alpha
/
boxen
1
0
Fork 0
Code Issues 20 Pull Requests Packages Projects 1 Releases Wiki Activity

reverse proxy w/caddy

Browse Source
main
Alpha Chen 2 years ago
parent 40568732df
commit e87263d962
Signed by: alpha
SSH Key Fingerprint: SHA256:3fOT8fiYQG/aK9ntivV3Bqtg8AYQ7q4nV6ZgihOA20g
4 changed files with 127 additions and 24 deletions
Show Stats Download Patch File Download Diff File

1
lotus-land-story/.gitignore vendored
Unescape View File

@ -1 +0,0 @@
private.tf

42
lotus-land-story/main.tf
Unescape View File

@ -12,6 +12,11 @@ terraform {
}
}
variable "domain" {
type = string
nullable = false
}
data "http" "github_keys" {
url = "https://github.com/kejadlen.keys"
}
@ -24,6 +29,43 @@ resource "linode_instance" "lotus_land_story" {
authorized_keys = split("\n", chomp(data.http.github_keys.response_body))
}
resource "linode_volume" "lotus_land_story" {
# count = 0
label = "lotus-land-story"
region = "us-west"
linode_id = linode_instance.lotus_land_story.id
size = 10
connection {
host = resource.linode_instance.lotus_land_story.ip_address
}
provisioner "remote-exec" {
inline = [
"mkfs.ext4 '${self.filesystem_path}'",
"mkdir '/mnt/lotus-land-story'",
"mount '${self.filesystem_path}' '/mnt/lotus-land-story'",
]
}
}
data "linode_domain" "domain" {
domain = var.domain
}
resource "linode_domain_record" "rww" {
domain_id = data.linode_domain.domain.id
name = "rss"
record_type = "A"
target = resource.linode_instance.lotus_land_story.ip_address
}
output "lotus_land_story_ip" {
value = resource.linode_instance.lotus_land_story.ip_address
}
output "lotus_land_story_volume" {
value = resource.linode_volume.lotus_land_story.filesystem_path
}

92
lotus-land-story/main.yml
Unescape View File

@ -2,6 +2,11 @@
hosts: lotus-land-story
tasks:
- name: Set facts from environment variables
ansible.builtin.set_fact:
domain: "{{ lookup('ansible.builtin.env', 'TF_VAR_domain') }}"
miniflux_password: "{{ lookup('ansible.builtin.env', 'MINIFLUX_PASSWORD') }}"
# https://wiki.debian.org/PostgreSql
- name: Install postgres
ansible.builtin.apt:
@ -10,6 +15,24 @@
- postgresql-client
state: present
- name: Always mount the lotus-land-story volume
ansible.builtin.lineinfile:
dest: /etc/fstab
line: /dev/disk/by-id/scsi-0Linode_Volume_lotus-land-story /mnt/lotus-land-story ext4 defaults,noatime,nofail 0 2
state: present
- name: Make /mnt/lotus-land-story/postgresql
file:
path: /mnt/lotus-land-story/postgresql
state: directory
owner: postgres
- name: Set data directory to volume
ansible.builtin.lineinfile:
dest: "/etc/postgresql/13/main/postgresql.conf"
regexp: '^#?data_directory ='
line: "data_directory = '/mnt/lotus-land-story/postgresql'"
state: present
notify: Restart postgres
- name: Install ansible requirements
ansible.builtin.apt:
pkg:
@ -60,17 +83,6 @@
become_user: postgres
block:
# https://miniflux.app/docs/installation.html#docker
- name: Create a miniflux db
community.postgresql.postgresql_db:
name: miniflux
notify: Restart postgres
- name: Create a miniflux db user
community.postgresql.postgresql_user:
db: miniflux
name: miniflux
password: miniflux
notify: Restart postgres
- name: Get docker0 IP address
ansible.builtin.shell: ip -4 -o addr show docker0 | awk '{print $4}'
register: docker_ip
@ -82,6 +94,23 @@
state: present
create: true
notify: Restart postgres
- name: Set up postgres for miniflux
become: true
become_user: postgres
block:
# https://miniflux.app/docs/installation.html#docker
- name: Create a miniflux db
community.postgresql.postgresql_db:
name: miniflux
notify: Restart postgres
- name: Create a miniflux db user
community.postgresql.postgresql_user:
db: miniflux
name: miniflux
password: miniflux
notify: Restart postgres
- name: Grant miniflux access
community.postgresql.postgresql_pg_hba:
dest: /etc/postgresql/13/main/pg_hba.conf
@ -91,8 +120,7 @@
databases: miniflux
create: true
notify: Restart postgres
- name: Install extensions
- name: Install hstore
community.postgresql.postgresql_ext:
name: hstore
db: miniflux
@ -107,13 +135,45 @@
miniflux:
image: miniflux/miniflux:latest
ports:
- "80:8080"
- "8080:8080"
environment:
- DATABASE_URL=postgres://miniflux:miniflux@host.docker.internal/miniflux
- RUN_MIGRATIONS=1
- CREATE_ADMIN=1
- ADMIN_USERNAME=admin
- ADMIN_PASSWORD=test123
- ADMIN_USERNAME=alpha
- ADMIN_PASSWORD={{ miniflux_password }}
- BASE_URL=https://rss.{{ domain }}
extra_hosts:
- "host.docker.internal:host-gateway"
- name: Make /mnt/lotus-land-story/caddy
file:
path: /mnt/lotus-land-story/{{ item }}
state: directory
loop:
- caddy
- caddy/data
- caddy/config
- name: Set up Caddyfile
ansible.builtin.template:
src: templates/Caddyfile
dest: /mnt/lotus-land-story/caddy/Caddyfile
- name: Run caddy
community.docker.docker_compose:
project_name: caddy
definition:
version: "3.3"
services:
caddy:
image: caddy:2
container_name: caddy
ports:
- "80:80"
- "443:443"
volumes:
- /mnt/lotus-land-story/caddy/Caddyfile:/etc/caddy/Caddyfile
- /mnt/lotus-land-story/caddy/data:/data
- /mnt/lotus-land-story/caddy/config:/config
extra_hosts:
- "host.docker.internal:host-gateway"

2
lotus-land-story/templates/Caddyfile
Unescape View File

@ -0,0 +1,2 @@
rss.{{ domain }}
reverse_proxy host.docker.internal:8080
Write Preview
Loading…
Cancel
Save