27 files changed, 8 insertions(+), 762 deletions(-)

D roles/containers/firefish/README.org
D roles/containers/firefish/defaults/main.yml
D roles/containers/firefish/tasks/caddy.yml
D roles/containers/firefish/tasks/main.yml
D roles/containers/firefish/tasks/setup.yml
D roles/containers/firefish/templates/firefish.conf
D roles/containers/firefish/templates/sonic.conf
D roles/containers/forgejo-runner/README.org
D roles/containers/forgejo-runner/defaults/main.yml
D roles/containers/forgejo-runner/tasks/main.yml
D roles/containers/forgejo-runner/tasks/setup.yml
D roles/containers/transport/README.org
D roles/containers/transport/defaults/main.yml
D roles/containers/transport/tasks/caddy.yml
D roles/containers/transport/tasks/main.yml
D roles/containers/transport/tasks/setup.yml
D roles/containers/uptime-kuma/README.org
D roles/containers/uptime-kuma/defaults/main.yml
D roles/containers/uptime-kuma/tasks/caddy.yml
D roles/containers/uptime-kuma/tasks/main.yml
D roles/containers/uptime-kuma/tasks/setup.yml
D roles/containers/woodpecker-ci/README.org
D roles/containers/woodpecker-ci/defaults/main.yml
D roles/containers/woodpecker-ci/tasks/caddy.yml
D roles/containers/woodpecker-ci/tasks/main.yml
D roles/containers/woodpecker-ci/tasks/setup.yml
M run.yml

@@ 1,16 0,0 @@
-* /roles/containers/firefish
-
-[[https://joinfirefish.org/][Firefish]] module.
-
-Before using this,
-you probably want to set/edit the following variables
-in your ~secret.yml~ (or your unencrypted config):
-#+begin_src yaml
-firefish_project_dir: "world"
-firefish_port: "4753"
-firefish_open: "false"
-firefish_domain: "{{ firefish_project_dir }}.ccw.icu"
-firefish_postgres_user: ""
-firefish_postgres_pass: ""
-firefish_sonic_pass: ""
-#+end_src

@@ 1,9 0,0 @@
----
-firefish_project_dir: world
-firefish_port: "4753"
-firefish_open: "false"
-firefish_domain: "{{ firefish_project_dir }}.{{ domain }}"
-firefish_postgres_pass: ""
-firefish_postgres_user: ""
-firefish_sonic_pass: ""
-firefish_id: aid

@@ 1,26 0,0 @@
----
-- name: Make sure firefish-caddy reverse proxy config exists
-  become: true
-  vars:
-    project_domain: "{{ firefish_domain }}"
-    project_port: "{{ firefish_port }}"
-  ansible.builtin.template:
-    src: ../../../network/caddy/templates/reverse-proxy.template
-    mode: "0644"
-    dest: /etc/caddy/firefish
-    validate: caddy validate --adapter caddyfile --config %s
-
-- name: Make sure caddy links to the firefish config
-  become: true
-  ansible.builtin.lineinfile:
-    path: /etc/caddy/Caddyfile
-    search_string: ^import /etc/caddy/firefish
-    mode: "0644"
-    line: import /etc/caddy/firefish
-    validate: caddy validate --adapter caddyfile --config %s
-
-- name: Restart caddy
-  become: true
-  ansible.builtin.service:
-    name: caddy
-    state: restarted

@@ 1,5 0,0 @@
----
-- name: Setup firefish docker images
-  ansible.builtin.include_tasks: setup.yml
-- name: Setup firefish reverse proxy
-  ansible.builtin.include_tasks: caddy.yml

@@ 1,81 0,0 @@
----
-- name: Ensure firefish-project-dir exists
-  become: true
-  ansible.builtin.file:
-    path: "{{ container_dir }}/{{ firefish_project_dir }}"
-    state: directory
-    recurse: true
-
-# Copy config files
-- name: Ensure firefish config directory exists
-  ansible.builtin.file:
-    path: "{{ container_dir }}/{{ firefish_project_dir }}/.config"
-    state: directory
-    recurse: true
-
-- name: Copy firefish config to the project dir
-  ansible.builtin.template:
-    src: firefish.conf
-    dest: "{{ container_dir }}/{{ firefish_project_dir }}/.config/default.yml"
-
-- name: Copy sonic config to the project dir
-  ansible.builtin.template:
-    src: sonic.conf
-    mode: "0777"
-    dest: "{{ container_dir }}/{{ firefish_project_dir }}/sonic.cfg"
-
-# Setup docker images
-- name: Setup firefish redis
-  community.docker.docker_container:
-    name: firefish_redis
-    image: docker.io/redis:7.0-alpine
-    restart_policy: unless-stopped
-    volumes:
-      - "{{ container_dir }}/{{ firefish_project_dir }}/redis:/data"
-
-- name: Setup firefish db
-  community.docker.docker_container:
-    name: firefish_db
-    restart_policy: unless-stopped
-    image: docker.io/postgres:12.2-alpine
-    volumes:
-      - "{{ container_dir }}/{{ firefish_project_dir }}/db:\
-      /var/lib/postgresql/data"
-    links:
-      - firefish_redis
-    env:
-      POSTGRES_PASSWORD: "{{ firefish_postgres_pass }}"
-      POSTGRES_USER: "{{ firefish_postgres_user }}"
-      POSTGRES_DB: firefish
-
-- name: Setup firefish sonic
-  community.docker.docker_container:
-    name: firefish_sonic
-    restart_policy: unless-stopped
-    image: docker.io/valeriansaliou/sonic:v1.4.0
-    volumes:
-      - "{{ container_dir }}/{{ firefish_project_dir }}/sonic:\
-      /var/lib/sonic/store"
-      - "{{ container_dir }}/{{ firefish_project_dir }}/sonic.cfg:\
-      /etc/sonic.cfg"
-    links:
-      - firefish_db
-
-- name: Setup firefish web
-  community.docker.docker_container:
-    name: firefish_web
-    restart_policy: unless-stopped
-    #image: registry.joinfirefish.org/firefish/firefish:v1.0.3
-    image: codeberg.org/comcloudway/firefish-docker:latest
-    ports:
-      - "{{ firefish_port }}:3000"
-    volumes:
-      - "{{ container_dir }}/{{ firefish_project_dir }}/files:/firefish/files"
-      - "{{ container_dir }}/{{ firefish_project_dir }}/.config:\
-      /firefish/.config:ro"
-    links:
-      - firefish_sonic
-      - firefish_db
-      - firefish_redis
-    env:
-      NODE_ENV: production

