paul/infrastructure
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

Move docker folder and delete hedgedoc user
All checks were successful
continuous-integration/drone/push Build is passing
Details

Browse Source
This commit is contained in:
Paul Brinkmeier 2023-01-27 04:29:32 +01:00
parent 3f3d619694
commit a1cac6b8a3
18 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
TODO.md
View File

@ -6,6 +6,7 @@
- [x] Make it inaccessible to anyone but root (`-rw------`) - [x] Make it inaccessible to anyone but root (`-rw------`)
- [x] Add [Drone runner](https://docs.drone.io/runner/docker/installation/linux/) - [x] Add [Drone runner](https://docs.drone.io/runner/docker/installation/linux/)
- [ ] Figure out how to dependably store `.env` files (Ansible vault? Something else?) - [ ] Figure out how to dependably store `.env` files (Ansible vault? Something else?)
- [ ] In vault, seperate from other config
- [x] Check out docker swarm and current best practices for Ansible - [x] Check out docker swarm and current best practices for Ansible
- [x] Use Gitea instead of GitLab - [x] Use Gitea instead of GitLab
- [ ] Add drone exec runner for Nix builds with shared `/nix` - [ ] Add drone exec runner for Nix builds with shared `/nix`

6
ansible/playbooks/misc-docker.yaml
View File

@ -8,7 +8,7 @@
name: "{{ item.name }}" name: "{{ item.name }}"
uid: "{{ item.uid }}" uid: "{{ item.uid }}"
create_home: false create_home: false
state: present state: "{{ item.state }}"
loop: loop:
- name: jupyter - name: jupyter
uid: 42000 uid: 42000
@ -24,7 +24,7 @@
state: present state: present
- name: hedgedoc - name: hedgedoc
uid: 10000 uid: 10000
state: present state: absent
# All services that are behind Caddy need to be in this network # All services that are behind Caddy need to be in this network
- name: Create Caddy network - name: Create Caddy network
become: true become: true
@ -34,7 +34,7 @@
- name: Upload docker configuration - name: Upload docker configuration
become: true become: true
ansible.builtin.copy: ansible.builtin.copy:
src: ../../docker src: ../../docker/docker
dest: /etc/pbri dest: /etc/pbri
# Files should inaccessible to non-root users. # Files should inaccessible to non-root users.
mode: u=rw,g=,o= mode: u=rw,g=,o=

0
docker/caddy/Caddyfile → docker/docker/caddy/Caddyfile
View File

0
docker/caddy/Dockerfile → docker/docker/caddy/Dockerfile
View File

0
docker/caddy/docker-compose.yaml → docker/docker/caddy/docker-compose.yaml
View File

0
docker/codi/README.md → docker/docker/codi/README.md
View File

0
docker/codi/docker-compose.yaml → docker/docker/codi/docker-compose.yaml
View File

0
docker/drone/README.md → docker/docker/drone/README.md
View File

0
docker/drone/docker-compose.yaml → docker/docker/drone/docker-compose.yaml
View File

0
docker/factorio/Dockerfile → docker/docker/factorio/Dockerfile
View File

0
docker/factorio/README.md → docker/docker/factorio/README.md
View File

0
docker/factorio/docker-compose.yaml → docker/docker/factorio/docker-compose.yaml
View File

0
docker/factorio/server-settings.json → docker/docker/factorio/server-settings.json
View File

0
docker/gitea/Dockerfile → docker/docker/gitea/Dockerfile
View File

0
docker/gitea/README.md → docker/docker/gitea/README.md
View File

0
docker/gitea/docker-compose.yaml → docker/docker/gitea/docker-compose.yaml
View File

0
docker/glebby/docker-compose.yaml → docker/docker/glebby/docker-compose.yaml
View File

0
docker/jupyter/docker-compose.yaml → docker/docker/jupyter/docker-compose.yaml
View File