Added foundryvtt

playbooks/nodes/apps.yml

@@ -3,77 +3,83 @@
   hosts: apps
   become: true
   roles:
-    - role: apps/memos
+    # - role: apps/memos
-      vars:
-        port: 7071
-    - role: apps/vaultwarden
-      vars:
-        port: 7072
-    - role: apps/stirling-pdf
-      vars:
-        port: 7075
-    - role: apps/flowtodo
-      vars:
-        port: 7076
-    - role: apps/outline-wiki
-      vars:
-        port: 7083
-        url: "https://docs.thegrind.dev"
-        container_name: "the-grind-outline-wiki"
-        outline_db_name: "the_grind_docs"
-        data_dir_name: "the-grind-docs"
-        secret_key: "42f5ab8c01771f40f1e1bae554b82b883f25ab13a79767ffc57e8c31ab172c43"
-        utils_secret_key: "f8410c6a12da5e92ac4200ef923fe516bed3cef2abacfb1877e32f2f1c63a325"
-        oidc_client_id: "XfaDJwpZfdHXiK6kulZiAK9nCliUieOdW0Ah1jJ1"
-        oidc_client_secret: "FtouI96uTg4YJc3ViSfcQ9SdubviXiPULne5tKyIXKbHxDczdlZoWkpwroobEGcgxrJaMFmdX6vBLJACZJVojFW1DJLyqt7gTAo6SmfuL7cJVzAnvDagxWJtamqhkKGR"
-        oidc_auth_uri: "https://auth.thegrind.dev/application/o/authorize/"
-        oidc_token_uri: "https://auth.thegrind.dev/application/o/token/"
-        oidc_userinfo_uri: "https://auth.thegrind.dev/application/o/userinfo/"
-        oidc_logout_uri: "https://auth.thegrind.dev/application/o/the-grind-docs/end-session/"
-        odic_button_text: "The Grind Auth"
-    # - role: apps/postiz
     #   vars:
-    #     port: 7084
+    #     port: 7071
-    #     url: "https://postiz.blinker.club"
+    # - role: apps/vaultwarden
-    #     postiz_instance_name: "postiz-main"
+    #   vars:
-    #     postiz_db_name: "postiz_main"
+    #     port: 7072
-    #     jwt_secret: "42cd08e857d0178075a305d7511c778336a501951ae0e4f05bf5ad862f611e72"
+    # - role: apps/stirling-pdf
-    - role: apps/planka
+    #   vars:
+    #     port: 7075
+    # - role: apps/flowtodo
+    #   vars:
+    #     port: 7076
+    # - role: apps/outline-wiki
+    #   vars:
+    #     port: 7083
+    #     url: "https://docs.thegrind.dev"
+    #     container_name: "the-grind-outline-wiki"
+    #     outline_db_name: "the_grind_docs"
+    #     data_dir_name: "the-grind-docs"
+    #     secret_key: "42f5ab8c01771f40f1e1bae554b82b883f25ab13a79767ffc57e8c31ab172c43"
+    #     utils_secret_key: "f8410c6a12da5e92ac4200ef923fe516bed3cef2abacfb1877e32f2f1c63a325"
+    #     oidc_client_id: "XfaDJwpZfdHXiK6kulZiAK9nCliUieOdW0Ah1jJ1"
+    #     oidc_client_secret: "FtouI96uTg4YJc3ViSfcQ9SdubviXiPULne5tKyIXKbHxDczdlZoWkpwroobEGcgxrJaMFmdX6vBLJACZJVojFW1DJLyqt7gTAo6SmfuL7cJVzAnvDagxWJtamqhkKGR"
+    #     oidc_auth_uri: "https://auth.thegrind.dev/application/o/authorize/"
+    #     oidc_token_uri: "https://auth.thegrind.dev/application/o/token/"
+    #     oidc_userinfo_uri: "https://auth.thegrind.dev/application/o/userinfo/"
+    #     oidc_logout_uri: "https://auth.thegrind.dev/application/o/the-grind-docs/end-session/"
+    #     odic_button_text: "The Grind Auth"
+    # # - role: apps/postiz
+    # #   vars:
+    # #     port: 7084
+    # #     url: "https://postiz.blinker.club"
+    # #     postiz_instance_name: "postiz-main"
+    # #     postiz_db_name: "postiz_main"
+    # #     jwt_secret: "42cd08e857d0178075a305d7511c778336a501951ae0e4f05bf5ad862f611e72"
+    # - role: apps/planka
+    #   vars:
+    #     port: 7085
+    #     url: "https://tasks.thegrind.dev"
+    # - role: apps/filebrowser
+    #   vars:
+    #     container_name: "filebrowser-javi"
+    #     instance_name: "javi"
+    #     share: "javi"
+    #     port: 7086
+    # - role: apps/n8n
+    #   vars:
+    #     port: 7087
+    #     domain: "melab.fyi"
+    #     subdomain: "automate"
+    # - role: apps/umami
+    #   vars:
+    #     port: 7088
+    # - role: apps/scripthost
+    #   vars:
+    #     port: 7089
+    # - role: apps/authentikate
+    #   vars:
+    #     port: 7090
+    - role: apps/foundryvtt
       vars:
-        port: 7085
+        foundry_port: 9010 
-        url: "https://tasks.thegrind.dev"
+        filebrowser_port: 9011 
-    - role: apps/filebrowser
+        data_dir_name: "foundryvtt-ravensofravnica"
-      vars:
+        container_name: "foundryvtt-ravensofravnica"
-        container_name: "filebrowser-javi"
+  # tasks:
-        instance_name: "javi"
+  #   - name: Personal DW drop
-        share: "javi"
+  #     ansible.builtin.include_role:
-        port: 7086
+  #         name: apps/dumbware-drop
-    - role: apps/n8n
+  #     vars:
-      vars:
+  #       port: 7077
-        port: 7087
+  #       pin: "8989"
-        domain: "melab.fyi"
+  #   - name: Javier Feliz Blog 
-        subdomain: "automate"
+  #     ansible.builtin.include_role:
-    - role: apps/umami
+  #       name: apps/ghost
-      vars:
+  #     vars:
-        port: 7088
+  #       ghost_instance_name: javierfeliz-blog 
-    - role: apps/scripthost
+  #       database_name: ghostcms_javierfelizblog
-      vars:
+  #       blog_url: "https://javierfeliz.com"
-        port: 7089
+  #       port: 7082
-    - role: apps/authentikate
-      vars:
-        port: 7090
-  tasks:
-    - name: Personal DW drop
-      ansible.builtin.include_role:
-          name: apps/dumbware-drop
-      vars:
-        port: 7077
-        pin: "8989"
-    - name: Javier Feliz Blog 
-      ansible.builtin.include_role:
-        name: apps/ghost
-      vars:
-        ghost_instance_name: javierfeliz-blog 
-        database_name: ghostcms_javierfelizblog
-        blog_url: "https://javierfeliz.com"
-        port: 7082

playbooks/proxy/external.yml

@@ -81,8 +81,11 @@
             host: "{{ lookup('hostip', 'portainer_main') }}"
             port: 8989
           - name: "auth"
-            host: "{{ lookup('hostip', 'portainer_main') }}"
+            host: "{{ lookup('hostip', 'apps') }}"
-            port: 4501
+            port: 7090
+            # Authentik
+            # host: "{{ lookup('hostip', 'portainer_main') }}"
+            # port: 4501
           - name: "gist"
             host: "{{ lookup('hostip', 'portainer_main') }}"
             port: 5006
@@ -106,4 +109,13 @@
             port: 7088
           - name: "auth"
             host: "{{ lookup('hostip', 'apps') }}"
-            port: 7090
+            port: 7090
+      - name: "ravensofravnica.stream"
+        dynamic_dns: true
+        sites:
+          - name: "vtt"
+            host: "{{ lookup('hostip', 'apps') }}"
+            port: 9010 
+          - name: "filemanagement"
+            host: "{{ lookup('hostip', 'apps') }}"
+            port: 9011 

roles/apps/authentikate/tasks/main.yml

@@ -28,10 +28,13 @@
     name: authentikate
     pull: true
     state: started
+    restart_policy: always
     ports:
       - "{{ port }}:8000"
     env:
-      APP_URL: "https://auth.melab.fyi"
+      APP_URL: "https://auth.thegrind.dev"
+      APP_DEBUG: "true"
+      APP_ENV: "local"
       APP_NAME: "The Grind Auth"
       APP_TIMEZONE: "America/New_York"
       APP_KEY: "base64:5T2vyytKe4gILICvEoNqBxoiSFwrY4qZ0/264gDHJxI="
@@ -43,6 +46,7 @@
       DB_USERNAME: "authentikate"
       DB_PASSWORD: "password"
       LOG_CHANNEL: daily
+      ENABLE_PROD_TELESCOPE: "true"
     volumes:
       - "{{container_data_base_path}}/authentikate/keys:/app/storage/oauth" 
       - "{{container_data_base_path}}/authentikate/avatars:/app/storage/avatars" 

roles/apps/foundryvtt/tasks/main.yml

@@ -0,0 +1,29 @@
+- name: Set up container data
+  ansible.builtin.include_role:
+    role: docker/container-data
+  vars:
+    dir_name: "{{ data_dir_name }}"
+
+- name: Set up directories in container data
+  ansible.builtin.file:
+    path: "{{ container_data_base_path }}/{{ data_dir_name }}/{{ item }}"
+    state: directory
+    mode: '0777'
+  loop:
+    - foundry
+    - data
+    - config
+
+- name: Deploy foundry container
+  community.docker.docker_container:
+    name: "{{ container_name }}"
+    pull: true
+    state: started
+    restart_policy: unless-stopped
+    image: gitgud.foo/javif89/foundryvtt-docker:13.346.0
+    ports:
+      - '{{ foundry_port }}:30000'
+      - '{{ filebrowser_port }}:8080'
+    volumes:
+      - "{{ container_data_base_path }}/{{ data_dir_name }}/data:/data"
+      - "{{ container_data_base_path }}/{{ data_dir_name }}/config:/config"

roles/apps/linkwarden/tasks/main.yml

@@ -19,12 +19,12 @@
     restart: true
     env:
       DATABASE_URL: "postgresql://linkwarden:password@{{ pg_host }}:{{ pg_port }}/linkwarden"
-      NEXT_PUBLIC_AUTHENTIK_ENABLED: "true"
+      NEXT_PUBLIC_KEYCLOAK_ENABLED: "true"
-      AUTHENTIK_ISSUER: "https://auth.thegrind.dev/application/o/linkwarden"
+      KEYCLOAK_ISSUER: "https://auth.thegrind.dev"
-      AUTHENTIK_CLIENT_ID: "{{ linkwarden.authentik_client_id }}"
+      KEYCLOAK_CLIENT_ID: "{{ linkwarden.authentik_client_id }}"
-      AUTHENTIK_CLIENT_SECRET: "{{ linkwarden.authentik_client_secret }}"
+      KEYCLOAK_CLIENT_SECRET: "{{ linkwarden.authentik_client_secret }}"
+      KEYCLOAK_CUSTOM_NAME: "BlinkerAuth"
       NEXT_PUBLIC_DISABLE_REGISTRATION: "true"
-      AUTHENTIK_CUSTOM_NAME: "BlinkerAuth"
       NEXT_PUBLIC_CREDENTIALS_ENABLED: "false"
       NEXTAUTH_SECRET: "{{ linkwarden.nextauth_secret }}"
       NEXTAUTH_URL: "{{ url }}/api/v1/auth"