From 2f523075ae1a99ace454e10c7f6182d1028af154 Mon Sep 17 00:00:00 2001 From: Jake Howard Date: Fri, 8 May 2020 21:27:32 +0100 Subject: [PATCH] Add upload server --- ansible/main.yml | 1 + ansible/roles/upload/files/docker-compose.yml | 50 +++++++++++++++++++ ansible/roles/upload/tasks/main.yml | 32 ++++++++++++ ansible/roles/upload/vars/upload.yml | 22 ++++++++ terraform/theorangeone.net.tf | 32 ++++++++++++ 5 files changed, 137 insertions(+) create mode 100644 ansible/roles/upload/files/docker-compose.yml create mode 100644 ansible/roles/upload/tasks/main.yml create mode 100644 ansible/roles/upload/vars/upload.yml diff --git a/ansible/main.yml b/ansible/main.yml index e38102f..ac3e7d0 100644 --- a/ansible/main.yml +++ b/ansible/main.yml @@ -36,3 +36,4 @@ - website - statping - socks-proxy + - upload diff --git a/ansible/roles/upload/files/docker-compose.yml b/ansible/roles/upload/files/docker-compose.yml new file mode 100644 index 0000000..c3e0dde --- /dev/null +++ b/ansible/roles/upload/files/docker-compose.yml @@ -0,0 +1,50 @@ +version: "2.3" + +services: + upload: + image: minio/minio:latest + restart: unless-stopped + volumes: + - ./data:/data + command: server /data --quiet + environment: + - MINIO_ACCESS_KEY={{ minio_access_key }} + - MINIO_SECRET_KEY={{ minio_secret_key }} + labels: + - "traefik.enable=true" + - "traefik.http.routers.upload.rule=Host(`upload.theorangeone.net`)" + - "traefik.http.routers.upload.tls=true" + - "traefik.http.routers.upload.tls.certresolver=le" + + img: + image: nginx:latest + restart: unless-stopped + volumes: + - ./data/img:/usr/share/nginx/html:ro + labels: + - "traefik.enable=true" + - "traefik.http.routers.img.rule=Host(`img.theorangeone.net`)" + - "traefik.http.routers.img.tls=true" + - "traefik.http.routers.img.tls.certresolver=le" + + bg: + image: nginx:latest + restart: unless-stopped + volumes: + - ./data/background:/usr/share/nginx/html:ro + labels: + - "traefik.enable=true" + - "traefik.http.routers.bg.rule=Host(`bg.theorangeone.net`)" + - "traefik.http.routers.bg.tls=true" + - "traefik.http.routers.bg.tls.certresolver=le" + + dl: + image: nginx:latest + restart: unless-stopped + volumes: + - ./data/download:/usr/share/nginx/html:ro + labels: + - "traefik.enable=true" + - "traefik.http.routers.dl.rule=Host(`dl.theorangeone.net`)" + - "traefik.http.routers.dl.tls=true" + - "traefik.http.routers.dl.tls.certresolver=le" diff --git a/ansible/roles/upload/tasks/main.yml b/ansible/roles/upload/tasks/main.yml new file mode 100644 index 0000000..46328ca --- /dev/null +++ b/ansible/roles/upload/tasks/main.yml @@ -0,0 +1,32 @@ +- name: Include variables + include_vars: upload.yml + +- name: Create install directory + file: + path: /opt/upload + state: directory + owner: "{{ docker_user.name }}" + mode: "{{ docker_compose_directory_mask }}" + become: true + +- name: Install compose file + template: + src: files/docker-compose.yml + dest: /opt/upload/docker-compose.yml + mode: "{{ docker_compose_file_mask }}" + owner: "{{ docker_user.name }}" + validate: /usr/bin/docker-compose -f %s config + register: compose_file + become: true + +- name: Cycle container + docker_compose: + project_src: /opt/upload + pull: true + remove_orphans: true + remove_volumes: true + state: "{{ item }}" + when: compose_file.changed + loop: + - absent + - present diff --git a/ansible/roles/upload/vars/upload.yml b/ansible/roles/upload/vars/upload.yml new file mode 100644 index 0000000..171484e --- /dev/null +++ b/ansible/roles/upload/vars/upload.yml @@ -0,0 +1,22 @@ +minio_access_key: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 66366462383561303039343639376633653161663339643834363865303839616636643066336232 + 6561326136393766356239616566316566663136313137320a643865373430363162656533626237 + 34383761326130666536326238353531366132623964663631663134333234323134646531356464 + 6536323939306134650a373137373563313636323435323934613265346334383064383266333238 + 33623233613132653965666165343562393363323936343437363437353965653432643364646636 + 36363937623164346162386236613231383665393461666438306532373264376339303231666532 + 39376463633739383762303535323634656337333331653961393663313462613731306164323633 + 33383561363461383261653836396662656662393666613236303930646231333639653933313162 + 39646662396131366138663863343533643966343866333031656339383034343231 +minio_secret_key: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 63356130643562363439663563393639623238383562353861653635346566343036386439303836 + 3739346133396462333462633731366435353666336563350a626664363730653765373861376132 + 62623732656565356436333663653137643936663033616539326536336636346339613962376165 + 3966623337343566370a666135616561626331626333343532336662373638376662663762383835 + 62373363303534306533656166303131656464633635613165663234373333656637383137353566 + 37393938633036633833363135663038643661636131663337393332353339326566376637643831 + 35653262313266633231646437366638646462366133653833633139383061326336343238363464 + 62393137303862353636333033323536393466326337373761396539316265333133356632363233 + 32366663303765303663633564633564323465633366333064393330666261646465 diff --git a/terraform/theorangeone.net.tf b/terraform/theorangeone.net.tf index d58bd66..76860c2 100644 --- a/terraform/theorangeone.net.tf +++ b/terraform/theorangeone.net.tf @@ -116,3 +116,35 @@ resource "cloudflare_record" "theorangeonenet_srv_matrix" { target = cloudflare_record.jakehowardtech_matrix.hostname } } + +resource "cloudflare_record" "theorangeonenet_img" { + zone_id = cloudflare_zone.theorangeonenet.id + name = "img" + value = vultr_server.grimes.main_ip + type = "A" + ttl = 1 +} + +resource "cloudflare_record" "theorangeonenet_dl" { + zone_id = cloudflare_zone.theorangeonenet.id + name = "dl" + value = vultr_server.grimes.main_ip + type = "A" + ttl = 1 +} + +resource "cloudflare_record" "theorangeonenet_bg" { + zone_id = cloudflare_zone.theorangeonenet.id + name = "bg" + value = vultr_server.grimes.main_ip + type = "A" + ttl = 1 +} + +resource "cloudflare_record" "theorangeonenet_upload" { + zone_id = cloudflare_zone.theorangeonenet.id + name = "upload" + value = vultr_server.grimes.main_ip + type = "A" + ttl = 1 +}