Deploy slides hosting
All checks were successful
/ terraform (push) Successful in 50s
/ ansible (push) Successful in 1m49s

This commit is contained in:
Jake Howard 2024-03-03 21:39:22 +00:00
parent 000f3d3348
commit 82451784a8
Signed by: jake
GPG key ID: 57AFB45680EDD477
7 changed files with 95 additions and 0 deletions

View file

@ -11,3 +11,5 @@ certbot_certs:
- domains:
- plausible.theorangeone.net
- elbisualp.theorangeone.net
- domains:
- slides.jakehoward.tech

View file

@ -118,6 +118,7 @@
- website
- remark42
- artis3n.tailscale
- slides
- hosts: jellyfin
roles:

View file

@ -0,0 +1,19 @@
version: "2.3"
services:
slides:
image: ghcr.io/realorangeone/slides:latest
restart: unless-stopped
environment:
- TZ={{ timezone }}
- PUID={{ docker_user.id }}
volumes:
- ./htpasswd:/etc/nginx/.htpasswd:ro
- ./slides:/srv
networks:
- default
- coredns
networks:
coredns:
external: true

View file

@ -0,0 +1,4 @@
- name: restart slides
shell:
chdir: /opt/slides
cmd: "{{ docker_update_command }}"

View file

@ -0,0 +1,47 @@
- name: Include vault
include_vars: vault.yml
- name: Create install directory
file:
path: /opt/slides
state: directory
owner: "{{ docker_user.name }}"
mode: "{{ docker_compose_directory_mask }}"
become: true
- name: Install compose file
template:
src: files/docker-compose.yml
dest: /opt/slides/docker-compose.yml
mode: "{{ docker_compose_file_mask }}"
owner: "{{ docker_user.name }}"
validate: docker-compose -f %s config
notify: restart slides
become: true
- name: Create credentials
htpasswd:
path: /opt/slides/htpasswd
name: "{{ item.user }}"
password: "{{ item.password }}"
owner: "{{ docker_user.name }}"
mode: "0600"
loop: "{{ webdav_credentials }}"
loop_control:
label: "{{ item.user }}"
notify: restart slides
become: true
- name: Install nginx config
template:
src: files/nginx-docker.conf
dest: /etc/nginx/http.d/slides.conf
mode: "0644"
notify: reload nginx
become: true
vars:
server_name: slides.jakehoward.tech
upstream: slides-slides-1.docker:80
ssl_cert_path: /etc/letsencrypt/live/slides.jakehoward.tech
location_extra: |
client_max_body_size 15m;

14
ansible/roles/slides/vars/vault.yml generated Normal file
View file

@ -0,0 +1,14 @@
$ANSIBLE_VAULT;1.1;AES256
39346133313638313030663139356637666666346665356161383332613836656131353830323530
6636613939346437633430316436363538623339643439300a363464383763613631333161613034
31336138386639306166313532633439343763363563616130633165323166376265303663643130
3634303836383737340a643834373666386261363533353936623335396633396366373230653932
38316662333932646636623839396630383339393135643533323832623330323666613465626431
36356663653861666362376265636162336531663266616432636635333537656661396263643631
36653462663365646338623434393738346566633266643634633430336235343531613631383562
30333165313438363966626264643732353833366662653164666631636465636538303961316465
62356132643837646638376334343935313338316266393261316538393561356264313932623236
62326235303139353034636365663434383439366163646635626563666434636564623336653634
35363834306534333531383131323830623438323736656234623263353930666130363132343464
32363433653066656364393732366366353033663332366166343139616433303439623631663537
65313539663333626333623966313864623639353031313131346635666138613032

View file

@ -253,6 +253,14 @@ resource "cloudflare_record" "jakehowardtech_headscale" {
ttl = 1
}
resource "cloudflare_record" "jakehowardtech_slides" {
zone_id = cloudflare_zone.jakehowardtech.id
name = "slides"
value = cloudflare_record.sys_domain_walker.hostname
type = "CNAME"
ttl = 1
}
resource "cloudflare_record" "jakehowardtech_caa" {
zone_id = cloudflare_zone.jakehowardtech.id
name = "@"