From b4253aacda3a3cf87b97bc7ed5e90bfdfa8a1a12 Mon Sep 17 00:00:00 2001
From: jabertwo <git@jabertwo.de>
Date: Wed, 26 Jun 2024 00:05:18 +0200
Subject: [PATCH] WIP verwaltung jameica testserver
---
site.yml | 7 ++-
testserver/docker_jameica/tasks/main.yml | 38 ++++++++++++++
.../docker_jameica/templates/Dockerfile | 24 +++++++++
.../templates/docker-compose.yml | 52 +++++++++++++++++++
.../docker_jameica/templates/jameica.conf | 4 ++
.../docker_jameica/templates/jameica.sh | 11 ++++
6 files changed, 135 insertions(+), 1 deletion(-)
create mode 100644 testserver/docker_jameica/tasks/main.yml
create mode 100644 testserver/docker_jameica/templates/Dockerfile
create mode 100644 testserver/docker_jameica/templates/docker-compose.yml
create mode 100644 testserver/docker_jameica/templates/jameica.conf
create mode 100644 testserver/docker_jameica/templates/jameica.sh
diff --git a/site.yml b/site.yml
index 9124d9e3..e133f9c5 100644
--- a/site.yml
+++ b/site.yml
@@ -99,7 +99,12 @@
basedir: "/srv/{{ servicename }}",
domain: "www.test-warpzone.de"
}
-
+ - {
+ role: testserver/docker_jameica, tags: [ test_jameicavnc, docker_services ],
+ servicename: "jameicavnc",
+ domain: "verwaltung-jameica.test-warpzone.de",
+ basedir: "/srv/{{servicename}}"
+ }
##################################################
# Produktive Server
diff --git a/testserver/docker_jameica/tasks/main.yml b/testserver/docker_jameica/tasks/main.yml
new file mode 100644
index 00000000..fae41ec7
--- /dev/null
+++ b/testserver/docker_jameica/tasks/main.yml
@@ -0,0 +1,38 @@
+---
+- include_tasks: ../functions/get_secret.yml
+ with_items:
+ - { path: "{{ basedir }}/secrets/forward_auth_secret", length: 64 }
+ - { path: "{{ basedir }}/secrets/oauth_client_secret", length: 64 }
+
+- name: "create folder struct for {{ servicename }}"
+ file:
+ path: "{{item}}"
+ state: "directory"
+ with_items:
+ - "{{basedir}}/"
+ - "{{basedir}}/work"
+ - "{{basedir}}/secrets"
+
+- name: Konfig-Dateien erstellen
+ template:
+ src: "{{item}}"
+ dest: "{{basedir}}/{{item}}"
+ with_items:
+ - "docker-compose.yml"
+ - "Dockerfile"
+ - "jameica.conf"
+ - "jameica.sh"
+ register: config_files
+
+- name: "stop {{ servicename }} docker"
+ community.docker.docker_compose_v2:
+ project_src: "{{ basedir }}"
+ state: absent
+ when: config_files.changed
+
+
+- name: "start {{ servicename }} docker"
+ community.docker.docker_compose_v2:
+ project_src: "{{ basedir }}"
+ state: present
+
diff --git a/testserver/docker_jameica/templates/Dockerfile b/testserver/docker_jameica/templates/Dockerfile
new file mode 100644
index 00000000..6e872df1
--- /dev/null
+++ b/testserver/docker_jameica/templates/Dockerfile
@@ -0,0 +1,24 @@
+FROM theasp/novnc:latest
+
+# Install java
+RUN set -ex; \
+ apt-get update; \
+ apt-get install -y \
+ openjdk-17-jre \
+ libswt-gtk-4-java
+
+COPY jameica.conf /app/conf.d/
+COPY jameica.sh /app/
+
+# Add User Vorstand
+RUN groupadd --gid 1000 vorstand \
+ && useradd --uid 1000 --gid 1000 -m vorstand
+
+RUN set -ex; \
+ mkdir /jameica/; \
+ mkdir /jameica-data/; \
+ mkdir /jameica-work/; \
+ usermod -U -s /bin/bash -d /jameica-work/ -G root www-data; \
+ chown vorstand:vorstand /app/jameica.sh; \
+ chown vorstand:vorstand /jameica-work/; \
+ chmod +x /app/jameica.sh;
diff --git a/testserver/docker_jameica/templates/docker-compose.yml b/testserver/docker_jameica/templates/docker-compose.yml
new file mode 100644
index 00000000..3c3c4435
--- /dev/null
+++ b/testserver/docker_jameica/templates/docker-compose.yml
@@ -0,0 +1,52 @@
+services:
+
+ vnc:
+ build: .
