Merge pull request 'chore/rework-pottwal-vars' (!153) from chore/rework-pottwal-vars into master

Reviewed-on: https://gitea.n39.eu/Netz39_Admin/netz39-infra-ansible/pulls/153
Reviewed-by: Stefan Haun <tux@netz39.de>

.gitignore

@@ -0,0 +1 @@
+vault-pass

host-pottwal.yml

@@ -10,18 +10,18 @@
       vars:
         dehydrated_contact_email: "{{ server_admin }}"
         dehydrated_domains:
-          - name: gitea.n39.eu
+          - name: "{{ forgejo_domain_name }}"
           - name: uritools.n39.eu
           - name: uritools-api.n39.eu
           - name: "{{ shlink_domain_name }}"
-          - name: pad.n39.eu
+          - name: "{{ hedgedoc_domain_name }}"
           - name: "{{ prosody_domain_name }}"
             alternate_names:
               - conference.jabber.n39.eu
             deploy_cert_hook: "docker exec prosody prosodyctl --root cert import ${DOMAIN} /var/lib/dehydrated/certs"
-          - name: redmine.n39.eu
+          - name: "{{ redmine_domain_name }}"
           - name: "{{ influxdb_domain_name }}"
-          - name: uptime.n39.eu
+          - name: "{{ uptimekuma_domain_name }}"
           - name: "{{ grafana_domain_name }}"
           - name: "{{ homebox_domain_name }}"
           - name: spaceapi.n39.eu
@@ -52,33 +52,33 @@
     - name: Setup the docker container for gitea
       docker_container:
         name: forgejo
-        image: "codeberg.org/forgejo/forgejo:1.19"
+        image: "{{ forgejo_image }}"
         pull: true
         state: started
         restart_policy: unless-stopped
         detach: yes
         ports:
           - 127.0.0.1:{{ forgejo_host_port }}:3000
-          - 2222:2222
+          - "{{ forgejo_ssh_port }}:2222"
         env:
           TZ: "{{ timezone }}"
           APP_NAME: "Netz39 Git"
           RUN_MODE: "prod"
-          SSH_DOMAIN: "gitea.n39.eu"
+          SSH_DOMAIN: "{{ forgejo_domain_name }}"
           SSH_PORT: "2222"
           SSH_START_SERVER: "false"
-          ROOT_URL: "https://gitea.n39.eu"
+          ROOT_URL: "https://{{ forgejo_domain_name }}"
           DISABLE_REGISTRATION: "true"
           USER_UID: "1000"
           USER_GID: "1000"
         volumes:
           - "{{ data_dir }}/forgejo:/data:rw"
 
-    - name: Setup proxy site gitea.n39.eu
+    - name: Setup proxy site "{{ forgejo_domain_name }}"
       include_role:
         name: setup_http_site_proxy
       vars:
-        site_name: "gitea.n39.eu"
+        site_name: "{{ forgejo_domain_name }}"
         proxy_port: "{{ forgejo_host_port }}"
 
     - name: Ensure apt-cacher container is running
@@ -94,11 +94,10 @@
         env:
           TZ: "{{ timezone }}"
 
-
     - name: Ensure container for shlink is running
       docker_container:
         name: shlink
-        image: shlinkio/shlink:2.6.2
+        image: "{{ shlink_image }}"
         pull: true
         state: started
         detach: yes
@@ -180,7 +179,7 @@
     - name: Ensure container for prosody XMPP server is running
       docker_container:
         name: prosody
-        image: netz39/prosody:0.11
+        image: "{{ prosody_image }}"
         pull: true
         state: started
         detach: true
@@ -202,7 +201,7 @@
     - name: Ensure container for static XMPP website is running
       docker_container:
         name: jabber-static-website
-        image: joseluisq/static-web-server:2.14
+        image: "{{ prosody_web_image }}"
         pull: true
         state: started
         detach: true
@@ -253,7 +252,7 @@
     - name: Install HedgeDoc database container
       docker_container:
         name: hedgedocdb
-        image: "postgres:11.6-alpine"
+        image: "{{ hedgedoc_db_image }}"
         pull: true
         state: started
         restart_policy: unless-stopped
@@ -282,7 +281,7 @@
           TZ: "{{ timezone }}"
           NODE_ENV: "production"
           CMD_PROTOCOL_USESSL: "true"
-          CMD_DOMAIN: "pad.n39.eu"
+          CMD_DOMAIN: "{{ hedgedoc_domain_name }}"
           CMD_URL_ADDPORT: "false"
           CMD_DB_HOST: "hedgedocdb"
           CMD_DB_PORT: "5432"
@@ -295,11 +294,11 @@
         networks:
           - name: hedgedocnet
 
-    - name: Setup proxy site pad.n39.eu
+    - name: Setup proxy site "{{ hedgedoc_domain_name }}"
       include_role:
         name: setup_http_site_proxy
       vars:
-        site_name: pad.n39.eu
+        site_name: "{{ hedgedoc_domain_name }}"
         proxy_port: "{{ hedgedoc_host_port }}"
 