@@ 1,254 0,0 @@
-#━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
-# Firefish configuration
-#━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
-
-# After starting your server, please don't change the URL! Doing so will break federation.
-
-#   ┌─────┐
-#───┘ URL └─────────────────────────────────────────────────────
-
-# Final accessible URL seen by a user.
-url: https://{{ firefish_domain }}/
-
-#   ┌───────────────────────┐
-#───┘ Port and TLS settings └───────────────────────────────────
-
-#
-# Firefish requires a reverse proxy to support HTTPS connections.
-#
-#                 +----- https://example.com/ ------------+
-#   +------+      |+-------------+      +----------------+|
-#   | User | ---> || Proxy (443) | ---> | Firefish (3000) ||
-#   +------+      |+-------------+      +----------------+|
-#                 +---------------------------------------+
-#
-#   You need to set up a reverse proxy. (e.g. nginx, caddy)
-#   An encrypted connection with HTTPS is highly recommended
-#   because tokens may be transferred in GET requests.
-
-# The port that your Firefish server should listen on.
-port: 3000
-
-#   ┌──────────────────────────┐
-#───┘ PostgreSQL configuration └────────────────────────────────
-
-db:
-  host: firefish_db
-  port: 5432
-  #ssl: false
-  # Database name
-  db: calckey
-
-  # Auth
-  user: {{ firefish_postgres_user }}
-  pass: {{ firefish_postgres_pass }}
-
-  # Whether disable Caching queries
-  #disableCache: true
-
-  # Extra Connection options
-  #extra:
-  #  ssl:
-  #   host: localhost
-  #   rejectUnauthorized: false
-
-#   ┌─────────────────────┐
-#───┘ Redis configuration └─────────────────────────────────────
-
-redis:
-  host: firefish_redis
-  port: 6379
-  #tls:
-  #  host: localhost
-  #  rejectUnauthorized: false
-  #family: 0  # 0=Both, 4=IPv4, 6=IPv6
-  #pass: example-pass
-  #prefix: example-prefix
-  #db: 1
-  #user: default
-
-#   ┌─────────────────────────────┐
-#───┘ Cache server configuration └─────────────────────────────────────
-
-# A Redis-compatible server (DragonflyDB, Keydb, Redis) for caching
-# If left blank, it will use the Redis server from above
-
-#cacheServer:
-  #host: localhost
-  #port: 6379
-  #family: 0  # 0=Both, 4=IPv4, 6=IPv6
-  #pass: example-pass
-  #prefix: example-prefix
-  #db: 1
-
-# Please configure either MeiliSearch *or* Sonic.
-# If both MeiliSearch and Sonic configurations are present, MeiliSearch will take precedence.
-
-#   ┌───────────────────────────┐
-#───┘ MeiliSearch configuration └─────────────────────────────────────
-#meilisearch:
-#  host: meilisearch
-#  port: 7700
-#  ssl: false
-#  apiKey:
-
-#   ┌─────────────────────┐
-#───┘ Sonic configuration └─────────────────────────────────────
-
-sonic:
-  host: firefish_sonic
-  port: 1491
-  auth: {{ firefish_sonic_pass }}
-  collection: notes
-  bucket: default
-
-
-#   ┌───────────────┐
-#───┘ ID generation └───────────────────────────────────────────
-
-id: {{ firefish_id }}
-# No need to uncomment in most cases, but you may want to change
-# these settings if you plan to run a large and/or distributed server.
-
-# cuid:
-#   # Min 16, Max 24
-#   length: 16
-#
-#   # Set this to a unique string across workers (e.g., machine's hostname)
-#   # if your workers are running in multiple hosts.
-#   fingerprint: my-fingerprint
-
-
-#   ┌─────────────────────┐
-#───┘ Other configuration └─────────────────────────────────────
-
-# Maximum length of a post (default 3000, max 100000)
-#maxNoteLength: 3000
-
-# Maximum length of an image caption (default 1500, max 8192)
-#maxCaptionLength: 1500
-
-# Reserved usernames that only the administrator can register with
-reservedUsernames: [
-  'root',
-  'admin',
-  'administrator',
-  'me',
-  'system'
-]
-
-# Whether disable HSTS
-#disableHsts: true
-
-# Number of worker processes
-#clusterLimit: 1
-
-# Worker only mode
-#onlyQueueProcessor: 1
-
-# Job concurrency per worker
-# deliverJobConcurrency: 128
-# inboxJobConcurrency: 16
-
-# Job rate limiter
-# deliverJobPerSec: 128
-# inboxJobPerSec: 16
-
-# Job attempts
-# deliverJobMaxAttempts: 12
-# inboxJobMaxAttempts: 8
-
-# IP address family used for outgoing request (ipv4, ipv6 or dual)
-#outgoingAddressFamily: ipv4
-
-# Syslog option
-#syslog:
-#  host: localhost
-#  port: 514
-
-# Proxy for HTTP/HTTPS
-#proxy: http://127.0.0.1:3128
-
-#proxyBypassHosts: [
-#  'web.kaiteki.app',
-#  'example.com',
-#  '192.0.2.8'
-#]
-
-# Proxy for SMTP/SMTPS
-#proxySmtp: http://127.0.0.1:3128   # use HTTP/1.1 CONNECT
-#proxySmtp: socks4://127.0.0.1:1080 # use SOCKS4
-#proxySmtp: socks5://127.0.0.1:1080 # use SOCKS5
-
-# Media Proxy
-#mediaProxy: https://example.com/proxy
-
-# Proxy remote files (default: false)
-#proxyRemoteFiles: true
-
-#allowedPrivateNetworks: [
-#  '127.0.0.1/32'
-#]
-
-# TWA
-#twa:
-#  nameSpace: android_app
-#  packageName: tld.domain.twa
-#  sha256CertFingerprints: ['AB:CD:EF']
-
-# Upload or download file size limits (bytes)
-#maxFileSize: 262144000
-
-#━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
-# Congrats, you've reached the end of the config file needed for most deployments!
-# Enjoy your Firefish server!
-#━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
-
-
-
-
-#━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
-# Managed hosting settings
-# >>> NORMAL SELF-HOSTERS, STAY AWAY! <<<
-# >>> YOU DON'T NEED THIS! <<<
-# Each category is optional, but if each item in each category is mandatory!
-# If you mess this up, that's on you, you've been warned...
-#━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
-
-#maxUserSignups: 100
-#isManagedHosting: true
-#deepl:
-#  managed: true
-#  authKey: ''
-#  isPro: false
-#
-#email:
-#  managed: true
-#  address: 'example@email.com'
-#  host: 'email.com'
-#  port: 587
-#  user: 'example@email.com'
-#  pass: ''
-#  useImplicitSslTls: false
-#
-#objectStorage:
-#  managed: true
-#  baseUrl: ''
-#  bucket: ''
-#  prefix: ''
-#  endpoint: ''
-#  region: ''
-#  accessKey: ''
-#  secretKey: ''
-#  useSsl: true
-#  connnectOverProxy: false
-#  setPublicReadOnUpload: true
-#  s3ForcePathStyle: true
-
-# !!!!!!!!!!
-# >>>>>> AGAIN, NORMAL SELF-HOSTERS, STAY AWAY! <<<<<<
-# >>>>>> YOU DON'T NEED THIS, ABOVE SETTINGS ARE FOR MANAGED HOSTING ONLY! <<<<<<
-# !!!!!!!!!!
-
-# Seriously. Do NOT fill out the above settings if you're self-hosting.
-# They're much better off being set from the control panel.

