myLimbo/casa
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

removed code server and portainer from services stack

Browse Source
This commit is contained in:
Márcio Fernandes
2024-12-01 19:54:39 +00:00
parent c3d38369bd
commit 1d21aeee42
7 changed files with 86 additions and 175 deletions
Download Patch File Download Diff File Expand all files Collapse all files

60
.gitea/workflows/host.yml
View File

@@ -1,38 +1,38 @@
name: deploy host
on:
push:
paths:
- "ansible/**"
- ".gitea/workflows/**host**.yml"
jobs:
Deploy:
runs-on: "vlan-casa_continous-deploy"
steps:
- name: Checkout code
uses: actions/checkout@v2
# name: deploy host
# on:
# push:
# paths:
# - "ansible/**"
# - ".gitea/workflows/**host**.yml"
# jobs:
# Deploy:
# runs-on: "vlan-casa_continous-deploy"
# steps:
# - name: Checkout code
# uses: actions/checkout@v2
- name: setup ssh
run: |
echo "${{ secrets.HOST_ANSIBLE_PRIVATE_KEY }}" > ${GITHUB_WORKSPACE}/ssh-key &&
chmod 600 ${GITHUB_WORKSPACE}/ssh-key
# - name: setup ssh
# run: |
# echo "${{ secrets.HOST_ANSIBLE_PRIVATE_KEY }}" > ${GITHUB_WORKSPACE}/ssh-key &&
# chmod 600 ${GITHUB_WORKSPACE}/ssh-key
- name: setup Ansible Inventory file
run: |
cat >> ansible/inventory.yml << 'END'
all:
hosts:
homesrv01:
ansible_host: ${{secrets.HOST_ANSIBLE_HOST}}
ansible_user: ${{secrets.HOST_ANSIBLE_REMOTE_USER }}
ansible_become_pass: "${{secrets.HOST_ANSIBLE_BECOME_PASS}}"
END
# - name: setup Ansible Inventory file
# run: |
# cat >> ansible/inventory.yml << 'END'
# all:
# hosts:
# homesrv01:
# ansible_host: ${{secrets.HOST_ANSIBLE_HOST}}
# ansible_user: ${{secrets.HOST_ANSIBLE_REMOTE_USER }}
# ansible_become_pass: "${{secrets.HOST_ANSIBLE_BECOME_PASS}}"
# END
- name: Run Ansible Playbook
run: |
cd ${GITHUB_WORKSPACE}
export ANSIBLE_HOST_KEY_CHECKING=False; ansible-playbook ansible/site.yml --private-key ${GITHUB_WORKSPACE}/ssh-key
# - name: Run Ansible Playbook
# run: |
# cd ${GITHUB_WORKSPACE}
# export ANSIBLE_HOST_KEY_CHECKING=False; ansible-playbook ansible/site.yml --private-key ${GITHUB_WORKSPACE}/ssh-key

26
.gitea/workflows/services.nginx.yml
View File

@@ -1,13 +1,13 @@
name: Portainer stack nginx
on:
push:
paths:
- "services/nginx/**"
- ".gitea/workflows/**nginx**.yml"
jobs:
deploy:
runs-on: "vlan-casa_continous-deploy"
steps:
- name: Portainer stack nginx webhook
run: |
curl -X POST "${{secrets.PORTAINER_NGINX_WEBHOOK_URL}}"
# name: Portainer stack nginx
# on:
# push:
# paths:
# - "services/nginx/**"
# - ".gitea/workflows/**nginx**.yml"
# jobs:
# deploy:
# runs-on: "vlan-casa_continous-deploy"
# steps:
# - name: Portainer stack nginx webhook
# run: |
# curl -X POST "${{secrets.PORTAINER_NGINX_WEBHOOK_URL}}"

26
.gitea/workflows/services.wyoming.yml
View File

@@ -1,13 +1,13 @@
name: Portainer stack wyoming
on:
push:
paths:
- "services/wyoming/**"
- ".gitea/workflows/**wyoming**.yml"
jobs:
deploy:
runs-on: "vlan-casa_continous-deploy"
steps:
- name: Portainer stack wyoming webhook
run: |
curl -X POST "${{secrets.PORTAINER_WYOMING_WEBHOOK_URL}}" --insecure
# name: Portainer stack wyoming
# on:
# push:
# paths:
# - "services/wyoming/**"
# - ".gitea/workflows/**wyoming**.yml"
# jobs:
# deploy:
# runs-on: "vlan-casa_continous-deploy"
# steps:
# - name: Portainer stack wyoming webhook
# run: |
# curl -X POST "${{secrets.PORTAINER_WYOMING_WEBHOOK_URL}}" --insecure

84
README.md
View File

@@ -17,14 +17,11 @@ The server itself is on its own vlan (Vlan: homesrv) but requires communication
- [myInfra stack](#myinfra-stack)
- [SSH](#ssh)
- [nginx](#nginx)
- [code-server](#code-server)
- [Home Assistant](#home-assistant)
- [Lyrion Music Server (LMS)](#lyrion-music-server-lms)
- [Mosquitto](#mosquitto)
- [Wyoming](#wyoming)
- [Zigbee2mqtt](#zigbee2mqtt)
- [Maintenance and Development](#maintenance-and-development)
- [Docker devices](#docker-devices)
- [Proxmox - lxc container](#proxmox---lxc-container)
- [Operating System](#operating-system)
- [Development, Maintenance and Deployment](#development-maintenance-and-deployment)
@@ -46,65 +43,10 @@ Deployed and maintained by ansible role [myInfra.dev.homesrv1](#ansible-roles).
### nginx
Using portainer stack (stack name: nginx) connected to this repo. [Docker Compose](./services/nginx/docker-compose.yaml)
[Docker Compose](./services/nginx/docker-compose.yaml)
All sites configurations set during docker build.
### code-server
Using [custom code-server docker image](/kb/code-server/), includes:
- docker-cli
- ansible
- ansible-lint
For more flexibility on bind mount, stack is maintained directly on portainer (stack name: code-server).
docker-compose.yml example.
```yaml
version: '3'
services:
code-server:
container_name: code
image: git.limbosolutions.com/kb/code-server:latest
environment:
- PUID=0
- PGID=0
- TZ=Europe/London
- PASSWORD=${CODESERVER_PASSWORD}
- DEFAULT_WORKSPACE=/config/workspace
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- code-server_config:/config
- code-server_root:/root
- has_config:/config/workspace/has/volumes/config
- /:/mnt/hostfs
networks:
- code
- reverseproxy_public
ports:
- 8444:8443
restart: unless-stopped
volumes:
# zigbee2mqtt_data:
# name: zigbee2mqtt_data
# external: true
code-server_config:
code-server_root:
has_config:
name: has_app_config
external: true
#mosquitto_config:
# external: true
#mosquitto_data:
# external: true
networks:
code:
reverseproxy_public:
external: true
```
### Home Assistant
[Git Repo](https://git.limbosolutions.com/marcio.fernandes/homeAssistant)
@@ -135,9 +77,7 @@ This is an open standard of the Open Home Foundation.
For more information about home assistant integration [check home assistant repo](/marcio.fernandes/homeassistant#wyoming).
Currently using portainer stack (name: wyoming) with git reference to this repo. [docker compose file](./services/wyoming/docker-compose.yaml).
Gitea [Continuous deploy action](./.gitea/workflows/services.wyoming.yml)
[docker compose file](./services/wyoming/docker-compose.yaml).
Links:
@@ -150,7 +90,6 @@ Links:
Zigbee to MQTT bridge, get rid of your proprietary Zigbee bridges
[docker compose](./services/zigbee2mqtt/docker-compose.yaml)
SONOFF Universal Zigbee 3.0 USB Dongle Plus attached on [proxmox host](#proxmox---lxc-container).
@@ -164,20 +103,7 @@ chown 100000:100020 /dev/ttyUSB0
chown 100000:100020 /dev/serial/by-id/usb-ITead_Sonoff_Zigbee_3.0_USB_Dongle_Plus_c0e8eeb4b38ded118e7c06f6b86ce6f8-if00-port0
```
### Maintenance and Development
Using lazarus dev device with vscode and docker context connected to homesrv01.
#### Docker devices
```yaml
....
devices:
# Make sure this matched your adapter location
- /dev/ttyUSB0:/dev/ttyUSB0
....
```
[docker compose](./services/zigbee2mqtt/docker-compose.yaml)
Links
@@ -260,9 +186,7 @@ Codename: noble
## Development, Maintenance and Deployment
Using gitea action for continuous deploys, visual studio code ([code workspace](./.code-workspace)) on my machine for maintenance and development related to hosting server, and a docker container with code server for editing docker container volumes.
Ansible scripts can be used locally, remotely or by gitea actions.
Using visual studio code, docker, ansible and gitea actions.
### Docker context

23
services/gitlimbo_runner/docker-compose.yml Normal file
View File

@@ -0,0 +1,23 @@
version: "3"
services:
runner:
image: git.limbosolutions.com/kb/gitea/act-runner_ansible:0.2.11
restart: always
volumes:
- gitlimbo_act_runner-data:/data
- gitlimbo_act_runner-config:/config
#- /var/run/docker.sock:/var/run/docker.sock
environment:
- GITEA_INSTANCE_URL=${GITEA_INSTANCE_URL}
# When using Docker Secrets, it's also possible to use
# GITEA_RUNNER_REGISTRATION_TOKEN_FILE to pass the location.
# The env var takes precedence.
# Needed only for the first start.
- CONFIG_FILE= /config/config.yaml
- GITEA_RUNNER_REGISTRATION_TOKEN=${GITEA_RUNNER_REGISTRATION_TOKEN}
- GITEA_RUNNER_NAME=vlan-casa_actrunner
#- GITEA_RUNNER_CONFIG_FILE="/config/config.yaml"
- GITEA_RUNNER_LABELS="vlan-casa_continous-deploy:host"
volumes:
gitlimbo_act_runner-data:
gitlimbo_act_runner-config:

2
services/nginx/docker-compose.yaml
View File

@@ -25,5 +25,5 @@ networks:
external: true
private:
name: reverseproxy_private
external: true

40
services/nginx/docker/nginx.conf.d/has.conf
View File

@@ -15,46 +15,10 @@ server {
proxy_set_header Connection $connection_upgrade;
}
location ^~ /code/ {
proxy_pass http://code:8443/;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Protocol $scheme;
proxy_set_header X-Url-Scheme $scheme;
# WebSocket support
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
}
server {
ssl_certificate /etc/ssl/certs/nginx-selfsigned.crt;
ssl_certificate_key /etc/ssl/private/nginx-selfsigned.key;
listen 443 ssl default_server;
location ^~ /code/ {
proxy_pass http://code:8443/;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Protocol $scheme;
proxy_set_header X-Url-Scheme $scheme;
# WebSocket support
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
}