0
0
Ansible playbook for Opnxng deployment
Go to file
2024-11-16 23:52:19 +08:00
config-tasks Added Standardnotes 2024-11-16 23:52:19 +08:00
files SearXNG: changed compose name 2024-06-09 16:33:29 +08:00
templates Added Standardnotes 2024-11-16 23:52:19 +08:00
vars Added Standardnotes 2024-11-16 23:52:19 +08:00
.gitignore Gitea: updated gitea-netrc config 2024-11-02 17:27:49 +08:00
back-up.yaml Removed docker_dir variable 2024-11-10 12:42:23 +08:00
deploy.yaml Removed docker_dir variable 2024-11-10 12:42:23 +08:00
LICENSE Updated LICENSE 2023-11-07 07:46:42 +08:00
README.md Updated README.md 2024-09-16 09:40:13 +08:00
staging Fixed config-tasks 2024-06-06 23:52:16 +08:00

Ansible playbook for Opnxng deployment

An Ansible playbook to deploy Docker services to our servers and another to back up important data.

ansible-playbook -i "production" "deploy.yaml"

ansible-playbook -i "production" "back-up.yaml"

Services

The services are hosted on one Vultr and four Oracle servers. A variables file defines the services to be deployed or already deployed.

They are deployed with Compose files and load balanced according to the Caddyfile.

Configurations

Our caddy server blocks IP ranges that have been involved in mass spams or botnets. The mass spam block range file is created by ProjectSegfault. The botnet block range file is created by return42. Thanks to their team.

Data of our Privatebin, Etherpad, and Gitea instances are backed up periodically.

Passwords and other sensitive data are kept locally as encrypted variables in secrets.yaml.

Contact

Please contact us via email if you discover any vulnerability or area for improvement in our infrastructure. We would truly appreciate it.