baikal: add server config

main
Jef Roosens 2024-02-13 09:41:35 +01:00
parent ef8f5da37d
commit 35de046d69
Signed by: Jef Roosens
GPG Key ID: B75D4F293C7052DB
8 changed files with 95 additions and 0 deletions

View File

@ -0,0 +1,3 @@
---
dependencies:
- role: caddy

View File

@ -0,0 +1,9 @@
---
- name: Ensure Caddyfile is present
template:
src: 'baikal.Caddyfile.j2'
dest: '/etc/caddy/baikal.Caddyfile'
owner: root
group: root
mode: '0644'
notify: caddy-reload

View File

@ -0,0 +1,3 @@
dav.roosens.me {
reverse_proxy {{ hostvars[groups['baikal'][0]].static_ip }}:8005
}

View File

@ -0,0 +1,12 @@
#!/usr/bin/env bash
data_dir='/mnt/data1/baikal'
snapshot_dir="${data_dir}.snapshot"
# Read-only snapshot for atomic backup
btrfs subvolume snapshot -r "$data_dir" "$snapshot_dir" || exit $?
/usr/local/bin/restic backup "$snapshot_dir"
# Always remove snapshot subvolume, even if restic fails
btrfs subvolume delete "$snapshot_dir"

View File

@ -0,0 +1,11 @@
version: '3'
services:
app:
image: 'ckulka/baikal:0.9.4-nginx'
restart: always
ports:
- '8005:80'
volumes:
- '/mnt/data1/baikal/config:/var/www/baikal/config'
- '/mnt/data1/baikal/Specific:/var/www/baikal/Specific'

View File

@ -0,0 +1,44 @@
---
- name: Ensure data directory is present
ansible.builtin.file:
path: '/mnt/data1/baikal'
state: directory
mode: '0755'
owner: 'root'
group: 'root'
- name: Ensure data subvolumes are present
community.general.btrfs_subvolume:
name: '/baikal/{{ item }}'
loop:
- 'Specific'
- 'config'
- name: Ensure configuration directory is present
ansible.builtin.file:
path: '/etc/baikal'
state: directory
mode: '0755'
- name: Ensure compose file is present
ansible.builtin.copy:
src: 'compose.yml'
dest: '/etc/baikal/compose.yml'
mode: '0644'
owner: 'root'
group: 'root'
register: res
- name: Ensure stack is deployed
ansible.builtin.shell:
chdir: '/etc/baikal'
cmd: 'docker compose up -d --remove-orphans'
when: 'res.changed'
- name: Ensure backup script is present
ansible.builtin.copy:
src: 'baikal.backup.sh'
dest: '/etc/backups/baikal.backup.sh'
owner: 'root'
group: 'root'
mode: '0644'

View File

@ -44,3 +44,10 @@
roles: roles:
- miniflux - miniflux
tags: miniflux tags: miniflux
- name: Ensure Baikal is installed
hosts: ruby
become: yes
roles:
- baikal
tags: baikal

View File

@ -28,3 +28,9 @@
roles: roles:
- matrix-web - matrix-web
tags: matrix tags: matrix
- hosts: web
become: yes
roles:
- baikal-web
tags: baikal