+ restart: always
+ environment:
+ DISPLAY_WIDTH: 1440
+ DISPLAY_HEIGHT: 900
+ RUN_XTERM: "no"
+ volumes:
+ - /srv/jameica:/jameica/
+ - /srv/data-jameica:/jameica-data/
+ - {{basedir}}/work:/jameica-work/
+ networks:
+ - default
+ labels:
+ - com.centurylinklabs.watchtower.enable=false
+ - traefik.enable=true
+ - traefik.http.routers.{{ servicename }}.middlewares={{ servicename }}-auth
+ - traefik.http.routers.{{ servicename }}.rule=Host(`{{ domain }}`)
+ - traefik.http.routers.{{ servicename }}.entrypoints=websecure
+ - traefik.http.services.{{ servicename }}.loadbalancer.server.port=8080
+
+
+ auth:
+ image: thomseddon/traefik-forward-auth:2.2
+ restart: always
+ environment:
+ LOG_LEVEL: info
+ DEFAULT_ACTION: auth
+ DEFAULT_PROVIDER: generic-oauth
+ SECRET: {{ forward_auth_secret }}
+ PROVIDERS_GENERIC_OAUTH_AUTH_URL: {{ oauth_global.authorize_url }}
+ PROVIDERS_GENERIC_OAUTH_TOKEN_URL: {{ oauth_global.token_url }}
+ PROVIDERS_GENERIC_OAUTH_USER_URL: {{ oauth_global.userinfo_url }}
+ PROVIDERS_GENERIC_OAUTH_CLIENT_ID: {{ servicename }}
+ PROVIDERS_GENERIC_OAUTH_CLIENT_SECRET: {{ oauth_client_secret }}
+ PROVIDERS_GENERIC_OAUTH_SCOPE: profile
+ PROVIDERS_GENERIC_OAUTH_TOKEN_STYLE: header
+ labels:
+ - com.centurylinklabs.watchtower.enable=false
+ - traefik.enable=true
+ - traefik.http.middlewares.{{ servicename }}-auth.forwardauth.address=http://auth:4181
+ - traefik.http.middlewares.{{ servicename }}-auth.forwardauth.authResponseHeaders=X-Forwarded-User
+ - traefik.http.services.{{ servicename }}-auth.loadbalancer.server.port=4181
+ networks:
+ - default
+ - web
+
+networks:
+ web:
+ external: true
\ No newline at end of file
diff --git a/testserver/docker_jameica/templates/jameica.conf b/testserver/docker_jameica/templates/jameica.conf
new file mode 100644
index 00000000..1e2873ea
--- /dev/null
+++ b/testserver/docker_jameica/templates/jameica.conf
@@ -0,0 +1,4 @@
+[program:jameica]
+command=/app/jameica.sh
+autorestart=true
+user=vorstand
diff --git a/testserver/docker_jameica/templates/jameica.sh b/testserver/docker_jameica/templates/jameica.sh
new file mode 100644
index 00000000..1fb8c4b9
--- /dev/null
+++ b/testserver/docker_jameica/templates/jameica.sh
@@ -0,0 +1,11 @@
+#!/bin/sh
+
+# Linux Start-Script fuer regulaeren Standalone-Betrieb.
+# Jameica wird hierbei mit GUI gestartet.
+
+# Das Datenverzeichnis wird hierbei ohne Passwort geladen
+
+cd "/jameica/"
+archsuffix="64"
+
+LIBOVERLAY_SCROLLBAR=0 GDK_NATIVE_WINDOWS=1 SWT_GTK3=1 exec java -Djava.net.preferIPv4Stack=true -Xmx512m $_JCONSOLE -jar jameica-linux${archsuffix}.jar -f /jameica-data/ -p nopassword $@
--
GitLab