You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
195 lines
6.1 KiB
195 lines
6.1 KiB
- name: Set up lotus-land-story
|
|
hosts: lotus-land-story
|
|
vars_files:
|
|
- vars.yml
|
|
tasks:
|
|
|
|
# https://wiki.debian.org/PostgreSql
|
|
- name: Install postgres
|
|
ansible.builtin.apt:
|
|
pkg:
|
|
- postgresql
|
|
- postgresql-client
|
|
state: present
|
|
|
|
- name: Always mount the lotus-land-story volume
|
|
ansible.builtin.lineinfile:
|
|
dest: /etc/fstab
|
|
line: "{{ linode_volume }} /mnt/lotus-land-story ext4 defaults,noatime,nofail 0 2"
|
|
state: present
|
|
- name: Make /mnt/lotus-land-story/postgresql
|
|
ansible.builtin.file:
|
|
path: /mnt/lotus-land-story/postgresql
|
|
state: directory
|
|
owner: postgres
|
|
mode: "0700"
|
|
- name: Set data directory to volume
|
|
ansible.builtin.lineinfile:
|
|
dest: "/etc/postgresql/13/main/postgresql.conf"
|
|
regexp: '^#?data_directory ='
|
|
line: "data_directory = '/mnt/lotus-land-story/postgresql'"
|
|
state: present
|
|
notify: Restart postgres
|
|
|
|
- name: Install ansible requirements
|
|
ansible.builtin.apt:
|
|
pkg:
|
|
- docker-compose
|
|
- libpq-dev
|
|
- python3-docker
|
|
- python3-psycopg2
|
|
state: present
|
|
|
|
# https://docs.docker.com/engine/install/debian/#install-using-the-repository
|
|
- name: Install docker
|
|
block:
|
|
- name: Install docker requirements
|
|
ansible.builtin.apt:
|
|
pkg:
|
|
- ca-certificates
|
|
- curl
|
|
- gnupg
|
|
state: present
|
|
- name: Make /etc/apt/keyrings
|
|
ansible.builtin.file:
|
|
path: /etc/apt/keyrings
|
|
state: directory
|
|
mode: "0755"
|
|
- name: Download Docker GPG key
|
|
ansible.builtin.shell: |
|
|
set -o pipefail
|
|
curl -fsSL https://download.docker.com/linux/debian/gpg | gpg --dearmor -o /etc/apt/keyrings/docker.gpg
|
|
args:
|
|
creates: /etc/apt/keyrings/docker.gpg
|
|
- name: Get architecture
|
|
ansible.builtin.command: dpkg --print-architecture
|
|
register: arch
|
|
changed_when: arch.rc != 0
|
|
- name: Set up docker repository
|
|
ansible.builtin.template:
|
|
src: templates/docker.list
|
|
dest: /etc/apt/sources.list.d/docker.list
|
|
mode: "0644"
|
|
- name: Install docker
|
|
ansible.builtin.apt:
|
|
pkg:
|
|
- docker-ce
|
|
- docker-ce-cli
|
|
- containerd.io
|
|
- docker-buildx-plugin
|
|
- docker-compose-plugin
|
|
update_cache: true
|
|
|
|
- name: Set up postgres
|
|
become: true
|
|
become_user: postgres
|
|
block:
|
|
|
|
- name: Get docker0 IP address
|
|
ansible.builtin.shell: ip -4 -o addr show docker0 | awk '{print $4}' # noqa: risky-shell-pipe
|
|
vars:
|
|
executable: /usr/bin/bash
|
|
register: docker_ip
|
|
changed_when: docker_ip.rc != 0
|
|
- name: Listen on docker0 interface
|
|
ansible.builtin.lineinfile:
|
|
dest: "/etc/postgresql/13/main/conf.d/listen.conf"
|
|
regexp: '^#?listen_addresses='
|
|
line: "listen_addresses='localhost,{{ docker_ip.stdout | ansible.utils.ipaddr('address') }}'"
|
|
state: present
|
|
create: true
|
|
mode: "0644"
|
|
notify: Restart postgres
|
|
|
|
- name: Set up postgres for miniflux
|
|
become: true
|
|
become_user: postgres
|
|
block:
|
|
|
|
# https://miniflux.app/docs/installation.html#docker
|
|
- name: Create a miniflux db
|
|
community.postgresql.postgresql_db:
|
|
name: miniflux
|
|
notify: Restart postgres
|
|
- name: Create a miniflux db user
|
|
community.postgresql.postgresql_user:
|
|
db: miniflux
|
|
name: miniflux
|
|
password: "{{ miniflux_db_password }}"
|
|
notify: Restart postgres
|
|
- name: Grant miniflux access
|
|
community.postgresql.postgresql_pg_hba:
|
|
dest: /etc/postgresql/13/main/pg_hba.conf
|
|
contype: host
|
|
users: miniflux
|
|
source: samenet
|
|
databases: miniflux
|
|
create: true
|
|
notify: Restart postgres
|
|
- name: Install hstore
|
|
community.postgresql.postgresql_ext:
|
|
name: hstore
|
|
db: miniflux
|
|
notify: Restart postgres
|
|
|
|
- name: Run miniflux
|
|
community.docker.docker_compose:
|
|
project_name: miniflux
|
|
definition:
|
|
version: "3.3"
|
|
services:
|
|
miniflux:
|
|
image: miniflux/miniflux:latest
|
|
ports:
|
|
- "8080:8080"
|
|
environment:
|
|
- DATABASE_URL=postgres://miniflux:{{ miniflux_db_password }}@host.docker.internal/miniflux
|
|
- RUN_MIGRATIONS=1
|
|
- CREATE_ADMIN=1
|
|
- ADMIN_USERNAME=alpha
|
|
- ADMIN_PASSWORD={{ miniflux_password }}
|
|
- BASE_URL=https://rss.{{ domain }}
|
|
extra_hosts:
|
|
- "host.docker.internal:host-gateway"
|
|
|
|
- name: Make /mnt/lotus-land-story/caddy
|
|
ansible.builtin.file:
|
|
path: /mnt/lotus-land-story/{{ item }}
|
|
state: directory
|
|
mode: "0755"
|
|
loop:
|
|
- caddy
|
|
- caddy/data
|
|
- caddy/config
|
|
- name: Set up Caddyfile
|
|
ansible.builtin.template:
|
|
src: templates/Caddyfile
|
|
dest: /mnt/lotus-land-story/caddy/Caddyfile
|
|
mode: "0644"
|
|
- name: Run caddy
|
|
community.docker.docker_compose:
|
|
project_name: caddy
|
|
definition:
|
|
version: "3.3"
|
|
services:
|
|
caddy:
|
|
image: caddy:2
|
|
container_name: caddy
|
|
ports:
|
|
- "80:80"
|
|
- "443:443"
|
|
volumes:
|
|
- /mnt/lotus-land-story/caddy/Caddyfile:/etc/caddy/Caddyfile
|
|
- /mnt/lotus-land-story/caddy/data:/data
|
|
- /mnt/lotus-land-story/caddy/config:/config
|
|
extra_hosts:
|
|
- "host.docker.internal:host-gateway"
|
|
|
|
handlers:
|
|
- name: Restart postgres
|
|
ansible.builtin.service:
|
|
name: postgresql
|
|
state: restarted
|
|
|
|
# vim: ft=yaml.ansible
|