Ansible: Migrate to docker_compose_v2

2024-10-07 14:08:50 +02:00 · 2024-10-07 14:08:50 +02:00 · 26dd365b80
commit 26dd365b80
parent 5ff42f4e74
22 changed files with 182 additions and 48 deletions
--- a/roles/coturn/tasks/update.yml
+++ b/roles/coturn/tasks/update.yml
@ -1,5 +1,5 @@
 - name: Pull project services
-  community.docker.docker_compose:
+  community.docker.docker_compose_v2:
    project_src: "{{ project_dir }}"
    recreate: never
    pull: true
@ -13,6 +13,6 @@
  loop: "{{ coturn_docker_compose_pull_result['actions'] | default([]) | selectattr('pulled_image', 'defined') }}"

 - name: Create/Restart project services
-  community.docker.docker_compose:
+  community.docker.docker_compose_v2:
    project_src: "{{ project_dir }}"
-    restarted: "{{ run_setup | default(false) | bool }}"
+    state: "{{ run_setup | default(false) | bool | ternary('restarted', 'present') }}"
--- a/roles/diun/tasks/update.yml
+++ b/roles/diun/tasks/update.yml
@ -1,5 +1,5 @@
 - name: Pull project services
-  community.docker.docker_compose:
+  community.docker.docker_compose_v2:
    project_src: "{{ project_dir }}"
    recreate: never
    pull: true
@ -19,6 +19,6 @@
  when: not run_backup | default(false) and diun_pulled_images is defined

 - name: Create/Restart project services
-  community.docker.docker_compose:
+  community.docker.docker_compose_v2:
    project_src: "{{ project_dir }}"
-    restarted: "{{ run_setup | default(false) | bool }}"
+    state: "{{ run_setup | default(false) | bool | ternary('restarted', 'present') }}"
--- a/roles/element/tasks/update.yml
+++ b/roles/element/tasks/update.yml
@ -1,5 +1,5 @@
 - name: Pull project services
-  community.docker.docker_compose:
+  community.docker.docker_compose_v2:
    project_src: "{{ project_dir }}"
    recreate: never
    pull: true
@ -13,6 +13,6 @@
  loop: "{{ element_docker_compose_pull_result['actions'] | default([]) | selectattr('pulled_image', 'defined') }}"

 - name: Create/Restart project services
-  community.docker.docker_compose:
+  community.docker.docker_compose_v2:
    project_src: "{{ project_dir }}"
-    restarted: "{{ run_setup | default(false) | bool }}"
+    state: "{{ run_setup | default(false) | bool | ternary('restarted', 'present') }}"
--- a/roles/etebase/tasks/update.yml
+++ b/roles/etebase/tasks/update.yml
@ -1,5 +1,5 @@
 - name: Pull project services
-  community.docker.docker_compose:
+  community.docker.docker_compose_v2:
    project_src: "{{ project_dir }}"
    recreate: never
    pull: true
@ -19,6 +19,6 @@
  when: not run_backup | default(false) and etebase_pulled_images is defined

 - name: Create/Restart project services
-  community.docker.docker_compose:
+  community.docker.docker_compose_v2:
    project_src: "{{ project_dir }}"
-    restarted: "{{ run_setup | default(false) | bool }}"
+    state: "{{ run_setup | default(false) | bool | ternary('restarted', 'present') }}"
--- a/roles/fireshare/tasks/update.yml
+++ b/roles/fireshare/tasks/update.yml
@ -1,5 +1,5 @@
 - name: Pull project services
-  community.docker.docker_compose:
+  community.docker.docker_compose_v2:
    project_src: "{{ project_dir }}"
    recreate: never
    pull: true
@ -13,6 +13,6 @@
  loop: "{{ fireshare_docker_compose_pull_result['actions'] | default([]) | selectattr('pulled_image', 'defined') }}"

 - name: Create/Restart project services
-  community.docker.docker_compose:
+  community.docker.docker_compose_v2:
    project_src: "{{ project_dir }}"
-    restarted: "{{ run_setup | default(false) | bool }}"
+    state: "{{ run_setup | default(false) | bool | ternary('restarted', 'present') }}"
--- a/roles/hedgedoc/tasks/update.yml
+++ b/roles/hedgedoc/tasks/update.yml
@ -1,5 +1,5 @@
 - name: Pull project services
-  community.docker.docker_compose:
+  community.docker.docker_compose_v2:
    project_src: "{{ project_dir }}"
    recreate: never
    pull: true
@ -19,6 +19,6 @@
  when: not run_backup | default(false) and hedgedoc_pulled_images is defined

