feat: add Personal Site

Author: Nitestack

README.md

@@ -38,6 +38,7 @@ _This [Ansible](https://www.ansible.com) configuration automates the setup of a
 - **AdGuard Home** for ad-blocking and privacy protection
 - **Beaver Habits Tracker** for habit tracking
 - **Dotfiles** for a standardized environment
+- **Personal Site** for hosting your personal website
 
 ## ⚙️ Requirements
 
@@ -130,7 +131,7 @@ Please set your timezone id (TZ identifier) with `TIMEZONE` (check this [Wikiped
 To enable secure SSH access, copy your public key to the Raspberry Pi:
 
 ```sh
-ssh-copy-id nhan@raspberrypi.local
+ssh-copy-id nhan@npham.de
 ```
 
 ### 2. Update SSH Configuration

inventory.ini

@@ -1,2 +1,2 @@
 [raspberrypi]
-pi.npham.de ansible_user=nhan ansible_become=true
+npham.de ansible_user=nhan ansible_become=true

playbook.yml

@@ -44,3 +44,4 @@
     - ente-auth
     - adguard-home
     - pivpn
+    - personal-site

roles/caddy/files/Caddyfile.j2

@@ -10,6 +10,10 @@
 	}
 }
 
+{{ PERSONAL_SITE_DOMAIN }} {
+	reverse_proxy localhost:{{ PERSONAL_SITE_PORT }}
+}
+
 https://{{ VAULTWARDEN_DOMAIN }} {
 	# This setting may have compatibility issues with some browsers
 	# (e.g., attachment downloading on Firefox). Try disabling this

roles/glance/files/config/server.yml

@@ -145,6 +145,11 @@
               hide: true
             nextcloud-aio-watchtower:
               hide: true
+            personal-site:
+              name: Personal Site
+              icon: https://npham.de/favicon.ico
+              url: https://npham.de
+              description: Personal Site
             vaultwarden:
               name: Vaultwarden
               icon: si:vaultwarden

roles/personal-site/files/.env.j2

@@ -0,0 +1,3 @@
+GITHUB_PERSONAL_ACCESS_TOKEN={{ PERSONAL_SITE_GITHUB_API_TOKEN }}
+NOTION_SECRET={{ PERSONAL_SITE_NOTION_SECRET }}
+NOTION_DATABASE_ID={{ PERSONAL_SITE_NOTION_DB_ID }}

roles/personal-site/files/docker-compose.yml.j2

@@ -0,0 +1,7 @@
+services:
+  web:
+    build: .
+    container_name: personal-site
+    ports:
+      - "127.0.0.1:{{ PERSONAL_SITE_PORT }}:3000"
+    env_file: .env

roles/personal-site/tasks/main.yml

@@ -0,0 +1,25 @@
+---
+- name: Set up personal site
+  vars:
+    personal_site_dir: "/mnt/data/personal-site"
+
+  block:
+    - name: Download personal site
+      ansible.builtin.git:
+        dest: "{{ personal_site_dir }}"
+        repo: "https://github.com/Nitestack/personal-site.git"
+
+    - name: Copy docker-compose.yml to personal site directory
+      ansible.builtin.template:
+        src: "../files/docker-compose.yml.j2"
+        dest: "{{ personal_site_dir }}/docker-compose.yml"
+
+    - name: Copy .env to personal site directory
+      ansible.builtin.template:
+        src: "../files/.env.j2"
+        dest: "{{ personal_site_dir }}/.env"
+
+    - name: Start Docker Compose
+      community.docker.docker_compose_v2:
+        project_src: "{{ personal_site_dir }}"
+        build: always

secrets.example.yml

@@ -10,7 +10,7 @@ BEAVERHABITS_DOMAIN: "habits.example.com"
 BEAVERHABITS_PORT: 8085
 
 # Cloudflare DDNS Updater
-CLOUDFLARE_DOMAINS: "pi.example.com"
+CLOUDFLARE_DOMAINS: "example.com"
 CLOUDFLARE_API_TOKEN: "" # `Edit zone DNS` permissions
 
 # Ente Auth
@@ -38,6 +38,13 @@ NEXTCLOUD_DOMAIN: "cloud.example.com"
 NEXTCLOUD_PORT: 11000
 NEXTCLOUD_AIO_PORT: 8080
 
+# Personal Site
+PERSONAL_SITE_DOMAIN: "example.com"
+PERSONAL_SITE_PORT: 3001
+PERSONAL_SITE_GITHUB_API_TOKEN: ""
+PERSONAL_SITE_NOTION_SECRET: ""
+PERSONAL_SITE_NOTION_DB_ID: ""
+
 # PiVPN
 PIVPN_DOMAIN: "vpn.example.com"
 PIVPN_PORT: 51820