Roles: Move update tasks to update.yml for consistency.

Roles which require backup (etebase, synapse & vaultwarden) have their
tasks splitted into two files (backup.yml & update.yml), which are
executed based on the value of run_backup & run_update variables.

For consistency, move the update tasks to update.yml for every role,
even if they do not have any backup task.

roles/coturn/tasks/main.yml

@@ -1,81 +1,4 @@
-- name: "Create {{ coturn_project_dir }} project directory"
+- name: Include update tasks
-  file:
+  include_tasks:
-    path: "{{ coturn_project_dir }}"
+    file: update.yml
-    state: directory
+  when: run_update | default(false) | bool
-
-- name: Template docker-compose.yaml to project directory
-  template:
-    src: docker-compose.yaml
-    dest: "{{ coturn_project_dir }}/docker-compose.yaml"
-    owner: "{{ ansible_env['USER'] }}"
-    group: "{{ ansible_env['USER'] }}"
-    mode: '640'
-
-- name: Template turnserver.conf to project directory
-  template:
-    src: turnserver.conf
-    dest: "{{ coturn_project_dir }}/turnserver.conf"
-    owner: "{{ ansible_env['USER'] }}"
-    mode: '640'
-  # Store result to restart services if the file changed
-  register: coturn_template_turnserver_result
-
-# Separate task because template module cannot chown/chgrp to a non-existing user/group
-- name: "Change group of turnserver.conf to coturn GID ({{ users['coturn'] + uid_shift }})"
-  file:
-    path: "{{ coturn_project_dir }}/turnserver.conf"
-    group: "{{ users['coturn'] + uid_shift }}"
-  become: true
-
-- name: Set limited permissions on certificate directories
-  file:
-    path: "/etc/{{ item }}"
-    state: directory
-    owner: root
-    group: root
-    mode: '751'
-  become: true
-  loop:
-    - letsencrypt
-    - letsencrypt/live
-    - letsencrypt/archive
-
-- name: Set limited permissions on certificate directories
-  file:
-    path: "/etc/letsencrypt/{{ item }}/turn.{{ domain }}"
-    state: directory
-    owner: "{{ host_uid }}"
-    group: "{{ users['coturn'] + uid_shift }}"
-    mode: '550'
-  become: true
-  loop:
-    - live
-    - archive
-
-- name: Set limited permissions on certificate key file
-  file:
-    path: "/etc/letsencrypt/live/turn.{{ domain }}/privkey.pem"
-    owner: root
-    group: "{{ users['coturn'] + uid_shift }}"
-    mode: '640'
-  become: true
-
-- name: Pull project services
-  community.docker.docker_compose:
-    project_src: "{{ coturn_project_dir }}"
-    recreate: never
-    pull: true
-    debug: true
-  when: docker_pull_images | bool
-  register: coturn_docker_compose_pull_result
-
-- name: Display pulled image(s) name
-  set_fact:
-    coturn_pulled_images: "{{ coturn_pulled_images | default([]) + [item.pulled_image.name] }}"
-  loop: "{{ coturn_docker_compose_pull_result['actions'] | default([]) | selectattr('pulled_image', 'defined') }}"
-
-- name: Create/Restart project services
-  community.docker.docker_compose:
-    project_src: "{{ coturn_project_dir }}"
-    # Restart if config file(s) changed
-    restarted: "{{ coturn_template_turnserver_result['changed'] | bool }}"

roles/coturn/tasks/update.yml

@@ -0,0 +1,81 @@
+- name: "Create {{ coturn_project_dir }} project directory"
+  file:
+    path: "{{ coturn_project_dir }}"
+    state: directory
+
+- name: Template docker-compose.yaml to project directory
+  template:
+    src: docker-compose.yaml
+    dest: "{{ coturn_project_dir }}/docker-compose.yaml"
+    owner: "{{ ansible_env['USER'] }}"
+    group: "{{ ansible_env['USER'] }}"
+    mode: '640'
+
+- name: Template turnserver.conf to project directory
+  template:
+    src: turnserver.conf
+    dest: "{{ coturn_project_dir }}/turnserver.conf"
+    owner: "{{ ansible_env['USER'] }}"
+    mode: '640'
+  # Store result to restart services if the file changed
+  register: coturn_template_turnserver_result
+
+# Separate task because template module cannot chown/chgrp to a non-existing user/group
+- name: "Change group of turnserver.conf to coturn GID ({{ users['coturn'] + uid_shift }})"
+  file:
+    path: "{{ coturn_project_dir }}/turnserver.conf"
+    group: "{{ users['coturn'] + uid_shift }}"
+  become: true
+
+- name: Set limited permissions on certificate directories
+  file:
+    path: "/etc/{{ item }}"
+    state: directory
+    owner: root
+    group: root
+    mode: '751'
+  become: true
+  loop:
+    - letsencrypt
+    - letsencrypt/live
+    - letsencrypt/archive
+
+- name: Set limited permissions on certificate directories
+  file:
+    path: "/etc/letsencrypt/{{ item }}/turn.{{ domain }}"
+    state: directory
+    owner: "{{ host_uid }}"
+    group: "{{ users['coturn'] + uid_shift }}"
+    mode: '550'
+  become: true
+  loop:
+    - live
+    - archive
+
+- name: Set limited permissions on certificate key file
+  file:
+    path: "/etc/letsencrypt/live/turn.{{ domain }}/privkey.pem"
+    owner: root
+    group: "{{ users['coturn'] + uid_shift }}"
+    mode: '640'
+  become: true
+
+- name: Pull project services
+  community.docker.docker_compose:
+    project_src: "{{ coturn_project_dir }}"
+    recreate: never
+    pull: true
+    debug: true
+  when: docker_pull_images | bool
+  register: coturn_docker_compose_pull_result
+
+- name: Display pulled image(s) name
+  set_fact:
+    coturn_pulled_images: "{{ coturn_pulled_images | default([]) + [item.pulled_image.name] }}"
+  loop: "{{ coturn_docker_compose_pull_result['actions'] | default([]) | selectattr('pulled_image', 'defined') }}"
+
+- name: Create/Restart project services
+  community.docker.docker_compose:
+    project_src: "{{ coturn_project_dir }}"
+    # Restart if config file(s) changed
+    restarted: "{{ coturn_template_turnserver_result['changed'] | bool }}"

roles/element/tasks/main.yml

@@ -1,41 +1,4 @@
-- name: "Create {{ element_project_dir }} project directory"
+- name: Include update tasks
-  file:
+  include_tasks:
-    path: "{{ element_project_dir }}"
+    file: update.yml
-    state: directory
+  when: run_update | default(false) | bool
-
-- name: Template docker-compose.yaml to project directory
-  template:
-    src: docker-compose.yaml
-    dest: "{{ element_project_dir }}/docker-compose.yaml"
-    owner: "{{ ansible_env['USER'] }}"
-    group: "{{ ansible_env['USER'] }}"
-    mode: '640'
-
-- name: Template config.json to project directory
-  template:
-    src: config.json
-    dest: "{{ element_project_dir }}/config.json"
-    owner: "{{ ansible_env['USER'] }}"
-    group: "{{ ansible_env['USER'] }}"
-    mode: '644'
-  register: element_template_config_result
-
-- name: Pull project services
-  community.docker.docker_compose:
-    project_src: "{{ element_project_dir }}"
-    recreate: never
-    pull: true
-    debug: true
-  when: docker_pull_images | bool
-  register: element_docker_compose_pull_result
-
-- name: Display pulled image(s) name
-  set_fact:
-    element_pulled_images: "{{ element_pulled_images | default([]) + [item.pulled_image.name] }}"
-  loop: "{{ element_docker_compose_pull_result['actions'] | default([]) | selectattr('pulled_image', 'defined') }}"
-
-- name: Create/Restart project services
-  community.docker.docker_compose:
-    project_src: "{{ element_project_dir }}"
-    # Restart if config file(s) changed
-    restarted: "{{ element_template_config_result['changed'] | bool }}"

