mirror of
https://github.com/Crocmagnon/ansible.git
synced 2024-11-23 15:58:04 +01:00
Compare commits
No commits in common. "dea406fb54c010ab31aa6b8b5c9562dd04fc094b" and "9b01415013f246fc4e4f2533159a70b1f98ac7ee" have entirely different histories.
dea406fb54
...
9b01415013
25 changed files with 66 additions and 907 deletions
|
@ -1,5 +0,0 @@
|
||||||
---
|
|
||||||
profile: production
|
|
||||||
strict: true
|
|
||||||
exclude_paths:
|
|
||||||
- "**/*docker-compose.yaml"
|
|
|
@ -1,3 +1,3 @@
|
||||||
[env]
|
[env]
|
||||||
ANSIBLE_INVENTORY = "{{config_root}}/inventory.ini"
|
ANSIBLE_INVENTORY = "{{config_root}}/inventory.ini"
|
||||||
ANSIBLE_VAULT_PASSWORD_FILE = "{{config_root}}/vault.pass"
|
ANSIBLE_VAULT_PASSWORD_FILE = "{{config_root}}/vault.pass"
|
|
@ -1,39 +0,0 @@
|
||||||
---
|
|
||||||
ci:
|
|
||||||
autoupdate_schedule: monthly
|
|
||||||
skip:
|
|
||||||
# build of https://github.com/ansible/ansible-lint:ansible@v24.9.2 for python@python3 exceeds tier max size 250MiB: 405.6MiB
|
|
||||||
- ansible-lint
|
|
||||||
- ggshield
|
|
||||||
|
|
||||||
repos:
|
|
||||||
- repo: https://github.com/pre-commit/pre-commit-hooks
|
|
||||||
rev: v5.0.0
|
|
||||||
hooks:
|
|
||||||
- id: check-added-large-files
|
|
||||||
- id: check-case-conflict
|
|
||||||
- id: check-executables-have-shebangs
|
|
||||||
- id: check-illegal-windows-names
|
|
||||||
- id: check-json
|
|
||||||
- id: check-merge-conflict
|
|
||||||
- id: check-shebang-scripts-are-executable
|
|
||||||
- id: check-symlinks
|
|
||||||
- id: check-toml
|
|
||||||
- id: check-vcs-permalinks
|
|
||||||
- id: check-yaml
|
|
||||||
args: [--unsafe]
|
|
||||||
- id: detect-private-key
|
|
||||||
- id: end-of-file-fixer
|
|
||||||
- id: mixed-line-ending
|
|
||||||
- id: trailing-whitespace
|
|
||||||
- repo: https://github.com/ansible/ansible-lint
|
|
||||||
rev: v24.9.2
|
|
||||||
hooks:
|
|
||||||
- id: ansible-lint
|
|
||||||
entry: python3 -m ansiblelint -v --force-color --fix
|
|
||||||
additional_dependencies:
|
|
||||||
- ansible # necessary because we're using community collections
|
|
||||||
- repo: https://github.com/gitguardian/ggshield
|
|
||||||
rev: v1.32.1
|
|
||||||
hooks:
|
|
||||||
- id: ggshield
|
|
|
@ -1,2 +1,2 @@
|
||||||
[servers]
|
[servers]
|
||||||
ubuntu ansible_host=192.168.0.6 ansible_python_interpreter=auto_silent
|
ubuntu ansible_host=192.168.0.6 ansible_port=38303 ansible_python_interpreter=auto_silent
|
||||||
|
|
|
@ -1,20 +0,0 @@
|
||||||
---
|
|
||||||
- name: Update caddy config
|
|
||||||
hosts: servers
|
|
||||||
gather_facts: false
|
|
||||||
become: true
|
|
||||||
tasks:
|
|
||||||
- name: Write Caddyfile
|
|
||||||
ansible.builtin.copy:
|
|
||||||
src: files/Caddyfile
|
|
||||||
dest: /etc/caddy/Caddyfile
|
|
||||||
mode: "0644"
|
|
||||||
owner: root
|
|
||||||
group: root
|
|
||||||
notify:
|
|
||||||
- Reload caddy
|
|
||||||
handlers:
|
|
||||||
- name: Reload caddy
|
|
||||||
ansible.builtin.service:
|
|
||||||
name: caddy
|
|
||||||
state: reloaded
|
|
|
@ -1,294 +0,0 @@
|
||||||
{
|
|
||||||
email gabriel@augendre.info
|
|
||||||
http_port 80
|
|
||||||
https_port 443
|
|
||||||
}
|
|
||||||
|
|
||||||
(common_headers) {
|
|
||||||
header * -Server
|
|
||||||
header * -X-Powered-By
|
|
||||||
header * Permissions-Policy interest-cohort=()
|
|
||||||
header * ?Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
|
|
||||||
header * ?Referrer-Policy "strict-origin-when-cross-origin"
|
|
||||||
header * ?X-Content-Type-Options "nosniff"
|
|
||||||
header * ?X-Frame-Options "DENY"
|
|
||||||
header * ?X-XSS-Protection "1; mode=block"
|
|
||||||
}
|
|
||||||
|
|
||||||
(internal) {
|
|
||||||
@blocked not client_ip private_ranges 2a01:e0a:325:a1c0::/64
|
|
||||||
respond @blocked "Access denied" 403 {
|
|
||||||
close
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
#########################################################
|
|
||||||
# PUBLIC SERVICES
|
|
||||||
#########################################################
|
|
||||||
|
|
||||||
## Static config
|
|
||||||
#########################################################
|
|
||||||
|
|
||||||
static.augendre.info {
|
|
||||||
import common_headers
|
|
||||||
header * Cache-Control "max-age=300"
|
|
||||||
file_server * {
|
|
||||||
root /mnt/data/caddy/static
|
|
||||||
hide .*
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
augendre.info {
|
|
||||||
import common_headers
|
|
||||||
respond * 200
|
|
||||||
}
|
|
||||||
|
|
||||||
## Reverse proxies (ports 8000-8999)
|
|
||||||
#########################################################
|
|
||||||
|
|
||||||
charasheet.augendre.info {
|
|
||||||
import common_headers
|
|
||||||
route {
|
|
||||||
file_server /media/* {
|
|
||||||
root /mnt/data/charasheet/data
|
|
||||||
}
|
|
||||||
reverse_proxy localhost:8001
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
checkout.augendre.info {
|
|
||||||
import common_headers
|
|
||||||
route {
|
|
||||||
file_server /media/* {
|
|
||||||
root /mnt/data/checkout
|
|
||||||
}
|
|
||||||
reverse_proxy localhost:8002
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
