From 66f2dfd4846197bbf4d5a71c6a8c569bf51b1f00 Mon Sep 17 00:00:00 2001
From: 0ry5 <oscar.bloch@posteo.de>
Date: Sat, 25 Jan 2025 19:12:39 +0100
Subject: [PATCH] feat(librarian): integrate into pottwal
---
host-holmium.yml | 1 +
host-pottwal.yml | 76 +++++++++++++++++++++++++++++++
host_vars/pottwal.n39.eu/vars.yml | 10 ++++
3 files changed, 87 insertions(+)
diff --git a/host-holmium.yml b/host-holmium.yml
index 006f314..a939578 100644
--- a/host-holmium.yml
+++ b/host-holmium.yml
@@ -29,6 +29,7 @@
- name: grafana.n39.eu
- name: inventory.n39.eu
- name: spaceapi.n39.eu
+ - name: librarian.n39.eu
- server: radon
hosts:
- name: nodered.n39.eu
diff --git a/host-pottwal.yml b/host-pottwal.yml
index 9df71c4..76e4b14 100644
--- a/host-pottwal.yml
+++ b/host-pottwal.yml
@@ -637,6 +637,82 @@
tags:
- spaceapi
+- name: Check if librarian data dir exists
+ ansible.builtin.stat:
+ path: "{{ data_dir }}/librarian"
+ register: librarian_dir
+ tags:
+ - librarian
+ - name: Fail if librarian data dir does not exist
+ ansible.builtin.fail:
+ msg: "Librarian data dir is missing, please restore from the backup!"
+ when: not librarian_dir.stat.exists
+ tags:
+ - librarian
+
+ - name: Setup Librarian docker network
+ docker_network:
+ name: librariannet
+ state: present
+ internal: true
+ tags:
+ - librarian
+
+ - name: Setup Librarian MySQL container
+ docker_container:
+ name: librariandb
+ image: "{{ librarian_mysql_image }}"
+ pull: true
+ state: started
+ restart_policy: unless-stopped
+ detach: yes
+ env:
+ TZ: "{{ timezone }}"
+ MYSQL_ROOT_PASSWORD: "{{ librarian_database_root_password }}"
+ MYSQL_USER: "{{ librarian_database_user }}"
+ MYSQL_PASSWORD: "{{ librarian_database_password }}"
+ volumes:
+ - "{{ datadir }}/librarian/backup.sql:/docker-entrypoint-initdb.d/1.sql"
+ networks:
+ - name: librariannet
+ ports:
+ - "127.0.0.1:{{ librarian_database_port }}:3306"
+ tags:
+ - librarian
+
+ - name: Setup Librarian container
+ docker_container:
+ name: librarian
+ image: "{{ librarian_image }}"
+ pull: true
+ state: started
+ restart_policy: unless-stopped
+ detach: yes
+ ports:
+ - "127.0.0.1:{{ librarian_host_port }}:3001"
+ env:
+ DB_HOST: "librariandb"
+ ADMIN_DB_USER: "{{ librarian_database_user }}"
+ ADMIN_DB_PW: "{{ librarian_database_password }}"
+ DB_PORT: "{{ librarian_database_port }}"
+ DB_CONNECTION_LIMIT: "{{ librarian_database_limit }}"
+ networks_cli_compatible: false
+ comparisons:
+ networks: allow_more_present
+ networks:
+ - name: librariannet
+ tags:
+ - librarian
+
+ - name: Setup proxy site "{{ librarian_domain_name }}"
+ include_role:
+ name: setup_http_site_proxy
+ vars:
+ site_name: "{{ librarian_domain_name }}"
+ proxy_port: "{{ librarian_host_port }}"
+ tags:
+ - librarian
+
- name: Ensure renovate bot cronjob is present
ansible.builtin.template:
src: templates/pottwal/renovate-cron.j2
diff --git a/host_vars/pottwal.n39.eu/vars.yml b/host_vars/pottwal.n39.eu/vars.yml
index e4ae262..aa8fc15 100644
--- a/host_vars/pottwal.n39.eu/vars.yml
+++ b/host_vars/pottwal.n39.eu/vars.yml
@@ -63,3 +63,13 @@ renovate_image: renovate/renovate:39.84.0
renovate_forgejo_pat: "{{ vault_renovate_forgejo_pat }}"
renovate_github_pat: "{{ vault_renovate_github_pat }}"
renovate_git_user: "Renovate Bot <accounts+renovatebot@netz39.de>"
+
+librarian_host_port: 8093
+librarian_domain_name: librarian.n39.eu
+librarian_image: 0ry5/librarian:latest
+librarian_mysql_image: mariadb:latest
+librarian_database_user: "{{ vault_librarian_admin }}"
+librarian_database_password: "{{ vault_librarian_admin_pw }}"
+librarian_database_root_password: "{{ vault_librarian_root_pw }}"
+librarian_database_limit: 50
+librarian_database_port: 8094