mirror of
https://github.com/kevinveenbirkenbach/computer-playbook.git
synced 2025-03-12 04:32:39 +01:00
Compare commits
6 Commits
5503326ea6
...
e98d18f369
| Author | SHA1 | Date | |
|---|---|---|---|
| e98d18f369 | |||
| 8e6a383617 | |||
| 01ae2c3b38 | |||
| 8083e2b51c | |||
| df44ea524c | |||
| e50fd54f4e |
@ -147,11 +147,15 @@ defaults_applications:
|
||||
|
||||
## OAuth2 Proxy
|
||||
oauth2_proxy:
|
||||
configuration_file: "oauth2-proxy-keycloak.cfg" # Needs to be set true in the roles which use it
|
||||
configuration_file: "oauth2-proxy-keycloak.cfg" # Needs to be set true in the roles which use it
|
||||
version: "latest"
|
||||
redirect_url: "https://{{domains.keycloak}}/auth/realms/{{primary_domain}}/protocol/openid-connect/auth" # The redirect URL for the OAuth2 flow. It should match the redirect URL configured in Keycloak.
|
||||
allowed_roles: admin # Restrict it default to admin role. Use the vars/main.yml to open the specific role for other groups
|
||||
cookie_secret: "{{applications.oauth2_proxy.cookie_secret}}" # Default use wildcard for primary domain, subdomain client specific configuration in vars files in the roles is possible openssl rand -hex 16
|
||||
allowed_roles: admin # Restrict it default to admin role. Use the vars/main.yml to open the specific role for other groups
|
||||
cookie_secret: "{{applications.oauth2_proxy.cookie_secret}}" # Default use wildcard for primary domain, subdomain client specific configuration in vars files in the roles is possible openssl rand -hex 16
|
||||
|
||||
## Open Project
|
||||
openproject:
|
||||
version: "13" # Update when available. Sadly no rolling release implemented
|
||||
|
||||
## Peertube
|
||||
peertube:
|
||||
|
||||
@ -59,9 +59,7 @@
|
||||
become: true
|
||||
roles:
|
||||
- role: docker-mailu
|
||||
vars:
|
||||
enable_central_database: "{{enable_central_database_mailu}}"
|
||||
|
||||
|
||||
- name: setup elk hosts
|
||||
hosts: elk
|
||||
become: true
|
||||
|
||||
@ -6,9 +6,16 @@
|
||||
- name: "include tasks nginx-docker-proxy-domain.yml"
|
||||
include_tasks: nginx-docker-proxy-domain.yml
|
||||
|
||||
- name: "include tasks update-repository-with-docker-compose.yml"
|
||||
include_tasks: update-repository-with-docker-compose.yml
|
||||
- name: "include tasks update-repository-with-files.yml"
|
||||
include_tasks: update-repository-with-files.yml
|
||||
vars:
|
||||
detached_files:
|
||||
- "docker-compose.yml"
|
||||
|
||||
- name: configure run.env
|
||||
template: src=run.env.j2 dest={{docker_compose.directories.instance}}/env/run.env
|
||||
- name: "create {{docker_compose.files.env}}"
|
||||
template:
|
||||
src: "env.j2"
|
||||
dest: "{{docker_compose.files.env}}"
|
||||
mode: '770'
|
||||
force: yes
|
||||
notify: docker compose project setup
|
||||
|
||||
@ -3,6 +3,9 @@ services:
|
||||
{% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %}
|
||||
|
||||
application:
|
||||
|
||||
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
|
||||
|
||||
image: docker.io/akaunting/akaunting:{{applications.akaunting.version}}
|
||||
build:
|
||||
context: .
|
||||
@ -10,9 +13,6 @@ services:
|
||||
- 127.0.0.1:{{http_port}}:80
|
||||
volumes:
|
||||
- data:/var/www/html
|
||||
restart: {{docker_restart_policy}}
|
||||
env_file:
|
||||
- env/run.env
|
||||
environment:
|
||||
- AKAUNTING_SETUP
|
||||
{% include 'templates/docker/container/networks.yml.j2' %}
|
||||
|
||||
@ -17,5 +17,8 @@
|
||||
dest: "{{nginx.directories.http.servers}}{{domain}}.conf"
|
||||
notify: restart nginx
|
||||
|
||||
- name: "include tasks update-repository-with-docker-compose.yml"
|
||||
include_tasks: update-repository-with-docker-compose.yml
|
||||
- name: "include tasks update-repository-with-files.yml"
|
||||
include_tasks: update-repository-with-files.yml
|
||||
vars:
|
||||
detached_files:
|
||||
- "docker-compose.yml"
|
||||
@ -6,14 +6,16 @@
|
||||
- name: "include tasks nginx-docker-proxy-domain.yml"
|
||||
include_tasks: nginx-docker-proxy-domain.yml
|
||||
|
||||
- name: add docker-compose.yml
|
||||
template: src=docker-compose.yml.j2 dest={{docker_compose.directories.instance}}docker-compose.yml
|
||||
- name: "create {{docker_compose.files.docker_compose}}"
|
||||
template:
|
||||
src: "docker-compose.yml.j2"
|
||||
dest: "{{docker_compose.files.docker_compose}}"
|
||||
notify: docker compose project setup
|
||||
|
||||
- name: add env
|
||||
- name: "create {{docker_compose.files.env}}"
|
||||
template:
|
||||
src: env.j2
|
||||
dest: "{{docker_compose.directories.instance}}env"
|
||||
src: "env.j2"
|
||||
dest: "{{docker_compose.files.env}}"
|
||||
mode: '770'
|
||||
force: yes
|
||||
notify: docker compose project setup
|
||||
@ -5,13 +5,9 @@ services:
|
||||
{% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %}
|
||||
|
||||
application:
|
||||
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
|
||||
image: "baserow/baserow:{{applications.baserow.version}}"
|
||||
container_name: baserow-application
|
||||
restart: {{docker_restart_policy}}
|
||||
logging:
|
||||
driver: journald
|
||||
env_file:
|
||||
- ./env
|
||||
volumes:
|
||||
- data:/baserow/data
|
||||
ports:
|
||||
|
||||
@ -7,12 +7,12 @@
|
||||
image: mariadb
|
||||
restart: {{docker_restart_policy}}
|
||||
env_file:
|
||||
- mein_env_file.env
|
||||
- {{database_env}}
|
||||
command: "--transaction-isolation=READ-COMMITTED --binlog-format=ROW"
|
||||
volumes:
|
||||
- database:/var/lib/mysql
|
||||
healthcheck:
|
||||
test: "/usr/bin/mariadb --user={{database_username}} --password={{database_password}} --execute \"SHOW DATABASES;\""
|
||||
test: [ "CMD", "sh", "-c", "/usr/bin/mariadb --user=$$MYSQL_USER --password=$$MYSQL_PASSWORD --execute 'SHOW DATABASES;'" ]
|
||||
interval: 3s
|
||||
timeout: 1s
|
||||
retries: 5
|
||||
|
||||
8
roles/docker-compose/templates/services/base.yml.j2
Normal file
8
roles/docker-compose/templates/services/base.yml.j2
Normal file
@ -0,0 +1,8 @@
|
||||
# Base for docker services
|
||||
restart: {{docker_restart_policy}}
|
||||
env_file:
|
||||
- "{{docker_compose.files.env}}"
|
||||
logging:
|
||||
driver: journald
|
||||
|
||||
{{ "\n" }}
|
||||
@ -4,7 +4,11 @@ _docker_compose_directories_instance: "{{ path_docker_compose_instances }}{{ app
|
||||
# @See https://chatgpt.com/share/67a23d18-fb54-800f-983c-d6d00752b0b4
|
||||
docker_compose:
|
||||
directories:
|
||||
instance: "{{_docker_compose_directories_instance}}" # Folder for docker-compose.yml file
|
||||
env: "{{_docker_compose_directories_instance}}/.env/" # Folder for env files
|
||||
services: "{{_docker_compose_directories_instance}}/services/" # Folder for services
|
||||
volumes: "{{_docker_compose_directories_instance}}/volumes/" # Folder for volumes
|
||||
instance: "{{_docker_compose_directories_instance}}" # Folder for docker-compose.yml file
|
||||
env: "{{_docker_compose_directories_instance}}.env/" # Folder for env files
|
||||
services: "{{_docker_compose_directories_instance}}services/" # Folder for services
|
||||
volumes: "{{_docker_compose_directories_instance}}volumes/" # Folder for volumes
|
||||
config: "{{_docker_compose_directories_instance}}config/" # Folder for configuration files
|
||||
files:
|
||||
env: "{{_docker_compose_directories_instance}}.env/env" # General env file
|
||||
docker_compose: "{{_docker_compose_directories_instance}}docker-compose.yml" # Docker Compose file
|
||||
|
||||
@ -43,10 +43,10 @@
|
||||
mode: '700'
|
||||
state: directory
|
||||
|
||||
- name: "copy configuration to {{discourse_repository_directory}}containers/discourse_application.yml"
|
||||
- name: "copy configuration to {{discourse_application_yml_destination}}"
|
||||
template:
|
||||
src: discourse_application.yml.j2
|
||||
dest: "{{discourse_repository_directory}}containers/discourse_application.yml"
|
||||
dest: "{{discourse_application_yml_destination}}"
|
||||
notify: recreate discourse
|
||||
|
||||
- name: "destroy container discourse_application"
|
||||
|
||||
@ -1,5 +1,6 @@
|
||||
application_id: "discourse"
|
||||
discourse_application_container: "discourse_application"
|
||||
database_password: "{{ baserow_database_password }}"
|
||||
database_type: "postgres"
|
||||
discourse_repository_directory: "{{ path_docker_compose_instances + application_id + '/repository/' }}"
|
||||
application_id: "discourse"
|
||||
discourse_application_container: "discourse_application"
|
||||
database_password: "{{ discourse_database_password }}"
|
||||
database_type: "postgres"
|
||||
discourse_repository_directory: "{{docker_compose.directories.services}}repository/"
|
||||
discourse_application_yml_destination: "{{discourse_repository_directory}}containers/discourse_application.yml"
|
||||
@ -6,6 +6,16 @@
|
||||
- name: "include tasks nginx-docker-proxy-domain.yml"
|
||||
include_tasks: nginx-docker-proxy-domain.yml
|
||||
|
||||
- name: add docker-compose.yml
|
||||
template: src=docker-compose.yml.j2 dest={{docker_compose.directories.instance}}docker-compose.yml
|
||||
- name: "create {{docker_compose.files.docker_compose}}"
|
||||
template:
|
||||
src: "docker-compose.yml.j2"
|
||||
dest: "{{docker_compose.files.docker_compose}}"
|
||||
notify: docker compose project setup
|
||||
|
||||
- name: "create {{docker_compose.files.env}}"
|
||||
template:
|
||||
src: "env.j2"
|
||||
dest: "{{docker_compose.files.env}}"
|
||||
mode: '770'
|
||||
force: yes
|
||||
notify: docker compose project setup
|
||||
|
||||
@ -4,7 +4,7 @@ services:
|
||||
|
||||
application:
|
||||
image: "friendica:{{applications.friendica.version}}"
|
||||
restart: {{docker_restart_policy}}
|
||||
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
|
||||
volumes:
|
||||
- data:/var/www/html
|
||||
ports:
|
||||
@ -25,36 +25,6 @@ services:
|
||||
interval: 1m
|
||||
timeout: 10s
|
||||
retries: 3
|
||||
environment:
|
||||
FRIENDICA_URL: https://{{domain}}
|
||||
HOSTNAME: {{domain}}
|
||||
FRIENDICA_NO_VALIDATION: false
|
||||
|
||||
# Debugging
|
||||
FRIENDICA_DEBUGGING: false
|
||||
FRIENDICA_LOGLEVEL: 5
|
||||
FRIENDICA_LOGGER: stream
|
||||
FRIENDICA_LOGFILE: php://stdout
|
||||
|
||||
# Database Configuration
|
||||
MYSQL_HOST: "{{database_host}}:{{database_port}}"
|
||||
MYSQL_DATABASE: {{database_name}}
|
||||
MYSQL_USER: {{database_username}}
|
||||
MYSQL_PASSWORD: {{database_password}}
|
||||
|
||||
# Email Configuration
|
||||
SMTP: {{system_email.host}}
|
||||
SMTP_DOMAIN: {{system_email.domain}}
|
||||
SMTP_PORT: {{system_email.smtp_port}}
|
||||
SMTP_AUTH_USER: {{system_email.username}}
|
||||
SMTP_AUTH_PASS: {{system_email.password}}
|
||||
SMTP_TLS: {{ 'on' if system_email.tls else 'off' }}
|
||||
SMTP_STARTTLS: {{ 'on' if system_email.start_tls else 'off' }}
|
||||
SMTP_FROM: {{system_email.local}}
|
||||
|
||||
# Administrator Credentials
|
||||
FRIENDICA_ADMIN_MAIL: {{administrator_email}}
|
||||
MAILNAME: {{administrator_email}}
|
||||
{% include 'templates/docker/container/networks.yml.j2' %}
|
||||
{% include 'templates/docker/container/depends-on-just-database.yml.j2' %}
|
||||
|
||||
|
||||
29
roles/docker-friendica/templates/env.j2
Normal file
29
roles/docker-friendica/templates/env.j2
Normal file
@ -0,0 +1,29 @@
|
||||
FRIENDICA_URL= https://{{domain}}
|
||||
HOSTNAME= {{domain}}
|
||||
FRIENDICA_NO_VALIDATION= false
|
||||
|
||||
# Debugging
|
||||
FRIENDICA_DEBUGGING= false
|
||||
FRIENDICA_LOGLEVEL= 5
|
||||
FRIENDICA_LOGGER= stream
|
||||
FRIENDICA_LOGFILE= php=//stdout
|
||||
|
||||
# Database Configuration
|
||||
MYSQL_HOST= "{{database_host}}:{{database_port}}"
|
||||
MYSQL_DATABASE= {{database_name}}
|
||||
MYSQL_USER= {{database_username}}
|
||||
MYSQL_PASSWORD= {{database_password}}
|
||||
|
||||
# Email Configuration
|
||||
SMTP= {{system_email.host}}
|
||||
SMTP_DOMAIN= {{system_email.domain}}
|
||||
SMTP_PORT= {{system_email.smtp_port}}
|
||||
