Add Watch Party deployment playbook and related configurations for Mac Mini

2026-03-06 21:37:11 +09:00 · 2026-03-06 21:37:11 +09:00 · f68bfde849
commit f68bfde849
parent b2b5437fd2
5 changed files with 102 additions and 0 deletions
--- a/ansible/inventory.yaml
+++ b/ansible/inventory.yaml
@ -15,3 +15,8 @@ all:
        debian:
          ansible_host: 192.168.7.183
          ansible_port: 430
+
+    mac_mini:
+      hosts:
+        mac-mini:
+          ansible_host: 192.168.7.96
--- a/ansible/playbooks/deploy-watch-party.yaml
+++ b/ansible/playbooks/deploy-watch-party.yaml
@ -0,0 +1,18 @@
+---
+# Run: ansible-playbook ansible/playbooks/deploy-watch-party.yaml
+#
+# What this does:
+#   - Pulls latest watch-party repo from Gitea
+#   - Starts containers via Docker Compose using registry images
+#
+# Prerequisites:
+#   - .env file must exist at ~/repo/watch-party/.env on Mac Mini
+#   - Docker Desktop must be running on Mac Mini
+#   - Images must be built and pushed to gitea.home.arpa registry
+
+- name: Deploy Watch Party on Mac Mini
+  hosts: mac-mini
+  gather_facts: true
+
+  roles:
+    - watch-party
--- a/ansible/roles/watch-party/defaults/main.yaml
+++ b/ansible/roles/watch-party/defaults/main.yaml
@ -0,0 +1,3 @@
+---
+watch_party_repo: https://gitea.home.arpa/nik/watch-party.git
+watch_party_dir: /Users/nik/repo/watch-party
--- a/ansible/roles/watch-party/tasks/main.yaml
+++ b/ansible/roles/watch-party/tasks/main.yaml
@ -0,0 +1,27 @@
+---
+- name: Pull latest watch-party from Gitea
+  ansible.builtin.git:
+    repo: "{{ watch_party_repo }}"
+    dest: "{{ watch_party_dir }}"
+    version: main
+    update: yes
+    accept_hostkey: yes
+  environment:
+    GIT_SSL_NO_VERIFY: "true"
+
+- name: Ensure .env exists
+  ansible.builtin.stat:
+    path: "{{ watch_party_dir }}/.env"
+  register: env_file
+
+- name: Fail if .env is missing
+  ansible.builtin.fail:
+    msg: ".env file missing at {{ watch_party_dir }}/.env — create it manually on the Mac Mini first"
+  when: not env_file.stat.exists
+
+- name: Deploy watch-party via Docker Compose
+  community.docker.docker_compose_v2:
+    project_src: "{{ watch_party_dir }}"
+    state: present
+    pull: always
+  become: false
--- a/manifests/watch-party-ingress.yaml
+++ b/manifests/watch-party-ingress.yaml
@ -0,0 +1,49 @@
+# Watch Party — external service on Mac Mini
+# Apply: kubectl apply -f manifests/watch-party-ingress.yaml
+apiVersion: v1
+kind: Endpoints
+metadata:
+  name: watch-party-mac-mini
+  namespace: default
+subsets:
+  - addresses:
+      - ip: 192.168.7.96
+    ports:
+      - port: 3000
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: watch-party-mac-mini
+  namespace: default
+spec:
+  ports:
+    - port: 3000
+      targetPort: 3000
+---
+apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: watch-party
+  namespace: default
+  annotations:
+    traefik.ingress.kubernetes.io/router.entrypoints: websecure
+    traefik.ingress.kubernetes.io/router.tls: "true"
+    cert-manager.io/cluster-issuer: letsencrypt-prod
+spec:
+  ingressClassName: traefik
+  tls:
+    - secretName: watch-party-tls
+      hosts:
+        - watch-party.nik4nao.com
+  rules:
+    - host: watch-party.nik4nao.com
+      http:
+        paths:
+          - path: /
+            pathType: Prefix
+            backend:
+              service:
+                name: watch-party-mac-mini
+                port:
+                  number: 3000