kadet.net/servers
1
0
Fork 0
Code Releases Activity

Compare commits

base: kadet.net:7f165dd1ad2fe70fd920b7b8c37409ba04fa9d2f
Branches Tags
kadet.net:master
kadet.net:feature/mgmt-server
..
compare: kadet.net:0a01fa3c6dc361f248337fdee8bcb39d43a784ef
Branches Tags
kadet.net:master
kadet.net:feature/mgmt-server

No commits in common. "7f165dd1ad2fe70fd920b7b8c37409ba04fa9d2f" and "0a01fa3c6dc361f248337fdee8bcb39d43a784ef" have entirely different histories.
7f165dd1ad ... 0a01fa3c6d

10 changed files with 121 additions and 175 deletions
Show Stats Expand all files Collapse all files

7
main.yaml
View File

@ -1,10 +1,9 @@
--- ---
- hosts: all - hosts: all
become: yes become: yes
name: Setup server
- name: Setup server
import_playbook: setup.yaml import_playbook: setup.yaml
- hosts: all - name: Deploy services
become: yes
name: Deploy services
import_playbook: deploy.yaml import_playbook: deploy.yaml

1
ping.yaml
View File

@ -1,4 +1,3 @@
---
- hosts: - hosts:
- all - all
tasks: tasks:

6
services/traefik/config/traefik.yaml
View File

@ -79,9 +79,3 @@ certificatesResolvers:
storage: "/etc/traefik/acme/lets-encrypt.json" storage: "/etc/traefik/acme/lets-encrypt.json"
dnsChallenge: dnsChallenge:
provider: ovh provider: ovh
lets-encrypt-tls:
acme:
caServer: "{{ lets_encrypt_url|default('https://acme-v02.api.letsencrypt.org/directory') }}"
email: "kacper@kadet.net"
storage: "/etc/traefik/acme/lets-encrypt-tls.json"
tlsChallenge: {}

27
services/wipe/stack.yml
View File

@ -25,31 +25,31 @@ services:
pod.component.fpm: | pod.component.fpm: |
image: registry.kadet.net/wipe/php-fpm:{{ wipe_version }} image: registry.kadet.net/wipe/php-fpm:{{ wipe_version }}
volumes: volumes:
- {{ service }}-www-data:/var/www - www-data:/var/www
- {{ service }}-storage-data:/var/www/storage - storage-data:/var/www/storage
pod.component.nginx: | pod.component.nginx: |
image: nginx:latest image: nginx:latest
volumes: volumes:
- {{ service }}-www-data:/var/www - www-data:/var/www
- {{ service }}-storage-data:/var/www/storage - storage-data:/var/www/storage
- {{ service }}-nginx-config:/etc/nginx/templates - nginx-config:/etc/nginx/templates
pod.copy.fpm: /var/conf/wipe/.env:/var/www/.env pod.copy.fpm: /var/conf/wipe/.env:/var/www/.env
pod.init.components: | pod.init.components: |
- image: registry.kadet.net/wipe/php-fpm:{{ wipe_version }} - image: registry.kadet.net/wipe/php-fpm:{{ wipe_version }}
entrypoint: ["/bin/sh", "-c"] entrypoint: ["/bin/sh", "-c"]
command: ["cp -r /var/www/* /mnt/www"] command: ["cp -r /var/www/* /mnt/www"]
volumes: volumes:
- {{ service }}-www-data:/mnt/www - www-data:/mnt/www
- image: registry.kadet.net/wipe/php-fpm:{{ wipe_version }} - image: registry.kadet.net/wipe/php-fpm:{{ wipe_version }}
entrypoint: ["/bin/sh", "-c"] entrypoint: ["/bin/sh", "-c"]
command: ["cp -rnp /var/www/storage/* /mnt/storage"] command: ["cp -rnp /var/www/storage/* /mnt/storage"]
volumes: volumes:
- {{ service }}-storage-data:/mnt/storage - storage-data:/mnt/storage
- image: registry.kadet.net/wipe/php-fpm:{{ wipe_version }} - image: registry.kadet.net/wipe/php-fpm:{{ wipe_version }}
entrypoint: ["/bin/sh", "-c"] entrypoint: ["/bin/sh", "-c"]
command: ["cp -r /var/www/nginx/* /mnt/config"] command: ["cp -r /var/www/nginx/* /mnt/config"]
volumes: volumes:
- {{ service }}-nginx-config:/mnt/config - nginx-config:/mnt/config
configs: configs:
- source: dotenv_{{ dotenv_file.checksum }} - source: dotenv_{{ dotenv_file.checksum }}
target: /var/conf/wipe/.env target: /var/conf/wipe/.env
@ -73,13 +73,14 @@ configs:
volumes: volumes:
nginx-config: nginx-config:
name: '{{ service }}-{{ "nginx-config.{{.Task.ID}}" }}' name: '{{ "nginx-config.{{.Task.ID}}" }}'
labels: labels:
com.github.rycus86.podlike.volume-ref: "{{ service }}-nginx-config" com.github.rycus86.podlike.volume-ref: nginx-config
www-data: www-data:
name: '{{ service }}-{{ "www-data.{{.Task.ID}}" }}' name: '{{ "www-data.{{.Task.ID}}" }}'
labels: labels:
com.github.rycus86.podlike.volume-ref: "{{ service }}-www-data" com.github.rycus86.podlike.volume-ref: www-data
storage-data: storage-data:
name: '{{ "www-data.{{.Task.ID}}" }}'
labels: labels:
com.github.rycus86.podlike.volume-ref: "{{ service }}-storage-data" com.github.rycus86.podlike.volume-ref: storage-data

