diff --git a/.yamllint.yml b/.yamllint.yml index b2c9482..7d515c7 100644 --- a/.yamllint.yml +++ b/.yamllint.yml @@ -15,4 +15,4 @@ rules: quote-type: double required: only-when-needed line-length: - max: 160 + max: 200 diff --git a/ansible/main.yml b/ansible/main.yml index 6382630..3047caf 100644 --- a/ansible/main.yml +++ b/ansible/main.yml @@ -67,6 +67,7 @@ - tandoor - mastodon - gitea + - vikunja - hosts: ingress roles: diff --git a/ansible/roles/forrest/files/prometheus/prometheus.yml b/ansible/roles/forrest/files/prometheus/prometheus.yml index 9bc7b84..4523e4b 100644 --- a/ansible/roles/forrest/files/prometheus/prometheus.yml +++ b/ansible/roles/forrest/files/prometheus/prometheus.yml @@ -49,6 +49,7 @@ scrape_configs: module: [http] static_configs: - targets: + - https://0rng.one - https://bin.theorangeone.net - https://git.theorangeone.net/api/healthz - https://grafana.jakehoward.tech/api/health @@ -61,10 +62,10 @@ scrape_configs: - https://notes.theorangeone.net - https://plausible.theorangeone.net - https://recipes.jakehoward.tech + - https://tasks.jakehoward.tech/health - https://theorangeone.net - https://tt-rss.jakehoward.tech - https://vaultwarden.jakehoward.tech/alive - - https://0rng.one relabel_configs: - source_labels: [__address__] target_label: __param_target diff --git a/ansible/roles/vikunja/files/docker-compose.yml b/ansible/roles/vikunja/files/docker-compose.yml new file mode 100644 index 0000000..1406a85 --- /dev/null +++ b/ansible/roles/vikunja/files/docker-compose.yml @@ -0,0 +1,67 @@ +version: "2.3" + +services: + api: + image: vikunja/api:latest + restart: unless-stopped + environment: + - VIKUNJA_DATABASE_HOST=db + - VIKUNJA_DATABASE_PASSWORD=vikunja + - VIKUNJA_DATABASE_TYPE=postgres + - VIKUNJA_DATABASE_USER=vikunja + - VIKUNJA_DATABASE_DATABASE=vikunja + - VIKUNJA_SERVICE_FRONTENDURL=https://tasks.jakehoward.tech + - VIKUNJA_SERVICE_JWTSECRET="{{ jwt_secret }}" + - VIKUNJA_SERVICE_ENABLEREGISTRATION=false + - VIKUNJA_SERVICE_TIMEZONE={{ timezone }} + - VIKUNJA_REDIS_HOST=redis:6379 + - VIKUNJA_REDIS_ENABLED=true + - VIKUNJA_LOG_PATH=/dev/stdout + - VIKUNJA_KEYVALUE_TYPE=redis + - TZ={{ timezone }} + - PUID={{ docker_user.id }} + - PGID={{ docker_user.id }} + labels: + - traefik.enable=true + - traefik.http.routers.vikunja-api.rule=Host(`tasks.jakehoward.tech`) && (PathPrefix(`/api/v1`) || PathPrefix(`/dav/`) || PathPrefix(`/.well-known/`) || Path(`/health`)) + volumes: + - /mnt/tank/app-data/vikunja/files:/app/vikunja/files + depends_on: + - db + - redis + networks: + - default + - traefik + + frontend: + image: vikunja/frontend:latest + restart: unless-stopped + labels: + - traefik.enable=true + - traefik.http.routers.vikunja-frontend.rule=Host(`tasks.jakehoward.tech`) + environment: + - VIKUNJA_SENTRY_DSN= + networks: + - default + - traefik + depends_on: + - api + + db: + image: postgres:14-alpine + restart: unless-stopped + volumes: + - /mnt/speed/dbs/postgres/vikunja/:/var/lib/postgresql/data + environment: + - POSTGRES_PASSWORD=vikunja + - POSTGRES_USER=vikunja + + redis: + image: redis:6-alpine + restart: unless-stopped + volumes: + - /mnt/speed/dbs/redis/vikunja/:/data + +networks: + traefik: + external: true diff --git a/ansible/roles/vikunja/handlers/main.yml b/ansible/roles/vikunja/handlers/main.yml new file mode 100644 index 0000000..3d6c0c1 --- /dev/null +++ b/ansible/roles/vikunja/handlers/main.yml @@ -0,0 +1,4 @@ +- name: restart vikunja + shell: + chdir: /opt/vikunja + cmd: "{{ docker_update_command }}" diff --git a/ansible/roles/vikunja/tasks/main.yml b/ansible/roles/vikunja/tasks/main.yml new file mode 100644 index 0000000..1e3fe7b --- /dev/null +++ b/ansible/roles/vikunja/tasks/main.yml @@ -0,0 +1,20 @@ +- name: Include vault + include_vars: vault.yml + +- name: Create install directory + file: + path: /opt/vikunja + state: directory + owner: "{{ docker_user.name }}" + mode: "{{ docker_compose_directory_mask }}" + become: true + +- name: Install compose file + template: + src: files/docker-compose.yml + dest: /opt/vikunja/docker-compose.yml + mode: "{{ docker_compose_file_mask }}" + owner: "{{ docker_user.name }}" + validate: docker-compose -f %s config + notify: restart vikunja + become: true diff --git a/ansible/roles/vikunja/vars/main.yml b/ansible/roles/vikunja/vars/main.yml new file mode 100644 index 0000000..0a4d204 --- /dev/null +++ b/ansible/roles/vikunja/vars/main.yml @@ -0,0 +1 @@ +jwt_secret: "{{ vault_jwt_secret }}" diff --git a/ansible/roles/vikunja/vars/vault.yml b/ansible/roles/vikunja/vars/vault.yml new file mode 100644 index 0000000..d77c6c6 --- /dev/null +++ b/ansible/roles/vikunja/vars/vault.yml @@ -0,0 +1,9 @@ +$ANSIBLE_VAULT;1.1;AES256 +36386230316234323435653664353232393139643966653230363861633063366364643037353438 +3836623061316662643931306133616163306263343165350a396563636531323264386261363136 +36373162663965353635663266323935353733326461313863313764386361343066313638636166 +6130623932313961650a643539356264646361363938383065393338666637303533663139363737 +39666164306130333864303133626631663661656533353365633538646538366461663139303961 +66323834383731376638366334306564636532613961383761383933373235626633363065343636 +39326561663665333437306132626238326662623865393164333039663230303366616561383639 +38613161623934303365 diff --git a/terraform/jakehoward.tech.tf b/terraform/jakehoward.tech.tf index 1238b9d..7bd2ecf 100644 --- a/terraform/jakehoward.tech.tf +++ b/terraform/jakehoward.tech.tf @@ -205,6 +205,14 @@ resource "cloudflare_record" "jakehowardtech_collabora" { ttl = 1 } +resource "cloudflare_record" "jakehowardtech_tasks" { + zone_id = cloudflare_zone.jakehowardtech.id + name = "tasks" + value = linode_instance.casey.ip_address + type = "A" + ttl = 1 +} + resource "cloudflare_record" "jakehowardtech_caa" { zone_id = cloudflare_zone.jakehowardtech.id name = "@"