 - name: Create/Restart project services
-  community.docker.docker_compose:
+  community.docker.docker_compose_v2:
    project_src: "{{ project_dir }}"
-    restarted: "{{ run_setup | default(false) | bool }}"
+    state: "{{ run_setup | default(false) | bool | ternary('restarted', 'present') }}"
--- a/roles/homepage/tasks/update.yml
+++ b/roles/homepage/tasks/update.yml
@ -1,5 +1,5 @@
 - name: Pull project services
-  community.docker.docker_compose:
+  community.docker.docker_compose_v2:
    project_src: "{{ project_dir }}"
    recreate: never
    pull: true
@ -13,6 +13,6 @@
  loop: "{{ homepage_docker_compose_pull_result['actions'] | default([]) | selectattr('pulled_image', 'defined') }}"

 - name: Create/Restart project services
-  community.docker.docker_compose:
+  community.docker.docker_compose_v2:
    project_src: "{{ project_dir }}"
-    restarted: "{{ run_setup | default(false) | bool }}"
+    state: "{{ run_setup | default(false) | bool | ternary('restarted', 'present') }}"
--- a/roles/keycloak/tasks/update.yml
+++ b/roles/keycloak/tasks/update.yml
@ -1,5 +1,5 @@
 - name: Pull project services
-  community.docker.docker_compose:
+  community.docker.docker_compose_v2:
    project_src: "{{ project_dir }}"
    build: true
    recreate: never
@ -20,6 +20,6 @@
  when: not run_backup | default(false) and keycloak_pulled_images is defined

 - name: Create/Restart project services
-  community.docker.docker_compose:
+  community.docker.docker_compose_v2:
    project_src: "{{ project_dir }}"
-    restarted: "{{ run_setup | default(false) | bool }}"
+    state: "{{ run_setup | default(false) | bool | ternary('restarted', 'present') }}"
--- a/roles/mailserver/tasks/update.yml
+++ b/roles/mailserver/tasks/update.yml
@ -1,5 +1,5 @@
 - name: Pull project services
-  community.docker.docker_compose:
+  community.docker.docker_compose_v2:
    project_src: "{{ project_dir }}"
    recreate: never
    pull: true
@ -19,6 +19,6 @@
  when: not run_backup | default(false) and mailserver_pulled_images is defined

