jegomez/ansible-role-odoo14-launch-container
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
f80cc7b7eb
ansible-role-odoo14-launch-.../README.md

1.4 KiB
Raw Blame History

Ansible role to launch a new Odoo 14 LXD container

To be used in the LXD host (currently servidora1e0.bogota.agofer), using ansible-pull.

ansible-pull \
  -U ssh://git@gitea.agofer.net:22001/jegomez/ansible-role-odoo14-launch-container \
  -e nombre=<newodoocontainer> \
  --vault-password-file ~/.vault_pass.txt \
  -l localhost,nginx \
  -i hosts
  • Launches a new LXD container called newodoocontainer, that uses a LXD profile to download and setup Odoo v14.
  • Creates a DNS alias for externo.agofer.net or externo2.agofer.net (see role variables in local.yml file), called newodoocontainer.agofer.net.
  • Registers this container in the existing Nginx Proxy container.
  • Requests an SSL certificate to Let's Encrypt for the new domain, storing the certificates in the Nginx Proxy container.

The file ~/.vault_pass.txt contains the cleartext password to the vault file where the Dreamhost API key and the Gitea deploy keys are stored encrypted.

Prerequisites

A container called nginx should exist, with these packages already installed:

lxc exec nginx -- apt -y install nginx certbot python3-certbot-nginx

This container should listen to external connections, in order to allow Let's Encrypt certificates to be assigned and renewed. It's strongly suggested to protect it using fail2ban, Geo-IP restrictions, or other security measures.