27 files changed, 8 insertions(+), 762 deletions(-)
D roles/containers/firefish/README.org
D roles/containers/firefish/defaults/main.yml
D roles/containers/firefish/tasks/caddy.yml
D roles/containers/firefish/tasks/main.yml
D roles/containers/firefish/tasks/setup.yml
D roles/containers/firefish/templates/firefish.conf
D roles/containers/firefish/templates/sonic.conf
D roles/containers/forgejo-runner/README.org
D roles/containers/forgejo-runner/defaults/main.yml
D roles/containers/forgejo-runner/tasks/main.yml
D roles/containers/forgejo-runner/tasks/setup.yml
D roles/containers/transport/README.org
D roles/containers/transport/defaults/main.yml
D roles/containers/transport/tasks/caddy.yml
D roles/containers/transport/tasks/main.yml
D roles/containers/transport/tasks/setup.yml
D roles/containers/uptime-kuma/README.org
D roles/containers/uptime-kuma/defaults/main.yml
D roles/containers/uptime-kuma/tasks/caddy.yml
D roles/containers/uptime-kuma/tasks/main.yml
D roles/containers/uptime-kuma/tasks/setup.yml
D roles/containers/woodpecker-ci/README.org
D roles/containers/woodpecker-ci/defaults/main.yml
D roles/containers/woodpecker-ci/tasks/caddy.yml
D roles/containers/woodpecker-ci/tasks/main.yml
D roles/containers/woodpecker-ci/tasks/setup.yml
M run.yml
D roles/containers/firefish/README.org => roles/containers/firefish/README.org +0 -16
@@ 1,16 0,0 @@
-* /roles/containers/firefish
-
-[[https://joinfirefish.org/][Firefish]] module.
-
-Before using this,
-you probably want to set/edit the following variables
-in your ~secret.yml~ (or your unencrypted config):
-#+begin_src yaml
-firefish_project_dir: "world"
-firefish_port: "4753"
-firefish_open: "false"
-firefish_domain: "{{ firefish_project_dir }}.ccw.icu"
-firefish_postgres_user: ""
-firefish_postgres_pass: ""
-firefish_sonic_pass: ""
-#+end_src
D roles/containers/firefish/defaults/main.yml => roles/containers/firefish/defaults/main.yml +0 -9
@@ 1,9 0,0 @@
----
-firefish_project_dir: world
-firefish_port: "4753"
-firefish_open: "false"
-firefish_domain: "{{ firefish_project_dir }}.{{ domain }}"
-firefish_postgres_pass: ""
-firefish_postgres_user: ""
-firefish_sonic_pass: ""
-firefish_id: aid
D roles/containers/firefish/tasks/caddy.yml => roles/containers/firefish/tasks/caddy.yml +0 -26
@@ 1,26 0,0 @@
----
-- name: Make sure firefish-caddy reverse proxy config exists
- become: true
- vars:
- project_domain: "{{ firefish_domain }}"
- project_port: "{{ firefish_port }}"
- ansible.builtin.template:
- src: ../../../network/caddy/templates/reverse-proxy.template
- mode: "0644"
- dest: /etc/caddy/firefish
- validate: caddy validate --adapter caddyfile --config %s
-
-- name: Make sure caddy links to the firefish config
- become: true
- ansible.builtin.lineinfile:
- path: /etc/caddy/Caddyfile
- search_string: ^import /etc/caddy/firefish
- mode: "0644"
- line: import /etc/caddy/firefish
- validate: caddy validate --adapter caddyfile --config %s
-
-- name: Restart caddy
- become: true
- ansible.builtin.service:
- name: caddy
- state: restarted
D roles/containers/firefish/tasks/main.yml => roles/containers/firefish/tasks/main.yml +0 -5
@@ 1,5 0,0 @@
----
-- name: Setup firefish docker images
- ansible.builtin.include_tasks: setup.yml
-- name: Setup firefish reverse proxy
- ansible.builtin.include_tasks: caddy.yml
D roles/containers/firefish/tasks/setup.yml => roles/containers/firefish/tasks/setup.yml +0 -81
@@ 1,81 0,0 @@
----
-- name: Ensure firefish-project-dir exists
- become: true
- ansible.builtin.file:
- path: "{{ container_dir }}/{{ firefish_project_dir }}"
- state: directory
- recurse: true
-
-# Copy config files
-- name: Ensure firefish config directory exists
- ansible.builtin.file:
- path: "{{ container_dir }}/{{ firefish_project_dir }}/.config"
- state: directory
- recurse: true
-
-- name: Copy firefish config to the project dir
- ansible.builtin.template:
- src: firefish.conf
- dest: "{{ container_dir }}/{{ firefish_project_dir }}/.config/default.yml"
-
-- name: Copy sonic config to the project dir
- ansible.builtin.template:
- src: sonic.conf
- mode: "0777"
- dest: "{{ container_dir }}/{{ firefish_project_dir }}/sonic.cfg"
-
-# Setup docker images
-- name: Setup firefish redis
- community.docker.docker_container:
- name: firefish_redis
- image: docker.io/redis:7.0-alpine
- restart_policy: unless-stopped
- volumes:
- - "{{ container_dir }}/{{ firefish_project_dir }}/redis:/data"
-
-- name: Setup firefish db
- community.docker.docker_container:
- name: firefish_db
- restart_policy: unless-stopped
- image: docker.io/postgres:12.2-alpine
- volumes:
- - "{{ container_dir }}/{{ firefish_project_dir }}/db:\
- /var/lib/postgresql/data"
- links:
- - firefish_redis
- env:
- POSTGRES_PASSWORD: "{{ firefish_postgres_pass }}"
- POSTGRES_USER: "{{ firefish_postgres_user }}"
- POSTGRES_DB: firefish
-
-- name: Setup firefish sonic
- community.docker.docker_container:
- name: firefish_sonic
- restart_policy: unless-stopped
- image: docker.io/valeriansaliou/sonic:v1.4.0
- volumes:
- - "{{ container_dir }}/{{ firefish_project_dir }}/sonic:\
- /var/lib/sonic/store"
- - "{{ container_dir }}/{{ firefish_project_dir }}/sonic.cfg:\
- /etc/sonic.cfg"
- links:
- - firefish_db
-
-- name: Setup firefish web
- community.docker.docker_container:
- name: firefish_web
- restart_policy: unless-stopped
- #image: registry.joinfirefish.org/firefish/firefish:v1.0.3
- image: codeberg.org/comcloudway/firefish-docker:latest
- ports:
- - "{{ firefish_port }}:3000"
- volumes:
- - "{{ container_dir }}/{{ firefish_project_dir }}/files:/firefish/files"
- - "{{ container_dir }}/{{ firefish_project_dir }}/.config:\
- /firefish/.config:ro"
- links:
- - firefish_sonic
- - firefish_db
- - firefish_redis
- env:
- NODE_ENV: production
D roles/containers/firefish/templates/firefish.conf => roles/containers/firefish/templates/firefish.conf +0 -254
@@ 1,254 0,0 @@
-#━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
-# Firefish configuration
-#━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
-
-# After starting your server, please don't change the URL! Doing so will break federation.
-
-# ┌─────┐
-#───┘ URL └─────────────────────────────────────────────────────
-
-# Final accessible URL seen by a user.
-url: https://{{ firefish_domain }}/
-
-# ┌───────────────────────┐
-#───┘ Port and TLS settings └───────────────────────────────────
-
-#
-# Firefish requires a reverse proxy to support HTTPS connections.
