diff --git a/ansible/roles/our/tasks/stack.yml b/ansible/roles/our/tasks/stack.yml index 24cbdbf..ada22e1 100644 --- a/ansible/roles/our/tasks/stack.yml +++ b/ansible/roles/our/tasks/stack.yml @@ -31,21 +31,8 @@ loop: - compose.production.yaml -- name: Load environment variables - set_fact: - our_env_vars: "{{ lookup('community.general.read_dotenv', '../../../../.env.production') }}" - -- name: Create Docker secrets dynamically - when: inventory_hostname == (groups['swarm'] | first) - community.docker.docker_secret: - name: "{{ item.key }}" - data: "{{ item.value | b64encode }}" - data_is_b64: true - state: present - loop: "{{ our_env_vars | dict2items }}" - - name: Deploy stack - when: inventory_hostname == groups['swarm'] | first + when: inventory_hostname == (groups['swarm'] | first) community.docker.docker_stack: state: present name: our @@ -54,53 +41,53 @@ - services: environment: server: - DATABASE_URL: "{{ our_env_vars.DATABASE_URL }}" - NODE_ENV: "{{ our_env_vars.NODE_ENV }}" - ORIGIN: "{{ our_env_vars.ORIGIN }}" - PATREON_API_ORIGIN: "{{ our_env_vars.PATREON_API_ORIGIN }}" - PATREON_AUTHORIZE_PATH: "{{ our_env_vars.PATREON_AUTHORIZE_PATH }}" - PATREON_TOKEN_PATH: "{{ our_env_vars.PATREON_TOKEN_PATH }}" - PATREON_CLIENT_ID: "{{ our_env_vars.PATREON_CLIENT_ID }}" - PATREON_CLIENT_SECRET: "{{ our_env_vars.PATREON_CLIENT_SECRET }}" - COOKIE_SECRET: "{{ our_env_vars.COOKIE_SECRET }}" - S3_REGION: "{{ our_env_vars.S3_REGION }}" - S3_BUCKET: "{{ our_env_vars.S3_BUCKET }}" - S3_APPLICATION_KEY: "{{ our_env_vars.S3_APPLICATION_KEY }}" - S3_KEY_ID: "{{ our_env_vars.S3_KEY_ID }}" - S3_ENDPOINT: "{{ our_env_vars.S3_ENDPOINT }}" - CDN_ORIGIN: "{{ our_env_vars.CDN_ORIGIN }}" - CDN_TOKEN_SECRET: "{{ our_env_vars.CDN_TOKEN_SECRET }}" - WHISPER_DIR: "{{ our_env_vars.WHISPER_DIR }}" - B2_APPLICATION_KEY_ID: "{{ our_env_vars.B2_APPLICATION_KEY_ID }}" - B2_APPLICATION_KEY: "{{ our_env_vars.B2_APPLICATION_KEY }}" - SEEDBOX_SFTP_URL: "{{ our_env_vars.SEEDBOX_SFTP_URL }}" - SEEDBOX_SFTP_USERNAME: "{{ our_env_vars.SEEDBOX_SFTP_USERNAME }}" - SEEDBOX_SFTP_PASSWORD: "{{ our_env_vars.SEEDBOX_SFTP_PASSWORD }}" + DATABASE_URL: "{{ lookup('dotenv', 'DATABASE_URL', file='../../../../.env.production') }}" + NODE_ENV: "{{ lookup('dotenv', 'NODE_ENV', file='../../../../.env.production') }}" + ORIGIN: "{{ lookup('dotenv', 'ORIGIN', file='../../../../.env.production') }}" + PATREON_API_ORIGIN: "{{ lookup('dotenv', 'PATREON_API_ORIGIN', file='../../../../.env.production') }}" + PATREON_AUTHORIZE_PATH: "{{ lookup('dotenv', 'PATREON_AUTHORIZE_PATH', file='../../../../.env.production') }}" + PATREON_TOKEN_PATH: "{{ lookup('dotenv', 'PATREON_TOKEN_PATH', file='../../../../.env.production') }}" + PATREON_CLIENT_ID: "{{ lookup('dotenv', 'PATREON_CLIENT_ID', file='../../../../.env.production') }}" + PATREON_CLIENT_SECRET: "{{ lookup('dotenv', 'PATREON_CLIENT_SECRET', file='../../../../.env.production') }}" + COOKIE_SECRET: "{{ lookup('dotenv', 'COOKIE_SECRET', file='../../../../.env.production') }}" + S3_REGION: "{{ lookup('dotenv', 'S3_REGION', file='../../../../.env.production') }}" + S3_BUCKET: "{{ lookup('dotenv', 'S3_BUCKET', file='../../../../.env.production') }}" + S3_APPLICATION_KEY: "{{ lookup('dotenv', 'S3_APPLICATION_KEY', file='../../../../.env.production') }}" + S3_KEY_ID: "{{ lookup('dotenv', 'S3_KEY_ID', file='../../../../.env.production') }}" + S3_ENDPOINT: "{{ lookup('dotenv', 'S3_ENDPOINT', file='../../../../.env.production') }}" + CDN_ORIGIN: "{{ lookup('dotenv', 'CDN_ORIGIN', file='../../../../.env.production') }}" + CDN_TOKEN_SECRET: "{{ lookup('dotenv', 'CDN_TOKEN_SECRET', file='../../../../.env.production') }}" + WHISPER_DIR: "{{ lookup('dotenv', 'WHISPER_DIR', file='../../../../.env.production') }}" + B2_APPLICATION_KEY_ID: "{{ lookup('dotenv', 'B2_APPLICATION_KEY_ID', file='../../../../.env.production') }}" + B2_APPLICATION_KEY: "{{ lookup('dotenv', 'B2_APPLICATION_KEY', file='../../../../.env.production') }}" + SEEDBOX_SFTP_URL: "{{ lookup('dotenv', 'SEEDBOX_SFTP_URL', file='../../../../.env.production') }}" + SEEDBOX_SFTP_USERNAME: "{{ lookup('dotenv', 'SEEDBOX_SFTP_USERNAME', file='../../../../.env.production') }}" + SEEDBOX_SFTP_PASSWORD: "{{ lookup('dotenv', 'SEEDBOX_SFTP_PASSWORD', file='../../../../.env.production') }}" worker: - DATABASE_URL: "{{ our_env_vars.DATABASE_URL }}" - NODE_ENV: "{{ our_env_vars.NODE_ENV }}" - ORIGIN: "{{ our_env_vars.ORIGIN }}" - PATREON_API_ORIGIN: "{{ our_env_vars.PATREON_API_ORIGIN }}" - PATREON_AUTHORIZE_PATH: "{{ our_env_vars.PATREON_AUTHORIZE_PATH }}" - PATREON_TOKEN_PATH: "{{ our_env_vars.PATREON_TOKEN_PATH }}" - PATREON_CLIENT_ID: "{{ our_env_vars.PATREON_CLIENT_ID }}" - PATREON_CLIENT_SECRET: "{{ our_env_vars.PATREON_CLIENT_SECRET }}" - COOKIE_SECRET: "{{ our_env_vars.COOKIE_SECRET }}" - S3_REGION: "{{ our_env_vars.S3_REGION }}" - S3_BUCKET: "{{ our_env_vars.S3_BUCKET }}" - S3_APPLICATION_KEY: "{{ our_env_vars.S3_APPLICATION_KEY }}" - S3_KEY_ID: "{{ our_env_vars.S3_KEY_ID }}" - S3_ENDPOINT: "{{ our_env_vars.S3_ENDPOINT }}" - CDN_ORIGIN: "{{ our_env_vars.CDN_ORIGIN }}" - CDN_TOKEN_SECRET: "{{ our_env_vars.CDN_TOKEN_SECRET }}" - WHISPER_DIR: "{{ our_env_vars.WHISPER_DIR }}" - B2_APPLICATION_KEY_ID: "{{ our_env_vars.B2_APPLICATION_KEY_ID }}" - B2_APPLICATION_KEY: "{{ our_env_vars.B2_APPLICATION_KEY }}" - SEEDBOX_SFTP_URL: "{{ our_env_vars.SEEDBOX_SFTP_URL }}" - SEEDBOX_SFTP_USERNAME: "{{ our_env_vars.SEEDBOX_SFTP_USERNAME }}" - SEEDBOX_SFTP_PASSWORD: "{{ our_env_vars.SEEDBOX_SFTP_PASSWORD }}" + DATABASE_URL: "{{ lookup('dotenv', 'DATABASE_URL', file='../../../../.env.production') }}" + NODE_ENV: "{{ lookup('dotenv', 'NODE_ENV', file='../../../../.env.production') }}" + ORIGIN: "{{ lookup('dotenv', 'ORIGIN', file='../../../../.env.production') }}" + PATREON_API_ORIGIN: "{{ lookup('dotenv', 'PATREON_API_ORIGIN', file='../../../../.env.production') }}" + PATREON_AUTHORIZE_PATH: "{{ lookup('dotenv', 'PATREON_AUTHORIZE_PATH', file='../../../../.env.production') }}" + PATREON_TOKEN_PATH: "{{ lookup('dotenv', 'PATREON_TOKEN_PATH', file='../../../../.env.production') }}" + PATREON_CLIENT_ID: "{{ lookup('dotenv', 'PATREON_CLIENT_ID', file='../../../../.env.production') }}" + PATREON_CLIENT_SECRET: "{{ lookup('dotenv', 'PATREON_CLIENT_SECRET', file='../../../../.env.production') }}" + COOKIE_SECRET: "{{ lookup('dotenv', 'COOKIE_SECRET', file='../../../../.env.production') }}" + S3_REGION: "{{ lookup('dotenv', 'S3_REGION', file='../../../../.env.production') }}" + S3_BUCKET: "{{ lookup('dotenv', 'S3_BUCKET', file='../../../../.env.production') }}" + S3_APPLICATION_KEY: "{{ lookup('dotenv', 'S3_APPLICATION_KEY', file='../../../../.env.production') }}" + S3_KEY_ID: "{{ lookup('dotenv', 'S3_KEY_ID', file='../../../../.env.production') }}" + S3_ENDPOINT: "{{ lookup('dotenv', 'S3_ENDPOINT', file='../../../../.env.production') }}" + CDN_ORIGIN: "{{ lookup('dotenv', 'CDN_ORIGIN', file='../../../../.env.production') }}" + CDN_TOKEN_SECRET: "{{ lookup('dotenv', 'CDN_TOKEN_SECRET', file='../../../../.env.production') }}" + WHISPER_DIR: "{{ lookup('dotenv', 'WHISPER_DIR', file='../../../../.env.production') }}" + B2_APPLICATION_KEY_ID: "{{ lookup('dotenv', 'B2_APPLICATION_KEY_ID', file='../../../../.env.production') }}" + B2_APPLICATION_KEY: "{{ lookup('dotenv', 'B2_APPLICATION_KEY', file='../../../../.env.production') }}" + SEEDBOX_SFTP_URL: "{{ lookup('dotenv', 'SEEDBOX_SFTP_URL', file='../../../../.env.production') }}" + SEEDBOX_SFTP_USERNAME: "{{ lookup('dotenv', 'SEEDBOX_SFTP_USERNAME', file='../../../../.env.production') }}" + SEEDBOX_SFTP_PASSWORD: "{{ lookup('dotenv', 'SEEDBOX_SFTP_PASSWORD', file='../../../../.env.production') }}" pgadmin: - PGADMIN_DEFAULT_EMAIL: "{{ our_env_vars.PGADMIN_DEFAULT_EMAIL }}" - PGADMIN_DEFAULT_PASSWORD: "{{ our_env_vars.PGADMIN_DEFAULT_PASSWORD }}" + PGADMIN_DEFAULT_EMAIL: "{{ lookup('dotenv', 'PGADMIN_DEFAULT_EMAIL', file='../../../../.env.production') }}" + PGADMIN_DEFAULT_PASSWORD: "{{ lookup('dotenv', 'PGADMIN_DEFAULT_PASSWORD', file='../../../../.env.production') }}" tailscale-pgadmin: - TS_AUTHKEY: "{{ our_env_vars.TS_AUTHKEY }}" + TS_AUTHKEY: "{{ lookup('dotenv', 'TS_AUTHKEY', file='../../../../.env.production') }}"