xenobyte/sukaato-ansible
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Last commit before an entire reworking of Ansible here

Browse Source
This commit is contained in:
Alex Tavarez
2025-07-04 14:53:57 -04:00
parent 7252b26685
commit 9a589e0db4
1 changed files with 44 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

52
playbooks/cengine.init.yaml
View File

@@ -19,14 +19,14 @@
become: true
- name: Ensure possession of cloned repository with Compose files
ansible.builtin.git:
repo: senpai@sukaato.moe:repos/sukaato-compose.git # @TODO: replace with Ansible variable
repo: "{{ lookup('ansible.builtin.env', 'ANSIBLE_CENG_SSH_REPO', default='senpai@sukaato.moe:repos/sukaato-compose.git') }}"
dest: ~/dev/sukaato-compose
version: latest
register: sshgit
ignore_errors: true
- name: Ensure possession of cloned repository with Compose files
ansible.builtin.git:
repo: 'https://git.sukaato.moe/' # @TODO: Finish HTTPS URI (or replace with Ansible variable)
repo: "{{ lookup('ansible.builtin.env', 'ANSIBLE_CENG_HTTPS_REPO', default='https://git.sukaato.moe/') }}" # @TODO: Finish HTTPS URI
dest: ~/dev/sukaato-compose
version: latest
register: webgit
@@ -93,6 +93,10 @@
containers.podman.podman_image:
name: gitea/gitea
tag: 1.23-rootless
- name: Ensure possession of Shlink container image
containers.podman.podman_image:
name: shlinkio/shlink
tag: stable
- name: Ensure existence of shared network for Caddy reverse proxying
containers.podman.podman_network:
name: caddynet
@@ -102,7 +106,7 @@
- name: Create secret for PostgreSQL database container
containers.podman.podman_secret: # @TODO: Look into other Postgres authentication methods
name: postgres_pass
data: "admin" # @TODO: Replace value with Ansible variable
data: "{{ lookup('ansible.builtin.env', 'ANSIBLE_POSTGRES_PASSWORD', default='administrator') }}"
state: present
- name: Ensure containers are running with appropriate configuration
containers.podman.podman_containers:
@@ -127,8 +131,10 @@
stop_timeout: 120
names: true
container_prefix: pm@
- name: nextcloud-aio-mastercontainer # @TODO: fill out rest of needed attributes
state: present # @TODO: Change to "started" later on
# requires:
# - "db"
- name: nextcloud-aio-mastercontainer
state: started
restart_policy: on-failure:5
image: nextcloud/all-in-one
init: true
@@ -151,9 +157,11 @@
stop_timeout: 120
names: true
container_prefix: pm@
requires:
- "revproxy"
# @NOTE: Below container has internal ports 3000 (web UI & HTTPS git) and 2222 (SSH git)
- name: http_git # @TODO: Fill out rest of needed attributes
state: present # @TODO: Change to "started" later on
state: started
restart_policy: on-failure:5
image: gitea/gitea
volumes:
@@ -164,14 +172,19 @@
network:
- "caddynet"
- "sharenet"
generate_systemd:
restart_policy: always
stop_timeout: 120
names: true
container_prefix: pm@
requires:
- "db"
- "revproxy"
# @NOTE: Postgres (below) default port is 5432
- name: db
state: present
restart_policy: on-failure:5
image: postgres
# shm_size: 128mb # @TODO: Specify share of memory for container
shm_size: "{{ lookup('ansible.builtin.env', 'ANSIBLE_DB_CENG_SHARE', default='128m') }}"
volumes:
- "~/.config/postgres:/etc/postgresql"
network:
@@ -181,3 +194,26 @@
POSTGRES_USER: senpai
POSTGRES_DB: mem
POSTGRESS_PASSWORD_FILE: /run/secrets/postgres_pass # @TODO: Look into other Postgres authentication methods
generate_systemd:
restart_policy: always
stop_timeout: 120
names: true
container_prefix: pm@
# @NOTE: Below container internal port is 8080
- name: shlinks
state: present
restart_policy: on-failure:5
image: shlinkio/shlink
env:
DEFAULT_DOMAIN: "{{ lookup('ansible.builtin.env', 'ANSIBLE_SHORTLINK_DOMAIN', default='sukaato.moe') }}"
BASE_PATH: /s
IS_HTTPS_ENABLED: false
MEMORY_LIMIT: 128m
DELETE_SHORT_URL_THRESHOLD: "{{ lookup('ansible.builtin.env', 'ANSIBLE_SHORTLINK_POP_FLOOR', default='600') }}"
DEFAULT_SHORT_CODES_LENGTH: 6
# INITIAL_API_KEY:
generate_systemd:
restart_policy: always
stop_timeout: 120
names: true
container_prefix: pm@