cloud.augendre.info {
|
|
||||||
import common_headers
|
|
||||||
route /push/* {
|
|
||||||
uri strip_prefix /push
|
|
||||||
reverse_proxy localhost:8004
|
|
||||||
}
|
|
||||||
# rewrite to suppress carddav/caldav warning
|
|
||||||
# in nextcloud settings
|
|
||||||
rewrite /.well-known/carddav /remote.php/dav/
|
|
||||||
rewrite /.well-known/caldav /remote.php/dav/
|
|
||||||
reverse_proxy localhost:8003
|
|
||||||
}
|
|
||||||
|
|
||||||
gc.gabnotes.org, gc.augendre.info, static.gc.augendre.info, voyages.gc.coccomagnard.fr {
|
|
||||||
import common_headers
|
|
||||||
reverse_proxy localhost:8005
|
|
||||||
}
|
|
||||||
|
|
||||||
git.augendre.info {
|
|
||||||
import common_headers
|
|
||||||
reverse_proxy localhost:8006
|
|
||||||
}
|
|
||||||
|
|
||||||
office.augendre.info {
|
|
||||||
import common_headers
|
|
||||||
reverse_proxy localhost:8007
|
|
||||||
}
|
|
||||||
|
|
||||||
reader.augendre.info {
|
|
||||||
import common_headers
|
|
||||||
reverse_proxy localhost:8008
|
|
||||||
}
|
|
||||||
|
|
||||||
wallabag.augendre.info {
|
|
||||||
import common_headers
|
|
||||||
header * ?Content-Security-Policy "default-src 'none'; img-src * data:; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'self'; connect-src 'self'; manifest-src 'self'"
|
|
||||||
reverse_proxy localhost:8009
|
|
||||||
}
|
|
||||||
|
|
||||||
bin.augendre.info, paste.augendre.info {
|
|
||||||
import common_headers
|
|
||||||
@bot header User-Agent PrivateBinDirectoryBot*
|
|
||||||
respond @bot "Access denied" 403 {
|
|
||||||
close
|
|
||||||
}
|
|
||||||
reverse_proxy localhost:8010
|
|
||||||
}
|
|
||||||
|
|
||||||
g4b.ovh {
|
|
||||||
import common_headers
|
|
||||||
reverse_proxy localhost:8011
|
|
||||||
}
|
|
||||||
|
|
||||||
manuels.augendre.info, fournitures.augendre.info {
|
|
||||||
import common_headers
|
|
||||||
reverse_proxy localhost:8012
|
|
||||||
}
|
|
||||||
|
|
||||||
tcl.augendre.info {
|
|
||||||
import common_headers
|
|
||||||
reverse_proxy localhost:8013
|
|
||||||
}
|
|
||||||
|
|
||||||
## Ghost blogs (ports >=2368)
|
|
||||||
#########################################################
|
|
||||||
|
|
||||||
gabnotes.org {
|
|
||||||
import common_headers
|
|
||||||
header * Content-Security-Policy "default-src 'none'; style-src 'self' 'unsafe-inline' https:; script-src 'self' 'unsafe-inline' 'wasm-unsafe-eval' https://cdn.jsdelivr.net https://code.jquery.com https://*.gabnotes.org https://unpkg.com https://cdnjs.cloudflare.com; img-src 'self' https:; connect-src 'self' https://*.augendre.info https://unpkg.com https://*.gabnotes.org https://api.codapi.org; frame-ancestors https://*.augendre.info; base-uri 'self'; form-action 'self';"
|
|
||||||
|
|
||||||
reverse_proxy localhost:2368
|
|
||||||
}
|
|
||||||
ghost.augendre.info {
|
|
||||||
import common_headers
|
|
||||||
redir / /ghost/
|
|
||||||
|
|
||||||
reverse_proxy localhost:2368
|
|
||||||
}
|
|
||||||
|
|
||||||
voyages-lois.augendre.info {
|
|
||||||
import common_headers
|
|
||||||
header * X-Frame-Options "SAMEORIGIN"
|
|
||||||
reverse_proxy localhost:2369
|
|
||||||
}
|
|
||||||
|
|
||||||
voyages.coccomagnard.fr, voyages.augendre.info {
|
|
||||||
import common_headers
|
|
||||||
header * X-Frame-Options "SAMEORIGIN"
|
|
||||||
reverse_proxy localhost:2370
|
|
||||||
}
|
|
||||||
|
|
||||||
#########################################################
|
|
||||||
# PROXY TO EXTERNAL SERVICES
|
|
||||||
#########################################################
|
|
||||||
|
|
||||||
## At home
|
|
||||||
#########################################################
|
|
||||||
|
|
||||||
hass.augendre.info {
|
|
||||||
import common_headers
|
|
||||||
header * X-Frame-Options "SAMEORIGIN"
|
|
||||||
reverse_proxy http://192.168.0.9:8123
|
|
||||||
}
|
|
||||||
|
|
||||||
prusalink.augendre.info {
|
|
||||||
import internal
|
|
||||||
reverse_proxy http://192.168.0.12
|
|
||||||
}
|
|
||||||
|
|
||||||
## Outside
|
|
||||||
#########################################################
|
|
||||||
|
|
||||||
autoconfig.augendre.info {
|
|
||||||
import common_headers
|
|
||||||
reverse_proxy https://autoconfig.migadu.com
|
|
||||||
}
|
|
||||||
|
|
||||||
#########################################################
|
|
||||||
# INTERNAL SERVICES
|
|
||||||
#########################################################
|
|
||||||
|
|
||||||
## Static config
|
|
||||||
#########################################################
|
|
||||||
|
|
||||||
internal-static.augendre.info {
|
|
||||||
import common_headers
|
|
||||||
import internal
|
|
||||||
header * Cache-Control "max-age=300"
|
|
||||||
file_server * {
|
|
||||||
root /mnt/data/caddy/internal-static
|
|
||||||
hide .*
|
|
||||||
browse
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
## Reverse proxies (ports 9000-9999)
|
|
||||||
#########################################################
|
|
||||||
|
|
||||||
portainer.augendre.info {
|
|
||||||
import common_headers
|
|
||||||
import internal
|
|
||||||
reverse_proxy https://localhost:9001 {
|
|
||||||
transport http {
