Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add docker role for kmicms #96

Merged
merged 1 commit into from
Dec 1, 2024
Merged

Add docker role for kmicms #96

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions config.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -57,3 +57,5 @@
tags: docker-ferry
- role: docker_kmibot
tags: docker-kmibot
- role: docker_kmicms
tags: docker-kmicms
2 changes: 1 addition & 1 deletion group_vars/all/docker.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,4 +9,4 @@ docker_compose_directory_mask: "775"
# Run this task manually, as version comparisons usually fail
docker_compose_url: https://github.com/docker/compose-switch/releases/latest/download/docker-compose-linux-amd64

docker_update_command: docker-compose pull && docker-compose down && docker-compose rm && docker-compose up -d --build
docker_update_command: docker-compose pull && docker-compose down && docker-compose rm && docker-compose up --detach --build
49 changes: 49 additions & 0 deletions host_vars/CONTAINERS-1/kmicms.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,49 @@
docker_kmicms_hostname: sown-staging.containers-dev.sown.org.uk
docker_kmicms_sso_oidc_app_name: kmicms-staging

docker_kmicms_sso_staff_group_name: staging:kmicms:staff
docker_kmicms_sso_superuser_group_name: staging:kmicms:superuser

docker_kmicms_recaptcha_public_key: a
docker_kmicms_recaptcha_private_key: a

docker_kmicms_django_secret_key: !vault |
$ANSIBLE_VAULT;1.1;AES256
31663365333163323361386566363636643339656265663139346262323037393935343635313265
3834633333366131303665626264393766366537323238610a623738373761663136313034623762
37396663396266393066363530386161333332323561613538346564303265303262346261653334
3731386561346437310a333332646239363463393364396134653038346634336338653665313433
64323661333635303836393766646536356462636137613065666437333138323337373264656465
31373865376466363561373962306265336537353431653263333533663765363736316433646630
34623831313738366365316465336263393835306466323165393462323231353365623236383764
39333962643836616166643064383063353132336636613333353866363339613639366338363132
3939
docker_kmicms_sso_oidc_client_id: !vault |
$ANSIBLE_VAULT;1.1;AES256
34643039653133323939336364613566313730636535363262333365306632383932663536346133
6365623662663161393937336264396663383363306665360a376164663431363632303737616465
37653566623636323036333565333161646464663933633039303535386564656530383435396365
6135306663373536650a343265326536333837666662626233393161373566333664613337303535
61363964613765633362373762396138366239613863396131656430396165326137626438393237
3761383539383462613432633665656534373863346662343232
docker_kmicms_sso_oidc_client_secret: !vault |
$ANSIBLE_VAULT;1.1;AES256
63323463313062356132396336336638656535663133333234363736376331653262626134333337
3530396562386232636434653265313633373461626264340a333030643030343239643830633532
62313131656332663864646130313431336662653731393931393932363665386536303863613663
3037306331656338330a646538323533393238646665613239646438336262313732653961386238
39313439306162656264383666333638653434356438643637393633316530363435313330346435
63313630633663336364353564366539356565323430653433373063306365323764383334316635
63366436313339303039383139646666323131646164386131613134333930326139323866396538
62346632316234636535383665346430306262383664353837373961386464396361393536623963
61373435636632653238353234353233646437653564303432616232383931613432323133656664
35653261663731336637633136343766386365663265663262396263643863646130653930616564
373065633931366535373534373035633136
docker_kmi_cms_netbox_api_token: !vault |
$ANSIBLE_VAULT;1.1;AES256
33393437663133386434323631633830346630383436363765653434376461373364333839383936
3135316164303638623336653631363636663462626133640a373034303436626561616637666665
39613063656230323638653831353937613861613533343862643661303661343839323432323733
3761313862323264390a663433353038353930323962373764663561386233363937396163393663
30653735663534303431643236303537616565643763613463656162343233396339626637663366
3631616232353935373666633630303236663731323564363339
37 changes: 37 additions & 0 deletions roles/docker_kmicms/files/docker-compose.override.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,37 @@
services:
nginx:
restart: always
networks:
- traefik
- default
labels:
- traefik.enable=true
- traefik.http.routers.kmicms-staging.rule=Host(`{{ docker_kmicms_hostname }}`)
- traefik.http.services.kmicms-staging.loadbalancer.server.port=80
- traefik.http.routers.kmicms-staging.tls.certresolver=le

web:
restart: always
environment:
- REDIS_URL=redis://cache:6379
- SQL_DATABASE=wagtail
- SQL_USER=wagtail
- SQL_PASSWORD=wagtail
- SQL_HOST=db
- SQL_PORT=5432
- SECRET_KEY={{ docker_kmicms_django_secret_key }}
- SSO_OIDC_CONFIGURATION_URL=https://sso.sown.org.uk/application/o/{{ docker_kmicms_sso_oidc_app_name }}/.well-known/openid-configuration
- SSO_OIDC_CLIENT_ID={{ docker_kmicms_sso_oidc_client_id }}
- SSO_OIDC_CLIENT_SECRET={{ docker_kmicms_sso_oidc_client_secret }}
- SSO_STAFF_GROUP_NAME={{ docker_kmicms_sso_staff_group_name }}
- SSO_SUPERUSER_GROUP_NAME={{ docker_kmicms_sso_superuser_group_name }}
- NETBOX_API_TOKEN={{ docker_kmi_cms_netbox_api_token }}
- RECAPTCHA_PUBLIC_KEY={{ docker_kmicms_recaptcha_public_key }}
- RECAPTCHA_PRIVATE_KEY={{ docker_kmicms_recaptcha_private_key }}

db:
restart: always

networks:
traefik:
external: true
4 changes: 4 additions & 0 deletions roles/docker_kmicms/handlers/main.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
- name: Restart kmicms # noqa: no-changed-when
command:
chdir: /opt/kmicms
cmd: "{{ docker_update_command }}"
14 changes: 14 additions & 0 deletions roles/docker_kmicms/tasks/main.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
- name: Checkout kmicms into /opt/kmicms
git:
repo: https://github.com/sown/kmicms.git
dest: /opt/kmicms
version: 2e97d64038b8ca783f624a6caae83d3b7b9c8e71
notify: Restart kmicms

- name: Install compose file
template:
src: files/docker-compose.override.yml
dest: /opt/kmicms/docker-compose.override.yml
mode: "{{ docker_compose_file_mask }}"
owner: "{{ docker_user.name }}"
notify: Restart kmicms