Deploy ntfy
All checks were successful
/ terraform (push) Successful in 1m15s
/ ansible (push) Successful in 2m22s

This commit is contained in:
Jake Howard 2023-12-23 16:40:53 +00:00
parent c0c7f393e3
commit f4b96afcfa
Signed by: jake
GPG key ID: 57AFB45680EDD477
7 changed files with 88 additions and 0 deletions

View file

@ -68,6 +68,7 @@
- vikunja
- authentik
- minio
- ntfy
- hosts: ingress
roles:

View file

@ -62,6 +62,7 @@ scrape_configs:
- https://media.jakehoward.tech
- https://minio.jakehoward.tech/minio/health/live
- https://notes.theorangeone.net
- https://ntfy.jakehoward.tech/v1/health
- https://plausible.theorangeone.net
- https://recipes.jakehoward.tech
- https://s3.jakehoward.tech/minio/health/live

View file

@ -0,0 +1,36 @@
version: "2.3"
services:
ntfy:
image: binwiederhier/ntfy:latest
command: serve
user: "{{ docker_user.id }}"
environment:
- TZ={{ timezone }}
- NTFY_BASE_URL=https://ntfy.jakehoward.tech
- NTFY_AUTH_FILE=/etc/ntfy/auth.db
- NTFY_CACHE_FILE=/etc/ntfy/cache.db
- NTFY_AUTH_DEFAULT_ACCESS=deny-all
- NTFY_CACHE_DURATION=24h
- NTFY_ATTACHMENT_CACHE_DIR=/etc/ntfy/attachments
- NTFY_ATTACHMENT_EXPIRY_DURATION=24h
- NTFY_WEB_PUSH_PUBLIC_KEY={{ vault_ntfy_web_push_public_key }}
- NTFY_WEB_PUSH_PRIVATE_KEY={{ vault_ntfy_web_push_private_key }}
- NTFY_WEB_PUSH_FILE=/etc/ntfy/webpush.db
- NTFY_WEB_PUSH_EMAIL_ADDRESS={{ vault_ntfy_web_push_email }}
restart: unless-stopped
volumes:
- "{{ app_data_dir }}/ntfy:/etc/ntfy"
labels:
- traefik.enable=true
- traefik.http.routers.ntfy.rule=Host(`ntfy.jakehoward.tech`)
tmpfs:
- /var/cache/ntfy
- /tmp
networks:
- default
- traefik
networks:
traefik:
external: true

View file

@ -0,0 +1,4 @@
- name: restart ntfy
shell:
chdir: /opt/ntfy
cmd: "{{ docker_update_command }}"

View file

@ -0,0 +1,20 @@
- name: Include vault
include_vars: vault.yml
- name: Create install directory
file:
path: /opt/ntfy
state: directory
owner: "{{ docker_user.name }}"
mode: "{{ docker_compose_directory_mask }}"
become: true
- name: Install compose file
template:
src: files/docker-compose.yml
dest: /opt/ntfy/docker-compose.yml
mode: "{{ docker_compose_file_mask }}"
owner: "{{ docker_user.name }}"
validate: docker-compose -f %s config
notify: restart ntfy
become: true

18
ansible/roles/ntfy/vars/vault.yml generated Normal file
View file

@ -0,0 +1,18 @@
$ANSIBLE_VAULT;1.1;AES256
34623831653665313137333830663439373661363232373363363061346561393963643165313037
6561363436623761363564336564646266363062306135660a663235333338646430663263363732
61343565366365353435623032383933383162623037343833313539363666333666313338376635
6661363766613734610a666233396533353464666439346237326237316633633862323365336335
37633263386336623236396362663438663930636132313561353639343035643731633037363062
31323962633562616636326338353639306131343366343339666131373632616266313435313131
61663438656363633064653738393765633436313365633766376266626438353535303336616235
62333430316661393830646166383839383431313761613633366536336564363266623433336631
61376263663234333530333339333930396361326466653639393930633962316362643031656666
33633633366461323861333434316466623736343030396163323166313233373339336463383362
35613962393965636332343763313534366339646133636238626265393334643233346537376564
30393934323566383232333066633839316434306430323063323336346633346261313032646336
66373233356465646338313966386631376466323834353235663034656335373730373463333431
63366438393736343233623837383963663664303332396438373462633330323664656464363037
65333331616366316330313330643765383437666164376435383737346437656433643366383835
65346531346639623936643936373933306664656231626432343733393434303630363232333730
3530

View file

@ -237,6 +237,14 @@ resource "cloudflare_record" "jakehowardtech_s3" {
ttl = 1
}
resource "cloudflare_record" "jakehowardtech_ntfy" {
zone_id = cloudflare_zone.jakehowardtech.id
name = "ntfy"
value = linode_instance.casey.ip_address
type = "A"
ttl = 1
}
resource "cloudflare_record" "jakehowardtech_caa" {
zone_id = cloudflare_zone.jakehowardtech.id
name = "@"