Compare commits
5 commits
93cbcd29fb
...
d6727970ff
| Author | SHA1 | Date | |
|---|---|---|---|
d6727970ff
|
|||
|
ba37728d72
|
|||
|
6dcef5cbbb
|
|||
|
a7140e5a84
|
|||
|
b91292576f
|
39 changed files with 64 additions and 112 deletions
|
|
@ -11,6 +11,14 @@
|
|||
let
|
||||
pkgs = import nixpkgs { inherit system; };
|
||||
|
||||
import_pub_gpg = pkgs.writeScriptBin "import_pub_gpg" ''
|
||||
#!${pkgs.runtimeShell}
|
||||
|
||||
echo "Importing public key"
|
||||
gpg --import <(curl https://gitea.mrdev023.fr/florian.richer.gpg)
|
||||
'';
|
||||
|
||||
|
||||
init_sops = pkgs.writeScriptBin "init_sops" ''
|
||||
#!${pkgs.runtimeShell}
|
||||
|
||||
|
|
@ -37,6 +45,7 @@
|
|||
buildInputs = [
|
||||
pkgs.ansible
|
||||
pkgs.sops
|
||||
import_pub_gpg
|
||||
init_sops
|
||||
clean_sops
|
||||
];
|
||||
|
|
|
|||
|
|
@ -8,5 +8,5 @@
|
|||
owner: root
|
||||
mode: u=rwx,g=rx,o=rx
|
||||
loop:
|
||||
- { src: 'backup.j2', dest: 'backup' }
|
||||
- { src: 'backup', dest: 'backup' }
|
||||
become: true
|
||||
|
|
@ -5,6 +5,6 @@
|
|||
containers: true
|
||||
images: true
|
||||
networks: true
|
||||
volumes: true
|
||||
# volumes: true
|
||||
builder_cache: true
|
||||
become: yes
|
||||
|
|
@ -23,13 +23,12 @@
|
|||
src: "{{ item.src }}"
|
||||
dest: "cloud/{{ item.dest }}"
|
||||
loop:
|
||||
- { src: 'docker-compose.yml.j2', dest: 'docker-compose.yml' }
|
||||
register: cloud_copy_templates_results
|
||||
- { src: 'docker-compose.yml', dest: 'docker-compose.yml' }
|
||||
|
||||
- name: Update and restart container
|
||||
community.docker.docker_compose:
|
||||
community.docker.docker_compose_v2:
|
||||
project_src: cloud
|
||||
state: present
|
||||
pull: true
|
||||
restarted: "{{ cloud_copy_files_results.changed or cloud_copy_templates_results.changed }}"
|
||||
pull: always
|
||||
recreate: "{{ 'always' if cloud_copy_files_results.changed else 'auto' }}"
|
||||
become: true
|
||||
|
|
@ -1,5 +1,3 @@
|
|||
version: '3'
|
||||
|
||||
services:
|
||||
db:
|
||||
image: postgres:14
|
||||
|
|
@ -11,8 +11,7 @@
|
|||
src: "{{ item.src }}"
|
||||
dest: "dolibarr/{{ item.dest }}"
|
||||
loop:
|
||||
- { src: 'docker-compose.yml.j2', dest: 'docker-compose.yml' }
|
||||
register: dolibarr_copy_templates_results
|
||||
- { src: 'docker-compose.yml', dest: 'docker-compose.yml' }
|
||||
|
||||
- name: Prepare volume folder
|
||||
ansible.builtin.file:
|
||||
|
|
@ -25,9 +24,8 @@
|
|||
become: true
|
||||
|
||||
- name: Update and restart container
|
||||
community.docker.docker_compose:
|
||||
community.docker.docker_compose_v2:
|
||||
project_src: dolibarr
|
||||
state: present
|
||||
pull: true
|
||||
restarted: "{{ dolibarr_copy_templates_results.changed }}"
|
||||
pull: always
|
||||
become: true
|
||||
|
|
@ -1,5 +1,3 @@
|
|||
version: '3'
|
||||
|
||||
services:
|
||||
mariadb:
|
||||
image: mariadb:latest
