alpha
/
boxen
1
0
Fork 0
Code Issues 20 Pull Requests Packages Projects 1 Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'e5a2d3b7bb'
${ noResults }
boxen/lotus-land-story/main.yml

185 lines
5.9 KiB
Raw Normal View History Unescape

miniflux running (without ssl)
2 years ago
- name: Set up lotus-land-story
hosts: lotus-land-story
tasks:
reverse proxy w/caddy
2 years ago
- name: Set facts from environment variables
ansible.builtin.set_fact:
domain: "{{ lookup('ansible.builtin.env', 'TF_VAR_domain') }}"
miniflux_password: "{{ lookup('ansible.builtin.env', 'MINIFLUX_PASSWORD') }}"
miniflux running (without ssl)
2 years ago
# https://wiki.debian.org/PostgreSql
- name: Install postgres
ansible.builtin.apt:
pkg:
- postgresql
- postgresql-client
state: present
reverse proxy w/caddy
2 years ago
- name: Always mount the lotus-land-story volume
ansible.builtin.lineinfile:
dest: /etc/fstab
line: /dev/disk/by-id/scsi-0Linode_Volume_lotus-land-story /mnt/lotus-land-story ext4 defaults,noatime,nofail 0 2
state: present
- name: Make /mnt/lotus-land-story/postgresql
file:
path: /mnt/lotus-land-story/postgresql
state: directory
owner: postgres
- name: Set data directory to volume
ansible.builtin.lineinfile:
dest: "/etc/postgresql/13/main/postgresql.conf"
regexp: '^#?data_directory ='
line: "data_directory = '/mnt/lotus-land-story/postgresql'"
state: present
notify: Restart postgres
miniflux running (without ssl)
2 years ago
- name: Install ansible requirements
ansible.builtin.apt:
pkg:
- docker-compose
- libpq-dev
- python3-docker
- python3-psycopg2
state: present
# https://docs.docker.com/engine/install/debian/#install-using-the-repository
- name: Install docker
block:
- name: Install docker requirements
ansible.builtin.apt:
pkg:
- ca-certificates
- curl
- gnupg
state: present
- name: Make /etc/apt/keyrings
file:
path: /etc/apt/keyrings
state: directory
mode: 0755
- name: Download Docker GPG key
ansible.builtin.shell: curl -fsSL https://download.docker.com/linux/debian/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg
args:
creates: /etc/apt/keyrings/docker.gpg
- name: Get architecture
command: dpkg --print-architecture
register: arch
- name: Set up docker repository
ansible.builtin.template:
src: templates/docker.list
dest: /etc/apt/sources.list.d/docker.list
- name: Install docker
apt:
pkg:
- docker-ce
- docker-ce-cli
- containerd.io
- docker-buildx-plugin
- docker-compose-plugin
update_cache: true
- name: Set up postgres
become: true
become_user: postgres
block:
- name: Get docker0 IP address
ansible.builtin.shell: ip -4 -o addr show docker0 | awk '{print $4}'
register: docker_ip
- name: Listen on docker0 interface
ansible.builtin.lineinfile:
dest: "/etc/postgresql/13/main/conf.d/listen.conf"
regexp: '^#?listen_addresses='
line: "listen_addresses='localhost,{{ docker_ip.stdout | ansible.utils.ipaddr('address') }}'"
state: present
create: true
notify: Restart postgres
reverse proxy w/caddy
2 years ago
- name: Set up postgres for miniflux
become: true
become_user: postgres
block:
# https://miniflux.app/docs/installation.html#docker
- name: Create a miniflux db
community.postgresql.postgresql_db:
name: miniflux
notify: Restart postgres
- name: Create a miniflux db user
community.postgresql.postgresql_user:
db: miniflux
name: miniflux
password: miniflux
notify: Restart postgres
miniflux running (without ssl)
2 years ago
- name: Grant miniflux access
community.postgresql.postgresql_pg_hba:
dest: /etc/postgresql/13/main/pg_hba.conf
contype: host
users: miniflux
source: samenet
databases: miniflux
create: true
notify: Restart postgres
reverse proxy w/caddy
2 years ago
- name: Install hstore
miniflux running (without ssl)
2 years ago
community.postgresql.postgresql_ext:
name: hstore
db: miniflux
notify: Restart postgres
- name: Run miniflux
community.docker.docker_compose:
project_name: miniflux
definition:
version: "3.3"
services:
miniflux:
image: miniflux/miniflux:latest
ports:
reverse proxy w/caddy
2 years ago
- "8080:8080"
miniflux running (without ssl)
2 years ago
environment:
- DATABASE_URL=postgres://miniflux:miniflux@host.docker.internal/miniflux
- RUN_MIGRATIONS=1
- CREATE_ADMIN=1
reverse proxy w/caddy
2 years ago
- ADMIN_USERNAME=alpha
- ADMIN_PASSWORD={{ miniflux_password }}
- BASE_URL=https://rss.{{ domain }}
extra_hosts:
- "host.docker.internal:host-gateway"
- name: Make /mnt/lotus-land-story/caddy
file:
path: /mnt/lotus-land-story/{{ item }}
state: directory
loop:
- caddy
- caddy/data
- caddy/config
- name: Set up Caddyfile
ansible.builtin.template:
src: templates/Caddyfile
dest: /mnt/lotus-land-story/caddy/Caddyfile
- name: Run caddy
community.docker.docker_compose:
project_name: caddy
definition:
version: "3.3"
services:
caddy:
image: caddy:2
container_name: caddy
ports:
- "80:80"
- "443:443"
volumes:
- /mnt/lotus-land-story/caddy/Caddyfile:/etc/caddy/Caddyfile
- /mnt/lotus-land-story/caddy/data:/data
- /mnt/lotus-land-story/caddy/config:/config
miniflux running (without ssl)
2 years ago
extra_hosts:
- "host.docker.internal:host-gateway"
handlers:
- name: Restart postgres
ansible.builtin.service:
name: postgresql
state: restarted