 - name: Create/Restart project services
-  community.docker.docker_compose:
+  community.docker.docker_compose_v2:
    project_src: "{{ project_dir }}"
-    restarted: "{{ run_setup | default(false) | bool }}"
+    state: "{{ run_setup | default(false) | bool | ternary('restarted', 'present') }}"
--- a/roles/minecraft/tasks/backup.yml
+++ b/roles/minecraft/tasks/backup.yml
@ -0,0 +1,24 @@
+- name: "Backup PostgreSQL vaultwarden database"
+  shell: >
+    docker exec postgres
+    pg_dump -c {{ role_name }} |
+    borg create
+    --compression lzma
+    "{{ borg_repodir }}::{{ role_name }}-{now:%Y-%m-%d_%H-%M-%S}"
+    -
+    --stdin-name dump_{{ role_name }}.sql
+  environment:
+    DOCKER_HOST: "{{ docker_host }}"
+    BORG_PASSCOMMAND: "cat {{ borg_passphrase_file }}"
+  become: true
+
+- name: Prune borg repository
+  command:
+    cmd: |
+      borg prune
+      --glob-archives='{{ role_name }}-*'
+      {{ borg_prune_options }}
+      {{ borg_repodir }}
+  environment:
+    BORG_PASSCOMMAND: "cat {{ borg_passphrase_file }}"
+  become: true
--- a/roles/minecraft/tasks/main.yml
+++ b/roles/minecraft/tasks/main.yml
@ -0,0 +1,14 @@
+- name: Include backup tasks
+  include_tasks:
+    file: backup.yml
+  when: run_backup | default(false) | bool
+
+- name: Include setup tasks
+  include_tasks:
+    file: setup.yml
+  when: run_setup | default(false) | bool
+
+- name: Include update tasks
+  include_tasks:
+    file: update.yml
+  when: run_update | default(false) | bool
--- a/roles/minecraft/tasks/setup.yml
+++ b/roles/minecraft/tasks/setup.yml
@ -0,0 +1,28 @@
+- name: "(Re)Create {{ project_dir }} project directory"
+  file:
+    path: "{{ project_dir }}"
+    state: "{{ item }}"
+  loop:
+    - absent
+    - directory
+
+- name: Template docker-compose.yaml & .env to project directory
+  template:
+    src: "{{ item }}"
+    dest: "{{ project_dir }}/{{ item }}"
+    owner: "{{ host_uid }}"
+    group: "{{ host_uid }}"
+    mode: '640'
+  loop:
+    - docker-compose.yaml
+    - .env
+
+- name: "Create (if not exists) directory {{ volumes['vaultwarden_datadir'] }} & set permissions"
+  file:
+    path: "{{ volumes['vaultwarden_datadir'] }}"
+    state: directory
+    recurse: true
+    owner: "{{ users['vaultwarden'] + uid_shift }}"
+    group: "{{ users['vaultwarden'] + uid_shift }}"
+    mode: '770'
+  become: true
--- a/roles/minecraft/tasks/update.yml
+++ b/roles/minecraft/tasks/update.yml
@ -0,0 +1,24 @@
+- name: Pull project services
+  community.docker.docker_compose_v2:
+    project_src: "{{ project_dir }}"
+    recreate: never
+    pull: true
+    debug: true
+  when: docker_pull_images | bool
+  register: vaultwarden_docker_compose_pull_result
+
+- name: Display pulled image(s) name
+  set_fact:
+    vaultwarden_pulled_images: "{{ vaultwarden_pulled_images | default([]) + [item.pulled_image.name] }}"
+  loop: "{{ vaultwarden_docker_compose_pull_result['actions'] | default([]) | selectattr('pulled_image', 'defined') }}"
+
+- name: Include backup tasks
+  include_tasks:
+    file: backup.yml
+  # Make a backup if we didn't already make one and we pulled a new image
+  when: not run_backup | default(false) and vaultwarden_pulled_images is defined
+
+- name: Create/Restart project services
+  community.docker.docker_compose_v2:
+    project_src: "{{ project_dir }}"
+    state: "{{ run_setup | default(false) | bool | ternary('restarted', 'present') }}"
--- a/roles/minecraft/templates/.env
+++ b/roles/minecraft/templates/.env
@ -0,0 +1,12 @@
+ADMIN_TOKEN='{{ vaultwarden_secrets["admin_token_hash"] }}'
+DOMAIN=https://vw.{{ domain }}
+SIGNUPS_ALLOWED=false
+
+DATABASE_URL=postgresql://{{ vaultwarden_secrets['postgres_user'] }}:{{ vaultwarden_secrets['postgres_password'] }}@postgres.{{ domain }}:{{ ports['postgres'] }}/vaultwarden
+
+SMTP_HOST=mail.{{ domain }}
+SMTP_FROM=vaultwarden@{{ domain }}
+SMTP_PORT={{ ports['mailserver_smtps'] }}
+SMTP_SECURITY=force_tls
+SMTP_USERNAME='{{ vaultwarden_secrets["smtp_username"] }}'
+SMTP_PASSWORD='{{ vaultwarden_secrets["smtp_password"] }}'
--- a/roles/minecraft/templates/docker-compose.yaml
+++ b/roles/minecraft/templates/docker-compose.yaml
@ -0,0 +1,32 @@
+services:  
+  minecraft:
+    container_name: minecraft
+    image: docker.io/itzg/minecraft-server:latest
+    restart: always
+    deploy:
+      resources:
+        limits:
+          cpus: '0.8'
+    environment:
+      UID: 1011
+      GID: 1011
+      VERSION: 1.21.1
+      EULA: "TRUE"
+      MEMORY: 1.25G
+      ENABLE_COMMAND_BLOCK: "true"
+      MOTD: "Fjeaj"
+      OPS: |
+        Viyurz
+      TYPE: FABRIC
+      MODS: |
+        https://cdn.modrinth.com/data/gvQqBUqZ/versions/5szYtenV/lithium-fabric-mc1.21.1-0.13.0.jar
+        https://cdn.modrinth.com/data/uXXizFIs/versions/wmIZ4wP4/ferritecore-7.0.0-fabric.jar
+    ports:
+      - "3690:25565"
+      - "25565:25565"
+    volumes:
+      - minecraft:/data
+
+volumes:
+  minecraft:
+    name: minecraft
--- a/roles/postgres/tasks/update.yml
+++ b/roles/postgres/tasks/update.yml
@ -1,5 +1,5 @@
 - name: Pull project services
-  community.docker.docker_compose:
+  community.docker.docker_compose_v2:
    project_src: "{{ project_dir }}"
    recreate: never
    pull: true
@ -19,6 +19,6 @@
  when: not run_backup | default(false) and postgres_pulled_images is defined

