diff --git a/ansible/app-configs/invidious_config.yml.j2 b/ansible/app-configs/invidious_config.yml.j2 index a1c0574a..7aff109b 100644 --- a/ansible/app-configs/invidious_config.yml.j2 +++ b/ansible/app-configs/invidious_config.yml.j2 @@ -1,3 +1,6 @@ +{% set vault_addr = 'https://vault.trez.wtf' %} +{% set secrets_path = 'rinoa-docker/env' %} + ######################################### # # Database and other external servers diff --git a/ansible/app-configs/invoice-ninja_invoice-ninja.env.j2 b/ansible/app-configs/invoice-ninja_invoice-ninja.env.j2 index 284dcb14..2c8dc97a 100644 --- a/ansible/app-configs/invoice-ninja_invoice-ninja.env.j2 +++ b/ansible/app-configs/invoice-ninja_invoice-ninja.env.j2 @@ -2,8 +2,8 @@ {% set secrets_path = 'rinoa-docker/env' %} # IN application vars -IN_APP_URL=http://in.localhost:8003 -IN_APP_KEY= +IN_APP_URL=https://biz.trez.wtf +IN_APP_KEY={{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['IN_APP_KEY'] }} IN_APP_DEBUG=true IN_REQUIRE_HTTPS=false IN_PHANTOMJS_PDF_GENERATION=false @@ -14,11 +14,11 @@ IN_TRUSTED_PROXIES='*' IN_QUEUE_CONNECTION=database # DB connection -IN_DB_HOST=db +IN_DB_HOST=mariadb IN_DB_PORT=3306 -IN_DB_DATABASE=ninja -IN_DB_USERNAME=ninja -IN_DB_PASSWORD=ninja +IN_DB_DATABASE=invoice_ninja +IN_DB_USERNAME=ininja +IN_DB_PASSWORD={{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['IN_MYSQL_PASSWORD'] }} # Create initial user # Default to these values if empty @@ -29,13 +29,13 @@ IN_PASSWORD= # Mail options IN_MAIL_MAILER=log -IN_MAIL_HOST=smtp.mailtrap.io -IN_MAIL_PORT=2525 -IN_MAIL_USERNAME=null -IN_MAIL_PASSWORD=null +IN_MAIL_HOST=postal-smtp +IN_MAIL_PORT=25 +IN_MAIL_USERNAME={{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['POSTAL_SMTP_AUTH_USER'] }} +IN_MAIL_PASSWORD={{ lookup('community.hashi_vault.vault_kv2_get', 'env', engine_mount_point='rinoa-docker', url=vault_addr, token=vault_token_cleaned)['secret']['POSTAL_SMTP_AUTH_PASSWORD'] }} IN_MAIL_ENCRYPTION=null -IN_MAIL_FROM_ADDRESS='user@example.com' -IN_MAIL_FROM_NAME='Self Hosted User' +IN_MAIL_FROM_ADDRESS='noreply@trez.wtf' +IN_MAIL_FROM_NAME='Treasured IT' # MySQL IN_MYSQL_ROOT_PASSWORD=ninjaAdm1nPassword diff --git a/ansible/group_vars/all.yml b/ansible/group_vars/all.yml index 61790d42..b34e7e6d 100644 --- a/ansible/group_vars/all.yml +++ b/ansible/group_vars/all.yml @@ -1,14 +1,14 @@ vault_addr: "https://vault.trez.wtf" vault_token: !vault | $ANSIBLE_VAULT;1.1;AES256 - 36646134303531336661343065376164323064356362333966333334616530613430656330666231 - 3239616565653332613539356231316337323638306463320a616137396534653839383039393465 - 31666566393063356534613364633732623365376163346534383363333333383237376563646261 - 6538633764633666360a333730313262613431346239386131636338663835306235613961613562 - 63343662656139333037366366346364393863353764353134666337326534333361373062343930 - 30653534336532393234343466343039303163626434633337613831363961323964633830663639 - 31653936353236623834303364306534623032626530396463623132303232366139633563306664 - 39393462353239313737346563376436336463616561326130303366613663313366663063646437 - 66656637383736313461363963316335663665373735316537393338626436343262 + 39306238386563313462666238333237346239326636633731326263653639646235363937386333 + 6138653434613437643134653463363230303038373765380a636162663734393632396638313261 + 39613730633935373063663030616131653731376461333762633131633066366165343536323031 + 3539373461383138310a383734313237313231363539383632323130336536656662313861336261 + 65393033633461363837366462656134386430353236343136616161663364376261623834366466 + 30303765393039376666303937663839663630623063666135313636353432396161333434653435 + 32623634313531343466613966663139333234616137646636636134373264333263343533393331 + 