amend! draft!: feat: host outline with Docker compose

draft!: feat: host outline with Docker compose
svsticky · Jul 20, 2024 · a45cec0 · a45cec0
1 parent e822e57
commit a45cec0
Show file tree

Hide file tree

Showing 7 changed files with 7 additions and 18 deletions.
diff --git a/ansible/group_vars/production/vars.yml b/ansible/group_vars/production/vars.yml
@@ -140,6 +140,7 @@ secret_outline:
   s3_secret_access_key: "{{ vault_secret_outline.s3_secret_access_key }}"
   s3_bucket: "outline-wiki-prod"
   mailgun_password: "{{ vault_secret_outline.mailgun_password }}"
+  postgresql_password: "{{ vault_secret_outline.postgresql_password }}"
 
 secret_koala_manual:
   password: "{{ vault_secret_koala_manual.password }}"

diff --git a/ansible/group_vars/staging/vars.yml b/ansible/group_vars/staging/vars.yml
@@ -131,6 +131,7 @@ secret_outline:
   s3_secret_access_key: "{{ vault_secret_outline.s3_secret_access_key }}"
   s3_bucket: "outline-wiki-staging"
   mailgun_password: "{{ vault_secret_outline.mailgun_password }}"
+  postgresql_password: "{{ vault_secret_outline.postgresql_password }}"
 
 secret_koala_manual:
   password: "{{ vault_secret_koala_manual.password }}"

diff --git a/ansible/roles/outline/handlers/main.yml b/ansible/roles/outline/handlers/main.yml
diff --git a/ansible/roles/outline/tasks/main.yml b/ansible/roles/outline/tasks/main.yml
@@ -22,6 +22,7 @@
   - name: "Ensure Postgres role exists"
     community.postgresql.postgresql_user:
       name: "outline"
+      password: "{{ secret_outline.postgresql_password }}" # Sadly seems required to make authentication over localhost work, for peer authentication fails somehow
       state: "present"
 
   - name: "Ensure database exists"
@@ -57,8 +58,3 @@
     dest: "/etc/nginx/sites-enabled/outline.conf"
   notify: "reload nginx"
 
-# TODO test creating and restoring backup
-# TODO is het erg dat outline:outline in templates staat?
-# TODO AWS_S3 accelration URL?
-# TODO FILE_STORAGE niet local maar s3?
-# TODO compose-up.yml moet misschien andere naam krijgen?
diff --git a/ansible/roles/outline/templates/docker-compose.yml.j2 b/ansible/roles/outline/templates/docker-compose.yml.j2
@@ -5,7 +5,7 @@ services:
     env_file: ./docker.env
     #    ports:
     #      - "4568:3000"
-    network_mode: host
+    network_mode: host # TODO replace this
     volumes:
       - storage-data:/var/lib/outline/data
         #    depends_on:

diff --git a/ansible/roles/outline/templates/docker.env.j2 b/ansible/roles/outline/templates/docker.env.j2
@@ -12,7 +12,7 @@ UTILS_SECRET={{ secret_outline.utils_key }}
 
 # For production point these at your databases, in development the default
 # should work out of the box.
-DATABASE_URL=postgres://outline:outline@localhost/outline?dbname=outline #?dbname=outline&user=outline&host=/run/postgresql
+DATABASE_URL=postgres://outline:{{ secret_outline.postgresql_password }}@localhost/outline
 DATABASE_CONNECTION_POOL_MIN=
 DATABASE_CONNECTION_POOL_MAX=
 # Uncomment this to disable SSL for connecting to Postgres
@@ -61,7 +61,7 @@ FILE_STORAGE_WORKSPACE_IMPORT_MAX_SIZE=
 AWS_ACCESS_KEY_ID={{ secret_outline.s3_access_key_id }}
 AWS_SECRET_ACCESS_KEY={{ secret_outline.s3_secret_access_key }}
 AWS_REGION=eu-west-1
-#AWS_S3_ACCELERATE_URL=
+#AWS_S3_ACCELERATE_URL= (this costs money, bleh)
 AWS_S3_UPLOAD_BUCKET_URL=https://{{ secret_outline.s3_bucket }}.s3.eu-west-1.amazonaws.com
 AWS_S3_UPLOAD_BUCKET_NAME={{ secret_outline.s3_bucket }}
 AWS_S3_FORCE_PATH_STYLE=true

diff --git a/ansible/roles/outline/templates/outline.conf.j2 b/ansible/roles/outline/templates/outline.conf.j2
@@ -1,7 +1,7 @@
 server {
   listen 443 ssl http2;
   listen [::]:443 ssl http2;
-  server_name ~^(compendium|stickypedia|wiki)\.{{ canonical_hostname }};
+  server_name ~^(compendium|stickypedia|wiki|stickywiki)\.{{ canonical_hostname }};
 
   ssl_certificate /etc/letsencrypt/live/compendium.{{ canonical_hostname }}/fullchain.pem;
   ssl_certificate_key /etc/letsencrypt/live/compendium.{{ canonical_hostname }}/privkey.pem;