-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
25e5f5c
commit 480db47
Showing
4 changed files
with
213 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,115 @@ | ||
name: Configure Directus ( Access under domain path ) | ||
|
||
on: | ||
workflow_dispatch: | ||
inputs: | ||
directus_hostname: | ||
type: string | ||
required: true | ||
directus_domain: | ||
type: string | ||
required: true | ||
directus_domain_path: | ||
type: string | ||
required: true | ||
directus_db_connection_string: | ||
type: string | ||
required: true | ||
docker_network: | ||
type: string | ||
required: true | ||
default: traefik_network | ||
TARGET_HOST: | ||
type: string | ||
required: true | ||
SSH_PORT: | ||
type: string | ||
required: false | ||
default: "22" | ||
SSH_USER: | ||
type: string | ||
required: false | ||
default: "root" | ||
SSH_USER_HOME_DIR: | ||
type: string | ||
required: false | ||
default: "/root" | ||
ANSIBLE_BECOME_PASS: | ||
type: string | ||
required: false | ||
default: "no-password" | ||
|
||
env: | ||
directus_db_client: pg | ||
directus_key: 7O4o3nHTdL2Bj5aBJKihPFYhnsCbzRCbM2XI8N1f4Ol | ||
directus_secret: SWEAx5xPJ83MNsDHUICpfGe+4aM0Olk+f+9MH | ||
|
||
jobs: | ||
ansible: | ||
runs-on: ubuntu-latest | ||
steps: | ||
- name: Checkout | ||
uses: actions/checkout@v2 | ||
|
||
- name: Add SSH Keys | ||
run: | | ||
cat << EOF > devops-key | ||
${{ secrets.SSH_PRIVATE_KEY }} | ||
EOF | ||
- name: Update devops private key permissions | ||
run: | | ||
chmod 400 devops-key | ||
- name: Install Ansible | ||
run: | | ||
pip install ansible | ||
- name: Adding or Override Ansible inventory File | ||
run: | | ||
cat << EOF > ./inventory.ini | ||
[webservers] | ||
${{ inputs.TARGET_HOST }} | ||
EOF | ||
- name: Adding or Override Ansible Config File | ||
run: | | ||
cat << EOF > ./ansible.cfg | ||
[defaults] | ||
ansible_python_interpreter='/usr/bin/python3' | ||
deprecation_warnings=False | ||
inventory=./inventory.ini | ||
remote_user="${{ inputs.SSH_USER }}" | ||
remote_tmp="${{ inputs.SSH_USER_HOME_DIR }}/.ansible/tmp" | ||
host_key_checking=False | ||
private_key_file = ./devops-key | ||
retries=2 | ||
remote_port = ${{ inputs.SSH_PORT }} | ||
EOF | ||
- name: Adding Ansible Variables | ||
run: | | ||
mkdir -p directus-install/vars/ | ||
cat << EOF > directus-install/vars/main.yaml | ||
--- | ||
directus_hostname: ${{ inputs.directus_hostname }} | ||
directus_domain: ${{ inputs.directus_domain }} | ||
directus_domain_path: ${{ inputs.directus_domain_path }} | ||
directus_key: "${{ env.directus_key }}" | ||
directus_secret: "${{ env.directus_secret }}" | ||
directus_db_client: "pg" | ||
directus_db_connection_string: "${{ inputs.directus_db_connection_string }}" | ||
directus_db_ssl: ${{ secrets.DIRECTUS_DB_SSL }} | ||
directus_db_ssl_ca: "${{ secrets.DIRECTUS_DB_SSL_CA }}" | ||
directus_admin_email: [email protected] | ||
directus_admin_password: changeme# | ||
docker_network: ${{ inputs.docker_network }} | ||
user_home_dir: ${{ inputs.SSH_USER_HOME_DIR }} | ||
EOF | ||
- name: Run main playbook | ||
run: | | ||
if [ "${{ inputs.ANSIBLE_BECOME_PASS }}" != "no-password" ]; then | ||
ANSIBLE_CONFIG=ansible.cfg ansible-playbook --ask-become-pass main.yml | ||
