xenobyte/sukaato-ansible
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Removed some files, but in particulared updated .gitignore file

Browse Source
This commit is contained in:
Alex Tavarez
2025-07-07 20:04:43 -04:00
parent 9a589e0db4
commit 606a57faba
4 changed files with 4 additions and 254 deletions
Download Patch File Download Diff File Expand all files Collapse all files

0
.ansible/.lock
View File

5
.gitignore vendored
View File

@@ -1 +1,4 @@
.env/
.env/
group_vars/**
host_vars/**
hosts.ini

219
playbooks/cengine.init.yaml
View File

@@ -1,219 +0,0 @@
---
- name: Ensuring microservice infrastructure
hosts: webservers
tasks:
- name: Ensure podman is installed
ansible.builtin.package:
name: podman
state: present
become: true
- name: Ensure podman-compose is installed
ansible.builtin.package:
name: podman-compose
state: present
become: true
- name: Ensure git is installed
ansible.builtin.package:
name: git
state: present
become: true
- name: Ensure possession of cloned repository with Compose files
ansible.builtin.git:
repo: "{{ lookup('ansible.builtin.env', 'ANSIBLE_CENG_SSH_REPO', default='senpai@sukaato.moe:repos/sukaato-compose.git') }}"
dest: ~/dev/sukaato-compose
version: latest
register: sshgit
ignore_errors: true
- name: Ensure possession of cloned repository with Compose files
ansible.builtin.git:
repo: "{{ lookup('ansible.builtin.env', 'ANSIBLE_CENG_HTTPS_REPO', default='https://git.sukaato.moe/') }}" # @TODO: Finish HTTPS URI
dest: ~/dev/sukaato-compose
version: latest
register: webgit
ignore_errors: true
when: sshgit is failed or sshgit is skipped
- name: Ensure possession of cloned repository with Compose files
ansible.builtin.git:
repo: ~/repos/sukaato-compose.git
dest: ~/dev/sukaato-compose
version: latest
register: autogit
ignore_errors: true
when: webgit is failed or webgit is skipped
- name: Ensuring pods or containers are run
block:
- name: Ensuring pods or containers are run from Compose file(s)
ansible.builtin.command:
cmd: podman-compose up -d
chdir: ~/dev/sukaato-compose
register: podsup
changed_when: podsup.rc != 0
rescue:
- name: Ensure existence of Caddy data container volume
containers.podman.podman_volume:
state: present
name: caddy_data
- name: Ensure existence of Caddy configuration container volume
containers.podman.podman_volume:
state: present
name: caddy_config
- name: Ensure existence of Gitea data container volume
containers.podman.podman_volume:
state: present
name: gitea_data
- name: Ensure existence of directory for Caddyfile root path # @TODO: Specify ownership
ansible.builtin.file:
path: /srv/www/sukaato.moe
state: directory
mode: '0755'
- name: Ensure existence of directory for Caddyfile root path
ansible.builtin.file:
path: ~/.config/caddy
state: directory
mode: '0755'
- name: Ensure Caddyfile is copied into separate directory
ansible.builtin.file:
src: /srv/www/sukaato.moe/Caddyfile
dest: ~/.config/caddy/Caddyfile
mode: '0644'
state: hard
- name: Ensure possession of Caddy container image
containers.podman.podman_image:
name: caddy
tag: latest
- name: Ensure possession of Nextcloud container image
containers.podman.podman_image:
name: nextcloud/all-in-one
tag: latest
- name: Ensure possession of Postgres container image
containers.podman.podman_image:
name: postgres
tag: 14.17
- name: Ensure possession of Gitea container image
containers.podman.podman_image:
name: gitea/gitea
tag: 1.23-rootless
- name: Ensure possession of Shlink container image
containers.podman.podman_image:
name: shlinkio/shlink
tag: stable
- name: Ensure existence of shared network for Caddy reverse proxying
containers.podman.podman_network:
name: caddynet
- name: Ensure existence of shared network for Nextcloud, Gitea et al
containers.podman.podman_network:
name: sharenet
