diff --git a/site.yml b/site.yml
index 9a2135e5a3c46153316ba979996fbade2c1cc231..4a721d3cd93f08c74ba1637e413e373563e0d2df 100644
--- a/site.yml
+++ b/site.yml
@@ -60,6 +60,12 @@
basedir: "/srv/{{ servicename }}",
domain: "verwaltung.test-warpzone.de"
}
+ - {
+ role: testserver/docker_tandoor, tags: [ test_tandoor, docker_services ],
+ servicename: "tandoor",
+ basedir: "/srv/{{ servicename }}",
+ domain: "tandoor.test-warpzone.de"
+ }
##################################################
diff --git a/testserver/docker_tandoor/Documentation.md b/testserver/docker_tandoor/Documentation.md
new file mode 100644
index 0000000000000000000000000000000000000000..074a7865d9cdf3f624633a600b9448df40d0df7c
--- /dev/null
+++ b/testserver/docker_tandoor/Documentation.md
@@ -0,0 +1,4 @@
+
+After initial Setup, the initial superuser 'tandooradmin' must be created in the unser interface.
+The Password is stored on the Server in the file ```secrets/tandooradmin_user_pass``` within the data directory.
+
diff --git a/testserver/docker_tandoor/tasks/main.yml b/testserver/docker_tandoor/tasks/main.yml
new file mode 100644
index 0000000000000000000000000000000000000000..28fc83e7993b3c9e583a45fad66ceb04de9a1464
--- /dev/null
+++ b/testserver/docker_tandoor/tasks/main.yml
@@ -0,0 +1,40 @@
+---
+
+- include_tasks: ../functions/get_secret.yml
+ with_items:
+ - { path: "{{ basedir }}/secrets/secret_key", length: 32 }
+ - { path: "{{ basedir }}/secrets/postgres_user_pass", length: 24 }
+ - { path: "{{ basedir }}/secrets/tandooradmin_user_pass", length: 24 }
+
+
+- name: "create folder struct for {{ servicename }}"
+ file:
+ path: "{{ item }}"
+ state: "directory"
+ with_items:
+ - "{{ basedir }}"
+ - "{{ basedir }}/secrets"
+ - "{{ basedir }}/db"
+ - "{{ basedir }}/staticfiles"
+ - "{{ basedir }}/mediafiles"
+
+
+- name: "deploy {{ servicename }} config files"
+ template:
+ dest: "{{ basedir }}/{{ item }}"
+ src: "{{ item }}"
+ with_items:
+ - docker-compose.yml
+ register: config
+
+
+- name: "stop {{ servicename }} docker"
+ community.docker.docker_compose_v2:
+ project_src: "{{ basedir }}"
+ state: absent
+ when: config.changed
+
+- name: "start {{ servicename }} docker"
+ community.docker.docker_compose_v2:
+ project_src: "{{ basedir }}"
+ state: present
diff --git a/testserver/docker_tandoor/templates/docker-compose.yml b/testserver/docker_tandoor/templates/docker-compose.yml
new file mode 100644
index 0000000000000000000000000000000000000000..68a281dea4f75fc9f70651f2a3902b084517f090
--- /dev/null
+++ b/testserver/docker_tandoor/templates/docker-compose.yml
@@ -0,0 +1,49 @@
+
+services:
+
+
+ db:
+
+ image: postgres:16-alpine
+ restart: always
+ volumes:
+ - "{{ basedir }}/db:/var/lib/postgresql/data"
+ environment:
+ POSTGRES_DB: tandoor
+ POSTGRES_PORT: 5432
+ POSTGRES_USER: tandoor
+ POSTGRES_PASSWORD: "{{ postgres_user_pass }}"
+ networks:
+ - default
+
+
+ app:
+
+ restart: always
+ image: vabene1111/recipes:latest
+ depends_on:
+ - db
+ volumes:
+ - "{{ basedir }}/staticfiles:/opt/recipes/staticfiles"
+ - "{{ basedir }}/mediafiles:/opt/recipes/mediafiles"
+ environment:
+ SECRET_KEY: {{ secret_key }}
+ DB_ENGINE: django.db.backends.postgresql
+ POSTGRES_HOST: db
+ POSTGRES_DB: tandoor
+ POSTGRES_PORT: 5432
+ POSTGRES_USER: tandoor
+ POSTGRES_PASSWORD: "{{ postgres_user_pass }}"
+ labels:
+ - traefik.enable=true
+ - traefik.http.routers.{{ servicename }}.rule=Host(`{{ domain }}`)
+ - traefik.http.routers.{{ servicename }}.entrypoints=websecure
+ - traefik.http.services.{{ servicename }}.loadbalancer.server.port=8080
+ networks:
+ - default
+ - web
+
+
+networks:
+ web:
+ external: true