|
||||
|
|
@ -12,12 +12,10 @@
|
|||
loop:
|
||||
- { src: 'docker-compose.yml', dest: 'docker-compose.yml' }
|
||||
- { src: 'config.yml', dest: 'config.yml' }
|
||||
register: gitea_copy_templates_results
|
||||
|
||||
- name: Update and restart container
|
||||
community.docker.docker_compose:
|
||||
community.docker.docker_compose_v2:
|
||||
project_src: gitea
|
||||
state: present
|
||||
pull: true
|
||||
restarted: "{{ gitea_copy_templates_results.changed }}"
|
||||
pull: always
|
||||
become: true
|
||||
|
|
@ -1,5 +1,3 @@
|
|||
version: "3"
|
||||
|
||||
services:
|
||||
gitea:
|
||||
image: gitea/gitea:latest
|
||||
|
|
@ -59,4 +57,4 @@ networks:
|
|||
metrics:
|
||||
external: true
|
||||
proxy:
|
||||
external: true
|
||||
external: true
|
||||
|
|
|
|||
|
|
@ -10,13 +10,11 @@
|
|||
src: "{{ item.src }}"
|
||||
dest: "home_assistant/{{ item.dest }}"
|
||||
loop:
|
||||
- { src: 'docker-compose.yml.j2', dest: 'docker-compose.yml' }
|
||||
register: home_assistant_copy_templates_results
|
||||
- { src: 'docker-compose.yml', dest: 'docker-compose.yml' }
|
||||
|
||||
- name: Update and restart container
|
||||
community.docker.docker_compose:
|
||||
community.docker.docker_compose_v2:
|
||||
project_src: home_assistant
|
||||
state: present
|
||||
pull: true
|
||||
restarted: "{{ home_assistant_copy_templates_results.changed }}"
|
||||
pull: always
|
||||
become: true
|
||||
|
|
@ -1,5 +1,3 @@
|
|||
version: '3'
|
||||
|
||||
services:
|
||||
home_assistant:
|
||||
image: homeassistant/home-assistant
|
||||
|
|
@ -7,7 +7,7 @@
|
|||
group: root
|
||||
mode: u=rwx,g=rx,o=rx
|
||||
loop:
|
||||
- { src: 'firewall.j2', dest: '/usr/bin/firewall' }
|
||||
- { src: 'firewall', dest: '/usr/bin/firewall' }
|
||||
register: iptables_templates_results
|
||||
become: yes
|
||||
|
||||
|
|
|
|||
|
|
@ -16,13 +16,12 @@
|
|||
src: "{{ item.src }}"
|
||||
dest: "matrix/{{ item.dest }}"
|
||||
loop:
|
||||
- { src: 'docker-compose.yml.j2', dest: 'docker-compose.yml' }
|
||||
register: matrix_copy_templates_results
|
||||
- { src: 'docker-compose.yml', dest: 'docker-compose.yml' }
|
||||
|
||||
- name: Update and restart container
|
||||
community.docker.docker_compose:
|
||||
community.docker.docker_compose_v2:
|
||||
project_src: matrix
|
||||
state: present
|
||||
pull: true
|
||||
restarted: "{{ matrix_copy_files_results.changed or matrix_copy_templates_results.changed }}"
|
||||
pull: always
|
||||
recreate: "{{ 'always' if matrix_copy_files_results.changed else 'auto' }}"
|
||||
become: true
|
||||
|
|
|
|||
|
|
@ -1,5 +1,3 @@
|
|||
version: '3'
|
||||
|
||||
services:
|
||||
postgres:
|
||||
image: postgres:15
|
||||
|
|
@ -11,12 +11,10 @@
|
|||
dest: "metrics/{{ item.dest }}"
|
||||
loop:
|
||||
- { src: 'docker-compose.yml', dest: 'docker-compose.yml' }
|
||||
register: metrics_copy_templates_results
