sonny/debian-setup
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

base: sonny:86a81c6e5263afc03a12fd8f66fcde3c142d1bdc
Branches Tags
sonny:main
...
compare: sonny:295f497bcf4111869990852bd8d9e3fd1551d8a2
Branches Tags
sonny:main

2 commits
86a81c6e52 ... 295f497bcf

Author SHA1 Message Date
Sonny Bakker
295f497bcf Include woodpecker ci provisioning 2025-04-27 18:07:24 +02:00
Sonny Bakker
0d7666185c Include glitchtip provisioning 2025-04-27 17:10:41 +02:00
10 changed files with 259 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

14
host_vars/fudiggity/glitchtip.yml Normal file
View file

@ -0,0 +1,14 @@
glitchtip_image_tag: glitchtip/glitchtip:v4.2
glitchtip_app_dir: /srv/docker/glitchtip
glitchtip_secret_key: !vault |
$ANSIBLE_VAULT;1.1;AES256
37363333306434636331626231663964626631616131326335333832323939363865353431633233
6263363535646132316130373536303466613436656636300a333231383137326634326230343661
63333933363038333865633930663562306163613164623731613866353861616435373865666330
6131663965663836300a636366386432666133343364353763333731376561646338383531613363
32383834646461383562303564663135633932616536646134393632626664376335373136383638
35323934653664666530343562363461396230333435336166343033643732663766383633343337
30303938633939623830363661633936323031373362353363346530363535613363393432666462
37643033336130393166

4
host_vars/fudiggity/network.yml
View file

@ -40,7 +40,7 @@ forgejo_ssh_port: 22
forgejo_domain: forgejo.fudiggity.nl forgejo_domain: forgejo.fudiggity.nl
woodpecker_ip: 127.0.0.1 woodpecker_ip: 127.0.0.1
woodpecker_port: 7000 woodpecker_app_port: 7000
woodpecker_domain: woodpecker.fudiggity.nl woodpecker_domain: woodpecker.fudiggity.nl
newsreader_ip: 127.0.0.1 newsreader_ip: 127.0.0.1
@ -48,7 +48,7 @@ newsreader_port: 5000
newsreader_domain: rss.fudiggity.nl newsreader_domain: rss.fudiggity.nl
glitchtip_ip: 127.0.0.1 glitchtip_ip: 127.0.0.1
glitchtip_port: 7200 glitchtip_app_port: 7200
glitchtip_domain: glitchtip.fudiggity.nl glitchtip_domain: glitchtip.fudiggity.nl
syncthing_domain: 'syncthing.{{ domain_name }}' syncthing_domain: 'syncthing.{{ domain_name }}'

42
host_vars/fudiggity/woodpecker_ci.yml Normal file
View file

@ -0,0 +1,42 @@
woodpecker_domain: 'woodpecker.fudiggity.nl'
woodpecker_image_tag: 'woodpeckerci/woodpecker-server:v2.8.0'
woodpecker_agent_tag: 'woodpeckerci/woodpecker-agent:v2.8.0'
woodpecker_postgres_user: woodpecker
woodpecker_postgres_name: woodpecker
woodpecker_app_dir: '/srv/docker/woodpecker'
woodpecker_forgejo_url: https://forgejo.fudiggity.nl
woodpecker_forgejo_client: f467d6ee-6095-4c90-9d14-674d60b07183
woodpecker_forgejo_secret: !vault |
$ANSIBLE_VAULT;1.1;AES256
31656532363665313866353961373862363031356437326234623030623235363039643663633662
6139656163646464613166653033663266313264646666620a336465306235336534633038333436
31306630323165646565333466383962626163303433393166326264633566623938366339326662
3261623736656631300a306161363061353463363361636433326431356532333761666637626163
35323065623661363638643062663066306134643035636561346663303138373634643466306161
36643037303932323032613432386230356139333963613038373531316536333461643166306261
613738363231323938653439373262663633
woodpecker_agent_secret: !vault |
$ANSIBLE_VAULT;1.1;AES256
62306636643432613934633038643363373831346639383635356366333634376337303438386339
3264363234653362646364326263313465356261313738340a616133663630376166653364376363
34353165373663343236336330643365663830393836393264373032666536633733636161663661
3464333936613066630a636166343931306365646334373731383430646233316332313861663838
64663761303237613335613366343731326630386239633061633363666330663336623730303061
38376266636662363834663664643466643361363563396539316234623764363464303336663662
613362623365363563323934653562366138
woodpecker_postgres_password: !vault |
$ANSIBLE_VAULT;1.1;AES256
33363337656661326362396537336638383036386631643935323136636661363865633763303138
6566643036333166326230366531633062306362636236630a626235323439663231363164366166
34633166313431623236323039643164396130653664393062306334653761663264666636316436
3963646536663863350a633836376238333939313363613932353039353465306330623965633161
37376336353664386166303865373939616434613966393163623536616432623035653235623763
35623063333766636131653065313064383163383261383866626232343335326566316431623233
326434353932373335366636613863666635

8
playbook.yml
View file

@ -53,6 +53,14 @@
- name: Forgejo provisioning - name: Forgejo provisioning
ansible.builtin.import_tasks: tasks/forgejo.yml ansible.builtin.import_tasks: tasks/forgejo.yml
tags: forgejo tags: forgejo
- name: Glitchtip provisioning
ansible.builtin.import_tasks: tasks/glitchtip.yml
tags: glitchtip
- name: Woodpecker CI provisioning
ansible.builtin.import_tasks: tasks/woodpecker_ci.yml
tags: woodpecker-ci
handlers: handlers:
- name: Import handlers - name: Import handlers
ansible.builtin.import_tasks: 'handlers.yml' ansible.builtin.import_tasks: 'handlers.yml'

42
tasks/glitchtip.yml Normal file
View file

@ -0,0 +1,42 @@
- name: Create required directories
become: true
ansible.builtin.file:
path: '{{ item.path }}'
state: '{{ item.state }}'
mode: '{{ item.mode }}'
owner: '{{ item.owner }}'
group: '{{ item.group }}'
loop:
- path: '{{ glitchtip_app_dir }}'
owner: sonny
group: sonny
state: directory
mode: '0755'
- name: Copy docker-compose file
ansible.builtin.template:
src: templates/glitchtip/docker-compose.j2
dest: '{{ glitchtip_app_dir }}/docker-compose.yml'
mode: '0750'
- name: Stop current containers
community.docker.docker_compose_v2:
project_src: '{{ glitchtip_app_dir }}'
state: stopped
- name: Pull missing image
community.docker.docker_compose_v2:
project_src: '{{ glitchtip_app_dir }}'
pull: missing
state: stopped
- name: Remove dangling containers
community.docker.docker_compose_v2:
project_src: '{{ glitchtip_app_dir }}'
remove_orphans: true
state: stopped
- name: Start container
community.docker.docker_compose_v2:
project_src: '{{ glitchtip_app_dir }}'
state: present

42
tasks/woodpecker_ci.yml Normal file
View file

@ -0,0 +1,42 @@
- name: Create required directories
become: true
ansible.builtin.file:
path: '{{ item.path }}'
state: '{{ item.state }}'
mode: '{{ item.mode }}'
owner: '{{ item.owner }}'
group: '{{ item.group }}'
loop:
- path: '{{ woodpecker_app_dir }}'
owner: sonny
group: sonny
state: directory
mode: '0755'
- name: Copy docker-compose file
ansible.builtin.template:
src: 'templates/woodpecker_ci/docker-compose.j2'
dest: '{{ woodpecker_app_dir }}/docker-compose.yml'
mode: '0750'
- name: Stop current containers
community.docker.docker_compose_v2:
project_src: '{{ woodpecker_app_dir }}'
state: stopped
- name: Pull missing image
community.docker.docker_compose_v2:
project_src: '{{ woodpecker_app_dir }}'
pull: missing
state: stopped
- name: Remove dangling containers
community.docker.docker_compose_v2:
project_src: '{{ woodpecker_app_dir }}'
remove_orphans: true
state: stopped
- name: Start container
community.docker.docker_compose_v2:
project_src: '{{ woodpecker_app_dir }}'
state: present

55
templates/glitchtip/docker-compose.j2 Normal file
View file

@ -0,0 +1,55 @@
# {{ ansible_managed }}
x-environment: &default-environment
DATABASE_URL: postgres://postgres:postgres@postgres:5432/postgres
SECRET_KEY: '{{ glitchtip_secret_key }}'
PORT: {{ glitchtip_app_port }}
EMAIL_URL: consolemail://
GLITCHTIP_DOMAIN: 'https://{{ glitchtip_domain }}'
DEFAULT_FROM_EMAIL: email@example.com
CELERY_WORKER_AUTOSCALE: "1,3"
CSP_DEFAULT_SRC: "'self',{{ glitchtip_domain }}"
CORS_ORIGIN_WHITELIST: https://{{ glitchtip_domain }}
CSRF_TRUSTED_ORIGINS: https://{{ glitchtip_domain }}
x-depends_on: &default-depends_on
- postgres
- redis
services:
postgres:
image: postgres:17
environment:
POSTGRES_HOST_AUTH_METHOD: 'trust'
restart: always
volumes:
- pg-data:/var/lib/postgresql/data
redis:
image: valkey/valkey
restart: always
web:
image: '{{ glitchtip_image_tag }}'
depends_on: *default-depends_on
ports:
- '{{ glitchtip_app_port }}:7200'
environment: *default-environment
restart: always
volumes:
- uploads:/code/uploads
worker:
image: '{{ glitchtip_image_tag }}'
command: ./bin/run-celery-with-beat.sh
depends_on: *default-depends_on
environment: *default-environment
restart: always
volumes:
- uploads:/code/uploads
migrate:
image: '{{ glitchtip_image_tag }}'
depends_on: *default-depends_on
command: ./bin/run-migrate.sh
environment: *default-environment
volumes:
pg-data:
uploads:

6
templates/nginx/glitchtip.j2
View file

@ -13,11 +13,11 @@ server {
client_max_body_size 40M; client_max_body_size 40M;
location / { location / {
proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Ssl on; proxy_set_header X-Forwarded-Ssl on;
proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://{{ glitchtip_ip }}:{{ glitchtip_port }}; proxy_pass http://{{ glitchtip_ip }}:{{ glitchtip_app_port }};
} }
} }

2
templates/nginx/woodpecker.j2
View file

@ -24,6 +24,6 @@ server {
proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Frame-Options SAMEORIGIN; proxy_set_header X-Frame-Options SAMEORIGIN;
proxy_pass http://{{ woodpecker_ip }}:{{ woodpecker_port }}; proxy_pass http://{{ woodpecker_ip }}:{{ woodpecker_app_port }};
} }
} }

50
templates/woodpecker_ci/docker-compose.j2 Normal file
View file

@ -0,0 +1,50 @@
# {{ ansible_managed }}
services:
woodpecker-server:
image: {{ woodpecker_image_tag }}
restart: always
ports:
- '{{ woodpecker_app_port }}:8000'
volumes:
- woodpecker-server-data:/var/lib/woodpecker/
depends_on:
- db
environment:
WOODPECKER_OPEN: true
WOODPECKER_HOST: 'https://{{ woodpecker_domain }}'
WOODPECKER_AGENT_SECRET: {{ woodpecker_agent_secret }}
WOODPECKER_DATABASE_DRIVER: postgres
WOODPECKER_DATABASE_DATASOURCE: postgres://{{ woodpecker_postgres_user }}:{{ woodpecker_postgres_password }}@db:5432/postgres?sslmode=disable
WOODPECKER_FORGEJO: true
WOODPECKER_FORGEJO_URL: {{ woodpecker_forgejo_url }}
WOODPECKER_FORGEJO_CLIENT: {{ woodpecker_forgejo_client }}
WOODPECKER_FORGEJO_SECRET: {{ woodpecker_forgejo_secret }}
db:
image: postgres:17
restart: always
environment:
POSTGRES_USER: {{ woodpecker_postgres_user }}
POSTGRES_PASSWORD: {{ woodpecker_postgres_password }}
POSTGRES_DB: {{ woodpecker_postgres_name }}
volumes:
- postgres-data:/var/lib/postgresql/data
woodpecker-agent:
image: {{ woodpecker_agent_tag }}
command: agent
restart: always
depends_on:
- woodpecker-server
volumes:
- woodpecker-agent-config:/etc/woodpecker
- /var/run/docker.sock:/var/run/docker.sock
environment:
WOODPECKER_SERVER: woodpecker-server:9000
WOODPECKER_AGENT_SECRET: {{ woodpecker_agent_secret }}
volumes:
woodpecker-server-data:
woodpecker-agent-config:
postgres-data: