--- - name: Docker apps hosts: tamriel remote_user: ansible_worker vars: docker_compose_dir: "~/compose" vars_files: - domains.yml tasks: - name: Remove old config file: path: "{{docker_compose_dir}}" state: absent - name: Synchronize docker-compose files synchronize: src: compose/ dest: "{{docker_compose_dir}}" - name: Generate nginx conf template: src: templates/nginx.conf.j2 dest: "{{docker_compose_dir}}/nginx/conf.d/{{item.value.name}}.conf" vars: server: "{{item.value}}" with_items: "{{domains | dict2items}}" - name: Counter app docker_service: project_name: app definition: version: '3' services: web: build: "{{docker_compose_dir}}/app" ports: - "127.0.0.1:{{domains.cnt.proxy.port}}:5000" restart: always redis: image: "redis:alpine" restart: always - name: nginx docker_service: project_name: nginx definition: version: '3' services: main: build: "{{docker_compose_dir}}/nginx" network_mode: host volumes: - "/etc/letsencrypt/live/dybiec.info:/etc/letsencrypt/live/dybiec.info:ro" - "/etc/letsencrypt/archive/dybiec.info:/etc/letsencrypt/archive/dybiec.info:ro" restart: always - name: gitea docker_service: project_name: gitea restarted: true definition: version: '2' volumes: data: external: name: gitea_data db: external: name: gitea_db networks: gitea: external: false services: web: image: gitea/gitea volumes: - data:/data ports: - "127.0.0.1:{{domains.git.proxy.port}}:3000" - "2022:2022" environment: - DB_TYPE=postgres - DB_HOST=db:5432 - DB_NAME=gitea - DB_USER=gitea - DB_PASSW=gitea - "ROOT_URL=https://{{domains.git.name}}" - SSH_DOMAIN=git.dybiec.info - SSH_PORT=2022 - "APP_NAME={{domains.git.name}}" - DISABLE_REGISTRATION=true - INSTALL_LOCK=true - RUN_MODE=prod networks: - gitea depends_on: - db restart: always db: image: postgres:9.6 restart: always environment: - POSTGRES_USER=gitea - POSTGRES_PASSWORD=gitea - POSTGRES_DB=gitea networks: - gitea volumes: - db/:/var/lib/mysql - name: grafana docker_service: project_name: grafana restarted: true definition: version: '2' volumes: grafana-storage: external: name: grafana_storage services: grafana: image: grafana/grafana ports: - "127.0.0.1:{{domains.grafana.proxy.port}}:3000" environment: - "GF_SERVER_ROOT_URL=http://{{domains.grafana.name}}" - GF_SECURITY_ADMIN_PASSWORD=very_secret volumes: - "grafana-storage:/var/lib/grafana" restart: always prometheus: image: prom/prometheus expose: [9090] #ports: # - "127.0.0.1:{{domains.prometheus.proxy.port}}:9090" extra_hosts: - "dockerhost:172.17.0.1" volumes: - "{{docker_compose_dir}}/monitoring/prometheus:/etc/prometheus/:ro" restart: always cadvisor: image: google/cadvisor expose: [8080] volumes: - "/:/rootfs:ro" - "/var/run:/var/run:ro" - "/sys:/sys:ro" - "/var/lib/docker:/var/lib/docker:ro" - "/dev/disk:/dev/disk:ro" restart: always - name: registry docker_service: project_name: registry definition: version: '2' volumes: registry: external: name: registry services: registry: ports: - "127.0.0.1:{{domains.registry.proxy.port}}:5000" image: registry:2 volumes: - "registry:/var/lib/registry" environment: REGISTRY_STORAGE_MAINTENANCE: |- readonly: enabled: true restart: always - name: vpn docker_service: project_name: vpn definition: version: '2' volumes: openvpn-certs: external: name: openvpn-pawel services: openvpn: image: kylemanna/openvpn network_mode: host volumes: - "openvpn-certs:/etc/openvpn" privileged: true