|
|
||||||
tls_insecure_skip_verify
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
code.augendre.info {
|
|
||||||
import common_headers
|
|
||||||
import internal
|
|
||||||
reverse_proxy localhost:9002
|
|
||||||
}
|
|
||||||
|
|
||||||
plex.augendre.info {
|
|
||||||
import common_headers
|
|
||||||
import internal
|
|
||||||
reverse_proxy localhost:9003
|
|
||||||
}
|
|
||||||
transmission.augendre.info {
|
|
||||||
import common_headers
|
|
||||||
import internal
|
|
||||||
reverse_proxy localhost:9004
|
|
||||||
}
|
|
||||||
sonarr.augendre.info {
|
|
||||||
import common_headers
|
|
||||||
import internal
|
|
||||||
reverse_proxy localhost:9005
|
|
||||||
}
|
|
||||||
prowlarr.augendre.info {
|
|
||||||
import common_headers
|
|
||||||
import internal
|
|
||||||
reverse_proxy localhost:9006
|
|
||||||
}
|
|
||||||
radarr.augendre.info {
|
|
||||||
import common_headers
|
|
||||||
import internal
|
|
||||||
reverse_proxy localhost:9007
|
|
||||||
}
|
|
||||||
|
|
||||||
test.augendre.info {
|
|
||||||
import common_headers
|
|
||||||
import internal
|
|
||||||
reverse_proxy localhost:9008
|
|
||||||
}
|
|
||||||
|
|
||||||
nextcloud-kibana.augendre.info {
|
|
||||||
import common_headers
|
|
||||||
import internal
|
|
||||||
reverse_proxy localhost:9009
|
|
||||||
}
|
|
||||||
|
|
||||||
display.augendre.info {
|
|
||||||
import common_headers
|
|
||||||
import internal
|
|
||||||
header Content-Security-Policy "default-src 'self' https://*.augendre.info; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline'; frame-ancestors https://*.augendre.info; connect-src 'self' https://*.augendre.info https://download.data.grandlyon.com"
|
|
||||||
reverse_proxy localhost:9010
|
|
||||||
}
|
|
||||||
|
|
||||||
#########################################################
|
|
||||||
# REDIRECTS
|
|
||||||
#########################################################
|
|
||||||
mariage.augendre.info {
|
|
||||||
import common_headers
|
|
||||||
redir https://cloud.augendre.info/s/65JgH8fzz2CyJZ3
|
|
||||||
}
|
|
||||||
|
|
||||||
mail.augendre.info {
|
|
||||||
import common_headers
|
|
||||||
redir https://webmail.migadu.com permanent
|
|
||||||
}
|
|
||||||
|
|
||||||
cv-gabriel.augendre.info {
|
|
||||||
import common_headers
|
|
||||||
redir https://cloud.augendre.info/s/FHGJkc2DzJECY64/download permanent
|
|
||||||
}
|
|
||||||
|
|
||||||
blog.augendre.info gabriel.augendre.info www.gabnotes.org {
|
|
||||||
import common_headers
|
|
||||||
redir https://gabnotes.org{uri} permanent
|
|
||||||
}
|
|
||||||
|
|
||||||
qrcode.augendre.info qr.augendre.info {
|
|
||||||
import common_headers
|
|
||||||
redir https://static.augendre.info/qrcode-web/
|
|
||||||
}
|
|
|
@ -1,13 +0,0 @@
|
||||||
services:
|
|
||||||
server:
|
|
||||||
image: codeberg.org/forgejo/forgejo:8
|
|
||||||
env_file: gitea.env
|
|
||||||
restart: always
|
|
||||||
volumes:
|
|
||||||
- ./gitea_data:/data
|
|
||||||
- /etc/timezone:/etc/timezone:ro
|
|
||||||
- /etc/localtime:/etc/localtime:ro
|
|
||||||
ports:
|
|
||||||
- "23730:22"
|
|
||||||
- "8006:3000"
|
|
||||||
mem_limit: 512m
|
|
|
@ -1,8 +0,0 @@
|
||||||
# Edit most values in gitea_data/gitea/conf/app.ini
|
|
||||||
DOMAIN=git.augendre.info
|
|
||||||
SSH_DOMAIN=git.augendre.info
|
|
||||||
ROOT_URL=https://git.augendre.info/
|
|
||||||
SSH_PORT=23730
|
|
||||||
SSH_LISTEN_PORT=22
|
|
||||||
INSTALL_LOCK=false
|
|
||||||
DISABLE_REGISTRATION=true
|
|
|
@ -1,47 +0,0 @@
|
||||||
"""
|
|
||||||
Very simple HTTP server in python for logging requests
|
|
||||||
Usage::
|
|
||||||
./server.py [<port>]
|
|
||||||
"""
|
|
||||||
from http.server import BaseHTTPRequestHandler, HTTPServer
|
|
||||||
import logging
|
|
||||||
|
|
||||||
class S(BaseHTTPRequestHandler):
|
|
||||||
def _set_response(self):
|
|
||||||
self.send_response(200)
|
|
||||||
self.send_header('Content-type', 'text/html')
|
|
||||||
self.end_headers()
|
|
||||||
|
|
||||||
def do_GET(self):
|
|
||||||
logging.info("GET request,\nPath: %s\nHeaders:\n%s\n", str(self.path), str(self.headers))
|
|
||||||
self._set_response()
|
|
||||||
self.wfile.write("GET request for {}".format(self.path).encode('utf-8'))
|
|
||||||
|
|
||||||
def do_POST(self):
|
|
||||||
content_length = int(self.headers['Content-Length']) # <--- Gets the size of data
|
|
||||||
post_data = self.rfile.read(content_length) # <--- Gets the data itself
|
|
||||||
logging.info("POST request,\nPath: %s\nHeaders:\n%s\n\nBody:\n%s\n",
|
|
||||||
str(self.path), str(self.headers), post_data.decode('utf-8'))
|
|
||||||
|
|
||||||
self._set_response()
|
|
||||||
self.wfile.write("POST request for {}".format(self.path).encode('utf-8'))
|
|
||||||
|
|
||||||
def run(server_class=HTTPServer, handler_class=S, port=8080):
|
|
||||||
logging.basicConfig(level=logging.INFO)
|
|
||||||
server_address = ('', port)
|
|
||||||
httpd = server_class(server_address, handler_class)
|
|
||||||
logging.info('Starting httpd on port %s...\n', port)
|
|
||||||
try:
|
|
||||||
httpd.serve_forever()
|
|
||||||
except KeyboardInterrupt:
|
|
||||||
pass
|
|
||||||
httpd.server_close()
|
|
||||||
logging.info('Stopping httpd...\n')
|
|
||||||
|
|
||||||
if __name__ == '__main__':
|
|
||||||
from sys import argv
|
|
||||||
|
|
||||||
if len(argv) == 2:
|
|
||||||
run(port=int(argv[1]))
|
|
||||||
else:
|
|
||||||
run()
|
|
|
@ -1,10 +0,0 @@
|
||||||
services:
|
|
||||||
app:
|
|
||||||
image: python:3.13-slim
|
|
||||||
command: python /app/app.py
|
|
||||||
volumes:
|
|
||||||
- ./:/app
|
|
||||||
ports:
|
|
||||||
- "9008:8080"
|
|
||||||
init: true
|
|
||||||
tty: true
|
|
|
@ -1,10 +0,0 @@
|
||||||
services:
|
|
||||||
wallabag:
|
|
||||||
image: wallabag/wallabag:latest
|
|
||||||
env_file: wallabag.env
|
|
||||||
restart: always
|
|
||||||
volumes:
|
|
||||||
- ./wallabag_data/data:/var/www/wallabag/data
|
|
||||||
- ./wallabag_data/images:/var/www/wallabag/web/assets/images
|
|
||||||
ports:
|
|
||||||
- "8009:80"
|
|
|
@ -1,53 +0,0 @@
|
||||||
---
|
|
||||||
- name: Ghost update
|
|
||||||
hosts: servers
|
|
||||||
gather_facts: false
|
|
||||||
tasks:
|
|
||||||
- name: Start update on gabnotes.org
|
|
||||||
ansible.builtin.command:
|
|
||||||
chdir: /mnt/data/gabnotes.org
|
|
||||||
cmd: ghost update
|
|
||||||
register: gabnotes_async
|
|
||||||
changed_when: true
|
|
||||||
async: 300
|
|
||||||
poll: 0
|
|
||||||
- name: Start update on voyages-lois.augendre.info
|
|
||||||
ansible.builtin.command:
|
|
||||||
chdir: /mnt/data/voyages-lois.augendre.info
|
|
||||||
cmd: ghost update
|
|
||||||
register: voyages_lois_async
|
|
||||||
changed_when: true
|
|
||||||
async: 300
|
|
||||||
poll: 0
|
|
||||||
- name: Start update on voyages.coccomagnard.fr
|
|
||||||
ansible.builtin.command:
|
|
||||||
chdir: /mnt/data/voyages.coccomagnard.fr
|
|
||||||
cmd: ghost update
|
|
||||||
register: voyages_coccomagnard_async
|
|
||||||
changed_when: true
|
|
||||||
async: 300
|
|
||||||
poll: 0
|
|
||||||
- name: Check gabnotes.org
|
|
||||||
ansible.builtin.async_status:
|
|
||||||
jid: "{{ gabnotes_async.ansible_job_id }}"
|
|
||||||
register: gabnotes
|
|
||||||
until: gabnotes.finished
|
|
||||||
changed_when: '"Restarting Ghost" in gabnotes.stdout'
|
|
||||||
retries: 100
|
|
||||||
delay: 10
|
|
||||||
- name: Check voyages-lois.augendre.info
|
|
||||||
ansible.builtin.async_status:
|
|
||||||
jid: "{{ voyages_lois_async.ansible_job_id }}"
|
|
||||||
register: voyages_lois
|
|
||||||
until: voyages_lois.finished
|
|
||||||
changed_when: '"Restarting Ghost" in voyages_lois.stdout'
|
|
||||||
retries: 100
|
|
||||||
delay: 10
|
|
||||||
- name: Check voyages.coccomagnard.fr
|
|
||||||
ansible.builtin.async_status:
|
|
||||||
jid: "{{ voyages_coccomagnard_async.ansible_job_id }}"
|
|
||||||
register: voyages_coccomagnard
|
|
||||||
until: voyages_coccomagnard.finished
|
|
||||||
changed_when: '"Restarting Ghost" in voyages_coccomagnard.stdout'
|
|
||||||
retries: 100
|
|
||||||
delay: 10
|
|
|
@ -1,86 +0,0 @@
|
||||||
---
|
|
||||||
- name: Setup gitea
|
|
||||||
hosts: servers
|
|
||||||
gather_facts: false
|
|
||||||
tasks:
|
|
||||||
- name: Create dir
|
|
||||||
ansible.builtin.file:
|
|
||||||
path: "{{ dir }}"
|
|
||||||
state: directory
|
|
||||||
mode: "0775"
|
|
||||||
- name: Write env file
|
|
||||||
ansible.builtin.copy:
|
|
||||||
src: files/gitea/gitea.env
|
|
||||||
dest: "{{ dir }}/gitea.env"
|
|
||||||
mode: "0644"
|
|
||||||
- name: Write docker-compose.yaml
|
|
||||||
ansible.builtin.copy:
|
|
||||||
src: files/gitea/docker-compose.yaml
|
|
||||||
dest: "{{ dir }}/docker-compose.yaml"
|
|
||||||
mode: "0644"
|
|
||||||
- name: Write app.ini
|
|
||||||
ansible.builtin.template:
|
|
||||||
src: templates/gitea_app.ini.j2
|
|
||||||
dest: "{{ dir }}/gitea_data/gitea/conf/app.ini"
|
|
||||||
mode: "0600"
|
|
||||||
notify:
|
|
||||||
- Restart service
|
|
||||||
- name: Ensure service is started
|
|
||||||
community.docker.docker_compose_v2:
|
|
||||||
project_src: "{{ dir }}"
|
|
||||||
state: present
|
|
||||||
|
|
||||||
handlers:
|
|
||||||
- name: Restart service
|
|
||||||
community.docker.docker_compose_v2:
|
|
||||||
project_src: "{{ dir }}"
|
|
||||||
state: restarted
|
|
||||||
|
|
||||||
vars:
|
|
||||||
dir: /mnt/data/git
|
|
||||||
lfs_jwt_secret: !vault |
|
|
||||||
$ANSIBLE_VAULT;1.1;AES256
|
|
||||||
34656631616165623233353835386162343837363230366136303764613334323262313233616462
|
|
||||||
6431363965646135343161373039333130666663613765660a343734656332323730633165376166
|
|
||||||
66323834326263336265303864653036343262336262376433373163666339666236363438363031
|
|
||||||
3632323362336433360a643537613336353434323631366262613839333931666435333563653737
|
|
||||||
62303161393435653735326338623162383432663964333436373539663434363737386161636535
|
|
||||||
3032313433633635636136656434626163393734306563333631
|
|
||||||
secret_key: !vault |
|
|
||||||
$ANSIBLE_VAULT;1.1;AES256
|
|
||||||
35323938623166653161316430346664643063363366656461623333373764626439336335383538
|
|
||||||
6664346231326137313863623966343438333662383139360a373762346438636630363833653330
|
|
||||||
38323532663435643666306563353632653832366635626664373534383633346662353165363235
|
|
||||||
6263633436663661610a653335653730613832373836616231383135316262383438633938353133
|
|
||||||
34633231636331353864346637326535656538666662643965366232666265333332666362323034
|
|
||||||
65363435623366303937353337303131663138303935333562626461643332383434376364376537
|
|
||||||
66666436333261326336666130373934323138623233383038343563353132326231623264313565
|
|
||||||
32376463353631616234
|
|
||||||
internal_token: !vault |
|
|
||||||
$ANSIBLE_VAULT;1.1;AES256
|
|
||||||
30666238373766633735626466393534646138616139326533363561373331653730663731626338
|
|
||||||
6139323230353139383638326639646534383463636266650a633737366632636262323938643531
|
|
||||||
33386236643234303365326430326436653830363561373334633461306161666439653833386432
|
|
||||||
6537343332313535340a643638346563663966383862646433636531316433343234356262653766
|
|
||||||
37356233323165633565636137653865373835663234343363313966346138636439303761646534
|
|
||||||
36393633636433376231353364386164336566386161376337366336396566333332623430646261
|
|
||||||
65663964383262633037663330646161663236613038626531636237376661633037313566366439
|
|
||||||
35643362653637663662666663393035653765306262376365386437393537623037633365333236
|
|
||||||
32303261313264363232643834313166656137316635356436343566343962663630
|
|
||||||
oauth_jwt_secret: !vault |
|
|
||||||
$ANSIBLE_VAULT;1.1;AES256
|
|
||||||
66646361313538383161633932643062633336333436376564383836363762303738336638373865
|
|
||||||
6161326465386466326366383766633338623934396464610a643337363439663833363139366564
|
|
||||||
35316562643431616637623432363636623238303637366162393434346366393166313334653932
|
|
||||||
3637303230323733340a353038376631613238393363396363646339393961353430663561353831
|
|
||||||
32333435633565323064616463333863373132313164386462333934303434356334643938623334
|
|
||||||
3037366532373130393236666534653132343335366335633635
|
|
||||||
mailgun_key: !vault |
|
|
||||||
$ANSIBLE_VAULT;1.1;AES256
|
|
||||||
65363934663231343630323139393839383161333562376630653363646630393265326134646463
|
|
||||||
3735363064643138333332623736326638396332323664630a663230363230333138373430316361
|
|
||||||
35326166663361666437346631626235393133633833336166393366383832363466336635646237
|
|
||||||
6432653738303864300a623266363661616434393964333464366264326266356466646664363531
|
|
||||||
63666633376563316336326231313533343065376537313437393830633962313964613336323566
|
|
||||||
61393561333264366332353838326265343039653165393964313036626563626439616666343436
|
|
||||||
666235313435363835333664376237336439
|
|
|
@ -1,65 +1,57 @@
|
||||||
---
|
- name: goatcounter
|
||||||
- name: Goatcounter
|
|
||||||
hosts: servers
|
hosts: servers
|
||||||
gather_facts: false
|
|
||||||
tasks:
|
tasks:
|
||||||
- name: Get latest release
|
- name: get latest release
|
||||||
community.general.github_release:
|
github_release:
|
||||||
action: latest_release
|
action: latest_release
|
||||||
user: arp242
|
user: arp242
|
||||||
repo: goatcounter
|
repo: goatcounter
|
||||||
register: release
|
register: release
|
||||||
- name: Print release
|
- name: print release
|
||||||
ansible.builtin.debug:
|
ansible.builtin.debug:
|
||||||
var: release.tag
|
var: release.tag
|
||||||
- name: Download binary
|
- name: download binary
|
||||||
ansible.builtin.get_url:
|
get_url:
|
||||||
url: https://github.com/arp242/goatcounter/releases/download/{{ release.tag }}/goatcounter-{{ release.tag }}-linux-amd64.gz
|
url: https://github.com/arp242/goatcounter/releases/download/{{release.tag}}/goatcounter-{{release.tag}}-linux-amd64.gz
|
||||||
dest: "{{ base_dir }}/goatcounter-{{ release.tag }}.gz"
|
dest: "{{base_dir}}/goatcounter-{{release.tag}}.gz"
|
||||||
mode: "0644"
|
- name: uncompress
|
||||||
owner: gaugendre
|
command: gunzip {{base_dir}}/goatcounter-{{release.tag}}.gz
|
||||||
group: gaugendre
|
|
||||||
- name: Uncompress
|
|
||||||
ansible.builtin.command: gunzip {{ base_dir }}/goatcounter-{{ release.tag }}.gz
|
|
||||||
args:
|
args:
|
||||||
creates: "{{ base_dir }}/goatcounter-{{ release.tag }}"
|
creates: "{{base_dir}}/goatcounter-{{release.tag}}"
|
||||||
- name: Make executable
|
- name: make executable
|
||||||
ansible.builtin.file:
|
file:
|
||||||
path: "{{ base_dir }}/goatcounter-{{ release.tag }}"
|
path: "{{base_dir}}/goatcounter-{{release.tag}}"
|
||||||
mode: "0775"
|
mode: '0775'
|
||||||
- name: Symlink
|
- name: symlink
|
||||||
ansible.builtin.file:
|
file:
|
||||||
src: "{{ base_dir }}/goatcounter-{{ release.tag }}"
|
src: "{{base_dir}}/goatcounter-{{release.tag}}"
|
||||||
dest: "{{ base_dir }}/goatcounter"
|
dest: "{{base_dir}}/goatcounter"
|
||||||
state: link
|
state: link
|
||||||
- name: Write service unit file
|
- name: write service unit file
|
||||||
become: true
|
become: true
|
||||||
ansible.builtin.template:
|
template:
|
||||||
src: templates/goatcounter.service.j2
|
src: ../../templates/goatcounter.service.j2
|
||||||
dest: /etc/systemd/system/goatcounter.service
|
dest: /etc/systemd/system/goatcounter.service
|
||||||
mode: "0644"
|
|
||||||
owner: root
|
|
||||||
group: root
|
|
||||||
notify:
