diff --git a/ansible/main.yml b/ansible/main.yml index dbf7161..bddd6bb 100644 --- a/ansible/main.yml +++ b/ansible/main.yml @@ -103,6 +103,7 @@ - restic - commento - website + - remark42 - hosts: jellyfin roles: diff --git a/ansible/roles/remark42/files/docker-compose.yml b/ansible/roles/remark42/files/docker-compose.yml new file mode 100644 index 0000000..55e96c1 --- /dev/null +++ b/ansible/roles/remark42/files/docker-compose.yml @@ -0,0 +1,42 @@ +version: "2.3" + +services: + remark: + image: umputun/remark42:latest + restart: unless-stopped + networks: + - default + - traefik + labels: + - traefik.enable=true + - traefik.http.routers.remark.rule=Host(`remark.theorangeone.net`) + environment: + - APP_UID={{ docker_user.id }} + - REMARK_URL=https://remark.theorangeone.net + - SECRET={{ remark_secret }} + - ADMIN_PASSWD={{ remark_admin_password }} + - SITE=theorangeone + - TIME_ZONE={{ timezone }} + - SMTP_HOST=smtp.eu.mailgun.org + - SMTP_USERNAME={{ remark_smtp_username }} + - SMTP_PASSWORD={{ remark_smtp_password }} + - NOTIFY_EMAIL_FROM={{ remark_from_email }} + - AUTH_EMAIL_FROM={{ remark_from_email }} + - SMTP_TLS=true + - SMTP_PORT=465 + - ADMIN_EDIT=true + - NOTIFY_USERS=email + - NOTIFY_ADMINS=email + - EMOJI=true + - DISABLE_SIGNATURE=true + - AUTH_ANON=true + - AUTH_GITHUB_CID={{ remark_github_client_id }} + - AUTH_GITHUB_CSEC={{ remark_github_client_secret }} + - ALLOWED_HOSTS=remark.theorangeone.net,theorangeone.net + - ADMIN_SHARED_EMAIL={{ remark_admin_email }} + volumes: + - ./remark:/srv/var + +networks: + traefik: + external: true diff --git a/ansible/roles/remark42/handlers/main.yml b/ansible/roles/remark42/handlers/main.yml new file mode 100644 index 0000000..67839e0 --- /dev/null +++ b/ansible/roles/remark42/handlers/main.yml @@ -0,0 +1,4 @@ +- name: restart remark + shell: + chdir: /opt/remark42 + cmd: "{{ docker_update_command }}" diff --git a/ansible/roles/remark42/tasks/main.yml b/ansible/roles/remark42/tasks/main.yml new file mode 100644 index 0000000..b0723ef --- /dev/null +++ b/ansible/roles/remark42/tasks/main.yml @@ -0,0 +1,20 @@ +- name: Include vault + include_vars: vault.yml + +- name: Create install directory + file: + path: /opt/remark42 + state: directory + owner: "{{ docker_user.name }}" + mode: "{{ docker_compose_directory_mask }}" + become: true + +- name: Install compose file + template: + src: files/docker-compose.yml + dest: /opt/remark42/docker-compose.yml + mode: "{{ docker_compose_file_mask }}" + owner: "{{ docker_user.name }}" + validate: docker-compose -f %s config + notify: restart remark + become: true diff --git a/ansible/roles/remark42/vars/main.yml b/ansible/roles/remark42/vars/main.yml new file mode 100644 index 0000000..65d3d05 --- /dev/null +++ b/ansible/roles/remark42/vars/main.yml @@ -0,0 +1,8 @@ +remark_github_client_id: "{{ vault_remark_github_client_id }}" +remark_github_client_secret: "{{ vault_remark_github_client_secret }}" +remark_smtp_username: "{{ vault_remark_smtp_username }}" +remark_smtp_password: "{{ vault_remark_smtp_password }}" +remark_from_email: "{{ vault_remark_from_email }}" +remark_secret: "{{ vault_remark_secret }}" +remark_admin_password: "{{ vault_remark_admin_password }}" +remark_admin_email: "{{ vault_remark_admin_email }}" diff --git a/ansible/roles/remark42/vars/vault.yml b/ansible/roles/remark42/vars/vault.yml new file mode 100644 index 0000000..b55ebcb --- /dev/null +++ b/ansible/roles/remark42/vars/vault.yml @@ -0,0 +1,33 @@ +$ANSIBLE_VAULT;1.1;AES256 +32653162636262326430313162313536316561313639313832636436366661356339373363353263 +3864323061386236616234623130356662643234616532360a373834613630393966313062383636 +31316265613331653863643133323330656235353533663065326166353334333064366463383730 +6363366233313932360a653863326430653430393635393533386536386536623235376339376465 +61613136313965663236353661313231373563366537393462356433653761626363386133353166 +38386561323630306431396630373532363765393763363864336630663863383239373533613065 +63623730623766653433616134313562303365336339363939656230303762623638323133323639 +32396366343035323136303738393532656334353761363933313530333461316662353132623737 +65303231643062326133363639663438313132333661383132613461323731373037343462616234 +65303265303431636264393337616133636632613337643665643933666661366365663639303330 +31643935323539303431393733613062316638376136363462353635643132636266363462343862 +33306164626636646262643661613332343264353331323635363837376232666565336639316335 +62303334643165623738646633373635626462333138386238306165613932383363646635333939 +34346263623638356230663230366163663339383365376562393837623333356135383835613962 +62383465353732376337343133626461323232313437323061656236336634326538346264623637 +32326566353030316335616632396466333166396664396662613463393362653463383534663038 +63323465343464643962366431383039626530346136373130656334323534313533393835396461 +38653834366164353737653366623038323663383437373533623930613935353231303265393732 +37306664623730343133333632343830656338333666353735366335643161613239353230653263 +35646237623961616438633634303461616137316663346462396633626632366639636466663364 +38646462613537653164396631396664366330623835333638626534663062396465326631616130 +34353562323064363131636630353066623562353432646138393130366566316236633335376231 +32333638666530636630626639613534313932336162303332326132643533623635316562613135 +39303463636366386563653033636263333665376637663438653530636333626631643634346630 +36396362383531656333626432626632626538616236393833653865363463646262343363373365 +32663038623233353431643264323838363330383562633038373937323731333632656532386432 +63373363373133666632326632333964303866663765323731333339623032386361633539346161 +63393730636137313734326365326164613937636566636465383264373937373833623937643539 +35386166316562373834326639373035343330613531626463386135656461326561633563303030 +30306338653434373837643361636133613962303538353036326430646161363537366266326164 +32646664316135333936373865303361643731316435643130666464643732363138663363356438 +32316437306162396366 diff --git a/terraform/theorangeone.net.tf b/terraform/theorangeone.net.tf index 7f3a387..58d0be6 100644 --- a/terraform/theorangeone.net.tf +++ b/terraform/theorangeone.net.tf @@ -213,6 +213,14 @@ resource "cloudflare_record" "theorangeonenet_commento" { ttl = 1 } +resource "cloudflare_record" "theorangeonenet_remark" { + zone_id = cloudflare_zone.theorangeonenet.id + name = "remark" + value = cloudflare_record.sys_domain_walker.hostname + type = "CNAME" + ttl = 1 +} + resource "cloudflare_record" "theorangeonenet_mailgun_spf" { zone_id = cloudflare_zone.theorangeonenet.id name = "mg"