ansible/playbooks/tasks/web/firefly-iii.yml

# vim:ft=ansible:
- name: docker deploy firefly
  docker_container:
    name: firefly
    image: fireflyiii/core:latest
    env:
      APP_KEY: "{{ secret_firefly_app_key }}"
      APP_URL: "https://firefly.desu.ltd"
      # We set TRUSTED_PROXIES to * here, which allows any app in the docker
      # network to proxy this. I'm considering this a fine security concession
      # since we can't guarantee the IP of the ingress container
      TRUSTED_PROXIES: "*"
      DB_HOST: "10.0.0.2"
      DB_PORT: "5432"
      DB_CONNECTION: pgsql
      DB_DATABASE: "firefly-desultd"
      DB_USERNAME: "firefly-desultd"
      DB_PASSWORD: "{{ secret_firefly_db_pass }}"
    networks:
      - name: web
        aliases: [ "firefly" ]
    volumes:
      - /data/firefly/upload:/var/www/html/storage/upload
  tags: [ docker, firefly ]
Add Firefly III again 2022-09-03 17:27:17 -05:00			`# vim:ft=ansible:`
			`- name: docker deploy firefly`
			`docker_container:`
			`name: firefly`
			`image: fireflyiii/core:latest`
			`env:`
			`APP_KEY: "{{ secret_firefly_app_key }}"`
			`APP_URL: "https://firefly.desu.ltd"`
			`# We set TRUSTED_PROXIES to * here, which allows any app in the docker`
			`# network to proxy this. I'm considering this a fine security concession`
			`# since we can't guarantee the IP of the ingress container`
			`TRUSTED_PROXIES: "*"`
			`DB_HOST: "10.0.0.2"`
			`DB_PORT: "5432"`
			`DB_CONNECTION: pgsql`
			`DB_DATABASE: "firefly-desultd"`
			`DB_USERNAME: "firefly-desultd"`
			`DB_PASSWORD: "{{ secret_firefly_db_pass }}"`
			`networks:`
			`- name: web`
			`aliases: [ "firefly" ]`
			`volumes:`
			`- /data/firefly/upload:/var/www/html/storage/upload`
			`tags: [ docker, firefly ]`