Viyurz/vps
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Split setup & updates tasks to allow running only update ones.

Browse source
This commit is contained in:
Viyurz 2024-04-20 12:17:10 +02:00
parent 87fcad3add
commit e3abbbb8fe
Signed by: Viyurz
SSH key fingerprint: SHA256:IskOHTmhHSJIvAt04N6aaxd5SZCVWW1Guf9tEcxIMj8
45 changed files with 492 additions and 399 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
playbooks/backup-services.yml
View file

@ -8,7 +8,6 @@
hosts: localhost
vars:
run_backup: true
run_update: false
vars_prompt:
- name: selected_projects
prompt: "Choose projects to backup (leave empty to backup all. Projects list: {{ hostvars['localhost']['projects_to_backup'] }})"

30
playbooks/setup-services.yml Normal file
View file

@ -0,0 +1,30 @@
- name: Include variables files
hosts: localhost
roles:
- include-vars
- name: Setup & update project(s)
hosts: localhost
vars:
run_setup: true
run_update: true
vars_prompt:
- name: selected_projects
prompt: "Choose projects to setup & update (Keep empty to select all. Projects list: {{ hostvars['localhost']['projects'] }})"
private: false
unsafe: true
- name: docker_pull_images
prompt: "Pull project(s) images?"
default: false
private: false
tasks:
- name: Setup & update project(s)
include_role:
name: "{{ project }}"
loop: "{{ (selected_projects | split) | default(projects, true) }}"
loop_control:
# Do not use default variable name 'item' to prevent collisions with loops in roles.
loop_var: project
when: project in projects

2
playbooks/update-services.yml
View file

@ -6,8 +6,6 @@
- name: Update project(s)
hosts: localhost
vars:
run_backup: false
run_setup: true
run_update: true
vars_prompt:
- name: selected_projects

8
roles/authelia/tasks/setup.yml
View file

@ -1,7 +1,10 @@
- name: "Create {{ project_dir }} project directory"
- name: "(Re)Create {{ project_dir }} project directory"
file:
path: "{{ project_dir }}"
state: directory
state: "{{ item }}"
loop:
- absent
- directory
- name: Template docker-compose.yaml & configuration.yml to project directory
template:
@ -13,7 +16,6 @@
loop:
- docker-compose.yaml
- configuration.yml
register: authelia_template_configuration_result
# Separate task because template module cannot chown/chgrp to a non-existing user/group
- name: "Change group of homeserver.yaml to Authelia GID ({{ users['authelia'] + uid_shift }})"

4
roles/authelia/tasks/update.yml
View file

@ -16,9 +16,9 @@
include_tasks:
file: backup.yml
# Make a backup if we didn't already make one and we pulled a new image
when: not run_backup and authelia_pulled_images is defined
when: not run_backup | default(false) and authelia_pulled_images is defined
- name: Create/Restart project services
community.docker.docker_compose:
project_src: "{{ project_dir }}"
restarted: "{{ authelia_template_configuration_result['changed'] | default(false) | bool }}"
restarted: "{{ run_setup | default(false) | bool }}"

5
roles/coturn/tasks/main.yml
View file

@ -1,3 +1,8 @@
- name: Include setup tasks
include_tasks:
file: setup.yml
when: run_setup | default(false) | bool
- name: Include update tasks
include_tasks:
file: update.yml

58
roles/coturn/tasks/setup.yml Normal file
View file

@ -0,0 +1,58 @@
- name: "(Re)Create {{ project_dir }} project directory"
file:
path: "{{ project_dir }}"
state: "{{ item }}"
loop:
- absent
- directory
- name: Template docker-compose.yaml & turnserver.conf to project directory
template:
src: "{{ item }}"
dest: "{{ project_dir }}/{{ item }}"
owner: "{{ host_uid }}"
group: "{{ host_uid }}"
mode: '640'
loop:
- docker-compose.yaml
- turnserver.conf
# Separate task because template module cannot chown/chgrp to a non-existing user/group
- name: "Change group of turnserver.conf to coturn GID ({{ users['coturn'] + uid_shift }})"
file:
path: "{{ project_dir }}/turnserver.conf"
group: "{{ users['coturn'] + uid_shift }}"
become: true
- name: Set limited permissions on certificate directories
file:
path: "/etc/{{ item }}"
state: directory
owner: root
group: root
mode: '751'
become: true
loop:
- letsencrypt
- letsencrypt/live
- letsencrypt/archive
- name: Set limited permissions on certificate directories
file:
path: "/etc/letsencrypt/{{ item }}/turn.{{ domain }}"
state: directory
owner: "{{ host_uid }}"
group: "{{ users['coturn'] + uid_shift }}"
mode: '550'
become: true
loop:
- live
- archive
- name: Set limited permissions on certificate key file
file:
path: "/etc/letsencrypt/live/turn.{{ domain }}/privkey.pem"
owner: root
group: "{{ users['coturn'] + uid_shift }}"
mode: '640'
become: true