32313530373164653730656662383837626139643364376134376634613237323063343731663734 + 36306335303936633334353564306239663563366435316464343039373965383032 vault_token_cleaned: "{{ vault_token | regex_replace('\\n', '') }}" secrets_path: "rinoa-docker/env" diff --git a/ansible/inventory/host_vars.yml b/ansible/inventory/host_vars.yml index 24038d37..66f9c289 100644 --- a/ansible/inventory/host_vars.yml +++ b/ansible/inventory/host_vars.yml @@ -1,13 +1,13 @@ rinoa: - ansible_host: 192.168.1.254 - ansible_python_interpreter: /usr/bin/python3 - ansible_ssh_port: 22 - ansible_ssh_user: charish - ansible_ssh_pass: !vault | - $ANSIBLE_VAULT;1.1;AES256 - 38346631616139316365316566386362396661323163306339303635646331373061323531626431 - 3435373031363739356261656239633835393963636663370a613166653463656337666366633639 - 37373637326633363430633336646165343764303063663636313835326130663532323037663331 - 6332353339656134370a353435396532663932313535646636333262353238386331313764633635 - 63383065623930653134666261353439366535646661383434386261393232373432353937636535 - 3432336137393737643735346665303832653630316439333565 + ansible_host: 192.168.1.254 + ansible_python_interpreter: /usr/bin/python3 + ansible_ssh_port: 22 + ansible_ssh_user: charish + ansible_ssh_pass: !vault | + $ANSIBLE_VAULT;1.1;AES256 + 32303262303733356636343163363062383539623938383439373166623236366664333830653163 + 3134323461373461663638333265643631666437306362350a353632313337316535633838343137 + 37353139396531613763393139653231333666363935613462343831303866363863653161636138 + 3438316261363139650a313161643039366438356462383730663839366562333464636130346132 + 31363235326362396630313966303064373532306638383739373739336661346438336534366537 + 6565643866333964353563346433323861346262323933333732 diff --git a/ansible/ssh_pass.yml b/ansible/ssh_pass.yml index 9b502d17..78cc163c 100644 --- a/ansible/ssh_pass.yml +++ b/ansible/ssh_pass.yml @@ -1,7 +1,7 @@ $ANSIBLE_VAULT;1.1;AES256 -65353131326537376561616630666531353731653835306564323565383332653437633533313932 -6239663065306339366536326432323534303364663862350a353034623936363066303164333434 -32666331326332363463383234316136323031626330366132643034376439616339396662636236 -3633393039376438630a326138653031656465373966356564336463643465613638313838393166 -36626366356266636535613862333631386231626134376264363731353264613261633037646662 -6431393837653564366531316332616232336365636533643036 +32303262303733356636343163363062383539623938383439373166623236366664333830653163 +3134323461373461663638333265643631666437306362350a353632313337316535633838343137 +37353139396531613763393139653231333666363935613462343831303866363863653161636138 +3438316261363139650a313161643039366438356462383730663839366562333464636130346132 +31363235326362396630313966303064373532306638383739373739336661346438336534366537 +6565643866333964353563346433323861346262323933333732 diff --git a/docker-compose.yml b/docker-compose.yml index 9792c7bb..287653fe 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -616,30 +616,6 @@ services: networks: default: null restart: unless-stopped - bytebase: - container_name: bytebase - image: bytebase/bytebase:3.5.0 - labels: - homepage.group: System Administration - homepage.name: Bytebase - homepage.href: https://dbs.${MY_TLD} - homepage.icon: /icons/bytebase.png - homepage.description: Database-as-Code CI/CD - swag: enable - swag_port: 8080 - swag_proto: http - swag_url: dbs.${MY_TLD} - swag_server_custom_directive: | - access_log /config/log/$$host_access.log ; - error_log /config/log/$$host_error.log ; - swag.uptime-kuma.enabled: true - swag.uptime-kuma.monitor.url: https://dbs.