Merge pull request #77 from rodneyosodo/CI

Add unified Dependabot config and GitHub Actions CI workflows

.github/dependabot.yaml

@@ -0,0 +1,19 @@
+version: 2
+updates:
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "monthly"
+    groups:
+      gh-dependency:
+        patterns:
+          - "*"
+
+  - package-ecosystem: "docker-compose"
+    directories: ["docker-compose", "docker-compose/*/"]
+    schedule:
+      interval: "monthly"
+    groups:
+      docker-dependency:
+        patterns:
+          - "*"

.github/dependabot.yml

@@ -1,10 +0,0 @@
-version: 2
-updates:
-  - package-ecosystem: "docker-compose"
-    directories: ["docker-compose/*/"]
-    schedule:
-      interval: "monthly"
-    groups:
-      docker-dependency:
-        patterns:
-          - "*"

.github/workflows/ci.yaml

@@ -0,0 +1,96 @@
+name: Continuous Integration
+
+on:
+  push:
+    branches:
+      - main
+
+  pull_request:
+    branches:
+      - main
+
+  workflow_dispatch:
+
+permissions:
+  contents: read
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: ${{ github.event_name == 'pull_request' }}
+
+jobs:
+  pre-commit:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v6
+
+      - name: Setup Python
+        uses: actions/setup-python@v6
+        with:
+          python-version: "3.14"
+
+      - uses: pre-commit/action@v3.0.1
+
+  docker-compose:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v6
+
+      - name: Pull docker images
+        run: |
+          cd docker-compose
+          cp default.env .env
+          docker compose pull
+
+  terraform:
+    runs-on: ubuntu-latest
+
+    strategy:
+      matrix:
+        machines: [bohr, galana, tana, turkwel, yala]
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v6
+
+      - name: Setup Terraform
+        uses: hashicorp/setup-terraform@v4
+
+      - name: Terraform fmt check
+        run: terraform fmt -check
+        working-directory: terraform/${{ matrix.machines }}
+
+      - name: Terraform init
+        run: terraform init -backend=false
+        working-directory: terraform/${{ matrix.machines }}
+
+      - name: Terraform validate
+        run: terraform validate
+        working-directory: terraform/${{ matrix.machines }}
+
+  ansible:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v6
+
+      - name: Setup Python
+        uses: actions/setup-python@v6
+        with:
+          python-version: "3.14"
+
+      - name: Install ansible
+        run: pip install ansible-core
+
+      - name: Run ansible syntax check
+        working-directory: ansible
+        run: |
+          for playbook in playbooks/*.yaml; do
+            echo "Checking $playbook"
+            ansible-playbook --syntax-check "$playbook"
+          done

.gitignore

@@ -16,8 +16,8 @@ crash.log
 crash.*.log
 
 # Exclude all .tfvars files, which are likely to contain sensitive data, such as
-# password, private keys, and other secrets. These should not be part of version 
-# control as they are data points which are potentially sensitive and subject 
+# password, private keys, and other secrets. These should not be part of version
+# control as they are data points which are potentially sensitive and subject
 # to change depending on the environment.
 *.tfvars
 *.tfvars.json

docker-compose/default.env

@@ -1,6 +1,6 @@
 ## SMTP
-SMTP_HOST=""
-SMTP_PORT=""
+SMTP_HOST="0.0.0.0"
+SMTP_PORT="9001"
 SMTP_SECURE=""
 SMTP_AUTHTYPE=""
 SMTP_NAME=""
@@ -89,8 +89,8 @@ KENER_POSTGRES_DB=""
 KENER_POSTGRES_URL=""
 
 ## ATUIN
-ATUIN_HOST=""
-ATUIN_PORT=""
+ATUIN_HOST="0.0.0.0"
+ATUIN_PORT="9002"
 ATUIN_OPEN_REGISTRATION=""
 ATUIN_RUST_LOG=""
 

docker-compose/kener/config/monitors.yaml

@@ -13,7 +13,7 @@
   tag: "opengist"
   image: "https://raw.githubusercontent.com/thomiceli/opengist/master/public/opengist.svg"
   cron: "*/5 * * * *"
-  defaultStatus: "UP"  
+  defaultStatus: "UP"
   api:
     method: GET
     url: https://gist.rodneyosodo.com
@@ -23,7 +23,7 @@
   tag: "gitea"
   image: "https://about.gitea.com/gitea-text.svg"
   cron: "*/5 * * * *"
-  defaultStatus: "UP"  
+  defaultStatus: "UP"
   api:
     method: GET
     url: https://git.rodneyosodo.com
@@ -33,7 +33,7 @@
   tag: "hedgedoc"
   image: "https://hedgedoc.org/images/banner/hedgedoc_banner_color_horizontal.svg"
   cron: "*/5 * * * *"
-  defaultStatus: "UP"  
+  defaultStatus: "UP"
   api:
     method: GET
     url: https://hedgedoc.rodneyosodo.com
@@ -43,7 +43,7 @@
   tag: "immich"
   image: "https://avatars.githubusercontent.com/u/109746326"
   cron: "*/5 * * * *"
-  defaultStatus: "UP"  
+  defaultStatus: "UP"
   api:
     method: GET
     url: https://immich.rodneyosodo.com
@@ -53,7 +53,7 @@
   tag: "nextcloud"
   image: "https://avatars.githubusercontent.com/u/19211038"
   cron: "*/5 * * * *"
-  defaultStatus: "UP"  
+  defaultStatus: "UP"
   api:
     method: GET
     url: https://nextcloud.rodneyosodo.com

docker-compose/kener/config/site.yaml

@@ -32,7 +32,7 @@ hero:
   title: rodneyosodo services
   subtitle: Anything and everything that can break, will break. Be prepared.
 footerHTML: |
-  Made using 
+  Made using
   <a href="https://github.com/rajnandan1/kener" target="_blank" rel="noreferrer" class="font-medium underline underline-offset-4">
     Kener
   </a>