SMTP_AUTH_USER= {{system_email.username}}
|
||||
SMTP_AUTH_PASS= {{system_email.password}}
|
||||
SMTP_TLS= {{ 'on' if system_email.tls else 'off' }}
|
||||
SMTP_STARTTLS= {{ 'on' if system_email.start_tls else 'off' }}
|
||||
SMTP_FROM= {{system_email.local}}
|
||||
|
||||
# Administrator Credentials
|
||||
FRIENDICA_ADMIN_MAIL= {{administrator_email}}
|
||||
MAILNAME= {{administrator_email}}
|
||||
@ -7,14 +7,18 @@
|
||||
include_tasks: nginx-docker-proxy-domain.yml
|
||||
|
||||
|
||||
- name: add docker-compose.yml
|
||||
template: src=docker-compose.yml.j2 dest={{docker_compose.directories.instance}}docker-compose.yml
|
||||
- name: "create {{docker_compose.files.docker_compose}}"
|
||||
template:
|
||||
src: "docker-compose.yml.j2"
|
||||
dest: "{{docker_compose.files.docker_compose}}"
|
||||
notify: docker compose project setup
|
||||
|
||||
- name: add .env
|
||||
- name: "create {{docker_compose.files.env}}"
|
||||
template:
|
||||
src: env.j2
|
||||
dest: "{{docker_compose.directories.instance}}.env"
|
||||
src: "env.j2"
|
||||
dest: "{{docker_compose.files.env}}"
|
||||
mode: '770'
|
||||
force: yes
|
||||
notify: docker compose project setup
|
||||
notify: docker compose project setup
|
||||
|
||||
|
||||
|
||||
@ -13,61 +13,54 @@ services:
|
||||
# of CPUs. You can adjust this, by explicitly setting the --concurrency
|
||||
# flag:
|
||||
# celery -A funkwhale_api.taskapp worker -l INFO --concurrency=4
|
||||
restart: {{docker_restart_policy}}
|
||||
image: funkwhale/api:${FUNKWHALE_VERSION}
|
||||
env_file: .env
|
||||
command: celery -A funkwhale_api.taskapp worker -l INFO --concurrency=${CELERYD_CONCURRENCY-0}
|
||||
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
|
||||
image: funkwhale/api:{{applications.funkwhale.version}}
|
||||
command: celery -A funkwhale_api.taskapp worker -l INFO --concurrency={{celeryd_concurrency}}
|
||||
environment:
|
||||
- C_FORCE_ROOT=true
|
||||
volumes:
|
||||
- "data:${MEDIA_ROOT}"
|
||||
- "music:${MUSIC_DIRECTORY_PATH}:ro"
|
||||
- "data:{{media_root}}"
|
||||
- "music:{{music_directory_path}}:ro"
|
||||
{% include 'templates/docker/container/depends-on-database-redis.yml.j2' %}
|
||||
{% include 'templates/docker/container/networks.yml.j2' %}
|
||||
|
||||
celerybeat:
|
||||
restart: {{docker_restart_policy}}
|
||||
image: funkwhale/api:${FUNKWHALE_VERSION}
|
||||
env_file: .env
|
||||
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
|
||||
image: funkwhale/api:{{applications.funkwhale.version}}
|
||||
command: celery -A funkwhale_api.taskapp beat --pidfile= -l INFO
|
||||
{% include 'templates/docker/container/depends-on-database-redis.yml.j2' %}
|
||||
{% include 'templates/docker/container/networks.yml.j2' %}
|
||||
|
||||
api:
|
||||
restart: {{docker_restart_policy}}
|
||||
image: funkwhale/api:${FUNKWHALE_VERSION}
|
||||
env_file: .env
|
||||
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
|
||||
image: funkwhale/api:{{applications.funkwhale.version}}
|
||||
volumes:
|
||||
- "music:${MUSIC_DIRECTORY_PATH}:ro"
|
||||
- "data:${MEDIA_ROOT}"
|
||||
- "static_root:${STATIC_ROOT}"
|
||||
- "music:{{music_directory_path}}:ro"
|
||||
- "data:{{media_root}}"
|
||||
- "static_root:{{static_root}}"
|
||||
ports:
|
||||
- "5000"
|
||||
{% include 'templates/docker/container/depends-on-database-redis.yml.j2' %}
|
||||
{% include 'templates/docker/container/networks.yml.j2' %}
|
||||
|
||||
front:
|
||||
restart: {{docker_restart_policy}}
|
||||
image: funkwhale/front:${FUNKWHALE_VERSION}
|
||||
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
|
||||
image: funkwhale/front:{{applications.funkwhale.version}}
|
||||
depends_on:
|
||||
- api
|
||||
env_file:
|
||||
- .env
|
||||
environment:
|
||||
# Override those variables in your .env file if needed
|
||||
- "NGINX_MAX_BODY_SIZE=${NGINX_MAX_BODY_SIZE-100M}"
|
||||
- "NGINX_MAX_BODY_SIZE=100M"
|
||||
volumes:
|
||||
- "data:${MEDIA_ROOT}:ro"
|
||||
#- "${STATIC_ROOT}:${STATIC_ROOT}:ro"
|
||||
- "data:{{media_root}}:ro"
|
||||
#- "{{static_root}}:{{static_root}}:ro"
|
||||
ports:
|
||||
# override those variables in your .env file if needed
|
||||
- "${FUNKWHALE_API_IP}:${FUNKWHALE_API_PORT}:80"
|
||||
- "127.0.0.1:{{http_port}}:80"
|
||||
{% include 'templates/docker/container/networks.yml.j2' %}
|
||||
|
||||
typesense:
|
||||
restart: {{docker_restart_policy}}
|
||||
env_file:
|
||||
- .env
|
||||
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
|
||||
image: typesense/typesense:0.24.0
|
||||
volumes:
|
||||
- ./typesense/data:/data
|
||||
|
||||
@ -16,17 +16,23 @@
|
||||
#
|
||||
# Docker only
|
||||
# -----------
|
||||
MUSIC_DIRECTORY_PATH=/music
|
||||
MUSIC_DIRECTORY_PATH={{music_directory_path}}
|
||||
|
||||
# Assuming that the following variable isn't used anymore.
|
||||
# @todo remove it if this is true
|
||||
FUNKWHALE_VERSION={{applications.funkwhale.version}}
|
||||
|
||||
# End of docker-only configuration
|
||||
|
||||
# General configuration
|
||||
# ---------------------
|
||||
|
||||
# Assuming that the following variable isn't used anymore.
|
||||
# @todo remove it if this is true
|
||||
FUNKWHALE_API_IP=127.0.0.1
|
||||
# Assuming that the following variable isn't used anymore.
|
||||
# @todo remove it if this is true
|
||||
FUNKWHALE_API_PORT={{http_port}}
|
||||
|
||||
# The number of web workers to start in parallel. Higher means you can handle
|
||||
# more concurrent requests, but also leads to higher CPU/Memory usage
|
||||
FUNKWHALE_WEB_WORKERS=4
|
||||
@ -74,17 +80,17 @@ REVERSE_PROXY_TYPE=nginx
|
||||
# messaging). The more processes a worker gets, the more tasks
|
||||
# can be processed in parallel. However, more processes also means
|
||||
# a bigger memory footprint.
|
||||
CELERYD_CONCURRENCY=1
|
||||
CELERYD_CONCURRENCY={{celeryd_concurrency}}
|
||||
|
||||
# Where media files (such as album covers or audio tracks) should be stored
|
||||
# on your system?
|
||||
# (Ensure this directory actually exists)
|
||||
MEDIA_ROOT=/srv/funkwhale/data/
|
||||
MEDIA_ROOT={{media_root}}
|
||||
|
||||
# Where static files (such as API css or icons) should be compiled
|
||||
# on your system?
|
||||
# (Ensure this directory actually exists)
|
||||
STATIC_ROOT=/srv/funkwhale/data/static
|
||||
STATIC_ROOT={{static_root}}
|
||||
|
||||
# which settings module should django use?
|
||||
# You don't have to touch this unless you really know what you're doing
|
||||
@ -109,7 +115,4 @@ DJANGO_SECRET_KEY={{funkwhale_django_secret}}
|
||||
|
||||
FUNKWHALE_FRONTEND_PATH=/srv/funkwhale/front/dist
|
||||
|
||||
# Nginx related configuration
|
||||
NGINX_MAX_BODY_SIZE=100M
|
||||
|
||||
DATABASE_URL = postgresql://{{database_username}}:{{database_password}}@{{database_host}}:{{database_port}}/{{ database_name }}
|
||||
@ -2,4 +2,8 @@ application_id: "funkwhale"
|
||||
nginx_docker_reverse_proxy_extra_configuration: "client_max_body_size 512M;"
|
||||
database_password: "{{funkwhale_database_password}}"
|
||||
database_type: "postgres"
|
||||
ldap_network_enabled: true # Activate LDAP network
|
||||
ldap_network_enabled: true # Activate LDAP network
|
||||
media_root: "/srv/funkwhale/data/"
|
||||
static_root: "{{media_root}}static"
|
||||
celeryd_concurrency: 1
|
||||
music_directory_path: "/music"
|
||||
@ -6,6 +6,16 @@
|
||||
- name: "include tasks nginx-docker-proxy-domain.yml"
|
||||
include_tasks: nginx-docker-proxy-domain.yml
|
||||
|
||||
- name: add docker-compose.yml
|
||||
template: src=docker-compose.yml.j2 dest={{docker_compose.directories.instance}}docker-compose.yml
|
||||
- name: "create {{docker_compose.files.docker_compose}}"
|
||||
template:
|
||||
src: "docker-compose.yml.j2"
|
||||
dest: "{{docker_compose.files.docker_compose}}"
|
||||
notify: docker compose project setup
|
||||
|
||||
- name: "create {{docker_compose.files.env}}"
|
||||
template:
|
||||
src: "env.j2"
|
||||
dest: "{{docker_compose.files.env}}"
|
||||
mode: '770'
|
||||
force: yes
|
||||
notify: docker compose project setup
|
||||
|
||||
@ -3,24 +3,8 @@ services:
|
||||
{% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %}
|
||||
|
||||
application:
|
||||
logging:
|
||||
driver: journald
|
||||
restart: {{docker_restart_policy}}
|
||||
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
|
||||
image: "gitea/gitea:{{applications.gitea.version}}"
|
||||
environment:
|
||||
- USER_UID=1000
|
||||
- USER_GID=1000
|
||||
- DB_TYPE=mysql
|
||||
- DB_HOST={{database_host}}:{{database_port}}
|
||||
- DB_NAME={{database_name}}
|
||||
- DB_USER={{database_username}}
|
||||
- DB_PASSWD={{database_password}}
|
||||
- SSH_PORT={{ports.public.ssh_ports[application_id]}}
|
||||
- SSH_LISTEN_PORT=22
|
||||
- DOMAIN={{domain}}
|
||||
- SSH_DOMAIN={{domain}}
|
||||
- RUN_MODE="{{run_mode}}"
|
||||
- ROOT_URL="https://{{domain}}/"
|
||||
ports:
|
||||
- "127.0.0.1:{{http_port}}:3000"
|
||||
- "{{ports.public.ssh_ports[application_id]}}:22"
|
||||
|
||||
13
roles/docker-gitea/templates/env.j2
Normal file
13
roles/docker-gitea/templates/env.j2
Normal file
@ -0,0 +1,13 @@
|
||||
USER_UID=1000
|
||||
USER_GID=1000
|
||||
DB_TYPE=mysql
|
||||
DB_HOST={{database_host}}:{{database_port}}
|
||||
DB_NAME={{database_name}}
|
||||
DB_USER={{database_username}}
|
||||
DB_PASSWD={{database_password}}
|
||||
SSH_PORT={{ports.public.ssh_ports[application_id]}}
|
||||
SSH_LISTEN_PORT=22
|
||||
DOMAIN={{domain}}
|
||||
SSH_DOMAIN={{domain}}
|
||||
RUN_MODE="{{run_mode}}"
|
||||
ROOT_URL="https://{{domain}}/"
|
||||
@ -6,6 +6,16 @@
|
||||
- name: "include tasks nginx-docker-proxy-domain.yml"
|
||||
include_tasks: nginx-docker-proxy-domain.yml
|
||||
|
||||
- name: add docker-compose.yml
|
||||
template: src=docker-compose.yml.j2 dest={{docker_compose.directories.instance}}docker-compose.yml
|
||||
- name: "create {{docker_compose.files.docker_compose}}"
|
||||
template:
|
||||
src: "docker-compose.yml.j2"
|
||||
dest: "{{docker_compose.files.docker_compose}}"
|
||||
notify: docker compose project setup
|
||||
|
||||
- name: "create {{docker_compose.files.env}}"
|
||||
template:
|
||||
src: "env.j2"
|
||||
dest: "{{docker_compose.files.env}}"
|
||||
mode: '770'
|
||||
force: yes
|
||||
notify: docker compose project setup
|
||||
|
||||
@ -6,28 +6,8 @@ services:
|
||||
|
||||
web:
|
||||
image: "gitlab/gitlab-ee:{{applications.gitlab.version}}"
|
||||
restart: {{docker_restart_policy}}
|
||||
hostname: '{{domain}}'
|
||||
environment:
|
||||
GITLAB_OMNIBUS_CONFIG: |
|
||||
external_url 'https://{{domain}}'
|
||||
postgresql['enable'] = false
|
||||
gitlab_rails['gitlab_shell_ssh_port'] = {{ports.public.ssh_ports[application_id]}}
|
||||
gitlab_rails['db_adapter'] = 'postgresql'
|
||||
gitlab_rails['db_encoding'] = 'utf8'
|
||||
gitlab_rails['db_host'] = '{{database_host}}'
|
||||
gitlab_rails['db_port'] = '{{database_port}}''
|
||||
gitlab_rails['db_username'] = '{{database_username}}'
|
||||
gitlab_rails['db_password'] = '{{database_password}}'
|
||||
gitlab_rails['db_database'] = "{{database_name}}"
|
||||
nginx['listen_port'] = 80
|
||||
nginx['listen_https'] = false
|
||||
|
||||
gitlab_rails['initial_root_password'] = "{{gitlab_initial_root_password}}"
|
||||
|
||||
redis['enable'] = false
|
||||
gitlab_rails['redis_host'] = 'redis'
|
||||
gitlab_rails['redis_port'] = '6379'
|
||||
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
|
||||
ports:
|
||||
- "127.0.0.1:{{http_port}}:80"
|
||||
- "{{ports.public.ssh_ports[application_id]}}:22"
|
||||
|
||||
22
roles/docker-gitlab/templates/env.j2
Normal file
22
roles/docker-gitlab/templates/env.j2
Normal file
@ -0,0 +1,22 @@
|
||||
{# env.j2 #}
|
||||
{% set config_lines = [
|
||||
"external_url 'https://{{ domain }}'",
|
||||
"postgresql['enable']=false",
|
||||
"gitlab_rails['gitlab_shell_ssh_port']={{ ports.public.ssh_ports[application_id] }}",
|
||||
"gitlab_rails['db_adapter']='postgresql'",
|
||||
"gitlab_rails['db_encoding']='utf8'",
|
||||
"gitlab_rails['db_host']='{{ database_host }}'",
|
||||
"gitlab_rails['db_port']='{{ database_port }}'",
|
||||
"gitlab_rails['db_username']='{{ database_username }}'",
|
||||
"gitlab_rails['db_password']='{{ database_password }}'",
|
||||
"gitlab_rails['db_database']=\"{{ database_name }}\"",
|
||||
"nginx['listen_port']=80",
|
||||
"nginx['listen_https']=false",
|
||||
"",
|
||||
"gitlab_rails['initial_root_password']=\"{{ gitlab_initial_root_password }}\"",
|
||||
"",
|
||||
"redis['enable']=false",
|
||||
"gitlab_rails['redis_host']='redis'",
|
||||
"gitlab_rails['redis_port']='6379'"
|
||||
] %}
|
||||
GITLAB_OMNIBUS_CONFIG="{{ config_lines | join('\\n') }}"
|
||||
@ -9,6 +9,16 @@
|
||||
loop_control:
|
||||
loop_var: domain
|
||||
|
||||
- name: add docker-compose.yml
|
||||
template: src=docker-compose.yml.j2 dest={{docker_compose.directories.instance}}docker-compose.yml
|
||||
- name: "create {{docker_compose.files.docker_compose}}"
|
||||
template:
|
||||
src: "docker-compose.yml.j2"
|
||||
dest: "{{docker_compose.files.docker_compose}}"
|
||||
notify: docker compose project setup
|
||||
|
||||
- name: "create {{docker_compose.files.env}}"
|
||||
template:
|
||||
src: "env.j2"
|
||||
dest: "{{docker_compose.files.env}}"
|
||||
mode: '770'
|
||||
force: yes
|
||||
notify: docker compose project setup
|
||||
@ -4,14 +4,7 @@ services:
|
||||
|
||||
application:
|
||||
image: "joomla:{{applications.joomla.version}}"
|
||||
logging:
|
||||
driver: journald
|
||||
environment:
|
||||
JOOMLA_DB_HOST: "{{database_host}}:{{database_port}}"
|
||||
JOOMLA_DB_USER: "{{database_username}}"
|
||||
JOOMLA_DB_PASSWORD: "{{database_password}}"
|
||||
JOOMLA_DB_NAME: "{{database_name}}"
|
||||
restart: {{docker_restart_policy}}
|
||||
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
|
||||
volumes:
|
||||
- data:/var/www/html
|
||||
ports:
|
||||
|
||||
4
roles/docker-joomla/templates/env.j2
Normal file
4
roles/docker-joomla/templates/env.j2
Normal file
@ -0,0 +1,4 @@
|
||||
JOOMLA_DB_HOST="{{database_host}}:{{database_port}}"
|
||||
JOOMLA_DB_USER="{{database_username}}"
|
||||
JOOMLA_DB_PASSWORD="{{database_password}}"
|
||||
JOOMLA_DB_NAME="{{database_name}}"
|
||||
@ -6,6 +6,16 @@
|
||||
- name: "include tasks nginx-docker-proxy-domain.yml"
|
||||
include_tasks: nginx-docker-proxy-domain.yml
|
||||
|
||||
- name: add docker-compose.yml
|
||||
template: src=docker-compose.yml.j2 dest={{docker_compose.directories.instance}}docker-compose.yml
|
||||
- name: "create {{docker_compose.files.docker_compose}}"
|
||||
template:
|
||||
src: "docker-compose.yml.j2"
|
||||
dest: "{{docker_compose.files.docker_compose}}"
|
||||
notify: docker compose project setup
|
||||
|
||||
- name: "create {{docker_compose.files.env}}"
|
||||
template:
|
||||
src: "env.j2"
|
||||
dest: "{{docker_compose.files.env}}"
|
||||
mode: '770'
|
||||
force: yes
|
||||
notify: docker compose project setup
|
||||
|
||||
@ -5,19 +5,9 @@ services:
|
||||
application:
|
||||
image: quay.io/keycloak/keycloak:{{applications.keycloak.version}}
|
||||
command: start
|
||||
environment:
|
||||
KC_HOSTNAME: https://{{domain}}
|
||||
KC_HTTP_ENABLED: true
|
||||
KC_HEALTH_ENABLED: true
|
||||
KEYCLOAK_ADMIN: "{{applications.keycloak.administrator_username}}"
|
||||
KEYCLOAK_ADMIN_PASSWORD: "{{keycloak_administrator_password}}"
|
||||
KC_DB: postgres
|
||||
KC_DB_URL: jdbc:postgresql://{{database_host}}/{{database_name}}
|
||||
KC_DB_USERNAME: {{database_username}}
|
||||
KC_DB_PASSWORD: {{database_password}}
|
||||
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
|
||||
ports:
|
||||
- "127.0.0.1:{{http_port}}:8080"
|
||||
restart: {{docker_restart_policy}}
|
||||
{% include 'templates/docker/container/depends-on-just-database.yml.j2' %}
|
||||
{% include 'templates/docker/container/networks.yml.j2' %}
|
||||
|
||||
|
||||
9
roles/docker-keycloak/templates/env.j2
Normal file
9
roles/docker-keycloak/templates/env.j2
Normal file
@ -0,0 +1,9 @@
|
||||
KC_HOSTNAME= https://{{domain}}
|
||||
KC_HTTP_ENABLED= true
|
||||
KC_HEALTH_ENABLED= true
|
||||
KEYCLOAK_ADMIN= "{{applications.keycloak.administrator_username}}"
|
||||
KEYCLOAK_ADMIN_PASSWORD= "{{keycloak_administrator_password}}"
|
||||
KC_DB= postgres
|
||||
KC_DB_URL= jdbc:postgresql://{{database_host}}/{{database_name}}
|
||||
KC_DB_USERNAME= {{database_username}}
|
||||
KC_DB_PASSWORD= {{database_password}}
|
||||
@ -19,14 +19,32 @@
|
||||
state: absent
|
||||
when: not applications.ldap.openldap.expose_to_internet | bool
|
||||
|
||||
- name: "create {{docker_compose.directories.instance}}"
|
||||
file:
|
||||
path: "{{docker_compose.directories.instance}}"
|
||||
state: directory
|
||||
mode: 0755
|
||||
- name: "create {{docker_compose.files.docker_compose}}"
|
||||
template:
|
||||
src: "docker-compose.yml.j2"
|
||||
dest: "{{docker_compose.files.docker_compose}}"
|
||||
notify: docker compose project setup
|
||||
|
||||
- name: add docker-compose.yml
|
||||
- name: "create {{docker_compose.files.env}}"
|
||||
template:
|
||||
src: "docker-compose.yml.j2"
|
||||
dest: "{{docker_compose.directories.instance}}docker-compose.yml"
|
||||
src: "env.j2"
|
||||
dest: "{{docker_compose.files.env}}"
|
||||
mode: '770'
|
||||
force: yes
|
||||
notify: docker compose project setup
|
||||
|
||||
- name: "create {{docker_compose.directories.env}}phpldapadmin.env"
|
||||
template:
|
||||
src: "phpldapadmin.env.j2"
|
||||
dest: "{{docker_compose.directories.env}}phpldapadmin.env"
|
||||
mode: '770'
|
||||
force: yes
|
||||
notify: docker compose project setup
|
||||
|
||||
- name: "create {{docker_compose.directories.env}}lam.env"
|
||||
template:
|
||||
src: "lam.env.j2"
|
||||
dest: "{{docker_compose.directories.env}}lam.env"
|
||||
mode: '770'
|
||||
force: yes
|
||||
notify: docker compose project setup
|
||||
@ -11,64 +11,23 @@ services:
|
||||
image: ghcr.io/ldapaccountmanager/lam:{{applications.ldap.lam.version}} # Dies ist das Docker-Image für LAM
|
||||
ports:
|
||||
- 127.0.0.1:{{http_port}}:80
|
||||
environment: # See all variables here: https://github.com/LDAPAccountManager/lam/blob/develop/lam-packaging/docker/.env
|
||||
|
||||
# Basic Configuration
|
||||
LAM_PASSWORD: {{applications.ldap.lam.administrator_password}} # LAM configuration master password and password for server profile "lam
|
||||
|
||||
# Database
|
||||
LAM_CONFIGURATION_DATABASE: files # configuration database (files or mysql) @todo implement mariadb
|
||||
env_file:
|
||||
- "{{docker_compose.directories.env}}lam.env"
|
||||
|
||||
# LDAP Configuration
|
||||
LDAP_SERVER: ldap://openldap:389 # LDAP server URL
|
||||
LDAP_DOMAIN: {{domain}} # domain of LDAP database root entry, will be converted to dc=...,dc=...
|
||||
LDAP_BASE_DN: {{ldap_root}} # LDAP base DN to overwrite value generated by LDAP_DOMAIN
|
||||
LDAP_USER: {{ldap_admin_dn}} # LDAP admin user (set as login user for LAM)
|
||||
LDAP_ADMIN_PASSWORD: {{applications.ldap.administrator_database_password}} # LDAP admin password
|
||||
{% elif applications.ldap.webinterface == 'phpldapadmin' %}
|
||||
image: leenooks/phpldapadmin:{{applications.ldap.phpldapadmin.version}}
|
||||
ports:
|
||||
- 127.0.0.1:{{http_port}}:8080
|
||||
environment:
|
||||
# @See https://github.com/leenooks/phpLDAPadmin/wiki/Docker-Container
|
||||
APP_URL: https://{{domain}}
|
||||
LDAP_HOST: openldap
|
||||
env_file:
|
||||
- "{{docker_compose.directories.env}}phpldapadmin.env"
|
||||
{% endif %}
|
||||
openldap:
|
||||
image: bitnami/openldap:{{applications.ldap.openldap.version}}
|
||||
container_name: openldap
|
||||
logging:
|
||||
driver: journald
|
||||
restart: {{docker_restart_policy}}
|
||||
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
|
||||
ports:
|
||||
- 127.0.0.1:{{ldap_localhost_port}}:{{ldap_localhost_port}} # Expose just on localhost so that nginx stream proxy can use it
|
||||
- 127.0.0.1:{{ldap_secure_localhost_port}}:{{ldap_secure_localhost_port}} # Expose just on localhost
|
||||
environment:
|
||||
# @See https://hub.docker.com/r/bitnami/openldap
|
||||
|
||||
# GENERAL
|
||||
## Database
|
||||
LDAP_ADMIN_USERNAME: {{applications.ldap.administrator_username}} # LDAP database admin user.
|
||||
LDAP_ADMIN_PASSWORD: {{applications.ldap.administrator_database_password}} # LDAP database admin password.
|
||||
|
||||
## Users
|
||||
LDAP_USERS: ' ' # Comma separated list of LDAP users to create in the default LDAP tree. Default: user01,user02
|
||||
LDAP_PASSWORDS: ' ' # Comma separated list of passwords to use for LDAP users. Default: bitnami1,bitnami2
|
||||
LDAP_ROOT: {{ldap_root}} # LDAP baseDN (or suffix) of the LDAP tree. Default: dc=example,dc=org
|
||||
|
||||
## Admin
|
||||
LDAP_ADMIN_DN: {{ldap_admin_dn}} # Not well documented. Don't know if this has an effect
|
||||
LDAP_CONFIG_ADMIN_ENABLED: yes
|
||||
LDAP_CONFIG_ADMIN_USERNAME: {{applications.ldap.administrator_username}}
|
||||
LDAP_CONFIG_ADMIN_PASSWORD: {{applications.ldap.administrator_password}}
|
||||
|
||||
# Network
|
||||
LDAP_PORT_NUMBER: {{ldap_localhost_port}} # Route to default port
|
||||
LDAP_ENABLE_TLS: no # Using nginx proxy for tls
|
||||
LDAP_LDAPS_PORT_NUMBER: {{ldap_secure_localhost_port}} # Port used for TLS secure traffic. Priviledged port is supported (e.g. 636). Default: 1636 (non privileged port).
|
||||
|
||||
# Security
|
||||
LDAP_ALLOW_ANON_BINDING: no # Allow anonymous bindings to the LDAP server. Default: yes.
|
||||
volumes:
|
||||
- 'data:/bitnami/openldap'
|
||||
healthcheck:
|
||||
|
||||
26
roles/docker-ldap/templates/env.j2
Normal file
26
roles/docker-ldap/templates/env.j2
Normal file
@ -0,0 +1,26 @@
|
||||
|
||||
# @See https://hub.docker.com/r/bitnami/openldap
|
||||
|
||||
# GENERAL
|
||||
## Database
|
||||
LDAP_ADMIN_USERNAME= {{applications.ldap.administrator_username}} # LDAP database admin user.
|
||||
LDAP_ADMIN_PASSWORD= {{applications.ldap.administrator_database_password}} # LDAP database admin password.
|
||||
|
||||
## Users
|
||||
LDAP_USERS= ' ' # Comma separated list of LDAP users to create in the default LDAP tree. Default: user01,user02
|
||||
LDAP_PASSWORDS= ' ' # Comma separated list of passwords to use for LDAP users. Default: bitnami1,bitnami2
|
||||
LDAP_ROOT= {{ldap_root}} # LDAP baseDN (or suffix) of the LDAP tree. Default: dc=example,dc=org
|
||||
|
||||
## Admin
|
||||
LDAP_ADMIN_DN= {{ldap_admin_dn}} # Not well documented. Don't know if this has an effect
|
||||
LDAP_CONFIG_ADMIN_ENABLED= yes
|
||||
LDAP_CONFIG_ADMIN_USERNAME= {{applications.ldap.administrator_username}}
|
||||
LDAP_CONFIG_ADMIN_PASSWORD= {{applications.ldap.administrator_password}}
|
||||
|
||||
# Network
|
||||
LDAP_PORT_NUMBER= {{ldap_localhost_port}} # Route to default port
|
||||
LDAP_ENABLE_TLS= no # Using nginx proxy for tls
|
||||
LDAP_LDAPS_PORT_NUMBER= {{ldap_secure_localhost_port}} # Port used for TLS secure traffic. Priviledged port is supported (e.g. 636). Default: 1636 (non privileged port).
|
||||
|
||||
# Security
|
||||
LDAP_ALLOW_ANON_BINDING= no # Allow anonymous bindings to the LDAP server. Default: yes.
|
||||
13
roles/docker-ldap/templates/lam.env.j2
Normal file
13
roles/docker-ldap/templates/lam.env.j2
Normal file
@ -0,0 +1,13 @@
|
||||
# See all variables here: https://github.com/LDAPAccountManager/lam/blob/develop/lam-packaging/docker/.env
|
||||
|
||||
# Basic Configuration
|
||||
LAM_PASSWORD= {{applications.ldap.lam.administrator_password}} # LAM configuration master password and password for server profile "lam
|
||||
|
||||
# Database
|
||||
LAM_CONFIGURATION_DATABASE= files # configuration database (files or mysql) @todo implement mariadb
|
||||
|
||||
# LDAP Configuration
|
||||
LDAP_SERVER= {{domain}} # domain of LDAP database root entry, will be converted to dc=...,dc=...
|
||||
LDAP_BASE_DN= {{ldap_root}} # LDAP base DN to overwrite value generated by LDAP_DOMAIN
|
||||
LDAP_USER= {{ldap_admin_dn}} # LDAP admin user (set as login user for LAM)
|
||||
LDAP_ADMIN_PASSWORD= {{applications.ldap.administrator_database_password}} # LDAP admin password
|
||||
3
roles/docker-ldap/templates/phpldapadmin.env.j2
Normal file
3
roles/docker-ldap/templates/phpldapadmin.env.j2
Normal file
@ -0,0 +1,3 @@
|
||||
# @See https://github.com/leenooks/phpLDAPadmin/wiki/Docker-Container
|
||||
APP_URL= https://{{domain}}
|
||||
LDAP_HOST= openldap
|
||||
@ -15,16 +15,24 @@
|
||||
- name: "include tasks nginx-docker-proxy-domain.yml"
|
||||
include_tasks: nginx-docker-proxy-domain.yml
|
||||
|
||||
- name: add docker-compose.yml
|
||||
- name: "create {{docker_compose.files.docker_compose}}"
|
||||
template:
|
||||
src: "docker-compose.yml.j2"
|
||||
dest: "{{docker_compose.files.docker_compose}}"
|
||||
notify: docker compose project setup
|
||||
|
||||
- name: "create {{docker_compose.files.env}}"
|
||||
template:
|
||||
src: "docker-compose.yml.j2"
|
||||
dest: "{{docker_compose.directories.instance}}docker-compose.yml"
|
||||
src: "env.j2"
|
||||
dest: "{{docker_compose.files.env}}"
|
||||
mode: '770'
|
||||
force: yes
|
||||
notify: docker compose project setup
|
||||
|
||||
- name: add config.toml
|
||||
template:
|
||||
src: "config.toml.j2"
|
||||
dest: "{{docker_compose.directories.instance}}config.toml"
|
||||
dest: "{{docker_compose.directories.config}}config.toml"
|
||||
notify: docker compose project setup
|
||||
|
||||
- name: flush docker service
|
||||
|
||||
@ -3,14 +3,12 @@ services:
|
||||
{% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %}
|
||||
|
||||
application:
|
||||
restart: {{docker_restart_policy}}
|
||||
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
|
||||
image: listmonk/listmonk:{{applications.listmonk.version}}
|
||||
ports:
|
||||
- "127.0.0.1:{{http_port}}:9000"
|
||||
environment:
|
||||
- TZ=Etc/UTC
|
||||
volumes:
|
||||
- ./config.toml:/listmonk/config.toml
|
||||
- {{docker_compose.directories.config}}config.toml:/listmonk/config.toml
|
||||
{% include 'templates/docker/container/networks.yml.j2' %}
|
||||
{% include 'templates/docker/container/depends-on-just-database.yml.j2' %}
|
||||
|
||||
|
||||
1
roles/docker-listmonk/templates/env.j2
Normal file
1
roles/docker-listmonk/templates/env.j2
Normal file
@ -0,0 +1 @@
|
||||
TZ=Etc/UTC
|
||||
@ -41,14 +41,6 @@ If you need to receive emails from another account, follow these steps:
|
||||
2. Export all data from your original account.
|
||||
3. Import all data to your new account.
|
||||
|
||||
### Data Deletion
|
||||
|
||||
To delete all volumes and data, execute the following command with caution:
|
||||
|
||||
```bash
|
||||
rm -vr /etc/mailu/; docker volume rm $(docker volume ls -q | grep mailu_)
|
||||
```
|
||||
|
||||
### Port Management
|
||||
|
||||
Check for any port conflicts and manually change the conflicting ports if necessary. Use the following command to verify:
|
||||
|
||||
@ -8,32 +8,22 @@
|
||||
vars:
|
||||
nginx_docker_reverse_proxy_extra_configuration: "client_max_body_size 31M;"
|
||||
|
||||
- name: "create {{docker_compose.directories.instance}}"
|
||||
file:
|
||||
path: "{{docker_compose.directories.instance}}"
|
||||
state: directory
|
||||
mode: 0755
|
||||
|
||||
- name: "create /etc/mailu/"
|
||||
file:
|
||||
path: "/etc/mailu"
|
||||
state: directory
|
||||
mode: 0755
|
||||
|
||||
- name: "Include the nginx-docker-cert-deploy role"
|
||||
include_role:
|
||||
name: nginx-docker-cert-deploy
|
||||
|
||||
- name: add docker-compose.yml
|
||||
template:
|
||||
src: "docker-compose.yml.j2"
|
||||
dest: "{{docker_compose.directories.instance}}docker-compose.yml"
|
||||
- name: "create {{docker_compose.files.docker_compose}}"
|
||||
template:
|
||||
src: "docker-compose.yml.j2"
|
||||
dest: "{{docker_compose.files.docker_compose}}"
|
||||
notify: docker compose project setup
|
||||
|
||||
- name: add .env
|
||||
- name: "create {{docker_compose.files.env}}"
|
||||
template:
|
||||
src: "env.j2"
|
||||
dest: "{{docker_compose.directories.instance}}.env"
|
||||
dest: "{{docker_compose.files.env}}"
|
||||
mode: '770'
|
||||
force: yes
|
||||
notify: docker compose project setup
|
||||
|
||||
- name: flush docker service
|
||||
|
||||
@ -7,19 +7,13 @@ services:
|
||||
# Core services
|
||||
resolver:
|
||||
image: ghcr.io/mailu/unbound:{{applications.mailu.version}}
|
||||
env_file: .env
|
||||
restart: {{docker_restart_policy}}
|
||||
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
|
||||
{% include 'templates/docker/container/networks.yml.j2' %}
|
||||
ipv4_address: {{networks.local.mailu.dns}}
|
||||
logging:
|
||||
driver: journald
|
||||
|
||||
front:
|
||||
image: ghcr.io/mailu/nginx:{{applications.mailu.version}}
|
||||
restart: {{docker_restart_policy}}
|
||||
env_file: .env
|
||||
logging:
|
||||
driver: journald
|
||||
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
|
||||
ports:
|
||||
- "127.0.0.1:{{ http_port }}:80"
|
||||
- "{{networks.internet.ip4}}:25:25"
|
||||
@ -31,7 +25,7 @@ services:
|
||||
- "{{networks.internet.ip4}}:993:993"
|
||||
- "{{networks.internet.ip4}}:4190:4190"
|
||||
volumes:
|
||||
- "/etc/mailu/overrides/nginx:/overrides:ro"
|
||||
- "{{docker_compose.directories.volumes}}overrides/nginx:/overrides:ro"
|
||||
- "{{cert_mount_directory}}:/certs:ro"
|
||||
{% include 'templates/docker/container/depends-on-also-database.yml.j2' %}
|
||||
resolver:
|
||||
@ -44,8 +38,7 @@ services:
|
||||
|
||||
admin:
|
||||
image: ghcr.io/mailu/admin:{{applications.mailu.version}}
|
||||
restart: {{docker_restart_policy}}
|
||||
env_file: .env
|
||||
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
|
||||
volumes:
|
||||
- "admin_data:/data"
|
||||
- "dkim:/dkim"
|
||||
@ -54,42 +47,34 @@ services:
|
||||
condition: service_started
|
||||
front:
|
||||
condition: service_started
|
||||
logging:
|
||||
driver: journald
|
||||
dns:
|
||||
- {{networks.local.mailu.dns}}
|
||||
{% include 'templates/docker/container/networks.yml.j2' %}
|
||||
|
||||
imap:
|
||||
image: ghcr.io/mailu/dovecot:{{applications.mailu.version}}
|
||||
restart: {{docker_restart_policy}}
|
||||
env_file: .env
|
||||
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
|
||||
volumes:
|
||||
- "dovecot_mail:/mail"
|
||||
- "/etc/mailu/overrides:/overrides:ro"
|
||||
- "{{docker_compose.directories.volumes}}overrides:/overrides:ro"
|
||||
depends_on:
|
||||
- front
|
||||
- resolver
|
||||
dns:
|
||||
- {{networks.local.mailu.dns}}
|
||||
logging:
|
||||
driver: journald
|
||||
{% include 'templates/docker/container/networks.yml.j2' %}
|
||||
|
||||
smtp:
|
||||
image: ghcr.io/mailu/postfix:{{applications.mailu.version}}
|
||||
restart: {{docker_restart_policy}}
|
||||
env_file: .env
|
||||
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
|
||||
volumes:
|
||||
- "/etc/mailu/overrides:/overrides:ro"
|
||||
- "{{docker_compose.directories.volumes}}overrides:/overrides:ro"
|
||||
- "smtp_queue:/queue"
|
||||
depends_on:
|
||||
- front
|
||||
- resolver
|
||||
dns:
|
||||
- {{networks.local.mailu.dns}}
|
||||
logging:
|
||||
driver: journald
|
||||
{% include 'templates/docker/container/networks.yml.j2' %}
|
||||
|
||||
oletools:
|
||||
@ -105,12 +90,11 @@ services:
|
||||
|
||||
antispam:
|
||||
image: ghcr.io/mailu/rspamd:{{applications.mailu.version}}
|
||||
restart: {{docker_restart_policy}}
|
||||
env_file: .env
|
||||
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
|
||||
volumes:
|
||||
- "filter:/var/lib/rspamd"
|
||||
- "dkim:/dkim"
|
||||
- "/etc/mailu/overrides/rspamd:/overrides:ro"
|
||||
- "{{docker_compose.directories.volumes}}overrides/rspamd:/overrides:ro"
|
||||
depends_on:
|
||||
- front
|
||||
- redis
|
||||
@ -118,8 +102,6 @@ services:
|
||||
- resolver
|
||||
dns:
|
||||
- {{networks.local.mailu.dns}}
|
||||
logging:
|
||||
driver: journald
|
||||
{% include 'templates/docker/container/networks.yml.j2' %}
|
||||
noinet:
|
||||
|
||||
@ -127,26 +109,20 @@ services:
|
||||
# Optional services
|
||||
antivirus:
|
||||
image: clamav/clamav-debian:latest
|
||||
restart: {{docker_restart_policy}}
|
||||
env_file: .env
|
||||
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
|
||||
volumes:
|
||||
- "filter:/data"
|
||||
depends_on:
|
||||
- resolver
|
||||
dns:
|
||||
- {{networks.local.mailu.dns}}
|
||||
logging:
|
||||
driver: journald
|
||||
{% include 'templates/docker/container/networks.yml.j2' %}
|
||||
|
||||
webdav:
|
||||
image: ghcr.io/mailu/radicale:{{applications.mailu.version}}
|
||||
restart: {{docker_restart_policy}}
|
||||
env_file: .env
|
||||
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
|
||||
volumes:
|
||||
- "webdav_data:/data"
|
||||
logging:
|
||||
driver: journald
|
||||
depends_on:
|
||||
- resolver
|
||||
dns:
|
||||
@ -158,10 +134,7 @@ services:
|
||||
image: ghcr.io/mailu/fetchmail:{{applications.mailu.version}}
|
||||
volumes:
|
||||
- "admin_data:/data"
|
||||
restart: {{docker_restart_policy}}
|
||||
env_file: .env
|
||||
logging:
|
||||
driver: journald
|
||||
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
|
||||
depends_on:
|
||||
- admin
|
||||
- smtp
|
||||
@ -173,17 +146,14 @@ services:
|
||||
|
||||
webmail:
|
||||
image: ghcr.io/mailu/webmail:{{applications.mailu.version}}
|
||||
restart: {{docker_restart_policy}}
|
||||
env_file: .env
|
||||
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
|
||||
volumes:
|
||||
- "webmail_data:/data"
|
||||
- "/etc/mailu/overrides:/overrides:ro"
|
||||
- "{{docker_compose.directories.volumes}}overrides:/overrides:ro"
|
||||
depends_on:
|
||||
- imap
|
||||
- front
|
||||
- resolver
|
||||
logging:
|
||||
driver: journald
|
||||
dns:
|
||||
- {{networks.local.mailu.dns}}
|
||||
{% include 'templates/docker/container/networks.yml.j2' %}
|
||||
|
||||
@ -1,5 +1,10 @@
|
||||
application_id: "mailu"
|
||||
database_password: "{{mailu_database_password}}"
|
||||
database_type: "mariadb"
|
||||
cert_mount_directory: "{{docker_compose.directories.instance}}/certs/"
|
||||
enable_wildcard_certificate: false
|
||||
cert_mount_directory: "{{docker_compose.directories.volumes}}certs/"
|
||||
enable_wildcard_certificate: false
|
||||
|
||||
# I don't know why this configuration is necessary.
|
||||
# Propabldy due to a database migration problem, or dificulties to configure an external db in mailu
|
||||
# @todo research
|
||||
enable_central_database: "{{enable_central_database_mailu}}"
|
||||
@ -9,14 +9,18 @@
|
||||
loop_control:
|
||||
loop_var: domain
|
||||
|
||||
- name: copy docker-compose.yml
|
||||
template: src=docker-compose.yml.j2 dest={{docker_compose.directories.instance}}docker-compose.yml
|
||||
- name: "create {{docker_compose.files.docker_compose}}"
|
||||
template:
|
||||
src: "docker-compose.yml.j2"
|
||||
dest: "{{docker_compose.files.docker_compose}}"
|
||||
notify: docker compose project setup
|
||||
|
||||
- name: copy configuration
|
||||
- name: "create {{docker_compose.files.env}}"
|
||||
template:
|
||||
src: .env.production.j2
|
||||
dest: "{{docker_compose.directories.instance}}.env.production"
|
||||
src: "env.j2"
|
||||
dest: "{{docker_compose.files.env}}"
|
||||
mode: '770'
|
||||
force: yes
|
||||
notify: docker compose project setup
|
||||
|
||||
- name: flush docker service
|
||||
|
||||
@ -6,8 +6,7 @@ services:
|
||||
|
||||
web:
|
||||
image: ghcr.io/mastodon/mastodon:{{applications.mastodon.version}}
|
||||
restart: {{docker_restart_policy}}
|
||||
env_file: .env.production
|
||||
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
|
||||
command: bash -c "rm -f /mastodon/tmp/pids/server.pid; bundle exec rails s -p 3000"
|
||||
healthcheck:
|
||||
test: ['CMD-SHELL', 'wget -q --spider --proxy=off localhost:3000/health || exit 1']
|
||||
@ -16,36 +15,28 @@ services:
|
||||
{% include 'templates/docker/container/depends-on-database-redis.yml.j2' %}
|
||||
volumes:
|
||||
- data:/mastodon/public/system
|
||||
logging:
|
||||
driver: journald
|
||||
{% include 'templates/docker/container/networks.yml.j2' %}
|
||||
|
||||
streaming:
|
||||
image: ghcr.io/mastodon/mastodon-streaming:{{applications.mastodon.version}}
|
||||
restart: {{docker_restart_policy}}
|
||||
env_file: .env.production
|
||||
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
|
||||
command: node ./streaming
|
||||
healthcheck:
|
||||
test: ['CMD-SHELL', 'wget -q --spider --proxy=off localhost:4000/api/v1/streaming/health || exit 1']
|
||||
ports:
|
||||
- "127.0.0.1:{{ports.localhost.web_socket[application_id]}}:4000"
|
||||
{% include 'templates/docker/container/depends-on-database-redis.yml.j2' %}
|
||||
logging:
|
||||
driver: journald
|
||||
{% include 'templates/docker/container/networks.yml.j2' %}
|
||||
|
||||
sidekiq:
|
||||
image: ghcr.io/mastodon/mastodon:{{applications.mastodon.version}}
|
||||
restart: {{docker_restart_policy}}
|
||||
env_file: .env.production
|
||||
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
|
||||
command: bundle exec sidekiq
|
||||
{% include 'templates/docker/container/depends-on-database-redis.yml.j2' %}
|
||||
volumes:
|
||||
- data:/mastodon/public/system
|
||||
healthcheck:
|
||||
test: ['CMD-SHELL', "ps aux | grep '[s]idekiq\ 6' || false"]
|
||||
logging:
|
||||
driver: journald
|
||||
{% include 'templates/docker/container/networks.yml.j2' %}
|
||||
|
||||
{% include 'templates/docker/compose/volumes.yml.j2' %}
|
||||
|
||||
@ -6,8 +6,16 @@
|
||||
- name: "include tasks nginx-docker-proxy-domain.yml"
|
||||
include_tasks: nginx-docker-proxy-domain.yml
|
||||
|
||||
- name: add docker-compose.yml
|
||||
template:
|
||||
src: "docker-compose.yml.j2"
|
||||
dest: "{{docker_compose.directories.instance}}docker-compose.yml"
|
||||
- name: "create {{docker_compose.files.docker_compose}}"
|
||||
template:
|
||||
src: "docker-compose.yml.j2"
|
||||
dest: "{{docker_compose.files.docker_compose}}"
|
||||
notify: docker compose project setup
|
||||
|
||||
- name: "create {{docker_compose.files.env}}"
|
||||
template:
|
||||
src: "env.j2"
|
||||
dest: "{{docker_compose.files.env}}"
|
||||
mode: '770'
|
||||
force: yes
|
||||
notify: docker compose project setup
|
||||
@ -3,18 +3,10 @@ services:
|
||||
{% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %}
|
||||
|
||||
application:
|
||||
logging:
|
||||
driver: journald
|
||||
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
|
||||
image: matomo:{{applications.matomo.version}}
|
||||
restart: {{docker_restart_policy}}
|
||||
ports:
|
||||
- "127.0.0.1:{{http_port}}:80"
|
||||
environment:
|
||||
MATOMO_DATABASE_HOST: "{{database_host}}:{{database_port}}"
|
||||
MATOMO_DATABASE_ADAPTER: "mysql"
|
||||
MATOMO_DATABASE_USERNAME: "{{database_username}}"
|
||||
MATOMO_DATABASE_PASSWORD: "{{database_password}}"
|
||||
MATOMO_DATABASE_DBNAME: "{{database_name}}"
|
||||
volumes:
|
||||
- data:/var/www/html
|
||||
{% include 'templates/docker/container/depends-on-just-database.yml.j2' %}
|
||||
|
||||
5
roles/docker-matomo/templates/env.j2
Normal file
5
roles/docker-matomo/templates/env.j2
Normal file
@ -0,0 +1,5 @@
|
||||
MATOMO_DATABASE_HOST= "{{database_host}}:{{database_port}}"
|
||||
MATOMO_DATABASE_ADAPTER= "mysql"
|
||||
MATOMO_DATABASE_USERNAME= "{{database_username}}"
|
||||
MATOMO_DATABASE_PASSWORD= "{{database_password}}"
|
||||
MATOMO_DATABASE_DBNAME= "{{database_name}}"
|
||||
@ -6,8 +6,16 @@
|
||||
- name: "include tasks nginx-docker-proxy-domain.yml"
|
||||
include_tasks: nginx-docker-proxy-domain.yml
|
||||
|
||||
- name: add docker-compose.yml
|
||||
template:
|
||||
src: "docker-compose.yml.j2"
|
||||
dest: "{{docker_compose.directories.instance}}docker-compose.yml"
|
||||
- name: "create {{docker_compose.files.docker_compose}}"
|
||||
template:
|
||||
src: "docker-compose.yml.j2"
|
||||
dest: "{{docker_compose.files.docker_compose}}"
|
||||
notify: docker compose project setup
|
||||
|
||||
- name: "create {{docker_compose.files.env}}"
|
||||
template:
|
||||
src: "env.j2"
|
||||
dest: "{{docker_compose.files.env}}"
|
||||
mode: '770'
|
||||
force: yes
|
||||
notify: docker compose project setup
|
||||
|
||||
@ -5,27 +5,12 @@ services:
|
||||
image: docker.io/bitnami/moodle:{{applications.moodle.version}}
|
||||
ports:
|
||||
- 127.0.0.1:{{http_port}}:8080
|
||||
restart: {{docker_restart_policy}}
|
||||
logging:
|
||||
driver: journald
|
||||
environment:
|
||||
- MOODLE_DATABASE_HOST={{database_host}}
|
||||
- MOODLE_DATABASE_PORT_NUMBER={{database_port}}
|
||||
- MOODLE_DATABASE_USER={{database_username}}
|
||||
- MOODLE_DATABASE_NAME={{database_name}}
|
||||
- MOODLE_DATABASE_PASSWORD={{database_password}}
|
||||
- ALLOW_EMPTY_PASSWORD=no
|
||||
- MOODLE_SITE_NAME="{{applications.moodle.site_titel}}"
|
||||
- MOODLE_SSLPROXY=yes
|
||||
- MOODLE_REVERSE_PROXY=yes
|
||||
- MOODLE_USERNAME={{applications.moodle.administrator_name}}
|
||||
- MOODLE_PASSWORD={{moodle_user_password}}
|
||||
- MOODLE_EMAIL={{applications.moodle.administrator_email}}
|
||||
- BITNAMI_DEBUG={% if mode_debug | bool %}true{% else %}false{% endif %}
|
||||
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
|
||||
volumes:
|
||||
- 'moodle:/bitnami/moodle'
|
||||
- 'data:/bitnami/moodledata'
|
||||
# Healthcheck is not possible due to missing curl and wget in container
|
||||
# @todo implement healthcheck
|
||||
# healthcheck:
|
||||
# test: ["CMD", "curl", "-f", "http://127.0.0.1:8080"]
|
||||
# interval: 1m
|
||||
|
||||
13
roles/docker-moodle/templates/env.j2
Normal file
13
roles/docker-moodle/templates/env.j2
Normal file
@ -0,0 +1,13 @@
|
||||
MOODLE_DATABASE_HOST={{database_host}}
|
||||
MOODLE_DATABASE_PORT_NUMBER={{database_port}}
|
||||
MOODLE_DATABASE_USER={{database_username}}
|
||||
MOODLE_DATABASE_NAME={{database_name}}
|
||||
MOODLE_DATABASE_PASSWORD={{database_password}}
|
||||
ALLOW_EMPTY_PASSWORD=no
|
||||
MOODLE_SITE_NAME="{{applications.moodle.site_titel}}"
|
||||
MOODLE_SSLPROXY=yes
|
||||
MOODLE_REVERSE_PROXY=yes
|
||||
MOODLE_USERNAME={{applications.moodle.administrator_name}}
|
||||
MOODLE_PASSWORD={{moodle_user_password}}
|
||||
MOODLE_EMAIL={{applications.moodle.administrator_email}}
|
||||
BITNAMI_DEBUG={% if mode_debug | bool %}true{% else %}false{% endif %}
|
||||
@ -18,10 +18,18 @@
|
||||
dest: "{{docker_compose.directories.volumes}}nginx.conf"
|
||||
notify: docker compose project setup
|
||||
|
||||
- name: add docker-compose.yml
|
||||
- name: "create {{docker_compose.files.docker_compose}}"
|
||||
template:
|
||||
src: "docker-compose.yml.j2"
|
||||
dest: "{{docker_compose.files.docker_compose}}"
|
||||
notify: docker compose project setup
|
||||
|
||||
- name: "create {{docker_compose.files.env}}"
|
||||
template:
|
||||
src: docker-compose.yml.j2
|
||||
dest: "{{docker_compose.directories.instance}}docker-compose.yml"
|
||||
src: "env.j2"
|
||||
dest: "{{docker_compose.files.env}}"
|
||||
mode: '770'
|
||||
force: yes
|
||||
notify: docker compose project setup
|
||||
|
||||
# @todo activate
|
||||
|
||||
@ -7,34 +7,9 @@ services:
|
||||
application:
|
||||
image: "nextcloud:{{applications.nextcloud.version}}-fpm-alpine"
|
||||
container_name: {{nextcloud_application_container_name}}
|
||||
restart: {{docker_restart_policy}}
|
||||
logging:
|
||||
driver: journald
|
||||
volumes:
|
||||
- data:/var/www/html
|
||||
environment:
|
||||
# See https://docs.nextcloud.com/server/latest/admin_manual/configuration_server/config_sample_php_parameters.html
|
||||
|
||||
# Database Configuration
|
||||
MYSQL_DATABASE: "{{database_name}}"
|
||||
MYSQL_USER: "{{database_username}}"
|
||||
MYSQL_PASSWORD: "{{database_password}}"
|
||||
MYSQL_HOST: "{{database_host}}:{{database_port}}"
|
||||
|
||||
# Memory
|
||||
PHP_MEMORY_LIMIT: 1G # Required for plugin duplicate finder
|
||||
|
||||
# Email Configuration
|
||||
SMTP_HOST: {{system_email.host}}
|
||||
SMTP_SECURE: {{ 'ssl' if system_email.tls else '' }}
|
||||
SMTP_PORT: {{system_email.smtp_port}}
|
||||
SMTP_NAME: {{system_email.username}}
|
||||
SMTP_PASSWORD: {{system_email.password}}
|
||||
|
||||
# Email from configuration
|
||||
MAIL_FROM_ADDRESS: no-reply
|
||||
MAIL_DOMAIN: {{system_email.domain}}
|
||||
|
||||
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
|
||||
{% include 'templates/docker/container/depends-on-database-redis.yml.j2' %}
|
||||
{% include 'templates/docker/container/networks.yml.j2' %}
|
||||
|
||||
|
||||
21
roles/docker-nextcloud/templates/env.j2
Normal file
21
roles/docker-nextcloud/templates/env.j2
Normal file
@ -0,0 +1,21 @@
|
||||
# See https://docs.nextcloud.com/server/latest/admin_manual/configuration_server/config_sample_php_parameters.html
|
||||
|
||||
# Database Configuration
|
||||
MYSQL_DATABASE= "{{database_name}}"
|
||||
MYSQL_USER= "{{database_username}}"
|
||||
MYSQL_PASSWORD= "{{database_password}}"
|
||||
MYSQL_HOST= "{{database_host}}:{{database_port}}"
|
||||
|
||||
# Memory
|
||||
PHP_MEMORY_LIMIT= 1G # Required for plugin duplicate finder
|
||||
|
||||
# Email Configuration
|
||||
SMTP_HOST= {{system_email.host}}
|
||||
SMTP_SECURE= {{ 'ssl' if system_email.tls else '' }}
|
||||
SMTP_PORT= {{system_email.smtp_port}}
|
||||
SMTP_NAME= {{system_email.username}}
|
||||
SMTP_PASSWORD= {{system_email.password}}
|
||||
|
||||
# Email from configuration
|
||||
MAIL_FROM_ADDRESS= no-reply
|
||||
MAIL_DOMAIN= {{system_email.domain}}
|
||||
@ -1,6 +1,6 @@
|
||||
- name: "Transfering oauth2-proxy-keycloak.cfg.j2 to {{docker_compose.directories.instance}}"
|
||||
- name: "Transfering oauth2-proxy-keycloak.cfg.j2 to {{docker_compose.directories.volumes}}"
|
||||
template:
|
||||
src: oauth2-proxy-keycloak.cfg.j2
|
||||
dest: "{{docker_compose.directories.instance}}{{applications.oauth2_proxy.configuration_file}}"
|
||||
dest: "{{docker_compose.directories.volumes}}{{applications.oauth2_proxy.configuration_file}}"
|
||||
notify:
|
||||
- docker compose project setup
|
||||
@ -6,5 +6,5 @@
|
||||
ports:
|
||||
- {{ports.localhost.oauth2_proxy_ports[application_id]}}:4180/tcp
|
||||
volumes:
|
||||
- "./{{applications.oauth2_proxy.configuration_file}}:/oauth2-proxy.cfg"
|
||||
- "{{docker_compose.directories.volumes}}{{applications.oauth2_proxy.configuration_file}}:/oauth2-proxy.cfg"
|
||||
{% include 'templates/docker/container/networks.yml.j2' %}
|
||||
@ -1,3 +1,4 @@
|
||||
group :opf_plugins do
|
||||
gem "openproject-gitlab_integration", git: "https://github.com/btey/openproject-gitlab-integration", branch: "master"
|
||||
# Deactivated plugin because it seems like it's already included in the basic image
|
||||
#gem "openproject-gitlab_integration", git: "https://github.com/btey/openproject-gitlab-integration", branch: "master"
|
||||
end
|
||||
@ -1,8 +1,16 @@
|
||||
---
|
||||
- name: rebuild docker image
|
||||
- name: rebuild custom openproject docker image
|
||||
command:
|
||||
cmd: docker build --no-cache -t custom_openproject .
|
||||
chdir: "{{docker_compose.directories.instance}}"
|
||||
cmd: docker build --no-cache -t {{custom_openproject_image}} .
|
||||
chdir: "{{openproject_plugins_service}}"
|
||||
environment:
|
||||
COMPOSE_HTTP_TIMEOUT: 600
|
||||
DOCKER_CLIENT_TIMEOUT: 600
|
||||
|
||||
- name: rebuild openproject repository
|
||||
command:
|
||||
cmd: docker compose build
|
||||
chdir: "{{openproject_repository_service}}"
|
||||
environment:
|
||||
COMPOSE_HTTP_TIMEOUT: 600
|
||||
DOCKER_CLIENT_TIMEOUT: 600
|
||||
@ -6,24 +6,43 @@
|
||||
- name: "include tasks nginx-docker-proxy-domain.yml"
|
||||
include_tasks: nginx-docker-proxy-domain.yml
|
||||
|
||||
- name: "include tasks update-repository-with-docker-compose.yml"
|
||||
include_tasks: update-repository-with-docker-compose.yml
|
||||
#- name: "include tasks update-repository-with-files.yml"
|
||||
# include_tasks: update-repository-with-files.yml
|
||||
# vars:
|
||||
# detached_files:
|
||||
# - "docker-compose.yml"
|
||||
|
||||
- name: "Transfering Gemfile.plugins to {{docker_compose.directories.instance}}"
|
||||
- name: "Create {{openproject_plugins_service}}"
|
||||
file:
|
||||
path: "{{openproject_plugins_service}}"
|
||||
state: directory
|
||||
mode: '0755'
|
||||
|
||||
- name: "Transfering Gemfile.plugins to {{openproject_plugins_service}}"
|
||||
copy:
|
||||
src: Gemfile.plugins
|
||||
dest: "{{docker_compose.directories.instance}}Gemfile.plugins"
|
||||
dest: "{{openproject_plugins_service}}Gemfile.plugins"
|
||||
notify:
|
||||
- docker compose project setup
|
||||
- rebuild docker image
|
||||
- rebuild custom openproject docker image
|
||||
|
||||
- name: "Transfering Dockerfile to {{docker_compose.directories.instance}}"
|
||||
copy:
|
||||
- name: "Transfering Dockerfile to {{openproject_plugins_service}}Dockerfile"
|
||||
template:
|
||||
src: Dockerfile
|
||||
dest: "{{docker_compose.directories.instance}}Dockerfile"
|
||||
dest: "{{openproject_plugins_service}}Dockerfile"
|
||||
notify:
|
||||
- docker compose project setup
|
||||
- rebuild docker image
|
||||
- rebuild custom openproject docker image
|
||||
|
||||
- name: pull docker repository
|
||||
git:
|
||||
repo: "{{ repository_address }}"
|
||||
dest: "{{ openproject_repository_service }}"
|
||||
update: yes
|
||||
notify:
|
||||
- docker compose project setup
|
||||
- rebuild openproject repository
|
||||
become: true
|
||||
|
||||
- name: "create {{dummy_volume}}"
|
||||
file:
|
||||
@ -31,8 +50,16 @@
|
||||
state: directory
|
||||
mode: 0755
|
||||
|
||||
- name: "copy .env"
|
||||
template:
|
||||
src: env.j2
|
||||
dest: "{{ docker_compose.directories.instance }}.env"
|
||||
- name: "create {{docker_compose.files.docker_compose}}"
|
||||
template:
|
||||
src: "docker-compose.yml.j2"
|
||||
dest: "{{docker_compose.files.docker_compose}}"
|
||||
notify: docker compose project setup
|
||||
|
||||
- name: "create {{docker_compose.files.env}}"
|
||||
template:
|
||||
src: "env.j2"
|
||||
dest: "{{docker_compose.files.env}}"
|
||||
mode: '770'
|
||||
force: yes
|
||||
notify: docker compose project setup
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
FROM openproject/community:13
|
||||
FROM openproject/community:{{applications.openproject.version}}
|
||||
|
||||
# If installing a local plugin (using `path:` in the `Gemfile.plugins` above),
|
||||
# you will have to copy the plugin code into the container here and use the
|
||||
@ -1,25 +1,12 @@
|
||||
x-op-app: &app
|
||||
logging:
|
||||
driver: journald
|
||||
image: custom_openproject
|
||||
environment:
|
||||
OPENPROJECT_HTTPS: "${OPENPROJECT_HTTPS}"
|
||||
OPENPROJECT_HOST__NAME: "${OPENPROJECT_HOST__NAME}"
|
||||
OPENPROJECT_HSTS: "${OPENPROJECT_HSTS:-true}"
|
||||
RAILS_CACHE_STORE: "memcache"
|
||||
OPENPROJECT_CACHE__MEMCACHE__SERVER: "cache:11211"
|
||||
OPENPROJECT_RAILS__RELATIVE__URL__ROOT: "${OPENPROJECT_RAILS__RELATIVE__URL__ROOT:-}"
|
||||
DATABASE_URL: "${DATABASE_URL}"
|
||||
RAILS_MIN_THREADS: ${RAILS_MIN_THREADS:-4}
|
||||
RAILS_MAX_THREADS: ${RAILS_MAX_THREADS:-16}
|
||||
# set to true to enable the email receiving feature. See ./docker/cron for more options
|
||||
IMAP_ENABLED: "${IMAP_ENABLED:-false}"
|
||||
image: {{custom_openproject_image}}
|
||||
volumes:
|
||||
- "data:/var/openproject/assets"
|
||||
- "{{dummy_volume}}:/var/openproject/pgdata" # This mount is unnecessary and just done to prevent anonymous volumes
|
||||
|
||||
services:
|
||||
|
||||
{% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %}
|
||||
|
||||
{% include 'roles/docker-oauth2-proxy/templates/container.yml.j2' %}
|
||||
@ -27,23 +14,18 @@ services:
|
||||
cache:
|
||||
image: memcached
|
||||
container_name: openproject-memcached
|
||||
restart: {{docker_restart_policy}}
|
||||
logging:
|
||||
driver: journald
|
||||
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
|
||||
{% include 'templates/docker/container/networks.yml.j2' %}
|
||||
|
||||
proxy:
|
||||
restart: {{docker_restart_policy}}
|
||||
logging:
|
||||
driver: journald
|
||||
image: custom_openproject
|
||||
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
|
||||
image: {{custom_openproject_image}}
|
||||
container_name: openproject-proxy
|
||||
command: "./docker/prod/proxy"
|
||||
ports:
|
||||
- "127.0.0.1:{{http_port}}:80"
|
||||
environment:
|
||||
APP_HOST: web
|
||||
OPENPROJECT_RAILS__RELATIVE__URL__ROOT: "${OPENPROJECT_RAILS__RELATIVE__URL__ROOT:-}"
|
||||
depends_on:
|
||||
- web
|
||||
{% include 'templates/docker/container/networks.yml.j2' %}
|
||||
@ -53,7 +35,7 @@ services:
|
||||
|
||||
web:
|
||||
<<: *app
|
||||
restart: {{docker_restart_policy}}
|
||||
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
|
||||
command: "./docker/prod/web"
|
||||
container_name: openproject-web
|
||||
{% include 'templates/docker/container/networks.yml.j2' %}
|
||||
@ -65,7 +47,7 @@ services:
|
||||
labels:
|
||||
- autoheal=true
|
||||
healthcheck:
|
||||
test: ["CMD", "curl", "-f", "http://localhost:8080${OPENPROJECT_RAILS__RELATIVE__URL__ROOT:-}/health_checks/default"]
|
||||
test: ["CMD", "curl", "-f", "http://localhost:8080/health_checks/default"]
|
||||
interval: 10s
|
||||
timeout: 3s
|
||||
retries: 3
|
||||
@ -74,9 +56,7 @@ services:
|
||||
autoheal:
|
||||
image: willfarrell/autoheal:1.2.0
|
||||
container_name: openproject-autoheal
|
||||
restart: {{docker_restart_policy}}
|
||||
logging:
|
||||
driver: journald
|
||||
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
|
||||
volumes:
|
||||
- "/var/run/docker.sock:/var/run/docker.sock"
|
||||
environment:
|
||||
@ -86,7 +66,7 @@ services:
|
||||
|
||||
worker:
|
||||
<<: *app
|
||||
restart: {{docker_restart_policy}}
|
||||
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
|
||||
command: "./docker/prod/worker"
|
||||
container_name: openproject-worker
|
||||
{% include 'templates/docker/container/networks.yml.j2' %}
|
||||
@ -98,7 +78,7 @@ services:
|
||||
|
||||
cron:
|
||||
<<: *app
|
||||
restart: {{docker_restart_policy}}
|
||||
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
|
||||
command: "./docker/prod/cron"
|
||||
container_name: openproject-cron
|
||||
{% include 'templates/docker/container/networks.yml.j2' %}
|
||||
@ -112,6 +92,10 @@ services:
|
||||
<<: *app
|
||||
command: "./docker/prod/seeder"
|
||||
container_name: openproject-seeder
|
||||
env_file:
|
||||
- "{{docker_compose.files.env}}"
|
||||
logging:
|
||||
driver: journald
|
||||
restart: on-failure
|
||||
{% include 'templates/docker/container/networks.yml.j2' %}
|
||||
|
||||
|
||||
@ -13,4 +13,8 @@ IMAP_ENABLED=false
|
||||
POSTGRES_PASSWORD="{{ database_password }}"
|
||||
DATABASE_URL="postgres://{{ database_username }}:{{ database_password }}@{{database_host}}/{{database_name}}?pool=20&encoding=unicode&reconnect=true"
|
||||
RAILS_MIN_THREADS=4
|
||||
RAILS_MAX_THREADS=16
|
||||
RAILS_MAX_THREADS=16
|
||||
OPENPROJECT_HSTS=true
|
||||
RAILS_CACHE_STORE: "memcache"
|
||||
OPENPROJECT_CACHE__MEMCACHE__SERVER: "cache:11211"
|
||||
OPENPROJECT_RAILS__RELATIVE__URL__ROOT: ""
|
||||
@ -1,12 +1,15 @@
|
||||
application_id: "openproject"
|
||||
repository_directory: "{{ path_docker_compose_instances }}{{application_id}}/"
|
||||
docker_compose.directories.instance: "{{repository_directory}}compose/"
|
||||
repository_address: "https://github.com/opf/openproject-deploy"
|
||||
database_password: "{{openproject_database_password}}"
|
||||
database_type: "postgres"
|
||||
|
||||
openproject_plugins_service: "{{docker_compose.directories.services}}plugins/"
|
||||
openproject_repository_service: "{{docker_compose.directories.services}}repository/"
|
||||
custom_openproject_image: "custom_openproject"
|
||||
|
||||
|
||||
# The following volume doesn't have a practcical function. It just exist to prevent the creation of unnecessary anonymous volumes
|
||||
dummy_volume: "{{repository_directory}}dummy_volume"
|
||||
dummy_volume: "{{docker_compose.directories.volumes}}dummy_volume"
|
||||
|
||||
# OAuth2 Proxy Configuration
|
||||
oauth2_proxy_upstream_application_and_port: "proxy:80"
|
||||
|
||||
@ -9,12 +9,16 @@
|
||||
loop_control:
|
||||
loop_var: domain
|
||||
|
||||
- name: copy docker-compose.yml
|
||||
template: src=docker-compose.yml.j2 dest={{docker_compose.directories.instance}}docker-compose.yml
|
||||
- name: "create {{docker_compose.files.docker_compose}}"
|
||||
template:
|
||||
src: "docker-compose.yml.j2"
|
||||
dest: "{{docker_compose.files.docker_compose}}"
|
||||
notify: docker compose project setup
|
||||
|
||||
- name: copy configuration
|
||||
- name: "create {{docker_compose.files.env}}"
|
||||
template:
|
||||
src: env.j2
|
||||
dest: "{{docker_compose.directories.instance}}.env"
|
||||
src: "env.j2"
|
||||
dest: "{{docker_compose.files.env}}"
|
||||
mode: '770'
|
||||
force: yes
|
||||
notify: docker compose project setup
|
||||
|
||||
@ -6,8 +6,7 @@ services:
|
||||
|
||||
application:
|
||||
image: chocobozzz/peertube:production-{{applications.peertube.version}}
|
||||
env_file:
|
||||
- .env
|
||||
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
|
||||
ports:
|
||||
- "1935:1935"
|
||||
- "{{http_port}}:9000"
|
||||
@ -15,7 +14,6 @@ services:
|
||||
- assets:/app/client/dist
|
||||
- data:/data
|
||||
- config:/config
|
||||
restart: "always"
|
||||
{% include 'templates/docker/container/depends-on-database-redis.yml.j2' %}
|
||||
{% include 'templates/docker/container/networks.yml.j2' %}
|
||||
|
||||
|
||||
@ -6,8 +6,16 @@
|
||||
- name: "include tasks nginx-docker-proxy-domain.yml"
|
||||
include_tasks: nginx-docker-proxy-domain.yml
|
||||
|
||||
- name: add docker-compose.yml
|
||||
template:
|
||||
src: "docker-compose.yml.j2"
|
||||
dest: "{{docker_compose.directories.instance}}docker-compose.yml"
|
||||
- name: "create {{docker_compose.files.docker_compose}}"
|
||||
template:
|
||||
src: "docker-compose.yml.j2"
|
||||
dest: "{{docker_compose.files.docker_compose}}"
|
||||
notify: docker compose project setup
|
||||
|
||||
- name: "create {{docker_compose.files.env}}"
|
||||
template:
|
||||
src: "env.j2"
|
||||
dest: "{{docker_compose.files.env}}"
|
||||
mode: '770'
|
||||
force: yes
|
||||
notify: docker compose project setup
|
||||
|
||||
@ -3,17 +3,9 @@ services:
|
||||
{% include 'roles/docker-oauth2-proxy/templates/container.yml.j2' %}
|
||||
|
||||
application:
|
||||
logging:
|
||||
driver: journald
|
||||
image: phpmyadmin/phpmyadmin:{{applications.phpmyadmin.version}}
|
||||
container_name: phpmyadmin
|
||||
environment:
|
||||
PMA_HOST: central-mariadb
|
||||
{% if applications.phpmyadmin.autologin | bool %}
|
||||
PMA_USER: root
|
||||
PMA_PASSWORD: "{{central_mariadb_root_password}}"
|
||||
{% endif %}
|
||||
restart: {{docker_restart_policy}}
|
||||
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
|
||||
ports:
|
||||
- "127.0.0.1:{{http_port}}:80"
|
||||
{% include 'templates/docker/container/depends-on-just-database.yml.j2' %}
|
||||
|
||||
5
roles/docker-phpmyadmin/templates/env.j2
Normal file
5
roles/docker-phpmyadmin/templates/env.j2
Normal file
@ -0,0 +1,5 @@
|
||||
PMA_HOST= central-mariadb
|
||||
{% if applications.phpmyadmin.autologin | bool %}
|
||||
PMA_USER= root
|
||||
PMA_PASSWORD= "{{central_mariadb_root_password}}"
|
||||
{% endif %}
|
||||
@ -6,14 +6,16 @@
|
||||
- name: "include tasks nginx-docker-proxy-domain.yml"
|
||||
include_tasks: nginx-docker-proxy-domain.yml
|
||||
|
||||
- name: add docker-compose.yml
|
||||
template: src=docker-compose.yml.j2 dest={{docker_compose.directories.instance}}docker-compose.yml
|
||||
- name: "create {{docker_compose.files.docker_compose}}"
|
||||
template:
|
||||
src: "docker-compose.yml.j2"
|
||||
dest: "{{docker_compose.files.docker_compose}}"
|
||||
notify: docker compose project setup
|
||||
|
||||
- name: add env
|
||||
- name: "create {{docker_compose.files.env}}"
|
||||
template:
|
||||
src: env.j2
|
||||
dest: "{{docker_compose.directories.instance}}env"
|
||||
src: "env.j2"
|
||||
dest: "{{docker_compose.files.env}}"
|
||||
mode: '770'
|
||||
force: yes
|
||||
notify: docker compose project setup
|
||||
@ -6,11 +6,7 @@ services:
|
||||
|
||||
application:
|
||||
image: zknt/pixelfed:{{applications.pixelfed.version}}
|
||||
restart: {{docker_restart_policy}}
|
||||
logging:
|
||||
driver: journald
|
||||
env_file:
|
||||
- ./env
|
||||
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
|
||||
volumes:
|
||||
- "data:/var/www/storage"
|
||||
- "./env:/var/www/.env"
|
||||
@ -20,11 +16,7 @@ services:
|
||||
{% include 'templates/docker/container/networks.yml.j2' %}
|
||||
worker:
|
||||
image: zknt/pixelfed:{{applications.pixelfed.version}}
|
||||
restart: {{docker_restart_policy}}
|
||||
logging:
|
||||
driver: journald
|
||||
env_file:
|
||||
- ./env
|
||||
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
|
||||
volumes:
|
||||
- "data:/var/www/storage"
|
||||
- "./env:/var/www/.env"
|
||||
|
||||
@ -6,8 +6,11 @@
|
||||
- name: "include tasks nginx-docker-proxy-domain.yml"
|
||||
include_tasks: nginx-docker-proxy-domain.yml
|
||||
|
||||
- name: "include tasks update-repository-with-docker-compose.yml"
|
||||
include_tasks: update-repository-with-docker-compose.yml
|
||||
- name: "include tasks update-repository-with-files.yml"
|
||||
include_tasks: update-repository-with-files.yml
|
||||
vars:
|
||||
detached_files:
|
||||
- "docker-compose.yml"
|
||||
|
||||
- name: create {{docker_compose.directories.instance}}/app/config.yaml
|
||||
copy:
|
||||
|
||||
@ -1,4 +1,5 @@
|
||||
|
||||
## more
|
||||
https://github.com/snipe/snipe-it
|
||||
https://snipeitapp.com/
|
||||
- https://github.com/snipe/snipe-it
|
||||
- https://snipeitapp.com/
|
||||
- https://snipe-it.readme.io/docs/ldap-sync-login
|
||||
@ -5,15 +5,13 @@ services:
|
||||
{% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %}
|
||||
|
||||
application:
|
||||
image: snipe/snipe-it:${APP_VERSION}
|
||||
restart: {{docker_restart_policy}}
|
||||
image: snipe/snipe-it:{{applications.snipe_it.version}}
|
||||
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
|
||||
volumes:
|
||||
- data:/var/lib/snipeit
|
||||
ports:
|
||||
- "${APP_PORT}:80"
|
||||
- "127.0.0.1:{{ports.localhost.http_ports.snipe_it}}:80"
|
||||
{% include 'templates/docker/container/depends-on-database-redis.yml.j2' %}
|
||||
env_file:
|
||||
- .env # Will also be read, without explicit declaring it here
|
||||
{% include 'templates/docker/container/networks.yml.j2' %}
|
||||
|
||||
{% include 'templates/docker/compose/volumes.yml.j2' %}
|
||||
|
||||
@ -1,9 +1,3 @@
|
||||
# --------------------------------------------
|
||||
# REQUIRED: DOCKER SPECIFIC SETTINGS
|
||||
# --------------------------------------------
|
||||
APP_VERSION={{applications.snipe_it.version}}
|
||||
APP_PORT={{ports.localhost.http_ports.snipe_it}}
|
||||
|
||||
# --------------------------------------------
|
||||
# REQUIRED: BASIC APP SETTINGS
|
||||
# --------------------------------------------
|
||||
|
||||
@ -6,10 +6,30 @@
|
||||
- name: "include tasks nginx-docker-proxy-domain.yml"
|
||||
include_tasks: nginx-docker-proxy-domain.yml
|
||||
|
||||
- name: "include tasks update-repository-with-files.yml"
|
||||
include_tasks: update-repository-with-files.yml
|
||||
vars:
|
||||
detached_files:
|
||||
- .env
|
||||
- docker-compose.yml
|
||||
- docker-compose-inits.yml
|
||||
- name: pull docker repository
|
||||
git:
|
||||
repo: "{{ repository_address }}"
|
||||
dest: "{{ docker_compose.directories.services }}"
|
||||
update: yes
|
||||
notify: docker compose project setup
|
||||
become: true
|
||||
|
||||
- name: "create {{docker_compose_init}}"
|
||||
template:
|
||||
src: "docker-compose-inits.yml.j2"
|
||||
dest: "{{docker_compose_init}}"
|
||||
notify: docker compose project setup
|
||||
|
||||
- name: "create {{docker_compose.files.docker_compose}}"
|
||||
template:
|
||||
src: "docker-compose.yml.j2"
|
||||
dest: "{{docker_compose.files.docker_compose}}"
|
||||
notify: docker compose project setup
|
||||
|
||||
- name: "create {{docker_compose.files.env}}"
|
||||
template:
|
||||
src: "env.j2"
|
||||
dest: "{{docker_compose.files.env}}"
|
||||
mode: '770'
|
||||
force: yes
|
||||
notify: docker compose project setup
|
||||
|
||||
@ -1,35 +0,0 @@
|
||||
# Taiga's URLs - Variables to define where Taiga should be served
|
||||
TAIGA_SCHEME=https # serve Taiga using "http" or "https" (secured) connection
|
||||
TAIGA_DOMAIN= {{domain}} # Taiga's base URL
|
||||
SUBPATH="" # it'll be appended to the TAIGA_DOMAIN (use either "" or a "/subpath")
|
||||
WEBSOCKETS_SCHEME=wss # events connection protocol (use either "ws" or "wss")
|
||||
|
||||
# Taiga's Secret Key - Variable to provide cryptographic signing
|
||||
SECRET_KEY="{{taiga_secret_key}}" # Please, change it to an unpredictable value!!
