hosting/mash-playbook
1
0
Fork 0
Code Pull requests Activity
mash-playbook/group_vars/mash_servers
Julian-Samuel Gebühr fd68be18de feat: Add hubsite 
Hubsite is will provide you with a simple, static site that shows an overview of the available services.
It is written for this project but kept externally to enable reuse
2023-03-19 21:10:42 +01:00

844 lines
42 KiB
Text
Raw Blame History

---
########################################################################
# #
# com.devture.ansible.role.systemd_service_manager #
# #
########################################################################
devture_systemd_service_manager_services_list_auto: |
{{
([{'name': (collabora_online_identifier + '.service'), 'priority': 2000, 'groups': ['mash', 'collabora-online']}] if collabora_online_enabled else [])
+
([{'name': (devture_postgres_identifier + '.service'), 'priority': 500, 'groups': ['mash', 'postgres']}] if devture_postgres_enabled else [])
+
([{'name': (devture_postgres_backup_identifier + '.service'), 'priority': 5000, 'groups': ['mash', 'backup', 'postgres-backup']}] if devture_postgres_backup_enabled else [])
+
([{'name': (devture_container_socket_proxy_identifier + '.service'), 'priority': 2900, 'groups': ['mash', 'reverse-proxies', 'container-socket-proxy']}] if devture_container_socket_proxy_enabled else [])
+
([{'name': (devture_traefik_identifier + '.service'), 'priority': 3000, 'groups': ['mash', 'traefik', 'reverse-proxies']}] if devture_traefik_enabled else [])
+
([{'name': (devture_woodpecker_ci_server_identifier + '.service'), 'priority': 4000, 'groups': ['mash', 'woodpecker', 'ci', 'woodpecker-ci-server']}] if devture_woodpecker_ci_server_enabled else [])
+
([{'name': (devture_woodpecker_ci_agent_identifier + '.service'), 'priority': 4100, 'groups': ['mash', 'woodpecker', 'ci', 'woodpecker-ci-agent']}] if devture_woodpecker_ci_agent_enabled else [])
+
([{'name': (gitea_identifier + '.service'), 'priority': 2000, 'groups': ['mash', 'gitea', 'gitea-server']}] if gitea_enabled else [])
+
([{'name': (nextcloud_identifier + '-server.service'), 'priority': 2000, 'groups': ['mash', 'nextcloud', 'nextcloud-server']}] if nextcloud_enabled else [])
+
([{'name': (nextcloud_identifier + '-cron.timer'), 'priority': 2500, 'groups': ['mash', 'nextcloud', 'nextcloud-cron']}] if nextcloud_enabled else [])
+
([{'name': (miniflux_identifier + '.service'), 'priority': 2000, 'groups': ['mash', 'miniflux']}] if miniflux_enabled else [])
+
([{'name': (peertube_identifier + '.service'), 'priority': 2000, 'groups': ['mash', 'peertube']}] if peertube_enabled else [])
+
([{'name': (radicale_identifier + '.service'), 'priority': 2000, 'groups': ['mash', 'radicale']}] if radicale_enabled else [])
+
([{'name': (redmine_identifier + '.service'), 'priority': 2000, 'groups': ['mash', 'redmine']}] if redmine_enabled else [])
+
([{'name': (redis_identifier + '.service'), 'priority': 750, 'groups': ['mash', 'redis']}] if redis_enabled else [])
+
([{'name': (vaultwarden_identifier + '.service'), 'priority': 2000, 'groups': ['mash', 'vaultwarden', 'vaultwarden-server']}] if vaultwarden_enabled else [])
+
([{'name': (uptime_kuma_identifier + '.service'), 'priority': 2000, 'groups': ['mash', 'uptime-kuma']}] if uptime_kuma_enabled else [])
+
([{'name': (hubsite_identifier + '.service'), 'priority': 2000, 'groups': ['mash', 'hubsite']}] if hubsite_enabled else [])
}}
########################################################################
# #
# /com.devture.ansible.role.systemd_service_manager #
# #
########################################################################
########################################################################
# #
# com.devture.ansible.role.postgres #
# #
########################################################################
devture_postgres_enabled: false
devture_postgres_identifier: "{{ mash_playbook_service_identifier_prefix }}postgres"
devture_postgres_architecture: "{{ mash_playbook_architecture }}"
devture_postgres_base_path: "{{ mash_playbook_base_path }}/postgres"
devture_postgres_uid: "{{ mash_playbook_uid }}"
devture_postgres_gid: "{{ mash_playbook_gid }}"
devture_postgres_systemd_services_to_stop_for_maintenance_list: |
{{
([(miniflux_identifier + '.service')] if miniflux_enabled else [])
+
([(redmine_identifier + '.service')] if redmine_enabled else [])
}}
devture_postgres_managed_databases_auto: |
{{
([{
'name': gitea_config_database_name,
'username': gitea_config_database_username,
'password': gitea_config_database_password,
}] if gitea_enabled else [])
+
([{
'name': devture_woodpecker_ci_server_database_datasource_db_name,
'username': devture_woodpecker_ci_server_database_datasource_username,
'password': devture_woodpecker_ci_server_database_datasource_password,
}] if devture_woodpecker_ci_server_enabled else [])
+
([{
'name': miniflux_database_name,
'username': miniflux_database_username,
'password': miniflux_database_password,
}] if miniflux_enabled else [])
+
([{
'name': redmine_database_name,
'username': redmine_database_username,
'password': redmine_database_password,
}] if redmine_enabled else [])
+
([{
'name': nextcloud_database_name,
'username': nextcloud_database_username,
'password': nextcloud_database_password,
}] if nextcloud_enabled else [])
+
([{
'name': peertube_config_database_name,
'username': peertube_config_database_username,
'password': peertube_config_database_password,
}] if peertube_enabled else [])
+
([{
'name': vaultwarden_database_name,
'username': vaultwarden_database_username,
'password': vaultwarden_database_password,
}] if vaultwarden_enabled else [])
}}
########################################################################
# #
# /com.devture.ansible.role.postgres #
# #
########################################################################
########################################################################
# #
# com.devture.ansible.role.postgres_backup #
# #
########################################################################
devture_postgres_backup_enabled: false
devture_postgres_backup_identifier: "{{ mash_playbook_service_identifier_prefix }}postgres-backup"
devture_postgres_backup_architecture: "{{ mash_playbook_architecture }}"
devture_postgres_backup_base_path: "{{ mash_playbook_base_path }}/postgres-backup"
devture_postgres_backup_systemd_required_services_list: |
{{
(['docker.service'])
+
([(devture_postgres_identifier + '.service')] if devture_postgres_enabled else [])
}}
devture_postgres_backup_container_network: "{{ devture_postgres_container_network }}"
devture_postgres_backup_uid: "{{ mash_playbook_uid }}"
devture_postgres_backup_gid: "{{ mash_playbook_gid }}"
devture_postgres_backup_connection_hostname: "{{ devture_postgres_connection_hostname if devture_postgres_enabled else '' }}"
devture_postgres_backup_connection_port: "{{ devture_postgres_connection_port if devture_postgres_enabled else 5432 }}"
devture_postgres_backup_connection_username: "{{ devture_postgres_connection_username if devture_postgres_enabled else '' }}"
devture_postgres_backup_connection_password: "{{ devture_postgres_connection_password if devture_postgres_enabled else '' }}"
devture_postgres_backup_postgres_data_path: "{{ devture_postgres_data_path if devture_postgres_enabled else '' }}"
devture_postgres_backup_databases: "{{ devture_postgres_managed_databases | map(attribute='name') if devture_postgres_enabled else [] }}"
########################################################################
# #
# /com.devture.ansible.role.postgres_backup #
# #
########################################################################
########################################################################
# #
# com.devture.ansible.role.playbook_state_preserver #
# #
########################################################################
# To completely disable this feature, use `devture_playbook_state_preserver_enabled: false`.
devture_playbook_state_preserver_uid: "{{ mash_playbook_uid }}"
devture_playbook_state_preserver_gid: "{{ mash_playbook_gid }}"
devture_playbook_state_preserver_vars_preservation_dst: "{{ mash_playbook_base_path }}/vars.yml"
devture_playbook_state_preserver_commit_hash_preservation_dst: "{{ mash_playbook_base_path }}/git_hash.yml"
########################################################################
# #
# /com.devture.ansible.role.playbook_state_preserver #
# #
########################################################################
########################################################################
# #
# com.devture.ansible.role.container_socket_proxy #
# #
########################################################################
devture_container_socket_proxy_enabled: "{{ devture_traefik_enabled }}"
devture_container_socket_proxy_identifier: "{{ mash_playbook_service_identifier_prefix }}container-socket-proxy"
devture_container_socket_proxy_base_path: "{{ mash_playbook_base_path }}/container-socket-proxy"
devture_container_socket_proxy_uid: "{{ mash_playbook_uid }}"
devture_container_socket_proxy_gid: "{{ mash_playbook_gid }}"
# Traefik requires read access to the containers APIs to do its job
devture_container_socket_proxy_api_containers_enabled: true
########################################################################
# #
# /com.devture.ansible.role.container_socket_proxy #
# #
########################################################################
########################################################################
# #
# com.devture.ansible.role.traefik #
# #
########################################################################
devture_traefik_enabled: "{{ mash_playbook_reverse_proxy_type == 'playbook-managed-traefik' }}"
devture_traefik_identifier: "{{ mash_playbook_service_identifier_prefix }}traefik"
devture_traefik_base_path: "{{ mash_playbook_base_path }}/traefik"
devture_traefik_uid: "{{ mash_playbook_uid }}"
devture_traefik_gid: "{{ mash_playbook_gid }}"
devture_traefik_config_providers_docker_endpoint: "{{ devture_container_socket_proxy_endpoint if devture_container_socket_proxy_enabled else 'unix:///var/run/docker.sock' }}"
devture_traefik_container_additional_networks: |
{{
([devture_container_socket_proxy_container_network] if devture_container_socket_proxy_enabled else [])
}}
devture_traefik_systemd_required_services_list: |
{{
(['docker.service'])
+
([devture_container_socket_proxy_identifier + '.service'] if devture_container_socket_proxy_enabled else [])
}}
########################################################################
# #
# /com.devture.ansible.role.traefik #
# #
########################################################################
########################################################################
# #
# com.devture.ansible.role.docker_sdk_for_python #
# #
########################################################################
# To completely disable installing the Docker SDK for Python, use `devture_docker_sdk_for_python_installation_enabled: false`.
devture_docker_sdk_for_python_installation_enabled: true
########################################################################
# #
# /com.devture.ansible.role.docker_sdk_for_python #
# #
########################################################################
########################################################################
# #
# com.devture.ansible.role.timesync #
# #
########################################################################
# To completely disable installing systemd-timesyncd/ntpd, use `devture_timesync_installation_enabled: false`.
devture_timesync_installation_enabled: false
########################################################################
# #
# /com.devture.ansible.role.timesync #
# #
########################################################################
########################################################################
# #
# collabora-online #
# #
########################################################################
collabora_online_enabled: false