${MY_TLD} - swag.uptime-kuma.monitor.interval: 300 - ports: - - 49054:8080 - restart: unless-stopped - volumes: - - ${DOCKER_VOLUME_CONFIG}/bytebase:/var/opt/bytebase bytestash: container_name: bytestash environment: @@ -1351,6 +1327,27 @@ services: source: /home/charish/.config/appdata target: /source type: bind + excalidraw: + container_name: excalidraw + image: 'excalidraw/excalidraw:latest' + labels: + homepage.group: Personal/Professional Services + homepage.name: Excalidraw + homepage.href: https://draw.${MY_TLD} + homepage.icon: excalidraw.svg + homepage.description: Virtual whiteboard for sketching hand-drawn like diagrams + swag: enable + swag_proto: http + swag_url: draw.${MY_TLD} + swag_server_custom_directive: | + access_log /config/log/$$host_access.log ; + error_log /config/log/$$host_error.log ; + swag.uptime-kuma.enabled: true + swag.uptime-kuma.monitor.url: https://draw.${MY_TLD} + swag.uptime-kuma.monitor.interval: 300 + ports: + - 53721:80 + restart: unless-stopped explo: container_name: explo environment: @@ -2001,12 +1998,6 @@ services: IMMICH_API_KEY: ${IMMICH_POWER_TOOLS_KEY} IMMICH_URL: http://immich-server:2283 image: ghcr.io/varun-raj/immich-power-tools:latest - labels: - homepage.group: Lifestyle - homepage.name: Immich Power Tools - homepage.href: https://pics.${MY_TLD}/tools - homepage.icon: sh-immich-power-tools.png - homepage.description: Tools for Immich ports: - 54018:3000 restart: unless-stopped @@ -5352,6 +5343,35 @@ services: ports: - 3010:3000 restart: unless-stopped + whodb: + container_name: whodb + image: clidey/whodb + environment: + WHODB_POSTGRES_1: '[{"host":"authelia-pg","user":"authelia","password":"${AUTHELIA_STORAGE_POSTGRES_PASSWORD}","database":"authelia"},{"host":"bitmagnet-pg-db","user":"bitmagnet","password":"${BITMAGNET_POSTGRESQL_PASSWORD}","database":"bitmagnet"},{"host":"dawarich-pg-db","user":"dawarich","password":"${DAWARICH_PG_PASSWORD}","database":"dawarich"},{"host":"gitea-db","user":"gitea","password":"${GITEA_PG_DB_PASSWORD}","database":"gitea"},{"host":"immich-pg-db","user":"immich","password":"${IMMICH_DB_PASSWORD}","database":"immich"},{"host":"invidious-db","user":"kemal","password":"${INVID_PG_DB_PASSWORD}","database":"invidious"},{"host":"librechat-vectordb","user":"librechat","password":"${LIBRECHAT_PG_DB_PASSWD}","database":"librechat"},{"host":"mastodon-pg-db","user":"mastodon","password":"${MASTODON_PG_DB_PASSWORD}","database":"mastodon"},{"host":"reactive-resume-pg","user":"reactiveresume","password":"${REACTIVE_RESUME_PGSQL_PASSWORD}","database":"reactiveresume"},{"host":"sonarqube-pg-db","user":"sonar","password":"${SONARQUBE_POSTGRES_PASSWORD}","database":"sonar"},{"host":"tandoor-pg","user":"tandoor","password":"${TANDOOR_POSTGRES_PASSWORD}","database":"tandoor"},{"host":"zammad-postgresql","user":"zammad","password":"${ZAMMAD_POSTGRES_PASS}","database":"zammad_production"}]' + WHODB_MARIADB_1: '[{"host":"mariadb","user":"root","password":"${MARIADB_ENVIRONMENT_MYSQL_ROOT_PASSWORD}","database":"mysql"}]' + WHODB_MONGODB_1: '{"host":"mongodb:27017/admin?replicaSet=rinoa","user":"root","password":"${MONGO_INITDB_ROOT_PASSWORD}"}' + WHODB_OLLAMA_HOST: ollama + WHODB_OLLAMA_PORT: 11434 + WHODB_ANTHROPIC_API_KEY: ${LIBRECHAT_ANTHROPIC_API_KEY} + WHODB_OPENAI_API_KEY: ${LIBRECHAT_OPENAI_API_KEY} + expose: + - 8080 + labels: + homepage.group: System Administration + homepage.name: WhoDB + homepage.href: https://dbs.${MY_TLD} + homepage.icon: whodb.png + homepage.description: Database-as-Code CI/CD + swag: enable + swag_port: 8080 + swag_proto: http + swag_url: dbs.${MY_TLD} + swag_server_custom_directive: | + access_log /config/log/$$host_access.log ; + error_log /config/log/$$host_error.log ; + swag.uptime-kuma.enabled: true + swag.uptime-kuma.monitor.url: https://dbs.${MY_TLD} + swag.uptime-kuma.monitor.interval: 300 youtubedl: container_name: youtubedl environment: