javif89/homelab-ansible
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Added foundryvtt

Browse Source
This commit is contained in:
Javier Feliz 2025-08-06 17:55:42 -04:00
parent 44fcf92786
commit 68d5cb764e
6 changed files with 132 additions and 81 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

150
playbooks/nodes/apps.yml
View File

@ -3,77 +3,83 @@
hosts: apps
become: true
roles:
- role: apps/memos
vars:
port: 7071
- role: apps/vaultwarden
vars:
port: 7072
- role: apps/stirling-pdf
vars:
port: 7075
- role: apps/flowtodo
vars:
port: 7076
- role: apps/outline-wiki
vars:
port: 7083
url: "https://docs.thegrind.dev"
container_name: "the-grind-outline-wiki"
outline_db_name: "the_grind_docs"
data_dir_name: "the-grind-docs"
secret_key: "42f5ab8c01771f40f1e1bae554b82b883f25ab13a79767ffc57e8c31ab172c43"
utils_secret_key: "f8410c6a12da5e92ac4200ef923fe516bed3cef2abacfb1877e32f2f1c63a325"
oidc_client_id: "XfaDJwpZfdHXiK6kulZiAK9nCliUieOdW0Ah1jJ1"
oidc_client_secret: "FtouI96uTg4YJc3ViSfcQ9SdubviXiPULne5tKyIXKbHxDczdlZoWkpwroobEGcgxrJaMFmdX6vBLJACZJVojFW1DJLyqt7gTAo6SmfuL7cJVzAnvDagxWJtamqhkKGR"
oidc_auth_uri: "https://auth.thegrind.dev/application/o/authorize/"
oidc_token_uri: "https://auth.thegrind.dev/application/o/token/"
oidc_userinfo_uri: "https://auth.thegrind.dev/application/o/userinfo/"
oidc_logout_uri: "https://auth.thegrind.dev/application/o/the-grind-docs/end-session/"
odic_button_text: "The Grind Auth"
# - role: apps/postiz
# - role: apps/memos
# vars:
# port: 7084
# url: "https://postiz.blinker.club"
# postiz_instance_name: "postiz-main"
# postiz_db_name: "postiz_main"
# jwt_secret: "42cd08e857d0178075a305d7511c778336a501951ae0e4f05bf5ad862f611e72"
- role: apps/planka
# port: 7071
# - role: apps/vaultwarden
# vars:
# port: 7072
# - role: apps/stirling-pdf
# vars:
# port: 7075
# - role: apps/flowtodo
# vars:
# port: 7076
# - role: apps/outline-wiki
# vars:
# port: 7083
# url: "https://docs.thegrind.dev"
# container_name: "the-grind-outline-wiki"
# outline_db_name: "the_grind_docs"
# data_dir_name: "the-grind-docs"
# secret_key: "42f5ab8c01771f40f1e1bae554b82b883f25ab13a79767ffc57e8c31ab172c43"
# utils_secret_key: "f8410c6a12da5e92ac4200ef923fe516bed3cef2abacfb1877e32f2f1c63a325"
# oidc_client_id: "XfaDJwpZfdHXiK6kulZiAK9nCliUieOdW0Ah1jJ1"
# oidc_client_secret: "FtouI96uTg4YJc3ViSfcQ9SdubviXiPULne5tKyIXKbHxDczdlZoWkpwroobEGcgxrJaMFmdX6vBLJACZJVojFW1DJLyqt7gTAo6SmfuL7cJVzAnvDagxWJtamqhkKGR"
# oidc_auth_uri: "https://auth.thegrind.dev/application/o/authorize/"
# oidc_token_uri: "https://auth.thegrind.dev/application/o/token/"
# oidc_userinfo_uri: "https://auth.thegrind.dev/application/o/userinfo/"
# oidc_logout_uri: "https://auth.thegrind.dev/application/o/the-grind-docs/end-session/"
# odic_button_text: "The Grind Auth"
# # - role: apps/postiz
# # vars:
# # port: 7084
# # url: "https://postiz.blinker.club"
# # postiz_instance_name: "postiz-main"
# # postiz_db_name: "postiz_main"
# # jwt_secret: "42cd08e857d0178075a305d7511c778336a501951ae0e4f05bf5ad862f611e72"
# - role: apps/planka
# vars:
# port: 7085
# url: "https://tasks.thegrind.dev"
# - role: apps/filebrowser
# vars:
# container_name: "filebrowser-javi"
# instance_name: "javi"
# share: "javi"
# port: 7086
# - role: apps/n8n
# vars:
# port: 7087
# domain: "melab.fyi"
# subdomain: "automate"
# - role: apps/umami
# vars:
# port: 7088
# - role: apps/scripthost
# vars:
# port: 7089
# - role: apps/authentikate
# vars:
# port: 7090
- role: apps/foundryvtt
vars:
port: 7085
url: "https://tasks.thegrind.dev"
- role: apps/filebrowser
vars:
container_name: "filebrowser-javi"
instance_name: "javi"
share: "javi"
port: 7086
- role: apps/n8n
vars:
port: 7087
domain: "melab.fyi"
subdomain: "automate"
- role: apps/umami
vars:
port: 7088
- role: apps/scripthost
vars:
port: 7089
- role: apps/authentikate
vars:
port: 7090
tasks:
- name: Personal DW drop
ansible.builtin.include_role:
name: apps/dumbware-drop
vars:
port: 7077
pin: "8989"
- name: Javier Feliz Blog
ansible.builtin.include_role:
name: apps/ghost
vars:
ghost_instance_name: javierfeliz-blog
database_name: ghostcms_javierfelizblog
blog_url: "https://javierfeliz.com"
port: 7082
foundry_port: 9010
filebrowser_port: 9011
data_dir_name: "foundryvtt-ravensofravnica"
container_name: "foundryvtt-ravensofravnica"
# tasks:
# - name: Personal DW drop
# ansible.builtin.include_role:
# name: apps/dumbware-drop
# vars:
# port: 7077
# pin: "8989"
# - name: Javier Feliz Blog
# ansible.builtin.include_role:
# name: apps/ghost
# vars:
# ghost_instance_name: javierfeliz-blog
# database_name: ghostcms_javierfelizblog
# blog_url: "https://javierfeliz.com"
# port: 7082