roles/element/tasks/update.yml

@@ -0,0 +1,41 @@
+- name: "Create {{ element_project_dir }} project directory"
+  file:
+    path: "{{ element_project_dir }}"
+    state: directory
+
+- name: Template docker-compose.yaml to project directory
+  template:
+    src: docker-compose.yaml
+    dest: "{{ element_project_dir }}/docker-compose.yaml"
+    owner: "{{ ansible_env['USER'] }}"
+    group: "{{ ansible_env['USER'] }}"
+    mode: '640'
+
+- name: Template config.json to project directory
+  template:
+    src: config.json
+    dest: "{{ element_project_dir }}/config.json"
+    owner: "{{ ansible_env['USER'] }}"
+    group: "{{ ansible_env['USER'] }}"
+    mode: '644'
+  register: element_template_config_result
+
+- name: Pull project services
+  community.docker.docker_compose:
+    project_src: "{{ element_project_dir }}"
+    recreate: never
+    pull: true
+    debug: true
+  when: docker_pull_images | bool
+  register: element_docker_compose_pull_result
+
+- name: Display pulled image(s) name
+  set_fact:
+    element_pulled_images: "{{ element_pulled_images | default([]) + [item.pulled_image.name] }}"
+  loop: "{{ element_docker_compose_pull_result['actions'] | default([]) | selectattr('pulled_image', 'defined') }}"
+
+- name: Create/Restart project services
+  community.docker.docker_compose:
+    project_src: "{{ element_project_dir }}"
+    # Restart if config file(s) changed
+    restarted: "{{ element_template_config_result['changed'] | bool }}"

roles/hedgedoc/tasks/main.yml

@@ -1,48 +1,4 @@
-- name: "Create {{ hedgedoc_project_dir }} project directory"
+- name: Include update tasks
-  file:
+  include_tasks:
-    path: "{{ hedgedoc_project_dir }}"
+    file: update.yml
-    state: directory
+  when: run_update | default(false) | bool
-
-- name: Template docker-compose.yaml to project directory
-  template:
-    src: docker-compose.yaml
-    dest: "{{ hedgedoc_project_dir }}/docker-compose.yaml"
-    owner: "{{ ansible_env['USER'] }}"
-    group: "{{ ansible_env['USER'] }}"
-    mode: '640'
-
-- name: "Create directory {{ volumes['hedgedoc_configdir'] }} with correct permissions"
-  file:
-    path: "{{ volumes['hedgedoc_configdir'] }}"
-    state: directory
-    owner: "{{ users['hedgedoc'] + uid_shift }}"
-    group: "{{ users['hedgedoc'] + uid_shift }}"
-    mode: '770'
-  become: true
-
-- name: "Create directory {{ volumes['hedgedoc_mysql_datadir'] }} with correct permissions"
-  file:
-    path: "{{ volumes['hedgedoc_mysql_datadir'] }}"
-    state: directory
-    owner: "{{ users['hedgedoc_mysql'] + uid_shift }}"
-    group: "{{ users['hedgedoc_mysql'] + uid_shift }}"
-    mode: '770'
-  become: true
-
-- name: Pull project services
-  community.docker.docker_compose:
-    project_src: "{{ hedgedoc_project_dir }}"
-    recreate: never
-    pull: true
-    debug: true
-  when: docker_pull_images | bool
-  register: hedgedoc_docker_compose_pull_result
-
-- name: Display pulled image(s) name
-  set_fact:
-    hedgedoc_pulled_images: "{{ hedgedoc_pulled_images | default([]) + [item.pulled_image.name] }}"
-  loop: "{{ hedgedoc_docker_compose_pull_result['actions'] | default([]) | selectattr('pulled_image', 'defined') }}"
-
-- name: Create/Restart project services
-  community.docker.docker_compose:
-    project_src: "{{ hedgedoc_project_dir }}"

