46 lines
1.5 KiB
YAML
46 lines
1.5 KiB
YAML
# vim:ft=ansible:
|
|
- name: docker deploy firefly
|
|
docker_container:
|
|
name: firefly
|
|
image: fireflyiii/core:latest
|
|
env:
|
|
APP_KEY: "{{ secret_firefly_app_key }}"
|
|
APP_URL: "https://firefly.desu.ltd"
|
|
# We set TRUSTED_PROXIES to * here, which allows any app in the docker
|
|
# network to proxy this. I'm considering this a fine security concession
|
|
# since we can't guarantee the IP of the ingress container
|
|
TRUSTED_PROXIES: "*"
|
|
DB_HOST: "10.0.0.2"
|
|
DB_PORT: "5432"
|
|
DB_CONNECTION: pgsql
|
|
DB_DATABASE: "firefly-desultd"
|
|
DB_USERNAME: "firefly-desultd"
|
|
DB_PASSWORD: "{{ secret_firefly_db_pass }}"
|
|
networks:
|
|
- name: web
|
|
aliases: [ "firefly" ]
|
|
volumes:
|
|
- /data/firefly/upload:/var/www/html/storage/upload
|
|
tags: [ docker, firefly ]
|
|
- name: docker deploy firefly importer
|
|
docker_container:
|
|
name: firefly-importer
|
|
image: fireflyiii/data-importer:latest
|
|
# We need to use this workaround with custom DNS servers due to some host
|
|
# entries on the container host
|
|
dns_servers:
|
|
- "8.8.8.8"
|
|
- "8.8.4.4"
|
|
env:
|
|
# This is still undocumented
|
|
# https://github.com/firefly-iii/firefly-iii/issues/3256
|
|
# God fucking dammit
|
|
TRUSTED_PROXIES: "*"
|
|
FIREFLY_III_ACCESS_TOKEN: "{{ secret_firefly_access_token }}"
|
|
FIREFLY_III_URL: "http://firefly:8080"
|
|
VANITY_URL: "https://firefly.desu.ltd"
|
|
networks:
|
|
- name: web
|
|
aliases: [ "firefly-importer" ]
|
|
tags: [ docker, firefly ]
|