|
||||
|
||||
- name: Update and restart container
|
||||
community.docker.docker_compose:
|
||||
community.docker.docker_compose_v2:
|
||||
project_src: metrics
|
||||
state: present
|
||||
pull: true
|
||||
restarted: "{{ metrics_copy_templates_results.changed }}"
|
||||
pull: always
|
||||
become: true
|
||||
|
|
@ -1,5 +1,3 @@
|
|||
version: '3'
|
||||
|
||||
services:
|
||||
prometheus:
|
||||
image: prom/prometheus:latest
|
||||
|
|
|
|||
|
|
@ -10,13 +10,11 @@
|
|||
src: "{{ item.src }}"
|
||||
dest: "n8n/{{ item.dest }}"
|
||||
loop:
|
||||
- { src: 'docker-compose.yml.j2', dest: 'docker-compose.yml' }
|
||||
register: n8n_copy_templates_results
|
||||
- { src: 'docker-compose.yml', dest: 'docker-compose.yml' }
|
||||
|
||||
- name: Update and restart container
|
||||
community.docker.docker_compose:
|
||||
community.docker.docker_compose_v2:
|
||||
project_src: n8n
|
||||
state: present
|
||||
pull: true
|
||||
restarted: "{{ n8n_copy_templates_results.changed }}"
|
||||
pull: always
|
||||
become: true
|
||||
|
|
|
|||
|
|
@ -1,5 +1,3 @@
|
|||
version: '3'
|
||||
|
||||
services:
|
||||
db:
|
||||
image: postgres:14
|
||||
|
|
@ -11,12 +11,10 @@
|
|||
dest: "portfolio/{{ item.dest }}"
|
||||
loop:
|
||||
- { src: 'docker-compose.yml', dest: 'docker-compose.yml' }
|
||||
register: portfolio_copy_templates_results
|
||||
|
||||
- name: Update and restart container
|
||||
community.docker.docker_compose:
|
||||
community.docker.docker_compose_v2:
|
||||
project_src: portfolio
|
||||
state: present
|
||||
pull: true
|
||||
restarted: "{{ portfolio_copy_templates_results.changed }}"
|
||||
pull: always
|
||||
become: true
|
||||
|
|
@ -1,5 +1,3 @@
|
|||
version: "3"
|
||||
|
||||
services:
|
||||
portfolio:
|
||||
image: gitea.mrdev023.fr/florian.richer/portfolio:latest
|
||||
|
|
|
|||
|
|
@ -16,8 +16,7 @@
|
|||
src: "{{ item.src }}"
|
||||
dest: "protonmail/{{ item.dest }}"
|
||||
loop:
|
||||
- { src: 'docker-compose.yml.j2', dest: 'docker-compose.yml' }
|
||||
register: protonmail_copy_templates_results
|
||||
- { src: 'docker-compose.yml', dest: 'docker-compose.yml' }
|
||||
|
||||
- name: Create protonmail network
|
||||
community.docker.docker_network:
|
||||
|
|
@ -31,9 +30,9 @@
|
|||
when: not protonmail.initialized
|
||||
|
||||
- name: Update and restart container
|
||||
community.docker.docker_compose:
|
||||
community.docker.docker_compose_v2:
|
||||
project_src: protonmail
|
||||
state: present
|
||||
pull: true
|
||||
restarted: "{{ protonmail.initialized and (protonmail_copy_templates_results.changed or protonmail_copy_files_results.changed) }}"
|
||||
pull: always
|
||||
recreate: "{{ 'always' if protonmail.initialized and protonmail_copy_files_results.changed else 'auto' }}"
|
||||
become: true
|
||||
|
|
|
|||
|
|
@ -1,5 +1,3 @@
|
|||
version: '3'
|
||||
|
||||
services:
|
||||
protonmail-bridge:
|
||||
image: shenxn/protonmail-bridge
|
||||
|
|
@ -10,13 +10,11 @@
|
|||
src: "{{ item.src }}"
|
||||
dest: "ryot/{{ item.dest }}"
|
||||
loop:
|
||||
- { src: 'docker-compose.yml.j2', dest: 'docker-compose.yml' }
|
||||
register: ryot_copy_templates_results
|
||||
- { src: 'docker-compose.yml', dest: 'docker-compose.yml' }
|
||||
|
||||
- name: Update and restart container
|
||||
community.docker.docker_compose:
|
||||
community.docker.docker_compose_v2:
|
||||
project_src: ryot
|
||||
state: present
|
||||
pull: true
|
||||
restarted: "{{ ryot_copy_templates_results.changed }}"
|
||||
pull: always
|
||||
become: true
|
||||
|
|
|
|||
|
|
@ -1,5 +1,3 @@
|
|||
version: "3.9"
|
||||
|
||||
services:
|
||||
postgres:
|
||||
image: postgres:16-alpine
|
||||
|
|
@ -7,7 +7,7 @@
|
|||
group: root
|
||||
mode: u=rwx,g=rx,o=rx
|
||||
loop:
|
||||
- { src: 'port.conf.j2', dest: '/etc/ssh/sshd_config.d/99-port.conf' }
|
||||
- { src: 'port.conf', dest: '/etc/ssh/sshd_config.d/99-port.conf' }
|
||||
register: iptables_templates_results
|
||||
become: yes
|
||||
|
||||
|
|
|
|||
|
|
@ -12,7 +12,6 @@
|
|||
loop:
|
||||
- { src: 'docker-compose.yml', dest: 'docker-compose.yml' }
|
||||
- { src: 'config/traefik.yml', dest: 'config/traefik.yml' }
|
||||
register: traefik_copy_templates_results
|
||||
|
||||
# Avoid restart docker if dynamic_conf updated
|
||||
- name: Copy dynamic_conf conf
|
||||
|
|
@ -20,10 +19,9 @@
|
|||
src: "config/dynamic_conf.yml"
|
||||
dest: "traefik/config/dynamic_conf.yml"
|
||||
|
||||
- name: Update and restart container
|
||||
community.docker.docker_compose:
|
||||
project_src: traefik
|
||||
state: present
|
||||
pull: true
|
||||
restarted: "{{ traefik_copy_templates_results.changed }}"
|
||||
become: true
|
||||
# - name: Update and restart container
|
||||
# community.docker.docker_compose_v2:
|
||||
# project_src: traefik
|
||||
# state: present
|
||||
# pull: always
|
||||
# become: true
|
||||
|
|
@ -1,5 +1,3 @@
|
|||
version: '3'
|
||||
|
||||
services:
|
||||
traefik:
|
||||
image: traefik:latest
|
||||
|
|
|
|||
|
|
@ -11,14 +11,13 @@
|
|||
src: "{{ item.src }}"
|
||||
dest: "vaultwarden/{{ item.dest }}"
|
||||
loop:
|
||||
- { src: 'docker-compose.yml.j2', dest: 'docker-compose.yml' }
|
||||
register: vaultwarden_copy_templates_results
|
||||
- { src: 'docker-compose.yml', dest: 'docker-compose.yml' }
|
||||
|
||||
- name: Copy dotenv as root
|
||||
ansible.builtin.template:
|
||||
owner: root
|
||||
group: root
|
||||
src: ".env.j2"
|
||||
src: ".env"
|
||||
dest: "vaultwarden/.env"
|
||||
mode: 0600
|
||||
become: true
|
||||
|
|
@ -34,9 +33,8 @@
|
|||
become: true
|
||||
|
||||
- name: Update and restart container
|
||||
community.docker.docker_compose:
|
||||
community.docker.docker_compose_v2:
|
||||
project_src: vaultwarden
|
||||
state: present
|
||||
pull: true
|
||||
restarted: "{{ vaultwarden_copy_templates_results.changed }}"
|
||||
pull: always
|
||||
become: true
|
||||
|
|
@ -1,6 +1,6 @@
|
|||
WEBSOCKET_ENABLED=true
|
||||
SIGNUPS_ALLOWED=false
|
||||
ADMIN_TOKEN={{ vaultwarden.admin_token }}
|
||||
ADMIN_TOKEN='{{ vaultwarden.admin_token }}'
|
||||
POSTGRES_PASSWORD=vaultwarden
|
||||
POSTGRES_DB=vaultwarden
|
||||
POSTGRES_USER=vaultwarden
|
||||
|
|
@ -1,5 +1,3 @@
|
|||
version: '3'
|
||||
|
||||
services:
|
||||
db:
|
||||
image: postgres:15
|
||||
|
|
@ -10,13 +10,11 @@
|
|||
src: "{{ item.src }}"
|
||||
dest: "watchtower/{{ item.dest }}"
|
||||
loop:
|
||||
- { src: 'docker-compose.yml.j2', dest: 'docker-compose.yml' }
|
||||
register: watchtower_copy_templates_results
|
||||
- { src: 'docker-compose.yml', dest: 'docker-compose.yml' }
|
||||
|
||||
- name: Force update and restart container
|
||||
community.docker.docker_compose:
|
||||
community.docker.docker_compose_v2:
|
||||
project_src: watchtower
|
||||
state: present
|
||||
pull: true
|
||||
restarted: "{{ watchtower_copy_templates_results.changed }}"
|
||||
pull: always
|
||||
become: true
|
||||
|
|
|
|||
|
|
@ -1,5 +1,3 @@
|
|||
version: '3'
|
||||
|
||||
services:
|
||||
watchtower:
|
||||
image: containrrr/watchtower:latest
|
||||
|
|
@ -10,13 +10,11 @@
|
|||
src: "{{ item.src }}"
|
||||
dest: "whoami/{{ item.dest }}"
|
||||
loop:
|
||||
- { src: 'docker-compose.yml.j2', dest: 'docker-compose.yml' }
|
||||
register: whoami_copy_templates_results
|
||||
- { src: 'docker-compose.yml', dest: 'docker-compose.yml' }
|
||||
|
||||
- name: Force update and restart container
|
||||
community.docker.docker_compose:
|
||||
community.docker.docker_compose_v2:
|
||||
project_src: whoami
|
||||
state: present
|
||||
pull: true
|
||||
restarted: "{{ whoami_copy_templates_results.changed }}"
|
||||
pull: always
|
||||
become: true
|
||||
|
|
|
|||
|
|
@ -1,5 +1,3 @@
|
|||
version: '3'
|
||||
|
||||
services:
|
||||
whoami:
|
||||
image: "containous/whoami"
|
||||
|
|
@ -10,13 +10,11 @@
|
|||
src: "{{ item.src }}"
|
||||
dest: "wireguard/{{ item.dest }}"
|
||||
loop:
|
||||
- { src: 'docker-compose.yml.j2', dest: 'docker-compose.yml' }
|
||||
register: wireguard_copy_templates_results
|
||||
- { src: 'docker-compose.yml', dest: 'docker-compose.yml' }
|
||||
|
||||
- name: Update and restart container
|
||||
community.docker.docker_compose:
|
||||
community.docker.docker_compose_v2:
|
||||
project_src: wireguard
|
||||
state: present
|
||||
pull: true
|
||||
restarted: "{{ wireguard_copy_templates_results.changed }}"
|
||||
pull: always
|
||||
become: true
|
||||
|
|
|
|||
|
|
@ -1,5 +1,3 @@
|
|||
version: '3'
|
||||
|
||||
services:
|
||||
wireguard:
|
||||
image: lscr.io/linuxserver/wireguard:latest
|
||||
Loading…
Reference in a new issue