else | ||
ANSIBLE_CONFIG=ansible.cfg ansible-playbook main.yml | ||
fi | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
--- |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,38 @@ | ||
--- | ||
# tasks file for directus | ||
|
||
- name: Configuring directus | ||
|
||
block: | ||
|
||
# create the project directory | ||
# -- | ||
# | ||
- name: Create a directory if it does not exist | ||
ansible.builtin.file: | ||
path: "{{ user_home_dir }}/directus/{{ directus_hostname }}" | ||
state: directory | ||
mode: '0755' | ||
|
||
# copy compose file to server | ||
# -- | ||
# | ||
- name: Copy compose file to server | ||
ansible.builtin.template: | ||
src: "templates/docker-compose.yml.jinja2" | ||
dest: "{{ user_home_dir }}/directus/{{ directus_hostname }}/docker-compose.yaml" | ||
|
||
|
||
# deploy directus stack | ||
# -- | ||
# | ||
- name: Docker Compose Up | ||
community.docker.docker_compose: | ||
project_src: "directus/{{ directus_hostname }}" | ||
|
||
register: output | ||
|
||
|
||
- name: Debug output | ||
ansible.builtin.debug: | ||
var: output |
59 changes: 59 additions & 0 deletions
59
directus-install-with-path/templates/docker-compose.yml.jinja2
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,59 @@ | ||
version: '3.8' | ||
|
||
services: | ||
|
||
cache: | ||
container_name: "{{ directus_hostname | replace('.', '_') }}_directus-cache" | ||
hostname: "{{ directus_hostname | replace('.', '_') }}_directus-cache" | ||
restart: unless-stopped | ||
image: redis:6 | ||
|
||
directus: | ||
container_name: {{ directus_hostname }} | ||
hostname: {{ directus_hostname }} | ||
restart: unless-stopped | ||
image: directus/directus:10 | ||
expose: | ||
- 8055 | ||
volumes: | ||
- ./uploads:/directus/uploads | ||
# If you want to load extensions from the host | ||
# - ./extensions:/directus/extensions | ||
depends_on: | ||
- cache | ||
environment: | ||
KEY: {{ directus_key }} | ||
SECRET: {{ directus_secret }} | ||
|
||
DB_CLIENT: {{ directus_db_client }} | ||
DB_CONNECTION_STRING: {{ directus_db_connection_string }} | ||
NODE_TLS_REJECT_UNAUTHORIZED: 0 | ||
DB_SSL__CA: "{{ directus_db_ssl_ca | default('NONE') }}" | ||
|
||
CACHE_ENABLED: 'true' | ||
CACHE_STORE: 'redis' | ||
REDIS: "redis://{{ directus_hostname | replace('.', '_') }}_directus-cache:6379" | ||
|
||
ADMIN_EMAIL: {{ directus_admin_email }} | ||
ADMIN_PASSWORD: {{ directus_admin_password }} | ||
|
||
# Make sure to set this in production | ||
# (see https://docs.directus.io/configuration/config-options/#general) | ||
PUBLIC_URL: 'https://{{ directus_domain }}' | ||
|
||
labels: | ||
- "com.centurylinklabs.watchtower.enable=true" | ||
- "traefik.enable=true" | ||
- "traefik.http.routers.{{ directus_domain | replace('.', '_')}}.rule=Host(`{{ directus_domain }}`) && PathPrefix(`/{{ directus_domain_path }}`)" | ||
- "traefik.http.routers.{{ directus_domain | replace('.', '_')}}.entrypoints=websecure" | ||
- "traefik.http.routers.{{ directus_domain | replace('.', '_')}}.tls.certresolver=production" | ||
|
||
|
||
# traefik_network | ||
# -- | ||
# | ||
networks: | ||
default: | ||
external: | ||
name: {{ docker_network }} | ||
|