roles/hedgedoc/tasks/update.yml

@@ -0,0 +1,48 @@
+- name: "Create {{ hedgedoc_project_dir }} project directory"
+  file:
+    path: "{{ hedgedoc_project_dir }}"
+    state: directory
+
+- name: Template docker-compose.yaml to project directory
+  template:
+    src: docker-compose.yaml
+    dest: "{{ hedgedoc_project_dir }}/docker-compose.yaml"
+    owner: "{{ ansible_env['USER'] }}"
+    group: "{{ ansible_env['USER'] }}"
+    mode: '640'
+
+- name: "Create directory {{ volumes['hedgedoc_configdir'] }} with correct permissions"
+  file:
+    path: "{{ volumes['hedgedoc_configdir'] }}"
+    state: directory
+    owner: "{{ users['hedgedoc'] + uid_shift }}"
+    group: "{{ users['hedgedoc'] + uid_shift }}"
+    mode: '770'
+  become: true
+
+- name: "Create directory {{ volumes['hedgedoc_mysql_datadir'] }} with correct permissions"
+  file:
+    path: "{{ volumes['hedgedoc_mysql_datadir'] }}"
+    state: directory
+    owner: "{{ users['hedgedoc_mysql'] + uid_shift }}"
+    group: "{{ users['hedgedoc_mysql'] + uid_shift }}"
+    mode: '770'
+  become: true
+
+- name: Pull project services
+  community.docker.docker_compose:
+    project_src: "{{ hedgedoc_project_dir }}"
+    recreate: never
+    pull: true
+    debug: true
+  when: docker_pull_images | bool
+  register: hedgedoc_docker_compose_pull_result
+
+- name: Display pulled image(s) name
+  set_fact:
+    hedgedoc_pulled_images: "{{ hedgedoc_pulled_images | default([]) + [item.pulled_image.name] }}"
+  loop: "{{ hedgedoc_docker_compose_pull_result['actions'] | default([]) | selectattr('pulled_image', 'defined') }}"
+
+- name: Create/Restart project services
+  community.docker.docker_compose:
+    project_src: "{{ hedgedoc_project_dir }}"

roles/homepage/tasks/main.yml

@@ -1,42 +1,4 @@
-- name: "Create {{ homepage_project_dir }} project directory"
+- name: Include update tasks
-  file:
+  include_tasks:
-    path: "{{ homepage_project_dir }}"
+    file: update.yml
-    state: directory
+  when: run_update | default(false) | bool
-
-- name: Template docker-compose.yaml to project directory
-  template:
-    src: docker-compose.yaml
-    dest: "{{ homepage_project_dir }}/docker-compose.yaml"
-    owner: "{{ ansible_env['USER'] }}"
-    group: "{{ ansible_env['USER'] }}"
-    mode: '640'
-
-- name: Copy nginx.conf and index/ to project directory
-  copy:
-    src: "{{ role_path }}/files/"
-    dest: "{{ homepage_project_dir }}"
-    owner: "{{ ansible_env['USER'] }}"
-    group: "{{ ansible_env['USER'] }}"
-    mode: '644'
-  # Store result to restart services if the file(s) changed
-  register: homepage_copy_files_result
-
-- name: Pull project services
-  community.docker.docker_compose:
-    project_src: "{{ homepage_project_dir }}"
-    recreate: never
-    pull: true
-    debug: true
-  when: docker_pull_images | bool
-  register: homepage_docker_compose_pull_result
-
-- name: Display pulled image(s) name
-  set_fact:
-    homepage_pulled_images: "{{ homepage_pulled_images | default([]) + [item.pulled_image.name] }}"
-  loop: "{{ homepage_docker_compose_pull_result['actions'] | default([]) | selectattr('pulled_image', 'defined') }}"
-
-- name: Create/Restart project services
-  community.docker.docker_compose:
-    project_src: "{{ homepage_project_dir }}"
-    # Restart if config file(s) changed
-    restarted: "{{ homepage_copy_files_result['changed'] | bool }}"

roles/homepage/tasks/update.yml

@@ -0,0 +1,42 @@
+- name: "Create {{ homepage_project_dir }} project directory"
+  file:
+    path: "{{ homepage_project_dir }}"
+    state: directory
+
+- name: Template docker-compose.yaml to project directory
+  template:
+    src: docker-compose.yaml
+    dest: "{{ homepage_project_dir }}/docker-compose.yaml"
+    owner: "{{ ansible_env['USER'] }}"
+    group: "{{ ansible_env['USER'] }}"
+    mode: '640'
+
+- name: Copy nginx.conf and index/ to project directory
+  copy:
+    src: "{{ role_path }}/files/"
+    dest: "{{ homepage_project_dir }}"
+    owner: "{{ ansible_env['USER'] }}"
+    group: "{{ ansible_env['USER'] }}"
+    mode: '644'
+  # Store result to restart services if the file(s) changed
+  register: homepage_copy_files_result
+
+- name: Pull project services
+  community.docker.docker_compose:
+    project_src: "{{ homepage_project_dir }}"
+    recreate: never
+    pull: true
+    debug: true
+  when: docker_pull_images | bool
+  register: homepage_docker_compose_pull_result
+
+- name: Display pulled image(s) name
+  set_fact:
+    homepage_pulled_images: "{{ homepage_pulled_images | default([]) + [item.pulled_image.name] }}"
+  loop: "{{ homepage_docker_compose_pull_result['actions'] | default([]) | selectattr('pulled_image', 'defined') }}"
+
+- name: Create/Restart project services
+  community.docker.docker_compose:
+    project_src: "{{ homepage_project_dir }}"
+    # Restart if config file(s) changed
+    restarted: "{{ homepage_copy_files_result['changed'] | bool }}"

roles/searxng/tasks/main.yml

@@ -1,42 +1,4 @@
-- name: "Create {{ searxng_project_dir }} project directory"
+- name: Include update tasks
-  file:
+  include_tasks:
-    path: "{{ searxng_project_dir }}"
+    file: update.yml
-    state: directory
+  when: run_update | default(false) | bool
-
-- name: Template docker-compose.yaml to project directory
-  template:
-    src: docker-compose.yaml
-    dest: "{{ searxng_project_dir }}/docker-compose.yaml"
-    owner: "{{ ansible_env['USER'] }}"
-    group: "{{ ansible_env['USER'] }}"
-    mode: '640'
-
-- name: Copy settings.yml and limiter.toml to project directory
-  copy:
-    src: "{{ role_path }}/files/"
-    dest: "{{ searxng_project_dir }}"
-    owner: "{{ ansible_env['USER'] }}"
-    group: "{{ ansible_env['USER'] }}"
-    mode: '644'
-  # Store result to restart services if the file(s) changed
-  register: searxng_copy_files_result
-
-- name: Pull project services
-  community.docker.docker_compose:
-    project_src: "{{ searxng_project_dir }}"
-    recreate: never
-    pull: true
-    debug: true
-  when: docker_pull_images | bool
-  register: searxng_docker_compose_pull_result
-
-- name: Display pulled image(s) name
-  set_fact:
-    searxng_pulled_images: "{{ searxng_pulled_images | default([]) + [item.pulled_image.name] }}"
-  loop: "{{ searxng_docker_compose_pull_result['actions'] | default([]) | selectattr('pulled_image', 'defined') }}"
-
-- name: Create/Restart project services
-  community.docker.docker_compose:
-    project_src: "{{ searxng_project_dir }}"
-    # Restart if config file(s) changed
-    restarted: "{{ searxng_copy_files_result['changed'] | bool }}"

