|
|
|
# https://miniflux.app/docs/installation.html#docker
|
|
|
|
|
|
|
|
- name: Set up the Miniflux db
|
|
|
|
hosts: lotus-land-story
|
|
|
|
become: true
|
|
|
|
become_user: postgres
|
|
|
|
vars_files:
|
|
|
|
- vars.yml
|
|
|
|
tasks:
|
|
|
|
|
|
|
|
- name: Create the Miniflux db
|
|
|
|
community.postgresql.postgresql_db:
|
|
|
|
name: miniflux
|
|
|
|
notify: Restart postgres
|
|
|
|
|
|
|
|
- name: Create the Miniflux db user
|
|
|
|
community.postgresql.postgresql_user:
|
|
|
|
db: miniflux
|
|
|
|
name: miniflux
|
|
|
|
password: "{{ miniflux.db_password }}"
|
|
|
|
notify: Restart postgres
|
|
|
|
|
|
|
|
- name: Grant Miniflux access to the db
|
|
|
|
community.postgresql.postgresql_pg_hba:
|
|
|
|
dest: /etc/postgresql/13/main/pg_hba.conf
|
|
|
|
contype: host
|
|
|
|
users: miniflux
|
|
|
|
source: samenet # TODO Can this be restricted to docker_ip?
|
|
|
|
databases: miniflux
|
|
|
|
create: true
|
|
|
|
notify: Restart postgres
|
|
|
|
|
|
|
|
- name: Install hstore
|
|
|
|
community.postgresql.postgresql_ext:
|
|
|
|
name: hstore
|
|
|
|
db: miniflux
|
|
|
|
notify: Restart postgres
|
|
|
|
|
|
|
|
handlers:
|
|
|
|
- name: Import restarts
|
|
|
|
ansible.builtin.import_tasks: restarts.yml
|
|
|
|
|
|
|
|
- name: Set up the Miniflux db
|
|
|
|
hosts: lotus-land-story
|
|
|
|
vars_files:
|
|
|
|
- vars.yml
|
|
|
|
tasks:
|
|
|
|
|
|
|
|
- name: Get docker network
|
|
|
|
community.docker.docker_network:
|
|
|
|
name: lotus_land_story
|
|
|
|
register: docker_network
|
|
|
|
|
|
|
|
- name: Run Miniflux
|
|
|
|
community.docker.docker_container:
|
|
|
|
restart: true
|
|
|
|
name: miniflux
|
|
|
|
image: miniflux/miniflux:2.0.48
|
|
|
|
env:
|
|
|
|
DATABASE_URL: postgres://miniflux:{{ miniflux.db_password }}@host.docker.internal/miniflux
|
|
|
|
RUN_MIGRATIONS: "1"
|
|
|
|
CREATE_ADMIN: "1"
|
|
|
|
ADMIN_USERNAME: alpha
|
|
|
|
ADMIN_PASSWORD: "{{ miniflux.password }}"
|
|
|
|
BASE_URL: https://rss.{{ domain }}
|
|
|
|
METRICS_COLLECTOR: "1"
|
|
|
|
METRICS_ALLOWED_NETWORKS: "{{ docker_network.network.IPAM.Config[0].Subnet }}"
|
|
|
|
OAUTH2_PROVIDER: oidc
|
|
|
|
OAUTH2_CLIENT_ID: miniflux
|
|
|
|
OAUTH2_CLIENT_SECRET: "{{ miniflux.oidc_secret }}"
|
|
|
|
OAUTH2_REDIRECT_URL: https://rss.{{ domain }}/oauth2/oidc/callback
|
|
|
|
OAUTH2_OIDC_DISCOVERY_ENDPOINT: https://auth.{{ domain }}
|
|
|
|
OAUTH2_USER_CREATION: "1"
|
|
|
|
restart_policy: unless-stopped
|
|
|
|
networks:
|
|
|
|
- name: lotus_land_story
|
|
|
|
etc_hosts:
|
|
|
|
host.docker.internal: host-gateway
|
|
|
|
|
|
|
|
handlers:
|
|
|
|
- name: Import restarts
|
|
|
|
ansible.builtin.import_tasks: restarts.yml
|
|
|
|
|
|
|
|
# vim: ft=yaml.ansible
|