Include glitchtip provisioning

2025-04-27 17:10:41 +02:00 · 2025-04-27 17:10:41 +02:00 · 0d7666185c
commit 0d7666185c
parent 86a81c6e52
6 changed files with 119 additions and 4 deletions
--- a/host_vars/fudiggity/glitchtip.yml
+++ b/host_vars/fudiggity/glitchtip.yml
@ -0,0 +1,14 @@
+glitchtip_image_tag: glitchtip/glitchtip:v4.2
+
+glitchtip_app_dir: /srv/docker/glitchtip
+
+glitchtip_secret_key: !vault |
+          $ANSIBLE_VAULT;1.1;AES256
+          37363333306434636331626231663964626631616131326335333832323939363865353431633233
+          6263363535646132316130373536303466613436656636300a333231383137326634326230343661
+          63333933363038333865633930663562306163613164623731613866353861616435373865666330
+          6131663965663836300a636366386432666133343364353763333731376561646338383531613363
+          32383834646461383562303564663135633932616536646134393632626664376335373136383638
+          35323934653664666530343562363461396230333435336166343033643732663766383633343337
+          30303938633939623830363661633936323031373362353363346530363535613363393432666462
+          37643033336130393166
--- a/host_vars/fudiggity/network.yml
+++ b/host_vars/fudiggity/network.yml
@ -48,7 +48,7 @@ newsreader_port: 5000
 newsreader_domain: rss.fudiggity.nl

 glitchtip_ip: 127.0.0.1
-glitchtip_port: 7200
+glitchtip_app_port: 7200
 glitchtip_domain: glitchtip.fudiggity.nl

 syncthing_domain: 'syncthing.{{ domain_name }}'
--- a/playbook.yml
+++ b/playbook.yml
@ -53,6 +53,10 @@
    - name: Forgejo provisioning
      ansible.builtin.import_tasks: tasks/forgejo.yml
      tags: forgejo
+
+    - name: Glitchtip provisioning
+      ansible.builtin.import_tasks: tasks/glitchtip.yml
+      tags: glitchtip
  handlers:
    - name: Import handlers
      ansible.builtin.import_tasks: 'handlers.yml'
--- a/tasks/glitchtip.yml
+++ b/tasks/glitchtip.yml
@ -0,0 +1,42 @@
+- name: Create required directories
+  become: true
+  ansible.builtin.file:
+    path: '{{ item.path }}'
+    state: '{{ item.state }}'
+    mode: '{{ item.mode }}'
+    owner: '{{ item.owner }}'
+    group: '{{ item.group }}'
+  loop:
+    - path: '{{ glitchtip_app_dir }}'
+      owner: sonny
+      group: sonny
+      state: directory
+      mode: '0755'
+
+- name: Copy docker-compose file
+  ansible.builtin.template:
+    src: templates/glitchtip/docker-compose.j2
+    dest: '{{ glitchtip_app_dir }}/docker-compose.yml'
+    mode: '0750'
+
+- name: Stop current containers
+  community.docker.docker_compose_v2:
+    project_src: '{{ glitchtip_app_dir }}'
+    state: stopped
+
+- name: Pull missing image
+  community.docker.docker_compose_v2:
+    project_src: '{{ glitchtip_app_dir }}'
+    pull: missing
+    state: stopped
+
+- name: Remove dangling containers
+  community.docker.docker_compose_v2:
+    project_src: '{{ glitchtip_app_dir }}'
+    remove_orphans: true
+    state: stopped
+
+- name: Start container
+  community.docker.docker_compose_v2:
+    project_src: '{{ glitchtip_app_dir }}'
+    state: present
--- a/templates/glitchtip/docker-compose.j2
+++ b/templates/glitchtip/docker-compose.j2
@ -0,0 +1,55 @@
+# {{ ansible_managed }}
+
+x-environment: &default-environment
+  DATABASE_URL: postgres://postgres:postgres@postgres:5432/postgres
+  SECRET_KEY: '{{ glitchtip_secret_key }}'
+  PORT: {{ glitchtip_app_port }}
+  EMAIL_URL: consolemail://
+  GLITCHTIP_DOMAIN: 'https://{{ glitchtip_domain }}'
+  DEFAULT_FROM_EMAIL: email@example.com
+  CELERY_WORKER_AUTOSCALE: "1,3"
+  CSP_DEFAULT_SRC: "'self',{{ glitchtip_domain }}"
+  CORS_ORIGIN_WHITELIST: https://{{ glitchtip_domain }}
+  CSRF_TRUSTED_ORIGINS: https://{{ glitchtip_domain }}
+
+x-depends_on: &default-depends_on
+  - postgres
+  - redis
+
+services:
+  postgres:
+    image: postgres:17
+    environment:
+      POSTGRES_HOST_AUTH_METHOD: 'trust'
+    restart: always
+    volumes:
+      - pg-data:/var/lib/postgresql/data
+  redis:
+    image: valkey/valkey
+    restart: always
+  web:
+    image: '{{ glitchtip_image_tag }}'
+    depends_on: *default-depends_on
+    ports:
+      - '{{ glitchtip_app_port }}:7200'
+    environment: *default-environment
+    restart: always
+    volumes:
+      - uploads:/code/uploads
+  worker:
+    image: '{{ glitchtip_image_tag }}'
+    command: ./bin/run-celery-with-beat.sh
+    depends_on: *default-depends_on
+    environment: *default-environment
+    restart: always
+    volumes:
+      - uploads:/code/uploads
+  migrate:
+    image: '{{ glitchtip_image_tag }}'
+    depends_on: *default-depends_on
+    command: ./bin/run-migrate.sh
+    environment: *default-environment
+
+volumes:
+  pg-data:
+  uploads:
--- a/templates/nginx/glitchtip.j2
+++ b/templates/nginx/glitchtip.j2
@ -13,11 +13,11 @@ server {
  client_max_body_size 40M;

 	location / {
-		proxy_set_header X-Real-IP 		$remote_addr;
+		proxy_set_header X-Real-IP          $remote_addr;
 		proxy_set_header X-Forwarded-For   	$proxy_add_x_forwarded_for;
-		proxy_set_header X-Forwarded-Ssl     	on;
+		proxy_set_header X-Forwarded-Ssl    on;
 		proxy_set_header X-Forwarded-Proto 	$scheme;

-		proxy_pass 				http://{{ glitchtip_ip }}:{{ glitchtip_port }};
+		proxy_pass                          http://{{ glitchtip_ip }}:{{ glitchtip_app_port }};
 	}
 }