 - name: Create/Restart project services
-  community.docker.docker_compose:
+  community.docker.docker_compose_v2:
    project_src: "{{ project_dir }}"
-    restarted: "{{ run_setup | default(false) | bool }}"
+    state: "{{ run_setup | default(false) | bool | ternary('restarted', 'present') }}"
--- a/roles/searxng/tasks/update.yml
+++ b/roles/searxng/tasks/update.yml
@ -1,5 +1,5 @@
 - name: Pull project services
-  community.docker.docker_compose:
+  community.docker.docker_compose_v2:
    project_src: "{{ project_dir }}"
    recreate: never
    pull: true
@ -13,6 +13,6 @@
  loop: "{{ searxng_docker_compose_pull_result['actions'] | default([]) | selectattr('pulled_image', 'defined') }}"

 - name: Create/Restart project services
-  community.docker.docker_compose:
+  community.docker.docker_compose_v2:
    project_src: "{{ project_dir }}"
-    restarted: "{{ run_setup | default(false) | bool }}"
+    state: "{{ run_setup | default(false) | bool | ternary('restarted', 'present') }}"
--- a/roles/stump/tasks/update.yml
+++ b/roles/stump/tasks/update.yml
@ -1,5 +1,5 @@
 - name: Pull project services
-  community.docker.docker_compose:
+  community.docker.docker_compose_v2:
    project_src: "{{ project_dir }}"
    recreate: never
    pull: true
@ -19,6 +19,6 @@
  when: not run_backup | default(false) and stump_pulled_images is defined

 - name: Create/Restart project services
-  community.docker.docker_compose:
+  community.docker.docker_compose_v2:
    project_src: "{{ project_dir }}"
-    restarted: "{{ run_setup | default(false) | bool }}"
+    state: "{{ run_setup | default(false) | bool | ternary('restarted', 'present') }}"
--- a/roles/synapse/tasks/update.yml
+++ b/roles/synapse/tasks/update.yml
@ -1,5 +1,5 @@
 - name: Pull project services
-  community.docker.docker_compose:
+  community.docker.docker_compose_v2:
    project_src: "{{ project_dir }}"
    recreate: never
    pull: true
@ -19,6 +19,6 @@
  when: not run_backup | default(false) and synapse_pulled_images is defined

 - name: Create/Restart project services
-  community.docker.docker_compose:
+  community.docker.docker_compose_v2:
    project_src: "{{ project_dir }}"
-    restarted: "{{ run_setup | default(false) | bool }}"
+    state: "{{ run_setup | default(false) | bool | ternary('restarted', 'present') }}"
--- a/roles/syncthing/tasks/update.yml
+++ b/roles/syncthing/tasks/update.yml
@ -1,5 +1,5 @@
 - name: Pull project services
-  community.docker.docker_compose:
+  community.docker.docker_compose_v2:
    project_src: "{{ project_dir }}"
    recreate: never
    pull: true
@ -13,6 +13,6 @@
  loop: "{{ syncthing_docker_compose_pull_result['actions'] | default([]) | selectattr('pulled_image', 'defined') }}"

 - name: Create/Restart project services
-  community.docker.docker_compose:
+  community.docker.docker_compose_v2:
    project_src: "{{ project_dir }}"
-    restarted: "{{ run_setup | default(false) | bool }}"
+    state: "{{ run_setup | default(false) | bool | ternary('restarted', 'present') }}"
--- a/roles/uptime-kuma/tasks/update.yml
+++ b/roles/uptime-kuma/tasks/update.yml
@ -1,5 +1,5 @@
 - name: Pull project services
-  community.docker.docker_compose:
+  community.docker.docker_compose_v2:
    project_src: "{{ project_dir }}"
    recreate: never
    pull: true
@ -19,6 +19,6 @@
  when: not run_backup | default(false) and uptime_kuma_pulled_images is defined

 - name: Create/Restart project services
-  community.docker.docker_compose:
+  community.docker.docker_compose_v2:
    project_src: "{{ project_dir }}"
-    restarted: "{{ run_setup | default(false) | bool }}"
+    state: "{{ run_setup | default(false) | bool | ternary('restarted', 'present') }}"
--- a/roles/vaultwarden/tasks/update.yml
+++ b/roles/vaultwarden/tasks/update.yml
@ -1,5 +1,5 @@
 - name: Pull project services
-  community.docker.docker_compose:
+  community.docker.docker_compose_v2:
    project_src: "{{ project_dir }}"
    recreate: never
    pull: true
@ -19,6 +19,6 @@
  when: not run_backup | default(false) and vaultwarden_pulled_images is defined

 - name: Create/Restart project services
-  community.docker.docker_compose:
+  community.docker.docker_compose_v2:
    project_src: "{{ project_dir }}"
-    restarted: "{{ run_setup | default(false) | bool }}"
+    state: "{{ run_setup | default(false) | bool | ternary('restarted', 'present') }}"