Update to 2023-07-25 10:00
This commit is contained in:
parent
a46990279b
commit
e033ed4f44
|
|
@ -1,11 +1,11 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
# Version of cocumize to deploy
|
# Version of cocumize to deploy
|
||||||
documize_version: 5.7.0
|
documize_version: 5.8.0
|
||||||
# URL of the binary to install
|
# URL of the binary to install
|
||||||
documize_bin_url: https://github.com/documize/community/releases/download/v{{ documize_version }}/documize-community-linux-amd64
|
documize_bin_url: https://github.com/documize/community/releases/download/v{{ documize_version }}/documize-community-linux-amd64
|
||||||
# Expected sha1 of the binary
|
# Expected sha1 of the binary
|
||||||
documize_bin_sha256: b0a139b25e8e0650b0ca961d79034efafa7da464eb888277ec90ffab6622fa67
|
documize_bin_sha256: 0de3277f22638cf0d2bb0efeecaa422a4cdeb02f895a3dc11bd4d97f9835f904
|
||||||
|
|
||||||
# Should documize handle upgrades or only initial install ?
|
# Should documize handle upgrades or only initial install ?
|
||||||
documize_manage_upgrade: True
|
documize_manage_upgrade: True
|
||||||
|
|
|
||||||
|
|
@ -1,11 +1,11 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
# Version to install
|
# Version to install
|
||||||
gitea_version: 1.20.0
|
gitea_version: 1.20.1
|
||||||
# URL to the binary
|
# URL to the binary
|
||||||
gitea_bin_url: https://dl.gitea.io/gitea/{{ gitea_version }}/gitea-{{ gitea_version }}-linux-amd64
|
gitea_bin_url: https://dl.gitea.io/gitea/{{ gitea_version }}/gitea-{{ gitea_version }}-linux-amd64
|
||||||
# sha256 of the binary
|
# sha256 of the binary
|
||||||
gitea_bin_sha256: a4db83051bcd5019ecb7879301f849a6513a5c074f1f684be1b39135747c70c9
|
gitea_bin_sha256: 02985552f00ea68bbba717611ab1cca2ee42a35ac1cb39374d12a0141d704c58
|
||||||
# Handle updates. If set to false, ansible will only install
|
# Handle updates. If set to false, ansible will only install
|
||||||
# Gitea and then won't touch an existing installation
|
# Gitea and then won't touch an existing installation
|
||||||
gitea_manage_upgrade: True
|
gitea_manage_upgrade: True
|
||||||
|
|
|
||||||
|
|
@ -1,11 +1,11 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
# Version to install
|
# Version to install
|
||||||
miniflux_version: 2.0.45
|
miniflux_version: 2.0.46
|
||||||
# URL of the binary to install
|
# URL of the binary to install
|
||||||
miniflux_bin_url: https://github.com/miniflux/v2/releases/download/{{ miniflux_version }}/miniflux-linux-amd64
|
miniflux_bin_url: https://github.com/miniflux/v2/releases/download/{{ miniflux_version }}/miniflux-linux-amd64
|
||||||
# Expected sha256 of the binary
|
# Expected sha256 of the binary
|
||||||
miniflux_bin_sha256: 88699075efaed7b79986a2bfd072a17553065a2c7c151287465c1f659aa45cc9
|
miniflux_bin_sha256: 651382232979e4a2f1c37087f0140cb4e2dff5dbe40a62e5144a2cbe08e9a6f3
|
||||||
# Should ansible handle upgrades ? If false, only initial install will be done
|
# Should ansible handle upgrades ? If false, only initial install will be done
|
||||||
miniflux_manage_upgrade: True
|
miniflux_manage_upgrade: True
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -1,9 +1,9 @@
|
||||||
---
|
---
|
||||||
|
|
||||||
# Version of Nomad to install
|
# Version of Nomad to install
|
||||||
nomad_version: 1.6.0
|
nomad_version: 1.6.1
|
||||||
# URL of the archive
|
# URL of the archive
|
