Include newsreader provisioning
This commit is contained in:
parent
295f497bcf
commit
e5c4cf490f
7 changed files with 162 additions and 8 deletions
|
|
@ -44,7 +44,7 @@ woodpecker_app_port: 7000
|
|||
woodpecker_domain: woodpecker.fudiggity.nl
|
||||
|
||||
newsreader_ip: 127.0.0.1
|
||||
newsreader_port: 5000
|
||||
newsreader_nginx_port: 5000
|
||||
newsreader_domain: rss.fudiggity.nl
|
||||
|
||||
glitchtip_ip: 127.0.0.1
|
||||
|
|
|
|||
39
host_vars/fudiggity/newsreader.yml
Normal file
39
host_vars/fudiggity/newsreader.yml
Normal file
|
|
@ -0,0 +1,39 @@
|
|||
newsreader_app_name: newsreader
|
||||
newsreader_app_repository: https://forgejo.fudiggity.nl/sonny/newsreader
|
||||
newsreader_app_ref: 0.5.3
|
||||
newsreader_app_dir: /srv/docker/newsreader
|
||||
|
||||
newsreader_postgres_host: db
|
||||
newsreader_postgres_port: 5432
|
||||
newsreader_postgres_db: newsreader
|
||||
newsreader_postgres_user: newsreader
|
||||
newsreader_postgres_password: !vault |
|
||||
$ANSIBLE_VAULT;1.1;AES256
|
||||
65613063373266623636626561646639393263313030386337633737636137363730353561356339
|
||||
6433646638316465623338396637623732623563643561640a616639393639356533316431663665
|
||||
30646637363364353062353338303331343234626138653037373661636234373238343264356265
|
||||
6539643939376662650a613631636531383534666435383763613038393966633031353765323234
|
||||
62613865373661333661373562366466333732663737643739663862376466646331386133326364
|
||||
6638366665623036666634616131636634663933323136303334
|
||||
|
||||
newsreader_django_settings_module: newsreader.conf.production
|
||||
newsreader_django_secret_key: !vault |
|
||||
$ANSIBLE_VAULT;1.1;AES256
|
||||
65353236663439393937623930623830313365663766663966343661376662366131313838316536
|
||||
3430633837666138633063333630373338366331653865320a646563663262656464636434323166
|
||||
63616435356533643735343165363761336537616439303464353164633233626632666263636633
|
||||
3237613866353131300a653366313635313365623539393438383434653134396137666533353063
|
||||
63363335643135653535613231653434653566343964363431636264633963326239646633663031
|
||||
38323266326165303064333666653630316634383864666232376165393362323261363833376334
|
||||
323636376639353730366332323039633036
|
||||
|
||||
newsreader_sentry_dsn: !vault |
|
||||
$ANSIBLE_VAULT;1.1;AES256
|
||||
33323865313232393535336363613261663030656465323734323266303837393561633435613736
|
||||
3135353435633337346363316262373431393738303033390a333230343037656266366539323366
|
||||
31373761356431666332396665393564656662396339393531326232366333323861376133653664
|
||||
3739646664623230630a366239623838393766666237643663626261636237393839646136303931
|
||||
66396263623432636430643839336463343438383461646165666131633762646438663532313633
|
||||
66343562376632316665356163633064336530346463636432396537363938363062333861656362
|
||||
63333832663737396330366430336632376638393632656565376436653839363634373437376261
|
||||
36313337616533633239
|
||||
|
|
@ -61,6 +61,10 @@
|
|||
- name: Woodpecker CI provisioning
|
||||
ansible.builtin.import_tasks: tasks/woodpecker_ci.yml
|
||||
tags: woodpecker-ci
|
||||
|
||||
- name: Newsreader provisioning
|
||||
ansible.builtin.import_tasks: tasks/newsreader.yml
|
||||
tags: newsreader
|
||||
handlers:
|
||||
- name: Import handlers
|
||||
ansible.builtin.import_tasks: 'handlers.yml'
|
||||
|
|
|
|||
58
tasks/newsreader.yml
Normal file
58
tasks/newsreader.yml
Normal file
|
|
@ -0,0 +1,58 @@
|
|||
- name: Create newsreader app directory
|
||||
become: true
|
||||
ansible.builtin.file:
|
||||
path: '{{ newsreader_app_dir }}'
|
||||
state: directory
|
||||
owner: sonny
|
||||
group: sonny
|
||||
mode: '0755'