|
notify:
|
||||||
- Daemon-reload
|
- daemon-reload
|
||||||
- Restart service
|
- restart goatcounter
|
||||||
- name: Flush handlers
|
- name: flush handlers
|
||||||
ansible.builtin.meta: flush_handlers
|
meta: flush_handlers
|
||||||
- name: Ensure service is running
|
- name: ensure service is running
|
||||||
become: true
|
become: true
|
||||||
ansible.builtin.service:
|
service:
|
||||||
name: goatcounter
|
name: goatcounter
|
||||||
state: started
|
state: started
|
||||||
enabled: true
|
enabled: true
|
||||||
|
|
||||||
handlers:
|
handlers:
|
||||||
- name: Daemon-reload
|
- name: daemon-reload
|
||||||
become: true
|
become: true
|
||||||
ansible.builtin.systemd:
|
systemd:
|
||||||
daemon_reload: true
|
daemon_reload: true
|
||||||
- name: Restart service
|
- name: restart service
|
||||||
become: true
|
become: true
|
||||||
ansible.builtin.service:
|
service:
|
||||||
name: goatcounter
|
name: goatcounter
|
||||||
state: restarted
|
state: restarted
|
||||||
|
|
||||||
|
@ -74,4 +66,4 @@
|
||||||
3662343162643033380a326161313036643835636562636165356464393236303533303435353365
|
3662343162643033380a326161313036643835636562636165356464393236303533303435353365
|
||||||
36336163313338346235396565363631366564393562326536353262363637653432643830663532
|
36336163313338346235396565363631366564393562326536353262363637653432643830663532
|
||||||
30356133383335653330613965623261323531613131663437363430636565393262353565326132
|
30356133383335653330613965623261323531613131663437363430636565393262353565326132
|
||||||
323830313235313462633335333763363161
|
323830313235313462633335333763363161
|
|
@ -1,36 +1,31 @@
|
||||||
---
|
- name: lyon-transports
|
||||||
- name: Lyon-transports
|
|
||||||
hosts: servers
|
hosts: servers
|
||||||
gather_facts: false
|
|
||||||
tasks:
|
tasks:
|
||||||
- name: Write service file
|
- name: write service file
|
||||||
become: true
|
become: true
|
||||||
ansible.builtin.template:
|
template:
|
||||||
src: templates/lyon-transports.service.j2
|
src: ../../templates/lyon-transports.service.j2
|
||||||
dest: /etc/systemd/system/lyon-transports.service
|
dest: /etc/systemd/system/lyon-transports.service
|
||||||
mode: "0644"
|
|
||||||
owner: root
|
|
||||||
group: root
|
|
||||||
notify:
|
notify:
|
||||||
- Reload daemon
|
- daemon-reload
|
||||||
- Restart service
|
- restart lyon-transports
|
||||||
- name: Flush handlers
|
- name: flush handlers
|
||||||
ansible.builtin.meta: flush_handlers
|
meta: flush_handlers
|
||||||
- name: Ensure service is running
|
- name: ensure service is running
|
||||||
become: true
|
become: true
|
||||||
ansible.builtin.service:
|
service:
|
||||||
name: lyon-transports
|
name: lyon-transports
|
||||||
state: started
|
state: started
|
||||||
enabled: true
|
enabled: true
|
||||||
|
|
||||||
handlers:
|
handlers:
|
||||||
- name: Reload daemon
|
- name: daemon-reload
|
||||||
become: true
|
become: true
|
||||||
ansible.builtin.systemd:
|
systemd:
|
||||||
daemon_reload: true
|
daemon_reload: true
|
||||||
- name: Restart service
|
- name: restart service
|
||||||
become: true
|
become: true
|
||||||
ansible.builtin.service:
|
service:
|
||||||
name: lyon-transports
|
name: lyon-transports
|
||||||
state: restarted
|
state: restarted
|
||||||
|
|
||||||
|
|
|
@ -1,110 +0,0 @@
|
||||||
APP_NAME = Gitea: Git with a cup of tea
|
|
||||||
RUN_MODE = prod
|
|
||||||
RUN_USER = git
|
|
||||||
WORK_PATH = /data/gitea
|
|
||||||
|
|
||||||
[repository]
|
|
||||||
ROOT = /data/git/repositories
|
|
||||||
ENABLE_PUSH_CREATE_USER = true
|
|
||||||
ENABLE_PUSH_CREATE_ORG = true
|
|
||||||
MAX_CREATION_LIMIT = 0
|
|
||||||
|
|
||||||
[repository.local]
|
|
||||||
LOCAL_COPY_PATH = /data/gitea/tmp/local-repo
|
|
||||||
|
|
||||||
[repository.upload]
|
|
||||||
TEMP_PATH = /data/gitea/uploads
|
|
||||||
|
|
||||||
[server]
|
|
||||||
APP_DATA_PATH = /data/gitea
|
|
||||||
DOMAIN = git.augendre.info
|
|
||||||
SSH_DOMAIN = git.augendre.info
|
|
||||||
HTTP_PORT = 3000
|
|
||||||
ROOT_URL = https://git.augendre.info/
|
|
||||||
DISABLE_SSH = false
|
|
||||||
SSH_PORT = 23730
|
|
||||||
SSH_LISTEN_PORT = 22
|
|
||||||
LFS_START_SERVER = true
|
|
||||||
LFS_JWT_SECRET = {{ lfs_jwt_secret }}
|
|
||||||
OFFLINE_MODE = true
|
|
||||||
LANDING_PAGE = explore
|
|
||||||
|
|
||||||
[lfs]
|
|
||||||
PATH = /data/git/lfs
|
|
||||||
|
|
||||||
[database]
|
|
||||||
PATH = /data/gitea/gitea.db
|
|
||||||
DB_TYPE = sqlite3
|
|
||||||
HOST = localhost:3306
|
|
||||||
NAME = gitea
|
|
||||||
USER = root
|
|
||||||
PASSWD =
|
|
||||||
LOG_SQL = false
|
|
||||||
SCHEMA =
|
|
||||||
SSL_MODE = disable
|
|
||||||
CHARSET = utf8
|
|
||||||
|
|
||||||
[indexer]
|
|
||||||
ISSUE_INDEXER_PATH = /data/gitea/indexers/issues.bleve
|
|
||||||
|
|
||||||
[session]
|
|
||||||
PROVIDER_CONFIG = /data/gitea/sessions
|
|
||||||
PROVIDER = file
|
|
||||||
|
|
||||||
[picture]
|
|
||||||
AVATAR_UPLOAD_PATH = /data/gitea/avatars
|
|
||||||
REPOSITORY_AVATAR_UPLOAD_PATH = /data/gitea/repo-avatars
|
|
||||||
DISABLE_GRAVATAR = true
|
|
||||||
ENABLE_FEDERATED_AVATAR = false
|
|
||||||
|