|
||||
|
||||
# Taiga's Database settings - Variables to create the Taiga database and connect to it
|
||||
POSTGRES_USER={{database_username}} # user to connect to PostgreSQL
|
||||
POSTGRES_PASSWORD={{database_password}} # database user's password
|
||||
|
||||
# Taiga's SMTP settings - Variables to send Taiga's emails to the users
|
||||
EMAIL_BACKEND = console # use an SMTP server or display the emails in the console (either "smtp" or "console")
|
||||
EMAIL_HOST = {{system_email.host}} # SMTP server address
|
||||
EMAIL_PORT = {{system_email.smtp_port}} # default SMTP port
|
||||
EMAIL_HOST_USER = {{system_email.username}} # user to connect the SMTP server
|
||||
EMAIL_HOST_PASSWORD = {{system_email.password}} # SMTP user's password
|
||||
EMAIL_DEFAULT_FROM = {{system_email.from}} # default email address for the automated emails
|
||||
# EMAIL_USE_TLS/EMAIL_USE_SSL are mutually exclusive (only set one of those to True)
|
||||
EMAIL_USE_TLS={{ system_email.tls | lower | capitalize }} # use TLS (secure) connection with the SMTP server
|
||||
EMAIL_USE_SSL={{ 'False' if system_email.start_tls else 'True' }} # use implicit TLS (secure) connection with the SMTP server
|
||||
|
||||
# Taiga's RabbitMQ settings - Variables to leave messages for the realtime and asynchronous events
|
||||
RABBITMQ_USER=taiga # user to connect to RabbitMQ
|
||||
RABBITMQ_PASS=taiga # RabbitMQ user's password
|
||||
RABBITMQ_VHOST=taiga # RabbitMQ container name
|
||||
RABBITMQ_ERLANG_COOKIE=secret-erlang-cookie # unique value shared by any connected instance of RabbitMQ
|
||||
|
||||
# Taiga's Attachments - Variable to define how long the attachments will be accesible
|
||||
ATTACHMENTS_MAX_AGE=360 # token expiration date (in seconds)
|
||||
|
||||
# Taiga's Telemetry - Variable to enable or disable the anonymous telemetry
|
||||
ENABLE_TELEMETRY=True
|
||||
@ -1,41 +1,14 @@
|
||||
x-environment:
|
||||
&default-back-environment
|
||||
POSTGRES_DB: "{{database_name}}"
|
||||
POSTGRES_USER: "${POSTGRES_USER}"
|
||||
POSTGRES_PASSWORD: "${POSTGRES_PASSWORD}"
|
||||
POSTGRES_HOST: "{{database_host}}"
|
||||
|
||||
TAIGA_SECRET_KEY: "${SECRET_KEY}"
|
||||
TAIGA_SITES_SCHEME: "${TAIGA_SCHEME}"
|
||||
TAIGA_SITES_DOMAIN: "${TAIGA_DOMAIN}"
|
||||
|
||||
EMAIL_BACKEND: "django.core.mail.backends.${EMAIL_BACKEND}.EmailBackend"
|
||||
DEFAULT_FROM_EMAIL: "${EMAIL_DEFAULT_FROM}"
|
||||
EMAIL_USE_TLS: "${EMAIL_USE_TLS}"
|
||||
EMAIL_USE_SSL: "${EMAIL_USE_SSL}"
|
||||
EMAIL_HOST: "${EMAIL_HOST}"
|
||||
EMAIL_PORT: "${EMAIL_PORT}"
|
||||
EMAIL_HOST_USER: "${EMAIL_HOST_USER}"
|
||||
EMAIL_HOST_PASSWORD: "${EMAIL_HOST_PASSWORD}"
|
||||
|
||||
RABBITMQ_USER: "${RABBITMQ_USER}"
|
||||
RABBITMQ_PASS: "${RABBITMQ_PASS}"
|
||||
CELERY_ENABLED: "False"
|
||||
|
||||
x-volumes:
|
||||
&default-back-volumes
|
||||
- static-data:/taiga-back/static
|
||||
- media-data:/taiga-back/media
|
||||
# - ./config.py:/taiga-back/settings/config.py
|
||||
|
||||
services:
|
||||
taiga-manage:
|
||||
image: taigaio/taiga-back:latest
|
||||
environment: *default-back-environment
|
||||
environment:
|
||||
CELERY_ENABLED: "False"
|
||||
{% include 'templates/docker/container/depends-on-just-database.yml.j2' %}
|
||||
{% include 'templates/docker/container/networks.yml.j2' %}
|
||||
|
||||
entrypoint: "python manage.py"
|
||||
volumes: *default-back-volumes
|
||||
volumes:
|
||||
- static-data:/taiga-back/static
|
||||
- media-data:/taiga-back/media
|
||||
# - ./config.py:/taiga-back/settings/config.py
|
||||
{% include 'templates/docker/compose/networks.yml.j2' %}
|
||||
taiga:
|
||||
|
||||
@ -1,53 +1,15 @@
|
||||
x-environment:
|
||||
&default-back-environment
|
||||
# These environment variables will be used by taiga-back and taiga-async.
|
||||
# Database settings
|
||||
POSTGRES_DB: "{{database_name}}"
|
||||
POSTGRES_USER: "${POSTGRES_USER}"
|
||||
POSTGRES_PASSWORD: "${POSTGRES_PASSWORD}"
|
||||
POSTGRES_HOST: "{{database_host}}"
|
||||
|
||||
# Taiga settings
|
||||
TAIGA_SECRET_KEY: "${SECRET_KEY}"
|
||||
TAIGA_SITES_SCHEME: "${TAIGA_SCHEME}"
|
||||
TAIGA_SITES_DOMAIN: "${TAIGA_DOMAIN}"
|
||||
TAIGA_SUBPATH: "${SUBPATH}"
|
||||
# Email settings.
|
||||
EMAIL_BACKEND: "django.core.mail.backends.${EMAIL_BACKEND}.EmailBackend"
|
||||
DEFAULT_FROM_EMAIL: "${EMAIL_DEFAULT_FROM}"
|
||||
EMAIL_USE_TLS: "${EMAIL_USE_TLS}"
|
||||
EMAIL_USE_SSL: "${EMAIL_USE_SSL}"
|
||||
EMAIL_HOST: "${EMAIL_HOST}"
|
||||
EMAIL_PORT: "${EMAIL_PORT}"
|
||||
EMAIL_HOST_USER: "${EMAIL_HOST_USER}"
|
||||
EMAIL_HOST_PASSWORD: "${EMAIL_HOST_PASSWORD}"
|
||||
# Rabbitmq settings
|
||||
RABBITMQ_USER: "${RABBITMQ_USER}"
|
||||
RABBITMQ_PASS: "${RABBITMQ_PASS}"
|
||||
# Telemetry settings
|
||||
ENABLE_TELEMETRY: "${ENABLE_TELEMETRY}"
|
||||
# ...your customizations go here
|
||||
|
||||
x-volumes:
|
||||
&default-back-volumes
|
||||
# These volumens will be used by taiga-back and taiga-async.
|
||||
- static-data:/taiga-back/static
|
||||
- media-data:/taiga-back/media
|
||||
# - ./config.py:/taiga-back/settings/config.py
|
||||
|
||||
services:
|
||||
{% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %}
|
||||
taiga-back:
|
||||
restart: {{docker_restart_policy}}
|
||||
logging:
|
||||
driver: journald
|
||||
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
|
||||
image: taigaio/taiga-back:{{applications.taiga.version}}
|
||||
environment: *default-back-environment
|
||||
volumes: *default-back-volumes
|
||||
|
||||
volumes:
|
||||
# These volumens will be used by taiga-back and taiga-async.
|
||||
- static-data:/taiga-back/static
|
||||
- media-data:/taiga-back/media
|
||||
# - ./config.py:/taiga-back/settings/config.py
|
||||
{% include 'templates/docker/container/networks.yml.j2' %}
|
||||
taiga:
|
||||
|
||||
{% include 'templates/docker/container/depends-on-also-database.yml.j2' %}
|
||||
taiga-events-rabbitmq:
|
||||
condition: service_started
|
||||
@ -55,17 +17,16 @@ services:
|
||||
condition: service_started
|
||||
|
||||
taiga-async:
|
||||
restart: {{docker_restart_policy}}
|
||||
logging:
|
||||
driver: journald
|
||||
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
|
||||
image: taigaio/taiga-back:latest
|
||||
entrypoint: ["/taiga-back/docker/async_entrypoint.sh"]
|
||||
environment: *default-back-environment
|
||||
volumes: *default-back-volumes
|
||||
|
||||
volumes:
|
||||
# These volumens will be used by taiga-back and taiga-async.
|
||||
- static-data:/taiga-back/static
|
||||
- media-data:/taiga-back/media
|
||||
# - ./config.py:/taiga-back/settings/config.py
|
||||
{% include 'templates/docker/container/networks.yml.j2' %}
|
||||
taiga:
|
||||
|
||||
{% include 'templates/docker/container/depends-on-also-database.yml.j2' %}
|
||||
taiga-events-rabbitmq:
|
||||
condition: service_started
|
||||
@ -74,32 +35,16 @@ services:
|
||||
|
||||
taiga-async-rabbitmq:
|
||||
image: rabbitmq:3.8-management-alpine
|
||||
environment:
|
||||
RABBITMQ_ERLANG_COOKIE: "${RABBITMQ_ERLANG_COOKIE}"
|
||||
RABBITMQ_DEFAULT_USER: "${RABBITMQ_USER}"
|
||||
RABBITMQ_DEFAULT_PASS: "${RABBITMQ_PASS}"
|
||||
RABBITMQ_DEFAULT_VHOST: "${RABBITMQ_VHOST}"
|
||||
hostname: "taiga-async-rabbitmq"
|
||||
volumes:
|
||||
- async-rabbitmq-data:/var/lib/rabbitmq
|
||||
restart: {{docker_restart_policy}}
|
||||
logging:
|
||||
driver: journald
|
||||
|
||||
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
|
||||
{% include 'templates/docker/container/networks.yml.j2' %}
|
||||
taiga:
|
||||
|
||||
taiga-front:
|
||||
image: taigaio/taiga-front:latest
|
||||
environment:
|
||||
TAIGA_URL: "${TAIGA_SCHEME}://${TAIGA_DOMAIN}"
|
||||
TAIGA_WEBSOCKETS_URL: "${WEBSOCKETS_SCHEME}://${TAIGA_DOMAIN}"
|
||||
TAIGA_SUBPATH: "${SUBPATH}"
|
||||
# ...your customizations go here
|
||||
restart: {{docker_restart_policy}}
|
||||
logging:
|
||||
driver: journald
|
||||
|
||||
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
|
||||
{% include 'templates/docker/container/networks.yml.j2' %}
|
||||
taiga:
|
||||
# volumes:
|
||||
@ -107,14 +52,7 @@ services:
|
||||
|
||||
taiga-events:
|
||||
image: taigaio/taiga-events:latest
|
||||
environment:
|
||||
RABBITMQ_USER: "${RABBITMQ_USER}"
|
||||
RABBITMQ_PASS: "${RABBITMQ_PASS}"
|
||||
TAIGA_SECRET_KEY: "${SECRET_KEY}"
|
||||
restart: {{docker_restart_policy}}
|
||||
logging:
|
||||
driver: journald
|
||||
|
||||
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
|
||||
{% include 'templates/docker/container/networks.yml.j2' %}
|
||||
taiga:
|
||||
depends_on:
|
||||
@ -123,29 +61,17 @@ services:
|
||||
|
||||
taiga-events-rabbitmq:
|
||||
image: rabbitmq:3.8-management-alpine
|
||||
environment:
|
||||
RABBITMQ_ERLANG_COOKIE: "${RABBITMQ_ERLANG_COOKIE}"
|
||||
RABBITMQ_DEFAULT_USER: "${RABBITMQ_USER}"
|
||||
RABBITMQ_DEFAULT_PASS: "${RABBITMQ_PASS}"
|
||||
RABBITMQ_DEFAULT_VHOST: "${RABBITMQ_VHOST}"
|
||||
hostname: "events-rabbitmq"
|
||||
volumes:
|
||||
- events-rabbitmq-data:/var/lib/rabbitmq
|
||||
restart: {{docker_restart_policy}}
|
||||
logging:
|
||||
driver: journald
|
||||
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
|
||||
|
||||
{% include 'templates/docker/container/networks.yml.j2' %}
|
||||
taiga:
|
||||
|
||||
taiga-protected:
|
||||
image: taigaio/taiga-protected:latest
|
||||
environment:
|
||||
MAX_AGE: "${ATTACHMENTS_MAX_AGE}"
|
||||
SECRET_KEY: "${SECRET_KEY}"
|
||||
restart: {{docker_restart_policy}}
|
||||
logging:
|
||||
driver: journald
|
||||
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
|
||||
|
||||
{% include 'templates/docker/container/networks.yml.j2' %}
|
||||
taiga:
|
||||
@ -155,12 +81,10 @@ services:
|
||||
ports:
|
||||
- "{{http_port}}:80"
|
||||
volumes:
|
||||
- ./taiga-gateway/taiga.conf:/etc/nginx/conf.d/default.conf
|
||||
- {{docker_compose.directories.services}}taiga-gateway/taiga.conf:/etc/nginx/conf.d/default.conf
|
||||
- static-data:/taiga/static
|
||||
- media-data:/taiga/media
|
||||
restart: {{docker_restart_policy}}
|
||||
logging:
|
||||
driver: journald
|
||||
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
|
||||
|
||||
{% include 'templates/docker/container/networks.yml.j2' %}
|
||||
taiga:
|
||||
|
||||
44
roles/docker-taiga/templates/env.j2
Normal file
44
roles/docker-taiga/templates/env.j2
Normal file
@ -0,0 +1,44 @@
|
||||
# Taiga's URLs - Variables to define where Taiga should be served
|
||||
TAIGA_SITES_SCHEME = https # serve Taiga using "http" or "https" (secured) connection
|
||||
TAIGA_SITES_DOMAIN = "{{domain}}" # Taiga's base URL
|
||||
|
||||
TAIGA_SUBPATH = "" # it'll be appended to the TAIGA_DOMAIN (use either "" or a "/subpath")
|
||||
WEBSOCKETS_SCHEME = wss # events connection protocol (use either "ws" or "wss")
|
||||
|
||||
# Taiga's Secret Key - Variable to provide cryptographic signing
|
||||
TAIGA_SECRET_KEY = "{{taiga_secret_key}}" # Please, change it to an unpredictable value!!
|
||||
SECRET_KEY = "{{taiga_secret_key}}"
|
||||
|
||||
# Taiga's Database settings - Variables to create the Taiga database and connect to it
|
||||
POSTGRES_USER = "{{database_username}}" # user to connect to PostgreSQL
|
||||
POSTGRES_PASSWORD = "{{database_password}}" # database user's password
|
||||
POSTGRES_DB = "{{database_name}}"
|
||||
POSTGRES_HOST = "{{database_host}}"
|
||||
|
||||
# Taiga's SMTP settings - Variables to send Taiga's emails to the users
|
||||
EMAIL_BACKEND = "{{email_backend}}" # use an SMTP server or display the emails in the console (either "smtp" or "console")
|
||||
EMAIL_HOST = "{{system_email.host}}" # SMTP server address
|
||||
EMAIL_PORT = "{{system_email.smtp_port}}" # default SMTP port
|
||||
EMAIL_HOST_USER = "{{system_email.username}}" # user to connect the SMTP server
|
||||
EMAIL_HOST_PASSWORD = "{{system_email.password}}" # SMTP user's password
|
||||
EMAIL_DEFAULT_FROM = "{{system_email.from}}" # default email address for the automated emails
|
||||
EMAIL_BACKEND: = "django.core.mail.backends.{{email_backend}}.EmailBackend"
|
||||
DEFAULT_FROM_EMAIL = "{{system_email.from}}"
|
||||
|
||||
# EMAIL_USE_TLS/EMAIL_USE_SSL are mutually exclusive (only set one of those to True)
|
||||
EMAIL_USE_TLS = "{{ system_email.tls | lower | capitalize }}" # use TLS (secure) connection with the SMTP server
|
||||
EMAIL_USE_SSL = "{{ 'False' if system_email.start_tls else 'True' }}" # use implicit TLS (secure) connection with the SMTP server
|
||||
|
||||
# Taiga's RabbitMQ settings - Variables to leave messages for the realtime and asynchronous events
|
||||
RABBITMQ_DEFAULT_RABBITMQ_USER = taiga # user to connect to RabbitMQ
|
||||
RABBITMQ_DEFAULT_RABBITMQ_PASS = taiga # RabbitMQ user's password
|
||||
RABBITMQ_DEFAULT_RABBITMQ_VHOST = taiga # RabbitMQ container name
|
||||
RABBITMQ_ERLANG_COOKIE = secret-erlang-cookie # unique value shared by any connected instance of RabbitMQ
|
||||
|
||||
# Taiga's Attachments - Variable to define how long the attachments will be accesible
|
||||
ATTACHMENTS_MAX_AG = 360 # token expiration date (in seconds)
|
||||
MAX_AGE = 360
|
||||
|
||||
|
||||
# Taiga's Telemetry - Variable to enable or disable the anonymous telemetry
|
||||
ENABLE_TELEMETRY = True
|
||||
@ -1,4 +1,6 @@
|
||||
application_id: "taiga"
|
||||
database_type: "postgres"
|
||||
database_password: "{{taiga_database_password}}"
|
||||
repository_address: "https://github.com/taigaio/taiga-docker"
|
||||
application_id: "taiga"
|
||||
database_type: "postgres"
|
||||
database_password: "{{taiga_database_password}}"
|
||||
repository_address: "https://github.com/taigaio/taiga-docker"
|
||||
email_backend: "smtp" ## use an SMTP server or display the emails in the console (either "smtp" or "console")
|
||||
docker_compose_init: "{{docker_compose.directories.instance}}docker-compose-inits.yml.j2"
|
||||
@ -1,7 +1,7 @@
|
||||
---
|
||||
- name: rebuild wordpress container
|
||||
command:
|
||||
cmd: docker build --no-cache -t custom_wordpress .
|
||||
cmd: docker build --no-cache -t {{custom_wordpress_image}} .
|
||||
chdir: "{{docker_compose.directories.instance}}"
|
||||
environment:
|
||||
COMPOSE_HTTP_TIMEOUT: 600
|
||||
|
||||
@ -27,6 +27,17 @@
|
||||
- docker compose project setup
|
||||
- rebuild wordpress container
|
||||
|
||||
- name: "add docker-compose.yml to {{docker_compose.directories.instance}}"
|
||||
template: src=docker-compose.yml.j2 dest={{docker_compose.directories.instance}}docker-compose.yml
|
||||
- name: "create {{docker_compose.files.docker_compose}}"
|
||||
template:
|
||||
src: "docker-compose.yml.j2"
|
||||
dest: "{{docker_compose.files.docker_compose}}"
|
||||
notify: docker compose project setup
|
||||
|
||||
- name: "create {{docker_compose.files.env}}"
|
||||
template:
|
||||
src: "env.j2"
|
||||
dest: "{{docker_compose.files.env}}"
|
||||
mode: '770'
|
||||
force: yes
|
||||
notify: docker compose project setup
|
||||
|
||||
|
||||
@ -3,20 +3,13 @@ services:
|
||||
{% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %}
|
||||
|
||||
application:
|
||||
logging:
|
||||
driver: journald
|
||||
image: custom_wordpress
|
||||
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
|
||||
image: {{custom_wordpress_image}}
|
||||
container_name: wordpress-application
|
||||
build:
|
||||
context: .
|
||||
restart: {{docker_restart_policy}}
|
||||
ports:
|
||||
- "127.0.0.1:{{http_port}}:80"
|
||||
environment:
|
||||
WORDPRESS_DB_HOST: "{{database_host}}:{{database_port}}"
|
||||
WORDPRESS_DB_USER: "{{database_username}}"
|
||||
WORDPRESS_DB_PASSWORD: "{{database_password}}"
|
||||
WORDPRESS_DB_NAME: "{{database_name}}"
|
||||
volumes:
|
||||
- data:/var/www/html
|
||||
healthcheck:
|
||||
|
||||
4
roles/docker-wordpress/templates/env.j2
Normal file
4
roles/docker-wordpress/templates/env.j2
Normal file
@ -0,0 +1,4 @@
|
||||
WORDPRESS_DB_HOST= "{{database_host}}:{{database_port}}"
|
||||
WORDPRESS_DB_USER= "{{database_username}}"
|
||||
WORDPRESS_DB_PASSWORD= "{{database_password}}"
|
||||
WORDPRESS_DB_NAME= "{{database_name}}"
|
||||
@ -1,4 +1,5 @@
|
||||
application_id: "wordpress"
|
||||
wordpress_max_upload_size: "64M"
|
||||
database_type: "mariadb"
|
||||
database_password: "{{wordpress_database_password}}"
|
||||
database_password: "{{wordpress_database_password}}"
|
||||
custom_wordpress_image: "custom_wordpress"
|
||||
@ -6,8 +6,16 @@
|
||||
- name: "include tasks nginx-docker-proxy-domain.yml"
|
||||
include_tasks: nginx-docker-proxy-domain.yml
|
||||
|
||||
- name: add docker-compose.yml
|
||||
template:
|
||||
src: "docker-compose.yml.j2"
|
||||
dest: "{{docker_compose.directories.instance}}docker-compose.yml"
|
||||
- name: "create {{docker_compose.files.docker_compose}}"
|
||||
template:
|
||||
src: "docker-compose.yml.j2"
|
||||
dest: "{{docker_compose.files.docker_compose}}"
|
||||
notify: docker compose project setup
|
||||
|
||||
- name: "create {{docker_compose.files.env}}"
|
||||
template:
|
||||
src: "env.j2"
|
||||
dest: "{{docker_compose.files.env}}"
|
||||
mode: '770'
|
||||
force: yes
|
||||
notify: docker compose project setup
|
||||
|
||||
@ -3,20 +3,10 @@ services:
|
||||
{% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %}
|
||||
|
||||
application:
|
||||
logging:
|
||||
driver: journald
|
||||
image: yourls:{{applications.yourls.version}}
|
||||
restart: {{docker_restart_policy}}
|
||||
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
|
||||
ports:
|
||||
- "127.0.0.1:{{http_port}}:80"
|
||||
environment:
|
||||
YOURLS_DB_HOST: "{{database_host}}"
|
||||
YOURLS_DB_USER: "{{database_username}}"
|
||||
YOURLS_DB_PASS: "{{database_password}}"
|
||||
YOURLS_DB_NAME: "{{database_name}}"
|
||||
YOURLS_SITE: "https://{{domain}}"
|
||||
YOURLS_USER: "{{applications.yourls.administrator_username}}"
|
||||
YOURLS_PASS: "{{yourls_administrator_password}}"
|
||||
healthcheck:
|
||||
test: ["CMD", "curl", "-f", "http://127.0.0.1/admin/"]
|
||||
interval: 1m
|
||||
|
||||
7
roles/docker-yourls/templates/env.j2
Normal file
7
roles/docker-yourls/templates/env.j2
Normal file
@ -0,0 +1,7 @@
|
||||
YOURLS_DB_HOST: "{{database_host}}"
|
||||
YOURLS_DB_USER: "{{database_username}}"
|
||||
YOURLS_DB_PASS: "{{database_password}}"
|
||||
YOURLS_DB_NAME: "{{database_name}}"
|
||||
YOURLS_SITE: "https://{{domain}}"
|
||||
YOURLS_USER: "{{applications.yourls.administrator_username}}"
|
||||
YOURLS_PASS: "{{yourls_administrator_password}}"
|
||||
@ -2,29 +2,30 @@
|
||||
|
||||
# Check if the necessary parameters are provided
|
||||
if [ "$#" -ne 2 ]; then
|
||||
echo "Usage: $0 <domain> <docker_compose.directories.instance>"
|
||||
echo "Usage: $0 <domain> <docker_compose_instance_directory>"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Assign parameters
|
||||
domain="$1"
|
||||
docker_compose.directories.instance="$2"
|
||||
docker_compose_instance_directory="$2"
|
||||
docker_compose_cert_directory="$docker_compose_instance_directory/volumes/certs"
|
||||
|
||||
# Copy certificates
|
||||
cp -RvL "/etc/letsencrypt/live/$domain/"* "$docker_compose.directories.instance/certs" || exit 1
|
||||
cp -RvL "/etc/letsencrypt/live/$domain/"* "$docker_compose_cert_directory" || exit 1
|
||||
|
||||
# This code is optimized for mailu
|
||||
cp -v "/etc/letsencrypt/live/$domain/privkey.pem" "$docker_compose.directories.instance/certs/key.pem" || exit 1
|
||||
cp -v "/etc/letsencrypt/live/$domain/fullchain.pem" "$docker_compose.directories.instance/certs/cert.pem" || exit 1
|
||||
cp -v "/etc/letsencrypt/live/$domain/privkey.pem" "$docker_compose_cert_directory/key.pem" || exit 1
|
||||
cp -v "/etc/letsencrypt/live/$domain/fullchain.pem" "$docker_compose_cert_directory/cert.pem" || exit 1
|
||||
|
||||
# Set correct reading rights
|
||||
chmod a+r -v "$docker_compose.directories.instance/certs/"*
|
||||
chmod a+r -v "$docker_compose_cert_directory/"*
|
||||
|
||||
# Flag to track if any Nginx reload was successful
|
||||
nginx_reload_successful=false
|
||||
|
||||
# Reload Nginx in all containers within the Docker Compose setup
|
||||
cd "$docker_compose.directories.instance" || exit 1
|
||||
cd "$docker_compose_instance_directory" || exit 1
|
||||
|
||||
# Iterate over all services
|
||||
for service in $(docker compose ps --services); do
|
||||
|
||||
@ -3,6 +3,7 @@
|
||||
src: "nginx-docker-cert-deploy.sh"
|
||||
dest: "{{nginx_docker_cert_deploy_script}}"
|
||||
when: run_once_nginx_docker_cert_deploy is not defined
|
||||
notify: restart nginx-docker-cert-deploy.cymais.service
|
||||
|
||||
- name: run the nginx_docker_cert_deploy tasks once
|
||||
set_fact:
|
||||
@ -14,6 +15,7 @@
|
||||
path: "{{cert_mount_directory}}"
|
||||
state: directory
|
||||
mode: 0755
|
||||
notify: restart nginx-docker-cert-deploy.cymais.service
|
||||
|
||||
- name: configure nginx-docker-cert-deploy.cymais.service
|
||||
template:
|
||||
|
||||
@ -1,5 +0,0 @@
|
||||
- name: "include tasks update-repository-with-files.yml"
|
||||
include_tasks: update-repository-with-files.yml
|
||||
vars:
|
||||
detached_files:
|
||||
- "docker-compose.yml"
|
||||
@ -1,3 +1,6 @@
|
||||
# It isn't best practice to use this task
|
||||
# Better load the repositories into /opt/docker/[servicename]/services, build them there and then use a docker-compose file for customizing
|
||||
# @todo Refactor\Remove
|
||||
- name: "Merge detached_files with applications.oauth2_proxy.configuration_file"
|
||||
ansible.builtin.set_fact:
|
||||
merged_detached_files: "{{ detached_files + [applications.oauth2_proxy.configuration_file] }}"
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user