Add container wishlist and cronjobs role

merge

playbooks/heyer.systems/docker1.yml

@@ -17,6 +17,11 @@
         - syslog
         - system
 
+    - role: server_install_cronjobs
+      tags:
+        - cronjobs
+        - system
+
     - role: deploy_container_traefik
       tags:
         - traefik
@@ -26,3 +31,8 @@
       tags:
         - homepage
         - docker-container
+
+    - role: deploy_container_wishlist
+      tags:
+        - wishlist
+        - docker-container

roles/deploy_container_koito/defaults/main.yml

@@ -0,0 +1,4 @@
+container_koito_version: latest
+container_koito_domain: music.heyer.systems
+container_koito_directory: /opt/docker/koito
+container_koito_db_password: "super_secret_db_password"

roles/deploy_container_koito/tasks/main.yml

@@ -0,0 +1,27 @@
+---
+- name: Ensure data directories exist
+  ansible.builtin.file:
+    path: "{{ container_koito_directory }}/data/{{ item }}"
+    state: directory
+    mode: '0755'
+  loop:
+    - "db"
+    - "koito"
+  become: false
+
+- name: Deploy Docker Compose and .env files
+  ansible.builtin.template:
+    src: "{{ item.src }}"
+    dest: "{{ container_koito_directory }}/{{ item.dest }}"
+    mode: '0644'
+  loop:
+    - { src: 'docker-compose.yml.j2', dest: 'docker-compose.yml' }
+    - { src: '.env.j2', dest: '.env' }
+  become: false
+
+- name: Start Container
+  community.docker.docker_compose_v2:
+    project_src: "{{ container_koito_directory }}"
+    pull: always
+    docker_host: "unix:///run/user/1000/docker.sock"
+  become: false

roles/deploy_container_koito/templates/.env.j2

@@ -0,0 +1,3 @@
+KOITO_VERSION={{ container_koito_version }}
+KOITO_DOMAIN={{ container_koito_domain }}
+KOITO_DB_PASSWORD={{ container_koito_db_password}}

roles/deploy_container_koito/templates/docker-compose.yml.j2

@@ -0,0 +1,47 @@
+---
+services:
+  koito:
+    image: gabehf/koito:${KOITO_VERSION}
+    container_name: koito
+    depends_on:
+      - db
+    networks:
+      - traefik
+      - koito
+    environment:
+      - KOITO_DATABASE_URL=postgres://postgres:${KOITO_DB_PASSWORD}@db:5432/koitodb?sslmode=disable
+      - KOITO_ALLOWED_HOSTS=${KOITO_DOMAIN}
+    volumes:
+      - ./data/koito:/etc/koito
+    labels:
+      - "traefik.enable=true"
+      - "traefik.docker.network=traefik"
+      - "traefik.http.routers.koito.entrypoints=http"
+      - "traefik.http.routers.koito.rule=Host(`${KOITO_DOMAIN}`)"
+      - "traefik.http.middlewares.koito-https-redirect.redirectscheme.scheme=https"
+      - "traefik.http.routers.koito.middlewares=koito-https-redirect"
+      - "traefik.http.routers.koito-secure.entrypoints=https"
+      - "traefik.http.routers.koito-secure.rule=Host(`${KOITO_DOMAIN}`)"
+      - "traefik.http.routers.koito-secure.tls=true"
+      - "traefik.http.routers.koito-secure.service=koito"
+      - "traefik.http.services.koito.loadbalancer.server.port=4110"
+    restart: unless-stopped
+
+  db:
+    image: postgres:16
+    container_name: koito-db
+    restart: unless-stopped
+    networks:
+      - koito
+    environment:
+      POSTGRES_DB: koitodb
+      POSTGRES_USER: postgres
+      POSTGRES_PASSWORD: ${KOITO_DB_PASSWORD}
+    volumes:
+      - ./data/db:/var/lib/postgresql/data
+
+networks:
+  traefik:
+    external: true
+  koito:
+    driver: bridge

