From ea077958ced1b4d2b77216fe40376da94ff8e2ea Mon Sep 17 00:00:00 2001 From: Marty Oehme Date: Sun, 16 Feb 2025 21:44:34 +0100 Subject: [PATCH 1/8] fix(forgejo): Update to correct woodpecker versions --- roles/forgejo/templates/docker-stack.yml.j2 | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/roles/forgejo/templates/docker-stack.yml.j2 b/roles/forgejo/templates/docker-stack.yml.j2 index 4704ea2..5eb9756 100644 --- a/roles/forgejo/templates/docker-stack.yml.j2 +++ b/roles/forgejo/templates/docker-stack.yml.j2 @@ -86,7 +86,7 @@ services: {% if forgejo_use_ci %} wp-server: - image: woodpeckerci/woodpecker-server:latest + image: woodpeckerci/woodpecker-server:v3 networks: - "{{ docker_swarm_public_network_name }}" - backend @@ -120,11 +120,12 @@ services: {% endif %} wp-agent: - image: woodpeckerci/woodpecker-agent:latest + image: woodpeckerci/woodpecker-agent:v3 networks: - backend command: agent volumes: + - woodpecker-agent-config:/etc/woodpecker - /var/run/docker.sock:/var/run/docker.sock environment: - WOODPECKER_SERVER=wp-server:9000 @@ -135,6 +136,7 @@ volumes: data: db: woodpecker: + woodpecker-agent-config: networks: "{{ docker_swarm_public_network_name }}": From 3418f85ffd4062047363077ea638935c2746a7e6 Mon Sep 17 00:00:00 2001 From: Marty Oehme Date: Fri, 7 Mar 2025 16:00:32 +0100 Subject: [PATCH 2/8] chore(landingpage): Switch to ghcr hosted docker image --- roles/landingpage/vars/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/landingpage/vars/main.yml b/roles/landingpage/vars/main.yml index 436b8cc..f07dc16 100644 --- a/roles/landingpage/vars/main.yml +++ b/roles/landingpage/vars/main.yml @@ -1,6 +1,6 @@ --- stack_name: landingpage -stack_image: "martyo/cloudserve-landing" +stack_image: "ghcr.io/marty-oehme/page:latest" stack_compose: "{{ lookup('template', 'docker-stack.yml.j2') | from_yaml }}" From bc9104c3e8ea122a998e696768a160b674b444c1 Mon Sep 17 00:00:00 2001 From: Marty Oehme Date: Fri, 7 Mar 2025 18:19:53 +0100 Subject: [PATCH 3/8] chore(landingpage): Fix container image url --- roles/landingpage/vars/main.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/landingpage/vars/main.yml b/roles/landingpage/vars/main.yml index f07dc16..e8e20e6 100644 --- a/roles/landingpage/vars/main.yml +++ b/roles/landingpage/vars/main.yml @@ -1,6 +1,6 @@ --- stack_name: landingpage -stack_image: "ghcr.io/marty-oehme/page:latest" +stack_image: "ghcr.io/marty-oehme/page" stack_compose: "{{ lookup('template', 'docker-stack.yml.j2') | from_yaml }}" From 2dfe9f9b928ca6e63368f57805f5b6fdf78bb347 Mon Sep 17 00:00:00 2001 From: Marty Oehme Date: Fri, 7 Mar 2025 18:19:53 +0100 Subject: [PATCH 4/8] feat(shepherd): Add auto update shepherd role Deprecates diun as it provides a simpler implementation for docker swarm. Mark any containers you want auto updated with `shepherd.autoupdate=true` and the rest with `shepherd.autoupdate=false`. Everything untagged will not be watched (by default), though this can be changed by setting the ansible default variable `shepherd_filter_services: `. --- roles/shepherd/README.md | 6 +++ roles/shepherd/defaults/main.yml | 13 +++++ roles/shepherd/meta/main.yml | 10 ++++ roles/shepherd/tasks/main.yml | 11 +++++ roles/shepherd/templates/docker-stack.yml.j2 | 52 ++++++++++++++++++++ roles/shepherd/vars/main.yml | 6 +++ 6 files changed, 98 insertions(+) create mode 100644 roles/shepherd/README.md create mode 100644 roles/shepherd/defaults/main.yml create mode 100644 roles/shepherd/meta/main.yml create mode 100644 roles/shepherd/tasks/main.yml create mode 100644 roles/shepherd/templates/docker-stack.yml.j2 create mode 100644 roles/shepherd/vars/main.yml diff --git a/roles/shepherd/README.md b/roles/shepherd/README.md new file mode 100644 index 0000000..ff26192 --- /dev/null +++ b/roles/shepherd/README.md @@ -0,0 +1,6 @@ +# shepherd + +Monitor the deployed swarm containers for updates. +Will notify you when it found any update for any container. + +Can notify you through a wide variety of services using the apprise api. diff --git a/roles/shepherd/defaults/main.yml b/roles/shepherd/defaults/main.yml new file mode 100644 index 0000000..39e8fcb --- /dev/null +++ b/roles/shepherd/defaults/main.yml @@ -0,0 +1,13 @@ +--- +shepherd_version: latest + +shepherd_tz: Europe/Berlin + +shepherd_ignored_services: label=shepherd.autoupdate=false +shepherd_filter_services: label=shepherd.autoupdate=true + +shepherd_sleeptime: 5m +shepherd_rollback_on_failure: true +shepherd_image_autoclean_limit: 5 + +shepherd_notification_targets: diff --git a/roles/shepherd/meta/main.yml b/roles/shepherd/meta/main.yml new file mode 100644 index 0000000..b0824dd --- /dev/null +++ b/roles/shepherd/meta/main.yml @@ -0,0 +1,10 @@ +--- +galaxy_info: + author: Marty Oehme + description: Apply docker swarm container updates + license: GPL-3.0-only + min_ansible_version: "2.9" + galaxy_tags: [] + +dependencies: + - docker-swarm diff --git a/roles/shepherd/tasks/main.yml b/roles/shepherd/tasks/main.yml new file mode 100644 index 0000000..c2bef7f --- /dev/null +++ b/roles/shepherd/tasks/main.yml @@ -0,0 +1,11 @@ +--- +- name: Deploy shepherd stack to swarm + community.general.docker_stack: + name: "{{ stack_name }}" + state: present + prune: yes + compose: + - "{{ stack_compose }}" + become: true + tags: + - docker-swarm diff --git a/roles/shepherd/templates/docker-stack.yml.j2 b/roles/shepherd/templates/docker-stack.yml.j2 new file mode 100644 index 0000000..fdd5a50 --- /dev/null +++ b/roles/shepherd/templates/docker-stack.yml.j2 @@ -0,0 +1,52 @@ +version: '3.4' + +services: + app: + image: "{{ stack_image }}:{{ shepherd_version }}" + # healthcheck: + # test: ["CMD", "wget", "--spider", "-q", "127.0.0.1"] + # interval: 1m + # timeout: 10s + # retries: 3 + # start_period: 1m + command: serve + volumes: + - "/var/run/docker.sock:/var/run/docker.sock" + environment: + - "TZ={{ shepherd_tz }}" + - "SLEEP_TIME={{ shepherd_sleeptime }}" + - "IGNORELIST_SERVICES={{ shepherd_ignored_services }}" +{% if shepherd_filter_services is defined and not None %} + - "FILTER_SERVICES={{ shepherd_filter_services }}" +{% endif %} + - "ROLLBACK_ON_FAILURE={{ shepherd_rollback_on_failure }}" + - "IMAGE_AUTOCLEAN_LIMIT={{ shepherd_image_autoclean_limit }}" + - "VERBOSE=true" +{% if shepherd_notification_targets is defined and not None %} + - "APPRISE_SIDECAR_URL: notify:5000" +{% endif %} + networks: + - backend + deploy: + mode: replicated + replicas: 1 + placement: + constraints: + - node.role == manager + +{% if shepherd_notification_targets is defined and not None %} + notify: + image: mazzolino/apprise-microservice:latest + environment: + NOTIFICATION_URLS: {{ shepherd_notification_targets }} + networks: + - backend +{% endif %} + +volumes: + data: + +networks: + "{{ docker_swarm_public_network_name }}": + external: true + backend: diff --git a/roles/shepherd/vars/main.yml b/roles/shepherd/vars/main.yml new file mode 100644 index 0000000..d8415bd --- /dev/null +++ b/roles/shepherd/vars/main.yml @@ -0,0 +1,6 @@ +--- +stack_name: shepherd + +stack_image: "containrrr/shepherd" + +stack_compose: "{{ lookup('template', 'docker-stack.yml.j2') | from_yaml }}" From fecf14a5bc71a83db704eb5453854e64fa2525a7 Mon Sep 17 00:00:00 2001 From: Marty Oehme Date: Fri, 7 Mar 2025 18:35:04 +0100 Subject: [PATCH 5/8] feat(site): Change out diun with shepherd --- site.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/site.yml b/site.yml index 19f483d..2e9a2be 100644 --- a/site.yml +++ b/site.yml @@ -93,8 +93,8 @@ - ntfy - never - - name: Install diun + - name: Install shepherd import_role: - role: diun + role: shepherd tags: - - diun + - shepherd From 9f3274dae739bf0acd1e286137387a5199846d97 Mon Sep 17 00:00:00 2001 From: Marty Oehme Date: Fri, 7 Mar 2025 18:35:04 +0100 Subject: [PATCH 6/8] feat(landingpage): Automatically update --- roles/landingpage/defaults/main.yml | 2 ++ roles/landingpage/templates/docker-stack.yml.j2 | 5 +++++ 2 files changed, 7 insertions(+) diff --git a/roles/landingpage/defaults/main.yml b/roles/landingpage/defaults/main.yml index fed7288..cdfb3fd 100644 --- a/roles/landingpage/defaults/main.yml +++ b/roles/landingpage/defaults/main.yml @@ -5,5 +5,7 @@ landingpage_upstream_file_dir: "{{ docker_stack_files_dir }}/{{ stack_name }}" landingpage_use_https: true +landingpage_autoupdate: true + # the subdomain link landingpage will be reachable under subdomain_alias: www diff --git a/roles/landingpage/templates/docker-stack.yml.j2 b/roles/landingpage/templates/docker-stack.yml.j2 index fdaa2b4..fee59db 100644 --- a/roles/landingpage/templates/docker-stack.yml.j2 +++ b/roles/landingpage/templates/docker-stack.yml.j2 @@ -12,6 +12,11 @@ services: entrypoint: sh -c "/docker-entrypoint.sh nginx -g 'daemon off;'" networks: - "{{ docker_swarm_public_network_name }}" +{% if landingpage_autoupdate is defined and landingpage_autoupdate %} + deploy: + labels: + - shepherd.autoupdate=true +{% endif %} networks: "{{ docker_swarm_public_network_name }}": From 83613f6d869715a7e3272025d4cdba9967fba07e Mon Sep 17 00:00:00 2001 From: Marty Oehme Date: Fri, 7 Mar 2025 21:42:45 +0100 Subject: [PATCH 7/8] feat(roles): Add auto updating to some roles Miniflux, searx, shaarli and wallabag will be automatically updated by shepherd. --- roles/miniflux/defaults/main.yml | 2 ++ roles/miniflux/templates/docker-stack.yml.j2 | 5 +++++ roles/searx/defaults/main.yml | 7 +++++-- roles/searx/templates/docker-stack.yml.j2 | 7 ++++++- roles/shaarli/defaults/main.yml | 2 ++ roles/shaarli/templates/docker-stack.yml.j2 | 5 +++++ roles/wallabag/defaults/main.yml | 2 ++ roles/wallabag/templates/docker-stack.yml.j2 | 7 ++++++- 8 files changed, 33 insertions(+), 4 deletions(-) diff --git a/roles/miniflux/defaults/main.yml b/roles/miniflux/defaults/main.yml index a241f22..d93c12f 100644 --- a/roles/miniflux/defaults/main.yml +++ b/roles/miniflux/defaults/main.yml @@ -8,6 +8,8 @@ miniflux_use_https: true # the subdomain link miniflux will be reachable under subdomain_alias: rss +miniflux_autoupdate: true + # Should ideally be overwritten in encrypted group/host vars miniflux_admin_username: myadmin miniflux_admin_password: mypassword diff --git a/roles/miniflux/templates/docker-stack.yml.j2 b/roles/miniflux/templates/docker-stack.yml.j2 index 7af9ed7..15af1ed 100644 --- a/roles/miniflux/templates/docker-stack.yml.j2 +++ b/roles/miniflux/templates/docker-stack.yml.j2 @@ -24,6 +24,11 @@ services: {% else %} - "BASE_URL={{ (miniflux_use_https == True) | ternary('https', 'http') }}://localhost/{{ (subdomain_alias is not undefined and not none) | ternary(subdomain_alias, stack_name) }}" {% endif %} +{% if miniflux_autoupdate is defined and miniflux_autoupdate %} + deploy: + labels: + - shepherd.autoupdate=true +{% endif %} db: image: postgres:11 diff --git a/roles/searx/defaults/main.yml b/roles/searx/defaults/main.yml index 5204c77..dd9fa5a 100644 --- a/roles/searx/defaults/main.yml +++ b/roles/searx/defaults/main.yml @@ -5,8 +5,11 @@ searx_upstream_file_dir: "{{ docker_stack_files_dir }}/{{ stack_name }}" searx_use_https: true +searx_autoupdate: true + # the subdomain link searx will be reachable under subdomain_alias: search + # searx_authentication: -# - username: mysearxusername -# password: JDJhJDE0JFdjUnQ5WWllcU8wa01xS0JBS2dlMy5zMEhRTmxqTXdIZmdjcTN6ZGFwRjJlYUdoSHAwRUhL # mysearxpassword +# - username: # mysearxusername +# password: # mysearxpassword diff --git a/roles/searx/templates/docker-stack.yml.j2 b/roles/searx/templates/docker-stack.yml.j2 index 9c1cd2d..9b853ac 100644 --- a/roles/searx/templates/docker-stack.yml.j2 +++ b/roles/searx/templates/docker-stack.yml.j2 @@ -13,7 +13,7 @@ services: start_period: 1m environment: - BIND_ADDRESS=0.0.0.0:8080 -{% if server_domain is not undefined and not none %} +{% if server_domain is not undefined and not none %} - "BASE_URL={{ (searx_use_https == True) | ternary('https', 'http') }}://{{ (subdomain_alias is not undefined and not none) | ternary(subdomain_alias, stack_name) }}.{{server_domain}}" {% else %} - "BASE_URL={{ (searx_use_https == True) | ternary('https', 'http') }}://localhost/{{ (subdomain_alias is not undefined and not none) | ternary(subdomain_alias, stack_name) }}" @@ -21,6 +21,11 @@ services: volumes: - /etc/localtime:/etc/localtime:ro - data:/etc/searx:rw +{% if searx_autoupdate is defined and searx_autoupdate %} + deploy: + labels: + - shepherd.autoupdate=true +{% endif %} volumes: data: diff --git a/roles/shaarli/defaults/main.yml b/roles/shaarli/defaults/main.yml index 45f1bef..662c888 100644 --- a/roles/shaarli/defaults/main.yml +++ b/roles/shaarli/defaults/main.yml @@ -5,6 +5,8 @@ shaarli_upstream_file_dir: "{{ docker_stack_files_dir }}/{{ stack_name }}" shaarli_use_https: true +shaarli_autoupdate: true + # the subdomain link shaarli will be reachable under subdomain_alias: links diff --git a/roles/shaarli/templates/docker-stack.yml.j2 b/roles/shaarli/templates/docker-stack.yml.j2 index a90157a..0ee7f70 100644 --- a/roles/shaarli/templates/docker-stack.yml.j2 +++ b/roles/shaarli/templates/docker-stack.yml.j2 @@ -14,6 +14,11 @@ services: volumes: - data:/var/www/shaarli/data - cache:/var/www/shaarli/cache +{% if shaarli_autoupdate is defined and shaarli_autoupdate %} + deploy: + labels: + - shepherd.autoupdate=true +{% endif %} {% if backup_enable is not undefined and not false and shaarli_backup_enable is not undefined and not false %} backup: diff --git a/roles/wallabag/defaults/main.yml b/roles/wallabag/defaults/main.yml index c7b830c..55de954 100644 --- a/roles/wallabag/defaults/main.yml +++ b/roles/wallabag/defaults/main.yml @@ -5,5 +5,7 @@ wallabag_upstream_file_dir: "{{ docker_stack_files_dir }}/{{ stack_name }}" wallabag_use_https: true +wallabag_autoupdate: true + # the subdomain link wallabag will be reachable under subdomain_alias: read diff --git a/roles/wallabag/templates/docker-stack.yml.j2 b/roles/wallabag/templates/docker-stack.yml.j2 index ee7e307..387f3d7 100644 --- a/roles/wallabag/templates/docker-stack.yml.j2 +++ b/roles/wallabag/templates/docker-stack.yml.j2 @@ -15,11 +15,16 @@ services: - data:/var/www/wallabag/data environment: - SYMFONY__ENV__FOSUSER_REGISTRATION=false -{% if server_domain is not undefined and not none %} +{% if server_domain is not undefined and not none %} - "SYMFONY__ENV__DOMAIN_NAME={{ (wallabag_use_https == True) | ternary('https', 'http') }}://{{ (subdomain_alias is not undefined and not none) | ternary(subdomain_alias, stack_name) }}.{{server_domain}}" {% else %} - SYMFONY__ENV__DOMAIN_NAME={{ (wallabag_use_https == True) | ternary('https', 'http') }}://localhost {% endif %} +{% if wallabag_autoupdate is defined and wallabag_autoupdate %} + deploy: + labels: + - shepherd.autoupdate=true +{% endif %} redis: image: redis:alpine From 447e15f9e90baa62bbf5ed577dd8335d7db47f2f Mon Sep 17 00:00:00 2001 From: Marty Oehme Date: Fri, 7 Mar 2025 21:42:45 +0100 Subject: [PATCH 8/8] feat(linkding): Add linkding stack Bookmarking software similar to shaarli but a bit more featureful. And not written in php, thankfully. --- roles/linkding/defaults/main.yml | 19 +++++++ roles/linkding/handlers/main.yml | 52 ++++++++++++++++++++ roles/linkding/meta/main.yml | 11 +++++ roles/linkding/tasks/main.yml | 23 +++++++++ roles/linkding/templates/docker-stack.yml.j2 | 46 +++++++++++++++++ roles/linkding/templates/upstream.json.j2 | 38 ++++++++++++++ roles/linkding/vars/main.yml | 6 +++ 7 files changed, 195 insertions(+) create mode 100644 roles/linkding/defaults/main.yml create mode 100644 roles/linkding/handlers/main.yml create mode 100644 roles/linkding/meta/main.yml create mode 100644 roles/linkding/tasks/main.yml create mode 100644 roles/linkding/templates/docker-stack.yml.j2 create mode 100644 roles/linkding/templates/upstream.json.j2 create mode 100644 roles/linkding/vars/main.yml diff --git a/roles/linkding/defaults/main.yml b/roles/linkding/defaults/main.yml new file mode 100644 index 0000000..b675b38 --- /dev/null +++ b/roles/linkding/defaults/main.yml @@ -0,0 +1,19 @@ +--- +linkding_version: latest-plus # plus contains self-archiving possibilities with singlefile + +linkding_upstream_file_dir: "{{ docker_stack_files_dir }}/{{ stack_name }}" + +linkding_use_https: true + +linkding_autoupdate: true + +# the subdomain link linkding will be reachable under +subdomain_alias: ld + +# initial superuser creation +linkding_username: linkdinger +linkding_password: linkdingerpass123 + +# should we back up the data? +linkding_backup_enable: true +linkding_backup_cron: 0 45 3 * * * diff --git a/roles/linkding/handlers/main.yml b/roles/linkding/handlers/main.yml new file mode 100644 index 0000000..081f2df --- /dev/null +++ b/roles/linkding/handlers/main.yml @@ -0,0 +1,52 @@ +## Register reverse proxy +- name: Ensure upstream directory exists + ansible.builtin.file: + path: "{{ linkding_upstream_file_dir }}" + state: directory + mode: "0755" + become: true + listen: "update linkding upstream" + +- name: Update upstream template + ansible.builtin.template: + src: upstream.json.j2 + dest: "{{ linkding_upstream_file_dir }}/upstream.json" + become: true + listen: "update linkding upstream" + +# figure out if upstream id exists +- name: check {{ stack_name }} upstream + community.docker.docker_container_exec: + container: "{{ caddy_container_id }}" + command: > + curl localhost:2019/id/{{ stack_name }}_upstream/ + changed_when: False + register: result + become: true + listen: "update linkding upstream" + +# upstream already exists, patch it +- name: remove old {{ stack_name }} upstream + community.docker.docker_container_exec: + container: "{{ caddy_container_id }}" + command: > + curl -X DELETE localhost:2019/id/{{ stack_name }}_upstream/ + become: true + when: (result.stdout | from_json)['error'] is not defined + listen: "update linkding upstream" + +# upstream has to be created +- name: add {{ stack_name }} upstream + community.docker.docker_container_exec: + container: "{{ caddy_container_id }}" + command: > + curl -X POST -H "Content-Type: application/json" -d @{{ linkding_upstream_file_dir }}/upstream.json localhost:2019/config/apps/http/servers/{{ (linkding_use_https == True) | ternary(caddy_https_server_name, caddy_http_server_name) }}/routes/0/ + become: true + listen: "update linkding upstream" + +- name: Ensure upstream directory is gone again + ansible.builtin.file: + path: "{{ linkding_upstream_file_dir }}" + state: absent + become: true + listen: "update linkding upstream" diff --git a/roles/linkding/meta/main.yml b/roles/linkding/meta/main.yml new file mode 100644 index 0000000..1c14785 --- /dev/null +++ b/roles/linkding/meta/main.yml @@ -0,0 +1,11 @@ +--- +galaxy_info: + author: Marty Oehme + description: Installs linkding as a docker stack service + license: GPL-3.0-only + min_ansible_version: "2.9" + galaxy_tags: [] + +dependencies: + - docker-swarm + - caddy_id diff --git a/roles/linkding/tasks/main.yml b/roles/linkding/tasks/main.yml new file mode 100644 index 0000000..e514b26 --- /dev/null +++ b/roles/linkding/tasks/main.yml @@ -0,0 +1,23 @@ +--- +## install linkding container +- name: Check upstream status + community.docker.docker_container_exec: + container: "{{ caddy_container_id }}" + command: > + curl localhost:2019/id/{{ stack_name }}_upstream/ + register: result + changed_when: (result.stdout | from_json) != (lookup('template', 'upstream.json.j2') | from_yaml) + become: true + notify: "update linkding upstream" + +- name: Deploy linkding to swarm + community.general.docker_stack: + name: "{{ stack_name }}" + state: present + prune: yes + compose: + - "{{ stack_compose }}" + become: true + tags: + - docker-swarm + notify: "update linkding upstream" diff --git a/roles/linkding/templates/docker-stack.yml.j2 b/roles/linkding/templates/docker-stack.yml.j2 new file mode 100644 index 0000000..dad26fc --- /dev/null +++ b/roles/linkding/templates/docker-stack.yml.j2 @@ -0,0 +1,46 @@ +services: + app: + image: "{{ stack_image }}:{{ linkding_version }}" + healthcheck: + test: ["CMD", "curl", "--fail", "http://127.0.0.1:9090/health"] + interval: 1m + timeout: 10s + retries: 3 + start_period: 1m + networks: + - "{{ docker_swarm_public_network_name }}" + volumes: + - data:/etc/linkding/data + environment: + - "LD_SUPERUSER_NAME={{ linkding_username }}" + - "LD_SUPERUSER_PASSWORD={{ linkding_password }}" +{% if linkding_autoupdate is defined and linkding_autoupdate %} + deploy: + labels: + - shepherd.autoupdate=true +{% endif %} + +{% if backup_enable is not undefined and not false and linkding_backup_enable is not undefined and not false %} + backup: + image: mazzolino/restic + environment: + - "TZ={{ restic_timezone }}" + # go-cron starts w seconds + - "BACKUP_CRON={{ linkding_backup_cron }}" + - "RESTIC_REPOSITORY={{ restic_repo }}" + - "AWS_ACCESS_KEY_ID={{ restic_s3_key }}" + - "AWS_SECRET_ACCESS_KEY={{ restic_s3_secret }}" + - "RESTIC_PASSWORD={{ restic_pass }}" + - "RESTIC_BACKUP_TAGS=linkding" + - "RESTIC_BACKUP_SOURCES=/volumes" + volumes: + - data:/volumes/linkding_data:ro +{% endif %} + +volumes: + data: + +networks: + "{{ docker_swarm_public_network_name }}": + external: true + diff --git a/roles/linkding/templates/upstream.json.j2 b/roles/linkding/templates/upstream.json.j2 new file mode 100644 index 0000000..a20061f --- /dev/null +++ b/roles/linkding/templates/upstream.json.j2 @@ -0,0 +1,38 @@ +{ + "@id": "{{ stack_name }}_upstream", +{% if server_domain is not undefined and not none %} + "match": [ + { + "host": [ +{% if subdomain_alias is not undefined and not none %} + "{{ subdomain_alias }}.{{ server_domain }}" +{% else %} + "{{ stack_name }}.{{ server_domain }}" +{% endif %} + ] + } + ], +{% else %} + "match": [ + { + "path": [ +{% if subdomain_alias is not undefined and not none %} + "/{{ subdomain_alias }}*" +{% else %} + "/{{ stack_name }}*" +{% endif %} + ] + } + ], +{% endif %} + "handle": [ + { + "handler": "reverse_proxy", + "upstreams": [ + { + "dial": "{{ stack_name }}_app:80" + } + ] + } + ] +} diff --git a/roles/linkding/vars/main.yml b/roles/linkding/vars/main.yml new file mode 100644 index 0000000..5e74731 --- /dev/null +++ b/roles/linkding/vars/main.yml @@ -0,0 +1,6 @@ +--- +stack_name: linkding + +stack_image: "sissbruecker/linkding" + +stack_compose: "{{ lookup('template', 'docker-stack.yml.j2') | from_yaml }}"