-#
-# +----- https://example.com/ ------------+
-# +------+ |+-------------+ +----------------+|
-# | User | ---> || Proxy (443) | ---> | Firefish (3000) ||
-# +------+ |+-------------+ +----------------+|
-# +---------------------------------------+
-#
-# You need to set up a reverse proxy. (e.g. nginx, caddy)
-# An encrypted connection with HTTPS is highly recommended
-# because tokens may be transferred in GET requests.
-
-# The port that your Firefish server should listen on.
-port: 3000
-
-# ┌──────────────────────────┐
-#───┘ PostgreSQL configuration └────────────────────────────────
-
-db:
- host: firefish_db
- port: 5432
- #ssl: false
- # Database name
- db: calckey
-
- # Auth
- user: {{ firefish_postgres_user }}
- pass: {{ firefish_postgres_pass }}
-
- # Whether disable Caching queries
- #disableCache: true
-
- # Extra Connection options
- #extra:
- # ssl:
- # host: localhost
- # rejectUnauthorized: false
-
-# ┌─────────────────────┐
-#───┘ Redis configuration └─────────────────────────────────────
-
-redis:
- host: firefish_redis
- port: 6379
- #tls:
- # host: localhost
- # rejectUnauthorized: false
- #family: 0 # 0=Both, 4=IPv4, 6=IPv6
- #pass: example-pass
- #prefix: example-prefix
- #db: 1
- #user: default
-
-# ┌─────────────────────────────┐
-#───┘ Cache server configuration └─────────────────────────────────────
-
-# A Redis-compatible server (DragonflyDB, Keydb, Redis) for caching
-# If left blank, it will use the Redis server from above
-
-#cacheServer:
- #host: localhost
- #port: 6379
- #family: 0 # 0=Both, 4=IPv4, 6=IPv6
- #pass: example-pass
- #prefix: example-prefix
- #db: 1
-
-# Please configure either MeiliSearch *or* Sonic.
-# If both MeiliSearch and Sonic configurations are present, MeiliSearch will take precedence.
-
-# ┌───────────────────────────┐
-#───┘ MeiliSearch configuration └─────────────────────────────────────
-#meilisearch:
-# host: meilisearch
-# port: 7700
-# ssl: false
-# apiKey:
-
-# ┌─────────────────────┐
-#───┘ Sonic configuration └─────────────────────────────────────
-
-sonic:
- host: firefish_sonic
- port: 1491
- auth: {{ firefish_sonic_pass }}
- collection: notes
- bucket: default
-
-
-# ┌───────────────┐
-#───┘ ID generation └───────────────────────────────────────────
-
-id: {{ firefish_id }}
-# No need to uncomment in most cases, but you may want to change
-# these settings if you plan to run a large and/or distributed server.
-
-# cuid:
-# # Min 16, Max 24
-# length: 16
-#
-# # Set this to a unique string across workers (e.g., machine's hostname)
-# # if your workers are running in multiple hosts.