roles/deploy_container_wishlist/defaults/main.yml

@@ -0,0 +1,41 @@
+container_wishlist_url: "wishlist.example.com"
+container_wishlist_version: "latest"
+container_wishlist_directory: "/opt/docker/wishlist"
+
+container_wishlist_db_prefix: "dbs/"
+container_wishlist_db_log_file: "/dev/null"
+container_wishlist_default_failure_redirect: "/login"
+container_wishlist_port: 80
+container_wishlist_db_expose_port: ""
+container_wishlist_proxy_server: ""
+container_wishlist_secret: ""
+container_wishlist_session_max_age: 604800000
+container_wishlist_site_title: "Christmas Community"
+container_wishlist_short_title: "Christmas"
+container_wishlist_root_url: "/"
+container_wishlist_trust_proxy: "loopback"
+container_wishlist_bulmaswatch: "default"
+container_wishlist_update_check: "true"
+container_wishlist_pfp: "true"
+container_wishlist_language: "de-DE"
+
+container_wishlist_single_list: "false"
+container_wishlist_lists_public: "false"
+container_wishlist_table: "true"
+container_wishlist_markdown: "false"
+
+container_wishlist_custom_html_login: ""
+container_wishlist_custom_html_wishlists: ""
+container_wishlist_custom_css: ""
+
+container_wishlist_google_client_id: ""
+container_wishlist_google_client_secret: ""
+
+container_wishlist_oidc_client_id: ""
+container_wishlist_oidc_client_secret: ""
+container_wishlist_oidc_authorization_url: "https://accounts.google.com/o/oauth2/auth"
+container_wishlist_oidc_token_url: "https://oauth2.googleapis.com/token"
+container_wishlist_oidc_issuer: "https://accounts.google.com"
+container_wishlist_oidc_provider_name: "Google"
+
+container_wishlist_upload_pfp_max_size: 5

roles/deploy_container_wishlist/tasks/main.yml

@@ -0,0 +1,24 @@
+---
+- name: Ensure data directories exist
+  ansible.builtin.file:
+    path: "{{ container_wishlist_directory }}/data"
+    state: directory
+    mode: '0755'
+  become: false
+
+- name: Deploy Docker Compose and .env files
+  ansible.builtin.template:
+    src: "{{ item.src }}"
+    dest: "{{ container_wishlist_directory }}/{{ item.dest }}"
+    mode: '0644'
+  loop:
+    - { src: 'docker-compose.yml.j2', dest: 'docker-compose.yml' }
+    - { src: '.env.j2', dest: '.env' }
+  become: false
+
+- name: Start Container
+  community.docker.docker_compose_v2:
+    project_src: "{{ container_wishlist_directory }}"
+    pull: always
+    docker_host: "unix:///run/user/1000/docker.sock"
+  become: false

roles/deploy_container_wishlist/templates/.env.j2

@@ -0,0 +1,49 @@
+## Traefik and Docker Options
+WISHLIST_URL={{ container_wishlist_url }}
+WISHLIST_VERSION={{ container_wishlist_version }}
+
+## Core Settings
+DB_PREFIX={{ container_wishlist_db_prefix }}
+DB_LOG_FILE={{ container_wishlist_db_log_file }}
+DEFAULT_FAILURE_REDIRECT={{ container_wishlist_default_failure_redirect }}
+PORT={{ container_wishlist_port }}
+DB_EXPOSE_PORT={{ container_wishlist_db_expose_port }}
+PROXY_SERVER={{ container_wishlist_proxy_server }}
+SECRET={{ container_wishlist_secret }}
+SESSION_MAX_AGE={{ container_wishlist_session_max_age }}
+SITE_TITLE={{ container_wishlist_site_title }}
+SHORT_TITLE={{ container_wishlist_short_title }}
+ROOT_URL={{ container_wishlist_root_url }}
+TRUST_PROXY={{ container_wishlist_trust_proxy }}
+BULMASWATCH={{ container_wishlist_bulmaswatch }}
+UPDATE_CHECK={{ container_wishlist_update_check }}
+PFP={{ container_wishlist_pfp }}
+LANGUAGE={{ container_wishlist_language }}
+
+## Wishlist Settings
+SINGLE_LIST={{ container_wishlist_single_list }}
+LISTS_PUBLIC={{ container_wishlist_lists_public }}
+TABLE={{ container_wishlist_table }}
+MARKDOWN={{ container_wishlist_markdown }}
+
+## Custom HTML Snippets
+CUSTOM_HTML_LOGIN={{ container_wishlist_custom_html_login | default('') }}
+CUSTOM_HTML_WISHLISTS={{ container_wishlist_custom_html_wishlists | default('') }}
+
+## Custom CSS
+CUSTOM_CSS={{ container_wishlist_custom_css | default('') }}
+
+## Google Client Details
+GOOGLE_CLIENT_ID={{ container_wishlist_google_client_id | default('') }}
+GOOGLE_CLIENT_SECRET={{ container_wishlist_google_client_secret | default('') }}
+
+## OIDC Provider Details
+OIDC_CLIENT_ID={{ container_wishlist_oidc_client_id | default('') }}
+OIDC_CLIENT_SECRET={{ container_wishlist_oidc_client_secret | default('') }}
+OIDC_AUTHORIZATION_URL={{ container_wishlist_oidc_authorization_url | default('') }}
+OIDC_TOKEN_URL={{ container_wishlist_oidc_token_url | default('') }}
+OIDC_ISSUER={{ container_wishlist_oidc_issuer | default('') }}
+OIDC_PROVIDER_NAME={{ container_wishlist_oidc_provider_name | default('') }}
+
+## Profile picture upload max size in MB
+UPLOAD_PFP_MAX_SIZE={{ container_wishlist_upload_pfp_max_size }}

