From abe2aeceab858d6ad3a838ffe2970a0e9e2a4606 Mon Sep 17 00:00:00 2001 From: Mark Powers Date: Sat, 20 Jul 2024 16:20:13 -0500 Subject: Initial commit --- .gitignore | 3 ++ inventory.ini | 2 ++ playbook.yml | 68 +++++++++++++++++++++++++++++++++++ templates/cafe_bot-compose.yaml.j2 | 18 ++++++++++ templates/cafe_bot.env.j2 | 0 templates/docker-compose.yml.j2 | 38 ++++++++++++++++++++ templates/git-compose.yml.j2 | 15 ++++++++ templates/huginn-compose.yml.j2 | 40 +++++++++++++++++++++ templates/hugo_kitchen-compose.yml.j2 | 13 +++++++ templates/journal-compose.yml.j2 | 31 ++++++++++++++++ templates/kitchen-compose.yml.j2 | 38 ++++++++++++++++++++ templates/miniflux-compose.yml.j2 | 31 ++++++++++++++++ templates/mumble-compose.yml.j2 | 39 ++++++++++++++++++++ templates/podcast-compose.yml.j2 | 11 ++++++ templates/rss_bridge-compose.yml.j2 | 10 ++++++ templates/soundboard_config.js.j2 | 7 ++++ templates/tracker-compose.yml.j2 | 64 +++++++++++++++++++++++++++++++++ templates/util/traefik_labels.txt.j2 | 6 ++++ 18 files changed, 434 insertions(+) create mode 100644 .gitignore create mode 100644 inventory.ini create mode 100644 playbook.yml create mode 100644 templates/cafe_bot-compose.yaml.j2 create mode 100644 templates/cafe_bot.env.j2 create mode 100644 templates/docker-compose.yml.j2 create mode 100644 templates/git-compose.yml.j2 create mode 100644 templates/huginn-compose.yml.j2 create mode 100644 templates/hugo_kitchen-compose.yml.j2 create mode 100644 templates/journal-compose.yml.j2 create mode 100644 templates/kitchen-compose.yml.j2 create mode 100644 templates/miniflux-compose.yml.j2 create mode 100644 templates/mumble-compose.yml.j2 create mode 100644 templates/podcast-compose.yml.j2 create mode 100644 templates/rss_bridge-compose.yml.j2 create mode 100644 templates/soundboard_config.js.j2 create mode 100644 templates/tracker-compose.yml.j2 create mode 100644 templates/util/traefik_labels.txt.j2 diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..ed5ab6f --- /dev/null +++ b/.gitignore @@ -0,0 +1,3 @@ +.venv +.vscode +out/ diff --git a/inventory.ini b/inventory.ini new file mode 100644 index 0000000..574a128 --- /dev/null +++ b/inventory.ini @@ -0,0 +1,2 @@ +[kitchen] +localhost \ No newline at end of file diff --git a/playbook.yml b/playbook.yml new file mode 100644 index 0000000..40177d0 --- /dev/null +++ b/playbook.yml @@ -0,0 +1,68 @@ +- name: Setup kitchen + hosts: localhost + connection: local + tasks: + - name: Create output directory + ansible.builtin.file: + path: ./out/ + state: directory + mode: '0775' + + - name: Create data directory + ansible.builtin.file: + path: ./out/data + state: directory + mode: '0775' + + - name: Clone repos + ansible.builtin.git: + repo: "{{ item }}" + dest: "./out/{{ item | basename }}/" + version: main + loop: + - https://git.marks.kitchen/cgit/journal_api.git + - https://git.marks.kitchen/cgit/docker_cgit.git + - https://github.com/Mark-Powers/cafe_bot.git + + - name: Clone repos + ansible.builtin.git: + repo: "{{ item }}" + dest: "./out/{{ item | basename }}/" + version: master + loop: + - https://git.marks.kitchen/cgit/soundboard.git + - https://git.marks.kitchen/cgit/markskitchen.git + - https://git.marks.kitchen/cgit/games.git + - https://git.marks.kitchen/cgit/tracker-spa.git + - https://git.marks.kitchen/cgit/markskitchen_hugo.git + + - name: Template docker-compose files + ansible.builtin.template: + src: "{{ item }}.j2" + dest: ./out/{{ item }} + mode: u=rw,g=r,o=r + loop: + - git-compose.yml + - huginn-compose.yml + - hugo_kitchen-compose.yml + - journal-compose.yml + - kitchen-compose.yml + - miniflux-compose.yml + - mumble-compose.yml + - podcast-compose.yml + - rss_bridge-compose.yml + - tracker-compose.yml + - cafe_bot-compose.yaml + - docker-compose.yml + + - name: Template soundboard config + ansible.builtin.template: + src: "soundboard_config.js.j2" + dest: ./out/soundboard.git/config.js + mode: u=rw,g=r,o=r + + - name: Template bot config + ansible.builtin.template: + src: "cafe_bot.env.j2" + dest: ./out/cafe_bot.git/.env + mode: u=rw,g=r,o=r diff --git a/templates/cafe_bot-compose.yaml.j2 b/templates/cafe_bot-compose.yaml.j2 new file mode 100644 index 0000000..6cc1987 --- /dev/null +++ b/templates/cafe_bot-compose.yaml.j2 @@ -0,0 +1,18 @@ +services: + matrix-bot: + build: cafe_bot.git + container_name: cafe_bot + volumes: + - ./data/cafe_bot/res/:/res + - ./data/cafe_bot/data/:/data + - ./data/botamusique/music/out:/out + environment: +{% for key, value in cafe_bot_env.items() %} + - {{ key }}={{ value }} +{% endfor %} + + restart: always + labels: +{% with router_name="bot", host_prefix="bot", container_port="8080" %} +{% include "util/traefik_labels.txt.j2" %} +{% endwith %} diff --git a/templates/cafe_bot.env.j2 b/templates/cafe_bot.env.j2 new file mode 100644 index 0000000..e69de29 diff --git a/templates/docker-compose.yml.j2 b/templates/docker-compose.yml.j2 new file mode 100644 index 0000000..0e8a558 --- /dev/null +++ b/templates/docker-compose.yml.j2 @@ -0,0 +1,38 @@ +include: + - huginn-compose.yml + - miniflux-compose.yml + - tracker-compose.yml + - kitchen-compose.yml + - journal-compose.yml + - hugo_kitchen-compose.yml + - git-compose.yml + - rss_bridge-compose.yml + - mumble-compose.yml + - podcast-compose.yml + - cafe_bot-compose.yaml + +services: + traefik: + image: "traefik:v2.10" + restart: always + container_name: "traefik" + ports: + - "8080:8080" + - "443:443" + - "80:80" + volumes: + - "/var/run/docker.sock:/var/run/docker.sock:ro" + - "./data/letsencrypt:/letsencrypt" + command: + - "--log.level={{log_level}}" + - "--api.insecure=true" + - "--providers.docker=true" + - "--providers.docker.exposedbydefault=false" + - "--entrypoints.websecure.address=:443" + - "--entrypoints.web.address=:80" + - "--entrypoints.web.http.redirections.entryPoint.to=websecure" + - "--entrypoints.web.http.redirections.entryPoint.scheme=https" + - "--entrypoints.web.http.redirections.entrypoint.permanent=true" + - "--certificatesresolvers.letsencrypt.acme.tlschallenge=true" + - "--certificatesresolvers.letsencrypt.acme.email={{email}}" + - "--certificatesresolvers.letsencrypt.acme.storage=/letsencrypt/acme.json" diff --git a/templates/git-compose.yml.j2 b/templates/git-compose.yml.j2 new file mode 100644 index 0000000..af35c0b --- /dev/null +++ b/templates/git-compose.yml.j2 @@ -0,0 +1,15 @@ +services: + cgit: + build: ./docker_cgit.git/ + restart: always + volumes: + - /srv/git:/srv/git + labels: +{% with router_name="git", host_prefix="git", container_port="80" %} +{% include "util/traefik_labels.txt.j2" %} +{% endwith %} + + - traefik.http.middlewares.remove-cgit.replacepathregex.regex=^/cgit/(.*) + - traefik.http.middlewares.remove-cgit.replacepathregex.replacement=/$$1 + - traefik.http.middlewares.add-cgit.addprefix.prefix=/cgit + - traefik.http.routers.git.middlewares=remove-cgit,add-cgit diff --git a/templates/huginn-compose.yml.j2 b/templates/huginn-compose.yml.j2 new file mode 100644 index 0000000..9f66b64 --- /dev/null +++ b/templates/huginn-compose.yml.j2 @@ -0,0 +1,40 @@ +services: + huginn_postgres: + image: postgres:9.5 + restart: always + environment: +{% for key, value in huginn_env.items() %} + - {{ key }}={{ value }} +{% endfor %} + + volumes: + - ./data/huginn-db:/var/lib/postgresql/data + + huginn_web: + image: ghcr.io/huginn/huginn-single-process + restart: always + environment: +{% for key, value in huginn_env.items() %} + - {{ key }}={{ value }} +{% endfor %} + + depends_on: + - huginn_postgres + labels: +{% with router_name="huginn", host_prefix="huginn", container_port="3000" %} +{% include "util/traefik_labels.txt.j2" %} +{% endwith %} + + huginn_threaded: + image: ghcr.io/huginn/huginn-single-process + command: /scripts/init bin/threaded.rb + restart: always + environment: +{% for key, value in huginn_env.items() %} + - {{ key }}={{ value }} +{% endfor %} + + depends_on: + - huginn_postgres + - huginn_web + diff --git a/templates/hugo_kitchen-compose.yml.j2 b/templates/hugo_kitchen-compose.yml.j2 new file mode 100644 index 0000000..622abf3 --- /dev/null +++ b/templates/hugo_kitchen-compose.yml.j2 @@ -0,0 +1,13 @@ +services: + kitchen_nginx: + container_name: kitchen_nginx + image: nginx + restart: always + volumes: + - "./markskitchen_hugo.git/public:/usr/share/nginx/html" + labels: + - traefik.enable=true + - traefik.http.routers.kitchen.rule=Host(`{{host}}`) + - traefik.http.routers.kitchen.tls=true + - traefik.http.routers.kitchen.tls.certresolver=letsencrypt + - traefik.http.routers.kitchen.entrypoints=websecure diff --git a/templates/journal-compose.yml.j2 b/templates/journal-compose.yml.j2 new file mode 100644 index 0000000..8cf20dc --- /dev/null +++ b/templates/journal-compose.yml.j2 @@ -0,0 +1,31 @@ +services: + journal_api: + container_name: journal_api + build: ./journal_api.git/ + restart: always + environment: +{% for key, value in journal_env.items() %} + - {{ key }}={{ value }} +{% endfor %} + + volumes: + - ./data/journal_static:/static + - ./data/journal_data:/data + command: ["gunicorn", "--max-requests", "1000", "--max-requests-jitter", "50", "journal.wsgi", "--bind=0.0.0.0:80", "--capture-output", "--access-logfile" ,"-" ] + labels: +{% with router_name="journal", host_prefix="api.journal", container_port="80" %} +{% include "util/traefik_labels.txt.j2" %} +{% endwith %} + + journal_static_files: + image: nginx + restart: always + volumes: + - ./data/journal_static:/usr/share/nginx/html/static + labels: + - traefik.enable=true + - traefik.http.routers.journal_static.rule=Host(`api.journal.{{host}}`) && Pathprefix(`/static`) + - traefik.http.routers.journal_static.tls=true + - traefik.http.routers.journal_static.tls.certresolver=letsencrypt + - traefik.http.routers.journal_static.entrypoints=websecure + - traefik.http.services.journal_static.loadbalancer.server.port=80 diff --git a/templates/kitchen-compose.yml.j2 b/templates/kitchen-compose.yml.j2 new file mode 100644 index 0000000..02b13c7 --- /dev/null +++ b/templates/kitchen-compose.yml.j2 @@ -0,0 +1,38 @@ +services: + kitchen: + build: ./markskitchen.git/ + restart: always + depends_on: + - kitchen_db + environment: +{% for key, value in kitchen_env.items() %} + - {{ key }}={{ value }} +{% endfor %} + + labels: +{% with router_name="kitchenv1", host_prefix="v1", container_port="8080" %} +{% include "util/traefik_labels.txt.j2" %} +{% endwith %} + + kitchen_db: + image: mariadb + restart: always + environment: +{% for key, value in kitchen_env.items() %} + - {{ key }}={{ value }} +{% endfor %} + + volumes: + - ./data/kitchen_db:/var/lib/mysql + games: + build: ./games.git/ + restart: always + environment: +{% for key, value in games_env.items() %} + - {{ key }}={{ value }} +{% endfor %} + + labels: +{% with router_name="games", host_prefix="games", container_port="8080" %} +{% include "util/traefik_labels.txt.j2" %} +{% endwith %} diff --git a/templates/miniflux-compose.yml.j2 b/templates/miniflux-compose.yml.j2 new file mode 100644 index 0000000..26fd829 --- /dev/null +++ b/templates/miniflux-compose.yml.j2 @@ -0,0 +1,31 @@ +services: + miniflux: + image: miniflux/miniflux:latest + restart: always + depends_on: + miniflux_db: + condition: service_healthy + environment: +{% for key, value in miniflux_env.items() %} + - {{ key }}={{ value }} +{% endfor %} + + labels: +{% with router_name="miniflux", host_prefix="miniflux", container_port="8080" %} +{% include "util/traefik_labels.txt.j2" %} +{% endwith %} + + miniflux_db: + image: postgres:15 + restart: always + environment: +{% for key, value in miniflux_env.items() %} + - {{ key }}={{ value }} +{% endfor %} + + volumes: + - ./data/miniflux-db:/var/lib/postgresql/data + healthcheck: + test: ["CMD", "pg_isready", "-U", "miniflux"] + interval: 60s + start_period: 30s diff --git a/templates/mumble-compose.yml.j2 b/templates/mumble-compose.yml.j2 new file mode 100644 index 0000000..96668d1 --- /dev/null +++ b/templates/mumble-compose.yml.j2 @@ -0,0 +1,39 @@ +services: + mumble-server: + image: mumblevoip/mumble-server:latest + container_name: mumble-server + restart: on-failure + ports: + - 64738:64738 + - 64738:64738/udp + volumes: + - ./data/mumble-data:/data + environment: +{% for key, value in mumble_env.items() %} + - {{ key }}={{ value }} +{% endfor %} + + botamusique: + image: azlux/botamusique + restart: on-failure + environment: +{% for key, value in mumble_env.items() %} + - {{ key }}={{ value }} +{% endfor %} + + volumes: + - ./data/botamusique/music:/music + - ./data/botamusique/config:/config + cpus: 1 + labels: +{% with router_name="bard", host_prefix="bard", container_port="8181" %} +{% include "util/traefik_labels.txt.j2" %} +{% endwith %} + + soundboard: + build: ./soundboard.git/ + restart: on-failure + labels: +{% with router_name="soundboard", host_prefix="soundboard", container_port="8080" %} +{% include "util/traefik_labels.txt.j2" %} +{% endwith %} diff --git a/templates/podcast-compose.yml.j2 b/templates/podcast-compose.yml.j2 new file mode 100644 index 0000000..825c859 --- /dev/null +++ b/templates/podcast-compose.yml.j2 @@ -0,0 +1,11 @@ +services: + podcast_nginx: + container_name: podcast_nginx + image: nginx + restart: always + volumes: + - "./data/podcast:/usr/share/nginx/html" + labels: +{% with router_name="podcast", host_prefix="podcast", container_port="80" %} +{% include "util/traefik_labels.txt.j2" %} +{% endwith %} diff --git a/templates/rss_bridge-compose.yml.j2 b/templates/rss_bridge-compose.yml.j2 new file mode 100644 index 0000000..3caaade --- /dev/null +++ b/templates/rss_bridge-compose.yml.j2 @@ -0,0 +1,10 @@ +services: + rss-bridge: + image: my-rss-bridge + restart: always + volumes: + - ./data/rss_bridge_config:/config + labels: +{% with router_name="rssbridge", host_prefix="rb", container_port="80" %} +{% include "util/traefik_labels.txt.j2" %} +{% endwith %} diff --git a/templates/soundboard_config.js.j2 b/templates/soundboard_config.js.j2 new file mode 100644 index 0000000..cc8c42f --- /dev/null +++ b/templates/soundboard_config.js.j2 @@ -0,0 +1,7 @@ +module.exports = { + "user": "{{soundboard.user}}", + "pass": "{{soundboard.pass}}", + "baseURL": "{{soundboard.url}}", + "names": {{soundboard.names}}, + "port": 8080, +} \ No newline at end of file diff --git a/templates/tracker-compose.yml.j2 b/templates/tracker-compose.yml.j2 new file mode 100644 index 0000000..0f866d5 --- /dev/null +++ b/templates/tracker-compose.yml.j2 @@ -0,0 +1,64 @@ +services: + tracker_db: + image: postgres + restart: always + environment: +{% for key, value in tracker_env.items() %} + - {{ key }}={{ value }} +{% endfor %} + + volumes: + - ./data/tracker_db:/var/lib/postgresql/data + grafana: + image: grafana/grafana + restart: always + depends_on: + - tracker_db + environment: +{% for key, value in tracker_env.items() %} + - {{ key }}={{ value }} +{% endfor %} + + volumes: + - ./data/grafana_data:/var/lib/grafana + labels: +{% with router_name="grafana", host_prefix="grafana", container_port="3000" %} +{% include "util/traefik_labels.txt.j2" %} +{% endwith %} + + tracker: + container_name: tracker_nginx + restart: always + image: nginx + volumes: + - "./tracker-spa.git/dist/spa/:/usr/share/nginx/html" + labels: +{% with router_name="tracker", host_prefix="tracker", container_port="80" %} +{% include "util/traefik_labels.txt.j2" %} +{% endwith %} + + - traefik.http.routers.tracker.middlewares=myauth + - "traefik.http.middlewares.myauth.basicauth.users={{auth_string}}" + postgrest: + image: postgrest/postgrest + restart: always + environment: +{% for key, value in tracker_env.items() %} + - {{ key }}={{ value }} +{% endfor %} + + depends_on: + - tracker_db + labels: +{% with router_name="postgrest", host_prefix="postgrest", container_port="3000" %} +{% include "util/traefik_labels.txt.j2" %} +{% endwith %} + + - traefik.http.routers.postgrest.middlewares=corsheader,postgrest-auth + - "traefik.http.middlewares.postgrest-auth.basicauth.users={{auth_string}}" + - "traefik.http.middlewares.corsheader.headers.accesscontrolallowmethods=*" + - "traefik.http.middlewares.corsheader.headers.accesscontrolallowheaders=*" + - "traefik.http.middlewares.corsheader.headers.accesscontrolalloworiginlist=https://tracker.{{host}}" + - "traefik.http.middlewares.corsheader.headers.accesscontrolmaxage=100" + - "traefik.http.middlewares.corsheader.headers.addvaryheader=true" + diff --git a/templates/util/traefik_labels.txt.j2 b/templates/util/traefik_labels.txt.j2 new file mode 100644 index 0000000..bb6beb1 --- /dev/null +++ b/templates/util/traefik_labels.txt.j2 @@ -0,0 +1,6 @@ + - traefik.enable=true + - traefik.http.routers.{{router_name}}.rule=Host(`{{host_prefix}}.{{host}}`) + - traefik.http.routers.{{router_name}}.tls=true + - traefik.http.routers.{{router_name}}.tls.certresolver=letsencrypt + - traefik.http.routers.{{router_name}}.entrypoints=websecure + - traefik.http.services.{{router_name}}.loadbalancer.server.port={{container_port}} -- cgit v1.2.3