-# fingerprint: my-fingerprint
-
-
-# ┌─────────────────────┐
-#───┘ Other configuration └─────────────────────────────────────
-
-# Maximum length of a post (default 3000, max 100000)
-#maxNoteLength: 3000
-
-# Maximum length of an image caption (default 1500, max 8192)
-#maxCaptionLength: 1500
-
-# Reserved usernames that only the administrator can register with
-reservedUsernames: [
- 'root',
- 'admin',
- 'administrator',
- 'me',
- 'system'
-]
-
-# Whether disable HSTS
-#disableHsts: true
-
-# Number of worker processes
-#clusterLimit: 1
-
-# Worker only mode
-#onlyQueueProcessor: 1
-
-# Job concurrency per worker
-# deliverJobConcurrency: 128
-# inboxJobConcurrency: 16
-
-# Job rate limiter
-# deliverJobPerSec: 128
-# inboxJobPerSec: 16
-
-# Job attempts
-# deliverJobMaxAttempts: 12
-# inboxJobMaxAttempts: 8
-
-# IP address family used for outgoing request (ipv4, ipv6 or dual)
-#outgoingAddressFamily: ipv4
-
-# Syslog option
-#syslog:
-# host: localhost
-# port: 514
-
-# Proxy for HTTP/HTTPS
-#proxy: http://127.0.0.1:3128
-
-#proxyBypassHosts: [
-# 'web.kaiteki.app',
-# 'example.com',
-# '192.0.2.8'
-#]
-
-# Proxy for SMTP/SMTPS
-#proxySmtp: http://127.0.0.1:3128 # use HTTP/1.1 CONNECT
-#proxySmtp: socks4://127.0.0.1:1080 # use SOCKS4
-#proxySmtp: socks5://127.0.0.1:1080 # use SOCKS5
-
-# Media Proxy
-#mediaProxy: https://example.com/proxy
-
-# Proxy remote files (default: false)
-#proxyRemoteFiles: true
-
-#allowedPrivateNetworks: [
-# '127.0.0.1/32'
-#]
-
-# TWA
-#twa:
-# nameSpace: android_app
-# packageName: tld.domain.twa
-# sha256CertFingerprints: ['AB:CD:EF']
-
-# Upload or download file size limits (bytes)
-#maxFileSize: 262144000
-
-#━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
-# Congrats, you've reached the end of the config file needed for most deployments!
-# Enjoy your Firefish server!
-#━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
-
-
-
-
-#━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
-# Managed hosting settings
-# >>> NORMAL SELF-HOSTERS, STAY AWAY! <<<
-# >>> YOU DON'T NEED THIS! <<<
-# Each category is optional, but if each item in each category is mandatory!
-# If you mess this up, that's on you, you've been warned...
-#━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
-
-#maxUserSignups: 100
-#isManagedHosting: true
-#deepl:
-# managed: true
-# authKey: ''
-# isPro: false
-#
-#email:
-# managed: true
-# address: 'example@email.com'
-# host: 'email.com'
-# port: 587
-# user: 'example@email.com'
-# pass: ''
-# useImplicitSslTls: false
-#
-#objectStorage:
-# managed: true
-# baseUrl: ''
-# bucket: ''
-# prefix: ''
-# endpoint: ''
-# region: ''
-# accessKey: ''
-# secretKey: ''
-# useSsl: true
-# connnectOverProxy: false
-# setPublicReadOnUpload: true
-# s3ForcePathStyle: true
-
-# !!!!!!!!!!
-# >>>>>> AGAIN, NORMAL SELF-HOSTERS, STAY AWAY! <<<<<<
-# >>>>>> YOU DON'T NEED THIS, ABOVE SETTINGS ARE FOR MANAGED HOSTING ONLY! <<<<<<
-# !!!!!!!!!!
-
-# Seriously. Do NOT fill out the above settings if you're self-hosting.
-# They're much better off being set from the control panel.
D roles/containers/firefish/templates/sonic.conf => roles/containers/firefish/templates/sonic.conf +0 -69
@@ 1,69 0,0 @@
-# Sonic
-# Fast, lightweight and schema-less search backend
-# Configuration file
-# Example: https://github.com/valeriansaliou/sonic/blob/master/config.cfg
-
-
-[server]
-
-log_level = "debug"
-
-
-[channel]
-
-inet = "0.0.0.0:1491"
-tcp_timeout = 300
-
-auth_password = "{{ firefish_sonic_pass }}"
-
-[channel.search]
-
-query_limit_default = 10
-query_limit_maximum = 100
-query_alternates_try = 4
-
-suggest_limit_default = 5
-suggest_limit_maximum = 20
-
-list_limit_default = 100
-list_limit_maximum = 500
-
-
-[store]
-
-[store.kv]
-
-path = "/var/lib/sonic/store/kv/"
-
-retain_word_objects = 1000
-
-[store.kv.pool]
-
-inactive_after = 1800
-
-[store.kv.database]
-
-flush_after = 900
-
-compress = true
-parallelism = 2
-max_files = 100
-max_compactions = 1
-max_flushes = 1
-write_buffer = 16384
-write_ahead_log = true
-
-[store.fst]
-
-path = "/var/lib/sonic/store/fst/"
-
-[store.fst.pool]
-
-inactive_after = 300
-
-[store.fst.graph]
-
-consolidate_after = 180
-
-max_size = 2048
-max_words = 250000
D roles/containers/forgejo-runner/README.org => roles/containers/forgejo-runner/README.org +0 -12
@@ 1,12 0,0 @@
-* /roles/containers/forgejo-runner
-[[https://code.forgejo.org/forgejo/runner][forgejo-runner]] module used to run [[https://forgejo.org/docs/latest/user/actions/][Actions]].
-
-Before using this,
-you probably want to set/edit the following variables
-in your ~secret.yml~ (or your unencrypted config):
-#+begin_src yaml
-forgejo_runner_project_dir: "forgejo-runner"
-forgejo_runner_token: "changeme"
-forgejo_runner_name: "runner"
-forgejo_runner_instance: "https://codeberg.org/"
-#+end_src
D roles/containers/forgejo-runner/defaults/main.yml => roles/containers/forgejo-runner/defaults/main.yml +0 -5
@@ 1,5 0,0 @@
----
-forgejo_runner_project_dir: "forgejo-runner"
-forgejo_runner_token: "changeme"
-forgejo_runner_name: "runner"
-forgejo_runner_instance: "https://codeberg.org/"
D roles/containers/forgejo-runner/tasks/main.yml => roles/containers/forgejo-runner/tasks/main.yml +0 -3
@@ 1,3 0,0 @@
----
-- name: Setup forgejo runner docker images
- ansible.builtin.include_tasks: setup.yml
D roles/containers/forgejo-runner/tasks/setup.yml => roles/containers/forgejo-runner/tasks/setup.yml +0 -31
@@ 1,31 0,0 @@
----
-- name: Ensure forgejo-runner-project-dir exists
- ansible.builtin.file:
- path: "{{ container_dir }}/{{ forgejo_runner_project_dir }}"
- state: directory
- recurse: true
-
-- name: Create forgejo-runner registration
- community.docker.docker_container:
- name: forgejo-runner-bootstrap
- image: code.forgejo.org/forgejo/runner:2.3.0
- working_dir: "/data"
- command: "register \
- --no-interactive \
- --token {{ forgejo_runner_token }} \
- --name {{ forgejo_runner_name }} \
- --instance {{ forgejo_runner_instance }}
- --labels docker"
- volumes:
- - "{{ container_dir }}/{{ forgejo_runner_project_dir }}/:/data"
-
-- name: Setup forgejo-runner
- community.docker.docker_container:
- name: forgejo-runner
- image: code.forgejo.org/forgejo/runner:2.3.0
- working_dir: "/data"
- restart_policy: unless-stopped
- command: daemon
- volumes:
- - "{{ container_dir }}/{{ forgejo_runner_project_dir }}/:/data"
- - /var/run/docker.sock:/var/run/docker.sock
D roles/containers/transport/README.org => roles/containers/transport/README.org +0 -9
@@ 1,9 0,0 @@
-* container/transport
-Ansible role used to setup a [[https://github.com/derhuerst/db-rest#installing--running][db-rest]] server.
-
-This server is provided to guarantee the functionality of [[codeberg.org/comcloudway/l8][l8]].
-
-#+begin_src yaml
-transport_port: 7945
-transport_domain: "transport.ccw.icu"
-#+end_src
D roles/containers/transport/defaults/main.yml => roles/containers/transport/defaults/main.yml +0 -3
@@ 1,3 0,0 @@
----
-transport_port: 7945
-transport_domain: "transport.{{ transport }}"
D roles/containers/transport/tasks/caddy.yml => roles/containers/transport/tasks/caddy.yml +0 -29
@@ 1,29 0,0 @@
----
-- name: Make sure transport caddy reverse proxy config exists
- become: true
- vars:
- project_domain: "{{ transport_domain }}"
- project_port: "{{ transport_port }}"
- ansible.builtin.template:
- src: ../../../network/caddy/templates/reverse-proxy.template
- dest: /etc/caddy/transport
- mode: "0644"
- validate: caddy validate --adapter caddyfile --config %s
- register: projectconfig
-
-- name: Make sure caddy links to the transport config
- become: true
- ansible.builtin.lineinfile:
- path: /etc/caddy/Caddyfile
- mode: "0644"
- search_string: ^import /etc/caddy/transport
- line: import /etc/caddy/transport
- validate: caddy validate --adapter caddyfile --config %s
- register: caddyconfig
-
-- name: Restart caddy
- become: true
- ansible.builtin.service:
- name: caddy
- state: restarted
- when: caddyconfig.changed or projectconfig.changed
D roles/containers/transport/tasks/main.yml => roles/containers/transport/tasks/main.yml +0 -5
@@ 1,5 0,0 @@
----
-- name: Setup the transport.rest server
- ansible.builtin.include_tasks: setup.yml
-- name: Setup reverse proxy
- ansible.builtin.include_tasks: caddy.yml
D roles/containers/transport/tasks/setup.yml => roles/containers/transport/tasks/setup.yml +0 -8
@@ 1,8 0,0 @@
----
-- name: Create transport.rest server docker container
- community.docker.docker_container:
- name: transport-backend
- image: derhuerst/db-rest:6
- restart_policy: unless-stopped
- ports:
- - "{{ transport_port }}:3000"
D roles/containers/uptime-kuma/README.org => roles/containers/uptime-kuma/README.org +0 -11
@@ 1,11 0,0 @@
-* /roles/containers/uptime-kuma
-[[https://github.com/louislam/uptime-kuma][Uptime Kuma]] module.
-
-Before using this,
-you probably want to set/edit the following variables
-in your ~secret.yml~ (or your unencrypted config):
-#+begin_src yaml
-uptime_kuma_project_dir: "status"
-uptime_kuma_port: 3001
-uptime_kuma_domain: "status.ccw.icu"
-#+end_src
D roles/containers/uptime-kuma/defaults/main.yml => roles/containers/uptime-kuma/defaults/main.yml +0 -4
@@ 1,4 0,0 @@
----
-uptime_kuma_project_dir: status
-uptime_kuma_port: 3001
-uptime_kuma_domain: "status.{{ domain }}"
D roles/containers/uptime-kuma/tasks/caddy.yml => roles/containers/uptime-kuma/tasks/caddy.yml +0 -29
@@ 1,29 0,0 @@
----
-- name: Make sure uptime-kuma-caddy reverse proxy config exists
- become: true
- vars:
- project_domain: "{{ uptime_kuma_domain }}"
- project_port: "{{ uptime_kuma_port }}"
- ansible.builtin.template:
- mode: "0644"
- src: ../../../network/caddy/templates/reverse-proxy.template
- dest: /etc/caddy/uptime-kuma
- validate: caddy validate --adapter caddyfile --config %s
- register: projectconfig
-
-- name: Make sure caddy links to the uptime-kuma config
- become: true
- ansible.builtin.lineinfile:
- mode: "0644"
- path: /etc/caddy/Caddyfile
- search_string: ^import /etc/caddy/uptime-kuma
- line: import /etc/caddy/uptime-kuma
- validate: caddy validate --adapter caddyfile --config %s
- register: caddyconfig
-
-- name: Restart caddy
- become: true
- ansible.builtin.service:
- name: caddy
- state: restarted
- when: projectconfig.changed or caddyconfig.changed
D roles/containers/uptime-kuma/tasks/main.yml => roles/containers/uptime-kuma/tasks/main.yml +0 -5
@@ 1,5 0,0 @@
----
-- name: Setup uptime-kuma docker images
- ansible.builtin.include_tasks: setup.yml
-- name: Setup uptime-kuma reverse proxy
- ansible.builtin.include_tasks: caddy.yml
D roles/containers/uptime-kuma/tasks/setup.yml => roles/containers/uptime-kuma/tasks/setup.yml +0 -16
@@ 1,16 0,0 @@
----
-- name: Ensure woodpecker-project-dir exists
- ansible.builtin.file:
- path: "{{ container_dir }}/{{ uptime_kuma_project_dir }}"
- state: directory
- recurse: true
-
-- name: Setup uptime-kuma
- community.docker.docker_container:
- name: uptime-kuma
- restart_policy: unless-stopped
- image: louislam/uptime-kuma:1.22.1-alpine
- volumes:
- - "{{ container_dir }}/{{ uptime_kuma_project_dir }}/uptime-kuma-data:/app/data"
- ports:
- - "{{ uptime_kuma_port }}:3001"
D roles/containers/woodpecker-ci/README.org => roles/containers/woodpecker-ci/README.org +0 -17
@@ 1,17 0,0 @@
-* /roles/containers/woodpecker-ci
-[[woodpecker-ci.org/][Woodpecker CI]] module.
-
-Before using this,
-you probably want to set/edit the following variables
-in your ~secret.yml~ (or your unencrypted config):
-#+begin_src yaml
-woodpecker_port: 8000
-woodpecker_host: https://ci.ccw.icu
-woodpecker_gitea: https://codeberg.org
-woodpecker_gitea_client: changeme
-woodpecker_gitea_secret: changeme
-woodpecker_orgs: ""
-woodpecker_admin: "{{ username }}"
-woodpecker_repo_owners: "{{ username }}"
-woodpecker_agent_secret: changeme
-#+end_src
D roles/containers/woodpecker-ci/defaults/main.yml => roles/containers/woodpecker-ci/defaults/main.yml +0 -15
@@ 1,15 0,0 @@
----
-woodpecker_project_dir: ci
-woodpecker_port: "8000"
-woodpecker_open: "false"
-woodpecker_domain: "ci.{{ domain }}"
-woodpecker_host: https://{{ woodpecker_domain }}
-woodpecker_gitea: https://codeberg.org
-woodpecker_gitea_client: changeme
-woodpecker_gitea_secret: changeme
-woodpecker_orgs: ""
-woodpecker_admin: "{{ username }}"
-woodpecker_repo_owners: "{{ username }}"
-woodpecker_agent_secret: changeme
-woodpecker_max_pipeline_timeout: "1440"
-woodpecker_default_pipeline_timeout: "60"
D roles/containers/woodpecker-ci/tasks/caddy.yml => roles/containers/woodpecker-ci/tasks/caddy.yml +0 -29
@@ 1,29 0,0 @@
----
-- name: Make sure woodpecker-caddy reverse proxy config exists
- become: true
- vars:
- project_domain: "{{ woodpecker_domain }}"
- project_port: "{{ woodpecker_port }}"
- ansible.builtin.template:
- src: ../../../network/caddy/templates/reverse-proxy.template
- dest: /etc/caddy/woodpecker
- mode: "0644"
- validate: caddy validate --adapter caddyfile --config %s
- register: projectconfig
-
-- name: Make sure caddy links to the woodpecker config
- become: true
- ansible.builtin.lineinfile:
- path: /etc/caddy/Caddyfile
- mode: "0644"
