20 lines
1.2 KiB
Markdown
20 lines
1.2 KiB
Markdown
# Ansible project for deploying Docker services to Opnxng
|
|
|
|
An Ansible project that deploys docker services to our servers.
|
|
|
|
`ansible-playbook -i "production" "deploy.yml"`
|
|
|
|
## Services
|
|
|
|
The services are hosted on one Vultr and four Oracle servers. A [variables file](vars/services.yml) defines the services to be deployed or already deployed.
|
|
|
|
They are deployed with [Compose files](templates/compose) and load balanced according to the [Caddyfile](templates/conf/Caddyfile.j2).
|
|
|
|
## Configurations
|
|
|
|
Our SearXNG instance uses a custom [settings.yml](templates/conf/settings.yml.j2) that always include upstream changes. It is updated by hand with reference to [Pussthecat.org's configuration](https://github.com/PussTheCat-org/PussTheCat.org-Configs/tree/master/Services/SearXNG).
|
|
|
|
Passwords and other sensitive data are kept locally as encrypted variables in [secrets.yml](/opnxng/ansible-opnxng-deploy). We host an Authelia and Firefox stack that is restricted to specific users only. Their related files are also kept locally.
|
|
|
|
## Contact
|
|
Please contact us via [email](mailto:opnxng@tuta.io) if you discover any vulnerability or area for improvement in our infrastructure. We would truly appreciate it. |