + + taiga-gateway: + image: nginx:1.19-alpine + ports: + - "9000:80" + volumes: + - ./taiga-gateway/taiga.conf:/etc/nginx/conf.d/default.conf + - taiga-static-data:/taiga/static + - taiga-media-data:/taiga/media + networks: + - taiga + depends_on: + - taiga-front + - taiga-back + - taiga-events + +volumes: + taiga-static-data: + taiga-media-data: + taiga-db-data: + taiga-async-rabbitmq-data: + taiga-events-rabbitmq-data: + +networks: + taiga: \ No newline at end of file diff --git a/roles/docker-taiga/templates/env.j2 b/roles/docker-taiga/templates/env.j2 new file mode 100644 index 00000000..806e3b4c --- /dev/null +++ b/roles/docker-taiga/templates/env.j2 @@ -0,0 +1,35 @@ +# Taiga's URLs - Variables to define where Taiga should be served +TAIGA_SCHEME=https # serve Taiga using "http" or "https" (secured) connection +TAIGA_DOMAIN= {{domain}} # Taiga's base URL +SUBPATH="" # it'll be appended to the TAIGA_DOMAIN (use either "" or a "/subpath") +WEBSOCKETS_SCHEME=wss # events connection protocol (use either "ws" or "wss") + +# Taiga's Secret Key - Variable to provide cryptographic signing +SECRET_KEY="{{taigaio_secret_key}}" # Please, change it to an unpredictable value!! + +# Taiga's Database settings - Variables to create the Taiga database and connect to it +POSTGRES_USER=taiga # user to connect to PostgreSQL +POSTGRES_PASSWORD=taiga # database user's password + +# Taiga's SMTP settings - Variables to send Taiga's emails to the users +EMAIL_BACKEND=console # use an SMTP server or display the emails in the console (either "smtp" or "console") +EMAIL_HOST=smtp.host.example.com # SMTP server address +EMAIL_PORT=587 # default SMTP port +EMAIL_HOST_USER=user # user to connect the SMTP server +EMAIL_HOST_PASSWORD=password # SMTP user's password +EMAIL_DEFAULT_FROM=changeme@example.com # default email address for the automated emails +# EMAIL_USE_TLS/EMAIL_USE_SSL are mutually exclusive (only set one of those to True) +EMAIL_USE_TLS=True # use TLS (secure) connection with the SMTP server +EMAIL_USE_SSL=False # use implicit TLS (secure) connection with the SMTP server + +# Taiga's RabbitMQ settings - Variables to leave messages for the realtime and asynchronous events +RABBITMQ_USER=taiga # user to connect to RabbitMQ +RABBITMQ_PASS=taiga # RabbitMQ user's password +RABBITMQ_VHOST=taiga # RabbitMQ container name +RABBITMQ_ERLANG_COOKIE=secret-erlang-cookie # unique value shared by any connected instance of RabbitMQ + +# Taiga's Attachments - Variable to define how long the attachments will be accesible +ATTACHMENTS_MAX_AGE=360 # token expiration date (in seconds) + +# Taiga's Telemetry - Variable to enable or disable the anonymous telemetry +ENABLE_TELEMETRY=True \ No newline at end of file diff --git a/roles/docker-taiga/vars/main.yml b/roles/docker-taiga/vars/main.yml new file mode 100644 index 00000000..6da9c93d --- /dev/null +++ b/roles/docker-taiga/vars/main.yml @@ -0,0 +1,6 @@ +docker_compose_project_name: "taigaio" +docker_compose_file_path: "{{docker_compose_instance_directory}}docker-compose.yml" +docker_compose_backup_path: "/tmp/{{docker_compose_project_name}}-docker-compose.yml.backup" +database_type: "mariadb" +database_password: "{{taigaio_database_password}}" +repository_address: "https://github.com/taigaio/taiga-docker"