From 8d6730a83e5caae07d01bb061e8c71b40a2ca011 Mon Sep 17 00:00:00 2001 From: Viyurz Date: Sat, 7 Sep 2024 10:16:47 +0200 Subject: [PATCH] Added DIUN --- env.yml | 1 + roles/diun/tasks/main.yml | 9 +++++++++ roles/diun/tasks/setup.yml | 19 +++++++++++++++++++ roles/diun/tasks/update.yml | 24 ++++++++++++++++++++++++ roles/diun/templates/.env | 6 ++++++ roles/diun/templates/docker-compose.yaml | 15 +++++++++++++++ roles/diun/templates/images.yml | 17 +++++++++++++++++ secrets.yml.example | 3 +++ 8 files changed, 94 insertions(+) create mode 100644 roles/diun/tasks/main.yml create mode 100644 roles/diun/tasks/setup.yml create mode 100644 roles/diun/tasks/update.yml create mode 100644 roles/diun/templates/.env create mode 100644 roles/diun/templates/docker-compose.yaml create mode 100644 roles/diun/templates/images.yml diff --git a/env.yml b/env.yml index faed96c..1f4b063 100644 --- a/env.yml +++ b/env.yml @@ -46,6 +46,7 @@ cifs_mounts: projects: - coturn + - diun - element - etebase - fireshare diff --git a/roles/diun/tasks/main.yml b/roles/diun/tasks/main.yml new file mode 100644 index 0000000..2b65be3 --- /dev/null +++ b/roles/diun/tasks/main.yml @@ -0,0 +1,9 @@ +- name: Include setup tasks + include_tasks: + file: setup.yml + when: run_setup | default(false) | bool + +- name: Include update tasks + include_tasks: + file: update.yml + when: run_update | default(false) | bool diff --git a/roles/diun/tasks/setup.yml b/roles/diun/tasks/setup.yml new file mode 100644 index 0000000..aa325cc --- /dev/null +++ b/roles/diun/tasks/setup.yml @@ -0,0 +1,19 @@ +- name: "(Re)Create {{ project_dir }} project directory" + file: + path: "{{ project_dir }}" + state: "{{ item }}" + loop: + - absent + - directory + +- name: Template docker-compose.yaml, .env & images.yml to project directory + template: + src: "{{ item }}" + dest: "{{ project_dir }}/{{ item }}" + owner: "{{ host_uid }}" + group: "{{ host_uid }}" + mode: '640' + loop: + - docker-compose.yaml + - .env + - images.yml diff --git a/roles/diun/tasks/update.yml b/roles/diun/tasks/update.yml new file mode 100644 index 0000000..6a27cb8 --- /dev/null +++ b/roles/diun/tasks/update.yml @@ -0,0 +1,24 @@ +- name: Pull project services + community.docker.docker_compose: + project_src: "{{ project_dir }}" + recreate: never + pull: true + debug: true + when: docker_pull_images | bool + register: diun_docker_compose_pull_result + +- name: Display pulled image(s) name + set_fact: + diun_pulled_images: "{{ diun_pulled_images | default([]) + [item.pulled_image.name] }}" + loop: "{{ diun_docker_compose_pull_result['actions'] | default([]) | selectattr('pulled_image', 'defined') }}" + +- name: Include backup tasks + include_tasks: + file: backup.yml + # Make a backup if we didn't already make one and we pulled a new image + when: not run_backup | default(false) and diun_pulled_images is defined + +- name: Create/Restart project services + community.docker.docker_compose: + project_src: "{{ project_dir }}" + restarted: "{{ run_setup | default(false) | bool }}" diff --git a/roles/diun/templates/.env b/roles/diun/templates/.env new file mode 100644 index 0000000..ef509e7 --- /dev/null +++ b/roles/diun/templates/.env @@ -0,0 +1,6 @@ +TZ={{ timezone }} +DIUN_WATCH_SCHEDULE='0 */6 * * *' +DIUN_PROVIDERS_DOCKER=true +DIUN_PROVIDERS_DOCKER_WATCHBYDEFAULT=true +DIUN_PROVIDERS_FILE_FILENAME=/etc/diun/images.yml +DIUN_NOTIF_DISCORD_WEBHOOKURL='{{ diun_secrets["webhookurl"] }}' diff --git a/roles/diun/templates/docker-compose.yaml b/roles/diun/templates/docker-compose.yaml new file mode 100644 index 0000000..101c03b --- /dev/null +++ b/roles/diun/templates/docker-compose.yaml @@ -0,0 +1,15 @@ +services: + diun: + image: docker.io/crazymax/diun:4 + container_name: diun + command: serve + restart: always + env_file: .env + volumes: + - {{ docker_host | regex_replace('^unix://', '') }}:/var/run/docker.sock:ro + - ./images.yml:/etc/diun/images.yml:ro + - diun-data:/data + +volumes: + diun-data: + name: diun-data diff --git a/roles/diun/templates/images.yml b/roles/diun/templates/images.yml new file mode 100644 index 0000000..0fb58a2 --- /dev/null +++ b/roles/diun/templates/images.yml @@ -0,0 +1,17 @@ +- name: quay.io/hedgedoc/hedgedoc + watch_repo: true + include_tags: + - ^2 + +- name: docker.io/stalwartlabs/mail-server + watch_repo: true + include_tags: + - ^v0\.(9|\d{2}) + - ^v1 + +- name: docker.io/aaronleopold/stump + watch_repo: true + include_tags: + - ^0\.0\.([5-9]|\d{2})$ + - ^0\.([1-9]|\d{2}) + - ^1 diff --git a/secrets.yml.example b/secrets.yml.example index 6f98ef0..9a4addf 100644 --- a/secrets.yml.example +++ b/secrets.yml.example @@ -11,6 +11,9 @@ cifs_credentials: coturn_secrets: static_auth_secret: +diun_secrets: + webhookurl: + fireshare_secrets: admin_username: admin_password: