From 68d5cb764e08d4fbfc16e3a5d9516b0850b0f70b Mon Sep 17 00:00:00 2001 From: Javier Feliz Date: Wed, 6 Aug 2025 17:55:42 -0400 Subject: [PATCH] Added foundryvtt --- playbooks/nodes/apps.yml | 150 ++++++++++++------------ playbooks/proxy/external.yml | 18 ++- roles/apps/authentikate/tasks/main.yml | 6 +- roles/apps/foundryvtt/defaults/main.yml | 0 roles/apps/foundryvtt/tasks/main.yml | 29 +++++ roles/apps/linkwarden/tasks/main.yml | 10 +- 6 files changed, 132 insertions(+), 81 deletions(-) create mode 100644 roles/apps/foundryvtt/defaults/main.yml create mode 100644 roles/apps/foundryvtt/tasks/main.yml diff --git a/playbooks/nodes/apps.yml b/playbooks/nodes/apps.yml index 6604628..d3476c2 100644 --- a/playbooks/nodes/apps.yml +++ b/playbooks/nodes/apps.yml @@ -3,77 +3,83 @@ hosts: apps become: true roles: - - role: apps/memos - vars: - port: 7071 - - role: apps/vaultwarden - vars: - port: 7072 - - role: apps/stirling-pdf - vars: - port: 7075 - - role: apps/flowtodo - vars: - port: 7076 - - role: apps/outline-wiki - vars: - port: 7083 - url: "https://docs.thegrind.dev" - container_name: "the-grind-outline-wiki" - outline_db_name: "the_grind_docs" - data_dir_name: "the-grind-docs" - secret_key: "42f5ab8c01771f40f1e1bae554b82b883f25ab13a79767ffc57e8c31ab172c43" - utils_secret_key: "f8410c6a12da5e92ac4200ef923fe516bed3cef2abacfb1877e32f2f1c63a325" - oidc_client_id: "XfaDJwpZfdHXiK6kulZiAK9nCliUieOdW0Ah1jJ1" - oidc_client_secret: "FtouI96uTg4YJc3ViSfcQ9SdubviXiPULne5tKyIXKbHxDczdlZoWkpwroobEGcgxrJaMFmdX6vBLJACZJVojFW1DJLyqt7gTAo6SmfuL7cJVzAnvDagxWJtamqhkKGR" - oidc_auth_uri: "https://auth.thegrind.dev/application/o/authorize/" - oidc_token_uri: "https://auth.thegrind.dev/application/o/token/" - oidc_userinfo_uri: "https://auth.thegrind.dev/application/o/userinfo/" - oidc_logout_uri: "https://auth.thegrind.dev/application/o/the-grind-docs/end-session/" - odic_button_text: "The Grind Auth" - # - role: apps/postiz + # - role: apps/memos # vars: - # port: 7084 - # url: "https://postiz.blinker.club" - # postiz_instance_name: "postiz-main" - # postiz_db_name: "postiz_main" - # jwt_secret: "42cd08e857d0178075a305d7511c778336a501951ae0e4f05bf5ad862f611e72" - - role: apps/planka + # port: 7071 + # - role: apps/vaultwarden + # vars: + # port: 7072 + # - role: apps/stirling-pdf + # vars: + # port: 7075 + # - role: apps/flowtodo + # vars: + # port: 7076 + # - role: apps/outline-wiki + # vars: + # port: 7083 + # url: "https://docs.thegrind.dev" + # container_name: "the-grind-outline-wiki" + # outline_db_name: "the_grind_docs" + # data_dir_name: "the-grind-docs" + # secret_key: "42f5ab8c01771f40f1e1bae554b82b883f25ab13a79767ffc57e8c31ab172c43" + # utils_secret_key: "f8410c6a12da5e92ac4200ef923fe516bed3cef2abacfb1877e32f2f1c63a325" + # oidc_client_id: "XfaDJwpZfdHXiK6kulZiAK9nCliUieOdW0Ah1jJ1" + # oidc_client_secret: "FtouI96uTg4YJc3ViSfcQ9SdubviXiPULne5tKyIXKbHxDczdlZoWkpwroobEGcgxrJaMFmdX6vBLJACZJVojFW1DJLyqt7gTAo6SmfuL7cJVzAnvDagxWJtamqhkKGR" + # oidc_auth_uri: "https://auth.thegrind.dev/application/o/authorize/" + # oidc_token_uri: "https://auth.thegrind.dev/application/o/token/" + # oidc_userinfo_uri: "https://auth.thegrind.dev/application/o/userinfo/" + # oidc_logout_uri: "https://auth.thegrind.dev/application/o/the-grind-docs/end-session/" + # odic_button_text: "The Grind Auth" + # # - role: apps/postiz + # # vars: + # # port: 7084 + # # url: "https://postiz.blinker.club" + # # postiz_instance_name: "postiz-main" + # # postiz_db_name: "postiz_main" + # # jwt_secret: "42cd08e857d0178075a305d7511c778336a501951ae0e4f05bf5ad862f611e72" + # - role: apps/planka + # vars: + # port: 7085 + # url: "https://tasks.thegrind.dev" + # - role: apps/filebrowser + # vars: + # container_name: "filebrowser-javi" + # instance_name: "javi" + # share: "javi" + # port: 7086 + # - role: apps/n8n + # vars: + # port: 7087 + # domain: "melab.fyi" + # subdomain: "automate" + # - role: apps/umami + # vars: + # port: 7088 + # - role: apps/scripthost + # vars: + # port: 7089 + # - role: apps/authentikate + # vars: + # port: 7090 + - role: apps/foundryvtt vars: - port: 7085 - url: "https://tasks.thegrind.dev" - - role: apps/filebrowser - vars: - container_name: "filebrowser-javi" - instance_name: "javi" - share: "javi" - port: 7086 - - role: apps/n8n - vars: - port: 7087 - domain: "melab.fyi" - subdomain: "automate" - - role: apps/umami - vars: - port: 7088 - - role: apps/scripthost - vars: - port: 7089 - - role: apps/authentikate - vars: - port: 7090 - tasks: - - name: Personal DW drop - ansible.builtin.include_role: - name: apps/dumbware-drop - vars: - port: 7077 - pin: "8989" - - name: Javier Feliz Blog - ansible.builtin.include_role: - name: apps/ghost - vars: - ghost_instance_name: javierfeliz-blog - database_name: ghostcms_javierfelizblog - blog_url: "https://javierfeliz.com" - port: 7082 \ No newline at end of file + foundry_port: 9010 + filebrowser_port: 9011 + data_dir_name: "foundryvtt-ravensofravnica" + container_name: "foundryvtt-ravensofravnica" + # tasks: + # - name: Personal DW drop + # ansible.builtin.include_role: + # name: apps/dumbware-drop + # vars: + # port: 7077 + # pin: "8989" + # - name: Javier Feliz Blog + # ansible.builtin.include_role: + # name: apps/ghost + # vars: + # ghost_instance_name: javierfeliz-blog + # database_name: ghostcms_javierfelizblog + # blog_url: "https://javierfeliz.com" + # port: 7082 \ No newline at end of file diff --git a/playbooks/proxy/external.yml b/playbooks/proxy/external.yml index b1e8b73..8061bff 100644 --- a/playbooks/proxy/external.yml +++ b/playbooks/proxy/external.yml @@ -81,8 +81,11 @@ host: "{{ lookup('hostip', 'portainer_main') }}" port: 8989 - name: "auth" - host: "{{ lookup('hostip', 'portainer_main') }}" - port: 4501 + host: "{{ lookup('hostip', 'apps') }}" + port: 7090 + # Authentik + # host: "{{ lookup('hostip', 'portainer_main') }}" + # port: 4501 - name: "gist" host: "{{ lookup('hostip', 'portainer_main') }}" port: 5006 @@ -106,4 +109,13 @@ port: 7088 - name: "auth" host: "{{ lookup('hostip', 'apps') }}" - port: 7090 \ No newline at end of file + port: 7090 + - name: "ravensofravnica.stream" + dynamic_dns: true + sites: + - name: "vtt" + host: "{{ lookup('hostip', 'apps') }}" + port: 9010 + - name: "filemanagement" + host: "{{ lookup('hostip', 