65
roles/coturn/tasks/update.yml
View file

@ -1,65 +1,3 @@
- name: "Create {{ project_dir }} project directory"
file:
path: "{{ project_dir }}"
state: directory
- name: Template docker-compose.yaml to project directory
template:
src: docker-compose.yaml
dest: "{{ project_dir }}/docker-compose.yaml"
owner: "{{ host_uid }}"
group: "{{ host_uid }}"
mode: '640'
- name: Template turnserver.conf to project directory
template:
src: turnserver.conf
dest: "{{ project_dir }}/turnserver.conf"
owner: "{{ host_uid }}"
mode: '640'
# Store result to restart services if the file changed
register: coturn_template_turnserver_result
# Separate task because template module cannot chown/chgrp to a non-existing user/group
- name: "Change group of turnserver.conf to coturn GID ({{ users['coturn'] + uid_shift }})"
file:
path: "{{ project_dir }}/turnserver.conf"
group: "{{ users['coturn'] + uid_shift }}"
become: true
- name: Set limited permissions on certificate directories
file:
path: "/etc/{{ item }}"
state: directory
owner: root
group: root
mode: '751'
become: true
loop:
- letsencrypt
- letsencrypt/live
- letsencrypt/archive
- name: Set limited permissions on certificate directories
file:
path: "/etc/letsencrypt/{{ item }}/turn.{{ domain }}"
state: directory
owner: "{{ host_uid }}"
group: "{{ users['coturn'] + uid_shift }}"
mode: '550'
become: true
loop:
- live
- archive
- name: Set limited permissions on certificate key file
file:
path: "/etc/letsencrypt/live/turn.{{ domain }}/privkey.pem"
owner: root
group: "{{ users['coturn'] + uid_shift }}"
mode: '640'
become: true
- name: Pull project services
community.docker.docker_compose:
project_src: "{{ project_dir }}"
@ -77,5 +15,4 @@
- name: Create/Restart project services
community.docker.docker_compose:
project_src: "{{ project_dir }}"
# Restart if config file(s) changed
restarted: "{{ coturn_template_turnserver_result['changed'] | bool }}"
restarted: "{{ run_setup | default(false) | bool }}"

5
roles/element/tasks/main.yml
View file

@ -1,3 +1,8 @@
- name: Include setup tasks
include_tasks:
file: setup.yml
when: run_setup | default(false) | bool
- name: Include update tasks
include_tasks:
file: update.yml

18
roles/element/tasks/setup.yml Normal file
View file

@ -0,0 +1,18 @@
- name: "(Re)Create {{ project_dir }} project directory"
file:
path: "{{ project_dir }}"
state: "{{ item }}"
loop:
- absent
- directory
- name: Template docker-compose.yaml & config.json to project directory
template:
src: "{{ item }}"
dest: "{{ project_dir }}/{{ item }}"
owner: "{{ host_uid }}"
group: "{{ host_uid }}"
mode: '644'
loop:
- docker-compose.yaml
- config.json

