Convert project to ansible

This commit is contained in:
Felix Ableitner 2019-04-10 21:43:16 +02:00
parent cd5b794fe1
commit 408d1cf7f4
10 changed files with 110 additions and 22 deletions

19
.env
View file

@ -1,19 +0,0 @@
PEERTUBE_WEBSERVER_HOSTNAME=peertube.social
PEERTUBE_WEBSERVER_PORT=443
PEERTUBE_WEBSERVER_HTTPS=true
PEERTUBE_TRUST_PROXY=["127.0.0.1"]
# If you need more than one IP as trust_proxy
# pass them as a comma separated array:
#PEERTUBE_TRUST_PROXY=["127.0.0.1", "loopback", "192.168.1.0/24"]
#PEERTUBE_SMTP_USERNAME=
#PEERTUBE_SMTP_PASSWORD=
PEERTUBE_SMTP_HOSTNAME=postfix
PEERTUBE_SMTP_PORT=25
PEERTUBE_SMTP_FROM=info@peertube.social
PEERTUBE_SMTP_TLS=false
#PEERTUBE_SMTP_DISABLE_STARTTLS=false
PEERTUBE_ADMIN_EMAIL=info@peertube.social
# this will override the config value
#PEERTUBE_DB_USERNAME=peertube
#PEERTUBE_DB_PASSWORD=WBUe8qGIIQFUIkcg

3
.gitignore vendored
View file

@ -1 +1,2 @@
volumes/
passwords/
peertube.retry

15
README.md Normal file
View file

@ -0,0 +1,15 @@
# Peertube setup with Ansible and Docker-Compose
## Setup
Configure your ssh connection in `inventory`.
Install Ansible:
pip2 install ansible
Run the playbook:
ansible-playbook --become -K peertube.yml
It will prompt for root password to escalate privileges through `sudo`.

5
ansible.cfg Normal file
View file

@ -0,0 +1,5 @@
[defaults]
inventory=inventory
[ssh_connection]
pipelining = True

5
inventory Normal file
View file

@ -0,0 +1,5 @@
[peertube]
root@testing.peertube.social domain=testing.peertube.social
[all:vars]
ansible_connection=ssh

63
peertube.yml Normal file
View file

@ -0,0 +1,63 @@
---
- hosts: all
# Install python if required
# https://www.josharcher.uk/code/ansible-python-connection-failure-ubuntu-server-1604/
gather_facts: False
pre_tasks:
- name: install python for Ansible
raw: test -e /usr/bin/python || (apt -y update && apt install -y python-minimal python-setuptools)
register: output
changed_when: output.stdout != ""
- setup: # gather facts
tasks:
- name: install dependencies
apt:
pkg: ['docker-compose', 'docker.io']
- name: create peertube folder
file: path=/peertube/volumes/traefik/ state=directory mode=0755
- name: add all template files
template: src={{item.src}} dest={{item.dest}}
with_items:
- { src: 'templates/docker-compose.yml', dest: '/peertube/docker-compose.yml' }
- { src: 'templates/env', dest: '/peertube/.env' }
- { src: 'templates/nginx.conf', dest: '/peertube/nginx.conf' }
- { src: 'templates/traefik.toml', dest: '/peertube/traefik.toml' }
vars:
postgres_password: "{{ lookup('password', 'passwords/{{ inventory_hostname }}/postgres chars=ascii_letters,digits') }}"
- name: set traefik data file and env file permissions
file:
path: "{{ item.path }}"
state: touch
mode: 0600
access_time: preserve
modification_time: preserve
with_items:
- { path: '/peertube/volumes/traefik/acme.json' }
- { path: '/peertube/.env' }
- name: enable and start docker service
systemd:
name: docker
enabled: yes
state: started
- name: start docker-compose
docker_service:
project_src: /peertube/
state: present
pull: yes
- name: fetch root password
shell: "docker-compose -f /peertube/docker-compose.yml logs peertube | grep 'User password' | awk 'NF{ print $NF }'"
register: password
changed_when: False
- name: print root password
debug:
msg: "The admin login is user=root, password={{ password.stdout }}"
when: password.stdout != ""

View file

@ -42,6 +42,9 @@ services:
- ./volumes/data:/data
- /mnt/external:/data-external
- ./volumes/config:/config
environment:
- PEERTUBE_DB_USERNAME=${POSTGRES_USER}
- PEERTUBE_DB_PASSWORD=${POSTGRES_PASSWORD}
depends_on:
- postgres
- redis
@ -54,6 +57,9 @@ services:
- ./volumes/db:/var/lib/postgresql/data
labels:
traefik.enable: "false"
environment:
- POSTGRES_USER=${POSTGRES_USER}
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
restart: "always"
redis:

12
templates/env Normal file
View file

@ -0,0 +1,12 @@
PEERTUBE_WEBSERVER_HOSTNAME={{ domain }}
PEERTUBE_WEBSERVER_PORT=443
PEERTUBE_WEBSERVER_HTTPS=true
PEERTUBE_TRUST_PROXY=["127.0.0.1"]
PEERTUBE_SMTP_HOSTNAME=postfix
PEERTUBE_SMTP_PORT=25
PEERTUBE_SMTP_FROM=info@{{ domain }}
PEERTUBE_SMTP_TLS=false
PEERTUBE_ADMIN_EMAIL=info@{{ domain }}
POSTGRES_USER=peertube
POSTGRES_PASSWORD={{ postgres_password }}

View file

@ -60,7 +60,7 @@ entryPoint = "https"
# Domains list.
#
[[acme.domains]]
main = "peertube.social"
main = "{{ domain }}"
# Use a HTTP-01 acme challenge rather than TLS-SNI-01 challenge
#