kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2024-11-21 20:31:02 +01:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: kevinveenbirkenbach:42092855c783c5809d3dacdd4c9cf88aec4c6b41
Branches Tags
kevinveenbirkenbach:master
...
compare: kevinveenbirkenbach:94207f4a72a41669d9c414ab9d0594593cedf29f
Branches Tags
kevinveenbirkenbach:master

4 Commits
42092855c7 ... 94207f4a72

Author SHA1 Message Date
Kevin Veen-Birkenbach
94207f4a72 changed title 2023-12-28 00:29:27 +01:00
Kevin Veen-Birkenbach
69ef04bf0c implemented draf for gitlab role 2023-12-28 00:28:30 +01:00
Kevin Veen-Birkenbach
8ae612444c solved wrong file name path 2023-12-27 22:21:24 +01:00
Kevin Veen-Birkenbach
f58a36ea34 implemented backup of everything before docker update 2023-12-27 22:12:19 +01:00
16 changed files with 163 additions and 27 deletions
Show Stats Expand all files Collapse all files

5
group_vars/all
View File

@ -70,6 +70,7 @@ system_maintenance_backup_services:
- "backup-docker-to-local" - "backup-docker-to-local"
- "backup-remote-to-local" - "backup-remote-to-local"
- "backup-data-to-usb" - "backup-data-to-usb"
- "backup-docker-to-local-everything"
### Defined Services for System Cleanup ### Defined Services for System Cleanup
system_maintenance_cleanup_services: system_maintenance_cleanup_services:
@ -103,6 +104,7 @@ domain_elk: "elk.{{top_domain}}"
domain_discourse: "forum.{{top_domain}}" domain_discourse: "forum.{{top_domain}}"
domain_funkwhale: "music.{{top_domain}}" domain_funkwhale: "music.{{top_domain}}"
domain_gitea: "git.{{top_domain}}" domain_gitea: "git.{{top_domain}}"
domain_gitlab: "gitlab.{{top_domain}}"
domain_listmonk: "newsletter.{{top_domain}}" domain_listmonk: "newsletter.{{top_domain}}"
domain_mailu: "mail.{{top_domain}}" domain_mailu: "mail.{{top_domain}}"
domain_mastodon: "microblog.{{top_domain}}" domain_mastodon: "microblog.{{top_domain}}"
@ -120,6 +122,9 @@ domain_attendize: "tickets.{{top_domain}}"
domain_yourls: "s.{{top_domain}}" domain_yourls: "s.{{top_domain}}"
domain_openproject: "project.{{top_domain}}" domain_openproject: "project.{{top_domain}}"
### Common Configurations
postgres_default_version: "16"
### Docker Role Specific Parameters ### Docker Role Specific Parameters
#### Pixelfed #### Pixelfed

5
roles/backup-docker-to-local/handlers/main.yml
View File

@ -3,6 +3,11 @@
name: backup-docker-to-local.service name: backup-docker-to-local.service
daemon_reload: yes daemon_reload: yes
- name: "reload backup-docker-to-local-everything.service"
systemd:
name: backup-docker-to-local-everything.service
daemon_reload: yes
- name: "restart backup-docker-to-local.timer" - name: "restart backup-docker-to-local.timer"
systemd: systemd:
name: backup-docker-to-local.timer name: backup-docker-to-local.timer

7
roles/backup-docker-to-local/tasks/main.yml
View File

@ -20,6 +20,13 @@
msg: "Warning: Repository is not reachable." msg: "Warning: Repository is not reachable."
when: git_result is defined and git_result.failed is defined and run_once_cleanup_failed_docker_backups is not defined when: git_result is defined and git_result.failed is defined and run_once_cleanup_failed_docker_backups is not defined
- name: configure backup-docker-to-local-everything.service
template:
src: backup-docker-to-local-everything.service.j2
dest: /etc/systemd/system/backup-docker-to-local-everything.service
notify: reload backup-docker-to-local-everything.service
when: run_once_backup_docker_to_local is not defined
- name: configure backup-docker-to-local.service - name: configure backup-docker-to-local.service
template: template:
src: backup-docker-to-local.service.j2 src: backup-docker-to-local.service.j2

8
roles/backup-docker-to-local/templates/backup-docker-to-local-everything.service.j2 Normal file
View File

@ -0,0 +1,8 @@
[Unit]
Description=backup docker volumes to local folder
OnFailure=systemd-notifier@%n.service cleanup-failed-docker-backups.service
[Service]
Type=oneshot
ExecStartPre=/bin/sh -c '/usr/bin/python {{ path_system_lock_script }} {{ system_maintenance_services | join(' ') }} --ignore {{ system_maintenance_backup_services | reject('equalto', 'backup-docker-to-local') | join(' ') }} --timeout "{{sytem_maintenance_lock_timeoutbackup_services}}"'
ExecStart=/bin/sh -c '/usr/bin/python {{backup_docker_to_local_folder}}backup-docker-to-local.py --everything'

2
roles/backup-docker-to-local/templates/backup-docker-to-local.service.j2
View File

@ -4,5 +4,5 @@ OnFailure=systemd-notifier@%n.service cleanup-failed-docker-backups.service
[Service] [Service]
Type=oneshot Type=oneshot
ExecStartPre=/bin/sh -c '/usr/bin/python {{ path_system_lock_script }} {{ system_maintenance_services | join(' ') }} --ignore {{system_maintenance_backup_services| join(' ') }} --timeout "{{sytem_maintenance_lock_timeoutbackup_services}}"' ExecStartPre=/bin/sh -c '/usr/bin/python {{ path_system_lock_script }} {{ system_maintenance_services | join(' ') }} --ignore {{ system_maintenance_backup_services | reject('equalto', 'backup-docker-to-local-everything') | join(' ') }} --timeout "{{sytem_maintenance_lock_timeoutbackup_services}}"'
ExecStart=/bin/sh -c '/usr/bin/python {{backup_docker_to_local_folder}}backup-docker-to-local.py' ExecStart=/bin/sh -c '/usr/bin/python {{backup_docker_to_local_folder}}backup-docker-to-local.py'

35
roles/docker-gitlab/README.md Normal file
View File

@ -0,0 +1,35 @@
# Docker-GitLab Ansible Role
## Overview
This Ansible role is designed for setting up and managing a GitLab server running in a Docker container. It automates the process of installing GitLab, configuring its environment, and managing dependencies such as a PostgreSQL database and an Nginx reverse proxy.
## Features
- **GitLab Installation**: Automatically deploys GitLab using Docker.
- **External PostgreSQL Database**: Configures GitLab to use an external PostgreSQL database.
- **Nginx Reverse Proxy Integration**: Includes tasks for setting up an Nginx reverse proxy for GitLab.
- **Customizable Configuration**: Variables and templates allow for easy customization.
## Requirements
- Docker and Docker Compose installed on the target machine.
- Ansible for automation.
## Role Variables
Variables are defined in `vars/main.yml`. Key variables include:
- `docker_compose_instance_directory`: Directory for Docker Compose instances.
- `database_instance`, `database_host`, `database_databasename`, `database_username`, `database_password`: Database configuration variables.
- `database_version`: PostgreSQL version, with a default fallback.
## Handlers
- `recreate gitlab`: Restarts GitLab using Docker Compose when changes are detected.
## Dependencies
- `nginx-docker-reverse-proxy`: A role for setting up an Nginx reverse proxy for GitLab.
## Template Files
- `docker-compose.yml.j2`: Jinja2 template for the Docker Compose configuration.
- Additional templates for database and proxy configuration.
## Usage
Include this role in your Ansible playbooks and specify the necessary variables. Run the playbook to deploy and configure GitLab in a Docker environment.
For a detailed walkthrough and explanation of this role, refer to the conversation at [ChatGPT Session Transcript](https://chat.openai.com/share/1b0147bf-d4de-4790-b8ed-c332aa4e3ce3).

8
roles/docker-gitlab/handlers/main.yml Normal file
View File

@ -0,0 +1,8 @@
---
- name: recreate gitlab
command:
cmd: docker-compose -p gitlab up -d --force-recreate
chdir: "{{docker_compose_instance_directory}}"
environment:
COMPOSE_HTTP_TIMEOUT: 600
DOCKER_CLIENT_TIMEOUT: 600

2
roles/docker-gitlab/meta/main.yml Normal file
View File

@ -0,0 +1,2 @@
dependencies:
- nginx-docker-reverse-proxy

13
roles/docker-gitlab/tasks/main.yml Normal file
View File

@ -0,0 +1,13 @@
---
- name: "include tasks nginx-docker-proxy-domain.yml"
include_tasks: nginx-docker-proxy-domain.yml
- name: "create {{docker_compose_instance_directory}}"
file:
path: "{{docker_compose_instance_directory}}"
state: directory
mode: 0755
- name: add docker-compose.yml
template: src=docker-compose.yml.j2 dest={{docker_compose_instance_directory}}docker-compose.yml
notify: recreate gitlab

