From 9e4e02fdfb5a9e038c5e09a38fa51b457164156b Mon Sep 17 00:00:00 2001 From: Trygve Laugstøl Date: Sat, 26 Dec 2020 14:17:41 +0100 Subject: Replaced malabaricus. --- .../files/malabaricus/etc/wireguard/public-wg0.key | 2 +- ansible/plays/malabaricus-base.yml | 30 ++++++ ansible/plays/malabaricus-nextcloud.yml | 112 +++++++++++++++++++++ ansible/plays/malabaricus-services.yml | 11 ++ ansible/plays/malabaricus.yml | 112 --------------------- .../plays/templates/malabaricus/docker-compose.yml | 10 ++ 6 files changed, 164 insertions(+), 113 deletions(-) create mode 100644 ansible/plays/malabaricus-base.yml create mode 100644 ansible/plays/malabaricus-nextcloud.yml create mode 100644 ansible/plays/malabaricus-services.yml delete mode 100644 ansible/plays/malabaricus.yml create mode 100644 ansible/plays/templates/malabaricus/docker-compose.yml (limited to 'ansible/plays') diff --git a/ansible/plays/files/malabaricus/etc/wireguard/public-wg0.key b/ansible/plays/files/malabaricus/etc/wireguard/public-wg0.key index 6fe02dc..6104a9a 100644 --- a/ansible/plays/files/malabaricus/etc/wireguard/public-wg0.key +++ b/ansible/plays/files/malabaricus/etc/wireguard/public-wg0.key @@ -1 +1 @@ -spjhTSR22/RyPy7D2AnMLLzzHuasXD6W4J5Xwuo+UTQ= +LjvdPrpPeXyj8qIYgiKkrt7A6C+VmwKgjxYmpr5Jtg0= diff --git a/ansible/plays/malabaricus-base.yml b/ansible/plays/malabaricus-base.yml new file mode 100644 index 0000000..e782fb2 --- /dev/null +++ b/ansible/plays/malabaricus-base.yml @@ -0,0 +1,30 @@ +- hosts: + - malabaricus + tasks: + - import_role: + name: unix-machine + - import_role: + name: lusers + - import_role: + name: superusers + + - become: yes + name: /etc/hostname + copy: + dest: /etc/hostname + content: | + malabaricus + - become: yes + name: /etc/hosts + copy: + dest: /etc/hosts + content: | + 127.0.0.1 localhost malabaricus + ::1 localhost malabaricus ip6-localhost ip6-loopback + fe00::0 ip6-localnet + ff00::0 ip6-mcastprefix + ff02::1 ip6-allnodes + ff02::2 ip6-allrouters + + - import_role: + name: docker-host diff --git a/ansible/plays/malabaricus-nextcloud.yml b/ansible/plays/malabaricus-nextcloud.yml new file mode 100644 index 0000000..7e54c76 --- /dev/null +++ b/ansible/plays/malabaricus-nextcloud.yml @@ -0,0 +1,112 @@ +- hosts: + - malabaricus + become: yes + vars: + fpm_version: 7.3 + handlers: + - name: systemctl daemon-reload + become: yes + systemd: + daemon_reload: yes + + - name: systemctl restart fpm + become: yes + systemd: + name: "php{{ fpm_version }}-fpm" + state: restarted + - name: systemctl reload nextcloud-cron.timer + become: yes + systemd: + unit: nextcloud-cron.timer + state: reloaded + roles: + - minio-server + - role: nginx + nginx__template: + - sites-enabled/default + - sites-enabled/minio + - snippets/nextcloud.conf + ipv6: "[::]:80" + server_name: minio.trygvis.io + tasks: + - apt: + name: + - php-imagick + tags: packages,never + - tags: nextcloud + file: + path: /var/www/html/nextcloud/occ + mode: ug=rx,o= + owner: www-data + group: www-data + - tags: nextcloud + copy: + dest: '/etc/php/{{ fpm_version }}/fpm/conf.d/99-nextcloud.ini' + content: | + opcache.enable=1 + opcache.enable_cli=1 + opcache.interned_strings_buffer=8 + opcache.max_accelerated_files=10000 + opcache.memory_consumption=128 + opcache.save_comments=1 + opcache.revalidate_freq=1 + + client_max_body_size 10G; + notify: systemctl restart fpm + - tags: nextcloud + lineinfile: + path: '/etc/php/{{ fpm_version }}/fpm/pool.d/www.conf' + regexp: '^env\[{{ item.key }}\]' + line: 'env[{{ item.key }}] = {{ item.value }}' + with_dict: + HOSTNAME: '$HOSTNAME' + PATH: /usr/sbin:/usr/bin:/sbin:/bin + TMP: /tmp + TMPDIR: /tmp + TEMP: /tmp + notify: systemctl restart fpm + + - tags: nextcloud + register: service + copy: + dest: /etc/systemd/system/nextcloud-cron.service + content: | + [Unit] + Description=Nextcloud cron.php job + + [Service] + User=www-data + ExecStart=/usr/bin/php -f /var/www/html/nextcloud/cron.php + + - tags: nextcloud + register: timer + copy: + dest: /etc/systemd/system/nextcloud-cron.timer + content: | + [Unit] + Description=Run Nextcloud cron.php every 5 minutes + + [Timer] + OnBootSec=5min + OnUnitActiveSec=5min + Unit=nextcloud-cron.service + + [Install] + WantedBy=timers.target + + - name: systemctl daemon-reload + tags: nextcloud + when: timer.changed or service.changed + become: yes + systemd: + daemon_reload: yes + + - name: systemctl enable --now nextcloud-cron.timer + tags: nextcloud + become: yes + systemd: + unit: nextcloud-cron.timer + enabled: yes + state: started + +# TODO: comply with warnings from https://malabaricus.trygvis.io/settings/admin/overview diff --git a/ansible/plays/malabaricus-services.yml b/ansible/plays/malabaricus-services.yml new file mode 100644 index 0000000..b120cf7 --- /dev/null +++ b/ansible/plays/malabaricus-services.yml @@ -0,0 +1,11 @@ +- hosts: + - malabaricus + tasks: + - import_role: + name: docker-host + - import_role: + name: docker-service + tags: docker-service + vars: + service: malabaricus + template: templates/malabaricus/docker-compose.yml diff --git a/ansible/plays/malabaricus.yml b/ansible/plays/malabaricus.yml deleted file mode 100644 index 7e54c76..0000000 --- a/ansible/plays/malabaricus.yml +++ /dev/null @@ -1,112 +0,0 @@ -- hosts: - - malabaricus - become: yes - vars: - fpm_version: 7.3 - handlers: - - name: systemctl daemon-reload - become: yes - systemd: - daemon_reload: yes - - - name: systemctl restart fpm - become: yes - systemd: - name: "php{{ fpm_version }}-fpm" - state: restarted - - name: systemctl reload nextcloud-cron.timer - become: yes - systemd: - unit: nextcloud-cron.timer - state: reloaded - roles: - - minio-server - - role: nginx - nginx__template: - - sites-enabled/default - - sites-enabled/minio - - snippets/nextcloud.conf - ipv6: "[::]:80" - server_name: minio.trygvis.io - tasks: - - apt: - name: - - php-imagick - tags: packages,never - - tags: nextcloud - file: - path: /var/www/html/nextcloud/occ - mode: ug=rx,o= - owner: www-data - group: www-data - - tags: nextcloud - copy: - dest: '/etc/php/{{ fpm_version }}/fpm/conf.d/99-nextcloud.ini' - content: | - opcache.enable=1 - opcache.enable_cli=1 - opcache.interned_strings_buffer=8 - opcache.max_accelerated_files=10000 - opcache.memory_consumption=128 - opcache.save_comments=1 - opcache.revalidate_freq=1 - - client_max_body_size 10G; - notify: systemctl restart fpm - - tags: nextcloud - lineinfile: - path: '/etc/php/{{ fpm_version }}/fpm/pool.d/www.conf' - regexp: '^env\[{{ item.key }}\]' - line: 'env[{{ item.key }}] = {{ item.value }}' - with_dict: - HOSTNAME: '$HOSTNAME' - PATH: /usr/sbin:/usr/bin:/sbin:/bin - TMP: /tmp - TMPDIR: /tmp - TEMP: /tmp - notify: systemctl restart fpm - - - tags: nextcloud - register: service - copy: - dest: /etc/systemd/system/nextcloud-cron.service - content: | - [Unit] - Description=Nextcloud cron.php job - - [Service] - User=www-data - ExecStart=/usr/bin/php -f /var/www/html/nextcloud/cron.php - - - tags: nextcloud - register: timer - copy: - dest: /etc/systemd/system/nextcloud-cron.timer - content: | - [Unit] - Description=Run Nextcloud cron.php every 5 minutes - - [Timer] - OnBootSec=5min - OnUnitActiveSec=5min - Unit=nextcloud-cron.service - - [Install] - WantedBy=timers.target - - - name: systemctl daemon-reload - tags: nextcloud - when: timer.changed or service.changed - become: yes - systemd: - daemon_reload: yes - - - name: systemctl enable --now nextcloud-cron.timer - tags: nextcloud - become: yes - systemd: - unit: nextcloud-cron.timer - enabled: yes - state: started - -# TODO: comply with warnings from https://malabaricus.trygvis.io/settings/admin/overview diff --git a/ansible/plays/templates/malabaricus/docker-compose.yml b/ansible/plays/templates/malabaricus/docker-compose.yml new file mode 100644 index 0000000..e85f147 --- /dev/null +++ b/ansible/plays/templates/malabaricus/docker-compose.yml @@ -0,0 +1,10 @@ +version: "3" +services: + pdb11: + image: postgres:11 + volumes: + - /data:/var/lib/postgresql/data + environment: + POSTGRES_PASSWORD: mysecretpassword + + -- cgit v1.2.3