Split setup & updates tasks to allow running only update ones.

This commit is contained in:
Viyurz 2024-04-20 12:17:10 +02:00
parent 87fcad3add
commit e3abbbb8fe
Signed by: Viyurz
SSH key fingerprint: SHA256:IskOHTmhHSJIvAt04N6aaxd5SZCVWW1Guf9tEcxIMj8
45 changed files with 492 additions and 399 deletions

View file

@ -8,7 +8,6 @@
hosts: localhost hosts: localhost
vars: vars:
run_backup: true run_backup: true
run_update: false
vars_prompt: vars_prompt:
- name: selected_projects - name: selected_projects
prompt: "Choose projects to backup (leave empty to backup all. Projects list: {{ hostvars['localhost']['projects_to_backup'] }})" prompt: "Choose projects to backup (leave empty to backup all. Projects list: {{ hostvars['localhost']['projects_to_backup'] }})"

View file

@ -0,0 +1,30 @@
- name: Include variables files
hosts: localhost
roles:
- include-vars
- name: Setup & update project(s)
hosts: localhost
vars:
run_setup: true
run_update: true
vars_prompt:
- name: selected_projects
prompt: "Choose projects to setup & update (Keep empty to select all. Projects list: {{ hostvars['localhost']['projects'] }})"
private: false
unsafe: true
- name: docker_pull_images
prompt: "Pull project(s) images?"
default: false
private: false
tasks:
- name: Setup & update project(s)
include_role:
name: "{{ project }}"
loop: "{{ (selected_projects | split) | default(projects, true) }}"
loop_control:
# Do not use default variable name 'item' to prevent collisions with loops in roles.
loop_var: project
when: project in projects

View file

@ -6,8 +6,6 @@
- name: Update project(s) - name: Update project(s)
hosts: localhost hosts: localhost
vars: vars:
run_backup: false
run_setup: true
run_update: true run_update: true
vars_prompt: vars_prompt:
- name: selected_projects - name: selected_projects

View file

@ -1,7 +1,10 @@
- name: "Create {{ project_dir }} project directory" - name: "(Re)Create {{ project_dir }} project directory"
file: file:
path: "{{ project_dir }}" path: "{{ project_dir }}"
state: directory state: "{{ item }}"
loop:
- absent
- directory
- name: Template docker-compose.yaml & configuration.yml to project directory - name: Template docker-compose.yaml & configuration.yml to project directory
template: template:
@ -13,7 +16,6 @@
loop: loop:
- docker-compose.yaml - docker-compose.yaml
- configuration.yml - configuration.yml
register: authelia_template_configuration_result
# Separate task because template module cannot chown/chgrp to a non-existing user/group # Separate task because template module cannot chown/chgrp to a non-existing user/group
- name: "Change group of homeserver.yaml to Authelia GID ({{ users['authelia'] + uid_shift }})" - name: "Change group of homeserver.yaml to Authelia GID ({{ users['authelia'] + uid_shift }})"

View file

@ -16,9 +16,9 @@
include_tasks: include_tasks:
file: backup.yml file: backup.yml
# Make a backup if we didn't already make one and we pulled a new image # Make a backup if we didn't already make one and we pulled a new image
when: not run_backup and authelia_pulled_images is defined when: not run_backup | default(false) and authelia_pulled_images is defined
- name: Create/Restart project services - name: Create/Restart project services
community.docker.docker_compose: community.docker.docker_compose:
project_src: "{{ project_dir }}" project_src: "{{ project_dir }}"
restarted: "{{ authelia_template_configuration_result['changed'] | default(false) | bool }}" restarted: "{{ run_setup | default(false) | bool }}"

View file

@ -1,3 +1,8 @@
- name: Include setup tasks
include_tasks:
file: setup.yml
when: run_setup | default(false) | bool
- name: Include update tasks - name: Include update tasks
include_tasks: include_tasks:
file: update.yml file: update.yml

View file

@ -0,0 +1,58 @@
- name: "(Re)Create {{ project_dir }} project directory"
file:
path: "{{ project_dir }}"
state: "{{ item }}"
loop:
- absent
- directory
- name: Template docker-compose.yaml & turnserver.conf to project directory
template:
src: "{{ item }}"
dest: "{{ project_dir }}/{{ item }}"
owner: "{{ host_uid }}"
group: "{{ host_uid }}"
mode: '640'
loop:
- docker-compose.yaml
- turnserver.conf
# Separate task because template module cannot chown/chgrp to a non-existing user/group
- name: "Change group of turnserver.conf to coturn GID ({{ users['coturn'] + uid_shift }})"
file:
path: "{{ project_dir }}/turnserver.conf"
group: "{{ users['coturn'] + uid_shift }}"
become: true
- name: Set limited permissions on certificate directories
file:
path: "/etc/{{ item }}"
state: directory
owner: root
group: root
mode: '751'
become: true
loop:
- letsencrypt
- letsencrypt/live
- letsencrypt/archive
- name: Set limited permissions on certificate directories
file:
path: "/etc/letsencrypt/{{ item }}/turn.{{ domain }}"
state: directory
owner: "{{ host_uid }}"
group: "{{ users['coturn'] + uid_shift }}"
mode: '550'
become: true
loop:
- live
- archive
- name: Set limited permissions on certificate key file
file:
path: "/etc/letsencrypt/live/turn.{{ domain }}/privkey.pem"
owner: root
group: "{{ users['coturn'] + uid_shift }}"
mode: '640'
become: true

View file

@ -1,65 +1,3 @@
- name: "Create {{ project_dir }} project directory"
file:
path: "{{ project_dir }}"
state: directory
- name: Template docker-compose.yaml to project directory
template:
src: docker-compose.yaml
dest: "{{ project_dir }}/docker-compose.yaml"
owner: "{{ host_uid }}"
group: "{{ host_uid }}"
mode: '640'
- name: Template turnserver.conf to project directory
template:
src: turnserver.conf
dest: "{{ project_dir }}/turnserver.conf"
owner: "{{ host_uid }}"
mode: '640'
# Store result to restart services if the file changed
register: coturn_template_turnserver_result
# Separate task because template module cannot chown/chgrp to a non-existing user/group
- name: "Change group of turnserver.conf to coturn GID ({{ users['coturn'] + uid_shift }})"
file:
path: "{{ project_dir }}/turnserver.conf"
group: "{{ users['coturn'] + uid_shift }}"
become: true
- name: Set limited permissions on certificate directories
file:
path: "/etc/{{ item }}"
state: directory
owner: root
group: root
mode: '751'
become: true
loop:
- letsencrypt
- letsencrypt/live
- letsencrypt/archive
- name: Set limited permissions on certificate directories
file:
path: "/etc/letsencrypt/{{ item }}/turn.{{ domain }}"
state: directory
owner: "{{ host_uid }}"
group: "{{ users['coturn'] + uid_shift }}"
mode: '550'
become: true
loop:
- live
- archive
- name: Set limited permissions on certificate key file
file:
path: "/etc/letsencrypt/live/turn.{{ domain }}/privkey.pem"
owner: root
group: "{{ users['coturn'] + uid_shift }}"
mode: '640'
become: true
- name: Pull project services - name: Pull project services
community.docker.docker_compose: community.docker.docker_compose:
project_src: "{{ project_dir }}" project_src: "{{ project_dir }}"
@ -77,5 +15,4 @@
- name: Create/Restart project services - name: Create/Restart project services
community.docker.docker_compose: community.docker.docker_compose:
project_src: "{{ project_dir }}" project_src: "{{ project_dir }}"
# Restart if config file(s) changed restarted: "{{ run_setup | default(false) | bool }}"
restarted: "{{ coturn_template_turnserver_result['changed'] | bool }}"

View file

@ -1,3 +1,8 @@
- name: Include setup tasks
include_tasks:
file: setup.yml
when: run_setup | default(false) | bool
- name: Include update tasks - name: Include update tasks
include_tasks: include_tasks:
file: update.yml file: update.yml

View file

@ -0,0 +1,18 @@
- name: "(Re)Create {{ project_dir }} project directory"
file:
path: "{{ project_dir }}"
state: "{{ item }}"
loop:
- absent
- directory
- name: Template docker-compose.yaml & config.json to project directory
template:
src: "{{ item }}"
dest: "{{ project_dir }}/{{ item }}"
owner: "{{ host_uid }}"
group: "{{ host_uid }}"
mode: '644'
loop:
- docker-compose.yaml
- config.json

View file

@ -1,25 +1,3 @@
- name: "Create {{ project_dir }} project directory"
file:
path: "{{ project_dir }}"
state: directory
- name: Template docker-compose.yaml to project directory
template:
src: docker-compose.yaml
dest: "{{ project_dir }}/docker-compose.yaml"
owner: "{{ host_uid }}"
group: "{{ host_uid }}"
mode: '640'
- name: Template config.json to project directory
template:
src: config.json
dest: "{{ project_dir }}/config.json"
owner: "{{ host_uid }}"
group: "{{ host_uid }}"
mode: '644'
register: element_template_config_result
- name: Pull project services - name: Pull project services
community.docker.docker_compose: community.docker.docker_compose:
project_src: "{{ project_dir }}" project_src: "{{ project_dir }}"
@ -37,5 +15,4 @@
- name: Create/Restart project services - name: Create/Restart project services
community.docker.docker_compose: community.docker.docker_compose:
project_src: "{{ project_dir }}" project_src: "{{ project_dir }}"
# Restart if config file(s) changed restarted: "{{ run_setup | default(false) | bool }}"
restarted: "{{ element_template_config_result['changed'] | bool }}"

View file

@ -3,6 +3,11 @@
file: backup.yml file: backup.yml
when: run_backup | default(false) | bool when: run_backup | default(false) | bool
- name: Include setup tasks
include_tasks:
file: setup.yml
when: run_setup | default(false) | bool
- name: Include update tasks - name: Include update tasks
include_tasks: include_tasks:
file: update.yml file: update.yml