25
roles/element/tasks/update.yml
View file

@ -1,25 +1,3 @@
- name: "Create {{ project_dir }} project directory"
file:
path: "{{ project_dir }}"
state: directory
- name: Template docker-compose.yaml to project directory
template:
src: docker-compose.yaml
dest: "{{ project_dir }}/docker-compose.yaml"
owner: "{{ host_uid }}"
group: "{{ host_uid }}"
mode: '640'
- name: Template config.json to project directory
template:
src: config.json
dest: "{{ project_dir }}/config.json"
owner: "{{ host_uid }}"
group: "{{ host_uid }}"
mode: '644'
register: element_template_config_result
- name: Pull project services
community.docker.docker_compose:
project_src: "{{ project_dir }}"
@ -37,5 +15,4 @@
- name: Create/Restart project services
community.docker.docker_compose:
project_src: "{{ project_dir }}"
# Restart if config file(s) changed
restarted: "{{ element_template_config_result['changed'] | bool }}"
restarted: "{{ run_setup | default(false) | bool }}"

5
roles/etebase/tasks/main.yml
View file

@ -3,6 +3,11 @@
file: backup.yml
when: run_backup | default(false) | bool
- name: Include setup tasks
include_tasks:
file: setup.yml
when: run_setup | default(false) | bool
- name: Include update tasks
include_tasks:
file: update.yml

27
roles/etebase/tasks/setup.yml Normal file
View file

@ -0,0 +1,27 @@
- name: "(Re)Create {{ project_dir }} project directory"
file:
path: "{{ project_dir }}"
state: "{{ item }}"
loop:
- absent
- directory
- name: Template docker-compose.yaml & etebase-server.ini to project directory
template:
src: "{{ item }}"
dest: "{{ project_dir }}/{{ item }}"
owner: "{{ host_uid }}"
group: "{{ host_uid }}"
mode: '644'
loop:
- docker-compose.yaml
- etebase-server.ini
- name: "Create (if not exists) directory {{ volumes['etebase_datadir'] }} & set permissions"
file:
path: "{{ volumes['etebase_datadir'] }}"
state: directory
owner: "{{ users['etebase'] + uid_shift }}"
group: "{{ users['etebase'] + uid_shift }}"
mode: '770'
become: true

33
roles/etebase/tasks/update.yml
View file

@ -1,33 +1,3 @@
- name: "Create {{ project_dir }} project directory"
file:
path: "{{ project_dir }}"
state: directory
- name: Template docker-compose.yaml to project directory
template:
src: docker-compose.yaml
dest: "{{ project_dir }}/docker-compose.yaml"
owner: "{{ host_uid }}"
group: "{{ host_uid }}"
mode: '640'
- name: Template etebase-server.ini to project directory
template:
src: etebase-server.ini
dest: "{{ project_dir }}/etebase-server.ini"
owner: "{{ host_uid }}"
group: "{{ host_uid }}"
mode: '644'
- name: "Create directory {{ volumes['etebase_datadir'] }} with correct permissions"
file:
path: "{{ volumes['etebase_datadir'] }}"
state: directory
owner: "{{ users['etebase'] + uid_shift }}"
group: "{{ users['etebase'] + uid_shift }}"
mode: '770'
become: true
- name: Pull project services
community.docker.docker_compose:
project_src: "{{ project_dir }}"
@ -46,8 +16,9 @@
include_tasks:
file: backup.yml
# Make a backup if we didn't already make one and we pulled a new image
when: not run_backup and etebase_pulled_images is defined
when: not run_backup | default(false) and etebase_pulled_images is defined
- name: Create/Restart project services
community.docker.docker_compose:
project_src: "{{ project_dir }}"
restarted: "{{ run_setup | default(false) | bool }}"

5
roles/hedgedoc/tasks/main.yml
View file

@ -3,6 +3,11 @@
file: backup.yml
when: run_backup | default(false) | bool
- name: Include setup tasks
include_tasks:
file: setup.yml
when: run_setup | default(false) | bool
- name: Include update tasks
include_tasks:
file: update.yml

27
roles/hedgedoc/tasks/setup.yml Normal file
View file

@ -0,0 +1,27 @@
- name: "(Re)Create {{ project_dir }} project directory"
file:
path: "{{ project_dir }}"
state: "{{ item }}"
loop:
- absent
- directory
- name: Template docker-compose.yaml & .env to project directory
template:
src: "{{ item }}"
dest: "{{ project_dir }}/{{ item }}"
owner: "{{ host_uid }}"
group: "{{ host_uid }}"
mode: '600'
loop:
- docker-compose.yaml
- .env
- name: "Create (if not exists) directory {{ volumes['hedgedoc_uploadsdir'] }} & set permissions"
file:
path: "{{ volumes['hedgedoc_uploadsdir'] }}"
state: directory
owner: "{{ users['hedgedoc'] + uid_shift }}"
group: "{{ users['hedgedoc'] + uid_shift }}"
mode: '700'
become: true

