wait 60s for pgadmin

2025-10-10 04:25:40 -08:00 · 2025-10-10 04:25:40 -08:00 · 7b8de04085
commit 7b8de04085
parent af5deec325
4 changed files with 13 additions and 61 deletions
--- a/ansible/roles/our/tasks/firewall.yml
+++ b/ansible/roles/our/tasks/firewall.yml
@ -8,3 +8,4 @@
    interface: enp8s0
  loop:
    - { port: "{{ our_published_port }}", proto: tcp } # our server
+    - { port: "{{ pgadmin_published_port }}", proto: tcp }
--- a/ansible/roles/our/tasks/main.yml
+++ b/ansible/roles/our/tasks/main.yml
@ -8,10 +8,6 @@
  ansible.builtin.include_tasks:
    file: filesystem.yml

- name: Configure tailscale
-  ansible.builtin.include_tasks:
-    file: tailscale.yml
-
 - name: Configure docker stack app
  ansible.builtin.include_tasks:
    file: stack.yml
--- a/ansible/roles/our/tasks/stack.yml
+++ b/ansible/roles/our/tasks/stack.yml
@ -31,6 +31,12 @@
  loop:
    - compose.production.yaml

+- name: Render compose secrets
+  ansible.builtin.template:
+    mode: "0755"
+    src: compose.secrets.j2.yaml
+    dest: /etc/futureporn/our/compose.secrets.yaml
+
 - name: Deploy stack
  when: inventory_hostname == (groups['swarm'] | first)
  community.docker.docker_stack:
@ -38,59 +44,4 @@
    name: our
    compose:
      - /etc/futureporn/our/compose.production.yaml
-      - services:
-          server:
-            environment:
-              DATABASE_URL: "{{ lookup('dotenv', 'DATABASE_URL', file='../../../../.env.production') }}"
-              NODE_ENV: "{{ lookup('dotenv', 'NODE_ENV', file='../../../../.env.production') }}"
-              ORIGIN: "{{ lookup('dotenv', 'ORIGIN', file='../../../../.env.production') }}"
-              PATREON_API_ORIGIN: "{{ lookup('dotenv', 'PATREON_API_ORIGIN', file='../../../../.env.production') }}"
-              PATREON_AUTHORIZE_PATH: "{{ lookup('dotenv', 'PATREON_AUTHORIZE_PATH', file='../../../../.env.production') }}"
-              PATREON_TOKEN_PATH: "{{ lookup('dotenv', 'PATREON_TOKEN_PATH', file='../../../../.env.production') }}"
-              PATREON_CLIENT_ID: "{{ lookup('dotenv', 'PATREON_CLIENT_ID', file='../../../../.env.production') }}"
-              PATREON_CLIENT_SECRET: "{{ lookup('dotenv', 'PATREON_CLIENT_SECRET', file='../../../../.env.production') }}"
-              COOKIE_SECRET: "{{ lookup('dotenv', 'COOKIE_SECRET', file='../../../../.env.production') }}"
-              S3_REGION: "{{ lookup('dotenv', 'S3_REGION', file='../../../../.env.production') }}"
-              S3_BUCKET: "{{ lookup('dotenv', 'S3_BUCKET', file='../../../../.env.production') }}"
-              S3_APPLICATION_KEY: "{{ lookup('dotenv', 'S3_APPLICATION_KEY', file='../../../../.env.production') }}"
-              S3_KEY_ID: "{{ lookup('dotenv', 'S3_KEY_ID', file='../../../../.env.production') }}"
-              S3_ENDPOINT: "{{ lookup('dotenv', 'S3_ENDPOINT', file='../../../../.env.production') }}"
-              CDN_ORIGIN: "{{ lookup('dotenv', 'CDN_ORIGIN', file='../../../../.env.production') }}"
-              CDN_TOKEN_SECRET: "{{ lookup('dotenv', 'CDN_TOKEN_SECRET', file='../../../../.env.production') }}"
-              WHISPER_DIR: "{{ lookup('dotenv', 'WHISPER_DIR', file='../../../../.env.production') }}"
-              B2_APPLICATION_KEY_ID: "{{ lookup('dotenv', 'B2_APPLICATION_KEY_ID', file='../../../../.env.production') }}"
-              B2_APPLICATION_KEY: "{{ lookup('dotenv', 'B2_APPLICATION_KEY', file='../../../../.env.production') }}"
-              SEEDBOX_SFTP_URL: "{{ lookup('dotenv', 'SEEDBOX_SFTP_URL', file='../../../../.env.production') }}"
-              SEEDBOX_SFTP_USERNAME: "{{ lookup('dotenv', 'SEEDBOX_SFTP_USERNAME', file='../../../../.env.production') }}"
-              SEEDBOX_SFTP_PASSWORD: "{{ lookup('dotenv', 'SEEDBOX_SFTP_PASSWORD', file='../../../../.env.production') }}"
-          worker:
-            environment:
-              DATABASE_URL: "{{ lookup('dotenv', 'DATABASE_URL', file='../../../../.env.production') }}"
-              NODE_ENV: "{{ lookup('dotenv', 'NODE_ENV', file='../../../../.env.production') }}"
-              ORIGIN: "{{ lookup('dotenv', 'ORIGIN', file='../../../../.env.production') }}"
-              PATREON_API_ORIGIN: "{{ lookup('dotenv', 'PATREON_API_ORIGIN', file='../../../../.env.production') }}"
-              PATREON_AUTHORIZE_PATH: "{{ lookup('dotenv', 'PATREON_AUTHORIZE_PATH', file='../../../../.env.production') }}"
-              PATREON_TOKEN_PATH: "{{ lookup('dotenv', 'PATREON_TOKEN_PATH', file='../../../../.env.production') }}"
-              PATREON_CLIENT_ID: "{{ lookup('dotenv', 'PATREON_CLIENT_ID', file='../../../../.env.production') }}"
-              PATREON_CLIENT_SECRET: "{{ lookup('dotenv', 'PATREON_CLIENT_SECRET', file='../../../../.env.production') }}"
-              COOKIE_SECRET: "{{ lookup('dotenv', 'COOKIE_SECRET', file='../../../../.env.production') }}"
-              S3_REGION: "{{ lookup('dotenv', 'S3_REGION', file='../../../../.env.production') }}"
-              S3_BUCKET: "{{ lookup('dotenv', 'S3_BUCKET', file='../../../../.env.production') }}"
-              S3_APPLICATION_KEY: "{{ lookup('dotenv', 'S3_APPLICATION_KEY', file='../../../../.env.production') }}"
-              S3_KEY_ID: "{{ lookup('dotenv', 'S3_KEY_ID', file='../../../../.env.production') }}"
-              S3_ENDPOINT: "{{ lookup('dotenv', 'S3_ENDPOINT', file='../../../../.env.production') }}"
-              CDN_ORIGIN: "{{ lookup('dotenv', 'CDN_ORIGIN', file='../../../../.env.production') }}"
-              CDN_TOKEN_SECRET: "{{ lookup('dotenv', 'CDN_TOKEN_SECRET', file='../../../../.env.production') }}"
-              WHISPER_DIR: "{{ lookup('dotenv', 'WHISPER_DIR', file='../../../../.env.production') }}"
-              B2_APPLICATION_KEY_ID: "{{ lookup('dotenv', 'B2_APPLICATION_KEY_ID', file='../../../../.env.production') }}"
-              B2_APPLICATION_KEY: "{{ lookup('dotenv', 'B2_APPLICATION_KEY', file='../../../../.env.production') }}"
-              SEEDBOX_SFTP_URL: "{{ lookup('dotenv', 'SEEDBOX_SFTP_URL', file='../../../../.env.production') }}"
-              SEEDBOX_SFTP_USERNAME: "{{ lookup('dotenv', 'SEEDBOX_SFTP_USERNAME', file='../../../../.env.production') }}"
-              SEEDBOX_SFTP_PASSWORD: "{{ lookup('dotenv', 'SEEDBOX_SFTP_PASSWORD', file='../../../../.env.production') }}"
-          pgadmin:
-            environment:
-              PGADMIN_DEFAULT_EMAIL: "{{ lookup('dotenv', 'PGADMIN_DEFAULT_EMAIL', file='../../../../.env.production') }}"
-              PGADMIN_DEFAULT_PASSWORD: "{{ lookup('dotenv', 'PGADMIN_DEFAULT_PASSWORD', file='../../../../.env.production') }}"
-          tailscale-pgadmin:
-            environment:
-              TS_AUTHKEY: "{{ lookup('dotenv', 'TS_AUTHKEY', file='../../../../.env.production') }}"
+      - /etc/futureporn/our/compose.secrets.yaml
--- a/services/our/compose.production.yaml
+++ b/services/our/compose.production.yaml
@ -73,15 +73,19 @@ services:
    healthcheck:
      test: ["CMD", "nc", "-z", "127.0.0.1", "5050"]
      interval: 5s
-      retries: 10
+      retries: 3
+      start_period: 60s
    ports:
      - target: 5050
        published: 9095
        protocol: tcp
        mode: ingress
+    volumes:
+      - pgadmin_data:/var/lib/pgadmin

 volumes:
  pgdata:
+  pgadmin_data:

 networks:
  default: