diff options
author | clarkzjw <[email protected]> | 2023-01-01 21:08:22 -0800 |
---|---|---|
committer | clarkzjw <[email protected]> | 2023-01-01 21:08:22 -0800 |
commit | e13d4b448efd7174b1b4c8723cbc8be845470c60 (patch) | |
tree | c797ae22f1b2261b40c084e22c1e52dab39a6f2e /photo.jinwei.me/config | |
parent | e330106e9e6524fc76c407aa608a60ccef83bbe4 (diff) | |
download | jinwei.me-e13d4b448efd7174b1b4c8723cbc8be845470c60.tar.gz |
stashphoto.jinwei.me
Diffstat (limited to 'photo.jinwei.me/config')
-rw-r--r-- | photo.jinwei.me/config/ansible.cfg | 14 | ||||
-rw-r--r-- | photo.jinwei.me/config/inventory/aws_ec2.yaml | 7 | ||||
-rw-r--r-- | photo.jinwei.me/config/requirements.yaml | 10 | ||||
-rw-r--r-- | photo.jinwei.me/config/role.yaml | 3 | ||||
-rw-r--r-- | photo.jinwei.me/config/roles/debian_init/defaults/main.yaml | 1 | ||||
-rw-r--r-- | photo.jinwei.me/config/roles/debian_init/tasks/main.yaml | 72 | ||||
-rw-r--r-- | photo.jinwei.me/config/roles/wordpress/Dockerfile | 5 | ||||
-rwxr-xr-x | photo.jinwei.me/config/roles/wordpress/build.sh | 5 | ||||
-rw-r--r-- | photo.jinwei.me/config/roles/wordpress/defaults/main.yaml | 4 | ||||
-rw-r--r-- | photo.jinwei.me/config/roles/wordpress/tasks/main.yaml | 16 | ||||
-rw-r--r-- | photo.jinwei.me/config/roles/wordpress/templates/docker-compose.yaml.j2 | 22 | ||||
-rw-r--r-- | photo.jinwei.me/config/roles/wordpress/uploads.ini | 5 | ||||
-rw-r--r-- | photo.jinwei.me/config/site.yaml | 3 |
13 files changed, 167 insertions, 0 deletions
diff --git a/photo.jinwei.me/config/ansible.cfg b/photo.jinwei.me/config/ansible.cfg new file mode 100644 index 0000000..9345045 --- /dev/null +++ b/photo.jinwei.me/config/ansible.cfg | |||
@@ -0,0 +1,14 @@ | |||
1 | [defaults] | ||
2 | host_key_checking = False | ||
3 | transport = ssh | ||
4 | remote_user = admin | ||
5 | roles_path = roles | ||
6 | inventory = inventory | ||
7 | force_color = True | ||
8 | interpreter_python = auto_silent | ||
9 | |||
10 | [connection] | ||
11 | pipelining = True | ||
12 | |||
13 | [privilege_escalation] | ||
14 | become = True | ||
diff --git a/photo.jinwei.me/config/inventory/aws_ec2.yaml b/photo.jinwei.me/config/inventory/aws_ec2.yaml new file mode 100644 index 0000000..c35e172 --- /dev/null +++ b/photo.jinwei.me/config/inventory/aws_ec2.yaml | |||
@@ -0,0 +1,7 @@ | |||
1 | plugin: aws_ec2 | ||
2 | regions: | ||
3 | - eu-central-1 | ||
4 | hostnames: | ||
5 | - tag:Name | ||
6 | compose: | ||
7 | ansible_host: public_ip_address | ||
diff --git a/photo.jinwei.me/config/requirements.yaml b/photo.jinwei.me/config/requirements.yaml new file mode 100644 index 0000000..5229cc7 --- /dev/null +++ b/photo.jinwei.me/config/requirements.yaml | |||
@@ -0,0 +1,10 @@ | |||
1 | --- | ||
2 | collections: | ||
3 | - name: amazon.aws | ||
4 | version: 3.2.0 | ||
5 | - name: community.general | ||
6 | version: 4.7.0 | ||
7 | - name: ansible.posix | ||
8 | version: 1.3.0 | ||
9 | - name: community.docker | ||
10 | version: 3.2.1 | ||
diff --git a/photo.jinwei.me/config/role.yaml b/photo.jinwei.me/config/role.yaml new file mode 100644 index 0000000..ab3fca5 --- /dev/null +++ b/photo.jinwei.me/config/role.yaml | |||
@@ -0,0 +1,3 @@ | |||
1 | - hosts: "{{ target }}" | ||
2 | roles: | ||
3 | - role: "{{ role }}" | ||
diff --git a/photo.jinwei.me/config/roles/debian_init/defaults/main.yaml b/photo.jinwei.me/config/roles/debian_init/defaults/main.yaml new file mode 100644 index 0000000..685f0b6 --- /dev/null +++ b/photo.jinwei.me/config/roles/debian_init/defaults/main.yaml | |||
@@ -0,0 +1 @@ | |||
user_home: /home/clarkzjw | |||
diff --git a/photo.jinwei.me/config/roles/debian_init/tasks/main.yaml b/photo.jinwei.me/config/roles/debian_init/tasks/main.yaml new file mode 100644 index 0000000..19b0ed8 --- /dev/null +++ b/photo.jinwei.me/config/roles/debian_init/tasks/main.yaml | |||
@@ -0,0 +1,72 @@ | |||
1 | - name: Disable unattended-upgrades | ||
2 | ansible.builtin.systemd: | ||
3 | name: unattended-upgrades | ||
4 | state: stopped | ||
5 | enabled: false | ||
6 | |||
7 | - name: install packages | ||
8 | apt: | ||
9 | update_cache: true | ||
10 | name: | ||
11 | - apt-transport-https | ||
12 | - build-essential | ||
13 | - ca-certificates | ||
14 | - mariadb-client | ||
15 | - lsb-release | ||
16 | - python3 | ||
17 | - python3-dev | ||
18 | - python3-pip | ||
19 | - unzip | ||
20 | - gnupg | ||
21 | - htop | ||
22 | - curl | ||
23 | - tree | ||
24 | - zip | ||
25 | - vim | ||
26 | - zsh | ||
27 | - git | ||
28 | |||
29 | - name: add user | ||
30 | user: | ||
31 | name: clarkzjw | ||
32 | shell: /usr/bin/zsh | ||
33 | home: "{{ user_home }}" | ||
34 | system: true | ||
35 | |||
36 | - name: Add Docker GPG apt Key | ||
37 | apt_key: | ||
38 | url: https://download.docker.com/linux/debian/gpg | ||
39 | keyring: /etc/apt/trusted.gpg.d/docker.gpg | ||
40 | state: present | ||
41 | |||
42 | - name: Add Docker Repository | ||
43 | apt_repository: | ||
44 | repo: deb [arch=amd64 signed-by=/etc/apt/trusted.gpg.d/docker.gpg] https://download.docker.com/linux/debian {{ ansible_distribution_release | lower }} stable | ||
45 | state: present | ||
46 | |||
47 | - name: Update apt and install docker-ce | ||
48 | apt: | ||
49 | name: | ||
50 | - docker-ce | ||
51 | - docker-ce-cli | ||
52 | - containerd.io | ||
53 | - docker-compose-plugin | ||
54 | state: latest | ||
55 | update_cache: true | ||
56 | |||
57 | - name: Install Docker Module for Python | ||
58 | pip: | ||
59 | name: | ||
60 | - docker | ||
61 | - docker-compose | ||
62 | |||
63 | - name: enable docker service | ||
64 | systemd: | ||
65 | name: docker | ||
66 | enabled: true | ||
67 | daemon_reload: true | ||
68 | |||
69 | - name: Clean unneeded packages | ||
70 | ansible.builtin.apt: | ||
71 | autoremove: true | ||
72 | purge: true | ||
diff --git a/photo.jinwei.me/config/roles/wordpress/Dockerfile b/photo.jinwei.me/config/roles/wordpress/Dockerfile new file mode 100644 index 0000000..34704c0 --- /dev/null +++ b/photo.jinwei.me/config/roles/wordpress/Dockerfile | |||
@@ -0,0 +1,5 @@ | |||
1 | FROM wordpress:apache | ||
2 | |||
3 | RUN apt-get update -y && apt-get install -y libgmp-dev && docker-php-ext-install gmp | ||
4 | |||
5 | ADD uploads.ini /usr/local/etc/php/conf.d/uploads.ini | ||
diff --git a/photo.jinwei.me/config/roles/wordpress/build.sh b/photo.jinwei.me/config/roles/wordpress/build.sh new file mode 100755 index 0000000..55d7c0e --- /dev/null +++ b/photo.jinwei.me/config/roles/wordpress/build.sh | |||
@@ -0,0 +1,5 @@ | |||
1 | docker_repo=docker.io/clarkzjw | ||
2 | docker_image=wordpress | ||
3 | docker_image_tag=$(date -u +%Y%m%d) | ||
4 | sudo docker build -t $docker_repo/$docker_image:"$docker_image_tag" . | ||