18
playbooks/proxy/external.yml
View File

@ -81,8 +81,11 @@
host: "{{ lookup('hostip', 'portainer_main') }}"
port: 8989
- name: "auth"
host: "{{ lookup('hostip', 'portainer_main') }}"
port: 4501
host: "{{ lookup('hostip', 'apps') }}"
port: 7090
# Authentik
# host: "{{ lookup('hostip', 'portainer_main') }}"
# port: 4501
- name: "gist"
host: "{{ lookup('hostip', 'portainer_main') }}"
port: 5006
@ -106,4 +109,13 @@
port: 7088
- name: "auth"
host: "{{ lookup('hostip', 'apps') }}"
port: 7090
port: 7090
- name: "ravensofravnica.stream"
dynamic_dns: true
sites:
- name: "vtt"
host: "{{ lookup('hostip', 'apps') }}"
port: 9010
- name: "filemanagement"
host: "{{ lookup('hostip', 'apps') }}"
port: 9011

6
roles/apps/authentikate/tasks/main.yml
View File

@ -28,10 +28,13 @@
name: authentikate
pull: true
state: started
restart_policy: always
ports:
- "{{ port }}:8000"
env:
APP_URL: "https://auth.melab.fyi"
APP_URL: "https://auth.thegrind.dev"
APP_DEBUG: "true"
APP_ENV: "local"
APP_NAME: "The Grind Auth"
APP_TIMEZONE: "America/New_York"
APP_KEY: "base64:5T2vyytKe4gILICvEoNqBxoiSFwrY4qZ0/264gDHJxI="
@ -43,6 +46,7 @@
DB_USERNAME: "authentikate"
DB_PASSWORD: "password"
LOG_CHANNEL: daily
ENABLE_PROD_TELESCOPE: "true"
volumes:
- "{{container_data_base_path}}/authentikate/keys:/app/storage/oauth"
- "{{container_data_base_path}}/authentikate/avatars:/app/storage/avatars"

0
roles/apps/foundryvtt/defaults/main.yml Normal file
View File

29
roles/apps/foundryvtt/tasks/main.yml Normal file
View File

@ -0,0 +1,29 @@
- name: Set up container data
ansible.builtin.include_role:
role: docker/container-data
vars:
dir_name: "{{ data_dir_name }}"
- name: Set up directories in container data
ansible.builtin.file:
path: "{{ container_data_base_path }}/{{ data_dir_name }}/{{ item }}"
state: directory
mode: '0777'
loop:
- foundry
- data
- config
- name: Deploy foundry container
community.docker.docker_container:
name: "{{ container_name }}"
pull: true
state: started
restart_policy: unless-stopped
image: gitgud.foo/javif89/foundryvtt-docker:13.346.0
ports:
- '{{ foundry_port }}:30000'
- '{{ filebrowser_port }}:8080'
volumes:
- "{{ container_data_base_path }}/{{ data_dir_name }}/data:/data"
- "{{ container_data_base_path }}/{{ data_dir_name }}/config:/config"

10
roles/apps/linkwarden/tasks/main.yml
View File

@ -19,12 +19,12 @@
restart: true
env:
DATABASE_URL: "postgresql://linkwarden:password@{{ pg_host }}:{{ pg_port }}/linkwarden"
NEXT_PUBLIC_AUTHENTIK_ENABLED: "true"
AUTHENTIK_ISSUER: "https://auth.thegrind.dev/application/o/linkwarden"
AUTHENTIK_CLIENT_ID: "{{ linkwarden.authentik_client_id }}"
AUTHENTIK_CLIENT_SECRET: "{{ linkwarden.authentik_client_secret }}"
NEXT_PUBLIC_KEYCLOAK_ENABLED: "true"
KEYCLOAK_ISSUER: "https://auth.thegrind.dev"
KEYCLOAK_CLIENT_ID: "{{ linkwarden.authentik_client_id }}"
KEYCLOAK_CLIENT_SECRET: "{{ linkwarden.authentik_client_secret }}"
KEYCLOAK_CUSTOM_NAME: "BlinkerAuth"
NEXT_PUBLIC_DISABLE_REGISTRATION: "true"
AUTHENTIK_CUSTOM_NAME: "BlinkerAuth"
NEXT_PUBLIC_CREDENTIALS_ENABLED: "false"
NEXTAUTH_SECRET: "{{ linkwarden.nextauth_secret }}"
NEXTAUTH_URL: "{{ url }}/api/v1/auth"