||||||
nomad_archive_url: https://releases.hashicorp.com/nomad/{{ nomad_version }}/nomad_{{ nomad_version }}_linux_amd64.zip
|
nomad_archive_url: https://releases.hashicorp.com/nomad/{{ nomad_version }}/nomad_{{ nomad_version }}_linux_amd64.zip
|
||||||
# Expected sha256 of the archive
|
# Expected sha256 of the archive
|
||||||
nomad_archive_sha256: c67a4874439b74a25751ebc5549f9873bc9db937d4509403c84e32cef4dae001
|
nomad_archive_sha256: e4c01c51c393b266aee4ff184dd97704ae3d838c233a6189425a9f1c31a55f4f
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -27,8 +27,8 @@ odoo_src_ip: []
|
||||||
# odoo_public_url: https://erp.domain.tld/
|
# odoo_public_url: https://erp.domain.tld/
|
||||||
|
|
||||||
odoo_http_port: 8069
|
odoo_http_port: 8069
|
||||||
odoo_longpolling_port: 8072
|
odoo_gevent_port: 8072
|
||||||
odoo_ports: [ "{{ odoo_http_port }}", "{{ odoo_longpolling_port }}" ]
|
odoo_ports: [ "{{ odoo_http_port }}", "{{ odoo_gevent_port }}" ]
|
||||||
|
|
||||||
odoo_workers: 4
|
odoo_workers: 4
|
||||||
odoo_email: "{{ system_admin_email | default('admin' + ansible_domain ) }}"
|
odoo_email: "{{ system_admin_email | default('admin' + ansible_domain ) }}"
|
||||||
|
|
|
||||||
|
|
@ -55,6 +55,7 @@
|
||||||
loop:
|
loop:
|
||||||
- phonenumbers
|
- phonenumbers
|
||||||
- python-jose
|
- python-jose
|
||||||
|
- flanker
|
||||||
tags: odoo
|
tags: odoo
|
||||||
|
|
||||||
- name: Create the PostgreSQL role
|
- name: Create the PostgreSQL role
|
||||||
|
|
|
||||||
|
|
@ -5,7 +5,7 @@ server {
|
||||||
root /usr/share/nginx;
|
root /usr/share/nginx;
|
||||||
|
|
||||||
location /websocket {
|
location /websocket {
|
||||||
proxy_pass http://localhost:{{ odoo_longpolling_port }};
|
proxy_pass http://localhost:{{ odoo_gevent_port }};
|
||||||
proxy_set_header Upgrade $http_upgrade;
|
proxy_set_header Upgrade $http_upgrade;
|
||||||
proxy_set_header Connection "upgrade";
|
proxy_set_header Connection "upgrade";
|
||||||
proxy_set_header X-Forwarded-Host $host;
|
proxy_set_header X-Forwarded-Host $host;
|
||||||
|
|
|
||||||
|
|
@ -8,7 +8,7 @@ addons_path = {{ odoo_root_dir }}/enterprise, {{ odoo_root_dir }}/app/odoo/addon
|
||||||
workers = {{ odoo_workers }}
|
workers = {{ odoo_workers }}
|
||||||
max_cron_threads = 1
|
max_cron_threads = 1
|
||||||
http_port = {{ odoo_http_port }}
|
http_port = {{ odoo_http_port }}
|
||||||
longpolling_port = {{ odoo_longpolling_port }}
|
gevent_port = {{ odoo_gevent_port }}
|
||||||
email_from = {{ odoo_email }}
|
email_from = {{ odoo_email }}
|
||||||
smtp_server = localhost
|
smtp_server = localhost
|
||||||
data_dir = {{ odoo_root_dir }}/data
|
data_dir = {{ odoo_root_dir }}/data
|
||||||
|
|
|
||||||
|
|
@ -190,9 +190,9 @@
|
||||||
line: "{{ item.option }}={{ item.value }}"
|
line: "{{ item.option }}={{ item.value }}"
|
||||||
with_items:
|
with_items:
|
||||||
- option: unifi.xmx
|
- option: unifi.xmx
|
||||||
value: 4096
|
value: "{{ unifi_mem_limit }}"
|
||||||
- option: unifi.xms
|
- option: unifi.xms
|
||||||
value: 4096
|
value: "{{ (unifi_mem_limit * 0.5) | int }}"
|
||||||
- option: unifi.G1GC.enabled
|
- option: unifi.G1GC.enabled
|
||||||
value: 'true'
|
value: 'true'
|
||||||
- option: autobackup.dir
|
- option: autobackup.dir
|
||||||
|
|
|
||||||
|
|
@ -1,5 +1,5 @@
|
||||||
unifi.xmx={{ unifi_mem_limit }}
|
unifi.xmx={{ unifi_mem_limit }}
|
||||||
unifi.xms={{ unifi_mem_limit }}
