catgrl/ansible
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

sans typo c'est quand même mieux

Browse source
This commit is contained in:
chapeau 2025-07-08 11:58:32 +02:00
parent 13b5d357b2
commit 3261f915dd
8 changed files with 27 additions and 27 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
all.yml
View file

@ -76,9 +76,9 @@
roles:
- { role: vaultwarden, tags: vaultwarden }
- hosts: bookshelf
- hosts: bookstack
roles:
- { role: bookshelf, tags: bookshelf }
- { role: bookstack, tags: bookstack }
- hosts: webmail
roles:

6
group_vars/bookshelf.yml → group_vars/bookstack.yml
View file

@ -1,4 +1,4 @@
bookshelf_app_key: !vault |
bookstack_app_key: !vault |
$ANSIBLE_VAULT;1.1;AES256
35616465646435353233633534383965613034623863623934323433383230633364666533373764
6334383564623266386264373066383137376138323834310a333163616363373234316432356436
@ -8,7 +8,7 @@ bookshelf_app_key: !vault |
37656662656665353132656238303736313564316237616432376433316163343730356266333561
663437316265643163363163636433663766
bookshelf_mariadb_password: !vault |
bookstack_mariadb_password: !vault |
$ANSIBLE_VAULT;1.1;AES256
39643263663162343064653439333430316263376466643063616564306666323835636537373763
3733313338643737623936366462393963386230336361350a613230363832356562373466643336
@ -17,7 +17,7 @@ bookshelf_mariadb_password: !vault |
30393063333635393565326365663632663839373061313766396637666166666665666364623538
3462366333393564653031633430636266393165343638333465
bookshelf_oidc_secret: !vault |
bookstack_oidc_secret: !vault |
$ANSIBLE_VAULT;1.1;AES256
39323330626638666132663061393933373531383130613431313433643736356335316366336133
6636386465626365663462303530346536376437376637360a333165323633383862396463633430

2
group_vars/dns_ext.yml
View file

@ -55,7 +55,7 @@ zone_list:
- name: graph
ip: catgrl.org.
type: CNAME
- name: bookshelf
- name: bookstack
ip: catgrl.org.
type: CNAME

10
group_vars/rp.yml
View file

@ -62,17 +62,17 @@ nginx:
- route: "/"
dest: "proxy_pass http://vault/"
- name: bookshelf.catgrl.org
- name: bookstack.catgrl.org
alias: [ ]
ssl: true
redirect: true
backends:
- name: bookshelf
primaries: "{{ groups['bookshelf'] | locals(inventory_hostname) | gethostvars(hostvars) | map(attribute='ansible_host') | append(':8000') }}"
# secondaries: "{{ groups['bookshelf'] | remotes(inventory_hostname) | gethostvars(hostvars) | map(attribute='ansible_host') | append(':8000') }}"
- name: bookstack
primaries: "{{ groups['bookstack'] | locals(inventory_hostname) | gethostvars(hostvars) | map(attribute='ansible_host') | append(':8000') }}"
# secondaries: "{{ groups['bookstack'] | remotes(inventory_hostname) | gethostvars(hostvars) | map(attribute='ansible_host') | append(':8000') }}"
location:
- route: "/"
dest: "proxy_pass http://bookshelf/"
dest: "proxy_pass http://bookstack/"
# - name: "autoconfig.*"
# alias: [ ]

