vleeuwenmenno/dotfiles
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch 'master' of git.mvl.sh:vleeuwenmenno/dotfiles
Some checks failed
Ansible Lint Check / check-ansible (push) Failing after 18s
Details
Nix Format Check / check-format (push) Successful in 1m4s
Details
Python Lint Check / check-python (push) Failing after 13s
Details

Browse Source
This commit is contained in:
Menno van Leeuwen 2025-03-18 12:35:01 +01:00
commit f2d7c111e8
Signed by: vleeuwenmenno
SSH Key Fingerprint: SHA256:OJFmjANpakwD3F2Rsws4GLtbdz1TJ5tkQF0RZmF0TRE
6 changed files with 177 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
config/ansible/tasks/global/global.yml
View File

@ -35,6 +35,7 @@
- trash-cli - trash-cli
- curl - curl
- wget - wget
- httpie
# Python is used for the dotfiles CLI tools # Python is used for the dotfiles CLI tools
- python3 - python3
- python3-pip - python3-pip

2
config/ansible/tasks/servers/server.yml
View File

@ -29,7 +29,7 @@
enabled: false enabled: false
- name: jellyfin - name: jellyfin
enabled: true enabled: true
- name: jellyfin - name: seafile
enabled: true enabled: true
- name: uptime-kuma - name: uptime-kuma
enabled: true enabled: true

15
config/ansible/tasks/servers/services/caddy/Caddyfile.j2
View File

@ -22,3 +22,18 @@ status.vleeuwen.me status.mvl.sh {
reverse_proxy uptime-kuma:3001 reverse_proxy uptime-kuma:3001
tls {{ caddy_email }} tls {{ caddy_email }}
} }
sf.mvl.sh {
reverse_proxy seafile:80
tls {{ caddy_email }}
}
of.mvl.sh {
reverse_proxy onlyoffice:80 {
header_up Host {host}
header_up X-Real-IP {remote}
header_up X-Forwarded-For {remote}
header_up X-Forwarded-Proto {scheme}
}
tls {{ caddy_email }}
}

90
config/ansible/tasks/servers/services/seafile/docker-compose.yml.j2 Normal file
View File

@ -0,0 +1,90 @@
services:
db:
image: {{ seafile_db_image | default('mariadb:10.11') }}
container_name: seafile-mysql
environment:
MYSQL_ROOT_PASSWORD: {{ seafile_mysql_root_password | default('ROOT_PASSWORD') }}
MYSQL_USER: {{ seafile_mysql_db_user | default('seafile') }}
MYSQL_PASSWORD: {{ seafile_mysql_db_password | default('PASSWORD') }}
MYSQL_DATABASE: {{ seafile_mysql_db_name | default('seafile') }}
volumes:
- {{ seafile_mysql_volume | default('/opt/seafile-mysql/db') }}:/var/lib/mysql
networks:
- seafile-net
restart: unless-stopped
memcached:
image: {{ seafile_memcached_image | default('memcached:1.6.29') }}
container_name: seafile-memcached
entrypoint: memcached -m 256
networks:
- seafile-net
restart: unless-stopped
seafile:
image: {{ seafile_image | default('seafileltd/seafile-mc:12.0-latest') }}
container_name: seafile
environment:
- DB_HOST={{ seafile_mysql_db_host | default('db') }}
- DB_ROOT_PASSWD={{ seafile_mysql_root_password | default('ROOT_PASSWORD') }}
- TIME_ZONE={{ time_zone | default('Europe/Amsterdam') }}
- SEAFILE_ADMIN_EMAIL={{ seafile_admin_email | default('menno@vleeuwen.me') }}
- SEAFILE_ADMIN_PASSWORD={{ seafile_admin_password | default('WIP123') }}
- SEAFILE_SERVER_HOSTNAME={{ seafile_server_hostname | default('sf.mvl.sh') }}
- SEAFILE_SERVER_LETSENCRYPT=false
- SEADRIVE_SERVER_LETSENCRYPT=false
- SEAFILE_SERVER_PROTOCOL={{ seafile_server_protocol | default('http') }}
- JWT_PRIVATE_KEY={{ jwt_private_key | default('') }}
- ENABLE_SEADOC=false
volumes:
- {{ seafile_volume | default('/opt/seafile-data') }}:/shared
networks:
- seafile-net
- caddy_network
ports:
- 8001:80
- 8082:8082
- 8000:8000
restart: unless-stopped
depends_on:
- db
- memcached
notification-server:
image: {{ notification_server_image | default('seafileltd/notification-server:12.0-latest') }}
container_name: notification-server
environment:
- DB_HOST={{ seafile_mysql_db_host | default('db') }}
- DB_ROOT_PASSWD={{ seafile_mysql_root_password | default('ROOT_PASSWORD') }}
- TIME_ZONE={{ time_zone | default('Europe/Amsterdam') }}
volumes:
- {{ notification_server_volume | default('/opt/notification-data') }}:/shared
- {{ seafile_volume | default('/opt/seafile-data') }}:/shared/seafile
networks:
- seafile-net
- caddy_network
depends_on:
- db
- seafile
restart: unless-stopped
onlyoffice:
image: onlyoffice/documentserver:8.3.1.1
restart: unless-stopped
environment:
- JWT_ENABLED=true
- JWT_SECRET={{ jwt_private_key | default('') }}
- WOPI_ENABLED=false
volumes:
- {{ seafile_data_dir }}/onlyoffice/logs:/var/log/onlyoffice
- {{ seafile_data_dir }}/onlyoffice/data:/var/www/onlyoffice/Data
- {{ seafile_data_dir }}/onlyoffice/lib:/var/lib/onlyoffice
networks:
- seafile-net
- caddy_network
networks:
seafile-net:
caddy_network:
external: true
name: caddy_default

