admin/e-ticket
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Convert docker-compose-prod.yml to Ansible template with vault secrets

Browse Source 
- Create docker-compose-prod.yml.j2 with vault variables (db_password, redis_password, meilisearch_master_key)
- Add template deployment step in playbook after stop containers
- Remove docker-compose-prod.yml from git tracking (now generated by Ansible)
- Add docker-compose-prod.yml to .gitignore

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Serreau Jovann
2026-03-20 13:26:38 +01:00
parent 2dc4326b66
commit d11c0cbea4
3 changed files with 14 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@@ -14,6 +14,7 @@
###< phpunit/phpunit ###
/public/build/
docker-compose-prod.yml
node_modules/
.idea/
cert/

8
ansible/deploy.yml
View File

@@ -60,6 +60,14 @@
args:
chdir: /var/www/e-ticket
- name: Deploy docker-compose-prod.yml
template:
src: docker-compose-prod.yml.j2
dest: /var/www/e-ticket/docker-compose-prod.yml
owner: bot
group: bot
mode: "0600"
- name: Start production containers
command: make start_prod
args:

10
docker-compose-prod.yml → ansible/docker-compose-prod.yml.j2
View File

@@ -23,7 +23,7 @@ services:
restart: unless-stopped
environment:
POSTGRES_USER: e-ticket
POSTGRES_PASSWORD: e-ticket
POSTGRES_PASSWORD: {{ db_password }}
POSTGRES_DB: e-ticket
command:
- postgres
@@ -49,7 +49,7 @@ services:
restart: unless-stopped
environment:
POSTGRES_USER: e-ticket
POSTGRES_PASSWORD: e-ticket
POSTGRES_PASSWORD: {{ db_password }}
POSTGRES_DB: e-ticket
PGDATA: /var/lib/postgresql/data
volumes:
@@ -97,11 +97,11 @@ services:
redis:
image: redis:7-alpine
restart: unless-stopped
command: redis-server --requirepass e-ticket
command: redis-server --requirepass {{ redis_password }}
volumes:
- redis-data:/data
healthcheck:
test: ["CMD", "redis-cli", "-a", "e-ticket", "ping"]
test: ["CMD", "redis-cli", "-a", "{{ redis_password }}", "ping"]
interval: 5s
timeout: 5s
retries: 5
@@ -110,7 +110,7 @@ services:
image: getmeili/meilisearch:latest
restart: unless-stopped
environment:
MEILI_MASTER_KEY: e-ticket
MEILI_MASTER_KEY: {{ meilisearch_master_key }}
MEILI_ENV: production
MEILI_NO_ANALYTICS: true
volumes: