Replace openfaas with dokku
This commit is contained in:
parent
7748ecf828
commit
53d9cd1190
GPG key ID:
13AD60C237A28DFE
10 changed files with 74 additions and 49 deletions
|
|
@ -68,8 +68,9 @@ D("serguzim.me", REG_OVH, DnsProvider(DSP_OVH),
|
|||
|
||||
TLSA("_25._tcp.mail", 3, 1, 1, "e66a608a3ec459bda7fb1f2d500b8abeb78f2910f26641204b6bc454b8aa2a49"),
|
||||
|
||||
acme_challenge("db", "ca2c86c0-ff3d-458a-89e0-11bcfd2543e4"),
|
||||
acme_challenge("auth", "18a42983-3d19-4c17-8213-fc275a8be721"),
|
||||
acme_challenge("db", "ca2c86c0-ff3d-458a-89e0-11bcfd2543e4"),
|
||||
acme_challenge("paas", "92924f7c-0859-4941-9e3d-2ecedfb21c1b"),
|
||||
|
||||
verify_amazon_ses(dkim_ses["serguzim.me"]),
|
||||
|
||||
|
|
|
|||
|
|
@ -9,8 +9,8 @@
|
|||
- authentik
|
||||
- backup
|
||||
- caddy
|
||||
- dokku
|
||||
- extra_services
|
||||
- faas
|
||||
- forgejo
|
||||
- forgejo_runner
|
||||
- gatus
|
||||
|
|
|
|||
12
playbooks/roles/dokku/tasks/main.yml
Normal file
12
playbooks/roles/dokku/tasks/main.yml
Normal file
|
|
@ -0,0 +1,12 @@
|
|||
---
|
||||
- name: Set common facts
|
||||
ansible.builtin.import_tasks: tasks/set-default-facts.yml
|
||||
|
||||
- name: Deploy {{ role_name }}
|
||||
vars:
|
||||
svc: "{{ dokku_svc }}"
|
||||
env: "{{ dokku_env }}"
|
||||
compose: "{{ dokku_compose }}"
|
||||
block:
|
||||
- name: Import tasks to deploy common service
|
||||
ansible.builtin.import_tasks: tasks/deploy-common-service.yml
|
||||
35
playbooks/roles/dokku/vars/main.yml
Normal file
35
playbooks/roles/dokku/vars/main.yml
Normal file
|
|
@ -0,0 +1,35 @@
|
|||
---
|
||||
dokku_svc:
|
||||
domain: "{{ all_services | service_get_domain(role_name) }}"
|
||||
additional_domains:
|
||||
- "*.paas.serguzim.me"
|
||||
caddy_extra: import acmedns
|
||||
docker_host: host.docker.internal
|
||||
port: 3080
|
||||
extra_svcs:
|
||||
- domain: serguzim.me
|
||||
www_domain: true
|
||||
hsts: true
|
||||
docker_host: host.docker.internal
|
||||
port: 3080
|
||||
|
||||
|
||||
dokku_env:
|
||||
DOKKU_HOSTNAME: "{{ dokku_svc.domain }}"
|
||||
DOKKU_HOST_ROOT: /var/lib/dokku/home/dokku
|
||||
DOKKU_LIB_HOST_ROOT: /var/lib/dokku/var/lib/dokku
|
||||
|
||||
dokku_compose:
|
||||
watchtower: false
|
||||
network: false
|
||||
image: dokku/dokku:0.35.8
|
||||
volumes:
|
||||
- "/var/lib/dokku:/mnt/dokku"
|
||||
- "/var/run/docker.sock:/var/run/docker.sock"
|
||||
file:
|
||||
services:
|
||||
app:
|
||||
network_mode: bridge
|
||||
ports:
|
||||
- "3022:22"
|
||||
- "3080:80"
|
||||
|
|
@ -1,10 +0,0 @@
|
|||
---
|
||||
- name: Set common facts
|
||||
ansible.builtin.import_tasks: tasks/set-default-facts.yml
|
||||
|
||||
- name: Deploy {{ role_name }}
|
||||
vars:
|
||||
svc: "{{ faas_svc }}"
|
||||
block:
|
||||
- name: Import tasks to template the site and functions for the reverse proxy
|
||||
ansible.builtin.import_tasks: tasks/steps/template-site-config.yml
|
||||
|
|
@ -1,21 +0,0 @@
|
|||
---
|
||||
faas_svc:
|
||||
domain: "{{ all_services | service_get_domain(role_name) }}"
|
||||
docker_host: host.docker.internal
|
||||
port: 8080
|
||||
extra_svcs:
|
||||
- domain: serguzim.me
|
||||
faas_function: webpage-serguzim-me
|
||||
www_domain: true
|
||||
hsts: true
|
||||
caddy_extra: |
|
||||
header /.well-known/* Access-Control-Allow-Origin *
|
||||
|
||||
handle /.well-known/webfinger {
|
||||
map {query.resource} {user} {
|
||||
acct:tobias@msrg.cc serguzim
|
||||
acct:serguzim@msrg.cc serguzim
|
||||
}
|
||||
rewrite * /.well-known/webfinger/{user}.json
|
||||
import faas webpage-msrg-cc
|
||||
}
|
||||
|
|
@ -12,8 +12,6 @@ synapse_svc:
|
|||
}
|
||||
extra_svcs:
|
||||
- domain: matrix.serguzim.me:8448
|
||||
additional_domains:
|
||||
- serguzim.me:8448
|
||||
docker_host: synapse
|
||||
port: 8008
|
||||
db:
|
||||
|
|
|
|||
|
|
@ -60,32 +60,34 @@ services = {
|
|||
s3 = false
|
||||
},
|
||||
|
||||
"extra_services" = {
|
||||
"dokku" = {
|
||||
host = "node001"
|
||||
auth = false
|
||||
database = false
|
||||
s3 = false
|
||||
},
|
||||
|
||||
"faas" = {
|
||||
host = "node002"
|
||||
dns = [
|
||||
{
|
||||
domain = "faas.serguzim.me"
|
||||
domain = "paas.serguzim.me"
|
||||
},
|
||||
{
|
||||
domain = "*.paas.serguzim.me"
|
||||
name = "dokku-wildcard"
|
||||
alias = "dokku"
|
||||
},
|
||||
{
|
||||
domain = "serguzim.me"
|
||||
name = "webpage-serguzim"
|
||||
alias = "faas"
|
||||
alias = "dokku"
|
||||
},
|
||||
{
|
||||
domain = "www.serguzim.me"
|
||||
name = "webpage-serguzim-www"
|
||||
alias = "webpage-serguzim"
|
||||
}
|
||||
},
|
||||
]
|
||||
backup = [{
|
||||
name = "dokku"
|
||||
type = "directory"
|
||||
path = "/var/lib/dokku"
|
||||
}]
|
||||
monitoring = {
|
||||
url = "/healthz"
|
||||
group = "7-support"
|
||||
}
|
||||
auth = false
|
||||
|
|
@ -93,6 +95,13 @@ services = {
|
|||
s3 = false
|
||||
},
|
||||
|
||||
"extra_services" = {
|
||||
host = "node001"
|
||||
auth = false
|
||||
database = false
|
||||
s3 = false
|
||||
},
|
||||
|
||||
"forgejo" = {
|
||||
host = "node001"
|
||||
dns = [{
|
||||
|
|
@ -278,7 +287,7 @@ services = {
|
|||
},
|
||||
|
||||
"minio" = {
|
||||
host = "node002"
|
||||
host = "node001"
|
||||
dns = [
|
||||
{
|
||||
domain = "s3.serguzim.me"
|
||||
|
|
|
|||
|
|
@ -151,6 +151,7 @@ variable "services" {
|
|||
backup = optional(list(object({
|
||||
name = string
|
||||
type = string
|
||||
path = optional(string)
|
||||
})))
|
||||
monitoring = optional(object({
|
||||
url = optional(string)
|
||||
|
|
|
|||
|
|
@ -9,8 +9,8 @@ import hcl2
|
|||
icon_overrides = {
|
||||
"acme_dns": "lets-encrypt",
|
||||
"backup": "restic",
|
||||
"dokku": None,
|
||||
"extra_services": None,
|
||||
"faas": None,
|
||||
"forgejo_runner": "forgejo",
|
||||
"healthcheck": "healthchecks",
|
||||
"lego": "lets-encrypt",
|
||||
|
|
|
|||
Loading…
Reference in a new issue