From 5e79289871efc0668612f1e0ce94d779141cec5d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julian-Samuel=20Geb=C3=BChr?= Date: Wed, 1 May 2024 08:29:09 +0200 Subject: [PATCH] Custom role Notfellchen (#190) * feat: Add notfellchen * fix: Restric salt size * docs: Add notfellchen documentation * feat(notfellchen): Add sws to serve media files --------- Co-authored-by: Slavi Pantaleev --- VERSIONS.md | 2 + docs/services/notfellchen.md | 48 +++++++++++++++++++ templates/group_vars_mash_servers | 76 +++++++++++++++++++++++++++++++ templates/requirements.yml | 4 ++ 4 files changed, 130 insertions(+) create mode 100644 docs/services/notfellchen.md diff --git a/VERSIONS.md b/VERSIONS.md index 5ddcb20..db41ee0 100644 --- a/VERSIONS.md +++ b/VERSIONS.md @@ -51,6 +51,8 @@ * Netbox: v3.7.0-2.8.0 * Netbox Container Image Customizations Keycloak Sso Expiration Middleware: a2ac39b1c73a50742c6e834e89162f87528c7f73 * Nextcloud: 28.0.4 +* Notfellchen: 0.1.1 +* Notfellchen Sws: 2 * Oauth2 Proxy: v7.6.0 * Outline: 0.74.0-0 * Owncast: 0.1.2 diff --git a/docs/services/notfellchen.md b/docs/services/notfellchen.md new file mode 100644 index 0000000..622ca8b --- /dev/null +++ b/docs/services/notfellchen.md @@ -0,0 +1,48 @@ +# ILMO + +[Notfellchen](https://codeberg.org/moanos/notfellchen) is a self-hosted tool to list animals available for adoption to increase their chance of finding a forever-home. + + +**Warning**: This service is a custom solution. Feel free to use it but don't expect a solution that works for every use case. Issues with this should be filed in the [project itself](https://codeberg.org/moanos/notfellchen). + +## Dependencies + +This service requires the following other services: + +- a [Postgres](postgres.md) database +- a [Traefik](traefik.md) reverse-proxy server + + +## Configuration + +To enable this service, add the following configuration to your `vars.yml` file and re-run the [installation](../installing.md) process: + +```yaml +######################################################################## +# # +# notfellchen # +# # +######################################################################## + +notfellchen_enabled: true +notfellchen_hostname: notfellchen.example.com + +######################################################################## +# # +# /notfellchen # +# # +######################################################################## +``` + +## Setting up the first user + +You need to create a first user (unless you import an existing database). +You can do this conveniently by running + +```bash +just run-tags notfellchen-add-superuser --extra-vars=username=USERNAME --extra-vars=password=PASSWORD --extra-vars=email=EMAIL +``` + +## Usage + +After installation, you can go to the URL, as defined in `notfellchen_hostname`. Log in with the user credentials from above. diff --git a/templates/group_vars_mash_servers b/templates/group_vars_mash_servers index 7c0fd99..62c93d3 100644 --- a/templates/group_vars_mash_servers +++ b/templates/group_vars_mash_servers @@ -438,6 +438,13 @@ mash_playbook_devture_systemd_service_manager_services_list_auto_itemized: {{ ({'name': (nextcloud_identifier + '-cron.timer'), 'priority': 2500, 'groups': ['mash', 'nextcloud', 'nextcloud-cron']} if nextcloud_enabled else omit) }} # /role-specific:nextcloud + # role-specific:notfellchen + - |- + {{ ({'name': (notfellchen_identifier + '.service'), 'priority': 2000, 'groups': ['mash', 'notfellchen']} if notfellchen_enabled else omit) }} + - |- + {{ ({'name': (notfellchen_sws_identifier + '.service'), 'priority': 2000, 'groups': ['mash', 'notfellchen', 'notfellchen-sws']} if notfellchen_enabled else omit) }} + # /role-specific:notfellchen + # role-specific:mariadb - |- {{ ({'name': (mariadb_identifier + '.service'), 'priority': 500, 'groups': ['mash', 'mariadb']} if mariadb_enabled else omit) }} @@ -824,6 +831,17 @@ mash_playbook_devture_postgres_managed_databases_auto_itemized: }} # /role-specific:nextcloud + # role-specific:notfellchen + - |- + {{ + ({ + 'name': notfellchen_database_name, + 'username': notfellchen_database_username, + 'password': notfellchen_database_password, + } if notfellchen_enabled else omit) + }} + # /role-specific:notfellchen + # role-specific:outline - |- {{ @@ -3809,6 +3827,64 @@ mariadb_managed_databases_auto: "{{ mash_playbook_mariadb_managed_databases_auto # /role-specific:mariadb + +# role-specific:notfellchen +######################################################################## +# # +# notfellchen # +# # +######################################################################## + +notfellchen_enabled: false + +notfellchen_identifier: "{{ mash_playbook_service_identifier_prefix }}notfellchen" + +notfellchen_base_path: "{{ mash_playbook_base_path }}/{{ mash_playbook_service_base_directory_name_prefix }}notfellchen" + +notfellchen_uid: "{{ mash_playbook_uid }}" +notfellchen_gid: "{{ mash_playbook_gid }}" + +notfellchen_secret: "{{ '%s' | format(mash_playbook_generic_secret_key) | password_hash('sha512', 'secret.nf', rounds=655555) | to_uuid }}" + +notfellchen_database_host: "{{ devture_postgres_identifier if devture_postgres_enabled else '' }}" +notfellchen_database_port: "{{ '5432' if devture_postgres_enabled else '' }}" +notfellchen_database_password: "{{ '%s' | format(mash_playbook_generic_secret_key) | password_hash('sha512', 'db.nf', rounds=655555) | to_uuid }}" +notfellchen_database_username: "notfellchen" + +notfellchen_systemd_required_services_list: | + {{ + (['docker.service']) + + + ([devture_postgres_identifier ~ '.service'] if devture_postgres_enabled and notfellchen_database_host == devture_postgres_identifier else []) + }} + +notfellchen_container_additional_networks: | + {{ + ([mash_playbook_reverse_proxyable_services_additional_network] if mash_playbook_reverse_proxyable_services_additional_network else []) + + + ([devture_postgres_container_network] if devture_postgres_enabled and notfellchen_database_host == devture_postgres_identifier and notfellchen_container_network != devture_postgres_container_network else []) + }} + +notfellchen_container_labels_traefik_enabled: "{{ mash_playbook_traefik_labels_enabled }}" +notfellchen_container_labels_traefik_docker_network: "{{ mash_playbook_reverse_proxyable_services_additional_network }}" +notfellchen_container_labels_traefik_entrypoints: "{{ devture_traefik_entrypoint_primary }}" +notfellchen_container_labels_traefik_tls_certResolver: "{{ devture_traefik_certResolver_primary }}" + +notfellchen_sws_container_labels_traefik_enabled: "{{ notfellchen_container_labels_traefik_enabled }}" +notfellchen_sws_container_labels_traefik_docker_network: "{{ notfellchen_container_labels_traefik_docker_network }}" +notfellchen_sws_container_labels_traefik_entrypoints: "{{ notfellchen_container_labels_traefik_entrypoints }}" +notfellchen_sws_container_labels_traefik_tls_certResolver: "{{ notfellchen_container_labels_traefik_tls_certResolver }}" + + +######################################################################## +# # +# /notfellchen # +# # +######################################################################## +# /role-specific:notfellchen + + + # role-specific:outline ######################################################################## # # diff --git a/templates/requirements.yml b/templates/requirements.yml index 79776b4..58c290d 100644 --- a/templates/requirements.yml +++ b/templates/requirements.yml @@ -212,6 +212,10 @@ version: v28.0.4-0 name: nextcloud activation_prefix: nextcloud_ +- src: git+https://codeberg.org/moanos/ansible-role-notfellchen.git + version: v0.1.0-2 + name: notfellchen + activation_prefix: notfellchen_ - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-oauth2-proxy.git version: v7.6.0-1 name: oauth2_proxy