24
services/wordpress/stack.yml
View File

@ -1,24 +0,0 @@
version: "{{ compose_version }}"
services:
wordpress:
image: wordpress
networks: ["{{ ingress_network }}", "default"]
environment:
WORDPRESS_DB_HOST: "{{ database_mysql_host }}"
WORDPRESS_DB_USER: "{{ wordpress_db_user }}"
WORDPRESS_DB_PASSWORD: "{{ wordpress_db_pass }}"
WORDPRESS_DB_NAME: "{{ wordpress_db_name }}"
volumes:
- wordpress_data:/var/www/html
deploy:
labels:
- traefik.enable=true
- traefik.http.routers.{{ service }}.rule={{ traefik_routing_rule }}
- traefik.http.routers.{{ service }}.tls=true
- traefik.http.routers.{{ service }}.tls.certresolver=lets-encrypt
- traefik.http.routers.{{ service }}.middlewares=gzip@file
- traefik.http.services.{{ service }}.loadbalancer.server.port=80
volumes:
wordpress_data: ~

2
services/wordpress/vars/defaults.yaml
View File

@ -1,2 +0,0 @@
---
wordpress_db_pass: "{{ mysql_user_passwords[wordpress_db_user] }}"

2
setup.yaml
View File

@ -18,7 +18,7 @@
user: user:
user: "{{ ansible_user }}" user: "{{ ansible_user }}"
groups: docker groups: docker
append: true append: yes
- name: "Add acl package" - name: "Add acl package"
apt: apt:

