diff --git a/.ansible/deploy.yaml b/.ansible/deploy.yaml index 5e635c3..9db3ade 100644 --- a/.ansible/deploy.yaml +++ b/.ansible/deploy.yaml @@ -2,8 +2,11 @@ - hosts: tools strategy: linear - tasks: - - import_role: + - include_role: + name: common + tasks_from: make_data_dir + + - include_role: name: docker_deploy diff --git a/.ansible/group_vars/all/drone.yaml b/.ansible/group_vars/all/drone.yaml deleted file mode 100644 index fa8709d..0000000 --- a/.ansible/group_vars/all/drone.yaml +++ /dev/null @@ -1,10 +0,0 @@ -drone_branch: '{{ lookup("env", "DRONE_BRANCH") }}' -drone_build_created: '{{ lookup("env", "DRONE_BUILD_CREATED") }}' -drone_build_event: '{{ lookup("env", "DRONE_BUILD_EVENT") }}' -drone_build_link: '{{ lookup("env", "DRONE_BUILD_LINK") }}' -drone_build_number: '{{ lookup("env", "DRONE_BUILD_NUMBER") }}' -drone_build_started: '{{ lookup("env", "DRONE_BUILD_STARTED") }}' -drone_commit: '{{ lookup("env", "DRONE_COMMIT") }}' -drone_commit_link: '{{ lookup("env", "DRONE_COMMIT_LINK") }}' -drone_tag: '{{ lookup("env", "DRONE_TAG") }}' -drone_repo_visibility: '{{ lookup("env", "DRONE_REPO_VISIBILITY") }}' diff --git a/.ansible/group_vars/all/git.yaml b/.ansible/group_vars/all/git.yaml deleted file mode 100644 index cd7bdbe..0000000 --- a/.ansible/group_vars/all/git.yaml +++ /dev/null @@ -1,8 +0,0 @@ -git_owner: '{{ lookup("env", "DRONE_REPO_NAMESPACE") }}' -git_repository: '{{ lookup("env", "DRONE_REPO_NAME") }}' -git_branch: '{{ "production" if git_tag else drone_branch }}' -git_version: '{{ git_tag if git_tag else drone_branch }}' -git_tag: '{{ drone_tag }}' -git_commit: '{{ drone_commit }}' -git_commit_link: '{{ drone_commit_link }}' -git_repository_url: '{{ lookup("env", "DRONE_REPO_LINK") }}' diff --git a/.ansible/group_vars/all/main.yaml b/.ansible/group_vars/all/main.yaml deleted file mode 100644 index 44b3137..0000000 --- a/.ansible/group_vars/all/main.yaml +++ /dev/null @@ -1,19 +0,0 @@ -codename: organizr - -# directories -directories_ansible: '{{ playbook_dir }}' -directories_build: ~/drone_builds -directories_docker_socket: /var/run/docker.sock -directories_files: '{{ directories_home }}/.diesel/{{ git_repository }}/{{ git_branch }}/files' -directories_home: '{{ ansible_env.HOME }}' -directories_roles: '{{ directories_ansible }}/roles' -directories_src: /drone/src/ -directories_ssl_certificates: '/etc/ssl/certs/' -directories_ssl_certificates_file: '{{ directories_ssl_certificates }}ca-certificates.crt' -directories_ssl_certificates_host: '{{ directories_ssl_certificates }}' - - -# routers/middleware -repo_branch: '{{ git_repository }}-{{ git_branch }}' -proxy_router_main: '{{ repo_branch }}-main' -proxy_router_main_strip: '{{ repo_branch }}-main-strip' diff --git a/.ansible/inventory/development/group_vars/tools/config.yaml b/.ansible/inventory/development/group_vars/tools/config.yaml index 018e46d..2b49ee1 100644 --- a/.ansible/inventory/development/group_vars/tools/config.yaml +++ b/.ansible/inventory/development/group_vars/tools/config.yaml @@ -1,2 +1,2 @@ -signups_allowed: no +signups_allowed: yes admin_token: admin diff --git a/.ansible/inventory/development/group_vars/tools/proxy.yaml b/.ansible/inventory/development/group_vars/tools/proxy.yaml index 1409af3..179a79a 100644 --- a/.ansible/inventory/development/group_vars/tools/proxy.yaml +++ b/.ansible/inventory/development/group_vars/tools/proxy.yaml @@ -1,2 +1 @@ -proxy_domains: - - bitwarden.dev.diesel.net +proxy_domain: bitwarden.dev.diesel.net diff --git a/.ansible/inventory/production/group_vars/tools/proxy.yaml b/.ansible/inventory/production/group_vars/tools/proxy.yaml index 9606661..3dec846 100644 --- a/.ansible/inventory/production/group_vars/tools/proxy.yaml +++ b/.ansible/inventory/production/group_vars/tools/proxy.yaml @@ -1,2 +1 @@ -proxy_domains: - - bitwarden.diesel.net +proxy_domain: bitwarden.diesel.net diff --git a/.ansible/roles/requirements.yaml b/.ansible/roles/requirements.yaml index 8883c20..c221c23 100644 --- a/.ansible/roles/requirements.yaml +++ b/.ansible/roles/requirements.yaml @@ -1,4 +1,9 @@ - name: docker_deploy scm: git src: "git@github.com:Diesel-Net/ansible-role-docker-deploy.git" - version: "1.0.3" + version: 1.1.0 + +- name: common + scm: git + src: "git@github.com:Diesel-Net/ansible-role-common.git" + version: 1.0.0 diff --git a/.ansible/templates/docker-compose.yaml.j2 b/.ansible/templates/docker-compose.yaml.j2 index 7e0ad69..fbc565a 100644 --- a/.ansible/templates/docker-compose.yaml.j2 +++ b/.ansible/templates/docker-compose.yaml.j2 @@ -8,33 +8,33 @@ services: image: bitwardenrs/server:latest volumes: - /etc/localtime:/etc/localtime - - /etc/ssl/certs/:/etc/ssl/certs/ - - {{ directories_data }}:/data/ + - {{ ssl_cert_dir }}:/etc/ssl/certs/ + - {{ data_dir }}:/data/ environment: - SIGNUPS_ALLOWED={{ signups_allowed | string | lower }} - ADMIN_TOKEN={{ admin_token }} - - DOMAIN=https://{{ proxy_domains[0] }} + - DOMAIN=https://{{ proxy_domain }} deploy: labels: - traefik.enable=true - - traefik.docker.network=traefik + - traefik.docker.network={{ docker_network }} - traefik.http.middlewares.redirect-https.redirectScheme.scheme=https - traefik.http.middlewares.redirect-https.redirectScheme.permanent=true - - traefik.http.routers.bitwarden-ui-https.rule=Host(`{{ proxy_domains | join('`,`') }}`) + - traefik.http.routers.bitwarden-ui-https.rule=Host(`{{ proxy_domain }}`) - traefik.http.routers.bitwarden-ui-https.entrypoints=websecure - traefik.http.routers.bitwarden-ui-https.tls=true - traefik.http.routers.bitwarden-ui-https.service=bitwarden-ui - - traefik.http.routers.bitwarden-ui-http.rule=Host(`{{ proxy_domains | join('`,`') }}`) + - traefik.http.routers.bitwarden-ui-http.rule=Host(`{{ proxy_domain }}`) - traefik.http.routers.bitwarden-ui-https.tls.certresolver=step-ca - traefik.http.routers.bitwarden-ui-http.entrypoints=web - traefik.http.routers.bitwarden-ui-http.middlewares=redirect-https - traefik.http.routers.bitwarden-ui-http.service=bitwarden-ui - traefik.http.services.bitwarden-ui.loadbalancer.server.port=80 - - traefik.http.routers.bitwarden-websocket-https.rule=Host(`{{ proxy_domains | join('`,`') }}`) && Path(`/notifications/hub`) + - traefik.http.routers.bitwarden-websocket-https.rule=Host(`{{ proxy_domain }}`) && Path(`/notifications/hub`) - traefik.http.routers.bitwarden-websocket-https.entrypoints=websecure - traefik.http.routers.bitwarden-websocket-https.tls=true - traefik.http.routers.bitwarden-websocket-https.service=bitwarden-websocket - - traefik.http.routers.bitwarden-websocket-http.rule=Host(`{{ proxy_domains | join('`,`') }}`) && Path(`/notifications/hub`) + - traefik.http.routers.bitwarden-websocket-http.rule=Host(`{{ proxy_domain }}`) && Path(`/notifications/hub`) - traefik.http.routers.bitwarden-websocket-http.entrypoints=web - traefik.http.routers.bitwarden-websocket-http.middlewares=redirect-https - traefik.http.routers.bitwarden-websocket-http.service=bitwarden-websocket diff --git a/.drone.yaml b/.drone.yaml index 7715270..3bb50d2 100644 --- a/.drone.yaml +++ b/.drone.yaml @@ -1,4 +1,5 @@ --- + kind: pipeline type: docker name: development pipeline @@ -25,7 +26,9 @@ trigger: - development event: - push + --- + kind: pipeline type: docker name: production pipeline