Added Several New Services

2025-05-16 13:46:14 -04:00 · 2025-05-16 13:46:14 -04:00 · 4b89946070
commit 4b89946070
parent 0f3b4dad7e
12 changed files with 134 additions and 5 deletions
--- a/collections/ansible_collections/adhdgirl/minilab/roles/authentik/files/docker-compose.yaml
+++ b/collections/ansible_collections/adhdgirl/minilab/roles/authentik/files/docker-compose.yaml
@ -1,5 +1,4 @@
 ---
-
 services:
  postgresql:
    image: docker.io/library/postgres:16-alpine
--- a/collections/ansible_collections/adhdgirl/minilab/roles/caddy/files/docker-compose.yaml
+++ b/collections/ansible_collections/adhdgirl/minilab/roles/caddy/files/docker-compose.yaml
@ -0,0 +1,15 @@
+---
+services:
+  caddy:
+    image: ghcr.io/caddybuilds/caddy-cloudflare:latest
+    restart: unless-stopped
+    cap_add:
+      - NET_ADMIN
+    ports:
+      - 80:80
+      - 443:443
+      - 443:443/udp
+    volumes:
+      - /opt/caddy/Caddyfile:/etc/caddy/Caddyfile
+      - /opt/caddy/data:/data
+      - /opt/caddy/config:/config
--- a/collections/ansible_collections/adhdgirl/minilab/roles/caddy/tasks/main.yaml
+++ b/collections/ansible_collections/adhdgirl/minilab/roles/caddy/tasks/main.yaml
@ -0,0 +1,48 @@
+---
+- name: Load distro-specific variables
+  ansible.builtin.include_vars: '{{ item }}'
+  tags: always
+  with_first_found:
+    - files:
+        - "{{ ansible_distribution }}.yaml"
+      skip: true
+
+- name: Ensure Caddy is running on this device
+  block:
+    - name: Ensure presense of folders for Caddy Home
+      tags: packages,docker,caddy
+      ansible.builtin.file:
+        path: "/opt/caddy/{{ item }}"
+        state: directory
+        recurse: true
+        owner: root
+        group: root
+      loop:
+        - data
+        - config
+    - name: Ensure compose file is available on the server
+      tags: docker,caddy,settings
+      ansible.builtin.copy:
+        src: docker-compose.yaml
+        dest: /opt/caddy/docker-compose.yaml
+        owner: root
+        group: root
+        mode: u=rw,g=r,o=r
+    - name: Ensure environment file is available on the server
+      tags: docker,caddy,settings
+      ansible.builtin.template:
+        src: Caddyfile.j2
+        dest: /opt/caddy/Caddyfile
+        owner: root
+        group: root
+        mode: u=rw,g=,o=
+    - name: Ensure docker containers are pulled and running
+      tags: docker,caddy
+      community.docker.docker_compose_v2:
+        project_src: /opt/caddy
+        pull: always
+
+  rescue:
+    - name: Set that this task failed
+      ansible.builtin.set_fact:
+        task_failed: true
--- a/collections/ansible_collections/adhdgirl/minilab/roles/caddy/templates/Caddyfile.j2
+++ b/collections/ansible_collections/adhdgirl/minilab/roles/caddy/templates/Caddyfile.j2
@ -0,0 +1,22 @@
+{
+    email annika@adhdgirl.dev
+    acme_dns cloudflare {{ caddy_cobblgbt_key }}
+}
+
+authentik.local.cobb.lgbt {
+    reverse_proxy 10.69.11.52:9000 {
+        trusted_proxies private_ranges
+    }
+}
+
+pve.local.cobb.lgbt {
+    reverse_proxy 10.69.128.5:8006 {
+        transport http {
+            tls_insecure_skip_verify
+        }
+    }
+}
+
+code.local.cobb.lgbt {
+  reverse_proxy 10.69.11.51:8443
+}
--- a/collections/ansible_collections/adhdgirl/minilab/roles/caddy/vars/main.yaml
+++ b/collections/ansible_collections/adhdgirl/minilab/roles/caddy/vars/main.yaml
@ -0,0 +1,9 @@
+---
+caddy_cobblgbt_key: !vault |
+          $ANSIBLE_VAULT;1.1;AES256
+          32396232646666616261393537613662386165353765323763353739343232323363636331656338
+          3133323662636436326535323637633261313163366237300a383865393032326331336335636262
+          30646461653832323262373863646261333865613763356365666130636262636430616238643538
+          3039316461356630620a323536643638396164303965346465356563326131663939633236343532
+          61363338313435316334616462376433643732343936316437656165373961306438393665343265
+          3132636333313635633533353461333236666561363865653236
--- a/collections/ansible_collections/adhdgirl/minilab/roles/coder/templates/env.j2
+++ b/collections/ansible_collections/adhdgirl/minilab/roles/coder/templates/env.j2
@ -2,3 +2,4 @@ HASHED_PASSWORD={{ coder_hashed_password }}
 SUDO_PASSWORD_HASH={{ coder_sudo_hashed_password }}
 PROXY_DOMAIN={{ coder_proxy_domain }}
 DEFAULT_WORKSPACE={{ coder_default_workspace }}
+CODE_VERSION={{ coder_version }}
--- a/collections/ansible_collections/adhdgirl/minilab/roles/coder/vars/main.yaml
+++ b/collections/ansible_collections/adhdgirl/minilab/roles/coder/vars/main.yaml
@ -23,3 +23,4 @@ coder_sudo_hashed_password: !vault |
          3762
 coder_proxy_domain: coder.local.cobb.lgbt
 coder_default_workspace: /workspace
+coder_version: 4.100.0
--- a/collections/ansible_collections/adhdgirl/minilab/roles/common/tasks/users.yaml
+++ b/collections/ansible_collections/adhdgirl/minilab/roles/common/tasks/users.yaml
@ -8,6 +8,9 @@
    name: "{{ user_name }}"
  check_mode: true
  register: user_exists
+# - name: Debug user_exists
+#   ansible.builtin.debug:
+#     msg: "user_exists: {{ user_exists }}"
 - name: Ensure group exists
  tags: groups,users
  ansible.builtin.group:
@ -25,7 +28,7 @@
  ansible.builtin.user:
    name: "{{ user_name }}"
    password: "{{ common_user_password | string | password_hash('sha512') }}"
-  when: user_exists is defined and user_exists.state != 'present'
+  when: user_exists.state is undefined or user_exists.state != 'present'
 - name: Adjust shell for Debian hosts
  tags: settings,users,debian
  ansible.builtin.user:
--- a/collections/ansible_collections/adhdgirl/minilab/roles/wikijs/files/docker-compose.yaml
+++ b/collections/ansible_collections/adhdgirl/minilab/roles/wikijs/files/docker-compose.yaml
@ -0,0 +1,30 @@
+services:
+  db:
+    image: postgres:15-alpine
+    environment:
+      POSTGRES_DB: wiki
+      POSTGRES_PASSWORD: wikijsrocks
+      POSTGRES_USER: wikijs
+    logging:
+      driver: none
+    restart: unless-stopped
+    volumes:
+      - db-data:/var/lib/postgresql/data
+
+  wiki:
+    image: ghcr.io/requarks/wiki:2
+    depends_on:
+      - db
+    environment:
+      DB_TYPE: postgres
+      DB_HOST: db
+      DB_PORT: 5432
+      DB_USER: wikijs
+      DB_PASS: wikijsrocks
+      DB_NAME: wiki
+    restart: unless-stopped
+    ports:
+      - "80:3000"
+
+volumes:
+  db-data:
--- a/collections/ansible_collections/adhdgirl/minilab/roles/wikijs/tasks/main.yaml
+++ b/collections/ansible_collections/adhdgirl/minilab/roles/wikijs/tasks/main.yaml
--- a/collections/ansible_collections/adhdgirl/minilab/roles/wikijs/vars/main.yaml
+++ b/collections/ansible_collections/adhdgirl/minilab/roles/wikijs/vars/main.yaml
--- a/minilab.yaml
+++ b/minilab.yaml
@ -41,9 +41,10 @@
  become: true
  roles:
    - adhdgirl.minilab.coder
- name: Configure authentik
-  hosts: authentik
-  tags: docker,authentik
+- name: Configure nemetona
+  hosts: nemetona
+  tags: docker,authentik,caddy
  become: true
  roles:
    - adhdgirl.minilab.authentik
+    - adhdgirl.minilab.caddy