- search_string: ^import /etc/caddy/woodpecker
- line: import /etc/caddy/woodpecker
- validate: caddy validate --adapter caddyfile --config %s
- register: caddyconfig
-
-- name: Restart caddy
- become: true
- ansible.builtin.service:
- name: caddy
- state: restarted
- when: caddyconfig.changed or projectconfig.changed
D roles/containers/woodpecker-ci/tasks/main.yml => roles/containers/woodpecker-ci/tasks/main.yml +0 -5
@@ 1,5 0,0 @@
----
-- name: Setup woodpecker docker images
- ansible.builtin.include_tasks: setup.yml
-- name: Setup woodpecker reverse proxy
- ansible.builtin.include_tasks: caddy.yml
D roles/containers/woodpecker-ci/tasks/setup.yml => roles/containers/woodpecker-ci/tasks/setup.yml +0 -41
@@ 1,41 0,0 @@
----
-- name: Ensure woodpecker-project-dir exists
- ansible.builtin.file:
- path: "{{ container_dir }}/{{ woodpecker_project_dir }}"
- state: directory
- recurse: true
-
-- name: Setup woodpecker-server
- community.docker.docker_container:
- name: woodpecker-server
- restart_policy: unless-stopped
- image: woodpeckerci/woodpecker-server:v1.0.1-alpine
- ports:
- - "{{ woodpecker_port }}:8000"
- volumes:
- - "{{ container_dir }}/{{ woodpecker_project_dir }}/woodpecker-server-data:/var/lib/woodpecker"
- env:
- WOODPECKER_OPEN: "{{ woodpecker_open }}"
- WOODPECKER_HOST: "{{ woodpecker_host }}"
- WOODPECKER_GITEA: "true"
- WOODPECKER_GITEA_URL: "{{ woodpecker_gitea }}"
- WOODPECKER_GITEA_CLIENT: "{{ woodpecker_gitea_client }}"
- WOODPECKER_GITEA_SECRET: "{{ woodpecker_gitea_secret }}"
- WOODPECKER_ORGS: "{{ woodpecker_orgs }}"
- WOODPECKER_ADMIN: "{{ woodpecker_admin }}"
- WOODPECKER_REPO_OWNERS: "{{ woodpecker_repo_owners }}"
- WOODPECKER_DEFAULT_PIPELINE_TIMEOUT: "{{ woodpecker_default_pipeline_timeout }}"
- WOODPECKER_MAX_PIPELINE_TIMEOUT: "{{ woodpecker_max_pipeline_timeout }}"
-
-- name: Setup woodpecker-agent
- community.docker.docker_container:
- name: woodpecker-agent
- restart_policy: unless-stopped
- image: woodpeckerci/woodpecker-agent:v1.0.1-alpine
- command: agent
- links: woodpecker-server
- volumes:
- - /var/run/docker.sock:/var/run/docker.sock
- env:
- WOODPECKER_SERVER: woodpecker-server:9000
- WOODPECKER_AGENT_SECRET: "{{ woodpecker_agent_secret }}"
M run.yml => run.yml +8 -25
@@ 34,29 34,12 @@
############################################
# SETUP CONTAINERS
############################################
-# Setup CI
-- name: Setup Woodpecker CI
+# Setup Social
+- name: Setup Akkoma
hosts: all
roles:
- - role: containers/woodpecker-ci
- tags: woodpecker-ci
-- name: Setup Forgejo Runner
- hosts: all
- roles:
- - role: containers/forgejo-runner
- tags: forgejo-runner
-# Setup Firefish
-- name: Setup Firefish
- hosts: all
- roles:
- - role: containers/firefish
- tags: firefish
-# Setup Uptime Kuma
-- name: Setup Uptime Kuma
- hosts: all
- roles:
- - role: containers/uptime-kuma
- tags: status
+ - role: containers/akkoma
+ tags: akkoma
# Setup Wireguard
- name: Setup Wireguard
hosts: all
@@ 74,9 57,9 @@
roles:
- role: containers/homepage
tags: homepage
-# Misc
-- name: transport-rest germany
+# Object storage
+- name: Setup S3
hosts: all
roles:
- - role: containers/transport
- tags: l8
+ - role: containers/s3
+ tags: s3