Ansible playbook for Opnxng deployment

Go to file

Opnxng 06a98854d3 Caddy: disabled rate limiting		2024-05-10 08:24:51 +08:00
config-tasks	Proxigram: maintain own providers.json and disable RSS	2024-05-10 08:24:19 +08:00
files	Proxigram: maintain own providers.json and disable RSS	2024-05-10 08:24:19 +08:00
templates	Caddy: disabled rate limiting	2024-05-10 08:24:51 +08:00
vars	Caddy: disabled rate limiting	2024-05-10 08:24:51 +08:00
.gitignore	Fixed SearXNG crashes	2023-11-15 04:18:51 +08:00
back-up.yaml	Updated Gitea	2023-12-13 07:41:23 +08:00
deploy.yaml	Use .yaml	2023-11-14 04:27:06 +08:00
LICENSE	Updated LICENSE	2023-11-07 07:46:42 +08:00
README.md	Use Lomanic's Scribe image	2023-11-23 11:05:15 +08:00
staging	Fixed config-tasks	2023-11-11 21:29:49 +08:00

README.md

Ansible playbook for Opnxng deployment

An Ansible playbook to deploy Docker services to our servers and another to back up important data.

ansible-playbook -i "production" "deploy.yaml"

ansible-playbook -i "production" "back-up.yaml"

Services

The services are hosted on one Vultr and four Oracle servers. A variables file defines the services to be deployed or already deployed.

They are deployed with Compose files and load balanced according to the Caddyfile.

Configurations

Our SearXNG instance uses a custom settings.yml that always include upstream changes. It is updated by hand with reference to Pussthecat.org's configuration. Thanks to TheFrenchGhosty.

Data of our Privatebin, Etherpad, and Gitea instances are backed up periodically.

Passwords and other sensitive data are kept locally as encrypted variables in secrets.yaml. We host an Authelia and Firefox stack that is restricted to specific users only. Their related files are also kept locally.

Contact

Please contact us via email if you discover any vulnerability or area for improvement in our infrastructure. We would truly appreciate it.