@@ 1,69 0,0 @@
-# Sonic
-# Fast, lightweight and schema-less search backend
-# Configuration file
-# Example: https://github.com/valeriansaliou/sonic/blob/master/config.cfg
-
-
-[server]
-
-log_level = "debug"
-
-
-[channel]
-
-inet = "0.0.0.0:1491"
-tcp_timeout = 300
-
-auth_password = "{{ firefish_sonic_pass }}"
-
-[channel.search]
-
-query_limit_default = 10
-query_limit_maximum = 100
-query_alternates_try = 4
-
-suggest_limit_default = 5
-suggest_limit_maximum = 20
-
-list_limit_default = 100
-list_limit_maximum = 500
-
-
-[store]
-
-[store.kv]
-
-path = "/var/lib/sonic/store/kv/"
-
-retain_word_objects = 1000
-
-[store.kv.pool]
-
-inactive_after = 1800
-
-[store.kv.database]
-
-flush_after = 900
-
-compress = true
-parallelism = 2
-max_files = 100
-max_compactions = 1
-max_flushes = 1
-write_buffer = 16384
-write_ahead_log = true
-
-[store.fst]
-
-path = "/var/lib/sonic/store/fst/"
-
-[store.fst.pool]
-
-inactive_after = 300
-
-[store.fst.graph]
-
-consolidate_after = 180
-
-max_size = 2048
-max_words = 250000

@@ 1,12 0,0 @@
-* /roles/containers/forgejo-runner
-[[https://code.forgejo.org/forgejo/runner][forgejo-runner]] module used to run [[https://forgejo.org/docs/latest/user/actions/][Actions]].
-
-Before using this,
-you probably want to set/edit the following variables
-in your ~secret.yml~ (or your unencrypted config):
-#+begin_src yaml
-forgejo_runner_project_dir: "forgejo-runner"
-forgejo_runner_token: "changeme"
-forgejo_runner_name: "runner"
-forgejo_runner_instance: "https://codeberg.org/"
-#+end_src

@@ 1,5 0,0 @@
----
-forgejo_runner_project_dir: "forgejo-runner"
-forgejo_runner_token: "changeme"
-forgejo_runner_name: "runner"
-forgejo_runner_instance: "https://codeberg.org/"

