Updates
This commit is contained in:
parent
f8aa45e2fb
commit
fe940fe107
12
docker/kan/docker-compose.yml
Normal file
12
docker/kan/docker-compose.yml
Normal file
@ -0,0 +1,12 @@
|
||||
services:
|
||||
web:
|
||||
image: ghcr.io/kanbn/kan:latest
|
||||
container_name: kan-web
|
||||
ports:
|
||||
- "7070:3000"
|
||||
environment:
|
||||
NEXT_PUBLIC_BASE_URL: http://localhost:3000
|
||||
BETTER_AUTH_SECRET: your_auth_secret
|
||||
POSTGRES_URL: postgresql://kan:password@10.89.0.102:5432/kan
|
||||
NEXT_PUBLIC_ALLOW_CREDENTIALS: true
|
||||
restart: unless-stopped
|
||||
@ -21,3 +21,5 @@ all:
|
||||
ansible_host: 10.89.0.106
|
||||
streaming:
|
||||
ansible_host: 10.89.0.107
|
||||
apps:
|
||||
ansible_host: 10.89.0.108
|
||||
|
||||
23
playbooks/apps/kan.yml
Normal file
23
playbooks/apps/kan.yml
Normal file
@ -0,0 +1,23 @@
|
||||
---
|
||||
- name: Deploy Kan.bn app
|
||||
hosts: apps
|
||||
become: true
|
||||
roles:
|
||||
- role: app/database
|
||||
vars:
|
||||
app_name: kan
|
||||
tasks:
|
||||
- name: Create kan-web container with correct ports
|
||||
community.docker.docker_container:
|
||||
name: kan-web
|
||||
image: ghcr.io/kanbn/kan:latest
|
||||
pull: true
|
||||
state: started
|
||||
restart_policy: unless-stopped
|
||||
ports:
|
||||
- "7070:3000"
|
||||
env:
|
||||
NEXT_PUBLIC_BASE_URL: "https://tasks.thegrind.dev"
|
||||
BETTER_AUTH_SECRET: "your_auth_secret"
|
||||
POSTGRES_URL: "postgresql://kan:password@10.89.0.102:5432/kan"
|
||||
NEXT_PUBLIC_ALLOW_CREDENTIALS: "true"
|
||||
@ -6,4 +6,4 @@
|
||||
- role: docker/install
|
||||
- role: docker/portainer
|
||||
- role: server/setup/sshkey
|
||||
- role: server/setup/webmin
|
||||
# - role: server/setup/webmin # Currently not working but fix eventually
|
||||
|
||||
0
databases.yml → roles/app/docker-compose/defaults/main.yml
Executable file → Normal file
0
databases.yml → roles/app/docker-compose/defaults/main.yml
Executable file → Normal file
0
roles/app/docker-compose/tasks/main.yml
Normal file
0
roles/app/docker-compose/tasks/main.yml
Normal file
@ -0,0 +1,45 @@
|
||||
---
|
||||
- name: Update apt cache
|
||||
ansible.builtin.apt:
|
||||
update_cache: yes
|
||||
|
||||
- name: Install prerequisite packages
|
||||
ansible.builtin.apt:
|
||||
name:
|
||||
- ca-certificates
|
||||
- curl
|
||||
state: present
|
||||
|
||||
- name: Create apt keyrings directory
|
||||
ansible.builtin.file:
|
||||
path: /etc/apt/keyrings
|
||||
state: directory
|
||||
mode: '0755'
|
||||
|
||||
- name: Download Docker GPG key
|
||||
ansible.builtin.get_url:
|
||||
url: "https://download.docker.com/linux/ubuntu/gpg"
|
||||
dest: /etc/apt/keyrings/docker.asc
|
||||
mode: '0644'
|
||||
|
||||
- name: Add Docker apt repository
|
||||
ansible.builtin.apt_repository:
|
||||
repo: "deb [arch={{ docker_arch }} signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu {{ ansible_distribution_release }} stable"
|
||||
filename: docker
|
||||
state: present
|
||||
vars:
|
||||
docker_arch: "{{ ansible_architecture | regex_replace('x86_64', 'amd64') }}"
|
||||
|
||||
- name: Update apt cache after adding Docker repository
|
||||
ansible.builtin.apt:
|
||||
update_cache: true
|
||||
|
||||
- name: Install Docker packages
|
||||
ansible.builtin.apt:
|
||||
name:
|
||||
- docker-ce
|
||||
- docker-ce-cli
|
||||
- containerd.io
|
||||
- docker-buildx-plugin
|
||||
- docker-compose-plugin
|
||||
state: present
|
||||
@ -0,0 +1,22 @@
|
||||
- name: Pull Portainer Agent image
|
||||
become: true
|
||||
community.docker.docker_image:
|
||||
name: portainer/agent
|
||||
tag: latest
|
||||
source: pull
|
||||
|
||||
- name: Deploy Portainer Agent container
|
||||
become: true
|
||||
community.docker.docker_container:
|
||||
name: portainer_agent
|
||||
image: portainer/agent
|
||||
pull: false # we already pulled above
|
||||
state: started
|
||||
restart_policy: always
|
||||
ports:
|
||||
- "9001:9001"
|
||||
