From 55542d3204314c170c123dc066f93b4c8f9ac4bc Mon Sep 17 00:00:00 2001 From: clarkzjw Date: Sun, 1 Jan 2023 21:39:42 -0800 Subject: config: add beancount --- bean.jinwei.me/config/ansible.cfg | 14 ++++++++ bean.jinwei.me/config/inventory/aws_ec2.yaml | 7 ++++ bean.jinwei.me/config/requirements.yaml | 10 ++++++ bean.jinwei.me/config/role.yaml | 3 ++ .../config/roles/beancount/defaults/main.yaml | 3 ++ .../config/roles/beancount/tasks/main.yaml | 38 ++++++++++++++++++++++ .../beancount/templates/docker-compose.yaml.j2 | 9 +++++ bean.jinwei.me/config/site.yaml | 3 ++ jinwei.me/infra/cloudflare.tf | 16 +++++++++ 9 files changed, 103 insertions(+) create mode 100644 bean.jinwei.me/config/ansible.cfg create mode 100644 bean.jinwei.me/config/inventory/aws_ec2.yaml create mode 100644 bean.jinwei.me/config/requirements.yaml create mode 100644 bean.jinwei.me/config/role.yaml create mode 100644 bean.jinwei.me/config/roles/beancount/defaults/main.yaml create mode 100644 bean.jinwei.me/config/roles/beancount/tasks/main.yaml create mode 100644 bean.jinwei.me/config/roles/beancount/templates/docker-compose.yaml.j2 create mode 100644 bean.jinwei.me/config/site.yaml diff --git a/bean.jinwei.me/config/ansible.cfg b/bean.jinwei.me/config/ansible.cfg new file mode 100644 index 0000000..9345045 --- /dev/null +++ b/bean.jinwei.me/config/ansible.cfg @@ -0,0 +1,14 @@ +[defaults] +host_key_checking = False +transport = ssh +remote_user = admin +roles_path = roles +inventory = inventory +force_color = True +interpreter_python = auto_silent + +[connection] +pipelining = True + +[privilege_escalation] +become = True diff --git a/bean.jinwei.me/config/inventory/aws_ec2.yaml b/bean.jinwei.me/config/inventory/aws_ec2.yaml new file mode 100644 index 0000000..100d95b --- /dev/null +++ b/bean.jinwei.me/config/inventory/aws_ec2.yaml @@ -0,0 +1,7 @@ +plugin: aws_ec2 +regions: + - us-west-2 +hostnames: + - tag:Name +compose: + ansible_host: public_ip_address diff --git a/bean.jinwei.me/config/requirements.yaml b/bean.jinwei.me/config/requirements.yaml new file mode 100644 index 0000000..5229cc7 --- /dev/null +++ b/bean.jinwei.me/config/requirements.yaml @@ -0,0 +1,10 @@ +--- +collections: + - name: amazon.aws + version: 3.2.0 + - name: community.general + version: 4.7.0 + - name: ansible.posix + version: 1.3.0 + - name: community.docker + version: 3.2.1 diff --git a/bean.jinwei.me/config/role.yaml b/bean.jinwei.me/config/role.yaml new file mode 100644 index 0000000..ab3fca5 --- /dev/null +++ b/bean.jinwei.me/config/role.yaml @@ -0,0 +1,3 @@ +- hosts: "{{ target }}" + roles: + - role: "{{ role }}" diff --git a/bean.jinwei.me/config/roles/beancount/defaults/main.yaml b/bean.jinwei.me/config/roles/beancount/defaults/main.yaml new file mode 100644 index 0000000..b9a36ee --- /dev/null +++ b/bean.jinwei.me/config/roles/beancount/defaults/main.yaml @@ -0,0 +1,3 @@ +bean_image: clarkzjw/ledger +bean_image_tag: master +bean_home: /opt/beancount \ No newline at end of file diff --git a/bean.jinwei.me/config/roles/beancount/tasks/main.yaml b/bean.jinwei.me/config/roles/beancount/tasks/main.yaml new file mode 100644 index 0000000..98bf49d --- /dev/null +++ b/bean.jinwei.me/config/roles/beancount/tasks/main.yaml @@ -0,0 +1,38 @@ +- name: login to docker hub + community.docker.docker_login: + username: "{{ lookup('aws_ssm', '/jinwei-me/docker/username') }}" + password: "{{ lookup('aws_ssm', '/jinwei-me/docker/token') }}" + +- name: pull ledger Docker image + community.docker.docker_image: + name: "{{ bean_image }}:{{ bean_image_tag }}" + source: pull + +- name: Create directory + file: + path: "{{ bean_home }}" + state: directory + mode: '0755' + +- name: render config file + template: + src: docker-compose.yaml.j2 + dest: "{{ bean_home }}/docker-compose.yaml" + mode: 0644 + +- name: start ledger container using docker-compose + community.docker.docker_compose: + project_name: ledger + project_src: "{{ bean_home }}" + register: output + +#- name: setup cronjob for additional backup +# cron: +# cron_file: wordpress_backup_hetzner +# user: root +# state: present +# name: "wordpress backup" +# minute: "0" +# hour: "0" +# day: "*" +# job: "tar caf /tmp/wordpress-$(date -u +\\%Y-\\%m-\\%d-\\%H-\\%M-\\%S\\%Z).tar.xz {{ wordpress_home }} && rsync -azvP /tmp/wordpress-*.tar.xz {{ samba_backup_path }}" diff --git a/bean.jinwei.me/config/roles/beancount/templates/docker-compose.yaml.j2 b/bean.jinwei.me/config/roles/beancount/templates/docker-compose.yaml.j2 new file mode 100644 index 0000000..757e701 --- /dev/null +++ b/bean.jinwei.me/config/roles/beancount/templates/docker-compose.yaml.j2 @@ -0,0 +1,9 @@ +version: '3' +services: + ledger: + image: {{ bean_image }}:{{ bean_image_tag }} + container_name: ledger + restart: always + ports: + - 30082:8081 + - 30083:8080 diff --git a/bean.jinwei.me/config/site.yaml b/bean.jinwei.me/config/site.yaml new file mode 100644 index 0000000..3b450f8 --- /dev/null +++ b/bean.jinwei.me/config/site.yaml @@ -0,0 +1,3 @@ +- hosts: jinwei-me + roles: + - role: beancount diff --git a/jinwei.me/infra/cloudflare.tf b/jinwei.me/infra/cloudflare.tf index bb26eb5..5db690e 100644 --- a/jinwei.me/infra/cloudflare.tf +++ b/jinwei.me/infra/cloudflare.tf @@ -35,6 +35,22 @@ resource "cloudflare_record" "tunnel_dns" { proxied = true } +resource "cloudflare_record" "bean" { + zone_id = data.cloudflare_zones.domain.zones[0].id + name = "bean.${var.site_domain}" + value = "${cloudflare_argo_tunnel.tunnel.id}.cfargotunnel.com" + type = "CNAME" + proxied = true +} + +resource "cloudflare_record" "beanweb" { + zone_id = data.cloudflare_zones.domain.zones[0].id + name = "beanweb.${var.site_domain}" + value = "${cloudflare_argo_tunnel.tunnel.id}.cfargotunnel.com" + type = "CNAME" + proxied = true +} + resource "cloudflare_tunnel_config" "tunnel_route" { account_id = var.cloudflare_account_id tunnel_id = cloudflare_argo_tunnel.tunnel.id -- cgit v1.2.3