aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorclarkzjw <[email protected]>2023-01-01 21:08:22 -0800
committerclarkzjw <[email protected]>2023-01-01 21:08:22 -0800
commite13d4b448efd7174b1b4c8723cbc8be845470c60 (patch)
treec797ae22f1b2261b40c084e22c1e52dab39a6f2e /photo.jinwei.me/config
parente330106e9e6524fc76c407aa608a60ccef83bbe4 (diff)
downloadjinwei.me-e13d4b448efd7174b1b4c8723cbc8be845470c60.tar.gz
Diffstat (limited to 'photo.jinwei.me/config')
-rw-r--r--photo.jinwei.me/config/ansible.cfg14
-rw-r--r--photo.jinwei.me/config/inventory/aws_ec2.yaml7
-rw-r--r--photo.jinwei.me/config/requirements.yaml10
-rw-r--r--photo.jinwei.me/config/role.yaml3
-rw-r--r--photo.jinwei.me/config/roles/debian_init/defaults/main.yaml1
-rw-r--r--photo.jinwei.me/config/roles/debian_init/tasks/main.yaml72
-rw-r--r--photo.jinwei.me/config/roles/wordpress/Dockerfile5
-rwxr-xr-xphoto.jinwei.me/config/roles/wordpress/build.sh5
-rw-r--r--photo.jinwei.me/config/roles/wordpress/defaults/main.yaml4
-rw-r--r--photo.jinwei.me/config/roles/wordpress/tasks/main.yaml16
-rw-r--r--photo.jinwei.me/config/roles/wordpress/templates/docker-compose.yaml.j222
-rw-r--r--photo.jinwei.me/config/roles/wordpress/uploads.ini5
-rw-r--r--photo.jinwei.me/config/site.yaml3
13 files changed, 167 insertions, 0 deletions
diff --git a/photo.jinwei.me/config/ansible.cfg b/photo.jinwei.me/config/ansible.cfg
new file mode 100644
index 0000000..9345045
--- /dev/null
+++ b/photo.jinwei.me/config/ansible.cfg
@@ -0,0 +1,14 @@
1[defaults]
2host_key_checking = False
3transport = ssh
4remote_user = admin
5roles_path = roles
6inventory = inventory
7force_color = True
8interpreter_python = auto_silent
9
10[connection]
11pipelining = True
12
13[privilege_escalation]
14become = True
diff --git a/photo.jinwei.me/config/inventory/aws_ec2.yaml b/photo.jinwei.me/config/inventory/aws_ec2.yaml
new file mode 100644
index 0000000..c35e172
--- /dev/null
+++ b/photo.jinwei.me/config/inventory/aws_ec2.yaml
@@ -0,0 +1,7 @@
1plugin: aws_ec2
2regions:
3 - eu-central-1
4hostnames:
5 - tag:Name
6compose:
7 ansible_host: public_ip_address
diff --git a/photo.jinwei.me/config/requirements.yaml b/photo.jinwei.me/config/requirements.yaml
new file mode 100644
index 0000000..5229cc7
--- /dev/null
+++ b/photo.jinwei.me/config/requirements.yaml
@@ -0,0 +1,10 @@
1---
2collections:
3 - name: amazon.aws
4 version: 3.2.0
5 - name: community.general
6 version: 4.7.0
7 - name: ansible.posix
8 version: 1.3.0
9 - name: community.docker
10 version: 3.2.1
diff --git a/photo.jinwei.me/config/role.yaml b/photo.jinwei.me/config/role.yaml
new file mode 100644
index 0000000..ab3fca5
--- /dev/null
+++ b/photo.jinwei.me/config/role.yaml
@@ -0,0 +1,3 @@
1- hosts: "{{ target }}"
2 roles:
3 - role: "{{ role }}"
diff --git a/photo.jinwei.me/config/roles/debian_init/defaults/main.yaml b/photo.jinwei.me/config/roles/debian_init/defaults/main.yaml
new file mode 100644
index 0000000..685f0b6
--- /dev/null
+++ b/photo.jinwei.me/config/roles/debian_init/defaults/main.yaml
@@ -0,0 +1 @@
user_home: /home/clarkzjw
diff --git a/photo.jinwei.me/config/roles/debian_init/tasks/main.yaml b/photo.jinwei.me/config/roles/debian_init/tasks/main.yaml
new file mode 100644
index 0000000..19b0ed8
--- /dev/null
+++ b/photo.jinwei.me/config/roles/debian_init/tasks/main.yaml
@@ -0,0 +1,72 @@
1- name: Disable unattended-upgrades
2 ansible.builtin.systemd:
3 name: unattended-upgrades
4 state: stopped
5 enabled: false
6
7- name: install packages
8 apt:
9 update_cache: true
10 name:
11 - apt-transport-https
12 - build-essential
13 - ca-certificates
14 - mariadb-client
15 - lsb-release
16 - python3
17 - python3-dev
18 - python3-pip
19 - unzip
20 - gnupg
21 - htop
22 - curl
23 - tree
24 - zip
25 - vim
26 - zsh
27 - git
28
29- name: add user
30 user:
31 name: clarkzjw
32 shell: /usr/bin/zsh
33 home: "{{ user_home }}"
34 system: true
35
36- name: Add Docker GPG apt Key
37 apt_key:
38 url: https://download.docker.com/linux/debian/gpg
39 keyring: /etc/apt/trusted.gpg.d/docker.gpg
40 state: present
41
42- name: Add Docker Repository
43 apt_repository:
44 repo: deb [arch=amd64 signed-by=/etc/apt/trusted.gpg.d/docker.gpg] https://download.docker.com/linux/debian {{ ansible_distribution_release | lower }} stable
45 state: present
46
47- name: Update apt and install docker-ce
48 apt:
49 name:
50 - docker-ce
51 - docker-ce-cli
52 - containerd.io
53 - docker-compose-plugin
54 state: latest
55 update_cache: true
56
57- name: Install Docker Module for Python
58 pip:
59 name:
60 - docker
61 - docker-compose
62
63- name: enable docker service
64 systemd:
65 name: docker
66 enabled: true
67 daemon_reload: true
68
69- name: Clean unneeded packages
70 ansible.builtin.apt:
71 autoremove: true
72 purge: true
diff --git a/photo.jinwei.me/config/roles/wordpress/Dockerfile b/photo.jinwei.me/config/roles/wordpress/Dockerfile
new file mode 100644
index 0000000..34704c0
--- /dev/null
+++ b/photo.jinwei.me/config/roles/wordpress/Dockerfile
@@ -0,0 +1,5 @@
1FROM wordpress:apache
2
3RUN apt-get update -y && apt-get install -y libgmp-dev && docker-php-ext-install gmp
4
5ADD uploads.ini /usr/local/etc/php/conf.d/uploads.ini
diff --git a/photo.jinwei.me/config/roles/wordpress/build.sh b/photo.jinwei.me/config/roles/wordpress/build.sh
new file mode 100755
index 0000000..55d7c0e
--- /dev/null
+++ b/photo.jinwei.me/config/roles/wordpress/build.sh
@@ -0,0 +1,5 @@
1docker_repo=docker.io/clarkzjw
2docker_image=wordpress
3docker_image_tag=$(date -u +%Y%m%d)
4sudo docker build -t $docker_repo/$docker_image:"$docker_image_tag" .
5sudo docker push $docker_repo/$docker_image:"$docker_image_tag"
diff --git a/photo.jinwei.me/config/roles/wordpress/defaults/main.yaml b/photo.jinwei.me/config/roles/wordpress/defaults/main.yaml
new file mode 100644
index 0000000..250e0a5
--- /dev/null
+++ b/photo.jinwei.me/config/roles/wordpress/defaults/main.yaml
@@ -0,0 +1,4 @@
1wordpress_image: clarkzjw/wordpress
2wordpress_image_tag: 20221211
3wordpress_port: 30080
4wordpress_home: /opt/wordpress
diff --git a/photo.jinwei.me/config/roles/wordpress/tasks/main.yaml b/photo.jinwei.me/config/roles/wordpress/tasks/main.yaml
new file mode 100644
index 0000000..3835145
--- /dev/null
+++ b/photo.jinwei.me/config/roles/wordpress/tasks/main.yaml
@@ -0,0 +1,16 @@
1- name: Pull wordpress Docker image
2 community.docker.docker_image:
3 name: "{{ wordpress_image }}:{{ wordpress_image_tag }}"
4 source: pull
5
6- name: render config file
7 template:
8 src: docker-compose.yaml.j2
9 dest: "{{ wordpress_home }}/docker-compose.yaml"
10 mode: 0644
11
12- name: Start wordpress container using docker-compose
13 community.docker.docker_compose:
14 project_name: wordpress
15 project_src: "{{ wordpress_home }}"
16 register: output
diff --git a/photo.jinwei.me/config/roles/wordpress/templates/docker-compose.yaml.j2 b/photo.jinwei.me/config/roles/wordpress/templates/docker-compose.yaml.j2
new file mode 100644
index 0000000..447b80b
--- /dev/null
+++ b/photo.jinwei.me/config/roles/wordpress/templates/docker-compose.yaml.j2
@@ -0,0 +1,22 @@
1version: '3'
2services:
3 cloudflared:
4 image: cloudflare/cloudflared
5 container_name: cloudflare-tunnel
6 network_mode: host
7 restart: always
8 command: tunnel run
9 environment:
10 - TUNNEL_TOKEN={{ lookup('aws_ssm', '/jinwei-me/cloudflare/tunnel_token') }}
11 wordpress:
12 image: "{{ wordpress_image }}:{{ wordpress_image_tag }}"
13 volumes:
14 - "{{ wordpress_home }}/wp-content:/var/www/html/wp-content"
15 restart: always
16 ports:
17 - 30081:80
18 environment:
19 - WORDPRESS_DB_HOST={{ lookup('aws_ssm', '/jinwei-me/mysql/host') }}:{{ lookup('aws_ssm', '/jinwei-me/mysql/port') }}
20 - WORDPRESS_DB_USER={{ lookup('aws_ssm', '/jinwei-me/mysql/username') }}
21 - WORDPRESS_DB_PASSWORD={{ lookup('aws_ssm', '/jinwei-me/mysql/password') }}
22 - WORDPRESS_DB_NAME={{ lookup('aws_ssm', '/jinwei-me/mysql/name') }}
diff --git a/photo.jinwei.me/config/roles/wordpress/uploads.ini b/photo.jinwei.me/config/roles/wordpress/uploads.ini
new file mode 100644
index 0000000..cd6e86c
--- /dev/null
+++ b/photo.jinwei.me/config/roles/wordpress/uploads.ini
@@ -0,0 +1,5 @@
1file_uploads = On
2post_max_size = 100M
3upload_max_filesize = 100M
4memory_limit = 512M
5max_execution_time = 600
diff --git a/photo.jinwei.me/config/site.yaml b/photo.jinwei.me/config/site.yaml
new file mode 100644
index 0000000..3dbcc71
--- /dev/null
+++ b/photo.jinwei.me/config/site.yaml
@@ -0,0 +1,3 @@
1- hosts: jinwei-me
2 roles:
3 - role: debian_init
Powered by cgit v1.2.3 (git 2.41.0)