ansible/playbooks/tasks/web/firefly-iii.yml

54 lines
1.8 KiB
YAML
Raw Normal View History

2022-09-03 17:27:17 -05:00
# vim:ft=ansible:
2022-09-04 05:22:35 -05:00
#
# NOTE: This app is currently not fully-functional. It needs a cronjob
# implemented for things like recurring transactions and budgets.
#
# https://docs.firefly-iii.org/firefly-iii/advanced-installation/cron/
#
2022-09-03 17:27:17 -05:00
- name: docker deploy firefly
docker_container:
name: firefly
image: fireflyiii/core:latest
env:
APP_KEY: "{{ secret_firefly_app_key }}"
APP_URL: "https://firefly.desu.ltd"
# We set TRUSTED_PROXIES to * here, which allows any app in the docker
# network to proxy this. I'm considering this a fine security concession
# since we can't guarantee the IP of the ingress container
TRUSTED_PROXIES: "*"
DB_HOST: "10.0.0.2"
DB_PORT: "5432"
DB_CONNECTION: pgsql
DB_DATABASE: "firefly-desultd"
DB_USERNAME: "firefly-desultd"
DB_PASSWORD: "{{ secret_firefly_db_pass }}"
networks:
- name: web
aliases: [ "firefly" ]
volumes:
2022-09-04 05:22:35 -05:00
- /data/firefly/export:/var/www/html/storage/export
- /data/firefly/logs:/var/www/html/storage/logs
2022-09-03 17:27:17 -05:00
- /data/firefly/upload:/var/www/html/storage/upload
tags: [ docker, firefly ]
2022-09-03 18:19:51 -05:00
- name: docker deploy firefly importer
docker_container:
name: firefly-importer
image: fireflyiii/data-importer:latest
# We need to use this workaround with custom DNS servers due to some host
# entries on the container host
dns_servers:
- "8.8.8.8"
- "8.8.4.4"
env:
2022-09-04 05:22:35 -05:00
# This TRUSTED_PROXIES line is still undocumented
2022-09-03 18:19:51 -05:00
# https://github.com/firefly-iii/firefly-iii/issues/3256
# God fucking dammit
TRUSTED_PROXIES: "*"
FIREFLY_III_ACCESS_TOKEN: "{{ secret_firefly_access_token }}"
FIREFLY_III_URL: "http://firefly:8080"
VANITY_URL: "https://firefly.desu.ltd"
networks:
- name: web
aliases: [ "firefly-importer" ]
tags: [ docker, firefly ]