27
vars/databases.yml
View File

@ -15,12 +15,11 @@ mysql_databases:
- name: shitcode - name: shitcode
- name: cojedzie-next - name: cojedzie-next
- name: cojedzie - name: cojedzie
- name: marcelchefmonsieur
mysql_users: mysql_users:
- name: gitea - name: gitea
priv: gitea.*:ALL priv: gitea.*:ALL
host: "172.%" host: '172.%'
password: !vault | password: !vault |
$ANSIBLE_VAULT;1.1;AES256 $ANSIBLE_VAULT;1.1;AES256
30636438636462653666616466313837303063666463656462383737326662636231393933353735 30636438636462653666616466313837303063666463656462383737326662636231393933353735
@ -30,7 +29,7 @@ mysql_users:
35356139353564373630363838393166316339616434306461396238626361653638 35356139353564373630363838393166316339616434306461396238626361653638
- name: keylighter - name: keylighter
priv: keylighter.*:ALL priv: keylighter.*:ALL
host: "172.%" host: '172.%'
password: !vault | password: !vault |
$ANSIBLE_VAULT;1.1;AES256 $ANSIBLE_VAULT;1.1;AES256
63656537653463313639373130666537373365393866623031616265643762353739643965326132 63656537653463313639373130666537373365393866623031616265643762353739643965326132
@ -40,7 +39,7 @@ mysql_users:
36613162336666323933333833643838373465333764643134663631333631383231 36613162336666323933333833643838373465333764643134663631333631383231
- name: shitcode - name: shitcode
priv: shitcode.*:ALL priv: shitcode.*:ALL
host: "172.%" host: '172.%'
password: !vault | password: !vault |
$ANSIBLE_VAULT;1.1;AES256 $ANSIBLE_VAULT;1.1;AES256
39306237636162363632396565633635373166333732333139343036666434303938613038646665 39306237636162363632396565633635373166333732333139343036666434303938613038646665
@ -50,7 +49,7 @@ mysql_users:
65396634613136306630643964386637653936346236386333323262363430303261 65396634613136306630643964386637653936346236386333323262363430303261
- name: wipe-stg - name: wipe-stg
priv: wipe-stg.*:ALL priv: wipe-stg.*:ALL
host: "172.%" host: '172.%'
password: !vault | password: !vault |
$ANSIBLE_VAULT;1.1;AES256 $ANSIBLE_VAULT;1.1;AES256
32316135383561636662333363393635373537616138306538616335393032303962333031346137 32316135383561636662333363393635373537616138306538616335393032303962333031346137
@ -61,7 +60,7 @@ mysql_users:
3863336164663865636633396361353133353238313262313934 3863336164663865636633396361353133353238313262313934
- name: wipe - name: wipe
priv: wipe.*:ALL priv: wipe.*:ALL
host: "172.%" host: '172.%'
password: !vault | password: !vault |
$ANSIBLE_VAULT;1.1;AES256 $ANSIBLE_VAULT;1.1;AES256
63313762333536383933373232616461356632373963666438333339626434303661313131383061 63313762333536383933373232616461356632373963666438333339626434303661313131383061
@ -71,7 +70,7 @@ mysql_users:
63323630626239396263626536306632356635373535366335666265396630353430 63323630626239396263626536306632356635373535366335666265396630353430
- name: cojedzie-next - name: cojedzie-next
priv: cojedzie-next.*:ALL priv: cojedzie-next.*:ALL
host: "172.%" host: '172.%'
password: !vault | password: !vault |
$ANSIBLE_VAULT;1.1;AES256 $ANSIBLE_VAULT;1.1;AES256
35346533366533313962656662613965626139646164656536616361353137386137353962616137 35346533366533313962656662613965626139646164656536616361353137386137353962616137
@ -82,7 +81,7 @@ mysql_users:
3737323335303065376633356238303961323331396666366636 3737323335303065376633356238303961323331396666366636
- name: cojedzie - name: cojedzie
priv: cojedzie.*:ALL priv: cojedzie.*:ALL
host: "172.%" host: '172.%'
password: !vault | password: !vault |
$ANSIBLE_VAULT;1.1;AES256 $ANSIBLE_VAULT;1.1;AES256
35346533366533313962656662613965626139646164656536616361353137386137353962616137 35346533366533313962656662613965626139646164656536616361353137386137353962616137
@ -91,16 +90,6 @@ mysql_users:
3662646135666461310a353561383261313130623132636366363264393639613963386162613330 3662646135666461310a353561383261313130623132636366363264393639613963386162613330
31303239636231636633366530333530643063303434623763363731616635663639636135316666 31303239636231636633366530333530643063303434623763363731616635663639636135316666
3737323335303065376633356238303961323331396666366636 3737323335303065376633356238303961323331396666366636
- name: marcelchefmonsieur
priv: marcelchefmonsieur.*:ALL
host: "172.%"
password: !vault |
$ANSIBLE_VAULT;1.1;AES256
61343731393737383031356234633063386434396639623365326137643033653565626465653534
6139343835626266356161616464373631646230303531340a656634346132393532366265393537
66346138666133333330323764633738383536616437646133646239303266613934653231383762
6135343532633333330a316338613733303165666237623434343365343866383533633934303462
38623733306137336335633135386538343062346439623765343137333963636436383465316163
6336356566316135333037653739663264313566323164646232
mysql_user_passwords: "{{ mysql_users|items2dict(key_name='name', value_name='password') }}" mysql_user_passwords: "{{ mysql_users|items2dict(key_name='name', value_name='password') }}"

14
vars/services.yml
View File

@ -65,18 +65,8 @@ service_config:
name: gitea name: gitea
user: gitea user: gitea
password: "{{ mysql_user_passwords['gitea'] }}" password: "{{ mysql_user_passwords['gitea'] }}"
marcel:
template: wordpress
traefik_routing_rule: Host(`marcelchefmonsieur.kadet.net`)
wordpress_db_name: marcelchefmonsieur
wordpress_db_user: marcelchefmonsieur
legacy: legacy:
www_data_users: ["{{ ansible_user }}"] www_data_users: ["{{ ansible_user }}"]
wipe-stg: wipe-stg:
template: wipe template: wipe
@ -109,7 +99,7 @@ service_config:
623838613832393239343036396439383561 623838613832393239343036396439383561
wipe: wipe:
wipe_rule: Host(`wipe.kadet.net`, `wipozaekranem.pl`) wipe_rule: Host(`wipe.kadet.net`, `wipozaekranem.pl`)
wipe_version: "2023.1.6" wipe_version: "2023.1.3"
wipe_mail: wipe_mail:
host: email-smtp.eu-north-1.amazonaws.com host: email-smtp.eu-north-1.amazonaws.com
from: "WIPE #7 <no-reply@wipozaekranem.pl>" from: "WIPE #7 <no-reply@wipozaekranem.pl>"
@ -158,7 +148,7 @@ service_config:
62643132313336356365313465353263626565616434633963343764653330316566613633633638 62643132313336356365313465353263626565616434633963343764653330316566613633633638
623838613832393239343036396439383561 623838613832393239343036396439383561
cojedzie: cojedzie:
cojedzie_version: "2022.3.1" cojedzie_version: '2022.3.1'
cojedzie_gtm: GTM-TQNX386 cojedzie_gtm: GTM-TQNX386
cojedzie_database: cojedzie_database:
name: cojedzie name: cojedzie