mirror of
https://github.com/kevinveenbirkenbach/computer-playbook.git
synced 2024-11-22 04:31:13 +01:00
Compare commits
4 Commits
42092855c7
...
94207f4a72
Author | SHA1 | Date | |
---|---|---|---|
94207f4a72 | |||
69ef04bf0c | |||
8ae612444c | |||
f58a36ea34 |
@ -70,6 +70,7 @@ system_maintenance_backup_services:
|
|||||||
- "backup-docker-to-local"
|
- "backup-docker-to-local"
|
||||||
- "backup-remote-to-local"
|
- "backup-remote-to-local"
|
||||||
- "backup-data-to-usb"
|
- "backup-data-to-usb"
|
||||||
|
- "backup-docker-to-local-everything"
|
||||||
|
|
||||||
### Defined Services for System Cleanup
|
### Defined Services for System Cleanup
|
||||||
system_maintenance_cleanup_services:
|
system_maintenance_cleanup_services:
|
||||||
@ -103,6 +104,7 @@ domain_elk: "elk.{{top_domain}}"
|
|||||||
domain_discourse: "forum.{{top_domain}}"
|
domain_discourse: "forum.{{top_domain}}"
|
||||||
domain_funkwhale: "music.{{top_domain}}"
|
domain_funkwhale: "music.{{top_domain}}"
|
||||||
domain_gitea: "git.{{top_domain}}"
|
domain_gitea: "git.{{top_domain}}"
|
||||||
|
domain_gitlab: "gitlab.{{top_domain}}"
|
||||||
domain_listmonk: "newsletter.{{top_domain}}"
|
domain_listmonk: "newsletter.{{top_domain}}"
|
||||||
domain_mailu: "mail.{{top_domain}}"
|
domain_mailu: "mail.{{top_domain}}"
|
||||||
domain_mastodon: "microblog.{{top_domain}}"
|
domain_mastodon: "microblog.{{top_domain}}"
|
||||||
@ -120,6 +122,9 @@ domain_attendize: "tickets.{{top_domain}}"
|
|||||||
domain_yourls: "s.{{top_domain}}"
|
domain_yourls: "s.{{top_domain}}"
|
||||||
domain_openproject: "project.{{top_domain}}"
|
domain_openproject: "project.{{top_domain}}"
|
||||||
|
|
||||||
|
### Common Configurations
|
||||||
|
postgres_default_version: "16"
|
||||||
|
|
||||||
### Docker Role Specific Parameters
|
### Docker Role Specific Parameters
|
||||||
|
|
||||||
#### Pixelfed
|
#### Pixelfed
|
||||||
|
@ -3,6 +3,11 @@
|
|||||||
name: backup-docker-to-local.service
|
name: backup-docker-to-local.service
|
||||||
daemon_reload: yes
|
daemon_reload: yes
|
||||||
|
|
||||||
|
- name: "reload backup-docker-to-local-everything.service"
|
||||||
|
systemd:
|
||||||
|
name: backup-docker-to-local-everything.service
|
||||||
|
daemon_reload: yes
|
||||||
|
|
||||||
- name: "restart backup-docker-to-local.timer"
|
- name: "restart backup-docker-to-local.timer"
|
||||||
systemd:
|
systemd:
|
||||||
name: backup-docker-to-local.timer
|
name: backup-docker-to-local.timer
|
||||||
|
@ -20,6 +20,13 @@
|
|||||||
msg: "Warning: Repository is not reachable."
|
msg: "Warning: Repository is not reachable."
|
||||||
when: git_result is defined and git_result.failed is defined and run_once_cleanup_failed_docker_backups is not defined
|
when: git_result is defined and git_result.failed is defined and run_once_cleanup_failed_docker_backups is not defined
|
||||||
|
|
||||||
|
- name: configure backup-docker-to-local-everything.service
|
||||||
|
template:
|
||||||
|
src: backup-docker-to-local-everything.service.j2
|
||||||
|
dest: /etc/systemd/system/backup-docker-to-local-everything.service
|
||||||
|
notify: reload backup-docker-to-local-everything.service
|
||||||
|
when: run_once_backup_docker_to_local is not defined
|
||||||
|
|
||||||
- name: configure backup-docker-to-local.service
|
- name: configure backup-docker-to-local.service
|
||||||
template:
|
template:
|
||||||
src: backup-docker-to-local.service.j2
|
src: backup-docker-to-local.service.j2
|
||||||
|
@ -0,0 +1,8 @@
|
|||||||
|
[Unit]
|
||||||
|
Description=backup docker volumes to local folder
|
||||||
|
OnFailure=systemd-notifier@%n.service cleanup-failed-docker-backups.service
|
||||||
|
|
||||||
|
[Service]
|
||||||
|
Type=oneshot
|
||||||
|
ExecStartPre=/bin/sh -c '/usr/bin/python {{ path_system_lock_script }} {{ system_maintenance_services | join(' ') }} --ignore {{ system_maintenance_backup_services | reject('equalto', 'backup-docker-to-local') | join(' ') }} --timeout "{{sytem_maintenance_lock_timeoutbackup_services}}"'
|
||||||
|
ExecStart=/bin/sh -c '/usr/bin/python {{backup_docker_to_local_folder}}backup-docker-to-local.py --everything'
|
@ -4,5 +4,5 @@ OnFailure=systemd-notifier@%n.service cleanup-failed-docker-backups.service
|
|||||||
|
|
||||||
[Service]
|
[Service]
|
||||||
Type=oneshot
|
Type=oneshot
|
||||||
ExecStartPre=/bin/sh -c '/usr/bin/python {{ path_system_lock_script }} {{ system_maintenance_services | join(' ') }} --ignore {{system_maintenance_backup_services| join(' ') }} --timeout "{{sytem_maintenance_lock_timeoutbackup_services}}"'
|
ExecStartPre=/bin/sh -c '/usr/bin/python {{ path_system_lock_script }} {{ system_maintenance_services | join(' ') }} --ignore {{ system_maintenance_backup_services | reject('equalto', 'backup-docker-to-local-everything') | join(' ') }} --timeout "{{sytem_maintenance_lock_timeoutbackup_services}}"'
|
||||||
ExecStart=/bin/sh -c '/usr/bin/python {{backup_docker_to_local_folder}}backup-docker-to-local.py'
|
ExecStart=/bin/sh -c '/usr/bin/python {{backup_docker_to_local_folder}}backup-docker-to-local.py'
|
35
roles/docker-gitlab/README.md
Normal file
35
roles/docker-gitlab/README.md
Normal file
@ -0,0 +1,35 @@
|
|||||||
|
# Docker-GitLab Ansible Role
|
||||||
|
|
||||||
|
## Overview
|
||||||
|
This Ansible role is designed for setting up and managing a GitLab server running in a Docker container. It automates the process of installing GitLab, configuring its environment, and managing dependencies such as a PostgreSQL database and an Nginx reverse proxy.
|
||||||
|
|
||||||
|
## Features
|
||||||
|
- **GitLab Installation**: Automatically deploys GitLab using Docker.
|
||||||
|
- **External PostgreSQL Database**: Configures GitLab to use an external PostgreSQL database.
|
||||||
|
- **Nginx Reverse Proxy Integration**: Includes tasks for setting up an Nginx reverse proxy for GitLab.
|
||||||
|
- **Customizable Configuration**: Variables and templates allow for easy customization.
|
||||||
|
|
||||||
|
## Requirements
|
||||||
|
- Docker and Docker Compose installed on the target machine.
|
||||||
|
- Ansible for automation.
|
||||||
|
|
||||||
|
## Role Variables
|
||||||
|
Variables are defined in `vars/main.yml`. Key variables include:
|
||||||
|
- `docker_compose_instance_directory`: Directory for Docker Compose instances.
|
||||||
|
- `database_instance`, `database_host`, `database_databasename`, `database_username`, `database_password`: Database configuration variables.
|
||||||
|
- `database_version`: PostgreSQL version, with a default fallback.
|
||||||
|
|
||||||
|
## Handlers
|
||||||
|
- `recreate gitlab`: Restarts GitLab using Docker Compose when changes are detected.
|
||||||
|
|
||||||
|
## Dependencies
|
||||||
|
- `nginx-docker-reverse-proxy`: A role for setting up an Nginx reverse proxy for GitLab.
|
||||||
|
|
||||||
|
## Template Files
|
||||||
|
- `docker-compose.yml.j2`: Jinja2 template for the Docker Compose configuration.
|
||||||
|
- Additional templates for database and proxy configuration.
|
||||||
|
|
||||||
|
## Usage
|
||||||
|
Include this role in your Ansible playbooks and specify the necessary variables. Run the playbook to deploy and configure GitLab in a Docker environment.