View file

@ -0,0 +1,27 @@
- name: "(Re)Create {{ project_dir }} project directory"
file:
path: "{{ project_dir }}"
state: "{{ item }}"
loop:
- absent
- directory
- name: Template docker-compose.yaml & etebase-server.ini to project directory
template:
src: "{{ item }}"
dest: "{{ project_dir }}/{{ item }}"
owner: "{{ host_uid }}"
group: "{{ host_uid }}"
mode: '644'
loop:
- docker-compose.yaml
- etebase-server.ini
- name: "Create (if not exists) directory {{ volumes['etebase_datadir'] }} & set permissions"
file:
path: "{{ volumes['etebase_datadir'] }}"
state: directory
owner: "{{ users['etebase'] + uid_shift }}"
group: "{{ users['etebase'] + uid_shift }}"
mode: '770'
become: true

View file

@ -1,33 +1,3 @@
- name: "Create {{ project_dir }} project directory"
file:
path: "{{ project_dir }}"
state: directory
- name: Template docker-compose.yaml to project directory
template:
src: docker-compose.yaml
dest: "{{ project_dir }}/docker-compose.yaml"
owner: "{{ host_uid }}"
group: "{{ host_uid }}"
mode: '640'
- name: Template etebase-server.ini to project directory
template:
src: etebase-server.ini
dest: "{{ project_dir }}/etebase-server.ini"
owner: "{{ host_uid }}"
group: "{{ host_uid }}"
mode: '644'
- name: "Create directory {{ volumes['etebase_datadir'] }} with correct permissions"
file:
path: "{{ volumes['etebase_datadir'] }}"
state: directory
owner: "{{ users['etebase'] + uid_shift }}"
group: "{{ users['etebase'] + uid_shift }}"
mode: '770'
become: true
- name: Pull project services - name: Pull project services
community.docker.docker_compose: community.docker.docker_compose:
project_src: "{{ project_dir }}" project_src: "{{ project_dir }}"
@ -46,8 +16,9 @@
include_tasks: include_tasks:
file: backup.yml file: backup.yml
# Make a backup if we didn't already make one and we pulled a new image # Make a backup if we didn't already make one and we pulled a new image
when: not run_backup and etebase_pulled_images is defined when: not run_backup | default(false) and etebase_pulled_images is defined
- name: Create/Restart project services - name: Create/Restart project services
community.docker.docker_compose: community.docker.docker_compose:
project_src: "{{ project_dir }}" project_src: "{{ project_dir }}"
restarted: "{{ run_setup | default(false) | bool }}"

View file

@ -3,6 +3,11 @@
file: backup.yml file: backup.yml
when: run_backup | default(false) | bool when: run_backup | default(false) | bool
- name: Include setup tasks
include_tasks:
file: setup.yml
when: run_setup | default(false) | bool
- name: Include update tasks - name: Include update tasks
include_tasks: include_tasks:
file: update.yml file: update.yml

View file

@ -0,0 +1,27 @@
- name: "(Re)Create {{ project_dir }} project directory"
file:
path: "{{ project_dir }}"
state: "{{ item }}"
loop:
- absent
- directory
- name: Template docker-compose.yaml & .env to project directory
template:
src: "{{ item }}"
dest: "{{ project_dir }}/{{ item }}"
owner: "{{ host_uid }}"
group: "{{ host_uid }}"
mode: '600'
loop:
- docker-compose.yaml
- .env
- name: "Create (if not exists) directory {{ volumes['hedgedoc_uploadsdir'] }} & set permissions"
file:
path: "{{ volumes['hedgedoc_uploadsdir'] }}"
state: directory
owner: "{{ users['hedgedoc'] + uid_shift }}"
group: "{{ users['hedgedoc'] + uid_shift }}"
mode: '700'
become: true

View file

@ -1,28 +1,3 @@
- name: "Create {{ project_dir }} directory"
file:
path: "{{ project_dir }}"
state: directory
- name: Template docker-compose.yaml & .env to project directory
template:
src: "{{ item }}"
dest: "{{ project_dir }}/{{ item }}"
owner: "{{ host_uid }}"
group: "{{ host_uid }}"
mode: '600'
loop:
- docker-compose.yaml
- .env
- name: "Create (if not exists) directory {{ volumes['hedgedoc_uploadsdir'] }} & set permissions"
file:
path: "{{ volumes['hedgedoc_uploadsdir'] }}"
state: directory
owner: "{{ users['hedgedoc'] + uid_shift }}"
group: "{{ users['hedgedoc'] + uid_shift }}"
mode: '700'
become: true
- name: Pull project services - name: Pull project services
community.docker.docker_compose: community.docker.docker_compose:
project_src: "{{ project_dir }}" project_src: "{{ project_dir }}"
@ -41,8 +16,9 @@
include_tasks: include_tasks:
file: backup.yml file: backup.yml
# Make a backup if we didn't already make one and we pulled a new image # Make a backup if we didn't already make one and we pulled a new image
when: not run_backup and hedgedoc_pulled_images is defined when: not run_backup | default(false) and hedgedoc_pulled_images is defined
- name: Create/Restart project services - name: Create/Restart project services
community.docker.docker_compose: community.docker.docker_compose:
project_src: "{{ project_dir }}" project_src: "{{ project_dir }}"
restarted: "{{ run_setup | default(false) | bool }}"

View file

@ -1,3 +1,8 @@
- name: Include setup tasks
include_tasks:
file: setup.yml
when: run_setup | default(false) | bool
- name: Include update tasks - name: Include update tasks
include_tasks: include_tasks:
file: update.yml file: update.yml

View file

@ -0,0 +1,15 @@
- name: "(Re)Create {{ project_dir }} project directory"
file:
path: "{{ project_dir }}"
state: "{{ item }}"
loop:
- absent
- directory
- name: Template docker-compose.yaml to project directory
template:
src: docker-compose.yaml
dest: "{{ project_dir }}/docker-compose.yaml"
owner: "{{ host_uid }}"
group: "{{ host_uid }}"
mode: '640'

View file

@ -1,16 +1,3 @@
- name: "Create {{ project_dir }} project directory"
file:
path: "{{ project_dir }}"
state: directory
- name: Template docker-compose.yaml to project directory
template:
src: docker-compose.yaml
dest: "{{ project_dir }}/docker-compose.yaml"
owner: "{{ host_uid }}"
group: "{{ host_uid }}"
mode: '640'
- name: Pull project services - name: Pull project services
community.docker.docker_compose: community.docker.docker_compose:
project_src: "{{ project_dir }}" project_src: "{{ project_dir }}"
@ -28,3 +15,4 @@
- name: Create/Restart project services - name: Create/Restart project services
community.docker.docker_compose: community.docker.docker_compose:
project_src: "{{ project_dir }}" project_src: "{{ project_dir }}"
restarted: "{{ run_setup | default(false) | bool }}"

View file

@ -1,7 +1,10 @@
- name: "Create {{ project_dir }} project directory" - name: "(Re)Create {{ project_dir }} project directory"
file: file:
path: "{{ project_dir }}" path: "{{ project_dir }}"
state: directory state: "{{ item }}"
loop:
- absent
- directory
- name: Template docker-compose.yaml & .env to project directory - name: Template docker-compose.yaml & .env to project directory
template: template:

View file

@ -16,8 +16,9 @@
include_tasks: include_tasks:
file: backup.yml file: backup.yml
# Make a backup if we didn't already make one and we pulled a new image # Make a backup if we didn't already make one and we pulled a new image
when: not run_backup and lldap_pulled_images is defined when: not run_backup | default(false) and lldap_pulled_images is defined
- name: Create/Restart project services - name: Create/Restart project services
community.docker.docker_compose: community.docker.docker_compose:
project_src: "{{ project_dir }}" project_src: "{{ project_dir }}"
restarted: "{{ run_setup | default(false) | bool }}"

View file

@ -3,6 +3,11 @@
file: backup.yml file: backup.yml
when: run_backup | default(false) | bool when: run_backup | default(false) | bool
- name: Include setup tasks
include_tasks:
file: setup.yml
when: run_setup | default(false) | bool
- name: Include update tasks - name: Include update tasks
include_tasks: include_tasks:
file: update.yml file: update.yml

View file

@ -0,0 +1,60 @@
- name: "(Re)Create {{ project_dir }} project directory"
file:
path: "{{ project_dir }}"
state: "{{ item }}"
loop:
- absent
- directory
- name: Template configuration files to project directory
template:
src: "{{ item.src }}"
dest: "{{ project_dir }}/{{ item.path }}"
owner: "{{ host_uid }}"
group: "{{ users['mailserver'] + uid_shift }}"
mode: '640'
with_filetree: ../templates/
when: item.state == 'file'
become: true
- name: "Create (if not exists) directory {{ volumes['mailserver_datadir'] }} & set permissions"
file:
path: "{{ volumes['mailserver_datadir'] }}"
state: directory
owner: "{{ users['mailserver'] + uid_shift }}"
group: "{{ users['mailserver'] + uid_shift }}"
mode: '700'
become: true
- name: Set limited permissions on certificate directories
file:
path: "/etc/{{ item }}"
state: directory
owner: root
group: root
mode: '751'
become: true
loop:
- letsencrypt
- letsencrypt/live
- letsencrypt/archive
- name: Set limited permissions on certificate directories
file:
path: "/etc/letsencrypt/{{ item }}/mail.{{ domain }}"
state: directory
owner: root
group: "{{ host_uid }}"
mode: '550'
become: true
loop:
- live
- archive
- name: Set limited permissions on certificate key file
file:
path: "/etc/letsencrypt/live/mail.{{ domain }}/privkey.pem"
owner: root
group: "{{ host_uid }}"
mode: '640'
become: true

View file

@ -1,61 +1,3 @@
- name: "Create {{ project_dir }} project directory"
file:
path: "{{ project_dir }}"
state: directory
- name: Template configuration files to project directory
template:
src: "{{ item.src }}"
dest: "{{ project_dir }}/{{ item.path }}"
owner: "{{ host_uid }}"
group: "{{ users['mailserver'] + uid_shift }}"
mode: '640'
with_filetree: ../templates/
when: item.state == 'file'
become: true
- name: "Create (if not exists) directory {{ volumes['mailserver_datadir'] }} & set permissions"
file:
path: "{{ volumes['mailserver_datadir'] }}"
state: directory
owner: "{{ users['mailserver'] + uid_shift }}"
group: "{{ users['mailserver'] + uid_shift }}"
mode: '700'
become: true
- name: Set limited permissions on certificate directories
file:
path: "/etc/{{ item }}"
state: directory
owner: root
group: root
mode: '751'
become: true
loop:
- letsencrypt
- letsencrypt/live
- letsencrypt/archive
- name: Set limited permissions on certificate directories
file:
path: "/etc/letsencrypt/{{ item }}/mail.{{ domain }}"
state: directory
owner: root
group: "{{ host_uid }}"
mode: '550'
become: true
loop:
- live
- archive
- name: Set limited permissions on certificate key file
file:
path: "/etc/letsencrypt/live/mail.{{ domain }}/privkey.pem"
owner: root
group: "{{ host_uid }}"
mode: '640'
become: true
- name: Pull project services - name: Pull project services
community.docker.docker_compose: community.docker.docker_compose:
project_src: "{{ project_dir }}" project_src: "{{ project_dir }}"
@ -74,9 +16,9 @@
include_tasks: include_tasks:
file: backup.yml file: backup.yml
# Make a backup if we didn't already make one and we pulled a new image # Make a backup if we didn't already make one and we pulled a new image
when: not run_backup and mailserver_pulled_images is defined when: not run_backup | default(false) and mailserver_pulled_images is defined
- name: Create/Restart project services - name: Create/Restart project services
community.docker.docker_compose: community.docker.docker_compose:
project_src: "{{ project_dir }}" project_src: "{{ project_dir }}"
restarted: true restarted: "{{ run_setup | default(false) | bool }}"

View file

@ -3,6 +3,11 @@
file: backup.yml file: backup.yml
when: run_backup | default(false) | bool when: run_backup | default(false) | bool
- name: Include setup tasks
include_tasks:
file: setup.yml
when: run_setup | default(false) | bool
- name: Include update tasks - name: Include update tasks
include_tasks: include_tasks:
file: update.yml file: update.yml

View file

@ -0,0 +1,33 @@
- name: "(Re)Create {{ project_dir }} project directory"
file:
path: "{{ project_dir }}"
state: "{{ item }}"
loop:
- absent
- directory
- name: "Create (if not exists) directory {{ volumes['postgres_datadir'] }} & set permissions"
file:
path: "{{ volumes['postgres_datadir'] }}"
state: directory
owner: "{{ users['postgres'] + uid_shift }}"
group: "{{ users['postgres'] + uid_shift }}"
mode: '700'
become: true
- name: "Check if directory {{ volumes['postgres_datadir'] }} is empty"
find:
paths: "{{ volumes['postgres_datadir'] }}"
register: postgres_find_datadir_result
become: true
- name: Template docker-compose.yaml & .env to project directory
template:
src: "{{ item }}"
dest: "{{ project_dir }}/{{ item }}"
owner: "{{ host_uid }}"
group: "{{ host_uid }}"
mode: '600'
loop:
- docker-compose.yaml
- .env

View file

@ -1,34 +1,3 @@
- name: "Create {{ project_dir }} directory"
file:
path: "{{ project_dir }}"
state: directory
- name: "Create (if not exists) directory {{ volumes['postgres_datadir'] }} & set permissions"
file:
path: "{{ volumes['postgres_datadir'] }}"
state: directory
owner: "{{ users['postgres'] + uid_shift }}"
group: "{{ users['postgres'] + uid_shift }}"
mode: '700'
become: true
- name: "Check if directory {{ volumes['postgres_datadir'] }} is empty"
find:
paths: "{{ volumes['postgres_datadir'] }}"
register: postgres_find_datadir_result
become: true
- name: Template docker-compose.yaml & .env to project directory
template:
src: "{{ item }}"
dest: "{{ project_dir }}/{{ item }}"
owner: "{{ host_uid }}"
group: "{{ host_uid }}"
mode: '600'
loop:
- docker-compose.yaml
- .env
- name: Pull project services - name: Pull project services
community.docker.docker_compose: community.docker.docker_compose:
project_src: "{{ project_dir }}" project_src: "{{ project_dir }}"
@ -47,8 +16,9 @@
include_tasks: include_tasks:
file: backup.yml file: backup.yml
# Make a backup if we didn't already make one and we pulled a new image # Make a backup if we didn't already make one and we pulled a new image
when: not run_backup and postgres_pulled_images is defined when: not run_backup | default(false) and postgres_pulled_images is defined
- name: Create/Restart project services - name: Create/Restart project services
community.docker.docker_compose: community.docker.docker_compose:
project_src: "{{ project_dir }}" project_src: "{{ project_dir }}"
restarted: "{{ run_setup | default(false) | bool }}"

