Compare commits
	
		
			1 Commits
		
	
	
		
			98be926e89
			...
			36ceb40fac
		
	
	| Author | SHA1 | Date | |
|---|---|---|---|
| 36ceb40fac | 
| @@ -7,7 +7,8 @@ authors: | |||||||
| description: Various ansible roles useful for automating infrastructure | description: Various ansible roles useful for automating infrastructure | ||||||
| dependencies: | dependencies: | ||||||
|   "community.docker": "^1.10.0" |   "community.docker": "^1.10.0" | ||||||
| license_file: LICENSE.md | license: | ||||||
|  | - CNPLv7+ | ||||||
| build_ignore: | build_ignore: | ||||||
| - '*.tar.gz' | - '*.tar.gz' | ||||||
| repository: https://git.finally.coffee/finallycoffee/services | repository: https://git.finally.coffee/finallycoffee/services | ||||||
|   | |||||||
| @@ -1,3 +0,0 @@ | |||||||
| --- |  | ||||||
|  |  | ||||||
| requires_ansible: ">=2.12" |  | ||||||
| @@ -1,18 +0,0 @@ | |||||||
| # `finallycoffee.services.ghost` ansible role |  | ||||||
|  |  | ||||||
| [Ghost](https://ghost.org/) is a self-hosted blog with rich media capabilities, |  | ||||||
| which this role deploys in a docker container. |  | ||||||
|  |  | ||||||
| ## Requirements |  | ||||||
|  |  | ||||||
| Ghost requires a MySQL-database (like mariadb) for storing it's data, which |  | ||||||
| can be configured using the `ghost_database_(host|username|password|database)` variables. |  | ||||||
|  |  | ||||||
| Setting `ghost_domain` to a fully-qualified domain on which ghost should be reachable |  | ||||||
| is also required. |  | ||||||
|  |  | ||||||
| Ghosts configuration can be changed using the `ghost_config` variable. |  | ||||||
|  |  | ||||||
| Container arguments which are equivalent to `community.docker.docker_container` can be |  | ||||||
| provided in the `ghost_container_[...]` syntax (e.g. `ghost_container_ports` to expose |  | ||||||
| ghosts port to the host). |  | ||||||
| @@ -1,15 +0,0 @@ | |||||||
| # `finallycoffee.services.jellyfin` ansible role |  | ||||||
|  |  | ||||||
| This role runs [Jellyfin](https://jellyfin.org/), a free software media system, |  | ||||||
| in a docker container. |  | ||||||
|  |  | ||||||
| ## Usage |  | ||||||
|  |  | ||||||
| `jellyfin_domain` contains the FQDN which jellyfin should listen to. Most configuration |  | ||||||
| is done in the software itself. |  | ||||||
|  |  | ||||||
| Jellyfin runs in host networking mode by default, as that is needed for some features like |  | ||||||
| network discovery with chromecasts and similar. |  | ||||||
|  |  | ||||||
| Media can be mounted into jellyfin using `jellyfin_media_volumes`, taking a list of strings |  | ||||||
| akin to `community.docker.docker_container`'s `volumes` key. |  | ||||||
| @@ -1,7 +1,7 @@ | |||||||
| --- | --- | ||||||
|  |  | ||||||
| jellyfin_user: jellyfin | jellyfin_user: jellyfin | ||||||
| jellyfin_version: 10.8.10 | jellyfin_version: 10.8.6 | ||||||
|  |  | ||||||
| jellyfin_base_path: /opt/jellyfin | jellyfin_base_path: /opt/jellyfin | ||||||
| jellyfin_config_path: "{{ jellyfin_base_path }}/config" | jellyfin_config_path: "{{ jellyfin_base_path }}/config" | ||||||
|   | |||||||
| @@ -1,28 +0,0 @@ | |||||||
| # `finallycoffee.services.nginx` ansible role |  | ||||||
|  |  | ||||||
| ## Description |  | ||||||
|  |  | ||||||
| Runs `nginx`, a HTTP reverse proxy, in a docker container. |  | ||||||
|  |  | ||||||
| ## Usage |  | ||||||
|  |  | ||||||
| For the role to do anything, `nginx_config` needs to be populated with the configuration for nginx. |  | ||||||
| An example would be: |  | ||||||
|  |  | ||||||
| ```yaml |  | ||||||
| nginx_config: |+ |  | ||||||
|   server { |  | ||||||
|     listen 80 default_server; |  | ||||||
|     server_name my.server.fqdn; |  | ||||||
|     location / { return 200; } |  | ||||||
|   } |  | ||||||
| ``` |  | ||||||
|  |  | ||||||
| The container is named `nginx` by default, this can be overridden in `nginx_container_name`. |  | ||||||
| When running this role multiple times, `nginx_base_path` should also be changed for each run, |  | ||||||
| otherwise the configuration files collide in the filesystem. |  | ||||||
|  |  | ||||||
| For exposing this server to the host and/or internet, the `nginx_container_ports` (port forwarding host |  | ||||||
| from host to container), `nginx_container_networks` (docker networking) or `nginx_container_labels` |  | ||||||
| (for label-based routing discovery like traefik) can be used. The options correspond to the arguments |  | ||||||
| of the `community.docker.docker_container` module. |  | ||||||
| @@ -1,16 +0,0 @@ | |||||||
| # `finallycoffee.services.vouch-proxy` |  | ||||||
|  |  | ||||||
| [Vouch-Proxy](https://github.com/vouch/vouch-proxy) can be used in combination with |  | ||||||
| nginx' `auth_request` module to secure web services with OIDC/OAuth. This role runs |  | ||||||
| vouch-proxys' official docker container. |  | ||||||
|  |  | ||||||
| ## Usage |  | ||||||
|  |  | ||||||
| The `oauth` config section must be supplied in `vouch_proxy_oauth_config`, and the |  | ||||||
| `vouch` config section can be overridden in `vouch_proxy_vouch_config`. For possible |  | ||||||
| configuration values, see https://github.com/vouch/vouch-proxy/blob/master/config/config.yml_example. |  | ||||||
|  |  | ||||||
| For an example nginx config, see https://github.com/vouch/vouch-proxy#installation-and-configuration. |  | ||||||
|  |  | ||||||
| Passing container arguments in the same way as `community.docker.docker_container` is supported |  | ||||||
| using the `vouch_proxy_container_[...]` prefix (e.g. `vouch_proxy_container_ports`). |  | ||||||
		Reference in New Issue
	
	Block a user