@@ 1,3 0,0 @@
----
-- name: Setup forgejo runner docker images
-  ansible.builtin.include_tasks: setup.yml

@@ 1,31 0,0 @@
----
-- name: Ensure forgejo-runner-project-dir exists
-  ansible.builtin.file:
-    path: "{{ container_dir }}/{{ forgejo_runner_project_dir }}"
-    state: directory
-    recurse: true
-
-- name: Create forgejo-runner registration
-  community.docker.docker_container:
-    name: forgejo-runner-bootstrap
-    image: code.forgejo.org/forgejo/runner:2.3.0
-    working_dir: "/data"
-    command: "register \
-      --no-interactive \
-      --token {{ forgejo_runner_token }} \
-      --name {{ forgejo_runner_name }} \
-      --instance {{ forgejo_runner_instance }}
-      --labels docker"
-    volumes:
-      - "{{ container_dir }}/{{ forgejo_runner_project_dir }}/:/data"
-
-- name: Setup forgejo-runner
-  community.docker.docker_container:
-    name: forgejo-runner
-    image: code.forgejo.org/forgejo/runner:2.3.0
-    working_dir: "/data"
-    restart_policy: unless-stopped
-    command: daemon
-    volumes:
-      - "{{ container_dir }}/{{ forgejo_runner_project_dir }}/:/data"
-      - /var/run/docker.sock:/var/run/docker.sock

@@ 1,9 0,0 @@
-* container/transport
-Ansible role used to setup a [[https://github.com/derhuerst/db-rest#installing--running][db-rest]] server.
-
-This server is provided to guarantee the functionality of [[codeberg.org/comcloudway/l8][l8]].
-
-#+begin_src yaml
-transport_port: 7945
-transport_domain: "transport.ccw.icu"
-#+end_src

@@ 1,3 0,0 @@
----
-transport_port: 7945
-transport_domain: "transport.{{ transport }}"

@@ 1,29 0,0 @@
----
-- name: Make sure transport caddy reverse proxy config exists
-  become: true
-  vars:
-    project_domain: "{{ transport_domain }}"
-    project_port: "{{ transport_port }}"
-  ansible.builtin.template:
-    src: ../../../network/caddy/templates/reverse-proxy.template
-    dest: /etc/caddy/transport
-    mode: "0644"
-    validate: caddy validate --adapter caddyfile --config %s
-  register: projectconfig
-
-- name: Make sure caddy links to the transport config
-  become: true
-  ansible.builtin.lineinfile:
-    path: /etc/caddy/Caddyfile
-    mode: "0644"
-    search_string: ^import /etc/caddy/transport
-    line: import /etc/caddy/transport
-    validate: caddy validate --adapter caddyfile --config %s
-  register: caddyconfig
-
-- name: Restart caddy
-  become: true
-  ansible.builtin.service:
-    name: caddy
-    state: restarted
-  when: caddyconfig.changed or projectconfig.changed

@@ 1,5 0,0 @@
----
-- name: Setup the transport.rest server
-  ansible.builtin.include_tasks: setup.yml
-- name: Setup reverse proxy
-  ansible.builtin.include_tasks: caddy.yml

@@ 1,8 0,0 @@
----
-- name: Create transport.rest server docker container
-  community.docker.docker_container:
-    name: transport-backend
-    image: derhuerst/db-rest:6
-    restart_policy: unless-stopped
-    ports:
-      - "{{ transport_port }}:3000"

@@ 1,11 0,0 @@
-* /roles/containers/uptime-kuma
-[[https://github.com/louislam/uptime-kuma][Uptime Kuma]] module.
-
-Before using this,
-you probably want to set/edit the following variables
-in your ~secret.yml~ (or your unencrypted config):
-#+begin_src yaml
-uptime_kuma_project_dir: "status"
-uptime_kuma_port: 3001
-uptime_kuma_domain: "status.ccw.icu"
-#+end_src

@@ 1,4 0,0 @@
----
-uptime_kuma_project_dir: status
-uptime_kuma_port: 3001
-uptime_kuma_domain: "status.{{ domain }}"

@@ 1,29 0,0 @@
----
-- name: Make sure uptime-kuma-caddy reverse proxy config exists
-  become: true
-  vars:
-    project_domain: "{{ uptime_kuma_domain }}"
-    project_port: "{{ uptime_kuma_port }}"
-  ansible.builtin.template:
-    mode: "0644"
-    src: ../../../network/caddy/templates/reverse-proxy.template
-    dest: /etc/caddy/uptime-kuma
-    validate: caddy validate --adapter caddyfile --config %s
-  register: projectconfig
-
-- name: Make sure caddy links to the uptime-kuma config
-  become: true
-  ansible.builtin.lineinfile:
-    mode: "0644"
-    path: /etc/caddy/Caddyfile
-    search_string: ^import /etc/caddy/uptime-kuma
-    line: import /etc/caddy/uptime-kuma
-    validate: caddy validate --adapter caddyfile --config %s
-  register: caddyconfig
-
-- name: Restart caddy
-  become: true
-  ansible.builtin.service:
-    name: caddy
-    state: restarted
-  when: projectconfig.changed or caddyconfig.changed

@@ 1,5 0,0 @@
----
-- name: Setup uptime-kuma docker images
-  ansible.builtin.include_tasks: setup.yml
-- name: Setup uptime-kuma reverse proxy
-  ansible.builtin.include_tasks: caddy.yml

@@ 1,16 0,0 @@
----
-- name: Ensure woodpecker-project-dir exists
-  ansible.builtin.file:
-    path: "{{ container_dir }}/{{ uptime_kuma_project_dir }}"
-    state: directory
-    recurse: true
-
-- name: Setup uptime-kuma
-  community.docker.docker_container:
-    name: uptime-kuma
-    restart_policy: unless-stopped
-    image: louislam/uptime-kuma:1.22.1-alpine
-    volumes:
-      - "{{ container_dir }}/{{ uptime_kuma_project_dir }}/uptime-kuma-data:/app/data"
-    ports:
-      - "{{ uptime_kuma_port }}:3001"

@@ 1,17 0,0 @@
-* /roles/containers/woodpecker-ci
-[[woodpecker-ci.org/][Woodpecker CI]] module.
-
-Before using this,
-you probably want to set/edit the following variables
-in your ~secret.yml~ (or your unencrypted config):
-#+begin_src yaml
-woodpecker_port: 8000
-woodpecker_host: https://ci.ccw.icu
-woodpecker_gitea: https://codeberg.org
-woodpecker_gitea_client: changeme
-woodpecker_gitea_secret: changeme
-woodpecker_orgs: ""
-woodpecker_admin: "{{ username }}"
-woodpecker_repo_owners: "{{ username }}"
-woodpecker_agent_secret: changeme
-#+end_src

@@ 1,15 0,0 @@
----
-woodpecker_project_dir: ci
-woodpecker_port: "8000"
-woodpecker_open: "false"
-woodpecker_domain: "ci.{{ domain }}"
-woodpecker_host: https://{{ woodpecker_domain }}
-woodpecker_gitea: https://codeberg.org
-woodpecker_gitea_client: changeme
-woodpecker_gitea_secret: changeme
-woodpecker_orgs: ""
-woodpecker_admin: "{{ username }}"
-woodpecker_repo_owners: "{{ username }}"
-woodpecker_agent_secret: changeme
-woodpecker_max_pipeline_timeout: "1440"
-woodpecker_default_pipeline_timeout: "60"

@@ 1,29 0,0 @@
----
-- name: Make sure woodpecker-caddy reverse proxy config exists
-  become: true
-  vars:
-    project_domain: "{{ woodpecker_domain }}"
-    project_port: "{{ woodpecker_port }}"
-  ansible.builtin.template:
-    src: ../../../network/caddy/templates/reverse-proxy.template
-    dest: /etc/caddy/woodpecker
-    mode: "0644"
-    validate: caddy validate --adapter caddyfile --config %s
-  register: projectconfig
-
-- name: Make sure caddy links to the woodpecker config
-  become: true
-  ansible.builtin.lineinfile:
-    path: /etc/caddy/Caddyfile
-    mode: "0644"
-    search_string: ^import /etc/caddy/woodpecker
-    line: import /etc/caddy/woodpecker
-    validate: caddy validate --adapter caddyfile --config %s
-  register: caddyconfig
-
-- name: Restart caddy
-  become: true
-  ansible.builtin.service:
-    name: caddy
-    state: restarted
-  when: caddyconfig.changed or projectconfig.changed

@@ 1,5 0,0 @@
----
-- name: Setup woodpecker docker images
-  ansible.builtin.include_tasks: setup.yml
-- name: Setup woodpecker reverse proxy
-  ansible.builtin.include_tasks: caddy.yml

@@ 1,41 0,0 @@
----
-- name: Ensure woodpecker-project-dir exists
-  ansible.builtin.file:
-    path: "{{ container_dir }}/{{ woodpecker_project_dir }}"
-    state: directory
-    recurse: true
-
-- name: Setup woodpecker-server
-  community.docker.docker_container:
-    name: woodpecker-server
-    restart_policy: unless-stopped
-    image: woodpeckerci/woodpecker-server:v1.0.1-alpine
-    ports:
-      - "{{ woodpecker_port }}:8000"
-    volumes:
-      - "{{ container_dir }}/{{ woodpecker_project_dir }}/woodpecker-server-data:/var/lib/woodpecker"
-    env:
-      WOODPECKER_OPEN: "{{ woodpecker_open }}"
-      WOODPECKER_HOST: "{{ woodpecker_host }}"
-      WOODPECKER_GITEA: "true"
-      WOODPECKER_GITEA_URL: "{{ woodpecker_gitea }}"
-      WOODPECKER_GITEA_CLIENT: "{{ woodpecker_gitea_client }}"
-      WOODPECKER_GITEA_SECRET: "{{ woodpecker_gitea_secret }}"
-      WOODPECKER_ORGS: "{{ woodpecker_orgs }}"
-      WOODPECKER_ADMIN: "{{ woodpecker_admin }}"
-      WOODPECKER_REPO_OWNERS: "{{ woodpecker_repo_owners }}"
-      WOODPECKER_DEFAULT_PIPELINE_TIMEOUT: "{{ woodpecker_default_pipeline_timeout }}"
-      WOODPECKER_MAX_PIPELINE_TIMEOUT: "{{ woodpecker_max_pipeline_timeout }}"
-
-- name: Setup woodpecker-agent
-  community.docker.docker_container:
-    name: woodpecker-agent
-    restart_policy: unless-stopped
-    image: woodpeckerci/woodpecker-agent:v1.0.1-alpine
-    command: agent
-    links: woodpecker-server
-    volumes:
-      - /var/run/docker.sock:/var/run/docker.sock
-    env:
-      WOODPECKER_SERVER: woodpecker-server:9000
-      WOODPECKER_AGENT_SECRET: "{{ woodpecker_agent_secret }}"

@@ 34,29 34,12 @@
 ############################################
 # SETUP CONTAINERS
 ############################################
-# Setup CI
-- name: Setup Woodpecker CI
+# Setup Social
+- name: Setup Akkoma
   hosts: all
   roles:
-    - role: containers/woodpecker-ci
-      tags: woodpecker-ci
-- name: Setup Forgejo Runner
-  hosts: all
-  roles:
-    - role: containers/forgejo-runner
-      tags: forgejo-runner
-# Setup Firefish
-- name: Setup Firefish
-  hosts: all
-  roles:
-    - role: containers/firefish
-      tags: firefish
-# Setup Uptime Kuma
-- name: Setup Uptime Kuma
-  hosts: all
-  roles:
-    - role: containers/uptime-kuma
-      tags: status
+    - role: containers/akkoma
+      tags: akkoma
 # Setup Wireguard
 - name: Setup Wireguard
   hosts: all


@@ 74,9 57,9 @@
   roles:
     - role: containers/homepage
       tags: homepage
-# Misc
-- name: transport-rest germany
+# Object storage
+- name: Setup S3
   hosts: all
   roles:
-    - role: containers/transport
-      tags: l8
+    - role: containers/s3
+      tags: s3