fp/stack.yml at f1695d1d8d6a04fa614420e7caafb043347cdb70 - fp - Futureporn Gitea

futureporn/fp

CJ_Clippy f1695d1d8d

fp/our CI/CD / build (push) Waiting to run

Details

ci / test (push) Waiting to run

Details

add tailscale

2025-10-07 20:17:41 -08:00

107 lines

4.6 KiB

YAML

Raw Blame History

 ---
 - name: Create directory
   ansible.builtin.file:
     path: /etc/futureporn/our
     state: directory
     mode: "0755"
 - name: Add a docker network
   community.docker.docker_network:
     name: our
     scope: swarm
     state: present
     driver: overlay
   when: inventory_hostname == groups['swarm'] | first
 - name: Clone the latest code
   ansible.builtin.git:
     repo: https://gitea.futureporn.net/futureporn/fp
     dest: /tmp/checkout
     single_branch: true
     version: main
     clone: true
     force: true
 - name: Copy compose files
   ansible.builtin.copy:
     remote_src: true
     src: "/tmp/checkout/services/our/{{ item }}"
     dest: "/etc/futureporn/our/{{ item }}"
     mode: "0744"
   loop:
     - compose.production.yaml
 - name: Load environment variables
   set_fact:
     our_env_vars: "{{ lookup('community.general.read_dotenv', '../../../../.env.production') }}"
 - name: Create Docker secrets dynamically
   when: inventory_hostname == (groups['swarm'] | first)
   community.docker.docker_secret:
     name: "{{ item.key }}"
     data: "{{ item.value | b64encode }}"
     data_is_b64: true
     state: present
   loop: "{{ our_env_vars | dict2items }}"
 - name: Deploy stack
   when: inventory_hostname == groups['swarm'] | first
   community.docker.docker_stack:
     state: present
     name: our
     compose:
       - /etc/futureporn/our/compose.production.yaml
       - services:
           environment:
             server:
               DATABASE_URL: "{{ our_env_vars.DATABASE_URL }}"
               NODE_ENV: "{{ our_env_vars.NODE_ENV }}"
               ORIGIN: "{{ our_env_vars.ORIGIN }}"
               PATREON_API_ORIGIN: "{{ our_env_vars.PATREON_API_ORIGIN }}"
               PATREON_AUTHORIZE_PATH: "{{ our_env_vars.PATREON_AUTHORIZE_PATH }}"
               PATREON_TOKEN_PATH: "{{ our_env_vars.PATREON_TOKEN_PATH }}"
               PATREON_CLIENT_ID: "{{ our_env_vars.PATREON_CLIENT_ID }}"
               PATREON_CLIENT_SECRET: "{{ our_env_vars.PATREON_CLIENT_SECRET }}"
               COOKIE_SECRET: "{{ our_env_vars.COOKIE_SECRET }}"
               S3_REGION: "{{ our_env_vars.S3_REGION }}"
               S3_BUCKET: "{{ our_env_vars.S3_BUCKET }}"
               S3_APPLICATION_KEY: "{{ our_env_vars.S3_APPLICATION_KEY }}"
               S3_KEY_ID: "{{ our_env_vars.S3_KEY_ID }}"
               S3_ENDPOINT: "{{ our_env_vars.S3_ENDPOINT }}"
               CDN_ORIGIN: "{{ our_env_vars.CDN_ORIGIN }}"
               CDN_TOKEN_SECRET: "{{ our_env_vars.CDN_TOKEN_SECRET }}"
               WHISPER_DIR: "{{ our_env_vars.WHISPER_DIR }}"
               B2_APPLICATION_KEY_ID: "{{ our_env_vars.B2_APPLICATION_KEY_ID }}"
               B2_APPLICATION_KEY: "{{ our_env_vars.B2_APPLICATION_KEY }}"
               SEEDBOX_SFTP_URL: "{{ our_env_vars.SEEDBOX_SFTP_URL }}"
               SEEDBOX_SFTP_USERNAME: "{{ our_env_vars.SEEDBOX_SFTP_USERNAME }}"
               SEEDBOX_SFTP_PASSWORD: "{{ our_env_vars.SEEDBOX_SFTP_PASSWORD }}"
             worker:
               DATABASE_URL: "{{ our_env_vars.DATABASE_URL }}"
               NODE_ENV: "{{ our_env_vars.NODE_ENV }}"
               ORIGIN: "{{ our_env_vars.ORIGIN }}"
               PATREON_API_ORIGIN: "{{ our_env_vars.PATREON_API_ORIGIN }}"
               PATREON_AUTHORIZE_PATH: "{{ our_env_vars.PATREON_AUTHORIZE_PATH }}"
               PATREON_TOKEN_PATH: "{{ our_env_vars.PATREON_TOKEN_PATH }}"
               PATREON_CLIENT_ID: "{{ our_env_vars.PATREON_CLIENT_ID }}"
               PATREON_CLIENT_SECRET: "{{ our_env_vars.PATREON_CLIENT_SECRET }}"
               COOKIE_SECRET: "{{ our_env_vars.COOKIE_SECRET }}"
               S3_REGION: "{{ our_env_vars.S3_REGION }}"
               S3_BUCKET: "{{ our_env_vars.S3_BUCKET }}"
               S3_APPLICATION_KEY: "{{ our_env_vars.S3_APPLICATION_KEY }}"
               S3_KEY_ID: "{{ our_env_vars.S3_KEY_ID }}"
               S3_ENDPOINT: "{{ our_env_vars.S3_ENDPOINT }}"
               CDN_ORIGIN: "{{ our_env_vars.CDN_ORIGIN }}"
               CDN_TOKEN_SECRET: "{{ our_env_vars.CDN_TOKEN_SECRET }}"
               WHISPER_DIR: "{{ our_env_vars.WHISPER_DIR }}"
               B2_APPLICATION_KEY_ID: "{{ our_env_vars.B2_APPLICATION_KEY_ID }}"
               B2_APPLICATION_KEY: "{{ our_env_vars.B2_APPLICATION_KEY }}"
               SEEDBOX_SFTP_URL: "{{ our_env_vars.SEEDBOX_SFTP_URL }}"
               SEEDBOX_SFTP_USERNAME: "{{ our_env_vars.SEEDBOX_SFTP_USERNAME }}"
               SEEDBOX_SFTP_PASSWORD: "{{ our_env_vars.SEEDBOX_SFTP_PASSWORD }}"
             pgadmin:
               PGADMIN_DEFAULT_EMAIL: "{{ our_env_vars.PGADMIN_DEFAULT_EMAIL }}"
               PGADMIN_DEFAULT_PASSWORD: "{{ our_env_vars.PGADMIN_DEFAULT_PASSWORD }}"
             tailscale-pgadmin:
               TS_AUTHKEY: "{{ our_env_vars.TS_AUTHKEY }}"