View file

@ -1,3 +1,8 @@
- name: Include setup tasks
include_tasks:
file: setup.yml
when: run_setup | default(false) | bool
- name: Include update tasks - name: Include update tasks
include_tasks: include_tasks:
file: update.yml file: update.yml

View file

@ -0,0 +1,23 @@
- name: "(Re)Create {{ project_dir }} project directory"
file:
path: "{{ project_dir }}"
state: "{{ item }}"
loop:
- absent
- directory
- name: Template docker-compose.yaml to project directory
template:
src: docker-compose.yaml
dest: "{{ project_dir }}/docker-compose.yaml"
owner: "{{ host_uid }}"
group: "{{ host_uid }}"
mode: '640'
- name: Copy settings.yml and limiter.toml to project directory
copy:
src: "{{ role_path }}/files/"
dest: "{{ project_dir }}"
owner: "{{ host_uid }}"
group: "{{ host_uid }}"
mode: '644'

View file

@ -1,26 +1,3 @@
- name: "Create {{ project_dir }} project directory"
file:
path: "{{ project_dir }}"
state: directory
- name: Template docker-compose.yaml to project directory
template:
src: docker-compose.yaml
dest: "{{ project_dir }}/docker-compose.yaml"
owner: "{{ host_uid }}"
group: "{{ host_uid }}"
mode: '640'
- name: Copy settings.yml and limiter.toml to project directory
copy:
src: "{{ role_path }}/files/"
dest: "{{ project_dir }}"
owner: "{{ host_uid }}"
group: "{{ host_uid }}"
mode: '644'
# Store result to restart services if the file(s) changed
register: searxng_copy_files_result
- name: Pull project services - name: Pull project services
community.docker.docker_compose: community.docker.docker_compose:
project_src: "{{ project_dir }}" project_src: "{{ project_dir }}"
@ -38,5 +15,4 @@
- name: Create/Restart project services - name: Create/Restart project services
community.docker.docker_compose: community.docker.docker_compose:
project_src: "{{ project_dir }}" project_src: "{{ project_dir }}"
# Restart if config file(s) changed restarted: "{{ run_setup | default(false) | bool }}"
restarted: "{{ searxng_copy_files_result['changed'] | bool }}"

View file

@ -3,6 +3,11 @@
file: backup.yml file: backup.yml
when: run_backup | default(false) | bool when: run_backup | default(false) | bool
- name: Include setup tasks
include_tasks:
file: setup.yml
when: run_setup | default(false) | bool
- name: Include update tasks - name: Include update tasks
include_tasks: include_tasks:
file: update.yml file: update.yml

View file

@ -0,0 +1,34 @@
- name: "(Re)Create {{ project_dir }} project directory"
file:
path: "{{ project_dir }}"
state: "{{ item }}"
loop:
- absent
- directory
- name: Template docker-compose.yaml & homeserver.yaml to project directory
template:
src: "{{ item }}"
dest: "{{ project_dir }}/{{ item }}"
owner: "{{ host_uid }}"
group: "{{ host_uid }}"
mode: '640'
loop:
- docker-compose.yaml
- homeserver.yaml
# Separate task because template module cannot chown/chgrp to a non-existing user/group
- name: "Change group of homeserver.yaml to synapse GID ({{ users['synapse'] + uid_shift }})"
file:
path: "{{ project_dir }}/homeserver.yaml"
group: "{{ users['synapse'] + uid_shift }}"
become: true
- name: "Create (if not exists) directory {{ volumes['synapse_datadir'] }} & set permissions"
file:
path: "{{ volumes['synapse_datadir'] }}"
state: directory
owner: "{{ users['synapse'] + uid_shift }}"
group: "{{ users['synapse'] + uid_shift }}"
mode: '770'
become: true

View file

@ -1,41 +1,3 @@
- name: "Create {{ project_dir }} project directory"
file:
path: "{{ project_dir }}"
state: directory
- name: Template docker-compose.yaml to project directory
template:
src: docker-compose.yaml
dest: "{{ project_dir }}/docker-compose.yaml"
owner: "{{ host_uid }}"
group: "{{ host_uid }}"
mode: '640'
- name: Template homeserver.yaml to project directory
template:
src: homeserver.yaml
dest: "{{ project_dir }}/homeserver.yaml"
owner: "{{ host_uid }}"
mode: '640'
# Store result to restart services if the file changed
register: synapse_template_homeserver_result
# Separate task because template module cannot chown/chgrp to a non-existing user/group
- name: "Change group of homeserver.yaml to synapse GID ({{ users['synapse'] + uid_shift }})"
file:
path: "{{ project_dir }}/homeserver.yaml"
group: "{{ users['synapse'] + uid_shift }}"
become: true
- name: "Create directory {{ volumes['synapse_datadir'] }} with correct permissions"
file:
path: "{{ volumes['synapse_datadir'] }}"
state: directory
owner: "{{ users['synapse'] + uid_shift }}"
group: "{{ users['synapse'] + uid_shift }}"
mode: '770'
become: true
- name: Pull project services - name: Pull project services
community.docker.docker_compose: community.docker.docker_compose:
project_src: "{{ project_dir }}" project_src: "{{ project_dir }}"
@ -54,10 +16,9 @@
include_tasks: include_tasks:
file: backup.yml file: backup.yml
# Make a backup if we didn't already make one and we pulled a new image # Make a backup if we didn't already make one and we pulled a new image
when: not run_backup and synapse_pulled_images is defined when: not run_backup | default(false) and synapse_pulled_images is defined
- name: Create/Restart project services - name: Create/Restart project services
community.docker.docker_compose: community.docker.docker_compose:
project_src: "{{ project_dir }}" project_src: "{{ project_dir }}"
# Restart if config file(s) changed restarted: "{{ run_setup | default(false) | bool }}"
restarted: "{{ synapse_template_homeserver_result['changed'] | bool }}"

View file

@ -1,3 +1,8 @@
- name: Include setup tasks
include_tasks:
file: setup.yml
when: run_setup | default(false) | bool
- name: Include update tasks - name: Include update tasks
include_tasks: include_tasks:
file: update.yml file: update.yml

View file

@ -0,0 +1,15 @@
- name: "(Re)Create {{ project_dir }} project directory"
file:
path: "{{ project_dir }}"
state: "{{ item }}"
loop:
- absent
- directory
- name: Template docker-compose.yaml to project directory
template:
src: docker-compose.yaml
dest: "{{ project_dir }}/docker-compose.yaml"
owner: "{{ host_uid }}"
group: "{{ host_uid }}"
mode: '640'

View file

@ -1,16 +1,3 @@
- name: "Create {{ project_dir }} project directory"
file:
path: "{{ project_dir }}"
state: directory
- name: Template docker-compose.yaml to project directory
template:
src: docker-compose.yaml
dest: "{{ project_dir }}/docker-compose.yaml"
owner: "{{ host_uid }}"
group: "{{ host_uid }}"
mode: '640'
- name: Pull project services - name: Pull project services
community.docker.docker_compose: community.docker.docker_compose:
project_src: "{{ project_dir }}" project_src: "{{ project_dir }}"
@ -28,3 +15,4 @@
- name: Create/Restart project services - name: Create/Restart project services
community.docker.docker_compose: community.docker.docker_compose:
project_src: "{{ project_dir }}" project_src: "{{ project_dir }}"
restarted: "{{ run_setup | default(false) | bool }}"

View file

@ -3,6 +3,11 @@
file: backup.yml file: backup.yml
when: run_backup | default(false) | bool when: run_backup | default(false) | bool
- name: Include setup tasks
include_tasks:
file: setup.yml
when: run_setup | default(false) | bool
- name: Include update tasks - name: Include update tasks
include_tasks: include_tasks:
file: update.yml file: update.yml

View file

@ -0,0 +1,24 @@
- name: "(Re)Create {{ project_dir }} project directory"
file:
path: "{{ project_dir }}"
state: "{{ item }}"
loop:
- absent
- directory
- name: Template docker-compose.yaml to project directory
template:
src: docker-compose.yaml
dest: "{{ project_dir }}/docker-compose.yaml"
owner: "{{ host_uid }}"
group: "{{ host_uid }}"
mode: '640'
- name: "Create (if not exists) directory {{ volumes['uptime_kuma_datadir'] }} & set permissions"
file:
path: "{{ volumes['uptime_kuma_datadir'] }}"
state: directory
owner: "{{ users['uptime_kuma'] + uid_shift }}"
group: "{{ users['uptime_kuma'] + uid_shift }}"
mode: '770'
become: true

View file

@ -1,25 +1,3 @@
- name: "Create {{ project_dir }} project directory"
file:
path: "{{ project_dir }}"
state: directory
- name: Template docker-compose.yaml to project directory
template:
src: docker-compose.yaml
dest: "{{ project_dir }}/docker-compose.yaml"
owner: "{{ host_uid }}"
group: "{{ host_uid }}"
mode: '640'
- name: "Create directory {{ volumes['uptime_kuma_datadir'] }} with correct permissions"
file:
path: "{{ volumes['uptime_kuma_datadir'] }}"
state: directory
owner: "{{ users['uptime_kuma'] + uid_shift }}"
group: "{{ users['uptime_kuma'] + uid_shift }}"
mode: '770'
become: true
- name: Pull project services - name: Pull project services
community.docker.docker_compose: community.docker.docker_compose:
project_src: "{{ project_dir }}" project_src: "{{ project_dir }}"
@ -38,8 +16,9 @@
include_tasks: include_tasks:
file: backup.yml file: backup.yml
# Make a backup if we didn't already make one and we pulled a new image # Make a backup if we didn't already make one and we pulled a new image
when: not run_backup and uptime_kuma_pulled_images is defined when: not run_backup | default(false) and uptime_kuma_pulled_images is defined
- name: Create/Restart project services - name: Create/Restart project services
community.docker.docker_compose: community.docker.docker_compose:
project_src: "{{ project_dir }}" project_src: "{{ project_dir }}"
restarted: "{{ run_setup | default(false) | bool }}"

View file

@ -3,6 +3,11 @@
file: backup.yml file: backup.yml
when: run_backup | default(false) | bool when: run_backup | default(false) | bool
- name: Include setup tasks
include_tasks:
file: setup.yml
when: run_setup | default(false) | bool
- name: Include update tasks - name: Include update tasks
include_tasks: include_tasks:
file: update.yml file: update.yml

View file

@ -0,0 +1,27 @@
- name: "(Re)Create {{ project_dir }} project directory"
file:
path: "{{ project_dir }}"
state: "{{ item }}"
loop:
- absent
- directory
- name: Template docker-compose.yaml & .env to project directory
template:
src: "{{ item }}"
dest: "{{ project_dir }}/{{ item }}"
owner: "{{ host_uid }}"
group: "{{ host_uid }}"
mode: '640'
loop:
- docker-compose.yaml
- .env
- name: "Create (if not exists) directory {{ volumes['vaultwarden_datadir'] }} & set permissions"
file:
path: "{{ volumes['vaultwarden_datadir'] }}"
state: directory
owner: "{{ users['vaultwarden'] + uid_shift }}"
group: "{{ users['vaultwarden'] + uid_shift }}"
mode: '770'
become: true

View file

@ -1,28 +1,3 @@
- name: "Create {{ project_dir }} project directory"
file:
path: "{{ project_dir }}"
state: directory
- name: Template docker-compose.yaml & .env to project directory
template:
src: "{{ item }}"
dest: "{{ project_dir }}/{{ item }}"
owner: "{{ host_uid }}"
group: "{{ host_uid }}"
mode: '640'
loop:
- docker-compose.yaml
- .env
- name: "Create directory {{ volumes['vaultwarden_datadir'] }} with correct permissions"
file:
path: "{{ volumes['vaultwarden_datadir'] }}"
state: directory
owner: "{{ users['vaultwarden'] + uid_shift }}"
group: "{{ users['vaultwarden'] + uid_shift }}"
mode: '770'
become: true
- name: Pull project services - name: Pull project services
community.docker.docker_compose: community.docker.docker_compose:
project_src: "{{ project_dir }}" project_src: "{{ project_dir }}"
@ -41,8 +16,9 @@
include_tasks: include_tasks:
file: backup.yml file: backup.yml
# Make a backup if we didn't already make one and we pulled a new image # Make a backup if we didn't already make one and we pulled a new image
when: not run_backup and vaultwarden_pulled_images is defined when: not run_backup | default(false) and vaultwarden_pulled_images is defined
- name: Create/Restart project services - name: Create/Restart project services
community.docker.docker_compose: community.docker.docker_compose:
project_src: "{{ project_dir }}" project_src: "{{ project_dir }}"
restarted: "{{ run_setup | default(false) | bool }}"

View file

@ -1,2 +1,9 @@
ADMIN_TOKEN='{{ vaultwarden_secrets["admin_token_hash"] }}' ADMIN_TOKEN='{{ vaultwarden_secrets["admin_token_hash"] }}'
DOMAIN=https://vw.{{ domain }}
SIGNUPS_ALLOWED=false
SMTP_HOST=mail.{{ domain }}
SMTP_FROM=vaultwarden@{{ domain }}
SMTP_PORT={{ ports['mailserver_smtps'] }}
SMTP_SECURITY=force_tls
SMTP_USERNAME='{{ vaultwarden_secrets["smtp_username"] }}'
SMTP_PASSWORD='{{ vaultwarden_secrets["smtp_password"] }}' SMTP_PASSWORD='{{ vaultwarden_secrets["smtp_password"] }}'

View file

@ -4,16 +4,7 @@ services:
container_name: vaultwarden container_name: vaultwarden
restart: always restart: always
user: {{ users['vaultwarden'] }}:{{ users['vaultwarden'] }} user: {{ users['vaultwarden'] }}:{{ users['vaultwarden'] }}
environment: env_file: .env
- DOMAIN=https://vw.{{ domain }}
- SIGNUPS_ALLOWED=false
- ADMIN_TOKEN=${ADMIN_TOKEN}
- SMTP_HOST=mail.{{ domain }}
- SMTP_FROM=vaultwarden@{{ domain }}
- SMTP_PORT={{ ports['mailserver_smtps'] }}
- SMTP_SECURITY=force_tls
- SMTP_USERNAME={{ vaultwarden_secrets['smtp_username'] }}
- SMTP_PASSWORD=${SMTP_PASSWORD}
ports: ports:
- 127.0.0.1:{{ ports['vaultwarden'] }}:80 - 127.0.0.1:{{ ports['vaultwarden'] }}:80
volumes: volumes: