diff options
author | clarkzjw <[email protected]> | 2023-01-01 21:39:42 -0800 |
---|---|---|
committer | clarkzjw <[email protected]> | 2023-01-01 21:39:42 -0800 |
commit | 55542d3204314c170c123dc066f93b4c8f9ac4bc (patch) | |
tree | bb98625a2fde12d31bfe12af83a5ef5a48cbd57e | |
parent | 999e9e97d314e1702fa455abd9526042ef90b09d (diff) | |
download | jinwei.me-55542d3204314c170c123dc066f93b4c8f9ac4bc.tar.gz |
config: add beancount
-rw-r--r-- | bean.jinwei.me/config/ansible.cfg | 14 | ||||
-rw-r--r-- | bean.jinwei.me/config/inventory/aws_ec2.yaml | 7 | ||||
-rw-r--r-- | bean.jinwei.me/config/requirements.yaml | 10 | ||||
-rw-r--r-- | bean.jinwei.me/config/role.yaml | 3 | ||||
-rw-r--r-- | bean.jinwei.me/config/roles/beancount/defaults/main.yaml | 3 | ||||
-rw-r--r-- | bean.jinwei.me/config/roles/beancount/tasks/main.yaml | 38 | ||||
-rw-r--r-- | bean.jinwei.me/config/roles/beancount/templates/docker-compose.yaml.j2 | 9 | ||||
-rw-r--r-- | bean.jinwei.me/config/site.yaml | 3 | ||||
-rw-r--r-- | jinwei.me/infra/cloudflare.tf | 16 |
9 files changed, 103 insertions, 0 deletions
diff --git a/bean.jinwei.me/config/ansible.cfg b/bean.jinwei.me/config/ansible.cfg new file mode 100644 index 0000000..9345045 --- /dev/null +++ b/bean.jinwei.me/config/ansible.cfg | |||
@@ -0,0 +1,14 @@ | |||
1 | [defaults] | ||
2 | host_key_checking = False | ||
3 | transport = ssh | ||
4 | remote_user = admin | ||
5 | roles_path = roles | ||
6 | inventory = inventory | ||
7 | force_color = True | ||
8 | interpreter_python = auto_silent | ||
9 | |||
10 | [connection] | ||
11 | pipelining = True | ||
12 | |||
13 | [privilege_escalation] | ||
14 | become = True | ||
diff --git a/bean.jinwei.me/config/inventory/aws_ec2.yaml b/bean.jinwei.me/config/inventory/aws_ec2.yaml new file mode 100644 index 0000000..100d95b --- /dev/null +++ b/bean.jinwei.me/config/inventory/aws_ec2.yaml | |||
@@ -0,0 +1,7 @@ | |||
1 | plugin: aws_ec2 | ||
2 | regions: | ||
3 | - us-west-2 | ||
4 | hostnames: | ||
5 | - tag:Name | ||
6 | compose: | ||
7 | ansible_host: public_ip_address | ||
diff --git a/bean.jinwei.me/config/requirements.yaml b/bean.jinwei.me/config/requirements.yaml new file mode 100644 index 0000000..5229cc7 --- /dev/null +++ b/bean.jinwei.me/config/requirements.yaml | |||
@@ -0,0 +1,10 @@ | |||
1 | --- | ||
2 | collections: | ||
3 | - name: amazon.aws | ||
4 | version: 3.2.0 | ||
5 | - name: community.general | ||
6 | version: 4.7.0 | ||
7 | - name: ansible.posix | ||
8 | version: 1.3.0 | ||
9 | - name: community.docker | ||
10 | version: 3.2.1 | ||
diff --git a/bean.jinwei.me/config/role.yaml b/bean.jinwei.me/config/role.yaml new file mode 100644 index 0000000..ab3fca5 --- /dev/null +++ b/bean.jinwei.me/config/role.yaml | |||
@@ -0,0 +1,3 @@ | |||
1 | - hosts: "{{ target }}" | ||
2 | roles: | ||
3 | - role: "{{ role }}" | ||
diff --git a/bean.jinwei.me/config/roles/beancount/defaults/main.yaml b/bean.jinwei.me/config/roles/beancount/defaults/main.yaml new file mode 100644 index 0000000..b9a36ee --- /dev/null +++ b/bean.jinwei.me/config/roles/beancount/defaults/main.yaml | |||
@@ -0,0 +1,3 @@ | |||
1 | bean_image: clarkzjw/ledger | ||
2 | bean_image_tag: master | ||
3 | bean_home: /opt/beancount \ No newline at end of file | ||
diff --git a/bean.jinwei.me/config/roles/beancount/tasks/main.yaml b/bean.jinwei.me/config/roles/beancount/tasks/main.yaml new file mode 100644 index 0000000..98bf49d --- /dev/null +++ b/bean.jinwei.me/config/roles/beancount/tasks/main.yaml | |||
