sheppy/no-secrets-athq-ansible
1
0
Fork 0
mirror of https://github.com/FAUSheppy/no-secrets-athq-ansible synced 2025-12-08 05:01:37 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

feat: ntfy, new dispatcher & atlantis-verify update

Browse Source
This commit is contained in:
Johnathen Sheppard
2024-02-17 16:20:27 +00:00
parent 8742aace96
commit e827763ccb
6 changed files with 72 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
group_vars/all.yaml
View File

@@ -19,6 +19,10 @@ event_dispatcher_address: "{{ event_dispatcher_proto }}://{{ event_dispatcher_ho
event_dispatcher_user: dispatch event_dispatcher_user: dispatch
event_dispatcher_pass: HISTORY_PURGED_SECRET event_dispatcher_pass: HISTORY_PURGED_SECRET
ntfy_api_target: https://p.athq.de
ntfy_push_target: https://push.atlantishq.de
ntfy_api_access_token: HISTORY_PURGED_SECRET
ldap_password: flanigan ldap_password: flanigan
ldap_dc: "atlantishq" ldap_dc: "atlantishq"
ldap_org: "atlantishq de" ldap_org: "atlantishq de"

8
roles/docker-deployments/tasks/main.yaml
View File

@@ -57,7 +57,7 @@
- python-flask-picture-factory - python-flask-picture-factory
- money-balancer - money-balancer
- atlantis-web-check - atlantis-web-check
- gotify - ntfy
- name: Copy AtlantisHub config - name: Copy AtlantisHub config
copy: copy:
@@ -106,7 +106,7 @@
- python-flask-picture-factory - python-flask-picture-factory
- money-balancer - money-balancer
- atlantis-web-check - atlantis-web-check
- gotify - ntfy
- name: Copy compose templates - name: Copy compose templates
template: template:
@@ -129,7 +129,7 @@
- python-flask-picture-factory - python-flask-picture-factory
- money-balancer - money-balancer
- atlantis-web-check - atlantis-web-check
- gotify - ntfy
- name: Log into private registry - name: Log into private registry
docker_login: docker_login:
@@ -160,7 +160,7 @@
- python-flask-picture-factory - python-flask-picture-factory
- money-balancer - money-balancer
- atlantis-web-check - atlantis-web-check
- gotify - ntfy
- name: OAuth2Proxy directories - name: OAuth2Proxy directories
file: file:

4
roles/docker-deployments/templates/atlantis-verify.yaml
View File

@@ -22,6 +22,10 @@ atlantis-verify:
DISPATCH_AUTH_USER: {{ event_dispatcher_user }} DISPATCH_AUTH_USER: {{ event_dispatcher_user }}
DISPATCH_AUTH_PASSWORD: {{ event_dispatcher_pass }} DISPATCH_AUTH_PASSWORD: {{ event_dispatcher_pass }}
NTFY_ACCESS_TOKEN: {{ ntfy_api_access_token }}
NTFY_API_TARGET: {{ ntfy_api_target }}
NTFY_PUSH_TARGET: {{ ntfy_push_target }}
ports: ports:
- {{ services[item].port + 1000 }}:5000 - {{ services[item].port + 1000 }}:5000
volumes: volumes:

24
roles/docker-deployments/templates/event-dispatcher.yaml
View File

@@ -6,9 +6,29 @@ event-dispatcher:
volumes: volumes:
- "/data/event-dispatcher/instance/:/app/instance/" - "/data/event-dispatcher/instance/:/app/instance/"
environment: environment:
SIGNAL_API_PASS: "{{ event_dispatcher_pass }}"
LDAP_SERVER : "{{ ldap_connection_url }}" LDAP_SERVER : "{{ ldap_connection_url }}"
LDAP_BIND_DN : "{{ ldap_bind_dn }}" LDAP_BIND_DN : "{{ ldap_bind_dn }}"
LDAP_BIND_PW : "{{ ldap_password }}" LDAP_BIND_PW : "{{ ldap_password }}"
LDAP_BASE_DN : "{{ ldap_user_dn }}" LDAP_BASE_DN : "{{ ldap_user_dn }}"
SIGNAL_GATEWAY_PASS: "{{ event_dispatcher_token }}"
event-dispatcher-worker:
image: registry.atlantishq.de/athq/event-dispatcher-worker
restart: always
environment:
DISPATCH_SERVER: "{{ event_dispatcher_proto }}://{{ event_dispatcher_host }}"
DISPATCH_USER: "{{ event_dispatcher_user }}"
DISPATCH_PASSWORD: "{{ event_dispatcher_pass }}"
NTFY_PUSH_TARGET: "{{ ntfy_push_target }}"
NTFY_USER: "admin"
NTFY_PASSWORD: "{{ ntfy_api_access_token }}"
NTFY_API_SERVER: "{{ ntfy_api_target }}"
NTFY_API_TOKEN: "{{ ntfy_api_access_token }}"
LDAP_SERVER : "{{ ldap_connection_url }}"
LDAP_BIND_DN : "{{ ldap_bind_dn }}"
LDAP_BIND_PW : "{{ ldap_password }}"
LDAP_BASE_DN : "{{ ldap_user_dn }}"

11
roles/docker-deployments/templates/gotify.yaml
View File

@@ -1,11 +0,0 @@
gotify:
image: gotify/server
restart: always
environment:
- TZ="Europe/Berlin"
- GOTIFY_DEFAULTUSER_NAME={{ gotify_user }}
- GOTIFY_DEFAULTUSER_PASS={{ gotify_password }}
ports:
- 4001:80
volumes:
- /data/gotify/data:/app/data

38
roles/docker-deployments/templates/ntfy.yaml Normal file
View File

@@ -0,0 +1,38 @@
version: "2.3"
services:
ntfy:
image: binwiederhier/ntfy
container_name: ntfy
command:
- serve
environment:
NTFY_BASE_URL: "https://push.atlantishq.de"
NTFY_BEHIND_PROXY: "true"
NTFY_AUTH_FILE: "/userdb/user.db"
NTFY_AUTH_DEFAULT_ACCESS: "deny-all"
volumes:
- /data/ntfy/cache/ntfy:/var/cache/ntfy
- /data/ntfy/etc/ntfy:/etc/ntfy
- /data/ntfy/userdb/:/userdb/
ports:
- 4001:80
healthcheck: # optional: remember to adapt the host:port to your environment
test: ["CMD-SHELL", "wget -q --tries=1 http://localhost:80/v1/health -O - | grep -Eo '\"healthy\"\\s*:\\s*true' || exit 1"]
interval: 60s
timeout: 10s
retries: 3
start_period: 40s
restart: unless-stopped
ntfy-api:
image: harbor-registry.atlantishq.de/atlantishq/ntfy-api
ports:
- 4002:5000
depends_on:
- ntfy
environment:
ACCESS_TOKEN: {{ ntfy_api_access_token }}
NTFY_AUTH_FILE: "/userdb/user.db"
volumes:
- /data/ntfy/userdb/:/userdb/
- /data/ntfy/instance/:/app/instance/