'apps') }}" + port: 9011 \ No newline at end of file diff --git a/roles/apps/authentikate/tasks/main.yml b/roles/apps/authentikate/tasks/main.yml index ddc6639..39d24c7 100644 --- a/roles/apps/authentikate/tasks/main.yml +++ b/roles/apps/authentikate/tasks/main.yml @@ -28,10 +28,13 @@ name: authentikate pull: true state: started + restart_policy: always ports: - "{{ port }}:8000" env: - APP_URL: "https://auth.melab.fyi" + APP_URL: "https://auth.thegrind.dev" + APP_DEBUG: "true" + APP_ENV: "local" APP_NAME: "The Grind Auth" APP_TIMEZONE: "America/New_York" APP_KEY: "base64:5T2vyytKe4gILICvEoNqBxoiSFwrY4qZ0/264gDHJxI=" @@ -43,6 +46,7 @@ DB_USERNAME: "authentikate" DB_PASSWORD: "password" LOG_CHANNEL: daily + ENABLE_PROD_TELESCOPE: "true" volumes: - "{{container_data_base_path}}/authentikate/keys:/app/storage/oauth" - "{{container_data_base_path}}/authentikate/avatars:/app/storage/avatars" \ No newline at end of file diff --git a/roles/apps/foundryvtt/defaults/main.yml b/roles/apps/foundryvtt/defaults/main.yml new file mode 100644 index 0000000..e69de29 diff --git a/roles/apps/foundryvtt/tasks/main.yml b/roles/apps/foundryvtt/tasks/main.yml new file mode 100644 index 0000000..e016036 --- /dev/null +++ b/roles/apps/foundryvtt/tasks/main.yml @@ -0,0 +1,29 @@ +- name: Set up container data + ansible.builtin.include_role: + role: docker/container-data + vars: + dir_name: "{{ data_dir_name }}" + +- name: Set up directories in container data + ansible.builtin.file: + path: "{{ container_data_base_path }}/{{ data_dir_name }}/{{ item }}" + state: directory + mode: '0777' + loop: + - foundry + - data + - config + +- name: Deploy foundry container + community.docker.docker_container: + name: "{{ container_name }}" + pull: true + state: started + restart_policy: unless-stopped + image: gitgud.foo/javif89/foundryvtt-docker:13.346.0 + ports: + - '{{ foundry_port }}:30000' + - '{{ filebrowser_port }}:8080' + volumes: + - "{{ container_data_base_path }}/{{ data_dir_name }}/data:/data" + - "{{ container_data_base_path }}/{{ data_dir_name }}/config:/config" \ No newline at end of file diff --git a/roles/apps/linkwarden/tasks/main.yml b/roles/apps/linkwarden/tasks/main.yml index 69624df..0f2f8b4 100644 --- a/roles/apps/linkwarden/tasks/main.yml +++ b/roles/apps/linkwarden/tasks/main.yml @@ -19,12 +19,12 @@ restart: true env: DATABASE_URL: "postgresql://linkwarden:password@{{ pg_host }}:{{ pg_port }}/linkwarden" - NEXT_PUBLIC_AUTHENTIK_ENABLED: "true" - AUTHENTIK_ISSUER: "https://auth.thegrind.dev/application/o/linkwarden" - AUTHENTIK_CLIENT_ID: "{{ linkwarden.authentik_client_id }}" - AUTHENTIK_CLIENT_SECRET: "{{ linkwarden.authentik_client_secret }}" + NEXT_PUBLIC_KEYCLOAK_ENABLED: "true" + KEYCLOAK_ISSUER: "https://auth.thegrind.dev" + KEYCLOAK_CLIENT_ID: "{{ linkwarden.authentik_client_id }}" + KEYCLOAK_CLIENT_SECRET: "{{ linkwarden.authentik_client_secret }}" + KEYCLOAK_CUSTOM_NAME: "BlinkerAuth" NEXT_PUBLIC_DISABLE_REGISTRATION: "true" - AUTHENTIK_CUSTOM_NAME: "BlinkerAuth" NEXT_PUBLIC_CREDENTIALS_ENABLED: "false" NEXTAUTH_SECRET: "{{ linkwarden.nextauth_secret }}" NEXTAUTH_URL: "{{ url }}/api/v1/auth"