refactor: simplify stack templates, move vars into group_vars/alpina
this vault setup for injective sensitive variables uses the approach described in https://docs.ansible.com/ansible/10/tips_tricks/ansible_tips_tricks.html#keep-vaulted-variables-safely-visible
This commit is contained in:
@@ -1,8 +0,0 @@
|
||||
$ANSIBLE_VAULT;1.2;AES256;alpina
|
||||
66613933613334643836373939636238303035626535666161323634323837623565383337666232
|
||||
6166363839626433636231323434633164643033633466650a393032356231306436663563613734
|
||||
37316438306536316438383236373431333931373933323361623162323363623332333130653366
|
||||
6363616430353835620a366666303230313239393430326538346436626239663431316639633139
|
||||
33663261303864326162313235663536363332633731383636663165313061343863373333396536
|
||||
31336234306337393730343861636232643561356165393664633537623662353830613338363833
|
||||
306537353361653834656134383632306239
|
||||
@@ -1,27 +0,0 @@
|
||||
$ANSIBLE_VAULT;1.2;AES256;alpina
|
||||
35303032386566343430633238343936366234333434343763666231666232633539303232383534
|
||||
3035346233346162373939333531613535353232626531640a646537616163353736653161326265
|
||||
31336530316335623335353661373834613264326436303933326135396166346562343136353931
|
||||
6439383039346465300a366266393130356630316630333336616565366562613038393239623738
|
||||
65626664643630353236333932373337333363626337386163613464306638633964663264363964
|
||||
30373661393531306662323134626664656233323762393037356434353066343830333033316365
|
||||
65616636613437663737306263373066306361376630616331663031346434336663393862316464
|
||||
62343339663461353934323063653566303932656264363562333136353665336263646230323832
|
||||
35376666303531383961646234663230663634393135326664386665633538616233613866373965
|
||||
64363361313232316336376631646662376565353536316438306361306261663532386564616566
|
||||
61663534393035343233326562303863646165346538393761326335376165623964396130393831
|
||||
64333665313461666335383134613831376138393061343238643661366439636534626265323865
|
||||
35393035336632653038623438626366373733626331633866373935616531623664303063376562
|
||||
31356332346164663364636235333461383437623161343338643839323765336237633266633864
|
||||
64363234646533616439313638363865373364623637636537623666383664656630333533303233
|
||||
64383734366666633832393230663739333435666138636462336332373061346239306136336263
|
||||
39643666303863303035313738343664636536663939616335303834333834363739303938646665
|
||||
66303637633239373461393434313036316563313132356432633337666537616363373830313034
|
||||
61313538633663653230643262613333306361666131663036643162343966313365653566393235
|
||||
36623832663034373734653664613038363137366437326565373761663963636336393536386435
|
||||
30393831326134376639366661653439616138643438646363343632346131306532663439396534
|
||||
32383661306539306635336262383563376561303862396532633362666266313562623336383235
|
||||
36366565633734633639653239306331333237353233326563653930653739316230666362323931
|
||||
39663931376562653530323434656436353166393836643238643632396430353034333034333665
|
||||
62323338373839383132323537353431636537616366393965643463316164323034316536383961
|
||||
6164333537633631646663333463306236613038326339643439
|
||||
@@ -1,3 +0,0 @@
|
||||
POSTGRES_USER=gitea
|
||||
POSTGRES_DB=gitea
|
||||
POSTGRES_PASSWORD={{ db_password }}
|
||||
@@ -1,6 +0,0 @@
|
||||
$ANSIBLE_VAULT;1.2;AES256;alpina
|
||||
61626665353536663033663661393434616339396434383530306265363837313839303939623465
|
||||
3634333839333530383464613966326238363738663637360a343837623832343232316565346131
|
||||
66663831356162653363383131396665326531363430656539333866313031306537343864343262
|
||||
3730643765633232620a643734623336646565663266656262343162613239306166386665333139
|
||||
6366
|
||||
@@ -1,14 +0,0 @@
|
||||
$ANSIBLE_VAULT;1.2;AES256;alpina
|
||||
65313636646233613364363933616361346639653939346337303832646339316632383966666237
|
||||
3766396134383434613534373937663162393134306536300a626139373732393037346630333838
|
||||
63663439353238643532316231623866396434303034313130386635623363353263626362376334
|
||||
3933346434633662320a386432373465646432343338666561366161646335636232353133393933
|
||||
65313364666564353039626238383033343765323730316633356139326666623135326131353864
|
||||
32386237643538636538356261393164633137636235346564393930346539623731386633336339
|
||||
31303466653936343166366164383134306232613236663735623834393963306331376435616365
|
||||
31313866383730393063353335626164303632636331303830636530656131636139376633623439
|
||||
63663639323964623231343066373538633336353561646230363363643762393634643435306164
|
||||
31366364326237636365336363343264343562353337303235633034383635373934376334353336
|
||||
61373065386639643064303431623162373665363937353832313561386134613834613935653964
|
||||
64656339316165313936333736643030356366663162316462636662326134396539356262666536
|
||||
64336133393937396330353234316563356337623733326264363333373536633833
|
||||
@@ -1,27 +0,0 @@
|
||||
$ANSIBLE_VAULT;1.2;AES256;alpina
|
||||
34666662336362656236356334333333396363393966626563643264306538333865623964373561
|
||||
3038373931313365383531333762616439396136633230610a626435336166633261323266656366
|
||||
36323335633865663538326331393635313766333639643861383738633835316533666463666363
|
||||
6139323764386533390a363361636361636163373162626135393662666436323265646233653039
|
||||
61353439356331393564363232303734626431333239633930373431616261306537393762383261
|
||||
64336234653536316236383065636364326433393334316531316438323430306437666431323063
|
||||
61383036336536343831633134636437633830346463336132653737376231666630383766656230
|
||||
37376137336264363765653535303166626138646366353466616333613964323762306166376537
|
||||
39633534336366333333316664326262353964386134333138316466303030636633383137613862
|
||||
32646332323039386365653736666435373436633531323034633064633033646466306331383835
|
||||
34386636386334396262666531356534663136393639623863326338643531346537353833663166
|
||||
35613438306432623731633566393661376533653731373130306262393137663533333230653165
|
||||
30653531636534656636393832383139626330383234376636313162373462313762666439323031
|
||||
39393063303566353733666237666165633562333962386331626164343434643964343735313265
|
||||
62313739376138656163623836663864616539336362626166336362633032326264313766346561
|
||||
62396132386333663030333639623130376130353837326630383162323931396638366331393632
|
||||
37383864666561323566383936353935396232363532356462366135313066633037306534393638
|
||||
33333439613065333432303466303635363933313036306364393434333737353361393830663032
|
||||
37636335393361343166343361396235316465373665663533663135373863663837313135343262
|
||||
66326539653033313431396163303135373462373564623863346630353964303061303434303137
|
||||
61613330363366346131396630656565333539353231623939383132303138353566653732306463
|
||||
64303961653865333738613834353333313063393064343535353562383862666561393465386135
|
||||
36373633303262343034393431613938363338346163396233663939613565306430663061623130
|
||||
66323464373438366265373937303636313530376138356433643632353461376365333535303531
|
||||
37616662323033633834343366626166363536383830356638633465333233663631396133653036
|
||||
3233323563333632303365333661386435353830313435666132
|
||||
@@ -1,9 +0,0 @@
|
||||
$ANSIBLE_VAULT;1.2;AES256;alpina
|
||||
34333936316336663466376163333433336136386632356366363139343239393333623138623265
|
||||
3234373031623162623161383832613737393938653533630a353937373463626532306562316461
|
||||
62646637353039396536623735613931373230643135373964313232376561303530386566343266
|
||||
3261366363393335620a373162303030626461666164313432383263616237383230313937653435
|
||||
65346564653230643837613436633565363865616636303031636530623063646630623730383163
|
||||
66333864393362326462356531343039613061613466356237336365633339356464626162646538
|
||||
66633235613638653036326439333833306237626539653564653536376434666238383638376333
|
||||
32383637333766636337
|
||||
@@ -1,19 +0,0 @@
|
||||
$ANSIBLE_VAULT;1.2;AES256;alpina
|
||||
61306635623363343430383032666564666533343661386663346334626137646137653533636461
|
||||
6466643635383162343463303536323563646439323333390a366134333630373464666334333037
|
||||
33303361383334353833633364313430636435326361343461616664623261616566306165663966
|
||||
6262323130623766380a336135333361656665356433346366386664623361343832363537633237
|
||||
34303437303035653136323964643761383261646131346466643663323665323166643364646262
|
||||
37363564346639393765376630313361663835343736336361313365313234303935393066646561
|
||||
61356432666130653230396435663064623462333537363962386534626566386630303638393332
|
||||
66353165643032373766633564653237333663663465363431343132353738663636373037656136
|
||||
39366430353632633461373939326330306530353762643764396233323835333030613165613334
|
||||
35623361656638356462363264336565383133346533343666663532306139653965383831393733
|
||||
30656462303234616566646336376234396430353466363062383935353162333363626565653665
|
||||
64343234333132663138633935656565303235626235633562363566393861363436323331643935
|
||||
33343030366563383735363233613830303930303762626365376338316436396238313565373562
|
||||
36343737373164653836613436646638336638393636303534303262643336356533313630306632
|
||||
64303138333834616662666332303266373932396263666239653133313936336531666536616338
|
||||
37613764376232333438383465346463313531613030323463666532383666376238303161356136
|
||||
39303236343837643039376266636334353530623764633161373434313962366430326166366333
|
||||
3733656135343438393961663334653330646562643865303339
|
||||
@@ -1,10 +0,0 @@
|
||||
$ANSIBLE_VAULT;1.2;AES256;alpina
|
||||
36343837633635363835346435333839633930656434343636623861663930333231303563313339
|
||||
6139343262316564306533396465393664356637666530310a616535376436323031386435643538
|
||||
31643935373036373839363863653434643263613731346666626163376266383635343866613536
|
||||
3835313930383238630a363138656533616337643839383330356432303236346335613464393565
|
||||
62363864323031343361643862356136316339643332393830373133656638333234656263613631
|
||||
63633837633965633033316338336338643937363131393338396661636331363538346131303564
|
||||
63313134636635663636363933373733633439663335356633313963326538663733373064303936
|
||||
37663461333664333631633838316661383733356366613531626134303236643739366361306262
|
||||
64363137666265366262373562386138313934313436363631636337373038613737
|
||||
@@ -1,18 +1,15 @@
|
||||
- name: Ensure {{ collection }} collection directory exists
|
||||
file:
|
||||
path: "{{ my_svc_path }}/{{ collection }}"
|
||||
path: "{{ alpina_svc_path }}/{{ collection }}"
|
||||
state: directory
|
||||
mode: "700"
|
||||
|
||||
- name: Deploy docker compose stacks for {{ collection }}
|
||||
vars:
|
||||
current_stack_name: "{{ stack }}"
|
||||
current_stack_dest: "{{ my_svc_path }}/{{ collection }}/{{ stack }}"
|
||||
current_stack_source: "{{ role_path }}/collections/{{ collection }}/{{ stack }}"
|
||||
current_stack_dest: "{{ alpina_svc_path }}/{{ collection }}/{{ stack }}"
|
||||
current_stack_source: "{{ role_path }}/templates/{{ collection }}/{{ stack }}"
|
||||
include_tasks: deploy_compose_stack.yml
|
||||
loop: "{{ stacks }}"
|
||||
loop_control:
|
||||
loop_var: stack
|
||||
|
||||
- debug:
|
||||
var: acme_email
|
||||
|
||||
@@ -11,21 +11,15 @@
|
||||
path: "{{ current_stack_dest }}/{{ item.path }}"
|
||||
state: directory
|
||||
mode: "700"
|
||||
loop: "{{ lookup('community.general.filetree', current_stack_source + '/templates') }}"
|
||||
loop: "{{ lookup('community.general.filetree', current_stack_source) }}"
|
||||
when: item.state == "directory"
|
||||
|
||||
# TODO: This is not ideal as it leaks the variables between stacks
|
||||
# But that's also not really a problem, as they won't conflict if everything is done right
|
||||
- name: Include variables for stack {{ stack }}
|
||||
include_vars:
|
||||
file: "{{ current_stack_source }}/app_config.yml"
|
||||
|
||||
- name: Generate {{ current_stack_name }} deployment from templates
|
||||
template:
|
||||
src: "{{ item.src }}"
|
||||
dest: "{{ current_stack_dest }}/{{ item.path | regex_replace('\\.j2$', '') }}"
|
||||
mode: "600"
|
||||
loop: "{{ lookup('community.general.filetree', current_stack_source + '/templates') }}"
|
||||
loop: "{{ lookup('community.general.filetree', current_stack_source) }}"
|
||||
when: item.state == "file"
|
||||
|
||||
- name: Deploy docker-compose for {{ current_stack_name }}
|
||||
|
||||
@@ -10,7 +10,7 @@
|
||||
- name: Ensure alpina directory exists
|
||||
file:
|
||||
state: directory
|
||||
path: "{{ my_svc_path }}"
|
||||
path: "{{ alpina_svc_path }}"
|
||||
mode: "700"
|
||||
|
||||
- name: Deploy collection services
|
||||
|
||||
@@ -21,8 +21,7 @@
|
||||
## AirVPN
|
||||
VPN_SERVICE_PROVIDER=airvpn
|
||||
VPN_TYPE=wireguard
|
||||
SERVER_NAMES=Bunda,Imai,Saclateni
|
||||
#SERVER_NAMES=Bunda
|
||||
SERVER_NAMES={{ vpn_server_names }}
|
||||
WIREGUARD_PUBLIC_KEY={{ wg_peer_pubkey }}
|
||||
WIREGUARD_PRIVATE_KEY={{ wg_privkey }}
|
||||
WIREGUARD_PRESHARED_KEY={{ wg_psk }}
|
||||
3
roles/alpina/templates/apps/gitea/.env.db.j2
Normal file
3
roles/alpina/templates/apps/gitea/.env.db.j2
Normal file
@@ -0,0 +1,3 @@
|
||||
POSTGRES_USER=gitea
|
||||
POSTGRES_DB=gitea
|
||||
POSTGRES_PASSWORD={{ gitea_db_password }}
|
||||
@@ -3,9 +3,9 @@ GITEA____APP_NAME=CazGitea
|
||||
# Database
|
||||
GITEA__database__DB_TYPE=postgres
|
||||
GITEA__database__HOST=db:5432
|
||||
GITEA__database__NAME={{ db_user }}
|
||||
GITEA__database__USER={{ db_name }}
|
||||
GITEA__database__PASSWD={{ db_password }}
|
||||
GITEA__database__NAME=gitea
|
||||
GITEA__database__USER=gitea
|
||||
GITEA__database__PASSWD={{ gitea_db_password }}
|
||||
|
||||
# Server
|
||||
GITEA__server__ROOT_URL=https://gitea.{{ domain }}/
|
||||
@@ -17,7 +17,7 @@ GITEA__mailer__SMTP_ADDR=smtp.sendgrid.net
|
||||
GITEA__mailer__SMTP_PORT=587
|
||||
GITEA__mailer__FROM=gitea@cazzzer.com
|
||||
GITEA__mailer__USER=apikey
|
||||
GITEA__mailer__PASSWD={{ sendgrid_api_key }}
|
||||
GITEA__mailer__PASSWD={{ gitea_sendgrid_api_key }}
|
||||
|
||||
# Security
|
||||
GITEA__security__SECRET_KEY={{ secret_key }}
|
||||
@@ -1,3 +1,3 @@
|
||||
POSTGRES_USER=nextcloud
|
||||
POSTGRES_DB=nextcloud
|
||||
POSTGRES_PASSWORD={{ db_password }}
|
||||
POSTGRES_PASSWORD={{ nextcloud_db_password }}
|
||||
@@ -1,6 +1,6 @@
|
||||
POSTGRES_DB=nextcloud
|
||||
POSTGRES_USER=nextcloud
|
||||
POSTGRES_PASSWORD={{ db_password }}
|
||||
POSTGRES_PASSWORD={{ nextcloud_db_password }}
|
||||
POSTGRES_HOST=db
|
||||
|
||||
NEXTCLOUD_TRUSTED_DOMAINS=nc.{{ domain }}
|
||||
@@ -13,7 +13,7 @@ SMTP_SECURE=tls
|
||||
SMTP_PORT=587
|
||||
SMTP_AUTHTYPE=LOGIN
|
||||
SMTP_NAME=apikey
|
||||
SMTP_PASSWORD={{ sendgrid_api_key }}
|
||||
SMTP_PASSWORD={{ nextcloud_sendgrid_api_key }}
|
||||
MAIL_FROM_ADDRESS=nc
|
||||
MAIL_DOMAIN=cazzzer.com
|
||||
|
||||
@@ -4,14 +4,14 @@ AUTHENTIK_REDIS__HOST=redis
|
||||
AUTHENTIK_POSTGRESQL__HOST=postgres
|
||||
AUTHENTIK_POSTGRESQL__USER=authentik
|
||||
AUTHENTIK_POSTGRESQL__NAME=authentik
|
||||
AUTHENTIK_POSTGRESQL__PASSWORD={{ db_password }}
|
||||
AUTHENTIK_POSTGRESQL__PASSWORD={{ authentik_db_password }}
|
||||
|
||||
AUTHENTIK_SECRET_KEY={{ authentik_secret_key }}
|
||||
|
||||
AUTHENTIK_EMAIL__HOST=smtp.sendgrid.net
|
||||
AUTHENTIK_EMAIL__PORT=587
|
||||
AUTHENTIK_EMAIL__USERNAME=apikey
|
||||
AUTHENTIK_EMAIL__PASSWORD={{ sengrid_api_key }}
|
||||
AUTHENTIK_EMAIL__PASSWORD={{ authentik_sendgrid_api_key }}
|
||||
|
||||
AUTHENTIK_EMAIL__USE_TLS=true
|
||||
AUTHENTIK_EMAIL__TIMEOUT=10
|
||||
@@ -1,3 +1,3 @@
|
||||
POSTGRES_USER=authentik
|
||||
POSTGRES_DB=authentik
|
||||
POSTGRES_PASSWORD={{ db_password }}
|
||||
POSTGRES_PASSWORD={{ authentik_db_password }}
|
||||
@@ -58,7 +58,7 @@
|
||||
|
||||
- name: Clean alpina directory
|
||||
file:
|
||||
path: "{{ my_svc_path }}"
|
||||
path: "{{ alpina_svc_path }}"
|
||||
state: absent
|
||||
when: clean_desired is true
|
||||
|
||||
|
||||
Reference in New Issue
Block a user