diff --git a/playbook.yml b/playbook.yml index 4caf8a3..a6eaaab 100644 --- a/playbook.yml +++ b/playbook.yml @@ -17,6 +17,7 @@ - { role: n8n, tags: ["n8n"] } - { role: matrix, tags: ["matrix"] } - { role: gitea, tags: ["gitea"] } + - { role: ryot, tags: ["ryot"] } - { role: iptables, tags: ["iptables"] } - { role: borg, tags: ["borg"] } - { role: watchtower, tags: ["watchtower"] } diff --git a/roles/ryot/tasks/base.yml b/roles/ryot/tasks/base.yml new file mode 100644 index 0000000..58ed9e8 --- /dev/null +++ b/roles/ryot/tasks/base.yml @@ -0,0 +1,22 @@ +--- + +- name: Check ryot directory exist + ansible.builtin.file: + path: ryot + state: directory + +- name: Copy template conf + ansible.builtin.template: + src: "{{ item.src }}" + dest: "ryot/{{ item.dest }}" + loop: + - { src: 'docker-compose.yml.j2', dest: 'docker-compose.yml' } + register: ryot_copy_templates_results + +- name: Update and restart container + community.docker.docker_compose: + project_src: ryot + state: present + pull: true + restarted: "{{ ryot_copy_templates_results.changed }}" + become: true diff --git a/roles/ryot/tasks/main.yml b/roles/ryot/tasks/main.yml new file mode 100644 index 0000000..9e592da --- /dev/null +++ b/roles/ryot/tasks/main.yml @@ -0,0 +1,5 @@ +--- + +- ansible.builtin.import_tasks: base.yml + name: base + diff --git a/roles/ryot/templates/docker-compose.yml.j2 b/roles/ryot/templates/docker-compose.yml.j2 new file mode 100644 index 0000000..7898cfc --- /dev/null +++ b/roles/ryot/templates/docker-compose.yml.j2 @@ -0,0 +1,48 @@ +version: "3.9" + +services: + postgres: + image: postgres:16-alpine + restart: unless-stopped + container_name: ryot_db + networks: + - internal + volumes: + - {{ server.work_dir }}/ryot/db:/var/lib/postgresql/data + environment: + POSTGRES_PASSWORD: postgres + POSTGRES_USER: postgres + POSTGRES_DB: postgres + logging: + driver: loki + options: + loki-url: "https://lokidoki:vEGH5Z5siWgcDkNknvCVzPCyqhHSBJCBjeBRZJvxUP8SdgfxJ6AqCGutCWugGsx5@loki.mrdev023.fr/loki/api/v1/push" + mode: non-blocking + + ryot: + image: "ghcr.io/ignisda/ryot:latest" + container_name: ryot + networks: + - internal + - proxy + environment: + - DATABASE_URL=postgres://postgres:postgres@postgres:5432/postgres + labels: + - "traefik.enable=true" + - "traefik.http.routers.ryot-secure.entrypoints=https" + - "traefik.http.routers.ryot-secure.rule=Host(`ryot.{{ server.domain }}`)" + - "traefik.http.routers.ryot-secure.tls=true" + - "traefik.http.routers.ryot-secure.tls.certresolver=sslResolver" + - "traefik.http.services.ryot.loadbalancer.server.port=8000" + - "traefik.http.routers.ryot-secure.middlewares=private-network@file" + - "traefik.docker.network=proxy" + logging: + driver: loki + options: + loki-url: "https://lokidoki:vEGH5Z5siWgcDkNknvCVzPCyqhHSBJCBjeBRZJvxUP8SdgfxJ6AqCGutCWugGsx5@loki.mrdev023.fr/loki/api/v1/push" + mode: non-blocking + +networks: + internal: + proxy: + external: true