44 lines
1.6 KiB
YAML
44 lines
1.6 KiB
YAML
---
|
|
- name: Include user role
|
|
ansible.builtin.include_role:
|
|
name: user
|
|
vars:
|
|
user_username: "{{ wedding_username }}"
|
|
user_password: "{{ wedding_password }}"
|
|
- name: Login to ghcr registry and create ${XDG_RUNTIME_DIR}/containers/auth.json
|
|
become: true
|
|
become_user: "{{ wedding_username }}"
|
|
containers.podman.podman_login:
|
|
username: "{{ github_registry_user }}"
|
|
password: "{{ github_registry_token }}"
|
|
registry: ghcr.io
|
|
- name: Create the wedding container
|
|
ansible.builtin.include_role:
|
|
name: podman-container
|
|
apply:
|
|
become: true
|
|
become_user: "{{ wedding_username }}"
|
|
vars:
|
|
podman_container_name: wedding-server
|
|
podman_container_image: ghcr.io/kleinendorst/wedding
|
|
podman_container_tag: "{{ wedding_version }}"
|
|
podman_container_publish:
|
|
- 127.0.0.1:3001:3000
|
|
podman_container_volumes: []
|
|
podman_container_env:
|
|
DATABASE_HOST: 'localhost' # TODO: Needs to be fixed later...
|
|
DATABASE_PORT: 5432
|
|
DATABASE_DBNAME: wedding
|
|
DATABASE_USER: "{{ postgres.user }}"
|
|
DATABASE_PASSWORD: "{{ postgres.password }}"
|
|
SESSION_SECRET: "{{ wedding_env.secret }}"
|
|
# NODE_ENV: production # TODO: Enable when ready for secure cookie testing...
|
|
WEDDING_FULL_ACCESS_CODE: "{{ wedding_env.full_access_code }}"
|
|
WEDDING_NIGHT_ACCESS_CODE: "{{ wedding_env.night_access_code }}"
|
|
- name: Include simple-reverse-proxy role
|
|
ansible.builtin.include_role:
|
|
name: simple-reverse-proxy
|
|
vars:
|
|
simple_reverse_proxy_external_port: 8443
|
|
simple_reverse_proxy_internal_port: 3001
|
|
simple_reverse_proxy_internal_subdomain: "{{ random_pre_proxy_domain_name }}"
|