From cb25e8c01aef386e428f28d2819e14b196d7f812 Mon Sep 17 00:00:00 2001 From: uumas Date: Thu, 10 Mar 2022 02:57:09 +0200 Subject: [PATCH] Add gitea and a generic container role --- docs/general.md | 4 +++ docs/gitea.md | 15 ++++++++++ roles/container/README.md | 1 + roles/container/defaults/main.yml | 4 +++ roles/container/meta/main.yml | 9 ++++++ roles/container/tasks/main.yml | 46 +++++++++++++++++++++++++++++++ roles/container/vars/traefik.yml | 6 ++++ roles/gitea/README.md | 1 + roles/gitea/meta/main.yml | 21 ++++++++++++++ 9 files changed, 107 insertions(+) create mode 100644 docs/gitea.md create mode 100644 roles/container/README.md create mode 100644 roles/container/defaults/main.yml create mode 100644 roles/container/meta/main.yml create mode 100644 roles/container/tasks/main.yml create mode 100644 roles/container/vars/traefik.yml create mode 100644 roles/gitea/README.md create mode 100644 roles/gitea/meta/main.yml diff --git a/docs/general.md b/docs/general.md index 7f053e8..6ce509d 100644 --- a/docs/general.md +++ b/docs/general.md @@ -3,6 +3,10 @@ These variables are required by multiple roles. Example values included. ``` timezone: 'Europe/Helsinki' +admin_email: 'admin@domain.tld' + +smtp_server: smtp.domain.tld +smtp_from: sender@domain.tld ``` # Optional variables diff --git a/docs/gitea.md b/docs/gitea.md new file mode 100644 index 0000000..11790b3 --- /dev/null +++ b/docs/gitea.md @@ -0,0 +1,15 @@ +# Required variables +These variables are required. Example values included. Some general variables might also be required for this role. + +``` +ports: + gitea: + http: 8080 + +docker_vhost_domains: + gitea: + - gitea.domain.tld + +database_passwords: + gitea: secret +``` diff --git a/roles/container/README.md b/roles/container/README.md new file mode 100644 index 0000000..a19b4d1 --- /dev/null +++ b/roles/container/README.md @@ -0,0 +1 @@ +Sets up a docker container diff --git a/roles/container/defaults/main.yml b/roles/container/defaults/main.yml new file mode 100644 index 0000000..8029fba --- /dev/null +++ b/roles/container/defaults/main.yml @@ -0,0 +1,4 @@ +--- + +reverse_proxy_type: caddy +docker_database: none diff --git a/roles/container/meta/main.yml b/roles/container/meta/main.yml new file mode 100644 index 0000000..129a719 --- /dev/null +++ b/roles/container/meta/main.yml @@ -0,0 +1,9 @@ +--- + +dependencies: + - docker + - role: uumas.general.reverse_proxy + vhost_id: "{{ docker_service }}" + vhost_domains: "{{ docker_vhost_domains[docker_service] }}" + proxy_target: http://127.0.0.1:{{ ports[docker_service].http }} + when: reverse_proxy_type != 'none' and reverse_proxy_type != 'traefik' diff --git a/roles/container/tasks/main.yml b/roles/container/tasks/main.yml new file mode 100644 index 0000000..8921efb --- /dev/null +++ b/roles/container/tasks/main.yml @@ -0,0 +1,46 @@ +--- + +- name: docker network + docker_network: + name: "{{ docker_service }}" + +- name: Set published ports variable + set_fact: + container_published_ports: ["127.0.0.1:{{ ports[docker_service].http }}:3000"] + when: reverse_proxy_type != 'traefik' + +- name: Include traefik vars + include_vars: traefik.yml + when: reverse_proxy_type == 'traefik' + +- name: "Postgresql container for {{ docker_service }}" + docker_container: + name: "{{ docker_service }}_db" + image: 'postgres:14-alpine' + pull: yes + container_default_behavior: no_defaults + env: + POSTGRES_USER: "{{ docker_service }}" + POSTGRES_PASSWORD: "{{ database_passwords[docker_service] }}" + restart_policy: always + volumes: + - "{{ docker_service }}_db:/var/lib/postgresql/data" + networks: + - name: "{{ docker_service }}" + when: docker_database is defined and docker_database == 'postgres' + +- name: "Container for {{ docker_service }}" + docker_container: + name: "{{ docker_service }}" + image: "{{ docker_image }}" + pull: true + container_default_behavior: no_defaults + volumes: "{{ docker_volumes }}" + published_ports: "{{ container_published_ports | default(omit) }}" + labels: "{{ traefik_labels | default(omit) }}" + env: "{{ docker_env }}" + restart_policy: always + networks: + - name: "{{ docker_service }}" + register: container_out + diff --git a/roles/container/vars/traefik.yml b/roles/container/vars/traefik.yml new file mode 100644 index 0000000..53e5e7f --- /dev/null +++ b/roles/container/vars/traefik.yml @@ -0,0 +1,6 @@ +--- + +traefik_labels: + traefik.enable: 'true' + "traefik.http.routers.{{ docker_service }}.rule": "Host(`{{ vhost_domains[docker_service] | join('`) || Host(`') }}`)" + "traefik.http.routers.{{ docker_service }}.tls.certresolver": 'le' diff --git a/roles/gitea/README.md b/roles/gitea/README.md new file mode 100644 index 0000000..d1b48af --- /dev/null +++ b/roles/gitea/README.md @@ -0,0 +1 @@ +Installs gitea in docker and configures ssh diff --git a/roles/gitea/meta/main.yml b/roles/gitea/meta/main.yml new file mode 100644 index 0000000..85734c4 --- /dev/null +++ b/roles/gitea/meta/main.yml @@ -0,0 +1,21 @@ +--- + +dependencies: + - role: container + docker_service: gitea + docker_image: gitea/gitea:latest + docker_database: postgres + docker_volumes: + - gitea_data:/data + docker_env: + GITEA__database__DB_TYPE: postgres + GITEA__database__USER: gitea + GITEA__database__HOST: gitea_db:5432 + GITEA__database__PASSWD: "{{ database_passwords.gitea }}" + GITEA__server__DOMAIN: "{{ docker_vhost_domains.gitea[0] }}" + GITEA__server__PROTOCOL: "http" + GITEA__server__ROOT_URL: "https://{{ docker_vhost_domains.gitea[0] }}" + GITEA__mailer__ENABLED: "true" + GITEA__mailer__HOST: "{{ smtp_server }}:587" + GITEA__mailer__FROM: "{{ smtp_from }}" + GITEA__mailer__MAILER_TYPE: smtp