roles/deploy_container_wishlist/templates/docker-compose.yml.j2

@@ -0,0 +1,38 @@
+---
+services:
+  christmas-community:
+    image: wingysam/christmas-community:latest
+    container_name: wishlist
+    restart: always
+    volumes:
+      - ./data:/data
+    networks:
+      - traefik
+    environment:
+      SMILE: 'true'
+      # Table mode, set to 'false' to revert to box mode
+      TABLE: 'true'
+      # Single list mode
+      # (for weddings, birthdays, etc. only the admin account's list is accessible)
+      # Set to 'true' to enable
+      SINGLE_LIST: 'false'
+      # Some websites (like walmart) send headers that are larger than 8MB in
+      # length. If issues are encountered, set the node.js limit to a higher
+      # number than 8192
+      #NODE_OPTIONS: "--max-http-header-size=32768"
+    labels:
+      - "traefik.enable=true"
+      - "traefik.http.routers.wishlist.entrypoints=http"
+      - "traefik.http.routers.wishlist.rule=Host(`${WISHLIST_URL}`)"
+      - "traefik.http.middlewares.wishlist-https-redirect.redirectscheme.scheme=https"
+      - "traefik.http.routers.wishlist.middlewares=wishlist-https-redirect"
+      - "traefik.http.routers.wishlist-secure.entrypoints=https"
+      - "traefik.http.routers.wishlist-secure.rule=Host(`${WISHLIST_URL}`)"
+      - "traefik.http.routers.wishlist-secure.tls=true"
+      - "traefik.http.routers.wishlist-secure.service=wishlist"
+      - "traefik.http.services.wishlist.loadbalancer.server.port=80"
+      - "traefik.docker.network=traefik"
+
+networks:
+  traefik:
+    external: true

roles/server_install_cronjobs/defaults/main.yml

@@ -0,0 +1,4 @@
+server_install_cronjobs_directory: /etc/cron.d
+server_install_cronjobs_files:
+  - src: "{{ inventory_dir }}/host_files/{{ inventory_hostname }}/server_install_cronjobs_files/your_cronjob"
+    dest: "your_cronjob"

roles/server_install_cronjobs/tasks/main.yml

@@ -0,0 +1,24 @@
+- name: Update cache
+  ansible.builtin.apt:
+    update_cache: true
+    cache_valid_time: 3600
+
+- name: Install Cron
+  ansible.builtin.apt:
+    name: cron
+    state: present
+
+- name: Activate Cron
+  ansible.builtin.service:
+    name: cron
+    enabled: true
+    state: started
+
+- name: Copy Cronjob-Files to Host 
+  ansible.builtin.copy:
+    src: "{{ item.src }}"
+    dest: "{{ server_install_cronjobs_directory }}/{{ item.dest }}"
+    owner: root
+    group: root
+    mode: '0644'
+  loop: "{{ server_install_cronjobs_files }}"