|
||||||
|
|
||||||
|
For a detailed walkthrough and explanation of this role, refer to the conversation at [ChatGPT Session Transcript](https://chat.openai.com/share/1b0147bf-d4de-4790-b8ed-c332aa4e3ce3).
|
8
roles/docker-gitlab/handlers/main.yml
Normal file
8
roles/docker-gitlab/handlers/main.yml
Normal file
@ -0,0 +1,8 @@
|
|||||||
|
---
|
||||||
|
- name: recreate gitlab
|
||||||
|
command:
|
||||||
|
cmd: docker-compose -p gitlab up -d --force-recreate
|
||||||
|
chdir: "{{docker_compose_instance_directory}}"
|
||||||
|
environment:
|
||||||
|
COMPOSE_HTTP_TIMEOUT: 600
|
||||||
|
DOCKER_CLIENT_TIMEOUT: 600
|
2
roles/docker-gitlab/meta/main.yml
Normal file
2
roles/docker-gitlab/meta/main.yml
Normal file
@ -0,0 +1,2 @@
|
|||||||
|
dependencies:
|
||||||
|
- nginx-docker-reverse-proxy
|
13
roles/docker-gitlab/tasks/main.yml
Normal file
13
roles/docker-gitlab/tasks/main.yml
Normal file
@ -0,0 +1,13 @@
|
|||||||
|
---
|
||||||
|
- name: "include tasks nginx-docker-proxy-domain.yml"
|
||||||
|
include_tasks: nginx-docker-proxy-domain.yml
|
||||||
|
|
||||||
|
- name: "create {{docker_compose_instance_directory}}"
|
||||||
|
file:
|
||||||
|
path: "{{docker_compose_instance_directory}}"
|
||||||
|
state: directory
|
||||||
|
mode: 0755
|
||||||
|
|
||||||
|
- name: add docker-compose.yml
|
||||||
|
template: src=docker-compose.yml.j2 dest={{docker_compose_instance_directory}}docker-compose.yml
|
||||||
|
notify: recreate gitlab
|
32
roles/docker-gitlab/templates/docker-compose.yml.j2
Normal file
32
roles/docker-gitlab/templates/docker-compose.yml.j2
Normal file
@ -0,0 +1,32 @@
|
|||||||
|
version: '3.6'
|
||||||
|
services:
|
||||||
|
web:
|
||||||
|
image: 'gitlab/gitlab-ee:latest'
|
||||||
|
restart: always
|
||||||
|
hostname: '{{domain}}'
|
||||||
|
environment:
|
||||||
|
GITLAB_OMNIBUS_CONFIG: |
|
||||||
|
external_url 'https://{{domain}}'
|
||||||
|
postgresql['enable'] = false
|
||||||
|
gitlab_rails['gitlab_shell_ssh_port'] = {{ssh_port}}
|
||||||
|
gitlab_rails['db_adapter'] = 'postgresql'
|
||||||
|
gitlab_rails['db_encoding'] = 'utf8'
|
||||||
|
gitlab_rails['db_host'] = '{{database_host}}'
|
||||||
|
gitlab_rails['db_port'] = 5432
|
||||||
|
gitlab_rails['db_username'] = '{{database_username}}'
|
||||||
|
gitlab_rails['db_password'] = '{{database_password}}'
|
||||||
|
ports:
|
||||||
|
- '8929:8929'
|
||||||
|
ports:
|
||||||
|
- "127.0.0.1:{{http_port}}:80"
|
||||||
|
- "{{ssh_port}}:22"
|
||||||
|
volumes:
|
||||||
|
- 'config:/etc/gitlab'
|
||||||
|
- 'logs:/var/log/gitlab'
|
||||||
|
- 'data:/var/opt/gitlab'
|
||||||
|
shm_size: '256m'
|
||||||
|
|
||||||
|
{% include 'templates/docker-postgres-service.yml.j2' %}
|
||||||
|
|
||||||
|
volumes:
|
||||||
|
database:
|
7
roles/docker-gitlab/vars/main.yml
Normal file
7
roles/docker-gitlab/vars/main.yml
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
docker_compose_instance_directory: "{{path_docker_compose_instances}}gitlab/"
|
||||||
|
database_instance: "gitlab"
|
||||||
|
database_host: "database"
|
||||||
|
database_databasename: "gitlabhq_production"
|
||||||
|
database_username: "gitlab"
|
||||||
|
database_password: "{{gitlab_database_password}}"
|
||||||
|
database_version: "{{ gitlab_database_version | default(postgres_default_version) }}"
|
@ -1,24 +1,8 @@
|
|||||||
version: "3.7"
|
version: "3.7"
|
||||||
|
|
