pet-project-server/ansible/configuration.yml

---
- hosts: all
  vars:
    notes_port: 41080
    dayoff_port: 41081
  vars_files:
    - vars/vars.yml

  tasks:

    - name: 'Install additional packages.'
      apt:
        name: '{{ packages }}'
        update_cache: yes
      vars:
        packages:
          - python3-pip

    - import_role:
        name: yatesr.timezone
      vars:
        timezone: UTC

    - import_role:
        name: geerlingguy.security
      vars:
        security_ssh_permit_root_login: "yes"
        security_autoupdate_enabled: false
        security_fail2ban_enabled: false

    - name: 'Install python docker lib.'
      pip:
        name: docker

    - import_role:
        name: geerlingguy.docker

    - import_role:
        name: antoiner77.caddy
      vars:
        caddy_config: '{{ lookup("template", "templates/Caddyfile.j2") }}'
        caddy_update: False
        caddy_setcap: True
        caddy_systemd_capabilities_enabled: True
        caddy_systemd_capabilities: "CAP_NET_BIND_SERVICE"
      tags:
        - webserver

    - import_role:
        name: netdata
      vars:
        netdata_version: 'v1.18.1'
      tags:
        - monitoring

    # Applications

    - import_role:
        name: docker-app
      vars:
        username: homepage
        extra_groups:
          - www-data
          - docker
        ssh_keys:
          - '{{ lookup("file", "files/av_id_rsa.pub") }}'
        env:
          DOCKER_PREFIX: homepage
      tags:
        - apps

    - import_role:
        name: docker-app
      vars:
        username: notes
        extra_groups:
          - docker
        ssh_keys:
          - '{{ lookup("file", "files/av_id_rsa.pub") }}'
        env:
          PROJECT_NAME: notes
          IMAGE_PREFIX: notes
          CONTAINER_PREFIX: notes
          WEB_SERVER_PORT: '127.0.0.1:{{ notes_port }}'
          DATA_DIR: /home/notes/app/data
          CACHE_DIR: /home/notes/app/cache
          APP_ENV: prod
          SYMFONY_ENV: prod
          SECRET_TOKEN: '{{ notes.secret }}'
          DATABASE_HOST: notes-db
          DATABASE_PORT: 3306
          DATABASE_NAME: notes
          DATABASE_USER: notes
          DATABASE_PASSWORD: notes
          DATABASE_SEARCH_HOST: notes-db-search
          DATABASE_SEARCH_PORT: 3306
          DATABASE_SEARCH_NAME: notes-search
          DATABASE_SEARCH_USER: notes-search
          DATABASE_SEARCH_PASSWORD: notes-search
          MAILER_HOST: 127.0.0.1
          MAILER_PORT: 1025
          MAILER_USER: noreply@notes.tld
          MAILER_PASSWORD: ''
      tags:
        - apps

    - import_role:
        name: docker-app
      vars:
        username: dayoff
        extra_groups:
          - docker
        ssh_keys:
          - '{{ lookup("file", "files/av_id_rsa.pub") }}'
          - '{{ lookup("file", "files/dayoff_id_rsa.pub") }}'
        env:
          DOCKER_PREFIX: dayoff
          PROJECT_NAME: dayoff
          IMAGE_PREFIX: dayoff
          CONTAINER_PREFIX: dayoff
          WEB_SERVER_PORT: '127.0.0.1:{{ dayoff_port }}'
      tags:
        - apps