From 26dd365b80ee415395096988a28c6fc3d3f94109 Mon Sep 17 00:00:00 2001 From: Viyurz Date: Mon, 7 Oct 2024 14:08:50 +0200 Subject: [PATCH] Ansible: Migrate to docker_compose_v2 --- roles/coturn/tasks/update.yml | 6 ++-- roles/diun/tasks/update.yml | 6 ++-- roles/element/tasks/update.yml | 6 ++-- roles/etebase/tasks/update.yml | 6 ++-- roles/fireshare/tasks/update.yml | 6 ++-- roles/hedgedoc/tasks/update.yml | 6 ++-- roles/homepage/tasks/update.yml | 6 ++-- roles/keycloak/tasks/update.yml | 6 ++-- roles/mailserver/tasks/update.yml | 6 ++-- roles/minecraft/tasks/backup.yml | 24 ++++++++++++++ roles/minecraft/tasks/main.yml | 14 ++++++++ roles/minecraft/tasks/setup.yml | 28 ++++++++++++++++ roles/minecraft/tasks/update.yml | 24 ++++++++++++++ roles/minecraft/templates/.env | 12 +++++++ roles/minecraft/templates/docker-compose.yaml | 32 +++++++++++++++++++ roles/postgres/tasks/update.yml | 6 ++-- roles/searxng/tasks/update.yml | 6 ++-- roles/stump/tasks/update.yml | 6 ++-- roles/synapse/tasks/update.yml | 6 ++-- roles/syncthing/tasks/update.yml | 6 ++-- roles/uptime-kuma/tasks/update.yml | 6 ++-- roles/vaultwarden/tasks/update.yml | 6 ++-- 22 files changed, 182 insertions(+), 48 deletions(-) create mode 100644 roles/minecraft/tasks/backup.yml create mode 100644 roles/minecraft/tasks/main.yml create mode 100644 roles/minecraft/tasks/setup.yml create mode 100644 roles/minecraft/tasks/update.yml create mode 100644 roles/minecraft/templates/.env create mode 100644 roles/minecraft/templates/docker-compose.yaml diff --git a/roles/coturn/tasks/update.yml b/roles/coturn/tasks/update.yml index 7a1ee67..3fc7afe 100644 --- a/roles/coturn/tasks/update.yml +++ b/roles/coturn/tasks/update.yml @@ -1,5 +1,5 @@ - name: Pull project services - community.docker.docker_compose: + community.docker.docker_compose_v2: project_src: "{{ project_dir }}" recreate: never pull: true @@ -13,6 +13,6 @@ loop: "{{ coturn_docker_compose_pull_result['actions'] | default([]) | selectattr('pulled_image', 'defined') }}" - name: Create/Restart project services - community.docker.docker_compose: + community.docker.docker_compose_v2: project_src: "{{ project_dir }}" - restarted: "{{ run_setup | default(false) | bool }}" + state: "{{ run_setup | default(false) | bool | ternary('restarted', 'present') }}" diff --git a/roles/diun/tasks/update.yml b/roles/diun/tasks/update.yml index 6a27cb8..ca04e53 100644 --- a/roles/diun/tasks/update.yml +++ b/roles/diun/tasks/update.yml @@ -1,5 +1,5 @@ - name: Pull project services - community.docker.docker_compose: + community.docker.docker_compose_v2: project_src: "{{ project_dir }}" recreate: never pull: true @@ -19,6 +19,6 @@ when: not run_backup | default(false) and diun_pulled_images is defined - name: Create/Restart project services - community.docker.docker_compose: + community.docker.docker_compose_v2: project_src: "{{ project_dir }}" - restarted: "{{ run_setup | default(false) | bool }}" + state: "{{ run_setup | default(false) | bool | ternary('restarted', 'present') }}" diff --git a/roles/element/tasks/update.yml b/roles/element/tasks/update.yml index 7b6ecc6..96bde67 100644 --- a/roles/element/tasks/update.yml +++ b/roles/element/tasks/update.yml @@ -1,5 +1,5 @@ - name: Pull project services - community.docker.docker_compose: + community.docker.docker_compose_v2: project_src: "{{ project_dir }}" recreate: never pull: true @@ -13,6 +13,6 @@ loop: "{{ element_docker_compose_pull_result['actions'] | default([]) | selectattr('pulled_image', 'defined') }}" - name: Create/Restart project services - community.docker.docker_compose: + community.docker.docker_compose_v2: project_src: "{{ project_dir }}" - restarted: "{{ run_setup | default(false) | bool }}" + state: "{{ run_setup | default(false) | bool | ternary('restarted', 'present') }}" diff --git a/roles/etebase/tasks/update.yml b/roles/etebase/tasks/update.yml index c1072fd..9a91af2 100644 --- a/roles/etebase/tasks/update.yml +++ b/roles/etebase/tasks/update.yml @@ -1,5 +1,5 @@ - name: Pull project services - community.docker.docker_compose: + community.docker.docker_compose_v2: project_src: "{{ project_dir }}" recreate: never pull: true @@ -19,6 +19,6 @@ when: not run_backup | default(false) and etebase_pulled_images is defined - name: Create/Restart project services - community.docker.docker_compose: + community.docker.docker_compose_v2: project_src: "{{ project_dir }}" - restarted: "{{ run_setup | default(false) | bool }}" + state: "{{ run_setup | default(false) | bool | ternary('restarted', 'present') }}" diff --git a/roles/fireshare/tasks/update.yml b/roles/fireshare/tasks/update.yml index cb605b0..b5430e9 100644 --- a/roles/fireshare/tasks/update.yml +++ b/roles/fireshare/tasks/update.yml @@ -1,5 +1,5 @@ - name: Pull project services - community.docker.docker_compose: + community.docker.docker_compose_v2: project_src: "{{ project_dir }}" recreate: never pull: true @@ -13,6 +13,6 @@ loop: "{{ fireshare_docker_compose_pull_result['actions'] | default([]) | selectattr('pulled_image', 'defined') }}" - name: Create/Restart project services - community.docker.docker_compose: + community.docker.docker_compose_v2: project_src: "{{ project_dir }}" - restarted: "{{ run_setup | default(false) | bool }}" + state: "{{ run_setup | default(false) | bool | ternary('restarted', 'present') }}" diff --git a/roles/hedgedoc/tasks/update.yml b/roles/hedgedoc/tasks/update.yml index 3bede84..60ec9f1 100644 --- a/roles/hedgedoc/tasks/update.yml +++ b/roles/hedgedoc/tasks/update.yml @@ -1,5 +1,5 @@ - name: Pull project services - community.docker.docker_compose: + community.docker.docker_compose_v2: project_src: "{{ project_dir }}" recreate: never pull: true @@ -19,6 +19,6 @@ when: not run_backup | default(false) and hedgedoc_pulled_images is defined - name: Create/Restart project services - community.docker.docker_compose: + community.docker.docker_compose_v2: project_src: "{{ project_dir }}" - restarted: "{{ run_setup | default(false) | bool }}" + state: "{{ run_setup | default(false) | bool | ternary('restarted', 'present') }}" diff --git a/roles/homepage/tasks/update.yml b/roles/homepage/tasks/update.yml index 7e7312e..3f209f3 100644 --- a/roles/homepage/tasks/update.yml +++ b/roles/homepage/tasks/update.yml @@ -1,5 +1,5 @@ - name: Pull project services - community.docker.docker_compose: + community.docker.docker_compose_v2: project_src: "{{ project_dir }}" recreate: never pull: true @@ -13,6 +13,6 @@ loop: "{{ homepage_docker_compose_pull_result['actions'] | default([]) | selectattr('pulled_image', 'defined') }}" - name: Create/Restart project services - community.docker.docker_compose: + community.docker.docker_compose_v2: project_src: "{{ project_dir }}" - restarted: "{{ run_setup | default(false) | bool }}" + state: "{{ run_setup | default(false) | bool | ternary('restarted', 'present') }}" diff --git a/roles/keycloak/tasks/update.yml b/roles/keycloak/tasks/update.yml index 9fd8401..af3a9b1 100644 --- a/roles/keycloak/tasks/update.yml +++ b/roles/keycloak/tasks/update.yml @@ -1,5 +1,5 @@ - name: Pull project services - community.docker.docker_compose: + community.docker.docker_compose_v2: project_src: "{{ project_dir }}" build: true recreate: never @@ -20,6 +20,6 @@ when: not run_backup | default(false) and keycloak_pulled_images is defined - name: Create/Restart project services - community.docker.docker_compose: + community.docker.docker_compose_v2: project_src: "{{ project_dir }}" - restarted: "{{ run_setup | default(false) | bool }}" + state: "{{ run_setup | default(false) | bool | ternary('restarted', 'present') }}" diff --git a/roles/mailserver/tasks/update.yml b/roles/mailserver/tasks/update.yml index 8687f6d..08e9c93 100644 --- a/roles/mailserver/tasks/update.yml +++ b/roles/mailserver/tasks/update.yml @@ -1,5 +1,5 @@ - name: Pull project services - community.docker.docker_compose: + community.docker.docker_compose_v2: project_src: "{{ project_dir }}" recreate: never pull: true @@ -19,6 +19,6 @@ when: not run_backup | default(false) and mailserver_pulled_images is defined - name: Create/Restart project services - community.docker.docker_compose: + community.docker.docker_compose_v2: project_src: "{{ project_dir }}" - restarted: "{{ run_setup | default(false) | bool }}" + state: "{{ run_setup | default(false) | bool | ternary('restarted', 'present') }}" diff --git a/roles/minecraft/tasks/backup.yml b/roles/minecraft/tasks/backup.yml new file mode 100644 index 0000000..f64a876 --- /dev/null +++ b/roles/minecraft/tasks/backup.yml @@ -0,0 +1,24 @@ +- name: "Backup PostgreSQL vaultwarden database" + shell: > + docker exec postgres + pg_dump -c {{ role_name }} | + borg create + --compression lzma + "{{ borg_repodir }}::{{ role_name }}-{now:%Y-%m-%d_%H-%M-%S}" + - + --stdin-name dump_{{ role_name }}.sql + environment: + DOCKER_HOST: "{{ docker_host }}" + BORG_PASSCOMMAND: "cat {{ borg_passphrase_file }}" + become: true + +- name: Prune borg repository + command: + cmd: | + borg prune + --glob-archives='{{ role_name }}-*' + {{ borg_prune_options }} + {{ borg_repodir }} + environment: + BORG_PASSCOMMAND: "cat {{ borg_passphrase_file }}" + become: true diff --git a/roles/minecraft/tasks/main.yml b/roles/minecraft/tasks/main.yml new file mode 100644 index 0000000..89bf793 --- /dev/null +++ b/roles/minecraft/tasks/main.yml @@ -0,0 +1,14 @@ +- name: Include backup tasks + include_tasks: + file: backup.yml + when: run_backup | default(false) | bool + +- name: Include setup tasks + include_tasks: + file: setup.yml + when: run_setup | default(false) | bool + +- name: Include update tasks + include_tasks: + file: update.yml + when: run_update | default(false) | bool diff --git a/roles/minecraft/tasks/setup.yml b/roles/minecraft/tasks/setup.yml new file mode 100644 index 0000000..a23aeb1 --- /dev/null +++ b/roles/minecraft/tasks/setup.yml @@ -0,0 +1,28 @@ +- name: "(Re)Create {{ project_dir }} project directory" + file: + path: "{{ project_dir }}" + state: "{{ item }}" + loop: + - absent + - directory + +- name: Template docker-compose.yaml & .env to project directory + template: + src: "{{ item }}" + dest: "{{ project_dir }}/{{ item }}" + owner: "{{ host_uid }}" + group: "{{ host_uid }}" + mode: '640' + loop: + - docker-compose.yaml + - .env + +- name: "Create (if not exists) directory {{ volumes['vaultwarden_datadir'] }} & set permissions" + file: + path: "{{ volumes['vaultwarden_datadir'] }}" + state: directory + recurse: true + owner: "{{ users['vaultwarden'] + uid_shift }}" + group: "{{ users['vaultwarden'] + uid_shift }}" + mode: '770' + become: true diff --git a/roles/minecraft/tasks/update.yml b/roles/minecraft/tasks/update.yml new file mode 100644 index 0000000..0756fad --- /dev/null +++ b/roles/minecraft/tasks/update.yml @@ -0,0 +1,24 @@ +- name: Pull project services + community.docker.docker_compose_v2: + project_src: "{{ project_dir }}" + recreate: never + pull: true + debug: true + when: docker_pull_images | bool + register: vaultwarden_docker_compose_pull_result + +- name: Display pulled image(s) name + set_fact: + vaultwarden_pulled_images: "{{ vaultwarden_pulled_images | default([]) + [item.pulled_image.name] }}" + loop: "{{ vaultwarden_docker_compose_pull_result['actions'] | default([]) | selectattr('pulled_image', 'defined') }}" + +- name: Include backup tasks + include_tasks: + file: backup.yml + # Make a backup if we didn't already make one and we pulled a new image + when: not run_backup | default(false) and vaultwarden_pulled_images is defined + +- name: Create/Restart project services + community.docker.docker_compose_v2: + project_src: "{{ project_dir }}" + state: "{{ run_setup | default(false) | bool | ternary('restarted', 'present') }}" diff --git a/roles/minecraft/templates/.env b/roles/minecraft/templates/.env new file mode 100644 index 0000000..1224388 --- /dev/null +++ b/roles/minecraft/templates/.env @@ -0,0 +1,12 @@ +ADMIN_TOKEN='{{ vaultwarden_secrets["admin_token_hash"] }}' +DOMAIN=https://vw.{{ domain }} +SIGNUPS_ALLOWED=false + +DATABASE_URL=postgresql://{{ vaultwarden_secrets['postgres_user'] }}:{{ vaultwarden_secrets['postgres_password'] }}@postgres.{{ domain }}:{{ ports['postgres'] }}/vaultwarden + +SMTP_HOST=mail.{{ domain }} +SMTP_FROM=vaultwarden@{{ domain }} +SMTP_PORT={{ ports['mailserver_smtps'] }} +SMTP_SECURITY=force_tls +SMTP_USERNAME='{{ vaultwarden_secrets["smtp_username"] }}' +SMTP_PASSWORD='{{ vaultwarden_secrets["smtp_password"] }}' diff --git a/roles/minecraft/templates/docker-compose.yaml b/roles/minecraft/templates/docker-compose.yaml new file mode 100644 index 0000000..64e8557 --- /dev/null +++ b/roles/minecraft/templates/docker-compose.yaml @@ -0,0 +1,32 @@ +services: + minecraft: + container_name: minecraft + image: docker.io/itzg/minecraft-server:latest + restart: always + deploy: + resources: + limits: + cpus: '0.8' + environment: + UID: 1011 + GID: 1011 + VERSION: 1.21.1 + EULA: "TRUE" + MEMORY: 1.25G + ENABLE_COMMAND_BLOCK: "true" + MOTD: "Fjeaj" + OPS: | + Viyurz + TYPE: FABRIC + MODS: | + https://cdn.modrinth.com/data/gvQqBUqZ/versions/5szYtenV/lithium-fabric-mc1.21.1-0.13.0.jar + https://cdn.modrinth.com/data/uXXizFIs/versions/wmIZ4wP4/ferritecore-7.0.0-fabric.jar + ports: + - "3690:25565" + - "25565:25565" + volumes: + - minecraft:/data + +volumes: + minecraft: + name: minecraft diff --git a/roles/postgres/tasks/update.yml b/roles/postgres/tasks/update.yml index f282723..743ec89 100644 --- a/roles/postgres/tasks/update.yml +++ b/roles/postgres/tasks/update.yml @@ -1,5 +1,5 @@ - name: Pull project services - community.docker.docker_compose: + community.docker.docker_compose_v2: project_src: "{{ project_dir }}" recreate: never pull: true @@ -19,6 +19,6 @@ when: not run_backup | default(false) and postgres_pulled_images is defined - name: Create/Restart project services - community.docker.docker_compose: + community.docker.docker_compose_v2: project_src: "{{ project_dir }}" - restarted: "{{ run_setup | default(false) | bool }}" + state: "{{ run_setup | default(false) | bool | ternary('restarted', 'present') }}" diff --git a/roles/searxng/tasks/update.yml b/roles/searxng/tasks/update.yml index 1a7c64a..1c45bb3 100644 --- a/roles/searxng/tasks/update.yml +++ b/roles/searxng/tasks/update.yml @@ -1,5 +1,5 @@ - name: Pull project services - community.docker.docker_compose: + community.docker.docker_compose_v2: project_src: "{{ project_dir }}" recreate: never pull: true @@ -13,6 +13,6 @@ loop: "{{ searxng_docker_compose_pull_result['actions'] | default([]) | selectattr('pulled_image', 'defined') }}" - name: Create/Restart project services - community.docker.docker_compose: + community.docker.docker_compose_v2: project_src: "{{ project_dir }}" - restarted: "{{ run_setup | default(false) | bool }}" + state: "{{ run_setup | default(false) | bool | ternary('restarted', 'present') }}" diff --git a/roles/stump/tasks/update.yml b/roles/stump/tasks/update.yml index 1bb4902..de5dc02 100644 --- a/roles/stump/tasks/update.yml +++ b/roles/stump/tasks/update.yml @@ -1,5 +1,5 @@ - name: Pull project services - community.docker.docker_compose: + community.docker.docker_compose_v2: project_src: "{{ project_dir }}" recreate: never pull: true @@ -19,6 +19,6 @@ when: not run_backup | default(false) and stump_pulled_images is defined - name: Create/Restart project services - community.docker.docker_compose: + community.docker.docker_compose_v2: project_src: "{{ project_dir }}" - restarted: "{{ run_setup | default(false) | bool }}" + state: "{{ run_setup | default(false) | bool | ternary('restarted', 'present') }}" diff --git a/roles/synapse/tasks/update.yml b/roles/synapse/tasks/update.yml index 06c6347..447838e 100644 --- a/roles/synapse/tasks/update.yml +++ b/roles/synapse/tasks/update.yml @@ -1,5 +1,5 @@ - name: Pull project services - community.docker.docker_compose: + community.docker.docker_compose_v2: project_src: "{{ project_dir }}" recreate: never pull: true @@ -19,6 +19,6 @@ when: not run_backup | default(false) and synapse_pulled_images is defined - name: Create/Restart project services - community.docker.docker_compose: + community.docker.docker_compose_v2: project_src: "{{ project_dir }}" - restarted: "{{ run_setup | default(false) | bool }}" + state: "{{ run_setup | default(false) | bool | ternary('restarted', 'present') }}" diff --git a/roles/syncthing/tasks/update.yml b/roles/syncthing/tasks/update.yml index 8b8a9df..7381089 100644 --- a/roles/syncthing/tasks/update.yml +++ b/roles/syncthing/tasks/update.yml @@ -1,5 +1,5 @@ - name: Pull project services - community.docker.docker_compose: + community.docker.docker_compose_v2: project_src: "{{ project_dir }}" recreate: never pull: true @@ -13,6 +13,6 @@ loop: "{{ syncthing_docker_compose_pull_result['actions'] | default([]) | selectattr('pulled_image', 'defined') }}" - name: Create/Restart project services - community.docker.docker_compose: + community.docker.docker_compose_v2: project_src: "{{ project_dir }}" - restarted: "{{ run_setup | default(false) | bool }}" + state: "{{ run_setup | default(false) | bool | ternary('restarted', 'present') }}" diff --git a/roles/uptime-kuma/tasks/update.yml b/roles/uptime-kuma/tasks/update.yml index af454ea..02965dc 100644 --- a/roles/uptime-kuma/tasks/update.yml +++ b/roles/uptime-kuma/tasks/update.yml @@ -1,5 +1,5 @@ - name: Pull project services - community.docker.docker_compose: + community.docker.docker_compose_v2: project_src: "{{ project_dir }}" recreate: never pull: true @@ -19,6 +19,6 @@ when: not run_backup | default(false) and uptime_kuma_pulled_images is defined - name: Create/Restart project services - community.docker.docker_compose: + community.docker.docker_compose_v2: project_src: "{{ project_dir }}" - restarted: "{{ run_setup | default(false) | bool }}" + state: "{{ run_setup | default(false) | bool | ternary('restarted', 'present') }}" diff --git a/roles/vaultwarden/tasks/update.yml b/roles/vaultwarden/tasks/update.yml index a5cc306..0756fad 100644 --- a/roles/vaultwarden/tasks/update.yml +++ b/roles/vaultwarden/tasks/update.yml @@ -1,5 +1,5 @@ - name: Pull project services - community.docker.docker_compose: + community.docker.docker_compose_v2: project_src: "{{ project_dir }}" recreate: never pull: true @@ -19,6 +19,6 @@ when: not run_backup | default(false) and vaultwarden_pulled_images is defined - name: Create/Restart project services - community.docker.docker_compose: + community.docker.docker_compose_v2: project_src: "{{ project_dir }}" - restarted: "{{ run_setup | default(false) | bool }}" + state: "{{ run_setup | default(false) | bool | ternary('restarted', 'present') }}"