jegomez/ansible-role-odoo14-launch-container

Fork 0

Ansible role that LXC server will use to launch a new Odoo 14 container and register its domain in the existing Nginx container

Go to file

Jorge Enrique Gómez Gómez 340778c6f4 [DOC] Replaces full ansible-pull command with a short script		2021-10-29 23:24:30 +00:00
roles	[ADD] Uses a variable for the CNAME endpoint	2021-09-29 17:40:29 -05:00
hosts	Allow nginx to run without python2	2021-03-28 03:31:31 +00:00
launch-odoo14-container.sh	[ADD] Script that launches containers	2021-10-28 19:55:16 -05:00
local.yml	[ADD] Uses a variable for the CNAME endpoint	2021-09-29 17:40:29 -05:00
README.md	[DOC] Replaces full ansible-pull command with a short script	2021-10-29 23:24:30 +00:00

README.md

Ansible role to launch a new Odoo 14 LXD container

To be used in the LXD host (currently servidora1e0.bogota.agofer), using ansible-pull.

 launch-odoo14-container.sh newodoocontainer

Launches a new LXD container called newodoocontainer, that uses a LXD profile to download and setup Odoo v14.
Creates a DNS alias for externo.agofer.net or externo2.agofer.net (see role variables in local.yml file), called newodoocontainer.agofer.net.
Registers this container in the existing Nginx Proxy container.
Requests an SSL certificate to Let's Encrypt for the new domain, storing the certificates in the Nginx Proxy container.

The file ~/.vault_pass.txt contains the cleartext password to the vault file where the Dreamhost API key and the Gitea deploy keys are stored encrypted.

Prerequisites

A container called nginx should exist, with these packages already installed:

lxc exec nginx -- apt -y install nginx certbot python3-certbot-nginx

This container should listen to external connections, in order to allow Let's Encrypt certificates to be assigned and renewed. It's strongly suggested to protect it using fail2ban, Geo-IP restrictions, or other security measures.