32
roles/docker-gitlab/templates/docker-compose.yml.j2 Normal file
View File

@ -0,0 +1,32 @@
version: '3.6'
services:
web:
image: 'gitlab/gitlab-ee:latest'
restart: always
hostname: '{{domain}}'
environment:
GITLAB_OMNIBUS_CONFIG: |
external_url 'https://{{domain}}'
postgresql['enable'] = false
gitlab_rails['gitlab_shell_ssh_port'] = {{ssh_port}}
gitlab_rails['db_adapter'] = 'postgresql'
gitlab_rails['db_encoding'] = 'utf8'
gitlab_rails['db_host'] = '{{database_host}}'
gitlab_rails['db_port'] = 5432
gitlab_rails['db_username'] = '{{database_username}}'
gitlab_rails['db_password'] = '{{database_password}}'
ports:
- '8929:8929'
ports:
- "127.0.0.1:{{http_port}}:80"
- "{{ssh_port}}:22"
volumes:
- 'config:/etc/gitlab'
- 'logs:/var/log/gitlab'
- 'data:/var/opt/gitlab'
shm_size: '256m'
{% include 'templates/docker-postgres-service.yml.j2' %}
volumes:
database:

7
roles/docker-gitlab/vars/main.yml Normal file
View File

@ -0,0 +1,7 @@
docker_compose_instance_directory: "{{path_docker_compose_instances}}gitlab/"
database_instance: "gitlab"
database_host: "database"
database_databasename: "gitlabhq_production"
database_username: "gitlab"
database_password: "{{gitlab_database_password}}"
database_version: "{{ gitlab_database_version | default(postgres_default_version) }}"

20
roles/docker-listmonk/templates/docker-compose.yml.j2
View File

@ -1,24 +1,8 @@
version: "3.7" version: "3.7"
services: services:
database:
image: postgres:13-alpine {% include 'templates/docker-postgres-service.yml.j2' %}
ports:
- "9432:5432"
environment:
- POSTGRES_PASSWORD={{database_password}}
- POSTGRES_USER={{database_username}}
- POSTGRES_DB={{database_databasename}}
restart: unless-stopped
healthcheck:
test: ["CMD-SHELL", "pg_isready -U {{database_username}}"]
interval: 10s
timeout: 5s
retries: 6
volumes:
- type: volume
source: database
target: /var/lib/postgresql/data
application: application:
restart: unless-stopped restart: unless-stopped

13
roles/docker-listmonk/vars/main.yml
View File

@ -1,6 +1,7 @@
docker_compose_instance_directory: "{{path_docker_compose_instances}}listmonk/" docker_compose_instance_directory: "{{path_docker_compose_instances}}listmonk/"
database_instance: "listmonk" database_instance: "listmonk"
database_host: "database" database_host: "database"
database_databasename: "{{database_instance}}" database_databasename: "{{database_instance}}"
database_username: "{{database_instance}}" database_username: "{{database_instance}}"
database_password: "{{listmonk_database_password}}" database_password: "{{listmonk_database_password}}"
database_version: "{{ listmonk_database_version | default(postgres_default_version) }}"

4
roles/update-docker/tasks/main.yml
View File

@ -1,6 +1,6 @@
- name: "start backup-docker-to-local.service" - name: "start backup-docker-to-local-everything.service"
systemd: systemd:
name: backup-docker-to-local.service name: backup-docker-to-local-everything.service
state: started state: started
when: force_backup_before_update | bool when: force_backup_before_update | bool

10
servers.yml
View File

@ -229,6 +229,16 @@
domain: "{{domain_openproject}}" domain: "{{domain_openproject}}"
http_port: 8023 http_port: 8023
- name: setup gitlab hosts
hosts: gitlab
become: true
roles:
- role: docker-gitlab
vars:
domain: "{{domain_gitlab}}"
http_port: 8024
ssh_port: 2202
- name: setup akaunting hosts - name: setup akaunting hosts
hosts: akaunting hosts: akaunting
become: true become: true

19
templates/docker-postgres-service.yml.j2 Normal file
View File

@ -0,0 +1,19 @@
database:
image: postgres:{{database_version}}-alpine
ports:
- "9432:5432"
environment:
- POSTGRES_PASSWORD={{database_password}}
- POSTGRES_USER={{database_username}}
- POSTGRES_DB={{database_databasename}}
restart: unless-stopped
healthcheck:
test: ["CMD-SHELL", "pg_isready -U {{database_username}}"]
interval: 10s
timeout: 5s
retries: 6
volumes:
- type: volume
source: database
target: /var/lib/postgresql/data