initial commit

ansible/playbook.yml

@@ -0,0 +1,204 @@
+---
+- name: Setup Supabase, PowerSync, and Docker on Hetzner Server
+  hosts: supabase_servers
+  become: true
+  gather_facts: true
+  vars:
+    supabase_dir: /opt/supabase
+    powersync_dir: /opt/powersync
+    docker_compose_version: "2.21.0"
+
+  tasks:
+    - name: Update apt cache
+      apt:
+        update_cache: yes
+        cache_valid_time: 3600
+
+    - name: Install required system packages
+      apt:
+        name:
+          - apt-transport-https
+          - ca-certificates
+          - curl
+          - gnupg
+          - lsb-release
+          - software-properties-common
+          - git
+          - wget
+          - unzip
+          - htop
+          - vim
+          - ufw
+        state: present
+
+    - name: Add Docker's official GPG key
+      apt_key:
+        url: https://download.docker.com/linux/ubuntu/gpg
+        state: present
+
+    - name: Add Docker repository
+      apt_repository:
+        repo: "deb [arch=amd64] https://download.docker.com/linux/ubuntu {{ ansible_distribution_release }} stable"
+        state: present
+
+    - name: Install Docker CE
+      apt:
+        name:
+          - docker-ce
+          - docker-ce-cli
+          - containerd.io
+          - docker-buildx-plugin
+          - docker-compose-plugin
+        state: present
+        update_cache: yes
+
+    - name: Start and enable Docker service
+      systemd:
+        name: docker
+        state: started
+        enabled: yes
+
+    - name: Add current user to docker group
+      user:
+        name: "{{ ansible_user }}"
+        groups: docker
+        append: yes
+
+    - name: Create /opt directory if it doesn't exist
+      file:
+        path: /opt
+        state: directory
+        mode: '0755'
+
+    - name: Clone Supabase repository
+      git:
+        repo: https://github.com/supabase/supabase
+        dest: "{{ supabase_dir }}"
+        depth: 1
+        force: yes
+
+    - name: Set proper ownership for Supabase directory
+      file:
+        path: "{{ supabase_dir }}"
+        owner: "{{ ansible_user }}"
+        group: "{{ ansible_user }}"
+        recurse: yes
+
+    - name: Install Node.js 18.x repository
+      shell: curl -fsSL https://deb.nodesource.com/setup_18.x | sudo -E bash -
+      args:
+        creates: /etc/apt/sources.list.d/nodesource.list
+
+    - name: Install Node.js
+      apt:
+        name: nodejs
+        state: present
+        update_cache: yes
+
+    - name: Install Supabase CLI
+      npm:
+        name: supabase
+        global: yes
+        state: present
+
+    - name: Create PowerSync directory
+      file:
+        path: "{{ powersync_dir }}"
+        state: directory
+        owner: "{{ ansible_user }}"
+        group: "{{ ansible_user }}"
+        mode: '0755'
+
+    - name: Download PowerSync Server
+      get_url:
+        url: https://github.com/powersync-ja/powersync-service/releases/latest/download/powersync-server-linux-amd64.tar.gz
+        dest: /tmp/powersync-server.tar.gz
+        mode: '0644'
+
+    - name: Extract PowerSync Server
+      unarchive:
+        src: /tmp/powersync-server.tar.gz
+        dest: "{{ powersync_dir }}"
+        remote_src: yes
+        owner: "{{ ansible_user }}"
+        group: "{{ ansible_user }}"
+
+    - name: Copy Supabase docker-compose.yml to working directory
+      copy:
+        src: "{{ supabase_dir }}/docker/docker-compose.yml"
+        dest: "{{ supabase_dir }}/docker-compose.yml"
+        remote_src: yes
+        owner: "{{ ansible_user }}"
+        group: "{{ ansible_user }}"
+
+    - name: Copy Supabase .env.example to .env
+      copy:
+        src: "{{ supabase_dir }}/docker/.env.example"
+        dest: "{{ supabase_dir }}/.env"
+        remote_src: yes
+        owner: "{{ ansible_user }}"
+        group: "{{ ansible_user }}"
+        force: no
+
+    - name: Configure UFW firewall
+      ufw:
+        rule: allow
+        port: "{{ item }}"
+        proto: tcp
+      loop:
+        - '22'    # SSH
+        - '80'    # HTTP
+        - '443'   # HTTPS
+        - '3000'  # Supabase Studio
+        - '8000'  # Supabase API
+        - '5432'  # PostgreSQL
+        - '8080'  # PowerSync
+
+    - name: Enable UFW
+      ufw:
+        state: enabled
+
+    - name: Create systemd service for Supabase
+      template:
+        src: supabase.service.j2
+        dest: /etc/systemd/system/supabase.service
+        mode: '0644'
+      notify: restart supabase
+
+    - name: Create systemd service for PowerSync
+      template:
+        src: powersync.service.j2
+        dest: /etc/systemd/system/powersync.service
+        mode: '0644'
+      notify: restart powersync
+
+    - name: Reload systemd daemon
+      systemd:
+        daemon_reload: yes
+
+    - name: Start and enable Supabase service
+      systemd:
+        name: supabase
+        state: started
+        enabled: yes
+
+    - name: Display setup information
+      debug:
+        msg:
+          - "Supabase has been installed in {{ supabase_dir }}"
+          - "PowerSync has been installed in {{ powersync_dir }}"
+          - "Supabase Studio will be available at http://{{ ansible_default_ipv4.address }}:3000"
+          - "Supabase API will be available at http://{{ ansible_default_ipv4.address }}:8000"
+          - "To start Supabase: cd {{ supabase_dir }} && docker compose up -d"
+          - "Configuration file: {{ supabase_dir }}/.env"
+
+  handlers:
+    - name: restart supabase
+      systemd:
+        name: supabase
+        state: restarted
+
+    - name: restart powersync
+      systemd:
+        name: powersync
+        state: restarted