feat: replace firefly-iii with actual budget
All checks were successful
Infrastructure / Check and run Ansbile playbooks (push) Successful in 3m44s
All checks were successful
Infrastructure / Check and run Ansbile playbooks (push) Successful in 3m44s
This commit is contained in:
@@ -17,54 +17,9 @@
|
|||||||
community.docker.docker_compose_v2:
|
community.docker.docker_compose_v2:
|
||||||
project_src: "$HOME/{{ app }}"
|
project_src: "$HOME/{{ app }}"
|
||||||
state: absent
|
state: absent
|
||||||
- name: Copy project
|
- name: Remove project directory
|
||||||
ansible.builtin.copy:
|
when: project.stat.exists
|
||||||
src: "./{{ app }}"
|
ansible.builtin.file:
|
||||||
dest: "$HOME"
|
path: "$HOME/{{ app }}"
|
||||||
mode: "0744"
|
state: absent
|
||||||
|
# Note: we keep db data, just-in-case
|
||||||
- name: Replace APP_KEY secret
|
|
||||||
ansible.builtin.replace:
|
|
||||||
path: "$HOME/{{ app }}/.env"
|
|
||||||
regexp: "APP_KEY_VALUE"
|
|
||||||
replace: "{{ lookup('infisical.vault.read_secrets', project_id=infisical_project, env_slug='prod',
|
|
||||||
path='/finance', secret_name='APP_KEY')['value'] }}"
|
|
||||||
- name: Replace DB secret
|
|
||||||
ansible.builtin.replace:
|
|
||||||
path: "$HOME/{{ app }}/.env"
|
|
||||||
regexp: "DB_PASSWORD_VALUE"
|
|
||||||
replace: "{{ lookup('infisical.vault.read_secrets', project_id=infisical_project, env_slug='prod',
|
|
||||||
path='/finance', secret_name='DB_PASSWORD')['value'] }}"
|
|
||||||
- name: Replace cron token secret
|
|
||||||
ansible.builtin.replace:
|
|
||||||
path: "$HOME/{{ app }}/.env"
|
|
||||||
regexp: "STATIC_CRON_TOKEN_VALUE"
|
|
||||||
replace: "{{ lookup('infisical.vault.read_secrets', project_id=infisical_project, env_slug='prod',
|
|
||||||
path='/finance', secret_name='STATIC_CRON_TOKEN')['value'] }}"
|
|
||||||
- name: Replace SMTP Password secret (app)
|
|
||||||
ansible.builtin.replace:
|
|
||||||
path: "$HOME/{{ app }}/.env"
|
|
||||||
regexp: "SMTP_PASSWORD_VALUE"
|
|
||||||
replace: "{{ lookup('ansible.builtin.env', 'SMTP_PASSWORD') }}"
|
|
||||||
|
|
||||||
- name: Replace Nordigen ID secret
|
|
||||||
ansible.builtin.replace:
|
|
||||||
path: "$HOME/{{ app }}/.importer.env"
|
|
||||||
regexp: "NORDIGEN_ID_VALUE"
|
|
||||||
replace: "{{ lookup('infisical.vault.read_secrets', project_id=infisical_project, env_slug='prod',
|
|
||||||
path='/finance', secret_name='NORDIGEN_ID')['value'] }}"
|
|
||||||
- name: Replace Nordigen Key secret
|
|
||||||
ansible.builtin.replace:
|
|
||||||
path: "$HOME/{{ app }}/.importer.env"
|
|
||||||
regexp: "NORDIGEN_KEY_VALUE"
|
|
||||||
replace: "{{ lookup('infisical.vault.read_secrets', project_id=infisical_project, env_slug='prod',
|
|
||||||
path='/finance', secret_name='NORDIGEN_KEY')['value'] }}"
|
|
||||||
- name: Replace SMTP Password secret (importer)
|
|
||||||
ansible.builtin.replace:
|
|
||||||
path: "$HOME/{{ app }}/.importer.env"
|
|
||||||
regexp: "SMTP_PASSWORD_VALUE"
|
|
||||||
replace: "{{ lookup('ansible.builtin.env', 'SMTP_PASSWORD') }}"
|
|
||||||
|
|
||||||
- name: Docker compose up
|
|
||||||
community.docker.docker_compose_v2:
|
|
||||||
project_src: "$HOME/{{ app }}"
|
|
||||||
|
|||||||
27
infra/finance/0004_actual_playbook.yaml
Normal file
27
infra/finance/0004_actual_playbook.yaml
Normal file
@@ -0,0 +1,27 @@
|
|||||||
|
- name: Deploy app
|
||||||
|
hosts: finance
|
||||||
|
gather_facts: false
|
||||||
|
vars:
|
||||||
|
app: actual
|
||||||
|
tasks:
|
||||||
|
- name: Wait for connection
|
||||||
|
ansible.builtin.wait_for_connection:
|
||||||
|
timeout: 300
|
||||||
|
|
||||||
|
- name: Check if project exists
|
||||||
|
ansible.builtin.stat:
|
||||||
|
path: "$HOME/{{ app }}"
|
||||||
|
register: project
|
||||||
|
- name: Docker compose down
|
||||||
|
when: project.stat.exists
|
||||||
|
community.docker.docker_compose_v2:
|
||||||
|
project_src: "$HOME/{{ app }}"
|
||||||
|
state: absent
|
||||||
|
- name: Copy project
|
||||||
|
ansible.builtin.copy:
|
||||||
|
src: "./{{ app }}"
|
||||||
|
dest: "$HOME"
|
||||||
|
mode: "0744"
|
||||||
|
- name: Docker compose up
|
||||||
|
community.docker.docker_compose_v2:
|
||||||
|
project_src: "$HOME/{{ app }}"
|
||||||
22
infra/finance/actual/docker-compose.yml
Normal file
22
infra/finance/actual/docker-compose.yml
Normal file
@@ -0,0 +1,22 @@
|
|||||||
|
services:
|
||||||
|
actual_server:
|
||||||
|
image: docker.io/actualbudget/actual-server:latest
|
||||||
|
ports:
|
||||||
|
- 80:5006
|
||||||
|
environment:
|
||||||
|
# See all options and more details at https://actualbudget.org/docs/config/
|
||||||
|
- ACTUAL_UPLOAD_FILE_SYNC_SIZE_LIMIT_MB=100
|
||||||
|
- ACTUAL_UPLOAD_SYNC_ENCRYPTED_FILE_SYNC_SIZE_LIMIT_MB=200
|
||||||
|
- ACTUAL_UPLOAD_FILE_SIZE_LIMIT_MB=100
|
||||||
|
volumes:
|
||||||
|
- actual-data:/data
|
||||||
|
healthcheck:
|
||||||
|
test: ["CMD-SHELL", "node src/scripts/health-check.js"]
|
||||||
|
interval: 60s
|
||||||
|
timeout: 10s
|
||||||
|
retries: 3
|
||||||
|
start_period: 20s
|
||||||
|
restart: unless-stopped
|
||||||
|
|
||||||
|
volumes:
|
||||||
|
actual-data:
|
||||||
Reference in New Issue
Block a user