@@ -0,0 +1,38 @@ | |||
1 | - name: login to docker hub | ||
2 | community.docker.docker_login: | ||
3 | username: "{{ lookup('aws_ssm', '/jinwei-me/docker/username') }}" | ||
4 | password: "{{ lookup('aws_ssm', '/jinwei-me/docker/token') }}" | ||
5 | |||
6 | - name: pull ledger Docker image | ||
7 | community.docker.docker_image: | ||
8 | name: "{{ bean_image }}:{{ bean_image_tag }}" | ||
9 | source: pull | ||
10 | |||
11 | - name: Create directory | ||
12 | file: | ||
13 | path: "{{ bean_home }}" | ||
14 | state: directory | ||
15 | mode: '0755' | ||
16 | |||
17 | - name: render config file | ||
18 | template: | ||
19 | src: docker-compose.yaml.j2 | ||
20 | dest: "{{ bean_home }}/docker-compose.yaml" | ||
21 | mode: 0644 | ||
22 | |||
23 | - name: start ledger container using docker-compose | ||
24 | community.docker.docker_compose: | ||
25 | project_name: ledger | ||
26 | project_src: "{{ bean_home }}" | ||
27 | register: output | ||
28 | |||
29 | #- name: setup cronjob for additional backup | ||
30 | # cron: | ||
31 | # cron_file: wordpress_backup_hetzner | ||
32 | # user: root | ||
33 | # state: present | ||
34 | # name: "wordpress backup" | ||
35 | # minute: "0" | ||
36 | # hour: "0" | ||
37 | # day: "*" | ||
38 | # job: "tar caf /tmp/wordpress-$(date -u +\\%Y-\\%m-\\%d-\\%H-\\%M-\\%S\\%Z).tar.xz {{ wordpress_home }} && rsync -azvP /tmp/wordpress-*.tar.xz {{ samba_backup_path }}" | ||
diff --git a/bean.jinwei.me/config/roles/beancount/templates/docker-compose.yaml.j2 b/bean.jinwei.me/config/roles/beancount/templates/docker-compose.yaml.j2 new file mode 100644 index 0000000..757e701 --- /dev/null +++ b/bean.jinwei.me/config/roles/beancount/templates/docker-compose.yaml.j2 | |||
@@ -0,0 +1,9 @@ | |||
1 | version: '3' | ||
2 | services: | ||
3 | ledger: | ||
4 | image: {{ bean_image }}:{{ bean_image_tag }} | ||
5 | container_name: ledger | ||
6 | restart: always | ||
7 | ports: | ||
8 | - 30082:8081 | ||
9 | - 30083:8080 | ||
diff --git a/bean.jinwei.me/config/site.yaml b/bean.jinwei.me/config/site.yaml new file mode 100644 index 0000000..3b450f8 --- /dev/null +++ b/bean.jinwei.me/config/site.yaml | |||
@@ -0,0 +1,3 @@ | |||
1 | - hosts: jinwei-me | ||
2 | roles: | ||
3 | - role: beancount | ||
diff --git a/jinwei.me/infra/cloudflare.tf b/jinwei.me/infra/cloudflare.tf index bb26eb5..5db690e 100644 --- a/jinwei.me/infra/cloudflare.tf +++ b/jinwei.me/infra/cloudflare.tf | |||
@@ -35,6 +35,22 @@ resource "cloudflare_record" "tunnel_dns" { | |||
35 | proxied = true | 35 | proxied = true |
36 | } | 36 | } |
37 | 37 | ||
38 | resource "cloudflare_record" "bean" { | ||
39 | zone_id = data.cloudflare_zones.domain.zones[0].id | ||
40 | name = "bean.${var.site_domain}" | ||
41 | value = "${cloudflare_argo_tunnel.tunnel.id}.cfargotunnel.com" | ||
42 | type = "CNAME" | ||
43 | proxied = true | ||
44 | } | ||
45 | |||
46 | resource "cloudflare_record" "beanweb" { | ||
47 | zone_id = data.cloudflare_zones.domain.zones[0].id | ||
48 | name = "beanweb.${var.site_domain}" | ||
49 | value = "${cloudflare_argo_tunnel.tunnel.id}.cfargotunnel.com" | ||
50 | type = "CNAME" | ||
51 | proxied = true | ||
52 | } | ||
53 | |||
38 | resource "cloudflare_tunnel_config" "tunnel_route" { | 54 | resource "cloudflare_tunnel_config" "tunnel_route" { |
39 | account_id = var.cloudflare_account_id | 55 | account_id = var.cloudflare_account_id |
40 | tunnel_id = cloudflare_argo_tunnel.tunnel.id | 56 | tunnel_id = cloudflare_argo_tunnel.tunnel.id |