|
||||||
[attachment]
|
|
||||||
PATH = /data/gitea/attachments
|
|
||||||
MAX_SIZE = 10
|
|
||||||
MAX_FILES = 50
|
|
||||||
|
|
||||||
[log]
|
|
||||||
ROOT_PATH = /data/gitea/log
|
|
||||||
MODE = console
|
|
||||||
LEVEL = Info
|
|
||||||
|
|
||||||
[security]
|
|
||||||
INSTALL_LOCK = true
|
|
||||||
SECRET_KEY = {{ secret_key }}
|
|
||||||
INTERNAL_TOKEN = {{ internal_token }}
|
|
||||||
|
|
||||||
[service]
|
|
||||||
DISABLE_REGISTRATION = true
|
|
||||||
REQUIRE_SIGNIN_VIEW = false
|
|
||||||
REGISTER_EMAIL_CONFIRM = true
|
|
||||||
ENABLE_NOTIFY_MAIL = true
|
|
||||||
ALLOW_ONLY_EXTERNAL_REGISTRATION = false
|
|
||||||
ENABLE_CAPTCHA = true
|
|
||||||
DEFAULT_KEEP_EMAIL_PRIVATE = false
|
|
||||||
DEFAULT_ALLOW_CREATE_ORGANIZATION = false
|
|
||||||
DEFAULT_ENABLE_TIMETRACKING = false
|
|
||||||
NO_REPLY_ADDRESS = noreply-git.augendre.info
|
|
||||||
|
|
||||||
[oauth2]
|
|
||||||
JWT_SECRET = {{ oauth_jwt_secret }}
|
|
||||||
|
|
||||||
[mailer]
|
|
||||||
ENABLED = true
|
|
||||||
SMTP_ADDR = smtp.mailgun.org
|
|
||||||
SMTP_PORT = 587
|
|
||||||
FROM = Gitea <git@mg.augendre.info>
|
|
||||||
USER = git@mg.augendre.info
|
|
||||||
PASSWD = {{ mailgun_key }}
|
|
||||||
|
|
||||||
[openid]
|
|
||||||
ENABLE_OPENID_SIGNIN = false
|
|
||||||
ENABLE_OPENID_SIGNUP = false
|
|
||||||
|
|
||||||
[cron.delete_old_actions]
|
|
||||||
ENABLED = true
|
|
||||||
|
|
||||||
[cron.delete_old_system_notices]
|
|
||||||
ENABLED = true
|
|
||||||
|
|
||||||
[cron.delete_inactive_accounts]
|
|
||||||
ENABLED = true
|
|
||||||
SCHEDULE = @monthly
|
|
|
@ -1,10 +0,0 @@
|
||||||
SYMFONY__ENV__SECRET={{ secret_key }}
|
|
||||||
SYMFONY__ENV__LOCALE=en
|
|
||||||
SYMFONY__ENV__MAILER_HOST=smtp.mailgun.org
|
|
||||||
SYMFONY__ENV__MAILER_USER=wallabag@mg.augendre.info
|
|
||||||
SYMFONY__ENV__MAILER_PASSWORD={{ mailgun_api_key }}
|
|
||||||
SYMFONY__ENV__MAILER_PORT=587
|
|
||||||
SYMFONY__ENV__FROM_EMAIL=wallabag@mg.augendre.info
|
|
||||||
SYMFONY__ENV__FOSUSER_REGISTRATION=false
|
|
||||||
#SYMFONY__ENV__FOSUSER_CONFIRMATION=
|
|
||||||
SYMFONY__ENV__DOMAIN_NAME=https://wallabag.augendre.info
|
|
|
@ -1,37 +0,0 @@
|
||||||
---
|
|
||||||
- name: Setup test_headers
|
|
||||||
hosts: servers
|
|
||||||
gather_facts: false
|
|
||||||
tasks:
|
|
||||||
- name: Create dir
|
|
||||||
ansible.builtin.file:
|
|
||||||
path: "{{ dir }}"
|
|
||||||
state: directory
|
|
||||||
mode: "0775"
|
|
||||||
- name: Write app.py
|
|
||||||
ansible.builtin.copy:
|
|
||||||
src: files/test_headers/app.py
|
|
||||||
dest: "{{ dir }}/app.py"
|
|
||||||
mode: "0644"
|
|
||||||
owner: gaugendre
|
|
||||||
group: gaugendre
|
|
||||||
notify:
|
|
||||||
- Restart service
|
|
||||||
- name: Write docker-compose.yaml
|
|
||||||
ansible.builtin.copy:
|
|
||||||
src: files/test_headers/docker-compose.yaml
|
|
||||||
dest: "{{ dir }}/docker-compose.yaml"
|
|
||||||
mode: "0644"
|
|
||||||
owner: gaugendre
|
|
||||||
group: gaugendre
|
|
||||||
- name: Ensure service is started
|
|
||||||
community.docker.docker_compose_v2:
|
|
||||||
project_src: "{{ dir }}"
|
|
||||||
state: present
|
|
||||||
handlers:
|
|
||||||
- name: Restart service
|
|
||||||
community.docker.docker_compose_v2:
|
|
||||||
project_src: "{{ dir }}"
|
|
||||||
state: restarted
|
|
||||||
vars:
|
|
||||||
dir: /mnt/data/test_headers
|
|
|
@ -1,44 +0,0 @@
|
||||||
---
|
|
||||||
- name: Setup wallabag
|
|
||||||
hosts: servers
|
|
||||||
gather_facts: false
|
|
||||||
tasks:
|
|
||||||
- name: Create dir
|
|
||||||
ansible.builtin.file:
|
|
||||||
path: "{{ dir }}"
|
|
||||||
state: directory
|
|
||||||
mode: "0775"
|
|
||||||
- name: Write env file
|
|
||||||
ansible.builtin.template:
|
|
||||||
src: templates/wallabag.env.j2
|
|
||||||
dest: "{{ dir }}/wallabag.env"
|
|
||||||
mode: "0644"
|
|
||||||
- name: Write docker-compose.yaml
|
|
||||||
ansible.builtin.copy:
|
|
||||||
src: files/wallabag-docker-compose.yaml
|
|
||||||
dest: "{{ dir }}/docker-compose.yaml"
|
|
||||||
mode: "0644"
|
|
||||||
- name: Ensure service is started
|
|
||||||
community.docker.docker_compose_v2:
|
|
||||||
project_src: "{{ dir }}"
|
|
||||||
state: present
|
|
||||||
vars:
|
|
||||||
dir: /mnt/data/wallabag
|
|
||||||
secret_key: !vault |
|
|
||||||
$ANSIBLE_VAULT;1.1;AES256
|
|
||||||
31346432623062383331306633383230376264326530643236393838356166346563653637376666
|
|
||||||
6164636662643832383639346638376534353339356161300a636132376531333539323066666334
|
|
||||||
38663566633337343164316239613239656662623437373234366135366134646665343134656566
|
|
||||||
3933313933323732350a623262383864343331363138353335663333626537366563663234363833
|
|
||||||
36613166343664386362626631623061613536616663616431353066633531643736343236333435
|
|
||||||
31613930633837396237633732353266656533373739613031326137656430633036356565376238
|
|
||||||
653264666166386662643966383234323133
|
|
||||||
mailgun_api_key: !vault |
|
|
||||||
$ANSIBLE_VAULT;1.1;AES256
|
|
||||||
38643731363932383630346636353230626563376532316539346231376337636538326233663738
|
|
||||||
3237623235666635656566376364343063316661646161660a636366306562353361313930383136
