mirror of
https://github.com/samuelclay/NewsBlur.git
synced 2025-09-18 21:50:56 +00:00
188 lines
5.1 KiB
YAML
188 lines
5.1 KiB
YAML
---
|
|
# - name: Ensure 'nb' user owns /srv/ recursively
|
|
# become: yes
|
|
# file:
|
|
# path: /srv
|
|
# owner: nb
|
|
# group: nb
|
|
# recurse: yes
|
|
# state: directory
|
|
|
|
- name: Copy node secrets
|
|
copy:
|
|
src: /srv/secrets-newsblur/settings/node_settings.env
|
|
dest: /srv/newsblur/node/.env
|
|
register: app_changed
|
|
notify: restart node
|
|
with_items:
|
|
- node-socket
|
|
- node-page
|
|
- node-text
|
|
- node-favicons
|
|
- staging
|
|
when: item in inventory_hostname
|
|
|
|
- name: Add SERVER_NAME to app secrets
|
|
lineinfile:
|
|
path: /srv/newsblur/node/.env
|
|
create: yes
|
|
mode: 0600
|
|
line: 'SERVER_NAME = "{{ inventory_hostname }}"'
|
|
|
|
- name: Copy imageproxy secrets
|
|
copy:
|
|
src: /srv/secrets-newsblur/settings/imageproxy.key
|
|
dest: /srv/imageproxy.key
|
|
register: app_changed
|
|
notify: restart node
|
|
with_items:
|
|
- node-images
|
|
- staging
|
|
when: item in inventory_hostname
|
|
|
|
- name: Setup crontab to restart imageproxy daily
|
|
become: yes
|
|
cron:
|
|
name: restart_imageproxy
|
|
user: root
|
|
cron_file: /etc/cron.daily/restart_imageproxy
|
|
job: >-
|
|
docker restart imageproxy
|
|
with_items:
|
|
- node-images
|
|
- staging
|
|
when: item in inventory_hostname
|
|
tags: restart_imageproxy
|
|
|
|
- name: Get the volume name
|
|
shell: ls /dev/disk/by-id/ | grep -v part
|
|
register: volume_name_raw
|
|
when: '"node-page" in inventory_hostname and not inventory_hostname.startswith("hnode")'
|
|
|
|
- set_fact:
|
|
volume_name: "{{ volume_name_raw.stdout }}"
|
|
when: '"node-page" in inventory_hostname and not inventory_hostname.startswith("hnode")'
|
|
|
|
- debug:
|
|
msg: "{{ volume_name }}"
|
|
when: '"node-page" in inventory_hostname and not inventory_hostname.startswith("hnode")'
|
|
|
|
- name: Create the mount point
|
|
become: yes
|
|
file:
|
|
path: "/mnt/{{ inventory_hostname | regex_replace('-', '') }}"
|
|
state: directory
|
|
when: '"node-page" in inventory_hostname and not inventory_hostname.startswith("hnode")'
|
|
|
|
- name: Mount volume read-write
|
|
become: yes
|
|
mount:
|
|
path: "/mnt/{{ inventory_hostname | regex_replace('-', '') }}"
|
|
src: "/dev/disk/by-id/{{ volume_name }}"
|
|
fstype: xfs
|
|
opts: defaults,discard
|
|
state: mounted
|
|
when: '"node-page" in inventory_hostname and not inventory_hostname.startswith("hnode")'
|
|
|
|
- name: Symlink node-page volume from /srv/originals
|
|
become: yes
|
|
file:
|
|
dest: /srv/originals
|
|
src: "/mnt/{{ inventory_hostname | regex_replace('-', '') }}"
|
|
state: link
|
|
when: '"node-page" in inventory_hostname and not inventory_hostname.startswith("hnode")'
|
|
|
|
- name: Start node docker containers
|
|
docker_container:
|
|
name: node
|
|
image: newsblur/newsblur_node
|
|
state: started
|
|
command: node /srv/node/newsblur.js
|
|
container_default_behavior: no_defaults
|
|
pull: true
|
|
networks_cli_compatible: yes
|
|
network_mode: default
|
|
hostname: "{{ inventory_hostname }}"
|
|
log_driver: json-file
|
|
log_options:
|
|
max-size: 100m
|
|
networks:
|
|
- name: newsblurnet
|
|
ports:
|
|
- "8008:8008"
|
|
env:
|
|
NODE_ENV: "production"
|
|
restart_policy: unless-stopped
|
|
volumes:
|
|
- /srv/newsblur/node:/srv/node
|
|
- /srv/originals:/srv/originals
|
|
- "/mnt/{{ inventory_hostname | regex_replace('-', '') }}:/mnt/{{ inventory_hostname | regex_replace('-', '') }}"
|
|
with_items:
|
|
- node-socket
|
|
- node-page
|
|
- node-text
|
|
- node-favicons
|
|
- staging
|
|
when: item in inventory_hostname
|
|
|
|
- name: Start non-newsblur node docker containers
|
|
docker_container:
|
|
name: "{{ item.container_name }}"
|
|
image: "{{ item.image }}"
|
|
state: started
|
|
container_default_behavior: no_defaults
|
|
hostname: "{{ inventory_hostname }}"
|
|
pull: true
|
|
ports:
|
|
- "{{ item.ports }}"
|
|
env:
|
|
NODE_ENV: "production"
|
|
IMAGEPROXY_CACHE: "memory:200:4h"
|
|
IMAGEPROXY_SIGNATUREKEY: "@/srv/imageproxy.key"
|
|
IMAGEPROXY_VERBOSE: "1"
|
|
restart_policy: unless-stopped
|
|
volumes:
|
|
- /srv/newsblur/node:/srv/node
|
|
- /srv/imageproxy.key:/srv/imageproxy.key
|
|
with_items:
|
|
- container_name: imageproxy
|
|
image: ghcr.io/willnorris/imageproxy
|
|
ports: 8088:8080
|
|
target_host: node-images
|
|
when: item.target_host in inventory_hostname
|
|
|
|
- name: Register nodes in consul
|
|
tags: consul
|
|
become: yes
|
|
template:
|
|
src: consul_service.json
|
|
dest: /etc/consul.d/{{item.target_host}}.json
|
|
with_items:
|
|
- target_host: node-socket
|
|
port: 8008
|
|
- target_host: node-page
|
|
port: 8008
|
|
- target_host: node-text
|
|
port: 8008
|
|
- target_host: node-favicons
|
|
port: 8008
|
|
- target_host: node-images
|
|
port: 8088
|
|
notify:
|
|
- reload consul
|
|
when: item.target_host in inventory_hostname and disable_consul_services_ie_staging is not defined
|
|
|
|
- name: Add sanity checkers cronjob for disk usage
|
|
become: yes
|
|
cron:
|
|
name: disk_usage_sanity_checker
|
|
user: root
|
|
cron_file: /etc/cron.hourly/disk_usage_sanity_checker
|
|
job: >-
|
|
docker pull newsblur/newsblur_python3:latest;
|
|
docker run --rm -it
|
|
OUTPUT=$(eval sudo df / | head -n 2 | tail -1);
|
|
-v /srv/newsblur:/srv/newsblur
|
|
--network=newsblurnet
|
|
--hostname {{ ansible_hostname }}
|
|
newsblur/newsblur_python3 /srv/newsblur/utils/monitor_disk_usage.py $OUTPUT
|