Compare commits

...

9 Commits

15 changed files with 145 additions and 140 deletions

View File

@ -119,10 +119,11 @@ nginx_homepage_root: "/usr/share/nginx/homepage/"
### Service Domains ### Service Domains
domain_akaunting: "accounting.{{top_domain}}" domain_akaunting: "accounting.{{top_domain}}"
domain_attendize: "tickets.{{top_domain}}"
domain_baserow: "baserow.{{top_domain}}" domain_baserow: "baserow.{{top_domain}}"
domain_bigbluebutton: "meet.{{top_domain}}" domain_bigbluebutton: "meet.{{top_domain}}"
domain_elk: "elk.{{top_domain}}"
domain_discourse: "forum.{{top_domain}}" domain_discourse: "forum.{{top_domain}}"
domain_elk: "elk.{{top_domain}}"
domain_funkwhale: "music.{{top_domain}}" domain_funkwhale: "music.{{top_domain}}"
domain_gitea: "git.{{top_domain}}" domain_gitea: "git.{{top_domain}}"
domain_gitlab: "gitlab.{{top_domain}}" domain_gitlab: "gitlab.{{top_domain}}"
@ -136,13 +137,13 @@ domain_matrix_element: "element.{{top_domain}}"
domain_moodle: "academy.{{top_domain}}" domain_moodle: "academy.{{top_domain}}"
domain_mediawiki: "wiki.{{top_domain}}" domain_mediawiki: "wiki.{{top_domain}}"
domain_nextcloud: "cloud.{{top_domain}}" domain_nextcloud: "cloud.{{top_domain}}"
domain_openproject: "project.{{top_domain}}"
domain_pixelfed: "picture.{{top_domain}}" domain_pixelfed: "picture.{{top_domain}}"
domain_peertube: "video.{{top_domain}}" domain_peertube: "video.{{top_domain}}"
domains_peertube: [] domains_peertube: []
domain_roulette: "roulette.{{top_domain}}" domain_roulette: "roulette.{{top_domain}}"
domain_attendize: "tickets.{{top_domain}}" domain_taiga: "kanban.{{top_domain}}"
domain_yourls: "s.{{top_domain}}" domain_yourls: "s.{{top_domain}}"
domain_openproject: "project.{{top_domain}}"
domains_wordpress: ["wordpress.{{top_domain}}","blog.{{top_domain}}"] domains_wordpress: ["wordpress.{{top_domain}}","blog.{{top_domain}}"]
### Domain Redirects ### Domain Redirects
@ -160,6 +161,7 @@ redirect_domain_mappings:
- { source: "pictures.{{top_domain}}", target: "{{domain_pixelfed}}" } - { source: "pictures.{{top_domain}}", target: "{{domain_pixelfed}}" }
- { source: "pixelfed.{{top_domain}}", target: "{{domain_pixelfed}}" } - { source: "pixelfed.{{top_domain}}", target: "{{domain_pixelfed}}" }
- { source: "short.{{top_domain}}", target: "{{domain_yourls}}" } - { source: "short.{{top_domain}}", target: "{{domain_yourls}}" }
- { source: "taiga.{{top_domain}}", target: "{{domain_taiga}}" }
- { source: "videos.{{top_domain}}", target: "{{domain_peertube}}" } - { source: "videos.{{top_domain}}", target: "{{domain_peertube}}" }
## Docker Applications ## Docker Applications

View File

@ -257,6 +257,15 @@
domain: "{{domain_moodle}}" domain: "{{domain_moodle}}"
http_port: 8026 http_port: 8026
- name: setup taiga instance
hosts: taiga
become: true
roles:
- role: docker-taiga
vars:
domain: "{{domain_taiga}}"
http_port: 8027
# Native Webserver Roles # Native Webserver Roles
- name: setup nginx-homepages - name: setup nginx-homepages
hosts: homepage hosts: homepage

