From ab89c858445fc61b5702d013db472e544dd6df5f Mon Sep 17 00:00:00 2001 From: Ian Roddis <31021769+iroddis@users.noreply.github.com> Date: Mon, 23 Mar 2026 14:34:12 -0300 Subject: [PATCH] Adding website hosting --- inventories/production/group_vars/all.yml | 3 +++ playbooks/site.yml | 2 ++ roles/website/defaults/main.yml | 3 +++ roles/website/handlers/main.yml | 6 +++++ roles/website/tasks/main.yml | 21 ++++++++++++++++ roles/website/templates/docker-compose.yml.j2 | 24 +++++++++++++++++++ 6 files changed, 59 insertions(+) create mode 100644 roles/website/defaults/main.yml create mode 100644 roles/website/handlers/main.yml create mode 100644 roles/website/tasks/main.yml create mode 100644 roles/website/templates/docker-compose.yml.j2 diff --git a/inventories/production/group_vars/all.yml b/inventories/production/group_vars/all.yml index 171c5c5..fc30086 100644 --- a/inventories/production/group_vars/all.yml +++ b/inventories/production/group_vars/all.yml @@ -107,6 +107,9 @@ forgejo_admin_password: "changeme_forgejo_admin" forgejo_admin_email: "admin@{{ base_domain }}" forgejo_ssh_port: 2222 +# Website +website_nginx_version: "alpine" + # SMTP (for services that send email) smtp_host: "stalwart" smtp_port: 587 diff --git a/playbooks/site.yml b/playbooks/site.yml index 7114faf..a749626 100644 --- a/playbooks/site.yml +++ b/playbooks/site.yml @@ -29,3 +29,5 @@ tags: [vaultwarden, passwords, vault] - role: forgejo tags: [forgejo, git, vcs] + - role: website + tags: [website, web] diff --git a/roles/website/defaults/main.yml b/roles/website/defaults/main.yml new file mode 100644 index 0000000..98af253 --- /dev/null +++ b/roles/website/defaults/main.yml @@ -0,0 +1,3 @@ +--- +website_data_dir: "{{ sovereign_base_dir }}/website" +website_nginx_version: "alpine" diff --git a/roles/website/handlers/main.yml b/roles/website/handlers/main.yml new file mode 100644 index 0000000..14a2749 --- /dev/null +++ b/roles/website/handlers/main.yml @@ -0,0 +1,6 @@ +--- +- name: restart website + community.docker.docker_compose_v2: + project_src: "{{ website_data_dir }}" + state: present + recreate: always diff --git a/roles/website/tasks/main.yml b/roles/website/tasks/main.yml new file mode 100644 index 0000000..40dacc4 --- /dev/null +++ b/roles/website/tasks/main.yml @@ -0,0 +1,21 @@ +--- +- name: Create website directories + ansible.builtin.file: + path: "{{ item }}" + state: directory + mode: '0755' + loop: + - "{{ website_data_dir }}" + - "{{ website_data_dir }}/html" + +- name: Deploy website docker-compose + ansible.builtin.template: + src: docker-compose.yml.j2 + dest: "{{ website_data_dir }}/docker-compose.yml" + mode: '0644' + notify: restart website + +- name: Start website + community.docker.docker_compose_v2: + project_src: "{{ website_data_dir }}" + state: present diff --git a/roles/website/templates/docker-compose.yml.j2 b/roles/website/templates/docker-compose.yml.j2 new file mode 100644 index 0000000..6b83ee1 --- /dev/null +++ b/roles/website/templates/docker-compose.yml.j2 @@ -0,0 +1,24 @@ +services: + website: + image: nginx:{{ website_nginx_version }} + container_name: website + restart: unless-stopped + volumes: + - {{ website_data_dir }}/html:/usr/share/nginx/html:ro + labels: + - "traefik.enable=true" + - "traefik.http.routers.website.rule=Host(`{{ base_domain }}`)" + - "traefik.http.routers.website.tls=true" + - "traefik.http.routers.website.tls.certresolver=letsencrypt" + - "traefik.http.services.website.loadbalancer.server.port=80" + networks: + - {{ sovereign_network_name }} + logging: + driver: gelf + options: + gelf-address: "udp://{{ graylog_host }}:{{ graylog_gelf_port }}" + tag: "website" + +networks: + {{ sovereign_network_name }}: + external: true