collabora_online_identifier: "{{ mash_playbook_service_identifier_prefix }}collabora-online"
collabora_online_base_path: "{{ mash_playbook_base_path }}/collabora-online"
collabora_online_uid: "{{ mash_playbook_uid }}"
collabora_online_gid: "{{ mash_playbook_gid }}"
collabora_online_container_additional_networks: |
{{
([mash_playbook_reverse_proxyable_services_additional_network] if mash_playbook_reverse_proxyable_services_additional_network else [])
}}
collabora_online_container_labels_traefik_enabled: "{{ mash_playbook_traefik_labels_enabled }}"
collabora_online_container_labels_traefik_docker_network: "{{ mash_playbook_reverse_proxyable_services_additional_network }}"
collabora_online_container_labels_traefik_entrypoints: "{{ devture_traefik_entrypoint_primary }}"
collabora_online_container_labels_traefik_tls_certResolver: "{{ devture_traefik_certResolver_primary }}"
########################################################################
# #
# /collabora-online #
# #
########################################################################
########################################################################
# #
# gitea #
# #
########################################################################
gitea_enabled: false
gitea_identifier: "{{ mash_playbook_service_identifier_prefix }}gitea"
gitea_base_path: "{{ mash_playbook_base_path }}/gitea"
gitea_uid: "{{ mash_playbook_uid }}"
gitea_gid: "{{ mash_playbook_gid }}"
gitea_systemd_required_systemd_services_list: |
{{
(['docker.service'])
+
([devture_postgres_identifier ~ '.service'] if devture_postgres_enabled and gitea_config_database_hostname == devture_postgres_identifier else [])
}}
gitea_container_additional_networks: |
{{
([mash_playbook_reverse_proxyable_services_additional_network] if mash_playbook_reverse_proxyable_services_additional_network else [])
+
([devture_postgres_container_network] if devture_postgres_enabled and gitea_config_database_hostname == devture_postgres_identifier and gitea_container_network != devture_postgres_container_network else [])
}}
gitea_container_labels_traefik_enabled: "{{ mash_playbook_traefik_labels_enabled }}"
gitea_container_labels_traefik_docker_network: "{{ mash_playbook_reverse_proxyable_services_additional_network }}"
gitea_container_labels_traefik_entrypoints: "{{ devture_traefik_entrypoint_primary }}"
gitea_container_labels_traefik_tls_certResolver: "{{ devture_traefik_certResolver_primary }}"
gitea_config_database_hostname: "{{ devture_postgres_identifier if devture_postgres_enabled else '' }}"
gitea_config_database_port: "{{ '5432' if devture_postgres_enabled else '' }}"
gitea_config_database_username: "gitea"
gitea_config_database_password: "{{ '%s' | format(mash_playbook_generic_secret_key) | password_hash('sha512', 'db.gitea', rounds=655555) | to_uuid }}"
########################################################################
# #
# /gitea #
# #
########################################################################
########################################################################
# #
# miniflux #
# #
########################################################################
miniflux_enabled: false
miniflux_identifier: "{{ mash_playbook_service_identifier_prefix }}miniflux"
miniflux_base_path: "{{ mash_playbook_base_path }}/miniflux"
miniflux_uid: "{{ mash_playbook_uid }}"
miniflux_gid: "{{ mash_playbook_gid }}"
miniflux_systemd_required_services_list: |
{{
(['docker.service'])
+
([devture_postgres_identifier ~ '.service'] if devture_postgres_enabled and miniflux_database_hostname == devture_postgres_identifier else [])
}}
miniflux_container_additional_networks: |
{{
([mash_playbook_reverse_proxyable_services_additional_network] if mash_playbook_reverse_proxyable_services_additional_network else [])
+
([devture_postgres_container_network] if devture_postgres_enabled and miniflux_database_hostname == devture_postgres_identifier and miniflux_container_network != devture_postgres_container_network else [])
}}
miniflux_container_labels_traefik_enabled: "{{ mash_playbook_traefik_labels_enabled }}"
miniflux_container_labels_traefik_docker_network: "{{ mash_playbook_reverse_proxyable_services_additional_network }}"
miniflux_container_labels_traefik_entrypoints: "{{ devture_traefik_entrypoint_primary }}"
miniflux_container_labels_traefik_tls_certResolver: "{{ devture_traefik_certResolver_primary }}"
miniflux_database_hostname: "{{ devture_postgres_connection_hostname if devture_postgres_enabled else '' }}"
miniflux_database_password: "{{ '%s' | format(mash_playbook_generic_secret_key) | password_hash('sha512', 'miniflux.db', rounds=655555) | to_uuid }}"
########################################################################
# #
# /miniflux #
# #
########################################################################
########################################################################
# #
# nextcloud #
# #
########################################################################
nextcloud_enabled: false
nextcloud_identifier: "{{ mash_playbook_service_identifier_prefix }}nextcloud"
nextcloud_base_path: "{{ mash_playbook_base_path }}/nextcloud"
nextcloud_uid: "{{ mash_playbook_uid }}"
nextcloud_gid: "{{ mash_playbook_gid }}"
nextcloud_systemd_required_systemd_services_list: |
{{
(['docker.service'])
+
([devture_postgres_identifier ~ '.service'] if devture_postgres_enabled and nextcloud_database_hostname == devture_postgres_identifier else [])
}}
nextcloud_container_additional_networks: |
{{
([mash_playbook_reverse_proxyable_services_additional_network] if mash_playbook_reverse_proxyable_services_additional_network else [])
+
([devture_postgres_container_network] if devture_postgres_enabled and nextcloud_database_hostname == devture_postgres_identifier and nextcloud_container_network != devture_postgres_container_network else [])
}}
nextcloud_container_labels_traefik_enabled: "{{ mash_playbook_traefik_labels_enabled }}"
nextcloud_container_labels_traefik_docker_network: "{{ mash_playbook_reverse_proxyable_services_additional_network }}"
nextcloud_container_labels_traefik_entrypoints: "{{ devture_traefik_entrypoint_primary }}"
nextcloud_container_labels_traefik_tls_certResolver: "{{ devture_traefik_certResolver_primary }}"
nextcloud_database_hostname: "{{ devture_postgres_identifier if devture_postgres_enabled else '' }}"
nextcloud_database_port: "{{ '5432' if devture_postgres_enabled else '' }}"
nextcloud_database_username: "nextcloud"
nextcloud_database_password: "{{ '%s' | format(mash_playbook_generic_secret_key) | password_hash('sha512', 'db.nextcloud', rounds=655555) | to_uuid }}"
########################################################################
# #
# /nextcloud #
# #
########################################################################
########################################################################
# #
# peertube #
# #
########################################################################
peertube_enabled: false
peertube_identifier: "{{ mash_playbook_service_identifier_prefix }}peertube"
peertube_base_path: "{{ mash_playbook_base_path }}/peertube"
peertube_uid: "{{ mash_playbook_uid }}"
peertube_gid: "{{ mash_playbook_gid }}"
peertube_container_additional_networks: |
{{
(
([mash_playbook_reverse_proxyable_services_additional_network] if mash_playbook_reverse_proxyable_services_additional_network else [])
+
([devture_postgres_container_network] if devture_postgres_enabled and peertube_config_database_hostname == devture_postgres_identifier and peertube_container_network != devture_postgres_container_network else [])
+
([redis_container_network] if peertube_config_redis_hostname == redis_identifier else [])
) | unique
}}
peertube_container_labels_traefik_enabled: "{{ mash_playbook_traefik_labels_enabled }}"
peertube_container_labels_traefik_docker_network: "{{ mash_playbook_reverse_proxyable_services_additional_network }}"
peertube_container_labels_traefik_entrypoints: "{{ devture_traefik_entrypoint_primary }}"
peertube_container_labels_traefik_tls_certResolver: "{{ devture_traefik_certResolver_primary }}"
peertube_config_database_hostname: "{{ devture_postgres_identifier if devture_postgres_enabled else '' }}"
peertube_config_database_port: "{{ '5432' if devture_postgres_enabled else '' }}"
peertube_config_database_username: peertube
peertube_config_database_password: "{{ '%s' | format(mash_playbook_generic_secret_key) | password_hash('sha512', 'db.peertube', rounds=655555) | to_uuid }}"
peertube_config_redis_hostname: "{{ redis_identifier if redis_enabled else '' }}"
peertube_systemd_required_services_list: |
{{
(['docker.service'])
+
([devture_postgres_identifier ~ '.service'] if devture_postgres_enabled and peertube_config_database_hostname == devture_postgres_identifier else [])
+
([redis_identifier ~ '.service'] if redis_enabled and peertube_config_redis_hostname == redis_identifier else [])
}}
########################################################################
# #
# /peertube #
# #
########################################################################
########################################################################
# #
# radicale #
# #
########################################################################
radicale_enabled: false
radicale_identifier: "{{ mash_playbook_service_identifier_prefix }}radicale"
radicale_base_path: "{{ mash_playbook_base_path }}/radicale"
radicale_uid: "{{ mash_playbook_uid }}"
radicale_gid: "{{ mash_playbook_gid }}"
radicale_container_additional_networks: |
{{
([mash_playbook_reverse_proxyable_services_additional_network] if mash_playbook_reverse_proxyable_services_additional_network else [])
}}
radicale_container_labels_traefik_enabled: "{{ mash_playbook_traefik_labels_enabled }}"
radicale_container_labels_traefik_docker_network: "{{ mash_playbook_reverse_proxyable_services_additional_network }}"
radicale_container_labels_traefik_entrypoints: "{{ devture_traefik_entrypoint_primary }}"
radicale_container_labels_traefik_tls_certResolver: "{{ devture_traefik_certResolver_primary }}"
########################################################################
# #
# /radicale #
# #
########################################################################
########################################################################
# #
# redmine #
# #
########################################################################
redmine_enabled: false
redmine_identifier: "{{ mash_playbook_service_identifier_prefix }}redmine"
redmine_base_path: "{{ mash_playbook_base_path }}/redmine"
redmine_uid: "{{ mash_playbook_uid }}"
redmine_gid: "{{ mash_playbook_gid }}"
redmine_secret_key_base: "{{ '%s' | format(mash_playbook_generic_secret_key) | password_hash('sha512', 'secret.base', rounds=655555) | to_uuid }}"
redmine_secret_token: "{{ '%s' | format(mash_playbook_generic_secret_key) | password_hash('sha512', 'secret.token', rounds=655555) | to_uuid }}"
redmine_database_cipher_key: "{{ '%s' | format(mash_playbook_generic_secret_key) | password_hash('sha512', 'db.cipherkey', rounds=655555) | to_uuid }}"
redmine_systemd_required_services_list: |
{{
(['docker.service'])
+
([devture_postgres_identifier ~ '.service'] if devture_postgres_enabled and redmine_database_hostname == devture_postgres_identifier else [])
}}
redmine_container_additional_networks: |
{{
([mash_playbook_reverse_proxyable_services_additional_network] if mash_playbook_reverse_proxyable_services_additional_network else [])
+
([devture_postgres_container_network] if devture_postgres_enabled and redmine_database_hostname == devture_postgres_identifier and redmine_container_network != devture_postgres_container_network else [])
}}
redmine_container_labels_traefik_enabled: "{{ mash_playbook_traefik_labels_enabled }}"
redmine_container_labels_traefik_docker_network: "{{ mash_playbook_reverse_proxyable_services_additional_network }}"
redmine_container_labels_traefik_entrypoints: "{{ devture_traefik_entrypoint_primary }}"
redmine_container_labels_traefik_tls_certResolver: "{{ devture_traefik_certResolver_primary }}"
redmine_database_type: "{{ 'postgresql' if devture_postgres_enabled else 'sqlite3' }}"
redmine_database_hostname: "{{ devture_postgres_connection_hostname if devture_postgres_enabled else '' }}"
redmine_database_password: "{{ '%s' | format(mash_playbook_generic_secret_key) | password_hash('sha512', 'redmine.db', rounds=655555) | to_uuid }}"
########################################################################
# #
# /redmine #
# #
########################################################################
########################################################################
# #
# redis #
# #
########################################################################
redis_enabled: false
redis_identifier: "{{ mash_playbook_service_identifier_prefix }}redis"
redis_base_path: "{{ mash_playbook_base_path }}/redis"
redis_uid: "{{ mash_playbook_uid }}"
redis_gid: "{{ mash_playbook_gid }}"
########################################################################
# #
# /redis #
# #
########################################################################
########################################################################
# #
# vaultwarden #
# #
########################################################################
vaultwarden_enabled: false
vaultwarden_identifier: "{{ mash_playbook_service_identifier_prefix }}vaultwarden"
vaultwarden_uid: "{{ mash_playbook_uid }}"
vaultwarden_gid: "{{ mash_playbook_gid }}"
vaultwarden_base_path: "{{ mash_playbook_base_path }}/vaultwarden"
vaultwarden_systemd_required_systemd_services_list: |
{{
(['docker.service'])
+
([devture_postgres_identifier ~ '.service'] if devture_postgres_enabled and vaultwarden_database_hostname == devture_postgres_identifier else [])
}}
vaultwarden_container_additional_networks: |
{{
([mash_playbook_reverse_proxyable_services_additional_network] if mash_playbook_reverse_proxyable_services_additional_network else [])
+
([devture_postgres_container_network] if devture_postgres_enabled and vaultwarden_database_hostname == devture_postgres_identifier and vaultwarden_container_network != devture_postgres_container_network else [])
}}
vaultwarden_container_labels_traefik_enabled: "{{ mash_playbook_traefik_labels_enabled }}"
vaultwarden_container_labels_traefik_docker_network: "{{ mash_playbook_reverse_proxyable_services_additional_network }}"
vaultwarden_database_hostname: "{{ devture_postgres_identifier if devture_postgres_enabled else '' }}"
vaultwarden_database_port: "{{ '5432' if devture_postgres_enabled else '' }}"
vaultwarden_database_username: "vaultwarden"
vaultwarden_database_password: "{{ '%s' | format(mash_playbook_generic_secret_key) | password_hash('sha512', 'db.vaultwarden', rounds=655555) | to_uuid }}"
########################################################################
# #
# /vaultwarden #
# #
########################################################################
########################################################################
# #
# etke/uptime_kuma #
# #
########################################################################
uptime_kuma_enabled: false
uptime_kuma_identifier: "{{ mash_playbook_service_identifier_prefix }}uptime-kuma"
uptime_kuma_base_path: "{{ mash_playbook_base_path }}/uptime-kuma"
uptime_kuma_uid: "{{ mash_playbook_uid }}"
uptime_kuma_gid: "{{ mash_playbook_gid }}"
uptime_kuma_container_additional_networks: |
{{
([mash_playbook_reverse_proxyable_services_additional_network] if mash_playbook_reverse_proxyable_services_additional_network else [])
}}
uptime_kuma_container_labels_traefik_enabled: "{{ mash_playbook_traefik_labels_enabled }}"
uptime_kuma_container_labels_traefik_docker_network: "{{ mash_playbook_reverse_proxyable_services_additional_network }}"
uptime_kuma_container_labels_traefik_entrypoints: "{{ devture_traefik_entrypoint_primary }}"
uptime_kuma_container_labels_traefik_tls_certResolver: "{{ devture_traefik_certResolver_primary }}"
########################################################################
# #
# /etke/uptime_kuma #
# #
########################################################################
########################################################################
# #
# woodpecker-ci-server #
# #
########################################################################
devture_woodpecker_ci_server_enabled: false
devture_woodpecker_ci_server_identifier: "{{ mash_playbook_service_identifier_prefix }}woodpecker-ci-server"
devture_woodpecker_ci_server_uid: "{{ mash_playbook_uid }}"
devture_woodpecker_ci_server_gid: "{{ mash_playbook_gid }}"
devture_woodpecker_ci_server_base_path: "{{ mash_playbook_base_path }}/woodpecker-ci/server"
devture_woodpecker_ci_server_systemd_required_systemd_services_list: |
{{
(['docker.service'])
+
([devture_postgres_identifier ~ '.service'] if devture_postgres_enabled and devture_woodpecker_ci_server_database_datasource_hostname == devture_postgres_identifier else [])
}}
devture_woodpecker_ci_server_container_additional_networks: |
{{
(
([mash_playbook_reverse_proxyable_services_additional_network] if mash_playbook_reverse_proxyable_services_additional_network else [])
+
([devture_postgres_container_network] if devture_postgres_enabled and devture_woodpecker_ci_server_database_datasource_hostname == devture_postgres_identifier and devture_woodpecker_ci_server_container_network != devture_postgres_container_network else [])
) | unique
}}
devture_woodpecker_ci_server_container_labels_traefik_enabled: "{{ mash_playbook_traefik_labels_enabled }}"
devture_woodpecker_ci_server_container_labels_traefik_docker_network: "{{ mash_playbook_reverse_proxyable_services_additional_network }}"
devture_woodpecker_ci_server_database_driver: postgres
devture_woodpecker_ci_server_database_datasource: "postgres://{{ devture_woodpecker_ci_server_database_datasource_username }}:{{ devture_woodpecker_ci_server_database_datasource_password }}@{{ devture_woodpecker_ci_server_database_datasource_hostname }}:{{ devture_woodpecker_ci_server_database_datasource_port }}/{{ devture_woodpecker_ci_server_database_datasource_db_name }}?sslmode=disable"
devture_woodpecker_ci_server_database_datasource_hostname: "{{ devture_postgres_identifier if devture_postgres_enabled else '' }}"
devture_woodpecker_ci_server_database_datasource_port: "{{ '5432' if devture_postgres_enabled else '' }}"
devture_woodpecker_ci_server_database_datasource_username: woodpecker_ci_server
devture_woodpecker_ci_server_database_datasource_password: "{{ '%s' | format(mash_playbook_generic_secret_key) | password_hash('sha512', 'woodpecker.ci', rounds=655555) | to_uuid }}"
devture_woodpecker_ci_server_database_datasource_db_name: woodpecker_ci_server
########################################################################
# #
# /woodpecker-ci-server #
# #
########################################################################
########################################################################
# #
# woodpecker-ci-agent #
# #
########################################################################
devture_woodpecker_ci_agent_enabled: false
devture_woodpecker_ci_agent_identifier: "{{ mash_playbook_service_identifier_prefix }}woodpecker-ci-agent"
devture_woodpecker_ci_agent_uid: "{{ mash_playbook_uid }}"
devture_woodpecker_ci_agent_gid: "{{ mash_playbook_gid }}"
devture_woodpecker_ci_agent_base_path: "{{ mash_playbook_base_path }}/woodpecker-ci/agent"
devture_woodpecker_ci_agent_systemd_required_systemd_services_list: |
{{
(['docker.service'])
+
([devture_woodpecker_ci_server_identifier ~ '.service'] if devture_woodpecker_ci_server_enabled else [])
}}
devture_woodpecker_ci_agent_container_additional_networks: |
{{
(
([devture_woodpecker_ci_server_container_network] if devture_woodpecker_ci_server_enabled and devture_woodpecker_ci_server_container_network != devture_woodpecker_ci_agent_container_network else [])
) | unique
}}
devture_woodpecker_ci_agent_config_server: "{{ (devture_woodpecker_ci_server_identifier + ':' + devture_woodpecker_ci_server_config_grpc_addr_port | string) if devture_woodpecker_ci_agent_enabled else '' }}"
devture_woodpecker_ci_agent_config_agent_secret: "{{ devture_woodpecker_ci_server_config_agent_secret if devture_woodpecker_ci_agent_enabled else '' }}"
########################################################################
# #
# /woodpecker-ci-agent #
# #
########################################################################
########################################################################
# #
# hubsite #
# #
########################################################################
hubsite_enabled: false
hubsite_service_list: |
{{
([{'name': 'Miniflux', 'url': 'https://' + miniflux_hostname + miniflux_path_prefix, 'logo_location': '{{ role_path }}/assets/miniflux.png', 'description': 'An opinionated feed reader '}] if miniflux_enabled else [])
+
([{'name': 'Uptime Kuma', 'url': 'https://' + uptime_kuma_hostname + uptime_kuma_path_prefix, 'logo_location': '{{ role_path }}/assets/uptime-kuma.png', 'description': 'Check if the status of services'}] if uptime_kuma_enabled else [])
+
([{'name': 'Nextcloud', 'url': 'https://' + nextcloud_hostname + nextcloud_path_prefix, 'logo_location': '{{ role_path }}/assets/nextcloud.png', 'description': 'Sync your files & much more'}] if nextcloud_enabled else [])
+
([{'name': 'Peertube', 'url': 'https://' + peertube_hostname + peertube_path_prefix, 'logo_location': '{{ role_path }}/assets/peertube.png', 'description': 'Watch videos '}] if peertube_enabled else [])
+
([{'name': 'Vaultwarden', 'url': 'https://' + vaultwarden_hostname + vaultwarden_path_prefix, ' logo_location': '{{ role_path }}/assets/vaultwarden.png', 'description': 'Securly access your passwords'}] if vaultwarden_enabled else [])
+
([{'name': 'Gitea', 'url': 'https://' + gitea_hostname + gitea_path_prefix, 'logo_location': '{{ role_path }}/assets/gitea.png', 'description': 'A git service'}] if gitea_enabled else [])
}}
hubsite_identifier: "{{ mash_playbook_service_identifier_prefix }}hubsite"
hubsite_base_path: "{{ mash_playbook_base_path }}/hubsite"
hubsite_uid: "{{ mash_playbook_uid }}"
hubsite_gid: "{{ mash_playbook_gid }}"
hubsite_systemd_required_services_list: |
{{
(['docker.service'])
}}
hubsite_container_additional_networks: |
{{
([mash_playbook_reverse_proxyable_services_additional_network] if mash_playbook_reverse_proxyable_services_additional_network else [])
}}
hubsite_container_labels_traefik_enabled: "{{ mash_playbook_traefik_labels_enabled }}"
hubsite_container_labels_traefik_docker_network: "{{ mash_playbook_reverse_proxyable_services_additional_network }}"
hubsite_container_labels_traefik_entrypoints: "{{ devture_traefik_entrypoint_primary }}"
hubsite_container_labels_traefik_tls_certResolver: "{{ devture_traefik_certResolver_primary }}"
########################################################################
# #
# /hubsite #
# #
########################################################################
View git blame Copy permalink