volumes:
|
||||
- /var/run/docker.sock:/var/run/docker.sock
|
||||
- /var/lib/docker/volumes:/var/lib/docker/volumes
|
||||
- /:/host
|
||||
timeout: 120 # wait up to 2m for it to come up
|
||||
@ -1,4 +1,18 @@
|
||||
---
|
||||
- name: Grant database-level privileges on "{{ database }}"
|
||||
delegate_to: localhost
|
||||
community.postgresql.postgresql_privs:
|
||||
db: "{{ database }}"
|
||||
type: database
|
||||
objs: "{{ database }}"
|
||||
privs: "CREATE"
|
||||
role: "{{ user }}"
|
||||
state: present
|
||||
login_host: "{{ pg_host }}"
|
||||
login_port: "{{ pg_port }}"
|
||||
login_user: "{{ pg_user }}"
|
||||
login_password: "{{ pg_password }}"
|
||||
|
||||
- name: Give user full priviledges on database
|
||||
delegate_to: localhost
|
||||
community.postgresql.postgresql_privs:
|
||||
|
||||
@ -0,0 +1,8 @@
|
||||
# roles/webmin/defaults/main.yml
|
||||
webmin_repo_url: https://download.webmin.com
|
||||
webmin_dist: stable
|
||||
webmin_section: contrib
|
||||
|
||||
# Optional HTTP auth
|
||||
webmin_auth_user: javi
|
||||
webmin_auth_pass: password
|
||||
@ -1,40 +1,66 @@
|
||||
---
|
||||
- name: Install required dependencies
|
||||
- name: Remove any old/malformed Webmin sources list
|
||||
ansible.builtin.file:
|
||||
path: /etc/apt/sources.list.d/webmin.list
|
||||
state: absent
|
||||
|
||||
- name: Remove any old Webmin keyring
|
||||
ansible.builtin.file:
|
||||
path: /usr/share/keyrings/webmin-archive-keyring.gpg
|
||||
state: absent
|
||||
|
||||
- name: Install Webmin GPG key into its own keyring
|
||||
ansible.builtin.apt_key:
|
||||
url: https://download.webmin.com/developers-key.asc
|
||||
keyring: /usr/share/keyrings/webmin-archive-keyring.gpg
|
||||
state: present
|
||||
|
||||
- name: Add Webmin APT repository
|
||||
ansible.builtin.apt_repository:
|
||||
filename: webmin
|
||||
repo: >-
|
||||
deb [signed-by=/usr/share/keyrings/webmin-archive-keyring.gpg]
|
||||
https://download.webmin.com/download/repository
|
||||
sarge contrib
|
||||
state: present
|
||||
|
||||
- name: Ensure apt prerequisites are installed
|
||||
ansible.builtin.apt:
|
||||
name:
|
||||
- wget
|
||||
- curl
|
||||
- gnupg
|
||||
- apt-transport-https
|
||||
- software-properties-common
|
||||
- ca-certificates
|
||||
state: present
|
||||
update_cache: true
|
||||
|
||||
- name: Add Webmin repository
|
||||
- name: Configure APT HTTP auth for Webmin
|
||||
when: webmin_auth_user is defined and webmin_auth_pass is defined
|
||||
ansible.builtin.copy:
|
||||
dest: /etc/apt/sources.list.d/webmin.list
|
||||
content: "deb http://download.webmin.com/download/repository sarge contrib"
|
||||
owner: javi
|
||||
group: javi
|
||||
mode: '0777'
|
||||
dest: /etc/apt/auth.conf.d/webmin.conf
|
||||
mode: '0600'
|
||||
content: |
|
||||
machine {{ webmin_repo_url | regex_replace('^https?://','') }}
|
||||
login {{ webmin_auth_user }}
|
||||
password {{ webmin_auth_pass }}
|
||||
|
||||
- name: Add Webmin GPG key
|
||||
ansible.builtin.apt_key:
|
||||
url: https://www.webmin.com/jcameron-key.asc
|
||||
state: present
|
||||
- name: Remove old Webmin preference file
|
||||
ansible.builtin.file:
|
||||
path: /etc/apt/preferences.d/webmin-stable-package-priority
|
||||
state: absent
|
||||
|
||||
- name: Update apt cache
|
||||
- name: Refresh apt cache
|
||||
ansible.builtin.apt:
|
||||
update_cache: true
|
||||
|
||||
- name: Install Webmin with recommended packages
|
||||
- name: Install Webmin
|
||||
ansible.builtin.apt:
|
||||
name:
|
||||
- webmin
|
||||
state: present
|
||||
update_cache: true
|
||||
install_recommends: true
|
||||
|
||||
- name: Ensure Webmin service is enabled and running
|
||||
ansible.builtin.systemd:
|
||||
- name: Ensure Webmin service is enabled & started
|
||||
ansible.builtin.service:
|
||||
name: webmin
|
||||
state: started
|
||||
enabled: true
|
||||
state: started
|
||||
Loading…
x
Reference in New Issue
Block a user