- name: Create secret for PostgreSQL database container
containers.podman.podman_secret: # @TODO: Look into other Postgres authentication methods
name: postgres_pass
data: "{{ lookup('ansible.builtin.env', 'ANSIBLE_POSTGRES_PASSWORD', default='administrator') }}"
state: present
- name: Ensure containers are running with appropriate configuration
containers.podman.podman_containers:
containers:
- name: revproxy
state: started
restart_policy: on-failure:5
image: caddy
publish:
- "80:80"
- "443:443"
- "443:443/udp"
volumes:
- "caddy_config:/config"
- "caddy_data:/data"
- "/srv/www/sukaato.moe:/srv/www/sukaato.moe"
- "~/.config/caddy:/etc/caddy"
network:
- "caddynet"
generate_systemd:
restart_policy: always
stop_timeout: 120
names: true
container_prefix: pm@
# requires:
# - "db"
- name: nextcloud-aio-mastercontainer
state: started
restart_policy: on-failure:5
image: nextcloud/all-in-one
init: true
sig_proxy: false
publish:
- "8080:8080"
volumes:
- "~/.config/nextcloud:/mnt/docker-aio-config"
- "/var/run/docker.sock:/var/run/docker.sock:ro"
network:
- "caddynet"
- "sharenet"
env:
APACHE_PORT: 11000
APACHE_IP_BINDING: 0.0.0.0
SKIP_DOMAIN_VALIDATION: false
NEXTCLOUD_DATADIR: "/mnt/datadrive/nextcloud" # @TODO: mount a ZFS-formatted volume/dataset on parent directory
generate_systemd:
restart_policy: always
stop_timeout: 120
names: true
container_prefix: pm@
requires:
- "revproxy"
# @NOTE: Below container has internal ports 3000 (web UI & HTTPS git) and 2222 (SSH git)
- name: http_git # @TODO: Fill out rest of needed attributes
state: started
restart_policy: on-failure:5
image: gitea/gitea
volumes:
- "~/.config/gitea:/etc/gitea"
- "gitea_data:/var/lib/gitea"
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
network:
- "caddynet"
- "sharenet"
generate_systemd:
restart_policy: always
stop_timeout: 120
names: true
container_prefix: pm@
requires:
- "revproxy"
# @NOTE: Postgres (below) default port is 5432
- name: db
state: present
restart_policy: on-failure:5
image: postgres
shm_size: "{{ lookup('ansible.builtin.env', 'ANSIBLE_DB_CENG_SHARE', default='128m') }}"
volumes:
- "~/.config/postgres:/etc/postgresql"
network:
- "caddynet"
- "sharenet"
env:
POSTGRES_USER: senpai
POSTGRES_DB: mem
POSTGRESS_PASSWORD_FILE: /run/secrets/postgres_pass # @TODO: Look into other Postgres authentication methods
generate_systemd:
restart_policy: always
stop_timeout: 120
names: true
container_prefix: pm@
# @NOTE: Below container internal port is 8080
- name: shlinks
state: present
restart_policy: on-failure:5
image: shlinkio/shlink
env:
DEFAULT_DOMAIN: "{{ lookup('ansible.builtin.env', 'ANSIBLE_SHORTLINK_DOMAIN', default='sukaato.moe') }}"
BASE_PATH: /s
IS_HTTPS_ENABLED: false
MEMORY_LIMIT: 128m
DELETE_SHORT_URL_THRESHOLD: "{{ lookup('ansible.builtin.env', 'ANSIBLE_SHORTLINK_POP_FLOOR', default='600') }}"
DEFAULT_SHORT_CODES_LENGTH: 6
# INITIAL_API_KEY:
generate_systemd:
restart_policy: always
stop_timeout: 120
names: true
container_prefix: pm@

34
playbooks/git.init.yaml
View File

@@ -1,34 +0,0 @@
---
- name: Ensuring microservice infrastructure
hosts: all
tasks:
- name: Ensure git is installed
ansible.builtin.package:
name: git
state: present
become: true
- name: Ensure vim is installed
ansible.builtin.package:
name: vim
state: present
become: true
- name: Ensure git editor is configured
community.general.git_config:
name: core.editor
scope: global
value: vim
- name: Ensure git name is configured
community.general.git_config:
name: user.name
scope: global
value: Rika T.
- name: Ensure git email is configured
community.general.git_config:
name: user.email
scope: global
value: admin@sukaato.moe
- name: Ensure git default branch name is configured
community.general.git_config:
name: init.defaultBranch
scope: global
value: main