opnxng/opnxng-deploy-playbook
0
0
Fork 0
Code
Ansible playbook for Opnxng deployment
104 Commits 1 Branch 0 Tags 2.2 MiB
Jinja 91%
CSS 7.1%
Pug 1.9%
main
Go to file
Opnxng aa527bd068 Removed Proxitok
2024-09-16 09:40:24 +08:00
config-tasks Caddy: blocked IP ranges involved in botnets. Thanks to return42 2024-08-23 10:15:07 +08:00
files SearXNG: changed compose name 2024-06-09 16:33:29 +08:00
templates Removed Proxitok 2024-09-16 09:40:24 +08:00
vars Removed Proxitok 2024-09-16 09:40:24 +08:00
.gitignore Removed Firefox 2024-09-06 23:38:31 +08:00
back-up.yaml Updated Gitea 2024-06-06 23:52:16 +08:00
deploy.yaml Use .yaml 2024-06-06 23:52:16 +08:00
LICENSE Updated LICENSE 2023-11-07 07:46:42 +08:00
README.md Updated README.md 2024-09-16 09:40:13 +08:00
staging Fixed config-tasks 2024-06-06 23:52:16 +08:00

README.md

Ansible playbook for Opnxng deployment

An Ansible playbook to deploy Docker services to our servers and another to back up important data.

ansible-playbook -i "production" "deploy.yaml"

ansible-playbook -i "production" "back-up.yaml"

Services

The services are hosted on one Vultr and four Oracle servers. A variables file defines the services to be deployed or already deployed.

They are deployed with Compose files and load balanced according to the Caddyfile.

Configurations

Our caddy server blocks IP ranges that have been involved in mass spams or botnets. The mass spam block range file is created by ProjectSegfault. The botnet block range file is created by return42. Thanks to their team.

Data of our Privatebin, Etherpad, and Gitea instances are backed up periodically.

Passwords and other sensitive data are kept locally as encrypted variables in secrets.yaml.

Contact

Please contact us via email if you discover any vulnerability or area for improvement in our infrastructure. We would truly appreciate it.