Convert project to ansible
This commit is contained in:
parent
cd5b794fe1
commit
408d1cf7f4
10 changed files with 110 additions and 22 deletions
19
.env
19
.env
|
@ -1,19 +0,0 @@
|
|||
PEERTUBE_WEBSERVER_HOSTNAME=peertube.social
|
||||
PEERTUBE_WEBSERVER_PORT=443
|
||||
PEERTUBE_WEBSERVER_HTTPS=true
|
||||
PEERTUBE_TRUST_PROXY=["127.0.0.1"]
|
||||
# If you need more than one IP as trust_proxy
|
||||
# pass them as a comma separated array:
|
||||
#PEERTUBE_TRUST_PROXY=["127.0.0.1", "loopback", "192.168.1.0/24"]
|
||||
#PEERTUBE_SMTP_USERNAME=
|
||||
#PEERTUBE_SMTP_PASSWORD=
|
||||
PEERTUBE_SMTP_HOSTNAME=postfix
|
||||
PEERTUBE_SMTP_PORT=25
|
||||
PEERTUBE_SMTP_FROM=info@peertube.social
|
||||
PEERTUBE_SMTP_TLS=false
|
||||
#PEERTUBE_SMTP_DISABLE_STARTTLS=false
|
||||
PEERTUBE_ADMIN_EMAIL=info@peertube.social
|
||||
|
||||
# this will override the config value
|
||||
#PEERTUBE_DB_USERNAME=peertube
|
||||
#PEERTUBE_DB_PASSWORD=WBUe8qGIIQFUIkcg
|
3
.gitignore
vendored
3
.gitignore
vendored
|
@ -1 +1,2 @@
|
|||
volumes/
|
||||
passwords/
|
||||
peertube.retry
|
||||
|
|
15
README.md
Normal file
15
README.md
Normal file
|
@ -0,0 +1,15 @@
|
|||
# Peertube setup with Ansible and Docker-Compose
|
||||
|
||||
## Setup
|
||||
|
||||
Configure your ssh connection in `inventory`.
|
||||
|
||||
Install Ansible:
|
||||
|
||||
pip2 install ansible
|
||||
|
||||
Run the playbook:
|
||||
|
||||
ansible-playbook --become -K peertube.yml
|
||||
|
||||
It will prompt for root password to escalate privileges through `sudo`.
|
5
ansible.cfg
Normal file
5
ansible.cfg
Normal file
|
@ -0,0 +1,5 @@
|
|||
[defaults]
|
||||
inventory=inventory
|
||||
|
||||
[ssh_connection]
|
||||
pipelining = True
|
5
inventory
Normal file
5
inventory
Normal file
|
@ -0,0 +1,5 @@
|
|||
[peertube]
|
||||
root@testing.peertube.social domain=testing.peertube.social
|
||||
|
||||
[all:vars]
|
||||
ansible_connection=ssh
|
63
peertube.yml
Normal file
63
peertube.yml
Normal file
|
@ -0,0 +1,63 @@
|
|||
---
|
||||
- hosts: all
|
||||
|
||||
# Install python if required
|
||||
# https://www.josharcher.uk/code/ansible-python-connection-failure-ubuntu-server-1604/
|
||||
gather_facts: False
|
||||
pre_tasks:
|
||||
- name: install python for Ansible
|
||||
raw: test -e /usr/bin/python || (apt -y update && apt install -y python-minimal python-setuptools)
|
||||
register: output
|
||||
changed_when: output.stdout != ""
|
||||
- setup: # gather facts
|
||||
|
||||
tasks:
|
||||
- name: install dependencies
|
||||
apt:
|
||||
pkg: ['docker-compose', 'docker.io']
|
||||
|
||||
- name: create peertube folder
|
||||
file: path=/peertube/volumes/traefik/ state=directory mode=0755
|
||||
|
||||
- name: add all template files
|
||||
template: src={{item.src}} dest={{item.dest}}
|
||||
with_items:
|
||||
- { src: 'templates/docker-compose.yml', dest: '/peertube/docker-compose.yml' }
|
||||
- { src: 'templates/env', dest: '/peertube/.env' }
|
||||
- { src: 'templates/nginx.conf', dest: '/peertube/nginx.conf' }
|
||||
- { src: 'templates/traefik.toml', dest: '/peertube/traefik.toml' }
|
||||
vars:
|
||||
postgres_password: "{{ lookup('password', 'passwords/{{ inventory_hostname }}/postgres chars=ascii_letters,digits') }}"
|
||||
|
||||
- name: set traefik data file and env file permissions
|
||||
file:
|
||||
path: "{{ item.path }}"
|
||||
state: touch
|
||||
mode: 0600
|
||||
access_time: preserve
|
||||
modification_time: preserve
|
||||
with_items:
|
||||
- { path: '/peertube/volumes/traefik/acme.json' }
|
||||
- { path: '/peertube/.env' }
|
||||
|
||||
- name: enable and start docker service
|
||||
systemd:
|
||||
name: docker
|
||||
enabled: yes
|
||||
state: started
|
||||
|
||||
- name: start docker-compose
|
||||
docker_service:
|
||||
project_src: /peertube/
|
||||
state: present
|
||||
pull: yes
|
||||
|
||||
- name: fetch root password
|
||||
shell: "docker-compose -f /peertube/docker-compose.yml logs peertube | grep 'User password' | awk 'NF{ print $NF }'"
|
||||
register: password
|
||||
changed_when: False
|
||||
|
||||
- name: print root password
|
||||
debug:
|
||||
msg: "The admin login is user=root, password={{ password.stdout }}"
|
||||
when: password.stdout != ""
|
|
@ -42,6 +42,9 @@ services:
|
|||
- ./volumes/data:/data
|
||||
- /mnt/external:/data-external
|
||||
- ./volumes/config:/config
|
||||
environment:
|
||||
- PEERTUBE_DB_USERNAME=${POSTGRES_USER}
|
||||
- PEERTUBE_DB_PASSWORD=${POSTGRES_PASSWORD}
|
||||
depends_on:
|
||||
- postgres
|
||||
- redis
|
||||
|
@ -54,6 +57,9 @@ services:
|
|||
- ./volumes/db:/var/lib/postgresql/data
|
||||
labels:
|
||||
traefik.enable: "false"
|
||||
environment:
|
||||
- POSTGRES_USER=${POSTGRES_USER}
|
||||
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD}
|
||||
restart: "always"
|
||||
|
||||
redis:
|
12
templates/env
Normal file
12
templates/env
Normal file
|
@ -0,0 +1,12 @@
|
|||
PEERTUBE_WEBSERVER_HOSTNAME={{ domain }}
|
||||
PEERTUBE_WEBSERVER_PORT=443
|
||||
PEERTUBE_WEBSERVER_HTTPS=true
|
||||
PEERTUBE_TRUST_PROXY=["127.0.0.1"]
|
||||
PEERTUBE_SMTP_HOSTNAME=postfix
|
||||
PEERTUBE_SMTP_PORT=25
|
||||
PEERTUBE_SMTP_FROM=info@{{ domain }}
|
||||
PEERTUBE_SMTP_TLS=false
|
||||
PEERTUBE_ADMIN_EMAIL=info@{{ domain }}
|
||||
|
||||
POSTGRES_USER=peertube
|
||||
POSTGRES_PASSWORD={{ postgres_password }}
|
|
@ -25,7 +25,7 @@ http {
|
|||
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";
|
||||
|
||||
location / {
|
||||
proxy_pass http://peertube:9000;
|
||||
proxy_pass http://peertube:9000;
|
||||
proxy_set_header X-Real-IP $remote_addr;
|
||||
proxy_set_header Host $host;
|
||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
@ -60,7 +60,7 @@ entryPoint = "https"
|
|||
# Domains list.
|
||||
#
|
||||
[[acme.domains]]
|
||||
main = "peertube.social"
|
||||
main = "{{ domain }}"
|
||||
|
||||
# Use a HTTP-01 acme challenge rather than TLS-SNI-01 challenge
|
||||
#
|
Loading…
Reference in a new issue