28
roles/hedgedoc/tasks/update.yml
View file

@ -1,28 +1,3 @@
- name: "Create {{ project_dir }} directory"
file:
path: "{{ project_dir }}"
state: directory
- name: Template docker-compose.yaml & .env to project directory
template:
src: "{{ item }}"
dest: "{{ project_dir }}/{{ item }}"
owner: "{{ host_uid }}"
group: "{{ host_uid }}"
mode: '600'
loop:
- docker-compose.yaml
- .env
- name: "Create (if not exists) directory {{ volumes['hedgedoc_uploadsdir'] }} & set permissions"
file:
path: "{{ volumes['hedgedoc_uploadsdir'] }}"
state: directory
owner: "{{ users['hedgedoc'] + uid_shift }}"
group: "{{ users['hedgedoc'] + uid_shift }}"
mode: '700'
become: true
- name: Pull project services
community.docker.docker_compose:
project_src: "{{ project_dir }}"
@ -41,8 +16,9 @@
include_tasks:
file: backup.yml
# Make a backup if we didn't already make one and we pulled a new image
when: not run_backup and hedgedoc_pulled_images is defined
when: not run_backup | default(false) and hedgedoc_pulled_images is defined
- name: Create/Restart project services
community.docker.docker_compose:
project_src: "{{ project_dir }}"
restarted: "{{ run_setup | default(false) | bool }}"

5
roles/homepage/tasks/main.yml
View file

@ -1,3 +1,8 @@
- name: Include setup tasks
include_tasks:
file: setup.yml
when: run_setup | default(false) | bool
- name: Include update tasks
include_tasks:
file: update.yml

15
roles/homepage/tasks/setup.yml Normal file
View file

@ -0,0 +1,15 @@
- name: "(Re)Create {{ project_dir }} project directory"
file:
path: "{{ project_dir }}"
state: "{{ item }}"
loop:
- absent
- directory
- name: Template docker-compose.yaml to project directory
template:
src: docker-compose.yaml
dest: "{{ project_dir }}/docker-compose.yaml"
owner: "{{ host_uid }}"
group: "{{ host_uid }}"
mode: '640'

14
roles/homepage/tasks/update.yml
View file

@ -1,16 +1,3 @@
- name: "Create {{ project_dir }} project directory"
file:
path: "{{ project_dir }}"
state: directory
- name: Template docker-compose.yaml to project directory
template:
src: docker-compose.yaml
dest: "{{ project_dir }}/docker-compose.yaml"
owner: "{{ host_uid }}"
group: "{{ host_uid }}"
mode: '640'
- name: Pull project services
community.docker.docker_compose:
project_src: "{{ project_dir }}"
@ -28,3 +15,4 @@
- name: Create/Restart project services
community.docker.docker_compose:
project_src: "{{ project_dir }}"
restarted: "{{ run_setup | default(false) | bool }}"

7
roles/lldap/tasks/setup.yml
View file

@ -1,7 +1,10 @@
- name: "Create {{ project_dir }} project directory"
- name: "(Re)Create {{ project_dir }} project directory"
file:
path: "{{ project_dir }}"
state: directory
state: "{{ item }}"
loop:
- absent
- directory
- name: Template docker-compose.yaml & .env to project directory
template:

3
roles/lldap/tasks/update.yml
View file

@ -16,8 +16,9 @@
include_tasks:
file: backup.yml
# Make a backup if we didn't already make one and we pulled a new image
when: not run_backup and lldap_pulled_images is defined
when: not run_backup | default(false) and lldap_pulled_images is defined
- name: Create/Restart project services
community.docker.docker_compose:
project_src: "{{ project_dir }}"
restarted: "{{ run_setup | default(false) | bool }}"

