diff --git a/playbooks/roles/deploy/files/deploy-reitanlage_oranienburg b/playbooks/roles/deploy/files/deploy-reitanlage_oranienburg
new file mode 100755
index 0000000..ccaddf3
--- /dev/null
+++ b/playbooks/roles/deploy/files/deploy-reitanlage_oranienburg
@@ -0,0 +1,6 @@
+#!/usr/bin/env sh
+
+if [ -n "$WEBHOOK_DATA" ]
+then
+ docker exec -i reitanlage_oranienburg-app-1 sh < "$WEBHOOK_DATA"
+fi
diff --git a/playbooks/roles/deploy/tasks/main.yml b/playbooks/roles/deploy/tasks/main.yml
new file mode 100644
index 0000000..d906df3
--- /dev/null
+++ b/playbooks/roles/deploy/tasks/main.yml
@@ -0,0 +1,37 @@
+---
+- name: Set common facts
+ ansible.builtin.import_tasks: tasks/set-default-facts.yml
+
+- name: Deploy {{ role_name }}
+ vars:
+ svc: "{{ deploy_svc }}"
+ yml: "{{ deploy_yml }}"
+ compose: "{{ deploy_compose }}"
+ block:
+ - name: Import prepare tasks for common service
+ ansible.builtin.import_tasks: tasks/prepare-common-service.yml
+
+ - name: Set webhook config path
+ ansible.builtin.set_fact:
+ config_path: "{{ (service_path, 'config') | path_join }}"
+
+ - name: Create config directory
+ ansible.builtin.file:
+ path: "{{ config_path }}"
+ state: directory
+ mode: "0755"
+
+ - name: Template main config
+ ansible.builtin.template:
+ src: yml.j2
+ dest: "{{ (config_path, 'hooks.yml') | path_join }}"
+ mode: "0644"
+
+ - name: Copy the deploy-reitanlage_oranienburg script
+ ansible.builtin.copy:
+ src: deploy-reitanlage_oranienburg
+ dest: "{{ (config_path, 'deploy-reitanlage_oranienburg') | path_join }}"
+ mode: "0755"
+
+ - name: Import start tasks for common service
+ ansible.builtin.import_tasks: tasks/start-common-service.yml
diff --git a/playbooks/roles/deploy/vars/main.yml b/playbooks/roles/deploy/vars/main.yml
new file mode 100644
index 0000000..c1ac4bd
--- /dev/null
+++ b/playbooks/roles/deploy/vars/main.yml
@@ -0,0 +1,33 @@
+---
+deploy_svc:
+ domain: "{{ all_services | service_get_domain(role_name) }}"
+ port: 9000
+
+deploy_yml:
+ - id: deploy-reitanlage_oranienburg
+ trigger-rule-mismatch-http-response-code: 400
+ execute-command: /config/deploy-reitanlage_oranienburg
+ pass-file-to-command:
+ - source: payload
+ name: data
+ envname: WEBHOOK_DATA
+ base64decode: true
+ trigger-rule:
+ and:
+ - match:
+ type: value
+ value: "{{ vault_deploy.reitanlage_oranienburg_token }}"
+ parameter:
+ source: header
+ name: X-Webhook-Token
+
+deploy_compose:
+ watchtower: update
+ image: lwlook/webhook
+ volumes:
+ - ./config:/config:ro
+ - /var/run/docker.sock:/var/run/docker.sock
+ file:
+ services:
+ app:
+ command: ["-verbose", "-hooks=/config/hooks.yml", "-hotreload"]
\ No newline at end of file
diff --git a/scripts/visualize.py b/scripts/visualize.py
index c6c382b..dacec8f 100755
--- a/scripts/visualize.py
+++ b/scripts/visualize.py
@@ -9,6 +9,7 @@ import hcl2
icon_overrides = {
"acme_dns": "lets-encrypt",
"backup": "restic",
+ "deploy": "webhook",
"extra_services": None,
"forgejo_runner": "forgejo",
"healthcheck": "healthchecks",
diff --git a/services.auto.tfvars b/services.auto.tfvars
index 205ee8f..409ce14 100644
--- a/services.auto.tfvars
+++ b/services.auto.tfvars
@@ -99,6 +99,21 @@ services = {
s3 = false
},
+ "deploy" = {
+ host = "node001"
+ dns = [
+ {
+ domain = "deploy.serguzim.me"
+ },
+ ]
+ monitoring = {
+ group = "7-support"
+ }
+ auth = false
+ database = false
+ s3 = false
+ }
+
"dokku" = {
host = "node001"
dns = [