||||||
services:
|
services:
|
||||||
database:
|
|
||||||
image: postgres:13-alpine
|
{% include 'templates/docker-postgres-service.yml.j2' %}
|
||||||
ports:
|
|
||||||
- "9432:5432"
|
|
||||||
environment:
|
|
||||||
- POSTGRES_PASSWORD={{database_password}}
|
|
||||||
- POSTGRES_USER={{database_username}}
|
|
||||||
- POSTGRES_DB={{database_databasename}}
|
|
||||||
restart: unless-stopped
|
|
||||||
healthcheck:
|
|
||||||
test: ["CMD-SHELL", "pg_isready -U {{database_username}}"]
|
|
||||||
interval: 10s
|
|
||||||
timeout: 5s
|
|
||||||
retries: 6
|
|
||||||
volumes:
|
|
||||||
- type: volume
|
|
||||||
source: database
|
|
||||||
target: /var/lib/postgresql/data
|
|
||||||
|
|
||||||
application:
|
application:
|
||||||
restart: unless-stopped
|
restart: unless-stopped
|
||||||
|
@ -1,6 +1,7 @@
|
|||||||
docker_compose_instance_directory: "{{path_docker_compose_instances}}listmonk/"
|
docker_compose_instance_directory: "{{path_docker_compose_instances}}listmonk/"
|
||||||
database_instance: "listmonk"
|
database_instance: "listmonk"
|
||||||
database_host: "database"
|
database_host: "database"
|
||||||
database_databasename: "{{database_instance}}"
|
database_databasename: "{{database_instance}}"
|
||||||
database_username: "{{database_instance}}"
|
database_username: "{{database_instance}}"
|
||||||
database_password: "{{listmonk_database_password}}"
|
database_password: "{{listmonk_database_password}}"
|
||||||
|
database_version: "{{ listmonk_database_version | default(postgres_default_version) }}"
|
@ -1,6 +1,6 @@
|
|||||||
- name: "start backup-docker-to-local.service"
|
- name: "start backup-docker-to-local-everything.service"
|
||||||
systemd:
|
systemd:
|
||||||
name: backup-docker-to-local.service
|
name: backup-docker-to-local-everything.service
|
||||||
state: started
|
state: started
|
||||||
when: force_backup_before_update | bool
|
when: force_backup_before_update | bool
|
||||||
|
|
||||||
|
10
servers.yml
10
servers.yml
@ -229,6 +229,16 @@
|
|||||||
domain: "{{domain_openproject}}"
|
domain: "{{domain_openproject}}"
|
||||||
http_port: 8023
|
http_port: 8023
|
||||||
|
|
||||||
|
- name: setup gitlab hosts
|
||||||
|
hosts: gitlab
|
||||||
|
become: true
|
||||||
|
roles:
|
||||||
|
- role: docker-gitlab
|
||||||
|
vars:
|
||||||
|
domain: "{{domain_gitlab}}"
|
||||||
|
http_port: 8024
|
||||||
|
ssh_port: 2202
|
||||||
|
|
||||||
- name: setup akaunting hosts
|
- name: setup akaunting hosts
|
||||||
hosts: akaunting
|
hosts: akaunting
|
||||||
become: true
|
become: true
|
||||||
|
19
templates/docker-postgres-service.yml.j2
Normal file
19
templates/docker-postgres-service.yml.j2
Normal file
@ -0,0 +1,19 @@
|
|||||||
|
|
||||||
|
database:
|
||||||
|
image: postgres:{{database_version}}-alpine
|
||||||
|
ports:
|
||||||
|
- "9432:5432"
|
||||||
|
environment:
|
||||||
|
- POSTGRES_PASSWORD={{database_password}}
|
||||||
|
- POSTGRES_USER={{database_username}}
|
||||||
|
- POSTGRES_DB={{database_databasename}}
|
||||||
|
restart: unless-stopped
|
||||||
|
healthcheck:
|
||||||
|
test: ["CMD-SHELL", "pg_isready -U {{database_username}}"]
|
||||||
|
interval: 10s
|
||||||
|
timeout: 5s
|
||||||
|
retries: 6
|
||||||
|
volumes:
|
||||||
|
- type: volume
|
||||||
|
source: database
|
||||||
|
target: /var/lib/postgresql/data
|
Loading…
Reference in New Issue
Block a user