Deploy comentario
All checks were successful
/ terraform (push) Successful in 1m12s
/ ansible (push) Successful in 2m48s

This commit is contained in:
Jake Howard 2024-06-22 21:20:54 +01:00
parent a20ceab810
commit 81782c5157
Signed by: jake
GPG key ID: 57AFB45680EDD477
7 changed files with 88 additions and 0 deletions

View file

@ -13,3 +13,5 @@ certbot_certs:
- elbisualp.theorangeone.net
- domains:
- slides.jakehoward.tech
- domains:
- comentario.theorangeone.net

View file

@ -121,6 +121,7 @@
- website
- artis3n.tailscale
- slides
- comentario
- hosts: jellyfin
roles:

View file

@ -0,0 +1,29 @@
version: "2.3"
services:
comentario:
image: registry.gitlab.com/comentario/comentario:latest
restart: unless-stopped
user: "{{ docker_user.id }}:{{ docker_user.id }}"
depends_on:
- db
networks:
- default
- coredns
volumes:
- ./secrets.yml:/comentario/secrets.yaml
environment:
- BASE_URL=https://comentario.theorangeone.net
db:
image: postgres:14-alpine
restart: unless-stopped
volumes:
- ./postgres:/var/lib/postgresql/data
environment:
- POSTGRES_PASSWORD=comentario
- POSTGRES_USER=comentario
networks:
coredns:
external: true

View file

@ -0,0 +1,4 @@
- name: restart comentario
shell:
chdir: /opt/comentario
cmd: "{{ docker_update_command }}"

View file

@ -0,0 +1,38 @@
- name: Create install directory
file:
path: /opt/comentario
state: directory
owner: "{{ docker_user.name }}"
mode: "{{ docker_compose_directory_mask }}"
become: true
- name: Install compose file
template:
src: files/docker-compose.yml
dest: /opt/comentario/docker-compose.yml
mode: "{{ docker_compose_file_mask }}"
owner: "{{ docker_user.name }}"
validate: docker-compose -f %s config
notify: restart comentario
become: true
- name: Install secrets
copy:
content: "{{ comentario_secrets | to_nice_yaml }}"
dest: /opt/comentario/secrets.yml
mode: "600"
owner: "{{ docker_user.name }}"
notify: restart comentario
become: true
- name: Install nginx config
template:
src: files/nginx-docker.conf
dest: /etc/nginx/http.d/comentario.conf
mode: "0644"
notify: reload nginx
become: true
vars:
server_name: comentario.theorangeone.net
upstream: comentario-comentario-1.docker:80
ssl_cert_path: /etc/letsencrypt/live/comentario.theorangeone.net

View file

@ -0,0 +1,6 @@
comentario_secrets:
postgres:
host: db
database: comentario
username: comentario
password: comentario

View file

@ -237,6 +237,14 @@ resource "cloudflare_record" "theorangeonenet_mastodon" {
ttl = 1
}
resource "cloudflare_record" "theorangeonenet_comentario" {
zone_id = cloudflare_zone.theorangeonenet.id
name = "comentario"
value = cloudflare_record.sys_domain_walker.value
type = "A"
ttl = 1
}
resource "cloudflare_record" "theorangeonenet_caa" {
zone_id = cloudflare_zone.theorangeonenet.id
name = "@"