diff --git a/roles/forgejo/templates/docker-stack.yml.j2 b/roles/forgejo/templates/docker-stack.yml.j2 index 5eb9756..4704ea2 100644 --- a/roles/forgejo/templates/docker-stack.yml.j2 +++ b/roles/forgejo/templates/docker-stack.yml.j2 @@ -86,7 +86,7 @@ services: {% if forgejo_use_ci %} wp-server: - image: woodpeckerci/woodpecker-server:v3 + image: woodpeckerci/woodpecker-server:latest networks: - "{{ docker_swarm_public_network_name }}" - backend @@ -120,12 +120,11 @@ services: {% endif %} wp-agent: - image: woodpeckerci/woodpecker-agent:v3 + image: woodpeckerci/woodpecker-agent:latest networks: - backend command: agent volumes: - - woodpecker-agent-config:/etc/woodpecker - /var/run/docker.sock:/var/run/docker.sock environment: - WOODPECKER_SERVER=wp-server:9000 @@ -136,7 +135,6 @@ volumes: data: db: woodpecker: - woodpecker-agent-config: networks: "{{ docker_swarm_public_network_name }}": diff --git a/roles/landingpage/defaults/main.yml b/roles/landingpage/defaults/main.yml index cdfb3fd..fed7288 100644 --- a/roles/landingpage/defaults/main.yml +++ b/roles/landingpage/defaults/main.yml @@ -5,7 +5,5 @@ landingpage_upstream_file_dir: "{{ docker_stack_files_dir }}/{{ stack_name }}" landingpage_use_https: true -landingpage_autoupdate: true - # the subdomain link landingpage will be reachable under subdomain_alias: www diff --git a/roles/landingpage/templates/docker-stack.yml.j2 b/roles/landingpage/templates/docker-stack.yml.j2 index fee59db..fdaa2b4 100644 --- a/roles/landingpage/templates/docker-stack.yml.j2 +++ b/roles/landingpage/templates/docker-stack.yml.j2 @@ -12,11 +12,6 @@ services: entrypoint: sh -c "/docker-entrypoint.sh nginx -g 'daemon off;'" networks: - "{{ docker_swarm_public_network_name }}" -{% if landingpage_autoupdate is defined and landingpage_autoupdate %} - deploy: - labels: - - shepherd.autoupdate=true -{% endif %} networks: "{{ docker_swarm_public_network_name }}": diff --git a/roles/landingpage/vars/main.yml b/roles/landingpage/vars/main.yml index e8e20e6..436b8cc 100644 --- a/roles/landingpage/vars/main.yml +++ b/roles/landingpage/vars/main.yml @@ -1,6 +1,6 @@ --- stack_name: landingpage -stack_image: "ghcr.io/marty-oehme/page" +stack_image: "martyo/cloudserve-landing" stack_compose: "{{ lookup('template', 'docker-stack.yml.j2') | from_yaml }}" diff --git a/roles/linkding/defaults/main.yml b/roles/linkding/defaults/main.yml deleted file mode 100644 index b675b38..0000000 --- a/roles/linkding/defaults/main.yml +++ /dev/null @@ -1,19 +0,0 @@ ---- -linkding_version: latest-plus # plus contains self-archiving possibilities with singlefile - -linkding_upstream_file_dir: "{{ docker_stack_files_dir }}/{{ stack_name }}" - -linkding_use_https: true - -linkding_autoupdate: true - -# the subdomain link linkding will be reachable under -subdomain_alias: ld - -# initial superuser creation -linkding_username: linkdinger -linkding_password: linkdingerpass123 - -# should we back up the data? -linkding_backup_enable: true -linkding_backup_cron: 0 45 3 * * * diff --git a/roles/linkding/handlers/main.yml b/roles/linkding/handlers/main.yml deleted file mode 100644 index 081f2df..0000000 --- a/roles/linkding/handlers/main.yml +++ /dev/null @@ -1,52 +0,0 @@ -## Register reverse proxy -- name: Ensure upstream directory exists - ansible.builtin.file: - path: "{{ linkding_upstream_file_dir }}" - state: directory - mode: "0755" - become: true - listen: "update linkding upstream" - -- name: Update upstream template - ansible.builtin.template: - src: upstream.json.j2 - dest: "{{ linkding_upstream_file_dir }}/upstream.json" - become: true - listen: "update linkding upstream" - -# figure out if upstream id exists -- name: check {{ stack_name }} upstream - community.docker.docker_container_exec: - container: "{{ caddy_container_id }}" - command: > - curl localhost:2019/id/{{ stack_name }}_upstream/ - changed_when: False - register: result - become: true - listen: "update linkding upstream" - -# upstream already exists, patch it -- name: remove old {{ stack_name }} upstream - community.docker.docker_container_exec: - container: "{{ caddy_container_id }}" - command: > - curl -X DELETE localhost:2019/id/{{ stack_name }}_upstream/ - become: true - when: (result.stdout | from_json)['error'] is not defined - listen: "update linkding upstream" - -# upstream has to be created -- name: add {{ stack_name }} upstream - community.docker.docker_container_exec: - container: "{{ caddy_container_id }}" - command: > - curl -X POST -H "Content-Type: application/json" -d @{{ linkding_upstream_file_dir }}/upstream.json localhost:2019/config/apps/http/servers/{{ (linkding_use_https == True) | ternary(caddy_https_server_name, caddy_http_server_name) }}/routes/0/ - become: true - listen: "update linkding upstream" - -- name: Ensure upstream directory is gone again - ansible.builtin.file: - path: "{{ linkding_upstream_file_dir }}" - state: absent - become: true - listen: "update linkding upstream" diff --git a/roles/linkding/meta/main.yml b/roles/linkding/meta/main.yml deleted file mode 100644 index 1c14785..0000000 --- a/roles/linkding/meta/main.yml +++ /dev/null @@ -1,11 +0,0 @@ ---- -galaxy_info: - author: Marty Oehme - description: Installs linkding as a docker stack service - license: GPL-3.0-only - min_ansible_version: "2.9" - galaxy_tags: [] - -dependencies: - - docker-swarm - - caddy_id diff --git a/roles/linkding/tasks/main.yml b/roles/linkding/tasks/main.yml deleted file mode 100644 index e514b26..0000000 --- a/roles/linkding/tasks/main.yml +++ /dev/null @@ -1,23 +0,0 @@ ---- -## install linkding container -- name: Check upstream status - community.docker.docker_container_exec: - container: "{{ caddy_container_id }}" - command: > - curl localhost:2019/id/{{ stack_name }}_upstream/ - register: result - changed_when: (result.stdout | from_json) != (lookup('template', 'upstream.json.j2') | from_yaml) - become: true - notify: "update linkding upstream" - -- name: Deploy linkding to swarm - community.general.docker_stack: - name: "{{ stack_name }}" - state: present - prune: yes - compose: - - "{{ stack_compose }}" - become: true - tags: - - docker-swarm - notify: "update linkding upstream" diff --git a/roles/linkding/templates/docker-stack.yml.j2 b/roles/linkding/templates/docker-stack.yml.j2 deleted file mode 100644 index dad26fc..0000000 --- a/roles/linkding/templates/docker-stack.yml.j2 +++ /dev/null @@ -1,46 +0,0 @@ -services: - app: - image: "{{ stack_image }}:{{ linkding_version }}" - healthcheck: - test: ["CMD", "curl", "--fail", "http://127.0.0.1:9090/health"] - interval: 1m - timeout: 10s - retries: 3 - start_period: 1m - networks: - - "{{ docker_swarm_public_network_name }}" - volumes: - - data:/etc/linkding/data - environment: - - "LD_SUPERUSER_NAME={{ linkding_username }}" - - "LD_SUPERUSER_PASSWORD={{ linkding_password }}" -{% if linkding_autoupdate is defined and linkding_autoupdate %} - deploy: - labels: - - shepherd.autoupdate=true -{% endif %} - -{% if backup_enable is not undefined and not false and linkding_backup_enable is not undefined and not false %} - backup: - image: mazzolino/restic - environment: - - "TZ={{ restic_timezone }}" - # go-cron starts w seconds - - "BACKUP_CRON={{ linkding_backup_cron }}" - - "RESTIC_REPOSITORY={{ restic_repo }}" - - "AWS_ACCESS_KEY_ID={{ restic_s3_key }}" - - "AWS_SECRET_ACCESS_KEY={{ restic_s3_secret }}" - - "RESTIC_PASSWORD={{ restic_pass }}" - - "RESTIC_BACKUP_TAGS=linkding" - - "RESTIC_BACKUP_SOURCES=/volumes" - volumes: - - data:/volumes/linkding_data:ro -{% endif %} - -volumes: - data: - -networks: - "{{ docker_swarm_public_network_name }}": - external: true - diff --git a/roles/linkding/templates/upstream.json.j2 b/roles/linkding/templates/upstream.json.j2 deleted file mode 100644 index a20061f..0000000 --- a/roles/linkding/templates/upstream.json.j2 +++ /dev/null @@ -1,38 +0,0 @@ -{ - "@id": "{{ stack_name }}_upstream", -{% if server_domain is not undefined and not none %} - "match": [ - { - "host": [ -{% if subdomain_alias is not undefined and not none %} - "{{ subdomain_alias }}.{{ server_domain }}" -{% else %} - "{{ stack_name }}.{{ server_domain }}" -{% endif %} - ] - } - ], -{% else %} - "match": [ - { - "path": [ -{% if subdomain_alias is not undefined and not none %} - "/{{ subdomain_alias }}*" -{% else %} - "/{{ stack_name }}*" -{% endif %} - ] - } - ], -{% endif %} - "handle": [ - { - "handler": "reverse_proxy", - "upstreams": [ - { - "dial": "{{ stack_name }}_app:80" - } - ] - } - ] -} diff --git a/roles/linkding/vars/main.yml b/roles/linkding/vars/main.yml deleted file mode 100644 index 5e74731..0000000 --- a/roles/linkding/vars/main.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -stack_name: linkding - -stack_image: "sissbruecker/linkding" - -stack_compose: "{{ lookup('template', 'docker-stack.yml.j2') | from_yaml }}" diff --git a/roles/miniflux/defaults/main.yml b/roles/miniflux/defaults/main.yml index d93c12f..a241f22 100644 --- a/roles/miniflux/defaults/main.yml +++ b/roles/miniflux/defaults/main.yml @@ -8,8 +8,6 @@ miniflux_use_https: true # the subdomain link miniflux will be reachable under subdomain_alias: rss -miniflux_autoupdate: true - # Should ideally be overwritten in encrypted group/host vars miniflux_admin_username: myadmin miniflux_admin_password: mypassword diff --git a/roles/miniflux/templates/docker-stack.yml.j2 b/roles/miniflux/templates/docker-stack.yml.j2 index 15af1ed..7af9ed7 100644 --- a/roles/miniflux/templates/docker-stack.yml.j2 +++ b/roles/miniflux/templates/docker-stack.yml.j2 @@ -24,11 +24,6 @@ services: {% else %} - "BASE_URL={{ (miniflux_use_https == True) | ternary('https', 'http') }}://localhost/{{ (subdomain_alias is not undefined and not none) | ternary(subdomain_alias, stack_name) }}" {% endif %} -{% if miniflux_autoupdate is defined and miniflux_autoupdate %} - deploy: - labels: - - shepherd.autoupdate=true -{% endif %} db: image: postgres:11 diff --git a/roles/searx/defaults/main.yml b/roles/searx/defaults/main.yml index dd9fa5a..5204c77 100644 --- a/roles/searx/defaults/main.yml +++ b/roles/searx/defaults/main.yml @@ -5,11 +5,8 @@ searx_upstream_file_dir: "{{ docker_stack_files_dir }}/{{ stack_name }}" searx_use_https: true -searx_autoupdate: true - # the subdomain link searx will be reachable under subdomain_alias: search - # searx_authentication: -# - username: # mysearxusername -# password: # mysearxpassword +# - username: mysearxusername +# password: JDJhJDE0JFdjUnQ5WWllcU8wa01xS0JBS2dlMy5zMEhRTmxqTXdIZmdjcTN6ZGFwRjJlYUdoSHAwRUhL # mysearxpassword diff --git a/roles/searx/templates/docker-stack.yml.j2 b/roles/searx/templates/docker-stack.yml.j2 index 9b853ac..9c1cd2d 100644 --- a/roles/searx/templates/docker-stack.yml.j2 +++ b/roles/searx/templates/docker-stack.yml.j2 @@ -13,7 +13,7 @@ services: start_period: 1m environment: - BIND_ADDRESS=0.0.0.0:8080 -{% if server_domain is not undefined and not none %} +{% if server_domain is not undefined and not none %} - "BASE_URL={{ (searx_use_https == True) | ternary('https', 'http') }}://{{ (subdomain_alias is not undefined and not none) | ternary(subdomain_alias, stack_name) }}.{{server_domain}}" {% else %} - "BASE_URL={{ (searx_use_https == True) | ternary('https', 'http') }}://localhost/{{ (subdomain_alias is not undefined and not none) | ternary(subdomain_alias, stack_name) }}" @@ -21,11 +21,6 @@ services: volumes: - /etc/localtime:/etc/localtime:ro - data:/etc/searx:rw -{% if searx_autoupdate is defined and searx_autoupdate %} - deploy: - labels: - - shepherd.autoupdate=true -{% endif %} volumes: data: diff --git a/roles/shaarli/defaults/main.yml b/roles/shaarli/defaults/main.yml index 662c888..45f1bef 100644 --- a/roles/shaarli/defaults/main.yml +++ b/roles/shaarli/defaults/main.yml @@ -5,8 +5,6 @@ shaarli_upstream_file_dir: "{{ docker_stack_files_dir }}/{{ stack_name }}" shaarli_use_https: true -shaarli_autoupdate: true - # the subdomain link shaarli will be reachable under subdomain_alias: links diff --git a/roles/shaarli/templates/docker-stack.yml.j2 b/roles/shaarli/templates/docker-stack.yml.j2 index 0ee7f70..a90157a 100644 --- a/roles/shaarli/templates/docker-stack.yml.j2 +++ b/roles/shaarli/templates/docker-stack.yml.j2 @@ -14,11 +14,6 @@ services: volumes: - data:/var/www/shaarli/data - cache:/var/www/shaarli/cache -{% if shaarli_autoupdate is defined and shaarli_autoupdate %} - deploy: - labels: - - shepherd.autoupdate=true -{% endif %} {% if backup_enable is not undefined and not false and shaarli_backup_enable is not undefined and not false %} backup: diff --git a/roles/shepherd/README.md b/roles/shepherd/README.md deleted file mode 100644 index ff26192..0000000 --- a/roles/shepherd/README.md +++ /dev/null @@ -1,6 +0,0 @@ -# shepherd - -Monitor the deployed swarm containers for updates. -Will notify you when it found any update for any container. - -Can notify you through a wide variety of services using the apprise api. diff --git a/roles/shepherd/defaults/main.yml b/roles/shepherd/defaults/main.yml deleted file mode 100644 index 39e8fcb..0000000 --- a/roles/shepherd/defaults/main.yml +++ /dev/null @@ -1,13 +0,0 @@ ---- -shepherd_version: latest - -shepherd_tz: Europe/Berlin - -shepherd_ignored_services: label=shepherd.autoupdate=false -shepherd_filter_services: label=shepherd.autoupdate=true - -shepherd_sleeptime: 5m -shepherd_rollback_on_failure: true -shepherd_image_autoclean_limit: 5 - -shepherd_notification_targets: diff --git a/roles/shepherd/meta/main.yml b/roles/shepherd/meta/main.yml deleted file mode 100644 index b0824dd..0000000 --- a/roles/shepherd/meta/main.yml +++ /dev/null @@ -1,10 +0,0 @@ ---- -galaxy_info: - author: Marty Oehme - description: Apply docker swarm container updates - license: GPL-3.0-only - min_ansible_version: "2.9" - galaxy_tags: [] - -dependencies: - - docker-swarm diff --git a/roles/shepherd/tasks/main.yml b/roles/shepherd/tasks/main.yml deleted file mode 100644 index c2bef7f..0000000 --- a/roles/shepherd/tasks/main.yml +++ /dev/null @@ -1,11 +0,0 @@ ---- -- name: Deploy shepherd stack to swarm - community.general.docker_stack: - name: "{{ stack_name }}" - state: present - prune: yes - compose: - - "{{ stack_compose }}" - become: true - tags: - - docker-swarm diff --git a/roles/shepherd/templates/docker-stack.yml.j2 b/roles/shepherd/templates/docker-stack.yml.j2 deleted file mode 100644 index fdd5a50..0000000 --- a/roles/shepherd/templates/docker-stack.yml.j2 +++ /dev/null @@ -1,52 +0,0 @@ -version: '3.4' - -services: - app: - image: "{{ stack_image }}:{{ shepherd_version }}" - # healthcheck: - # test: ["CMD", "wget", "--spider", "-q", "127.0.0.1"] - # interval: 1m - # timeout: 10s - # retries: 3 - # start_period: 1m - command: serve - volumes: - - "/var/run/docker.sock:/var/run/docker.sock" - environment: - - "TZ={{ shepherd_tz }}" - - "SLEEP_TIME={{ shepherd_sleeptime }}" - - "IGNORELIST_SERVICES={{ shepherd_ignored_services }}" -{% if shepherd_filter_services is defined and not None %} - - "FILTER_SERVICES={{ shepherd_filter_services }}" -{% endif %} - - "ROLLBACK_ON_FAILURE={{ shepherd_rollback_on_failure }}" - - "IMAGE_AUTOCLEAN_LIMIT={{ shepherd_image_autoclean_limit }}" - - "VERBOSE=true" -{% if shepherd_notification_targets is defined and not None %} - - "APPRISE_SIDECAR_URL: notify:5000" -{% endif %} - networks: - - backend - deploy: - mode: replicated - replicas: 1 - placement: - constraints: - - node.role == manager - -{% if shepherd_notification_targets is defined and not None %} - notify: - image: mazzolino/apprise-microservice:latest - environment: - NOTIFICATION_URLS: {{ shepherd_notification_targets }} - networks: - - backend -{% endif %} - -volumes: - data: - -networks: - "{{ docker_swarm_public_network_name }}": - external: true - backend: diff --git a/roles/shepherd/vars/main.yml b/roles/shepherd/vars/main.yml deleted file mode 100644 index d8415bd..0000000 --- a/roles/shepherd/vars/main.yml +++ /dev/null @@ -1,6 +0,0 @@ ---- -stack_name: shepherd - -stack_image: "containrrr/shepherd" - -stack_compose: "{{ lookup('template', 'docker-stack.yml.j2') | from_yaml }}" diff --git a/roles/wallabag/defaults/main.yml b/roles/wallabag/defaults/main.yml index 55de954..c7b830c 100644 --- a/roles/wallabag/defaults/main.yml +++ b/roles/wallabag/defaults/main.yml @@ -5,7 +5,5 @@ wallabag_upstream_file_dir: "{{ docker_stack_files_dir }}/{{ stack_name }}" wallabag_use_https: true -wallabag_autoupdate: true - # the subdomain link wallabag will be reachable under subdomain_alias: read diff --git a/roles/wallabag/templates/docker-stack.yml.j2 b/roles/wallabag/templates/docker-stack.yml.j2 index 387f3d7..ee7e307 100644 --- a/roles/wallabag/templates/docker-stack.yml.j2 +++ b/roles/wallabag/templates/docker-stack.yml.j2 @@ -15,16 +15,11 @@ services: - data:/var/www/wallabag/data environment: - SYMFONY__ENV__FOSUSER_REGISTRATION=false -{% if server_domain is not undefined and not none %} +{% if server_domain is not undefined and not none %} - "SYMFONY__ENV__DOMAIN_NAME={{ (wallabag_use_https == True) | ternary('https', 'http') }}://{{ (subdomain_alias is not undefined and not none) | ternary(subdomain_alias, stack_name) }}.{{server_domain}}" {% else %} - SYMFONY__ENV__DOMAIN_NAME={{ (wallabag_use_https == True) | ternary('https', 'http') }}://localhost {% endif %} -{% if wallabag_autoupdate is defined and wallabag_autoupdate %} - deploy: - labels: - - shepherd.autoupdate=true -{% endif %} redis: image: redis:alpine diff --git a/site.yml b/site.yml index 2e9a2be..19f483d 100644 --- a/site.yml +++ b/site.yml @@ -93,8 +93,8 @@ - ntfy - never - - name: Install shepherd + - name: Install diun import_role: - role: shepherd + role: diun tags: - - shepherd + - diun