sonny/debian-setup
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: sonny:3d89ca8b9f733e10549db79ac0eadacd630e3a91
Branches Tags
sonny:main
...
compare: sonny:86a81c6e5263afc03a12fd8f66fcde3c142d1bdc
Branches Tags
sonny:main

2 commits
3d89ca8b9f ... 86a81c6e52

Author SHA1 Message Date
Sonny Bakker
86a81c6e52 Formatting 2025-04-27 09:02:26 +02:00
Sonny Bakker
1ec828763e Include forgejo provisioning 2025-04-27 09:02:17 +02:00
4 changed files with 140 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

19
host_vars/fudiggity/forgejo.yml Normal file
View file

@ -0,0 +1,19 @@
forgejo_app_dir: '/srv/docker/forgejo'
forgejo_data_dir: '/var/lib/vm/forgejo/data'
forgejo_postgres_dir: '/var/lib/vm/forgejo/postgres'
forgejo_image_tag: 'codeberg.org/forgejo/forgejo:11'
forgejo_postgres_user: forgejo
forgejo_postgres_name: forgejo
# TODO: write to docker secret
forgejo_postgres_password: !vault |
$ANSIBLE_VAULT;1.1;AES256
30303039313766373966373364346539306661376564613530656565313131623635666435333564
6463316365373564383964316635366337376237386134340a353839313761633865646638356165
31306666616235336132363232303639303065343436656233366264333236323435393963373062
3165326331633438620a323064663435396666316266396135633463653335323534616264383965
33383262373831656335363434333938363230373133646436653261346364353463333065303534
66383533646636313662376236373931383065386330663438623363336664353832343263323336
366531643930326636343466343732373036

25
playbook.yml
View file

@ -7,49 +7,52 @@
name: '{{ packages }}'
tasks:
- name: Generic provisioning
ansible.builtin.import_tasks: 'tasks/setup.yml'
ansible.builtin.import_tasks: tasks/setup.yml
tags: setup
- name: Network provisioning
ansible.builtin.import_tasks: 'tasks/network.yml'
ansible.builtin.import_tasks: tasks/network.yml
tags: network
- name: Wireguard provisioning
ansible.builtin.import_tasks: 'tasks/wireguard.yml'
ansible.builtin.import_tasks: tasks/wireguard.yml
tags: wireguard
- name: Wireguard media provisioning
ansible.builtin.import_tasks: 'tasks/wireguard_media.yml'
ansible.builtin.import_tasks: tasks/wireguard_media.yml
tags: wireguard-media
- name: Docker provisioning
ansible.builtin.import_tasks: 'tasks/docker.yml'
ansible.builtin.import_tasks: tasks/docker.yml
tags: docker
- name: Radicale provisioning
ansible.builtin.import_tasks: 'tasks/radicale.yml'
ansible.builtin.import_tasks: tasks/radicale.yml
tags: radicale
- name: Syncthing provisioning
ansible.builtin.import_tasks: 'tasks/syncthing.yml'
ansible.builtin.import_tasks: tasks/syncthing.yml
tags: syncthing
- name: Transmission provisioning
ansible.builtin.import_tasks: 'tasks/transmission.yml'
ansible.builtin.import_tasks: tasks/transmission.yml
tags: transmission
- name: MPD provisioning
ansible.builtin.import_tasks: 'tasks/mpd.yml'
ansible.builtin.import_tasks: tasks/mpd.yml
tags: mpd
- name: NGINX provisioning
ansible.builtin.import_tasks: 'tasks/nginx.yml'
ansible.builtin.import_tasks: tasks/nginx.yml
tags: nginx
- name: Jellyfin provisioning
ansible.builtin.import_tasks: 'tasks/jellyfin.yml'
ansible.builtin.import_tasks: tasks/jellyfin.yml
tags: jellyfin
- name: Forgejo provisioning
ansible.builtin.import_tasks: tasks/forgejo.yml
tags: forgejo
handlers:
- name: Import handlers
ansible.builtin.import_tasks: 'handlers.yml'

62
tasks/forgejo.yml Normal file
View file

@ -0,0 +1,62 @@
- name: Create git user
become: true
ansible.builtin.user:
name: git
uid: 1001
group: git
create_home: false
- name: Create required directories
become: true
ansible.builtin.file:
path: '{{ item.path }}'
state: '{{ item.state }}'
mode: '{{ item.mode }}'
owner: '{{ item.owner }}'
group: '{{ item.group }}'
loop:
- path: '{{ forgejo_app_dir }}'
owner: sonny
group: sonny
state: directory
mode: '0755'
- path: '{{ forgejo_data_dir }}'
owner: sonny
group: sonny
state: directory
mode: '0755'
- path: '{{ forgejo_postgres_password }}'
owner: sonny
group: sonny
state: directory
mode: '0755'
- name: Copy docker-compose file
ansible.builtin.template:
src: templates/forgejo/docker-compose.j2
dest: '{{ forgejo_app_dir }}/docker-compose.yml'
mode: '0755'
- name: Stop current containers
community.docker.docker_compose_v2:
project_src: '{{ forgejo_app_dir }}'
state: stopped
- name: Pull missing image
community.docker.docker_compose_v2:
project_src: '{{ forgejo_app_dir }}'
pull: missing
state: stopped
- name: Remove dangling containers
community.docker.docker_compose_v2:
project_src: '{{ forgejo_app_dir }}'
remove_orphans: true
state: stopped
- name: Start container
community.docker.docker_compose_v2:
project_src: '{{ forgejo_app_dir }}'
state: present

45
templates/forgejo/docker-compose.j2 Normal file
View file

@ -0,0 +1,45 @@
# {{ ansible_managed }}
networks:
forgejo:
external: false
services:
server:
image: '{{ forgejo_image_tag }}'
container_name: forgejo
environment:
- USER_UID=1000
- USER_GID=1000
- FORGEJO__server__DOMAIN={{ forgejo_domain }}
- FORGEJO__server__ROOT_URL=https://{{ forgejo_domain }}/
- FORGEJO__server__SSH_DOMAIN={{ forgejo_domain }}
- FORGEJO__database__DB_TYPE=postgres
- FORGEJO__database__HOST=db:5432
- FORGEJO__database__NAME={{ forgejo_postgres_name }}
- FORGEJO__database__USER={{ forgejo_postgres_user }}
- FORGEJO__database__PASSWD={{ forgejo_postgres_password }}
restart: always
networks:
- forgejo
volumes:
- {{ forgejo_data_dir }}:/data
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
ports:
- '{{ forgejo_port }}:3000'
- '{{ forgejo_ssh_port }}:22'
depends_on:
- db
db:
image: postgres:14
restart: always
environment:
- POSTGRES_USER={{ forgejo_postgres_user }}
- POSTGRES_PASSWORD={{ forgejo_postgres_password }}
- POSTGRES_DB={{ forgejo_postgres_name }}
networks:
- forgejo
volumes:
- {{ forgejo_postgres_dir }}:/var/lib/postgresql/data