m5p3nc3r/ansible-playbooks
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
58fd266621399b897c0e7e3b6d152cdbdf89705e
ansible-playbooks/frontend.yaml
Matthew Spencer 58fd266621 Ensure Watchtower removes old images 
The github runner machine ran our of disk space because of old runner images.
This should ensure that doesn't happen any more :o)

Signed-off-by: Matt Spencer matthew@thespencers.me.uk
2025-03-07 18:37:22 +00:00

122 lines
3.2 KiB
YAML
Executable File
Raw Blame History

---
- name: Frontend setup
hosts: frontend
vars:
username: matt
#certbot_auto_renew_user: "{{ ansible_user | default(lookup('env', 'USER')) }}"
certbot_auto_renew_user: "root"
certbot_auto_renew_hour: "3"
certbot_auto_renew_minute: "30"
certbot_create_if_missing: true
certbot_admin_email: matthew@thespencers.me.uk
certbot_certs:
- webroot: "/var/www/html"
domains:
- "apptabulous.co.uk"
- "www.apptabulous.co.uk"
- "hub.apptabulous.co.uk"
- "watchtower.apptabulous.co.uk"
- "m5p3nc3r.co.uk"
- "www.m5p3nc3r.co.uk"
certbot_repo: https://github.com/certbot/certbot.git
certbot_version: master
certbot_keep_updated: true
certbot_dir: /opt/certbot
certbot_create_extra_args: ""
docker_add_repo: true
docker_users:
- "{{ username }}"
roles:
- role: geerlingguy.git
become: true
- role: geerlingguy.docker
become: true
- role: geerlingguy.certbot
become: true
tasks:
- name: Override default certbot start/stop jobs
become: true
ansible.builtin.copy:
src: letsencrypt
dest: /etc
- name: Copy reverse proxy configuration to host
become: true
ansible.builtin.copy:
src: apptabulous/reverseproxy
dest: /etc
- name: Start reverse proxy container
community.docker.docker_container:
name: reverse_proxy
#image: nginx:1.26.2-alpine-slim
image: ghcr.io/m5p3nc3r/nginx-keyval:main
restart_policy: always
volumes:
- /etc/reverseproxy/conf.d:/etc/nginx/conf.d
- /etc/letsencrypt:/etc/letsencrypt
ports:
- "80:80"
- "443:443"
state: started
- name: Start docker registry
community.docker.docker_container:
name: registry
image: registry:2
restart_policy: always
ports:
- "5000:5000"
state: started
- name: Log into ghcf.io registry
community.general.docker_login:
registry: ghcr.io
username: "{{ secrets.GITHUB_ACTOR }}"
password: "{{ secrets.GITHUB_TOKEN }}"
- name: Start m5p3nc3r website
community.docker.docker_container:
name: website
image: ghcr.io/m5p3nc3r/website:main
restart_policy: always
volumes:
- /home/matt/public/apps:/app/public/apps
ports:
- "3000:3000"
state: started
- name: Start Apptabulous website
community.docker.docker_container:
name: apptabulous_website
image: ghcr.io/m5p3nc3r/apptabulous_website:main
restart_policy: always
ports:
- "3001:3000"
state: started
- name: Start watchtower
community.docker.docker_container:
name: watchtower
image: containrrr/watchtower
restart_policy: always
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /home/matt/.docker/config.json:/config.json
command:
- --cleanup
- --http-api-update
- --http-api-token={{ secrets.WATCHTOWER_HTTP_API_TOKEN }}
- --http-api-periodic-polls
ports:
- "8080:8080"
state: started
Reference in New Issue View Git Blame Copy Permalink