10
inventory.yml
View file

@ -36,7 +36,7 @@ britaliope:
ansible_host: 10.90.10.7
webmail.britaliope.intra.catgrl.org:
ansible_host: 10.90.10.8
bookshelf.britaliope.intra.catgrl.org:
bookstack.britaliope.intra.catgrl.org:
ansible_host: 10.90.10.9
ansible_user: root
dns.britaliope.intra.catgrl.org:
@ -175,7 +175,7 @@ docker:
# git.metz.intra.catgrl.org:
vault.britaliope.intra.catgrl.org:
# vault.metz.intra.catgrl.org:
bookshelf.britaliope.intra.catgrl.org:
bookstack.britaliope.intra.catgrl.org:
wireguard:
hosts:
@ -238,7 +238,7 @@ acme:
- acme_domain: webmail.catgrl.org
acme_alias: []
renewal_hook: systemctl restart nginx
- acme_domain: bookshelf.catgrl.org
- acme_domain: bookstack.catgrl.org
acme_alias: []
renewal_hook: systemctl restart nginx
mail:
@ -304,6 +304,6 @@ monitoring:
prom.britaliope.intra.catgrl.org:
# prom.metz.intra.catgrl.org:
bookshelf:
bookstack:
hosts:
bookshelf.britaliope.intra.catgrl.org:
bookstack.britaliope.intra.catgrl.org:

2
roles/bookshelf/handlers/main.yml → roles/bookstack/handlers/main.yml
View file

@ -1,5 +1,5 @@
- name: Stop docker compose
community.docker.docker_compose_v2:
project_src: /var/local/docker/bookshelf
project_src: /var/local/docker/bookstack
state: stopped
become: true

8
roles/bookshelf/tasks/main.yml → roles/bookstack/tasks/main.yml
View file

@ -1,6 +1,6 @@
- name: Create docker directory
file:
path: /var/local/docker/bookshelf
path: /var/local/docker/bookstack
state: directory
owner: 2000
group: 2000
@ -10,7 +10,7 @@
- name: Deploy docker-compose.yml
template:
src: docker-compose.yml.j2
dest: /var/local/docker/bookshelf/docker-compose.yml
dest: /var/local/docker/bookstack/docker-compose.yml
owner: 2000
group: 2000
mode: 0600
@ -19,7 +19,7 @@
- name: Pull docker images
community.docker.docker_compose_v2_pull:
project_src: /var/local/docker/bookshelf
project_src: /var/local/docker/bookstack
become: true
- name: Stop docker compose if needed
@ -27,6 +27,6 @@
- name: Start docker compose
community.docker.docker_compose_v2:
project_src: /var/local/docker/bookshelf
project_src: /var/local/docker/bookstack
state: present
become: true

12
roles/bookshelf/templates/docker-compose.yml.j2 → roles/bookstack/templates/docker-compose.yml.j2
View file

@ -6,19 +6,19 @@ services:
- PUID=2000
- PGID=2000
- TZ=Europe/Paris
- APP_URL=https://bookshelf.catgrl.org
- APP_KEY={{ bookshelf_app_key }}
- APP_URL=https://bookstack.catgrl.org
- APP_KEY={{ bookstack_app_key }}
- DB_HOST=mariadb
- DB_PORT=3306
- DB_DATABASE=bookstack
- DB_USERNAME=bookstack
- DB_PASSWORD={{ bookshelf_mariadb_password }}
- DB_PASSWORD={{ bookstack_mariadb_password }}
- AUTH_METHOD=oidc
- AUTH_AUTO_INITIATE=false
- OIDC_NAME=LemonLDAP
- OIDC_DISPLAY_NAME_CLAIMS=name
- OIDC_CLIENT_ID=bookshelf
- OIDC_CLIENT_SECRET={{ bookshelf_oidc_secret }}
- OIDC_CLIENT_ID=bookstack
- OIDC_CLIENT_SECRET={{ bookstack_oidc_secret }}
- OIDC_ISSUER=https://auth.catgrl.org
- OIDC_END_SESSION_ENDPOINT=false
- OIDC_FETCH_AVATAR=false
@ -39,7 +39,7 @@ services:
- MYSQL_ROOT_PASSWORD={{ mariadb_root_password }}
- MYSQL_DATABASE=bookstack
- MYSQL_USER=bookstack
- MYSQL_PASSWORD={{ bookshelf_mariadb_password }}
- MYSQL_PASSWORD={{ bookstack_mariadb_password }}
volumes:
- ./bookstack_db_data:/config
restart: unless-stopped