View File

@ -1,6 +1,4 @@
docker_compose_project_name: "akaunting" docker_compose_project_name: "akaunting"
docker_compose_file_path: "{{docker_compose_instance_directory}}docker-compose.yml"
docker_compose_backup_path: "/tmp/{{docker_compose_project_name}}-docker-compose.yml.backup"
database_type: "mariadb" database_type: "mariadb"
database_password: "{{akaunting_database_password}}" database_password: "{{akaunting_database_password}}"
repository_address: "https://github.com/akaunting/docker.git" repository_address: "https://github.com/akaunting/docker.git"

View File

@ -1,7 +1,5 @@
--- ---
docker_compose_project_name: "attendize" docker_compose_project_name: "attendize"
docker_compose_file_path: "{{docker_compose_instance_directory}}docker-compose.yml"
docker_compose_backup_path: "/tmp/{{docker_compose_project_name}}-docker-compose.yml.backup"
mail_interface_domain: "mail.{{domain}}" mail_interface_domain: "mail.{{domain}}"
database_type: "mariadb" database_type: "mariadb"
database_password: "{{attendize_database_password}}" database_password: "{{attendize_database_password}}"

View File

@ -1,8 +1,6 @@
docker_compose_project_name: "openproject" docker_compose_project_name: "openproject"
repository_directory: "{{ path_docker_compose_instances }}{{docker_compose_project_name}}/" repository_directory: "{{ path_docker_compose_instances }}{{docker_compose_project_name}}/"
docker_compose_instance_directory: "{{repository_directory}}compose/" docker_compose_instance_directory: "{{repository_directory}}compose/"
docker_compose_file_path: "{{docker_compose_instance_directory}}docker-compose.yml"
docker_compose_backup_path: "/tmp/{{docker_compose_project_name}}-docker-compose.yml.backup"
database_password: "{{openproject_database_password}}" database_password: "{{openproject_database_password}}"
repository_address: "https://github.com/opf/openproject-deploy" repository_address: "https://github.com/opf/openproject-deploy"
database_type: "postgres" database_type: "postgres"

View File

@ -23,6 +23,12 @@ This Ansible role is designed to deploy a PostgreSQL database using Docker. It i
2. Include this role in your playbook. 2. Include this role in your playbook.
3. Run the playbook against the target host. 3. Run the playbook against the target host.
## Root Access
To access the database via the root account execute the following on the server:
```bash
docker exec -it central-postgres psql -U postgres
```
## Notes ## Notes
- The PostgreSQL server is bound to `127.0.0.1:5432` on the host machine, making it accessible only from localhost. - The PostgreSQL server is bound to `127.0.0.1:5432` on the host machine, making it accessible only from localhost.
- Ensure that the provided passwords are secure and stored securely, preferably using Ansible Vault or another encryption method. - Ensure that the provided passwords are secure and stored securely, preferably using Ansible Vault or another encryption method.

View File

@ -5,9 +5,10 @@
- name: "include tasks nginx-docker-proxy-domain.yml" - name: "include tasks nginx-docker-proxy-domain.yml"
include_tasks: nginx-docker-proxy-domain.yml include_tasks: nginx-docker-proxy-domain.yml
- name: "include tasks update-repository-with-docker-compose.yml" - name: "include tasks update-repository-with-files.yml"
include_tasks: update-repository-with-docker-compose.yml include_tasks: update-repository-with-files.yml
vars:
- name: configure run.env detached_files:
template: src=env.j2 dest={{docker_compose_instance_directory}}/.env - .env
notify: docker compose project setup - docker-compose.yml
- docker-compose-inits.yml

