diff --git a/roles/docker/tasks/main.yml b/roles/docker/tasks/main.yml index 34e86ed..3efa890 100644 --- a/roles/docker/tasks/main.yml +++ b/roles/docker/tasks/main.yml @@ -169,4 +169,8 @@ - name: Install manyfold import_tasks: manyfold.yml - tags: manyfold \ No newline at end of file + tags: manyfold + +- name: Install mmdl + import_tasks: mmdl.yml + tags: mmdl \ No newline at end of file diff --git a/roles/docker/tasks/mmdl.yml b/roles/docker/tasks/mmdl.yml new file mode 100644 index 0000000..9b922f1 --- /dev/null +++ b/roles/docker/tasks/mmdl.yml @@ -0,0 +1,25 @@ +--- +- name: Create mmdl directories + ansible.builtin.file: + path: "{{ item }}" + state: directory + loop: + - /opt/stacks/mmdl + - /opt/stacks/mmdl/data + - /opt/stacks/mmdl/mysql + +- name: Template mmdl environment file + ansible.builtin.template: + src: mmdl-env.j2 + dest: /opt/stacks/mmdl/.env.local + +- name: Template mmdl compose file + ansible.builtin.template: + src: mmdl-compose.yml.j2 + dest: /opt/stacks/mmdl/compose.yml + +- name: Deploy mmdl stack + community.docker.docker_compose_v2: + project_src: /opt/stacks/mmdl + files: + - compose.yml \ No newline at end of file diff --git a/roles/docker/templates/mmdl-compose.yml.j2 b/roles/docker/templates/mmdl-compose.yml.j2 new file mode 100644 index 0000000..e2879f2 --- /dev/null +++ b/roles/docker/templates/mmdl-compose.yml.j2 @@ -0,0 +1,45 @@ +services: + mmdl: + image: intriin/mmdl:latest + container_name: mmdl + restart: unless-stopped + depends_on: + - mmdl_db + env_file: + - .env.local + extra_hosts: + - "host.docker.internal:host-gateway" + - "auth.thesatelliteoflove.com:172.20.0.5" + labels: + glance.name: MMDL + glance.icon: si:task + glance.url: https://tasks.thesatelliteoflove.com/ + glance.description: Task and calendar management + glance.id: mmdl + + mmdl_db: + image: mysql:8.0 + container_name: mmdl_db + restart: unless-stopped + command: --default-authentication-plugin=mysql_native_password + environment: + MYSQL_DATABASE: mmdl + MYSQL_USER: mmdl + MYSQL_PASSWORD: "{{ vault_mmdl_mysql_password }}" + MYSQL_ROOT_PASSWORD: "{{ vault_mmdl_mysql_root_password }}" + MYSQL_ALLOW_EMPTY_PASSWORD: "yes" + MYSQL_ROOT_HOST: "%" + volumes: + - mmdl_db:/var/lib/mysql + labels: + glance.parent: mmdl + glance.name: DB + +volumes: + mmdl_db: + driver: local + +networks: + default: + external: true + name: lava \ No newline at end of file diff --git a/roles/docker/templates/mmdl-env.j2 b/roles/docker/templates/mmdl-env.j2 new file mode 100644 index 0000000..33fdd7c --- /dev/null +++ b/roles/docker/templates/mmdl-env.j2 @@ -0,0 +1,41 @@ +# Database Configuration +DB_HOST=mmdl_db +DB_USER=mmdl +DB_PASS={{ vault_mmdl_mysql_password }} +DB_PORT=3306 +DB_DIALECT=mysql +DB_CHARSET=utf8mb4 +DB_NAME=mmdl + +# Encryption +AES_PASSWORD={{ vault_mmdl_aes_password }} + +# SMTP Settings +SMTP_HOST=smtp.resend.com +SMTP_USERNAME=resend +SMTP_PASSWORD={{ resend_key }} +SMTP_FROM=tasks@updates.thesatelliteoflove.com +SMTP_PORT=587 +SMTP_SECURE=true + +# Authentication +USE_NEXT_AUTH=true +NEXTAUTH_URL=https://tasks.thesatelliteoflove.com +NEXTAUTH_SECRET={{ vault_mmdl_nextauth_secret }} + +# Authentik OIDC Configuration +AUTHENTIK_ISSUER=https://auth.thesatelliteoflove.com/application/o/mmdl +AUTHENTIK_CLIENT_ID={{ vault_mmdl_oidc_client_id }} +AUTHENTIK_CLIENT_SECRET={{ vault_mmdl_oidc_client_secret }} + +# User and Session Management +ALLOW_USER_REGISTRATION=false +MAX_CONCURRENT_LOGINS=3 +OTP_VALIDITY_PERIOD=300 +SESSION_VALIDITY_PERIOD=30 + +# Application Settings +API_URL=https://tasks.thesatelliteoflove.com +DEBUG_MODE=false +TEST_MODE=false +SUBTASK_RECURSION_DEPTH=5 \ No newline at end of file