|
unifi.xms={{ unifi_mem_limit * 0.5 | int }}
|
||||||
unifi.G1GC.enabled=true
|
unifi.G1GC.enabled=true
|
||||||
autobackup.dir={{ unifi_root_dir }}/backup
|
autobackup.dir={{ unifi_root_dir }}/backup
|
||||||
unifi.http.port={{ unifi_http_port }}
|
unifi.http.port={{ unifi_http_port }}
|
||||||
|
|
|
||||||
|
|
@ -6,7 +6,7 @@ After=syslog.target network.target
|
||||||
Type=simple
|
Type=simple
|
||||||
User=unifi
|
User=unifi
|
||||||
WorkingDirectory={{ unifi_root_dir }}/app
|
WorkingDirectory={{ unifi_root_dir }}/app
|
||||||
ExecStart=/usr/bin/java -Djava.awt.headless=true -Xmx{{ unifi_mem_limit }}M -Xms{{ unifi_mem_limit }}M -Djava.net.preferIPv4Stack=true {% if system_proxy is defined and system_proxy != '' %}-Dhttp.proxyHost={{ system_proxy | urlsplit('hostname') }} -Dhttp.proxyPort={{ system_proxy | urlsplit('port') }} -Dhttps.proxyHost={{ system_proxy | urlsplit('hostname') }} -Dhttps.proxyPort={{ system_proxy | urlsplit('port') }} {% endif %}-jar {{ unifi_root_dir }}/app/lib/ace.jar start
|
ExecStart=/usr/bin/java -Djava.awt.headless=true -Xmx{{ unifi_mem_limit }}M -Xms{{ (unifi_mem_limit * 0.5) | int }}M -Djava.net.preferIPv4Stack=true {% if system_proxy is defined and system_proxy != '' %}-Dhttp.proxyHost={{ system_proxy | urlsplit('hostname') }} -Dhttp.proxyPort={{ system_proxy | urlsplit('port') }} -Dhttps.proxyHost={{ system_proxy | urlsplit('hostname') }} -Dhttps.proxyPort={{ system_proxy | urlsplit('port') }} {% endif %}-jar {{ unifi_root_dir }}/app/lib/ace.jar start
|
||||||
ExecStop=/usr/bin/java -jar {{ unifi_root_dir }}/app/lib/ace.jar stop
|
ExecStop=/usr/bin/java -jar {{ unifi_root_dir }}/app/lib/ace.jar stop
|
||||||
SuccessExitStatus=143
|
SuccessExitStatus=143
|
||||||
PrivateTmp=yes
|
PrivateTmp=yes
|
||||||
|
|
|
||||||
|
|
@ -34,7 +34,7 @@ template {
|
||||||
perms = 0640
|
perms = 0640
|
||||||
{% if vault_agent_nomad.nomad_pki.cli.enabled and vault_agent_nomad.nomad_pki.cli.secret_path is defined %}
|
{% if vault_agent_nomad.nomad_pki.cli.enabled and vault_agent_nomad.nomad_pki.cli.secret_path is defined %}
|
||||||
exec {
|
exec {
|
||||||
command = ["sh", "-c", "export $(cat /run/nomad/vault.env) && {{ vault_agent_root_dir }}/bin/update_nomad_cert.sh"]
|
command = ["{{ vault_agent_root_dir }}/bin/update_nomad_cert.sh"]
|
||||||
}
|
}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -13,6 +13,10 @@ elif [ "$(echo ${VAULT_STATUS} | jq .initialized)" != "true" ]; then
|
||||||
echo "Vault is not initialized yet, exiting"
|
echo "Vault is not initialized yet, exiting"
|
||||||
else
|
else
|
||||||
echo Updating Vault certificate to access Nomad API
|
echo Updating Vault certificate to access Nomad API
|
||||||
|
if [ -z "${VAULT_TOKEN}" -a -e /run/nomad/vault.env ]; then
|
||||||
|
echo "Using VAULT_TOKEN from Nomad agent"
|
||||||
|
export $(cat /run/nomad/vault.env)
|
||||||
|
fi
|
||||||
vault write {{ vault_agent_nomad.nomad_pki.cli.secret_path | default('nomad') }}/config/access \
|
vault write {{ vault_agent_nomad.nomad_pki.cli.secret_path | default('nomad') }}/config/access \
|
||||||
ca_cert="$(cat {{ nomad_root_dir }}/tls/ca.crt)" \
|
ca_cert="$(cat {{ nomad_root_dir }}/tls/ca.crt)" \
|
||||||
client_cert="$(cat {{ nomad_root_dir }}/tls/cli.crt)" \
|
client_cert="$(cat {{ nomad_root_dir }}/tls/cli.crt)" \
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue
Block a user