View File

@ -5,22 +5,22 @@ SUBPATH="" # it'll be appended to the TAIGA_DOMAIN (use either "" or a "/subpath
WEBSOCKETS_SCHEME=wss # events connection protocol (use either "ws" or "wss") WEBSOCKETS_SCHEME=wss # events connection protocol (use either "ws" or "wss")
# Taiga's Secret Key - Variable to provide cryptographic signing # Taiga's Secret Key - Variable to provide cryptographic signing
SECRET_KEY="{{taigaio_secret_key}}" # Please, change it to an unpredictable value!! SECRET_KEY="{{taiga_secret_key}}" # Please, change it to an unpredictable value!!
# Taiga's Database settings - Variables to create the Taiga database and connect to it # Taiga's Database settings - Variables to create the Taiga database and connect to it
POSTGRES_USER=taiga # user to connect to PostgreSQL POSTGRES_USER={{database_username}} # user to connect to PostgreSQL
POSTGRES_PASSWORD=taiga # database user's password POSTGRES_PASSWORD={{database_password}} # database user's password
# Taiga's SMTP settings - Variables to send Taiga's emails to the users # Taiga's SMTP settings - Variables to send Taiga's emails to the users
EMAIL_BACKEND = console # use an SMTP server or display the emails in the console (either "smtp" or "console") EMAIL_BACKEND = console # use an SMTP server or display the emails in the console (either "smtp" or "console")
EMAIL_HOST=smtp.host.example.com # SMTP server address EMAIL_HOST = {{system_email_host}} # SMTP server address
EMAIL_PORT=587 # default SMTP port EMAIL_PORT = {{system_email_smtp_port}} # default SMTP port
EMAIL_HOST_USER=user # user to connect the SMTP server EMAIL_HOST_USER = {{system_email_username}} # user to connect the SMTP server
EMAIL_HOST_PASSWORD=password # SMTP user's password EMAIL_HOST_PASSWORD = {{system_email_password}} # SMTP user's password
EMAIL_DEFAULT_FROM=changeme@example.com # default email address for the automated emails EMAIL_DEFAULT_FROM = {{system_email}} # default email address for the automated emails
# EMAIL_USE_TLS/EMAIL_USE_SSL are mutually exclusive (only set one of those to True) # EMAIL_USE_TLS/EMAIL_USE_SSL are mutually exclusive (only set one of those to True)
EMAIL_USE_TLS=True # use TLS (secure) connection with the SMTP server EMAIL_USE_TLS={{ system_email_tls | lower | capitalize }} # use TLS (secure) connection with the SMTP server
EMAIL_USE_SSL=False # use implicit TLS (secure) connection with the SMTP server EMAIL_USE_SSL={{ 'False' if system_email_start_tls else 'True' }} # use implicit TLS (secure) connection with the SMTP server
# Taiga's RabbitMQ settings - Variables to leave messages for the realtime and asynchronous events # Taiga's RabbitMQ settings - Variables to leave messages for the realtime and asynchronous events
RABBITMQ_USER=taiga # user to connect to RabbitMQ RABBITMQ_USER=taiga # user to connect to RabbitMQ

View File

@ -1,11 +1,9 @@
version: "3.5"
x-environment: x-environment:
&default-back-environment &default-back-environment
POSTGRES_DB: "taiga" POSTGRES_DB: "{{database_name}}"
POSTGRES_USER: "${POSTGRES_USER}" POSTGRES_USER: "${POSTGRES_USER}"
POSTGRES_PASSWORD: "${POSTGRES_PASSWORD}" POSTGRES_PASSWORD: "${POSTGRES_PASSWORD}"
POSTGRES_HOST: "taiga-db" POSTGRES_HOST: "{{database_host}}"
TAIGA_SECRET_KEY: "${SECRET_KEY}" TAIGA_SECRET_KEY: "${SECRET_KEY}"
TAIGA_SITES_SCHEME: "${TAIGA_SCHEME}" TAIGA_SITES_SCHEME: "${TAIGA_SCHEME}"
@ -26,17 +24,18 @@ x-environment:
x-volumes: x-volumes:
&default-back-volumes &default-back-volumes
- taiga-static-data:/taiga-back/static - static-data:/taiga-back/static
- taiga-media-data:/taiga-back/media - media-data:/taiga-back/media
# - ./config.py:/taiga-back/settings/config.py # - ./config.py:/taiga-back/settings/config.py
services: services:
taiga-manage: taiga-manage:
image: taigaio/taiga-back:latest image: taigaio/taiga-back:latest
environment: *default-back-environment environment: *default-back-environment
depends_on: {% include 'templates/docker/container/depends-on-just-database.yml.j2' %}
- taiga-db {% include 'templates/docker/container/networks.yml.j2' %}
entrypoint: "python manage.py" entrypoint: "python manage.py"
volumes: *default-back-volumes volumes: *default-back-volumes
networks: {% include 'templates/docker/compose/networks.yml.j2' %}
- taiga taiga:

View File

@ -1,13 +1,12 @@
version: "3.5"
x-environment: x-environment:
&default-back-environment &default-back-environment
# These environment variables will be used by taiga-back and taiga-async. # These environment variables will be used by taiga-back and taiga-async.
# Database settings # Database settings
POSTGRES_DB: "taiga" POSTGRES_DB: "{{database_name}}"
POSTGRES_USER: "${POSTGRES_USER}" POSTGRES_USER: "${POSTGRES_USER}"
POSTGRES_PASSWORD: "${POSTGRES_PASSWORD}" POSTGRES_PASSWORD: "${POSTGRES_PASSWORD}"
POSTGRES_HOST: "taiga-db" POSTGRES_HOST: "{{database_host}}"
# Taiga settings # Taiga settings
TAIGA_SECRET_KEY: "${SECRET_KEY}" TAIGA_SECRET_KEY: "${SECRET_KEY}"
TAIGA_SITES_SCHEME: "${TAIGA_SCHEME}" TAIGA_SITES_SCHEME: "${TAIGA_SCHEME}"
@ -32,38 +31,22 @@ x-environment:
x-volumes: x-volumes:
&default-back-volumes &default-back-volumes
# These volumens will be used by taiga-back and taiga-async. # These volumens will be used by taiga-back and taiga-async.
- taiga-static-data:/taiga-back/static - static-data:/taiga-back/static
- taiga-media-data:/taiga-back/media - media-data:/taiga-back/media
# - ./config.py:/taiga-back/settings/config.py # - ./config.py:/taiga-back/settings/config.py
services: services:
taiga-db: {% include 'templates/docker/services/' + database_type + '.yml.j2' %}
image: postgres:12.3
environment:
POSTGRES_DB: "taiga"
POSTGRES_USER: "${POSTGRES_USER}"
POSTGRES_PASSWORD: "${POSTGRES_PASSWORD}"
healthcheck:
test: ["CMD-SHELL", "pg_isready -U ${POSTGRES_USER}"]
interval: 2s
timeout: 15s
retries: 5
start_period: 3s
volumes:
- taiga-db-data:/var/lib/postgresql/data
networks:
- taiga
taiga-back: taiga-back:
image: taigaio/taiga-back:latest image: taigaio/taiga-back:latest
environment: *default-back-environment environment: *default-back-environment
volumes: *default-back-volumes volumes: *default-back-volumes
networks:
- taiga {% include 'templates/docker/container/networks.yml.j2' %}
depends_on: taiga:
taiga-db:
condition: service_healthy {% include 'templates/docker/container/depends-on-also-database.yml.j2' %}
taiga-events-rabbitmq: events-rabbitmq:
condition: service_started condition: service_started
taiga-async-rabbitmq: taiga-async-rabbitmq:
condition: service_started condition: service_started
@ -73,12 +56,12 @@ services:
entrypoint: ["/taiga-back/docker/async_entrypoint.sh"] entrypoint: ["/taiga-back/docker/async_entrypoint.sh"]
environment: *default-back-environment environment: *default-back-environment
volumes: *default-back-volumes volumes: *default-back-volumes
networks:
- taiga {% include 'templates/docker/container/networks.yml.j2' %}
depends_on: taiga:
taiga-db:
condition: service_healthy {% include 'templates/docker/container/depends-on-also-database.yml.j2' %}
taiga-events-rabbitmq: events-rabbitmq:
condition: service_started condition: service_started
taiga-async-rabbitmq: taiga-async-rabbitmq:
condition: service_started condition: service_started
@ -92,9 +75,10 @@ services:
RABBITMQ_DEFAULT_VHOST: "${RABBITMQ_VHOST}" RABBITMQ_DEFAULT_VHOST: "${RABBITMQ_VHOST}"
hostname: "taiga-async-rabbitmq" hostname: "taiga-async-rabbitmq"
volumes: volumes:
