add pgadmin

2025-12-15 10:21:34 +01:00
parent 8c30c9667b
commit 14763d611a
6 changed files with 82 additions and 0 deletions
--- a/README.md
+++ b/README.md
@@ -24,6 +24,7 @@ Available services
  - Gitlab
  - [Wireguard](https://github.com/wg-easy/wg-easy)
  - wikiJS
+  - PgAdmin

 Role variables
 ---------------
@@ -62,6 +63,7 @@ Example variables
    - gitlab
    - wireguard
    - wikijs
+    - pgadmin

  watchtower_label_enable: true

@@ -101,6 +103,12 @@ Example variables
  wikijs_db_password: 'please-vault-this-too'
  wikijs_custom_css:
  - custom.css
+
+  pgadmin_domain: 'pgadmin.example.com'
+  pgadmin_email: 'admin@example.com'
+  pgadmin_password: 'please-vault-this-password'
+  pgadmin_version: 'latest'
+  pgadmin_watchtower_enable: true
 ```

 TODO
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -14,6 +14,12 @@ grafana_log_level: error
 grafana_router_logging: false
 grafana_disable_sanitize_html: true

+### PgAdmin
+# pgadmin_password: required...
+# pgadmin_email: required...
+pgadmin_version: 'latest'
+pgadmin_watchtower_enable: true
+
 ### Gitlab
 # gitlab_root_password: required...
 gitlab_external_url: 'https://{{ gitlab_domain }}'
--- a/handlers/main.yml
+++ b/handlers/main.yml
@@ -68,3 +68,10 @@
    state: restarted
  ignore_errors: '{{ ansible_check_mode }}'
  tags: ['docker_wikijs']
+
+- name: pgadmin-restart
+  systemd:
+    name: docker-compose@pgadmin
+    state: restarted
+  ignore_errors: '{{ ansible_check_mode }}'
+  tags: ['docker_pgadmin']
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -17,5 +17,6 @@
    - docker_redisinsight
    - docker_gitlab
    - docker-gitlab-runner
+    - docker_pgadmin
  with_items: 
    - "{{ docker_services }}"
--- a/tasks/pgadmin.yml
+++ b/tasks/pgadmin.yml
@@ -0,0 +1,17 @@
+---
+- name: pgadmin | check vars are defined
+  assert:
+    that:
+      - pgadmin_domain is defined
+      - pgadmin_email is defined
+      - pgadmin_password is defined
+  tags: ['docker_pgadmin']
+
+- include_tasks: base.yml
+  tags: ['docker_pgadmin']
+
+- name: pgadmin | create docker volume data
+  docker_volume:
+    name: pgadmin__data
+  when: docker_services_external_volumes
+  tags: ['docker_pgadmin']
--- a/templates/compose/pgadmin.yml.j2
+++ b/templates/compose/pgadmin.yml.j2
@@ -0,0 +1,43 @@
+networks:
+{% if docker_services_external_networks %}
+  traefik:
+    external: true
+{% else %}
+  traefik:
+    name: traefik
+{% endif %}
+
+volumes:
+{% if docker_services_external_volumes %}
+  pgadmin__data:
+    external: true
+{% else %}
+  pgadmin__data:
+    name: pgadmin__data
+{% endif %}
+
+services:
+  pgadmin:
+    container_name: pgadmin
+    image: dpage/pgadmin4:{{ pgadmin_version | default("latest") }}
+    restart: unless-stopped
+    environment:
+      PGADMIN_DEFAULT_EMAIL: "{{ pgadmin_email }}"
+      PGADMIN_DEFAULT_PASSWORD: "{{ pgadmin_password }}"
+      PGADMIN_LISTEN_PORT: "80"
+    volumes:
+      - pgadmin__data:/var/lib/pgadmin
+    labels:
+      traefik.enable: true
+      traefik.docker.network: traefik
+      traefik.http.routers.pgadmin.rule: Host(`{{ pgadmin_domain }}`)
+      traefik.http.routers.pgadmin.tls: true
+      traefik.http.routers.pgadmin.tls.certresolver: letsencrypt
+      traefik.http.routers.pgadmin.entrypoints: websecure
+{% if traefik_ipwhitelist is defined %}
+      traefik.http.routers.pgadmin.middlewares: "clientips@docker"
+{% endif %}
+      traefik.http.services.pgadmin.loadbalancer.server.port: 80
+      com.centurylinklabs.watchtower.enable: {{ pgadmin_watchtower_enable | default('true') }}
+    networks:
+      - traefik