|
||||
|
||||
- name: Clone project
|
||||
ansible.builtin.git:
|
||||
repo: '{{ newsreader_app_repository }}'
|
||||
dest: '{{ newsreader_app_dir }}'
|
||||
version: '{{ newsreader_app_ref }}'
|
||||
|
||||
- name: Copy templates
|
||||
ansible.builtin.template:
|
||||
src: '{{ item.src }}'
|
||||
dest: '{{ item.dest }}'
|
||||
mode: '{{ item.mode }}'
|
||||
loop:
|
||||
- src: templates/newsreader/env.j2
|
||||
dest: '{{ newsreader_app_dir }}/.production.env'
|
||||
mode: '0750'
|
||||
- src: templates/newsreader/docker-compose.j2
|
||||
dest: '{{ newsreader_app_dir }}/docker-compose.resources.yml'
|
||||
mode: '0750'
|
||||
|
||||
- name: Stop current containers
|
||||
community.docker.docker_compose_v2:
|
||||
project_src: '{{ newsreader_app_dir }}'
|
||||
env_files:
|
||||
- .production.env
|
||||
state: absent
|
||||
|
||||
- name: Remove dangling containers
|
||||
community.docker.docker_compose_v2:
|
||||
project_src: '{{ newsreader_app_dir }}'
|
||||
remove_orphans: true
|
||||
state: absent
|
||||
|
||||
# Note: requires python's requests module
|
||||
- name: Remove static volume
|
||||
community.docker.docker_volume:
|
||||
volume_name: newsreader_static-files
|
||||
state: absent
|
||||
|
||||
- name: Start container
|
||||
community.docker.docker_compose_v2:
|
||||
env_files:
|
||||
- .production.env
|
||||
files:
|
||||
- docker-compose.yml
|
||||
- docker-compose.production.yml
|
||||
- docker-compose.resources.yml
|
||||
project_src: '{{ newsreader_app_dir }}'
|
||||
build: always
|
||||
state: present
|
||||
37
templates/newsreader/docker-compose.j2
Normal file
37
templates/newsreader/docker-compose.j2
Normal file
|
|
@ -0,0 +1,37 @@
|
|||
# {{ ansible_managed }}
|
||||
|
||||
x-web-resources: &web-resources
|
||||
deploy:
|
||||
resources:
|
||||
limits:
|
||||
cpus: '2'
|
||||
memory: 2GB
|
||||
|
||||
services:
|
||||
db:
|
||||
restart: always
|
||||
deploy:
|
||||
resources:
|
||||
limits:
|
||||
cpus: '4'
|
||||
|
||||
rabbitmq:
|
||||
restart: always
|
||||
|
||||
memcached:
|
||||
restart: always
|
||||
|
||||
celery:
|
||||
<<: *web-resources
|
||||
restart: always
|
||||
|
||||
django:
|
||||
<<: *web-resources
|
||||
deploy:
|
||||
resources:
|
||||
limits:
|
||||
memory: 4GB
|
||||
restart: always
|
||||
|
||||
nginx:
|
||||
restart: always
|
||||
16
templates/newsreader/env.j2
Normal file
16
templates/newsreader/env.j2
Normal file
|
|
@ -0,0 +1,16 @@
|
|||
# {{ ansible_managed }}
|
||||
|
||||
POSTGRES_HOST='{{ newsreader_postgres_host }}'
|
||||
POSTGRES_PORT='{{ newsreader_postgres_port }}'
|
||||
POSTGRES_DB='{{ newsreader_postgres_db }}'
|
||||
POSTGRES_USER='{{ newsreader_postgres_user }}'
|
||||
POSTGRES_PASSWORD='{{ newsreader_postgres_password }}'
|
||||
|
||||
NGINX_HTTP_PORT='{{ newsreader_nginx_port }}'
|
||||
|
||||
DJANGO_SETTINGS_MODULE='{{ newsreader_django_settings_module }}'
|
||||
DJANGO_SECRET_KEY='{{ newsreader_django_secret_key }}'
|
||||
|
||||
VERSION='{{ newsreader_app_ref }}'
|
||||
|
||||
SENTRY_DSN='{{ newsreader_sentry_dsn }}'
|
||||
|
|
@ -17,13 +17,13 @@ server {
|
|||
proxy_connect_timeout 90;
|
||||
proxy_redirect off;
|
||||
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Ssl on;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
proxy_set_header X-Frame-Options SAMEORIGIN;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Ssl on;
|
||||
proxy_set_header X-Forwarded-Proto $scheme;
|
||||
proxy_set_header X-Frame-Options SAMEORIGIN;
|
||||
|
||||
proxy_pass http://{{ newsreader_ip }}:{{ newsreader_port }};
|
||||
proxy_pass http://{{ newsreader_ip }}:{{ newsreader_port }};
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue