Viyurz/vps
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Add Stump.

Browse source
This commit is contained in:
Viyurz 2024-04-20 12:48:37 +02:00
parent e3abbbb8fe
commit 325c0fbeee
Signed by: Viyurz
SSH key fingerprint: SHA256:IskOHTmhHSJIvAt04N6aaxd5SZCVWW1Guf9tEcxIMj8
7 changed files with 131 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
env.yml
View file

@ -50,6 +50,7 @@ projects:
- nginx - nginx
- postgres - postgres
- searxng - searxng
- stump
- synapse - synapse
- syncthing - syncthing
- uptime-kuma - uptime-kuma
@ -63,6 +64,7 @@ projects_to_backup:
- lldap - lldap
- mailserver - mailserver
- postgres - postgres
- stump
- synapse - synapse
- uptime-kuma - uptime-kuma
- vaultwarden - vaultwarden
@ -96,6 +98,7 @@ ports:
mailserver_jmap: 1443 mailserver_jmap: 1443
postgres: 5432 postgres: 5432
searxng: 8083 searxng: 8083
stump: 10801
synapse: 8008 synapse: 8008
syncthing_discosrv: 8443 syncthing_discosrv: 8443
# Public port, forwarded to 22067 by nftables # Public port, forwarded to 22067 by nftables
@ -105,6 +108,7 @@ ports:
syncthing_udp: 22000 syncthing_udp: 22000
uptime_kuma: 3001 uptime_kuma: 3001
vaultwarden: 8081 vaultwarden: 8081
wireguard: 51820
# UID in containers # UID in containers
@ -119,12 +123,14 @@ users:
postgres: 70 postgres: 70
searxng: 977 searxng: 977
searxng_redis: 999 searxng_redis: 999
stump: 1005
synapse: 991 synapse: 991
syncthing: 1001 syncthing: 1001
syncthing_discosrv: 1002 syncthing_discosrv: 1002
syncthing_relaysrv: 1003 syncthing_relaysrv: 1003
uptime_kuma: 1006 uptime_kuma: 1006
vaultwarden: 1000 vaultwarden: 1000
wireguard: 1009
volumes: volumes:
@ -137,6 +143,8 @@ volumes:
mailserver_tls_certificate_file: "/etc/letsencrypt/live/mail.{{ domain }}/fullchain.pem" mailserver_tls_certificate_file: "/etc/letsencrypt/live/mail.{{ domain }}/fullchain.pem"
mailserver_tls_certificate_key_file: "/etc/letsencrypt/live/mail.{{ domain }}/privkey.pem" mailserver_tls_certificate_key_file: "/etc/letsencrypt/live/mail.{{ domain }}/privkey.pem"
postgres_datadir: /mnt/postgresdata postgres_datadir: /mnt/postgresdata
stump_configdir: /mnt/stump/config
stump_datadir: /mnt/stump/data
synapse_datadir: /mnt/synapsedata synapse_datadir: /mnt/synapsedata
syncthing_datadir: "{{ cifs_mounts['syncthing']['path'] }}" syncthing_datadir: "{{ cifs_mounts['syncthing']['path'] }}"
uptime_kuma_datadir: /mnt/uptimekumadata uptime_kuma_datadir: /mnt/uptimekumadata

13
roles/nginx/templates/sites-enabled/stump.conf Normal file
View file

@ -0,0 +1,13 @@
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name stump.{{ domain }};
location / {
proxy_pass http://127.0.0.1:{{ ports['stump'] }};
include /etc/nginx/snippets/websocket.conf;
include /etc/nginx/snippets/proxy.conf;
}
}

30
roles/stump/tasks/backup.yml Normal file
View file

@ -0,0 +1,30 @@
- name:
become: true
block:
- name: Backup SQLite database
command:
cmd: |
sqlite3
"{{ volumes['stump_configdir'] }}/stump.db"
".backup {{ volumes['stump_configdir'] }}/stump-backup.db"
- name: Create borg backup
command:
cmd: |
borg create
--compression=lzma
"{{ borg_repodir }}::{{ role_name }}-{now:%Y-%m-%d_%H-%M-%S}"
{{ volumes['stump_configdir'] }}/stump-backup.db
{{ volumes['stump_datadir'] }}
environment:
BORG_PASSCOMMAND: "cat {{ borg_passphrase_file }}"
- name: Prune borg repository
command:
cmd: |
borg prune
--glob-archives='{{ role_name }}-*'
{{ borg_prune_options }}
{{ borg_repodir }}
environment:
BORG_PASSCOMMAND: "cat {{ borg_passphrase_file }}"

14
roles/stump/tasks/main.yml Normal file
View file

@ -0,0 +1,14 @@
- name: Include backup tasks
include_tasks:
file: backup.yml
when: run_backup | default(false) | bool
- name: Include setup tasks
include_tasks:
file: setup.yml
when: run_setup | default(false) | bool
- name: Include update tasks
include_tasks:
file: update.yml
when: run_update | default(false) | bool

29
roles/stump/tasks/setup.yml Normal file
View file

@ -0,0 +1,29 @@
- name: "(Re)Create {{ project_dir }} project directory"
file:
path: "{{ project_dir }}"
state: "{{ item }}"
loop:
- absent
- directory
- name: Template docker-compose.yaml to project directory
template:
src: "{{ item }}"
dest: "{{ project_dir }}/{{ item }}"
owner: "{{ host_uid }}"
group: "{{ host_uid }}"
mode: '640'
loop:
- docker-compose.yaml
- name: "Create (if not exists) directories {{ volumes['stump_configdir'] }} and {{ volumes['stump_datadir'] }} & set permissions"
file:
path: "{{ item }}"
state: directory
owner: "{{ users['stump'] + uid_shift }}"
group: "{{ users['stump'] + uid_shift }}"
mode: '700'
become: true
loop:
- "{{ volumes['stump_datadir'] }}"
- "{{ volumes['stump_configdir'] }}"

24
roles/stump/tasks/update.yml Normal file
View file

@ -0,0 +1,24 @@
- name: Pull project services
community.docker.docker_compose:
project_src: "{{ project_dir }}"
recreate: never
pull: true
debug: true
when: docker_pull_images | bool
register: stump_docker_compose_pull_result
- name: Display pulled image(s) name
set_fact:
stump_pulled_images: "{{ stump_pulled_images | default([]) + [item.pulled_image.name] }}"
loop: "{{ stump_docker_compose_pull_result['actions'] | default([]) | selectattr('pulled_image', 'defined') }}"
- name: Include backup tasks
include_tasks:
file: backup.yml
# Make a backup if we didn't already make one and we pulled a new image
when: not run_backup | default(false) and stump_pulled_images is defined
- name: Create/Restart project services
community.docker.docker_compose:
project_src: "{{ project_dir }}"
restarted: "{{ run_setup | default(false) | bool }}"

13
roles/stump/templates/docker-compose.yaml Normal file
View file

@ -0,0 +1,13 @@
services:
stump:
container_name: stump
image: aaronleopold/stump:0.0.1
restart: always
environment:
- PUID={{ users['stump'] }}
- PGID={{ users['stump'] }}
ports:
- 127.0.0.1:{{ ports['stump'] }}:10801
volumes:
- {{ volumes['stump_configdir'] }}:/config
- {{ volumes['stump_datadir'] }}:/data