|
|
||||||
34343938663832646631373830373539356236313132333039393236393539613938343339313066
|
|
||||||
6331656438666366330a353538393238353438643330356665373635373465643161333137386130
|
|
||||||
34316164613965663930303265353964666338326437386362326639656264653238326463613430
|
|
||||||
63326533386332313965343064323466653961643939656566343635366231386463323534303464
|
|
||||||
353966343531346266356462396433373164
|
|
|
@ -1,9 +1,7 @@
|
||||||
---
|
- name: clean ansible venv
|
||||||
- name: Clean ansible venv
|
|
||||||
hosts: servers
|
hosts: servers
|
||||||
gather_facts: false
|
|
||||||
tasks:
|
tasks:
|
||||||
- name: Remove virtualenv
|
- name: remove virtualenv
|
||||||
ansible.builtin.file:
|
file:
|
||||||
path: /tmp/ansible
|
path: /tmp/ansible
|
||||||
state: absent
|
state: absent
|
||||||
|
|
|
@ -1,20 +1,18 @@
|
||||||
---
|
- name: setup ansible python dependencies
|
||||||
- name: Setup ansible python dependencies
|
|
||||||
hosts: servers
|
hosts: servers
|
||||||
gather_facts: false
|
|
||||||
tasks:
|
tasks:
|
||||||
- name: Install system deps
|
- name: install system deps
|
||||||
become: true
|
become: true
|
||||||
ansible.builtin.apt:
|
apt:
|
||||||
pkg:
|
pkg:
|
||||||
- python3-venv
|
- python3-venv
|
||||||
- name: Setup venv
|
- name: setup venv
|
||||||
ansible.builtin.shell: |
|
shell: |
|
||||||
if [ -x /tmp/ansible/bin/python ]; then exit 123; fi
|
if [ -x /tmp/ansible/bin/python ]; then exit 123; fi
|
||||||
/usr/bin/python3 -m venv /tmp/ansible
|
/usr/bin/python3 -m venv /tmp/ansible
|
||||||
/tmp/ansible/bin/pip install --upgrade 'github3.py >= 1.0.0a3'
|
/tmp/ansible/bin/pip install --upgrade 'github3.py >= 1.0.0a3'
|
||||||
args:
|
args:
|
||||||
executable: /bin/bash
|
executable: /bin/bash
|
||||||
register: venv
|
register: venv
|
||||||
changed_when: venv.rc != 123
|
changed_when: "venv.rc != 123"
|
||||||
failed_when: venv.rc != 0 and venv.rc != 123
|
failed_when: "venv.rc != 0 and venv.rc != 123"
|
||||||
|
|
|
@ -1,36 +0,0 @@
|
||||||
---
|
|
||||||
- name: Setup caddy
|
|
||||||
hosts: servers
|
|
||||||
gather_facts: false
|
|
||||||
become: true
|
|
||||||
tasks:
|
|
||||||
- name: Install system deps
|
|
||||||
ansible.builtin.apt:
|
|
||||||
pkg:
|
|
||||||
- debian-keyring
|
|
||||||
- debian-archive-keyring
|
|
||||||
- apt-transport-https
|
|
||||||
- gnupg2
|
|
||||||
- curl
|
|
||||||
state: present
|
|
||||||
- name: Add caddy repository
|
|
||||||
ansible.builtin.deb822_repository:
|
|
||||||
name: caddy
|
|
||||||
uris: https://dl.cloudsmith.io/public/caddy/stable/deb/debian
|
|
||||||
signed_by: https://dl.cloudsmith.io/public/caddy/stable/gpg.key
|
|
||||||
components: main
|
|
||||||
suites: any-version
|
|
||||||
types: [deb]
|
|
||||||
state: present
|
|
||||||
enabled: true
|
|
||||||
- name: Install caddy
|
|
||||||
ansible.builtin.apt:
|
|
||||||
update_cache: true
|
|
||||||
name: caddy
|
|
||||||
state: present
|
|
||||||
notify: Restart caddy
|
|
||||||
handlers:
|
|
||||||
- name: Restart caddy
|
|
||||||
ansible.builtin.service:
|
|
||||||
name: caddy
|
|
||||||
state: restarted
|
|
|
@ -1,11 +1,9 @@
|
||||||
---
|
- name: system update
|
||||||
- name: Update system
|
|
||||||
hosts: servers
|
hosts: servers
|
||||||
gather_facts: false
|
|
||||||
become: true
|
become: true
|
||||||
tasks:
|
tasks:
|
||||||
- name: Update packages
|
- name: packages update
|
||||||
ansible.builtin.apt:
|
apt:
|
||||||
upgrade: true
|
upgrade: yes
|
||||||
update_cache: true
|
update_cache: yes
|
||||||
cache_valid_time: 86400
|
cache_valid_time: 86400
|
||||||
|
|
|
@ -3,7 +3,7 @@ Description=Goatcounter
|
||||||
After=network.target
|
After=network.target
|
||||||
|
|
||||||
[Service]
|
[Service]
|
||||||
ExecStart={{base_dir}}/goatcounter serve -listen *:8005 -tls http -smtp smtps://goatcounter%%40mg.augendre.info:{{gc_mailgun_api_key}}@smtp.mailgun.org:587 -email-from goatcounter@mg.augendre.info -automigrate -db sqlite+{{base_dir}}/db/goatcounter.sqlite3
|
ExecStart={{base_dir}}/goatcounter serve -listen *:8081 -tls http -smtp smtps://goatcounter%%40mg.augendre.info:{{gc_mailgun_api_key}}@smtp.mailgun.org:587 -email-from goatcounter@mg.augendre.info -automigrate -db sqlite+{{base_dir}}/db/goatcounter.sqlite3
|
||||||
Type=simple
|
Type=simple
|
||||||
Restart=always
|
Restart=always
|
||||||
User=gaugendre
|
User=gaugendre
|
|
@ -3,7 +3,7 @@ Description=Lyon transports API
|
||||||
After=network.target
|
After=network.target
|
||||||
|
|
||||||
[Service]
|
[Service]
|
||||||
ExecStart=/mnt/data/lyon-transports/lyon-transports-linux-amd64 --host 0.0.0.0 --port 8013 -u {{ lyon_transports_username }} -p {{ lyon_transports_password }} --cors-allowed-origin https://display.augendre.info
|
ExecStart=/mnt/data/lyon-transports/lyon-transports-linux-amd64 --host 0.0.0.0 -u {{ lyon_transports_username }} -p {{ lyon_transports_password }} --cors-allowed-origin https://display.augendre.info
|
||||||
Type=simple
|
Type=simple
|
||||||
Restart=always
|
Restart=always
|
||||||
User=gaugendre
|
User=gaugendre
|
Loading…
Reference in a new issue