Refactor everything

2023-12-14 02:20:13 +01:00 · 2023-12-14 02:20:13 +01:00 · 3f2e60becf
commit 3f2e60becf
parent 2e100d290f
69 changed files with 366 additions and 281 deletions
--- a/_ansible/roles/acme_dns/tasks/main.yml
+++ b/_ansible/roles/acme_dns/tasks/main.yml
@ -0,0 +1,31 @@
+---
+- name: Set common facts
+  ansible.builtin.import_tasks: tasks/set-default-facts.yml
+
+- name: Deploy {{ svc.name }}
+  vars:
+    svc: "{{ acme_dns_svc }}"
+    env: "{{ acme_dns_env }}"
+    compose: "{{ acme_dns_compose }}"
+  block:
+    - name: Import prepare tasks for common service
+      ansible.builtin.import_tasks: tasks/prepare-common-service.yml
+
+    - name: Setting the service config path
+      ansible.builtin.set_fact:
+        config_path: "{{ (service_path, 'config') | path_join }}"
+
+    - name: Create a service-config directory
+      ansible.builtin.file:
+        path: "{{ config_path }}"
+        state: directory
+        mode: "0700"
+
+    - name: Template config
+      ansible.builtin.template:
+        src: config.cfg.j2
+        dest: "{{ (config_path, 'config.cfg') | path_join }}"
+        mode: "0600"
+
+    - name: Import start tasks for common service
+      ansible.builtin.import_tasks: tasks/start-common-service.yml
--- a/_ansible/roles/acme_dns/templates/config.cfg.j2
+++ b/_ansible/roles/acme_dns/templates/config.cfg.j2
@ -0,0 +1,31 @@
+[general]
+listen = "0.0.0.0:53"
+protocol = "both"
+domain = "{{ svc.domain }}"
+nsname = "{{ svc.domain }}"
+nsadmin = "{{ svc.nsadmin }}"
+records = [
+    "{{ svc.domain }}. A {{ svc.records.a }}",
+    "{{ svc.domain }}. NS {{ svc.domain }}.",
+]
+debug = false
+
+[database]
+engine = "postgres"
+connection = "postgres://{{ svc.db.user }}:{{ svc.db.pass }}@{{ svc.db.host }}/{{ svc.db.db }}"
+
+[api]
+ip = "0.0.0.0"
+disable_registration = false
+port = "{{ svc.port }}"
+tls = "none"
+corsorigins = [
+    "*"
+]
+use_header = true
+header_name = "X-Forwarded-For"
+
+[logconfig]
+loglevel = "info"
+logtype = "stdout"
+logformat = "text"
--- a/_ansible/roles/acme_dns/vars/main.yml
+++ b/_ansible/roles/acme_dns/vars/main.yml
@ -0,0 +1,27 @@
+---
+acme_dns_svc:
+  domain: acme.serguzim.me
+  name: acme-dns
+  port: 80
+  nsadmin: "{{ admin_email | regex_replace('@', '.') }}"
+  records:
+    a: "{{ ansible_facts.default_ipv4.address }}"
+  db:
+    host: "{{ postgres.host }}"
+    port: "{{ postgres.port }}"
+    user: "{{ vault_acmedns.db.user }}"
+    pass: "{{ vault_acmedns.db.pass }}"
+    db: acme_dns
+
+acme_dns_compose:
+  watchtower: true
+  monitoring: true
+  image: joohoi/acme-dns
+  volumes:
+    - ./config:/etc/acme-dns:ro
+  file:
+    services:
+      app:
+        ports:
+          - "53:53"
+          - 53:53/udp