5 | sudo docker push $docker_repo/$docker_image:"$docker_image_tag" | ||
diff --git a/photo.jinwei.me/config/roles/wordpress/defaults/main.yaml b/photo.jinwei.me/config/roles/wordpress/defaults/main.yaml new file mode 100644 index 0000000..250e0a5 --- /dev/null +++ b/photo.jinwei.me/config/roles/wordpress/defaults/main.yaml | |||
@@ -0,0 +1,4 @@ | |||
1 | wordpress_image: clarkzjw/wordpress | ||
2 | wordpress_image_tag: 20221211 | ||
3 | wordpress_port: 30080 | ||
4 | wordpress_home: /opt/wordpress | ||
diff --git a/photo.jinwei.me/config/roles/wordpress/tasks/main.yaml b/photo.jinwei.me/config/roles/wordpress/tasks/main.yaml new file mode 100644 index 0000000..3835145 --- /dev/null +++ b/photo.jinwei.me/config/roles/wordpress/tasks/main.yaml | |||
@@ -0,0 +1,16 @@ | |||
1 | - name: Pull wordpress Docker image | ||
2 | community.docker.docker_image: | ||
3 | name: "{{ wordpress_image }}:{{ wordpress_image_tag }}" | ||
4 | source: pull | ||
5 | |||
6 | - name: render config file | ||
7 | template: | ||
8 | src: docker-compose.yaml.j2 | ||
9 | dest: "{{ wordpress_home }}/docker-compose.yaml" | ||
10 | mode: 0644 | ||
11 | |||
12 | - name: Start wordpress container using docker-compose | ||
13 | community.docker.docker_compose: | ||
14 | project_name: wordpress | ||
15 | project_src: "{{ wordpress_home }}" | ||
16 | register: output | ||
diff --git a/photo.jinwei.me/config/roles/wordpress/templates/docker-compose.yaml.j2 b/photo.jinwei.me/config/roles/wordpress/templates/docker-compose.yaml.j2 new file mode 100644 index 0000000..447b80b --- /dev/null +++ b/photo.jinwei.me/config/roles/wordpress/templates/docker-compose.yaml.j2 | |||
@@ -0,0 +1,22 @@ | |||
1 | version: '3' | ||
2 | services: | ||
3 | cloudflared: | ||
4 | image: cloudflare/cloudflared | ||
5 | container_name: cloudflare-tunnel | ||
6 | network_mode: host | ||
7 | restart: always | ||
8 | command: tunnel run | ||
9 | environment: | ||
10 | - TUNNEL_TOKEN={{ lookup('aws_ssm', '/jinwei-me/cloudflare/tunnel_token') }} | ||
11 | wordpress: | ||
12 | image: "{{ wordpress_image }}:{{ wordpress_image_tag }}" | ||
13 | volumes: | ||
14 | - "{{ wordpress_home }}/wp-content:/var/www/html/wp-content" | ||
15 | restart: always | ||
16 | ports: | ||
17 | - 30081:80 | ||
18 | environment: | ||
19 | - WORDPRESS_DB_HOST={{ lookup('aws_ssm', '/jinwei-me/mysql/host') }}:{{ lookup('aws_ssm', '/jinwei-me/mysql/port') }} | ||
20 | - WORDPRESS_DB_USER={{ lookup('aws_ssm', '/jinwei-me/mysql/username') }} | ||
21 | - WORDPRESS_DB_PASSWORD={{ lookup('aws_ssm', '/jinwei-me/mysql/password') }} | ||
22 | - WORDPRESS_DB_NAME={{ lookup('aws_ssm', '/jinwei-me/mysql/name') }} | ||
diff --git a/photo.jinwei.me/config/roles/wordpress/uploads.ini b/photo.jinwei.me/config/roles/wordpress/uploads.ini new file mode 100644 index 0000000..cd6e86c --- /dev/null +++ b/photo.jinwei.me/config/roles/wordpress/uploads.ini | |||
@@ -0,0 +1,5 @@ | |||
1 | file_uploads = On | ||
2 | post_max_size = 100M | ||
3 | upload_max_filesize = 100M | ||
4 | memory_limit = 512M | ||
5 | max_execution_time = 600 | ||
diff --git a/photo.jinwei.me/config/site.yaml b/photo.jinwei.me/config/site.yaml new file mode 100644 index 0000000..3dbcc71 --- /dev/null +++ b/photo.jinwei.me/config/site.yaml | |||
@@ -0,0 +1,3 @@ | |||
1 | - hosts: jinwei-me | ||
2 | roles: | ||
3 | - role: debian_init | ||