0
0
Ansible playbook for Opnxng deployment
Go to file
2024-06-24 00:01:02 +08:00
config-tasks SearXNG: separated lists for the hostnames plugin 2024-06-24 00:01:02 +08:00
files SearXNG: changed compose name 2024-06-09 16:33:29 +08:00
templates SearXNG: separated lists for the hostnames plugin 2024-06-24 00:01:02 +08:00
vars SearXNG: separated lists for the hostnames plugin 2024-06-24 00:01:02 +08:00
.gitignore SearXNG: fixed crashes 2024-06-06 23:52:16 +08:00
back-up.yaml Updated Gitea 2024-06-06 23:52:16 +08:00
deploy.yaml Use .yaml 2024-06-06 23:52:16 +08:00
LICENSE Updated LICENSE 2023-11-07 07:46:42 +08:00
README.md SearXNG: updated settings.yml 2024-06-09 16:33:29 +08:00
staging Fixed config-tasks 2024-06-06 23:52:16 +08:00

Ansible playbook for Opnxng deployment

An Ansible playbook to deploy Docker services to our servers and another to back up important data.

ansible-playbook -i "production" "deploy.yaml"

ansible-playbook -i "production" "back-up.yaml"

Services

The services are hosted on one Vultr and four Oracle servers. A variables file defines the services to be deployed or already deployed.

They are deployed with Compose files and load balanced according to the Caddyfile.

Configurations

Our caddy server blocks IP ranges that have been involved in mass spams. The block range file is created by ProjectSegfault. Thanks to their team.

Data of our Privatebin, Etherpad, and Gitea instances are backed up periodically.

Passwords and other sensitive data are kept locally as encrypted variables in secrets.yaml. We host an Authelia and Firefox stack that is restricted to specific users only. Their related files are also kept locally.

Contact

Please contact us via email if you discover any vulnerability or area for improvement in our infrastructure. We would truly appreciate it.