64
config/ansible/tasks/servers/services/seafile/seafile.yml Normal file
View File

@ -0,0 +1,64 @@
---
- name: Deploy Seafile service
block:
- name: Set Seafile directories
ansible.builtin.set_fact:
seafile_data_dir: "/mnt/object_storage/services/seafile"
seafile_service_dir: "{{ ansible_env.HOME }}/services/seafile"
- name: Set Seafile configuration variables
ansible.builtin.set_fact:
# Docker images
seafile_image: "seafileltd/seafile-mc:12.0-latest"
seafile_db_image: "mariadb:10.11"
seafile_memcached_image: "memcached:1.6.29"
notification_server_image: "seafileltd/notification-server:12.0-latest"
# Volume paths
seafile_volume: "{{ seafile_data_dir }}/seafile-data"
seafile_mysql_volume: "{{ seafile_data_dir }}/seafile-mysql/db"
notification_server_volume: "{{ seafile_data_dir }}/notification-data"
# Database settings
seafile_mysql_db_host: "db"
seafile_mysql_root_password: "{{ lookup('community.general.onepassword', 'bbzudwdo3byqs4pscd2wy7qsn4', vault='j7nmhqlsjmp2r6umly5t75hzb4', field='MYSQL_ROOT_PASSWORD') }}"
seafile_mysql_db_user: "seafile"
seafile_mysql_db_password: "{{ lookup('community.general.onepassword', 'bbzudwdo3byqs4pscd2wy7qsn4', vault='j7nmhqlsjmp2r6umly5t75hzb4', field='MYSQL_PASSWORD') }}"
# Server settings
time_zone: "Europe/Amsterdam"
jwt_private_key: "{{ lookup('community.general.onepassword', 'bbzudwdo3byqs4pscd2wy7qsn4', vault='j7nmhqlsjmp2r6umly5t75hzb4', field='jwt_private_key') }}"
seafile_server_hostname: "sf.mvl.sh"
seafile_server_protocol: "https"
# Admin credentials
seafile_admin_email: "menno@vleeuwen.me"
seafile_admin_password: "{{ lookup('community.general.onepassword', 'bbzudwdo3byqs4pscd2wy7qsn4', vault='j7nmhqlsjmp2r6umly5t75hzb4', field='password') }}"
- name: Create Seafile directories
ansible.builtin.file:
path: "{{ seafile_dir }}"
state: directory
mode: "0755"
loop:
- "{{ seafile_data_dir }}"
- "{{ seafile_service_dir }}"
- "{{ notification_server_volume }}/logs"
- "{{ seafile_volume }}/logs"
loop_control:
loop_var: seafile_dir
- name: Deploy Seafile configuration files
ansible.builtin.template:
src: docker-compose.yml.j2
dest: "{{ seafile_service_dir }}/docker-compose.yml"
mode: "0644"
register: seafile_configs
- name: Stop Seafile service
ansible.builtin.command: docker compose -f "{{ seafile_service_dir }}/docker-compose.yml" down --remove-orphans
when: seafile_configs.changed
- name: Start Seafile service
ansible.builtin.command: docker compose -f "{{ seafile_service_dir }}/docker-compose.yml" up -d
when: seafile_configs.changed

12
config/home-manager/flake.lock generated
View File

@ -23,11 +23,11 @@
}, },
"nixpkgs": { "nixpkgs": {
"locked": { "locked": {
"lastModified": 1741862977, "lastModified": 1742136038,
"narHash": "sha256-prZ0M8vE/ghRGGZcflvxCu40ObKaB+ikn74/xQoNrGQ=", "narHash": "sha256-DDe16FJk18sadknQKKG/9FbwEro7A57tg9vB5kxZ8kY=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "cdd2ef009676ac92b715ff26630164bb88fec4e0", "rev": "a1185f4064c18a5db37c5c84e5638c78b46e3341",
"type": "github" "type": "github"
}, },
"original": { "original": {
@ -39,11 +39,11 @@
}, },
"nixpkgs-unstable": { "nixpkgs-unstable": {
"locked": { "locked": {
"lastModified": 1741851582, "lastModified": 1742069588,
"narHash": "sha256-cPfs8qMccim2RBgtKGF+x9IBCduRvd/N5F4nYpU0TVE=", "narHash": "sha256-C7jVfohcGzdZRF6DO+ybyG/sqpo1h6bZi9T56sxLy+k=",
"owner": "nixos", "owner": "nixos",
"repo": "nixpkgs", "repo": "nixpkgs",
"rev": "6607cf789e541e7873d40d3a8f7815ea92204f32", "rev": "c80f6a7e10b39afcc1894e02ef785b1ad0b0d7e5",
"type": "github" "type": "github"
}, },
"original": { "original": {