florian.richer/myserver-configuration
1
0
Fork 0
Code Issues 1 Activity

Finish confs

Browse source
This commit is contained in:
Florian RICHER 2023-05-20 17:23:11 +02:00
parent 3f92c47e1c
commit 2566f36c51
15 changed files with 148 additions and 30 deletions
Download patch file Download diff file Expand all files Collapse all files

32
roles/home_assistant/tasks/base.yml Normal file
View file

@ -0,0 +1,32 @@
---
- name: Check home_assistant directory exist
ansible.builtin.file:
path: home_assistant
state: directory
- name: Copy template conf
ansible.builtin.template:
backup: true
src: "{{ item.src }}"
dest: "home_assistant/{{ item.dest }}"
loop:
- { src: 'docker-compose.yml.j2', dest: 'docker-compose.yml' }
register: home_assistant_copy_templates_results
- name: Force update and restart container
community.docker.docker_compose:
project_src: home_assistant
state: present
pull: true
restarted: true
when: home_assistant_copy_templates_results.changed
become: true
- name: Update or start container
community.docker.docker_compose:
project_src: home_assistant
state: present
pull: true
when: not home_assistant_copy_templates_results.changed
become: true

4
roles/home_assistant/tasks/main.yml Normal file
View file

@ -0,0 +1,4 @@
---
- ansible.builtin.import_tasks: base.yml
name: base

26
roles/home_assistant/templates/docker-compose.yml.j2 Normal file
View file

@ -0,0 +1,26 @@
version: '3'
services:
home_assistant:
image: homeassistant/home-assistant
restart: always
container_name: home_assistant
environment:
- TZ=Europe/Paris
volumes:
- home_assistant_config:/config
- /etc/localtime:/etc/localtime:ro
network_mode: host
expose:
- 8123
labels:
- "traefik.enable=true"
- "traefik.http.routers.homeassistant-secure.entrypoints=https"
- "traefik.http.routers.homeassistant-secure.rule=Host(`domo.{{ server.domain }}`)"
- "traefik.http.routers.homeassistant-secure.tls=true"
- "traefik.http.routers.homeassistant-secure.tls.certresolver=sslResolver"
# - "traefik.http.routers.homeassistant-secure.service=homeassistant"
- "traefik.http.services.homeassistant.loadbalancer.server.port=8123"
volumes:
home_assistant_config:

17
roles/matrix/files/nginx/matrix.conf Normal file
View file

@ -0,0 +1,17 @@
server {
listen 80 default_server;
server_name matrix.mrdev023.fr;
# Traefik -> nginx -> synapse
location /_matrix {
proxy_pass http://synapse:8008;
proxy_set_header X-Forwarded-For $remote_addr;
client_max_body_size 128m;
}
location /.well-known/matrix/ {
root /var/www/;
default_type application/json;
add_header Access-Control-Allow-Origin *;
}
}

5
roles/matrix/files/nginx/www/.well-known/matrix/client Normal file
View file

@ -0,0 +1,5 @@
{
"m.homeserver": {
"base_url": "https://matrix.mrdev023.fr"
}
}

3
roles/matrix/files/nginx/www/.well-known/matrix/server Normal file
View file

@ -0,0 +1,3 @@
{
"m.server": "matrix.mrdev023.fr:443"
}

39
roles/matrix/tasks/base.yml Normal file
View file

@ -0,0 +1,39 @@
---
- name: Check matrix directory exist
ansible.builtin.file:
path: matrix
state: directory
- name: Copy matrix conf
ansible.builtin.copy:
backup: true
src: .
dest: matrix/
register: matrix_copy_files_results
- name: Copy template conf
ansible.builtin.template:
backup: true
src: "{{ item.src }}"
dest: "matrix/{{ item.dest }}"
loop:
- { src: 'docker-compose.yml.j2', dest: 'docker-compose.yml' }
register: matrix_copy_templates_results
- name: Force update and restart container
community.docker.docker_compose:
project_src: matrix
state: present
pull: true
restarted: true
when: matrix_copy_files_results.changed or matrix_copy_templates_results.changed
become: true
- name: Update or start container
community.docker.docker_compose:
project_src: matrix
state: present
pull: true
when: not matrix_copy_files_results.changed and not matrix_copy_templates_results.changed
become: true

4
roles/matrix/tasks/main.yml Normal file
View file

@ -0,0 +1,4 @@
---
- ansible.builtin.import_tasks: base.yml
name: base

66
roles/matrix/templates/docker-compose.yml.j2 Normal file
View file

@ -0,0 +1,66 @@
version: '3'
services:
postgres:
image: postgres:latest
restart: unless-stopped
networks:
- internal
volumes:
- db:/var/lib/postgresql/data
environment:
- POSTGRES_DB=synapse
- POSTGRES_USER=synapse
- POSTGRES_PASSWORD=WRyu2kuArNjRxojstqpg7EfcoUP9zoka
- POSTGRES_INITDB_ARGS=--encoding=UTF-8 --lc-collate=C --lc-ctype=C
synapse:
image: matrixdotorg/synapse:latest
restart: unless-stopped
ports:
- 8448:8448
networks:
- internal
- proxy
volumes:
- matrix:/data
labels:
- "traefik.enable=true"
- "traefik.http.routers.matrix-secure.entrypoints=https"
- "traefik.http.routers.matrix-secure.rule=Host(`matrix.{{ server.domain }}`)"
- "traefik.http.routers.matrix-secure.tls=true"
- "traefik.http.routers.matrix-secure.tls.certresolver=sslResolver"
- "traefik.port=8008"
- "traefik.docker.network=proxy"
well-kwown:
image: nginx:latest
restart: unless-stopped
networks:
- internal
- proxy
volumes:
- ./nginx/matrix.conf:/etc/nginx/conf.d/matrix.conf
- ./nginx/www:/var/www/
labels:
- "traefik.enable=true"
- "traefik.http.middlewares.cors-headers.headers.accessControlAllowOriginList=*"
- "traefik.http.middlewares.cors-headers.headers.accessControlAllowHeaders=Origin, X-Requested-With, Content-Type, Accept, Authorization"
- "traefik.http.middlewares.cors-headers.headers.accessControlAllowMethods=GET, POST, PUT, DELETE, OPTIONS"
- "traefik.http.routers.matrix-wellknown.rule=Host(`matrix.{{ server.domain }}`) && PathPrefix(`/.well-known/matrix`)"
- "traefik.http.routers.matrix-wellknown.tls=true"
- "traefik.http.routers.matrix-wellknown.tls.certresolver=sslResolver"
- "traefik.http.routers.matrix-wellknown.middlewares=cors-headers@docker"
- "traefik.docker.network=proxy"
volumes:
db:
web:
matrix:
networks:
internal:
proxy:
external: true

32
roles/n8n/tasks/base.yml Normal file
View file

@ -0,0 +1,32 @@
---
- name: Check n8n directory exist
ansible.builtin.file:
path: n8n
state: directory
- name: Copy template conf
ansible.builtin.template:
backup: true
src: "{{ item.src }}"
dest: "n8n/{{ item.dest }}"
loop:
- { src: 'docker-compose.yml.j2', dest: 'docker-compose.yml' }
register: n8n_copy_templates_results
- name: Force update and restart container
community.docker.docker_compose:
project_src: n8n
state: present
pull: true
restarted: true
when: n8n_copy_templates_results.changed
become: true
- name: Update or start container
community.docker.docker_compose:
project_src: n8n
state: present
pull: true
when: not n8n_copy_templates_results.changed
become: true

4
roles/n8n/tasks/main.yml Normal file
View file

@ -0,0 +1,4 @@
---
- ansible.builtin.import_tasks: base.yml
name: base

50
roles/n8n/templates/docker-compose.yml.j2 Normal file
View file

@ -0,0 +1,50 @@
version: '3'
services:
db:
image: postgres:14
restart: always
container_name: n8n_db
networks:
- internal
volumes:
- db:/var/lib/postgresql/data
environment:
- POSTGRES_PASSWORD=n8n
- POSTGRES_DB=n8n
- POSTGRES_USER=n8n
n8n:
image: n8nio/n8n
restart: always
container_name: n8n
networks:
- internal
- proxy
volumes:
- n8n:/home/node/.n8n
labels:
- "traefik.enable=true"
- "traefik.http.routers.n8n-secure.entrypoints=https"
- "traefik.http.routers.n8n-secure.rule=Host(`n8n.{{ server.domain }}`)"
- "traefik.http.routers.n8n-secure.tls=true"
- "traefik.http.routers.n8n-secure.tls.certresolver=sslResolver"
# - "traefik.http.routers.whoami-secure.service=whoami"
# - "traefik.http.services.whoami.loadbalancer.server.port=9002"
- "traefik.docker.network=proxy"
environment:
- DB_TYPE=postgresdb
- DB_POSTGRESDB_PORT=5432
- DB_POSTGRESDB_HOST=db
- DB_POSTGRESDB_DATABASE=n8n
- DB_POSTGRESDB_USER=n8n
- DB_POSTGRESDB_PASSWORD=n8n
volumes:
n8n:
db:
networks:
internal:
proxy:
external: true