- taiga-async-rabbitmq-data:/var/lib/rabbitmq - async-rabbitmq-data:/var/lib/rabbitmq
networks:
- taiga {% include 'templates/docker/container/networks.yml.j2' %}
taiga:
taiga-front: taiga-front:
image: taigaio/taiga-front:latest image: taigaio/taiga-front:latest
@ -103,8 +87,9 @@ services:
TAIGA_WEBSOCKETS_URL: "${WEBSOCKETS_SCHEME}://${TAIGA_DOMAIN}" TAIGA_WEBSOCKETS_URL: "${WEBSOCKETS_SCHEME}://${TAIGA_DOMAIN}"
TAIGA_SUBPATH: "${SUBPATH}" TAIGA_SUBPATH: "${SUBPATH}"
# ...your customizations go here # ...your customizations go here
networks:
- taiga {% include 'templates/docker/container/networks.yml.j2' %}
taiga:
# volumes: # volumes:
# - ./conf.json:/usr/share/nginx/html/conf.json # - ./conf.json:/usr/share/nginx/html/conf.json
@ -114,54 +99,57 @@ services:
RABBITMQ_USER: "${RABBITMQ_USER}" RABBITMQ_USER: "${RABBITMQ_USER}"
RABBITMQ_PASS: "${RABBITMQ_PASS}" RABBITMQ_PASS: "${RABBITMQ_PASS}"
TAIGA_SECRET_KEY: "${SECRET_KEY}" TAIGA_SECRET_KEY: "${SECRET_KEY}"
networks:
- taiga {% include 'templates/docker/container/networks.yml.j2' %}
taiga:
depends_on: depends_on:
taiga-events-rabbitmq: events-rabbitmq:
condition: service_started condition: service_started
taiga-events-rabbitmq: events-rabbitmq:
image: rabbitmq:3.8-management-alpine image: rabbitmq:3.8-management-alpine
environment: environment:
RABBITMQ_ERLANG_COOKIE: "${RABBITMQ_ERLANG_COOKIE}" RABBITMQ_ERLANG_COOKIE: "${RABBITMQ_ERLANG_COOKIE}"
RABBITMQ_DEFAULT_USER: "${RABBITMQ_USER}" RABBITMQ_DEFAULT_USER: "${RABBITMQ_USER}"
RABBITMQ_DEFAULT_PASS: "${RABBITMQ_PASS}" RABBITMQ_DEFAULT_PASS: "${RABBITMQ_PASS}"
RABBITMQ_DEFAULT_VHOST: "${RABBITMQ_VHOST}" RABBITMQ_DEFAULT_VHOST: "${RABBITMQ_VHOST}"
hostname: "taiga-events-rabbitmq" hostname: "events-rabbitmq"
volumes: volumes:
- taiga-events-rabbitmq-data:/var/lib/rabbitmq - events-rabbitmq-data:/var/lib/rabbitmq
networks:
- taiga {% include 'templates/docker/container/networks.yml.j2' %}
taiga:
taiga-protected: taiga-protected:
image: taigaio/taiga-protected:latest image: taigaio/taiga-protected:latest
environment: environment:
MAX_AGE: "${ATTACHMENTS_MAX_AGE}" MAX_AGE: "${ATTACHMENTS_MAX_AGE}"
SECRET_KEY: "${SECRET_KEY}" SECRET_KEY: "${SECRET_KEY}"
networks:
- taiga {% include 'templates/docker/container/networks.yml.j2' %}
taiga:
taiga-gateway: taiga-gateway:
image: nginx:1.19-alpine image: nginx:1.19-alpine
ports: ports:
- "9000:80" - "{{http_port}}:80"
volumes: volumes:
- ./taiga-gateway/taiga.conf:/etc/nginx/conf.d/default.conf - ./taiga-gateway/taiga.conf:/etc/nginx/conf.d/default.conf
- taiga-static-data:/taiga/static - static-data:/taiga/static
- taiga-media-data:/taiga/media - media-data:/taiga/media
networks:
- taiga {% include 'templates/docker/container/networks.yml.j2' %}
taiga:
depends_on: depends_on:
- taiga-front - taiga-front
- taiga-back - taiga-back
- taiga-events - taiga-events
volumes: {% include 'templates/docker/compose/volumes.yml.j2' %}
taiga-static-data: static-data:
taiga-media-data: media-data:
taiga-db-data: async-rabbitmq-data:
taiga-async-rabbitmq-data: events-rabbitmq-data:
taiga-events-rabbitmq-data:
networks: {% include 'templates/docker/compose/networks.yml.j2' %}
taiga: taiga:

View File

@ -1,6 +1,4 @@
docker_compose_project_name: "taigaio" docker_compose_project_name: "taiga"
docker_compose_file_path: "{{docker_compose_instance_directory}}docker-compose.yml" database_type: "postgres"
docker_compose_backup_path: "/tmp/{{docker_compose_project_name}}-docker-compose.yml.backup" database_password: "{{taiga_database_password}}"
database_type: "mariadb"
database_password: "{{taigaio_database_password}}"
repository_address: "https://github.com/taigaio/taiga-docker" repository_address: "https://github.com/taigaio/taiga-docker"

View File

@ -1,34 +1,5 @@
- name: "backup docker-compose.yml if it exists" - name: "include tasks update-repository-with-files.yml"
command: > include_tasks: update-repository-with-files.yml
mv "{{ docker_compose_file_path }}" "{{ docker_compose_backup_path }}" vars:
args: detached_files:
removes: "{{ docker_compose_file_path }}" - "docker-compose.yml"
become: true
- name: checkout repository
ansible.builtin.shell: git checkout .
become: true
args:
chdir: "{{docker_compose_instance_directory}}"
ignore_errors: true
- name: pull docker repository
git:
repo: "{{ repository_address }}"
dest: "{{ repository_directory }}"
update: yes
notify: docker compose project setup
become: true
- name: "restore docker-compose.yml from backup"
command: >
mv "{{ docker_compose_backup_path }}" "{{ docker_compose_file_path }}"
args:
removes: "{{ docker_compose_backup_path }}"
become: true
- name: "copy docker-compose.yml"
template:
src: docker-compose.yml.j2
dest: "{{ docker_compose_file_path }}"
notify: docker compose project setup

View File

@ -0,0 +1,37 @@
- name: "backup docker-compose.yml if it exists"
command: >
mv "{{docker_compose_instance_directory}}{{ item }}" "/tmp/{{docker_compose_project_name}}-{{ item }}.backup"
args:
removes: "{{docker_compose_instance_directory}}{{ item }}"
become: true
loop: "{{ detached_files }}"
- name: checkout repository
ansible.builtin.shell: git checkout .
become: true
args:
chdir: "{{docker_compose_instance_directory}}"
ignore_errors: true
- name: pull docker repository
git:
repo: "{{ repository_address }}"
dest: "{{ repository_directory | default(docker_compose_instance_directory) }}"
update: yes
notify: docker compose project setup
become: true
- name: "restore docker-compose.yml from backup"
command: >
mv "/tmp/{{docker_compose_project_name}}-{{ item }}.backup" "{{docker_compose_instance_directory}}{{ item }}"
args:
removes: "/tmp/{{docker_compose_project_name}}-{{ item }}.backup"
become: true
loop: "{{ detached_files }}"
- name: "copy {{ item }}"
template:
src: "{{ item }}.j2"
dest: "{{docker_compose_instance_directory}}{{ item }}"
loop: "{{ detached_files }}"
notify: docker compose project setup

View File

@ -1,4 +1,4 @@
# This template needs to be included in docker-compose.yml contaienrs, which depend on a database, redis and optional additional volumes # This template needs to be included in docker-compose.yml containers, which depend on a database, redis and optional additional volumes
depends_on: depends_on:
{% if not enable_central_database | bool %} {% if not enable_central_database | bool %}
database: database:

View File

@ -1,4 +1,4 @@
# This template needs to be included in docker-compose.yml contaienrs, which just depend on a database # This template needs to be included in docker-compose.yml containers, which just depend on a database
{% if not enable_central_database | bool %} {% if not enable_central_database | bool %}
depends_on: depends_on:
database: database: