Replace openfaas with dokku

This commit is contained in:
Tobias Reisinger 2024-10-29 06:07:04 +01:00
parent 7748ecf828
commit 53d9cd1190
Signed by: serguzim
GPG key ID: 13AD60C237A28DFE
10 changed files with 74 additions and 49 deletions

View file

@ -68,8 +68,9 @@ D("serguzim.me", REG_OVH, DnsProvider(DSP_OVH),
TLSA("_25._tcp.mail", 3, 1, 1, "e66a608a3ec459bda7fb1f2d500b8abeb78f2910f26641204b6bc454b8aa2a49"), TLSA("_25._tcp.mail", 3, 1, 1, "e66a608a3ec459bda7fb1f2d500b8abeb78f2910f26641204b6bc454b8aa2a49"),
acme_challenge("db", "ca2c86c0-ff3d-458a-89e0-11bcfd2543e4"),
acme_challenge("auth", "18a42983-3d19-4c17-8213-fc275a8be721"), acme_challenge("auth", "18a42983-3d19-4c17-8213-fc275a8be721"),
acme_challenge("db", "ca2c86c0-ff3d-458a-89e0-11bcfd2543e4"),
acme_challenge("paas", "92924f7c-0859-4941-9e3d-2ecedfb21c1b"),
verify_amazon_ses(dkim_ses["serguzim.me"]), verify_amazon_ses(dkim_ses["serguzim.me"]),

View file

@ -9,8 +9,8 @@
- authentik - authentik
- backup - backup
- caddy - caddy
- dokku
- extra_services - extra_services
- faas
- forgejo - forgejo
- forgejo_runner - forgejo_runner
- gatus - gatus

View file

@ -0,0 +1,12 @@
---
- name: Set common facts
ansible.builtin.import_tasks: tasks/set-default-facts.yml
- name: Deploy {{ role_name }}
vars:
svc: "{{ dokku_svc }}"
env: "{{ dokku_env }}"
compose: "{{ dokku_compose }}"
block:
- name: Import tasks to deploy common service
ansible.builtin.import_tasks: tasks/deploy-common-service.yml

View file

@ -0,0 +1,35 @@
---
dokku_svc:
domain: "{{ all_services | service_get_domain(role_name) }}"
additional_domains:
- "*.paas.serguzim.me"
caddy_extra: import acmedns
docker_host: host.docker.internal
port: 3080
extra_svcs:
- domain: serguzim.me
www_domain: true
hsts: true
docker_host: host.docker.internal
port: 3080
dokku_env:
DOKKU_HOSTNAME: "{{ dokku_svc.domain }}"
DOKKU_HOST_ROOT: /var/lib/dokku/home/dokku
DOKKU_LIB_HOST_ROOT: /var/lib/dokku/var/lib/dokku
dokku_compose:
watchtower: false
network: false
image: dokku/dokku:0.35.8
volumes:
- "/var/lib/dokku:/mnt/dokku"
- "/var/run/docker.sock:/var/run/docker.sock"
file:
services:
app:
network_mode: bridge
ports:
- "3022:22"
- "3080:80"

View file

@ -1,10 +0,0 @@
---
- name: Set common facts
ansible.builtin.import_tasks: tasks/set-default-facts.yml
- name: Deploy {{ role_name }}
vars:
svc: "{{ faas_svc }}"
block:
- name: Import tasks to template the site and functions for the reverse proxy
ansible.builtin.import_tasks: tasks/steps/template-site-config.yml

View file

@ -1,21 +0,0 @@
---
faas_svc:
domain: "{{ all_services | service_get_domain(role_name) }}"
docker_host: host.docker.internal
port: 8080
extra_svcs:
- domain: serguzim.me
faas_function: webpage-serguzim-me
www_domain: true
hsts: true
caddy_extra: |
header /.well-known/* Access-Control-Allow-Origin *
handle /.well-known/webfinger {
map {query.resource} {user} {
acct:tobias@msrg.cc serguzim
acct:serguzim@msrg.cc serguzim
}
rewrite * /.well-known/webfinger/{user}.json
import faas webpage-msrg-cc
}

View file

@ -12,8 +12,6 @@ synapse_svc:
} }
extra_svcs: extra_svcs:
- domain: matrix.serguzim.me:8448 - domain: matrix.serguzim.me:8448
additional_domains:
- serguzim.me:8448
docker_host: synapse docker_host: synapse
port: 8008 port: 8008
db: db:

View file

@ -60,32 +60,34 @@ services = {
s3 = false s3 = false
}, },
"extra_services" = { "dokku" = {
host = "node001" host = "node001"
auth = false
database = false
s3 = false
},
"faas" = {
host = "node002"
dns = [ dns = [
{ {
domain = "faas.serguzim.me" domain = "paas.serguzim.me"
},
{
domain = "*.paas.serguzim.me"
name = "dokku-wildcard"
alias = "dokku"
}, },
{ {
domain = "serguzim.me" domain = "serguzim.me"
name = "webpage-serguzim" name = "webpage-serguzim"
alias = "faas" alias = "dokku"
}, },
{ {
domain = "www.serguzim.me" domain = "www.serguzim.me"
name = "webpage-serguzim-www" name = "webpage-serguzim-www"
alias = "webpage-serguzim" alias = "webpage-serguzim"
} },
] ]
backup = [{
name = "dokku"
type = "directory"
path = "/var/lib/dokku"
}]
monitoring = { monitoring = {
url = "/healthz"
group = "7-support" group = "7-support"
} }
auth = false auth = false
@ -93,6 +95,13 @@ services = {
s3 = false s3 = false
}, },
"extra_services" = {
host = "node001"
auth = false
database = false
s3 = false
},
"forgejo" = { "forgejo" = {
host = "node001" host = "node001"
dns = [{ dns = [{
@ -278,7 +287,7 @@ services = {
}, },
"minio" = { "minio" = {
host = "node002" host = "node001"
dns = [ dns = [
{ {
domain = "s3.serguzim.me" domain = "s3.serguzim.me"

View file

@ -151,6 +151,7 @@ variable "services" {
backup = optional(list(object({ backup = optional(list(object({
name = string name = string
type = string type = string
path = optional(string)
}))) })))
monitoring = optional(object({ monitoring = optional(object({
url = optional(string) url = optional(string)

View file

@ -9,8 +9,8 @@ import hcl2
icon_overrides = { icon_overrides = {
"acme_dns": "lets-encrypt", "acme_dns": "lets-encrypt",
"backup": "restic", "backup": "restic",
"dokku": None,
"extra_services": None, "extra_services": None,
"faas": None,
"forgejo_runner": "forgejo", "forgejo_runner": "forgejo",
"healthcheck": "healthchecks", "healthcheck": "healthchecks",
"lego": "lets-encrypt", "lego": "lets-encrypt",