Add Firefly III again

This commit is contained in:
Salt 2022-09-03 17:27:17 -05:00
parent 49df0d0ae3
commit 6b64eefe2d
5 changed files with 50 additions and 0 deletions

View File

@ -82,6 +82,23 @@ secret_ara_secret_key: !vault |
31346465336361316433383865613233373836643366346538633330616232386132636662643963
303938396531623561653335646231616239
# For Firefly III
secret_firefly_app_key: !vault |
$ANSIBLE_VAULT;1.1;AES256
36326365626537313464373434303833373261303835643035666431326335633634376364376233
3664323235383337313266316466363734643331313862630a636164616462623965353331373266
65653363353039653231316464653366303938656363333239313165313662636163323366303433
6432633664666339660a383938333531333536666361633762633831363132366563396237346330
32323266346363656336396264626231653331343862636632646466353236393438363037623466
6535373866616238323339326338316330383064336138646663
secret_firefly_db_pass: !vault |
$ANSIBLE_VAULT;1.1;AES256
31386133326239313637393462633930626634653562303361326634323633363037303862313361
3133356362333833653636623761386163646435633239370a613632646461303534353134346431
36613930393235653862376639626238326561633064333565383564626330636639633136643365
3565316233663262360a353631323762313130326361643532626334363263636539313233646362
37633961633162353936386366623136633436306235336235363566616563366563
# For GVM
secret_gvm_db_pass: !vault |
$ANSIBLE_VAULT;1.1;AES256

View File

@ -93,6 +93,8 @@
# Public
- record: ara.desu.ltd
value: vm-general-1.ashburn.mgmt.desu.ltd
- record: firefly.desu.ltd
value: vm-general-1.ashburn.mgmt.desu.ltd
- record: git.desu.ltd
value: vm-general-1.ashburn.mgmt.desu.ltd
- record: gitlab.desu.ltd

View File

@ -25,6 +25,8 @@
postgresql_users:
- name: ara-desultd
password: "{{ secret_ara_db_pass }}"
- name: firefly-desultd
password: "{{ secret_firefly_db_pass }}"
- name: gitea-desultd
password: "{{ secret_gitea_db_pass }}"
- name: gitlab-desultd
@ -48,6 +50,8 @@
postgresql_databases:
- name: ara-desultd
owner: ara-desultd
- name: firefly-desultd
owner: firefly-desultd
- name: gitea-desultd
owner: gitea-desultd
- name: gitlab-desultd

View File

@ -23,6 +23,7 @@
- web/ara.yml
- web/desultd.yml
- web/element-web.yml
- web/firefly-iii.yml
- web/gitea.yml
- web/netbox.yml
- web/nextcloud.yml
@ -222,6 +223,8 @@
contents: |
default_type application/json;
return 200 '{"m.homeserver":{"base_url":"https://matrix.desu.ltd"}}';
- name: firefly.desu.ltd
proxy_pass: http://firefly:8080
- name: git.desu.ltd
proxy_pass: http://gitea:3000
- name: matrix.desu.ltd

View File

@ -0,0 +1,24 @@
# vim:ft=ansible:
- name: docker deploy firefly
docker_container:
name: firefly
image: fireflyiii/core:latest
env:
APP_KEY: "{{ secret_firefly_app_key }}"
APP_URL: "https://firefly.desu.ltd"
# We set TRUSTED_PROXIES to * here, which allows any app in the docker
# network to proxy this. I'm considering this a fine security concession
# since we can't guarantee the IP of the ingress container
TRUSTED_PROXIES: "*"
DB_HOST: "10.0.0.2"
DB_PORT: "5432"
DB_CONNECTION: pgsql
DB_DATABASE: "firefly-desultd"
DB_USERNAME: "firefly-desultd"
DB_PASSWORD: "{{ secret_firefly_db_pass }}"
networks:
- name: web
aliases: [ "firefly" ]
volumes:
- /data/firefly/upload:/var/www/html/storage/upload
tags: [ docker, firefly ]