roles/searxng/tasks/update.yml

@@ -0,0 +1,42 @@
+- name: "Create {{ searxng_project_dir }} project directory"
+  file:
+    path: "{{ searxng_project_dir }}"
+    state: directory
+
+- name: Template docker-compose.yaml to project directory
+  template:
+    src: docker-compose.yaml
+    dest: "{{ searxng_project_dir }}/docker-compose.yaml"
+    owner: "{{ ansible_env['USER'] }}"
+    group: "{{ ansible_env['USER'] }}"
+    mode: '640'
+
+- name: Copy settings.yml and limiter.toml to project directory
+  copy:
+    src: "{{ role_path }}/files/"
+    dest: "{{ searxng_project_dir }}"
+    owner: "{{ ansible_env['USER'] }}"
+    group: "{{ ansible_env['USER'] }}"
+    mode: '644'
+  # Store result to restart services if the file(s) changed
+  register: searxng_copy_files_result
+
+- name: Pull project services
+  community.docker.docker_compose:
+    project_src: "{{ searxng_project_dir }}"
+    recreate: never
+    pull: true
+    debug: true
+  when: docker_pull_images | bool
+  register: searxng_docker_compose_pull_result
+
+- name: Display pulled image(s) name
+  set_fact:
+    searxng_pulled_images: "{{ searxng_pulled_images | default([]) + [item.pulled_image.name] }}"
+  loop: "{{ searxng_docker_compose_pull_result['actions'] | default([]) | selectattr('pulled_image', 'defined') }}"
+
+- name: Create/Restart project services
+  community.docker.docker_compose:
+    project_src: "{{ searxng_project_dir }}"
+    # Restart if config file(s) changed
+    restarted: "{{ searxng_copy_files_result['changed'] | bool }}"

roles/syncthing/tasks/main.yml

@@ -1,30 +1,4 @@
-- name: "Create {{ syncthing_project_dir }} project directory"
+- name: Include update tasks
-  file:
+  include_tasks:
-    path: "{{ syncthing_project_dir }}"
+    file: update.yml
-    state: directory
+  when: run_update | default(false) | bool
-
-- name: Template docker-compose.yaml to project directory
-  template:
-    src: docker-compose.yaml
-    dest: "{{ syncthing_project_dir }}/docker-compose.yaml"
-    owner: "{{ ansible_env['USER'] }}"
-    group: "{{ ansible_env['USER'] }}"
-    mode: '640'
-
-- name: Pull project services
-  community.docker.docker_compose:
-    project_src: "{{ syncthing_project_dir }}"
-    recreate: never
-    pull: true
-    debug: true
-  when: docker_pull_images | bool
-  register: syncthing_docker_compose_pull_result
-
-- name: Display pulled image(s) name
-  set_fact:
-    syncthing_pulled_images: "{{ syncthing_pulled_images | default([]) + [item.pulled_image.name] }}"
-  loop: "{{ syncthing_docker_compose_pull_result['actions'] | default([]) | selectattr('pulled_image', 'defined') }}"
-
-- name: Create/Restart project services
-  community.docker.docker_compose:
-    project_src: "{{ syncthing_project_dir }}"

roles/syncthing/tasks/update.yml

@@ -0,0 +1,30 @@
+- name: "Create {{ syncthing_project_dir }} project directory"
+  file:
+    path: "{{ syncthing_project_dir }}"
+    state: directory
+
+- name: Template docker-compose.yaml to project directory
+  template:
+    src: docker-compose.yaml
+    dest: "{{ syncthing_project_dir }}/docker-compose.yaml"
+    owner: "{{ ansible_env['USER'] }}"
+    group: "{{ ansible_env['USER'] }}"
+    mode: '640'
+
+- name: Pull project services
+  community.docker.docker_compose:
+    project_src: "{{ syncthing_project_dir }}"
+    recreate: never
+    pull: true
+    debug: true
+  when: docker_pull_images | bool
+  register: syncthing_docker_compose_pull_result
+
+- name: Display pulled image(s) name
+  set_fact:
+    syncthing_pulled_images: "{{ syncthing_pulled_images | default([]) + [item.pulled_image.name] }}"
+  loop: "{{ syncthing_docker_compose_pull_result['actions'] | default([]) | selectattr('pulled_image', 'defined') }}"
+
+- name: Create/Restart project services
+  community.docker.docker_compose:
+    project_src: "{{ syncthing_project_dir }}"