diff options
Diffstat (limited to 'roles')
-rw-r--r-- | roles/apps/collabora/code/templates/pod.yml.j2 | 1 | ||||
-rw-r--r-- | roles/apps/etherpad-lite/templates/pod-with-mariadb.yml.j2 | 1 | ||||
-rw-r--r-- | roles/apps/jitsi/meet/templates/pod.yml.j2 | 27 | ||||
-rw-r--r-- | roles/apps/nextcloud/tasks/main.yml | 5 | ||||
-rw-r--r-- | roles/apps/nextcloud/templates/pod-with-mariadb.yml.j2 | 1 | ||||
-rw-r--r-- | roles/kubernetes/base/tasks/cri_docker.yml | 13 | ||||
-rw-r--r-- | roles/nginx/base/defaults/main.yml | 2 | ||||
-rw-r--r-- | roles/nginx/base/tasks/main.yml | 9 |
8 files changed, 49 insertions, 10 deletions
diff --git a/roles/apps/collabora/code/templates/pod.yml.j2 b/roles/apps/collabora/code/templates/pod.yml.j2 index ee4651a1..8ed092ac 100644 --- a/roles/apps/collabora/code/templates/pod.yml.j2 +++ b/roles/apps/collabora/code/templates/pod.yml.j2 @@ -26,6 +26,7 @@ spec: ports: - containerPort: 9980 hostPort: {{ item.value.port }} + hostIP: 127.0.0.1 volumes: - name: config hostPath: diff --git a/roles/apps/etherpad-lite/templates/pod-with-mariadb.yml.j2 b/roles/apps/etherpad-lite/templates/pod-with-mariadb.yml.j2 index a4acdd21..9391290f 100644 --- a/roles/apps/etherpad-lite/templates/pod-with-mariadb.yml.j2 +++ b/roles/apps/etherpad-lite/templates/pod-with-mariadb.yml.j2 @@ -22,6 +22,7 @@ spec: ports: - containerPort: 9001 hostPort: {{ item.value.port }} + hostIP: 127.0.0.1 - name: database image: "mariadb:{{ item.value.database.version }}" securityContext: diff --git a/roles/apps/jitsi/meet/templates/pod.yml.j2 b/roles/apps/jitsi/meet/templates/pod.yml.j2 index 93a4a33f..1504211a 100644 --- a/roles/apps/jitsi/meet/templates/pod.yml.j2 +++ b/roles/apps/jitsi/meet/templates/pod.yml.j2 @@ -18,8 +18,10 @@ spec: - name: jicofo image: "jitsi/jicofo:{{ jitsi_meet_version }}" resources: + requests: + memory: "1Gi" limits: - memory: "5Gi" + memory: "4Gi" volumeMounts: - name: config subPath: jicofo @@ -50,6 +52,8 @@ spec: - name: prosody image: "jitsi/prosody:{{ jitsi_meet_version }}" resources: + requests: + memory: "128Mi" limits: memory: "512Mi" volumeMounts: @@ -89,11 +93,15 @@ spec: - name: web image: "jitsi/web:{{ jitsi_meet_version }}" resources: + requests: + memory: "256Mi" limits: memory: "1Gi" ports: - - containerPort: 80 + - protocol: TCP + containerPort: 80 hostPort: {{ jitsi_meet_http_port }} + hostIP: 127.0.0.1 volumeMounts: - name: config subPath: web @@ -129,8 +137,15 @@ spec: - name: jvb image: "jitsi/jvb:{{ jitsi_meet_version }}" resources: + requests: + memory: "1Gi" limits: - memory: "5Gi" + memory: "4Gi" + ports: + - protocol: UDP + containerPort: {{ jitsi_meet_jvb_port }} + hostPort: {{ jitsi_meet_jvb_port }} + hostIP: "{{ external_ip | default(ansible_default_ipv4.address) }}" volumeMounts: - name: config subPath: jvb @@ -157,13 +172,11 @@ spec: - name: JVB_BREWERY_MUC value: jvbbrewery - name: JVB_PORT - value: "10000" + value: "{{ jitsi_meet_jvb_port }}" - name: JVB_TCP_HARVESTER_DISABLED value: "true" - - name: JVB_STUN_SERVERS - value: stun.l.google.com:19302,stun1.l.google.com:19302,stun2.l.google.com:19302 - name: DOCKER_HOST_ADDRESS - value: "{{ ansible_default_ipv4.address }}" + value: "{{ external_ip | default(ansible_default_ipv4.address) }}" - name: TZ value: {{ jitsi_meet_timezone }} diff --git a/roles/apps/nextcloud/tasks/main.yml b/roles/apps/nextcloud/tasks/main.yml index 7d52be32..68e9dc78 100644 --- a/roles/apps/nextcloud/tasks/main.yml +++ b/roles/apps/nextcloud/tasks/main.yml @@ -12,7 +12,7 @@ - name: create zfs volumes for instances loop: "{{ nextcloud_instances | dict2items }}" loop_control: - label: "{{ item.key }} ({{ item.value.quota }})" + label: "{{ item.key }} ({{ item.value.quota | default('-') }})" zfs: name: "{{ nextcloud_zfs.pool }}/{{ nextcloud_zfs.name }}/{{ item.key }}" state: present @@ -174,7 +174,8 @@ prompt: | ************* {{ item.key }} is a new instance ** - ** Please run the following commands to finalize the installation + ** Go to https://{{ item.value.hostnames[0] }} and finalize the + ** installation. After that run the following commands: ** ** $ nextcloud-occ {{ item.key }} db:add-missing-indices ** $ nextcloud-occ {{ item.key }} db:convert-filecache-bigint diff --git a/roles/apps/nextcloud/templates/pod-with-mariadb.yml.j2 b/roles/apps/nextcloud/templates/pod-with-mariadb.yml.j2 index dfef3810..72f8cb7a 100644 --- a/roles/apps/nextcloud/templates/pod-with-mariadb.yml.j2 +++ b/roles/apps/nextcloud/templates/pod-with-mariadb.yml.j2 @@ -41,6 +41,7 @@ spec: ports: - containerPort: 8080 hostPort: {{ item.value.port }} + hostIP: 127.0.0.1 - name: database image: "mariadb:{{ item.value.database.version }}" args: diff --git a/roles/kubernetes/base/tasks/cri_docker.yml b/roles/kubernetes/base/tasks/cri_docker.yml index 50558d70..0c400e2c 100644 --- a/roles/kubernetes/base/tasks/cri_docker.yml +++ b/roles/kubernetes/base/tasks/cri_docker.yml @@ -1,11 +1,22 @@ --- - - name: make sure the kubernetes_cri_socket variable is configured correctly assert: msg: "The variable kubernetes_cri_socket is not configured correctly. You might need to move your host to the group kubernetes-cluster or standalone-kubelet!" that: - not kubernetes_cri_socket +- name: create systemd snippet directory + file: + path: /etc/systemd/system/kubelet.service.d/ + state: directory + +- name: install systemd snippet to make sure kubelet starts after docker + copy: + content: | + [Unit] + After=docker.service + dest: /etc/systemd/system/kubelet.service.d/after-docker.conf + - name: disable bridge and iptables in docker daemon config set_fact: docker_daemon_config: "{{ docker_daemon_config | default({}) | combine({'exec-opts': ['native.cgroupdriver=systemd'], 'bridge': 'none', 'iptables': false}) }}" diff --git a/roles/nginx/base/defaults/main.yml b/roles/nginx/base/defaults/main.yml index 9dd53cdf..79c79b49 100644 --- a/roles/nginx/base/defaults/main.yml +++ b/roles/nginx/base/defaults/main.yml @@ -14,3 +14,5 @@ nginx_snippets: nginx_dhparam_size: 2048 nginx_stream_module: no + +# nginx_server_names_hash_bucket_size: 64 diff --git a/roles/nginx/base/tasks/main.yml b/roles/nginx/base/tasks/main.yml index b0e7df5b..572b1513 100644 --- a/roles/nginx/base/tasks/main.yml +++ b/roles/nginx/base/tasks/main.yml @@ -33,3 +33,12 @@ - name: install and setup stream module when: nginx_stream_module import_tasks: stream.yml + +- name: configure server_names_hash_bucket_size + when: nginx_server_names_hash_bucket_size is defined + lineinfile: + regexp: "^(\\s*)#?\\s*server_names_hash_bucket_size\\s" + line: "\\1server_names_hash_bucket_size {{ nginx_server_names_hash_bucket_size }};" + dest: /etc/nginx/nginx.conf + backrefs: yes + notify: restart nginx |