Demo

Makefile

@@ -2,14 +2,18 @@
 # Makefile - Ansible Environnement (~/.venvs/ansible)
 # ==========================================================
 
+# ==========================================================
+# Makefile - Ansible Environnement (~/.virtualenvs/ansible)
+# ==========================================================
+
 # Set variables
 VENV_DIR := $(HOME)/.virtualenvs/ansible
 REQUIREMENTS := ansible/requirements.txt
+GALAXY_REQUIREMENTS := ansible/requirements.yml
 DOCKER_BUILD_SCRIPT := ./build_and_push_private.sh
 DOCKER_CLEAN_SCRIPT := ./cleanup_docker.sh
 PRECOMMIT_CONFIG := ansible/.pre-commit-config.yaml
 
-
 .PHONY: help venv init upgrade build cleanup lint
 
 # ----------------------------------------------------------
@@ -18,10 +22,11 @@ PRECOMMIT_CONFIG := ansible/.pre-commit-config.yaml
 help:
 	@echo ""
 	@echo "Commandes disponibles :"
-	@echo "  make venv        → Create the global virtual environment (~/.venvs/ansible)"
-	@echo "  make init        → Install dependencies from requirements.txt"
+	@echo "  make venv        → Create the global virtual environment (~/.virtualenvs/ansible)"
+	@echo "  make init        → Install dependencies (pip + ansible-galaxy)"
 	@echo "  make upgrade     → Upgrade pip, setuptools, wheel, and all installed packages"
 	@echo "  make build       → Build and push Docker images"
+	@echo "  make lint        → Run Ansible/YAML linters"
 	@echo "  make cleanup     → Clean up Docker images"
 	@echo ""
 
@@ -37,6 +42,10 @@ init: venv
 	@echo "📦 Installing dependencies and pre-commit hooks..."
 	@$(VENV_DIR)/bin/pip install --upgrade pip
 	@$(VENV_DIR)/bin/pip install -r $(REQUIREMENTS)
+	@if [ -f "$(GALAXY_REQUIREMENTS)" ]; then \
+		echo "📚 Installing Ansible Galaxy roles/collections..."; \
+		$(VENV_DIR)/bin/ansible-galaxy install -r $(GALAXY_REQUIREMENTS); \
+	fi
 	@if [ -x "$(VENV_DIR)/bin/pre-commit" ]; then \
 		echo "⚙️  Installing pre-commit hook (config: $(PRECOMMIT_CONFIG))..."; \
 		$(VENV_DIR)/bin/pre-commit install --config $(PRECOMMIT_CONFIG); \
@@ -50,6 +59,10 @@ upgrade:
 	@. $(VENV_DIR)/bin/activate && \
 	pip install --upgrade pip setuptools wheel && \
 	pip list --outdated --format=json | jq -r '.[].name' | xargs -r -n1 pip install -U
+	@if [ -f "$(GALAXY_REQUIREMENTS)" ]; then \
+		echo "🔄 Mise à jour des rôles/collections Ansible Galaxy..."; \
+		$(VENV_DIR)/bin/ansible-galaxy install -r $(GALAXY_REQUIREMENTS) --force; \
+	fi
 	@echo "✅ All packages have been upgraded"
 
 build:
@@ -59,8 +72,8 @@ build:
 
 lint:
 	@echo "🔍 Running Ansible and YAML linters..."
-	~/.venvs/ansible/bin/ansible-lint ansible/
-	~/.venvs/ansible/bin/yamllint .
+	$(VENV_DIR)/bin/ansible-lint ansible/
+	$(VENV_DIR)/bin/yamllint .
 
 cleanup:
 	@echo "Cleaning up Docker resources..."

ansible/ansible.cfg

@@ -1,5 +1,5 @@
 [defaults]
 inventory = inventory.ini
-remote_user = root
-private_key_file = /home/thomas/.ssh/id_ed25519
+remote_user = <your-ssh-username>
+private_key_file = <path-to-your-ssh-key>
 host_key_checking = False

ansible/inventory.ini

@@ -1,7 +1,4 @@
 # Inventory examples
 
-# [digitalocean]
-# do-server ansible_host=159.203.104.135
-
-[Homelab]
-docker-server ansible_host=ynov-docker01
+[digitalocean]
+do-server ansible_host=<your-docker-host>

ansible/roles/forge_cicd/files/.env

@@ -1,10 +1,10 @@
 # Letsencrypt Variables
-LETSENCRYPT_EMAIL=admin@thfx.fr
+LETSENCRYPT_EMAIL=<your-email-address>
 
 # Domain Variables
-FORGE_DOMAIN=forge-dev.thfx.fr
-JENKINS_DOMAIN=jenkins-dev.thfx.fr
-GITEA_DOMAIN=gitea-dev.thfx.fr
+FORGE_DOMAIN=<your-forge-domain>
+JENKINS_DOMAIN=<your-jenkins-domain>
+GITEA_DOMAIN=<your-gitea-domain>
 
 # Gitea Database Variables
 GITEA_DB_TYPE=postgres

docker-compose.yml

@@ -2,7 +2,7 @@ services:
   nginx-proxy:
     image: thfx31/ynov:nginx-proxy-v1
     container_name: nginx-proxy
-    restart: always
+    restart: on-failure
     ports:
       - "80:80"
       - "443:443"
@@ -20,13 +20,13 @@ services:
   nginx-letsencrypt:
     image: thfx31/ynov:nginx-letsencrypt-v1
     container_name: nginx-letsencrypt
-    restart: always
+    restart: on-failure
     depends_on:
       - nginx-proxy
     environment:
       NGINX_PROXY_CONTAINER: nginx-proxy
       DEFAULT_EMAIL: ${LETSENCRYPT_EMAIL}
-      ACME_CA_URI: https://acme-staging-v02.api.letsencrypt.org/directory  # mode test
+      # ACME_CA_URI: https://acme-staging-v02.api.letsencrypt.org/directory  # mode test -> Let's encrypt staging
     volumes:
       - /var/run/docker.sock:/var/run/docker.sock:ro
       - certs:/etc/nginx/certs:rw
@@ -38,7 +38,7 @@ services:
   forge:
     image: thfx31/ynov:forge-v1
     container_name: forge-homepage
-    restart: unless-stopped
+    restart: on-failure
     environment:
       VIRTUAL_HOST: ${FORGE_DOMAIN}
       LETSENCRYPT_HOST: ${FORGE_DOMAIN}
@@ -49,7 +49,7 @@ services:
   jenkins:
     image: thfx31/ynov:jenkins-v1
     container_name: jenkins
-    restart: always
+    restart: on-failure
     environment:
       VIRTUAL_HOST: ${JENKINS_DOMAIN}
       LETSENCRYPT_HOST: ${JENKINS_DOMAIN}
@@ -64,7 +64,7 @@ services:
   gitea-db:
     image: thfx31/ynov:postgres-v1
     container_name: gitea-db
-    restart: unless-stopped
+    restart: on-failure
     environment:
       POSTGRES_DB: ${GITEA_DB_NAME}
       POSTGRES_USER: ${GITEA_DB_USER}
@@ -77,7 +77,7 @@ services:
   gitea:
     image: thfx31/ynov:gitea-v1
     container_name: gitea
-    restart: always
+    restart: on-failure
     environment:
       VIRTUAL_HOST: ${GITEA_DOMAIN}
       LETSENCRYPT_HOST: ${GITEA_DOMAIN}