feat(librarian): integrate into pottwal

2025-01-25 19:12:39 +01:00 · 2025-01-25 19:12:39 +01:00 · 66f2dfd484
commit 66f2dfd484
parent e2942cca27
3 changed files with 87 additions and 0 deletions
--- a/host-holmium.yml
+++ b/host-holmium.yml
@ -29,6 +29,7 @@
              - name: grafana.n39.eu
              - name: inventory.n39.eu
              - name: spaceapi.n39.eu
+              - name: librarian.n39.eu
          - server: radon
            hosts:
              - name: nodered.n39.eu
--- a/host-pottwal.yml
+++ b/host-pottwal.yml
@ -637,6 +637,82 @@
      tags:
        - spaceapi

+- name: Check if librarian data dir exists
+      ansible.builtin.stat:
+        path: "{{ data_dir }}/librarian"
+      register: librarian_dir
+      tags:
+        - librarian
+    - name: Fail if librarian data dir does not exist
+      ansible.builtin.fail:
+        msg: "Librarian data dir is missing, please restore from the backup!"
+      when: not librarian_dir.stat.exists
+      tags:
+        - librarian
+
+    - name: Setup Librarian docker network
+      docker_network:
+        name: librariannet
+        state: present
+        internal: true
+      tags:
+        - librarian
+
+    - name: Setup Librarian MySQL container
+      docker_container:
+        name: librariandb
+        image: "{{ librarian_mysql_image }}"
+        pull: true
+        state: started
+        restart_policy: unless-stopped
+        detach: yes
+        env:
+          TZ: "{{ timezone }}"
+          MYSQL_ROOT_PASSWORD: "{{ librarian_database_root_password }}"
+          MYSQL_USER: "{{ librarian_database_user }}"
+          MYSQL_PASSWORD: "{{ librarian_database_password }}"
+        volumes:
+          - "{{ datadir }}/librarian/backup.sql:/docker-entrypoint-initdb.d/1.sql"
+        networks:
+          - name: librariannet
+        ports:
+          - "127.0.0.1:{{ librarian_database_port }}:3306"
+      tags:
+        - librarian
+
+    - name: Setup Librarian container
+      docker_container:
+        name: librarian
+        image: "{{ librarian_image }}"
+        pull: true
+        state: started
+        restart_policy: unless-stopped
+        detach: yes
+        ports:
+          - "127.0.0.1:{{ librarian_host_port }}:3001"
+        env:
+          DB_HOST: "librariandb"
+          ADMIN_DB_USER: "{{ librarian_database_user }}"
+          ADMIN_DB_PW: "{{ librarian_database_password }}"
+          DB_PORT: "{{ librarian_database_port }}"
+          DB_CONNECTION_LIMIT: "{{ librarian_database_limit }}"
+        networks_cli_compatible: false
+        comparisons:
+          networks: allow_more_present
+        networks:
+          - name: librariannet
+      tags:
+        - librarian
+
+    - name: Setup proxy site "{{ librarian_domain_name }}"
+      include_role:
+        name: setup_http_site_proxy
+      vars:
+        site_name: "{{ librarian_domain_name }}"
+        proxy_port: "{{ librarian_host_port }}"
+      tags:
+        - librarian
+
    - name: Ensure renovate bot cronjob is present
      ansible.builtin.template:
        src: templates/pottwal/renovate-cron.j2
--- a/host_vars/pottwal.n39.eu/vars.yml
+++ b/host_vars/pottwal.n39.eu/vars.yml
@ -63,3 +63,13 @@ renovate_image: renovate/renovate:39.84.0
 renovate_forgejo_pat: "{{ vault_renovate_forgejo_pat }}"
 renovate_github_pat: "{{ vault_renovate_github_pat }}"
 renovate_git_user: "Renovate Bot <accounts+renovatebot@netz39.de>"
+
+librarian_host_port: 8093
+librarian_domain_name: librarian.n39.eu
+librarian_image: 0ry5/librarian:latest
+librarian_mysql_image: mariadb:latest
+librarian_database_user: "{{ vault_librarian_admin }}"
+librarian_database_password: "{{ vault_librarian_admin_pw }}"
+librarian_database_root_password: "{{ vault_librarian_root_pw }}"
+librarian_database_limit: 50
+librarian_database_port: 8094