Chewing_Bever
/
homelab
1
0
Fork 0
Code Issues 6 Wiki Activity

actual: add config

main
Jef Roosens 2025-01-17 23:10:02 +01:00
parent 787a63ea0d
commit 942dd6b876
No known key found for this signature in database
GPG Key ID: 21FD3D77D56BAF49
11 changed files with 137 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
hosts.ini
View File

@ -44,3 +44,6 @@
[calathea]
192.168.0.2 static_ip=192.168.0.2
[actual]
192.168.0.3 static_ip=192.168.0.3

6
nas.yml
View File

@ -94,3 +94,9 @@
roles:
- syncthing
tags: syncthing
- hosts: nas
become: yes
roles:
- actual
tags: actual

3
roles/actual-web/meta/main.yml 100644
View File

@ -0,0 +1,3 @@
---
dependencies:
- role: caddy

9
roles/actual-web/tasks/main.yml 100644
View File

@ -0,0 +1,9 @@
---
- name: Ensure Caddyfile is present
template:
src: 'actual.Caddyfile.j2'
dest: '/etc/caddy/actual.Caddyfile'
owner: root
group: root
mode: '0644'
notify: caddy-reload

3
roles/actual-web/templates/actual.Caddyfile.j2 100644
View File

@ -0,0 +1,3 @@
actual.roosens.me {
reverse_proxy {{ hostvars[groups['actual'][0]].static_ip }}:8014
}

12
roles/actual/files/actual.data.backup.sh 100644
View File

@ -0,0 +1,12 @@
#!/usr/bin/env bash
data_dir='/mnt/data1/actual/data'
snapshot_dir="${data_dir}.snapshot"
# Read-only snapshot for atomic backup
btrfs subvolume snapshot -r "$data_dir" "$snapshot_dir" || exit $?
/usr/local/bin/restic backup "$snapshot_dir"
# Always remove snapshot subvolume, even if restic fails
btrfs subvolume delete "$snapshot_dir"

13
roles/actual/files/actual.service 100644
View File

@ -0,0 +1,13 @@
[Unit]
Description=A local-first personal finance app
After=docker.service
Requires=docker.service
[Service]
Type=exec
WorkingDirectory=/etc/actual
ExecStart=/usr/bin/docker compose up
ExecStop=/usr/bin/docker compose down
[Install]
WantedBy=multi-user.target

8
roles/actual/files/compose.yml 100644
View File

@ -0,0 +1,8 @@
services:
app:
image: 'actualbudget/actual-server:latest-alpine'
ports:
- '8014:5006'
volumes:
- '/mnt/data1/actual/data:/data'

5
roles/actual/handlers/main.yml 100644
View File

@ -0,0 +1,5 @@
---
- name: 'restart actual'
ansible.builtin.service:
name: 'actual'
state: 'restarted'

68
roles/actual/tasks/main.yml 100644
View File

@ -0,0 +1,68 @@
---
- name: Ensure data directory is present
ansible.builtin.file:
path: '/mnt/data1/actual'
state: directory
mode: '0755'
owner: 'root'
group: 'root'
- name: Ensure data subvolumes are present
community.general.btrfs_subvolume:
name: '/actual/{{ item }}'
loop:
- 'data'
- name: Ensure subvolume permissions are correct
ansible.builtin.file:
path: "/mnt/data1/actual/{{ item }}"
state: directory
mode: '0755'
owner: '1001'
group: '1001'
loop:
- 'data'
- name: Ensure configuration directory is present
ansible.builtin.file:
path: '/etc/actual'
state: directory
mode: '0755'
- name: Ensure compose file is present
ansible.builtin.copy:
src: 'compose.yml'
dest: '/etc/actual/compose.yml'
mode: '0644'
owner: 'root'
group: 'root'
notify: 'restart actual'
- name: Ensure backup scripts are present
ansible.builtin.copy:
src: "actual.{{ item }}.backup.sh"
dest: "/etc/backups/actual.{{ item }}.backup.sh"
owner: 'root'
group: 'root'
mode: '0644'
loop:
- 'data'
- name: Ensure service file is present
ansible.builtin.copy:
src: 'actual.service'
dest: '/lib/systemd/system/actual.service'
owner: 'root'
group: 'root'
mode: '0644'
register: res
- name: systemd-reload
ansible.builtin.systemd_service:
daemon_reload: true
when: 'res.changed'
- name: Ensure actual service is enabled
ansible.builtin.service:
name: 'actual'
enabled: true

8
web.yml
View File

@ -1,4 +1,4 @@
---
- hosts: web
become: yes
roles:
@ -70,3 +70,9 @@
roles:
- calathea-web
tags: calathea
- hosts: web
become: yes
roles:
- actual-web
tags: actual