     - name: Ensure the influxdb directories exist
@@ -397,11 +396,11 @@
         networks:
           - name: redminenet
 
-    - name: Setup proxy site redmine.n39.eu
+    - name: Setup proxy site "{{ redmine_domain_name }}"
       include_role:
         name: setup_http_site_proxy
       vars:
-        site_name: redmine.n39.eu
+        site_name: "{{ redmine_domain_name }}"
         proxy_port: "{{ redmine_host_port }}"
 
     - name: Ensure the uptime-kuma directories exist
@@ -415,7 +414,7 @@
     - name: Ensure container for uptime-kuma is running
       docker_container:
         name: uptime-kuma
-        image: "louislam/uptime-kuma:1"
+        image: "{{ uptimekuma_image }}"
         pull: true
         state: started
         detach: yes
@@ -427,11 +426,11 @@
         volumes:
           - "{{ data_dir }}/uptime-kuma:/app/data"
 
-    - name: Setup proxy site uptime.n39.eu
+    - name: Setup proxy site "{{ uptimekuma_domain_name }}"
       include_role:
         name: setup_http_site_proxy
       vars:
-        site_name: uptime.n39.eu
+        site_name: "{{ uptimekuma_domain_name }}"
         proxy_port: "{{ uptimekuma_host_port }}"
 
     - name: Ensure the grafana directories exist
@@ -452,7 +451,7 @@
     - name: Ensure container for grafana is running
       docker_container:
         name: grafana
-        image: "grafana/grafana:9.4.7"
+        image: "{{ grafana_image }}"
         pull: true
         state: started
         detach: yes
@@ -468,7 +467,7 @@
           GF_USERS_ALLOW_SIGN_UP: "false"
           GF_INSTALL_PLUGINS: "flant-statusmap-panel,ae3e-plotly-panel"
 
-    - name: Setup proxy site grafana.n39.eu
+    - name: Setup proxy site "{{ grafana_domain_name }}"
       include_role:
         name: setup_http_site_proxy
       vars:
@@ -491,7 +490,7 @@
     - name: Ensure container for homebox is running
       docker_container:
         name: homebox
-        image: "ghcr.io/hay-kot/homebox"
+        image: "{{ homebox_image }}"
         pull: true
         state: started
         detach: yes

host_vars/pottwal.n39.eu/vars.yml

@@ -9,15 +9,25 @@ cleanuri_amqp_user: "cleanuri"
 cleanuri_amqp_pass: "{{ vault_cleanuri_amqp_pass }}"
 cleanuri_amqp_vhost: "/cleanuri"
 
+forgejo_host_port: 9091
+forgejo_ssh_port: 2222
+forgejo_domain_name: gitea.n39.eu
+forgejo_image: codeberg.org/forgejo/forgejo:1.19
+
+
 shlink_host_port: 8083
 shlink_domain_name: sl.n39.eu
+shlink_image: shlinkio/shlink:2.6.2
 shlink_geolite_license_key: "{{ vault_shlink_geolite_license_key }}"
 
 hedgedoc_host_port: 8084
+hedgedoc_domain_name: pad.n39.eu
 hedgedoc_image: quay.io/hedgedoc/hedgedoc:1.9.3
+hedgedoc_db_image: postgres:11.6-alpine
 hedgedoc_postgres_password: "{{ vault_hedgedoc_postgres_password }}"
 
 redmine_host_port: 8087
+redmine_domain_name: redmine.n39.eu
 redmine_image: redmine:4.2.7
 redmine_mysql_image: mysql:5.7
 redmine_database: redmine
@@ -29,18 +39,22 @@ influxdb_image: influxdb:2.4-alpine
 influxdb_init_username: admin
 influxdb_init_password: "{{ vault_influxdb_init_password }}"
 
-forgejo_host_port: 9091
+jabber_host_port: 8086
-
+prosody_domain_name: jabber.n39.eu
+prosody_image: netz39/prosody:0.11
+prosody_web_image: joseluisq/static-web-server:2.14
 prosody_config_dir: "/etc/prosody"
 prosody_data_dir: "{{ data_dir }}/prosody"
-prosody_domain_name: jabber.n39.eu
-jabber_host_port: 8086
 
 uptimekuma_host_port: 8085
+uptimekuma_domain_name: uptime.n39.eu
+uptimekuma_image: louislam/uptime-kuma:1
 
 grafana_host_port: 8089
 grafana_domain_name: grafana.n39.eu
+grafana_image: grafana/grafana:9.4.7
 grafana_admin_password: "{{ vault_grafana_admin_password }}"
 
 homebox_host_port: 8092
 homebox_domain_name: inventory.n39.eu
+homebox_image: ghcr.io/hay-kot/homebox:v0.9.2