jegomez/ansible-role-odoo14-launch-container
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Ansible role that LXC server will use to launch a new Odoo 14 container and register its domain in the existing Nginx container
37 Commits 1 Branch 0 Tags 70 KiB
Shell 57.6%
Jinja 42.4%
6c89034d51
Go to file
Jorge E. Gomez 6c89034d51 [NEW] Adds configuration to Nginx for Real IP detection
2021-03-29 18:13:53 -05:00
roles [NEW] Adds configuration to Nginx for Real IP detection 2021-03-29 18:13:53 -05:00
hosts Allow nginx to run without python2 2021-03-28 03:31:31 +00:00
local.yml Allows connection to nginx without "local:" prefix 2021-03-28 03:40:36 +00:00
README.md [DOC] Adds required nginx setup 2021-03-28 23:55:48 +00:00

README.md

Ansible role to launch a new Odoo 14 LXD container

To be used in the LXD host (currently servidora1e0.bogota.agofer), using ansible-pull.

ansible-pull \
  -U ssh://git@gitea.agofer.net:22001/jegomez/ansible-role-odoo14-launch-container \
  -e nombre=<newodoocontainer> \
  --vault-password-file ~/.vault_pass.txt \
  -l localhost,nginx \
  -i hosts
  • Launches a new LXD container called newodoocontainer, that uses a LXD profile to download and setup Odoo v14.
  • Creates a DNS alias for externo.agofer.net called newodoocontainer.agofer.net.
  • Registers this container in the existing Nginx Proxy container.
  • Requests an SSL certificate to Let's Encrypt for the new domain, storing the certificates in the Nginx Proxy container.

The file ~/.vault_pass.txt contains the cleartext password to the vault file where the Dreamhost API key and the Gitea deploy keys are stored encrypted.

Prerequisites

A container called nginx should exist, with these packages already installed:

lxc exec nginx -- apt -y install nginx certbot python3-certbot-nginx

This container should listen to external connections, in order to allow Let's Encrypt certificates to be assigned and renewed. It's strongly suggested to protect it using fail2ban, Geo-IP restrictions, or other security measures.