--- - name: Docker apps hosts: tamriel remote_user: ansible_worker vars: docker_compose_dir: "~/composer" tasks: - name: Synchronize docker-compose files synchronize: src: composer/ dest: composer - name: Counter app docker_service: project_name: app definition: version: '3' services: web: build: "{{docker_compose_dir}}/app" ports: - "127.0.0.1:5004:5000" restart: always redis: image: "redis:alpine" restart: always - name: nginx docker_service: project_name: nginx definition: version: '3' services: main: build: "{{docker_compose_dir}}/nginx" network_mode: host volumes: - "/etc/letsencrypt/live/dybiec.info:/etc/letsencrypt/live/dybiec.info:ro" - "/etc/letsencrypt/archive/dybiec.info:/etc/letsencrypt/archive/dybiec.info:ro" ports: - "443:443" - "80:80" restart: always - name: gitea docker_service: project_name: gitea definition: version: '2' volumes: data: external: name: gitea_data db: external: name: gitea_db networks: gitea: external: false services: web: image: gitea/gitea volumes: - data:/data ports: - "127.0.0.1:5001:3000" - "5022:5022" environment: - DB_TYPE=postgres - DB_HOST=db:5432 - DB_NAME=gitea - DB_USER=gitea - DB_PASSW=gitea - ROOT_URL=https://git.dybiec.info - SSH_DOMAIN=git.dybiec.info - SSH_PORT=5022 - APP_NAME=git.dybiec.info - DISABLE_REGISTRATION=true - INSTALL_LOCK=true - RUN_MODE=prod networks: - gitea depends_on: - db restart: always db: image: postgres:9.6 restart: always environment: - POSTGRES_USER=gitea - POSTGRES_PASSWORD=gitea - POSTGRES_DB=gitea networks: - gitea volumes: - db/:/var/lib/mysql - name: grafana docker_service: project_name: grafana definition: version: '2' volumes: grafana-storage: external: name: grafana_storage services: grafana: image: grafana/grafana ports: - "127.0.0.1:5002:3000" environment: - GF_SERVER_ROOT_URL=http://grafana.dybiec.info - GF_SECURITY_ADMIN_PASSWORD=very_secret volumes: - "grafana-storage:/var/lib/grafana" restart: always prometheus: image: prom/prometheus expose: [9090] extra_hosts: - "dockerhost:172.17.0.1" volumes: - "{{docker_compose_dir}}/monitoring/prometheus:/etc/prometheus/:ro" restart: always cadvisor: image: google/cadvisor expose: [8080] volumes: - "/:/rootfs:ro" - "/var/run:/var/run:ro" - "/sys:/sys:ro" - "/var/lib/docker:/var/lib/docker:ro" - "/dev/disk:/dev/disk:ro" restart: always - name: registry docker_service: project_src: composer/registry - name: vpn docker_service: project_name: vpn definition: version: '2' volumes: openvpn-certs: external: name: openvpn-pawel services: openvpn: image: kylemanna/openvpn network_mode: host volumes: - "openvpn-certs:/etc/openvpn" privileged: true