5
roles/mailserver/tasks/main.yml
View file

@ -3,6 +3,11 @@
file: backup.yml
when: run_backup | default(false) | bool
- name: Include setup tasks
include_tasks:
file: setup.yml
when: run_setup | default(false) | bool
- name: Include update tasks
include_tasks:
file: update.yml

60
roles/mailserver/tasks/setup.yml Normal file
View file

@ -0,0 +1,60 @@
- name: "(Re)Create {{ project_dir }} project directory"
file:
path: "{{ project_dir }}"
state: "{{ item }}"
loop:
- absent
- directory
- name: Template configuration files to project directory
template:
src: "{{ item.src }}"
dest: "{{ project_dir }}/{{ item.path }}"
owner: "{{ host_uid }}"
group: "{{ users['mailserver'] + uid_shift }}"
mode: '640'
with_filetree: ../templates/
when: item.state == 'file'
become: true
- name: "Create (if not exists) directory {{ volumes['mailserver_datadir'] }} & set permissions"
file:
path: "{{ volumes['mailserver_datadir'] }}"
state: directory
owner: "{{ users['mailserver'] + uid_shift }}"
group: "{{ users['mailserver'] + uid_shift }}"
mode: '700'
become: true
- name: Set limited permissions on certificate directories
file:
path: "/etc/{{ item }}"
state: directory
owner: root
group: root
mode: '751'
become: true
loop:
- letsencrypt
- letsencrypt/live
- letsencrypt/archive
- name: Set limited permissions on certificate directories
file:
path: "/etc/letsencrypt/{{ item }}/mail.{{ domain }}"
state: directory
owner: root
group: "{{ host_uid }}"
mode: '550'
become: true
loop:
- live
- archive
- name: Set limited permissions on certificate key file
file:
path: "/etc/letsencrypt/live/mail.{{ domain }}/privkey.pem"
owner: root
group: "{{ host_uid }}"
mode: '640'
become: true

62
roles/mailserver/tasks/update.yml
View file

@ -1,61 +1,3 @@
- name: "Create {{ project_dir }} project directory"
file:
path: "{{ project_dir }}"
state: directory
- name: Template configuration files to project directory
template:
src: "{{ item.src }}"
dest: "{{ project_dir }}/{{ item.path }}"
owner: "{{ host_uid }}"
group: "{{ users['mailserver'] + uid_shift }}"
mode: '640'
with_filetree: ../templates/
when: item.state == 'file'
become: true
- name: "Create (if not exists) directory {{ volumes['mailserver_datadir'] }} & set permissions"
file:
path: "{{ volumes['mailserver_datadir'] }}"
state: directory
owner: "{{ users['mailserver'] + uid_shift }}"
group: "{{ users['mailserver'] + uid_shift }}"
mode: '700'
become: true
- name: Set limited permissions on certificate directories
file:
path: "/etc/{{ item }}"
state: directory
owner: root
group: root
mode: '751'
become: true
loop:
- letsencrypt
- letsencrypt/live
- letsencrypt/archive
- name: Set limited permissions on certificate directories
file:
path: "/etc/letsencrypt/{{ item }}/mail.{{ domain }}"
state: directory
owner: root
group: "{{ host_uid }}"
mode: '550'
become: true
loop:
- live
- archive
- name: Set limited permissions on certificate key file
file:
path: "/etc/letsencrypt/live/mail.{{ domain }}/privkey.pem"
owner: root
group: "{{ host_uid }}"
mode: '640'
become: true
- name: Pull project services
community.docker.docker_compose:
project_src: "{{ project_dir }}"
@ -74,9 +16,9 @@
include_tasks:
file: backup.yml
# Make a backup if we didn't already make one and we pulled a new image
when: not run_backup and mailserver_pulled_images is defined
when: not run_backup | default(false) and mailserver_pulled_images is defined
- name: Create/Restart project services
community.docker.docker_compose:
project_src: "{{ project_dir }}"
restarted: true
restarted: "{{ run_setup | default(false) | bool }}"

5
roles/postgres/tasks/main.yml
View file

@ -3,6 +3,11 @@
file: backup.yml
when: run_backup | default(false) | bool
- name: Include setup tasks
include_tasks:
file: setup.yml
when: run_setup | default(false) | bool
- name: Include update tasks
include_tasks:
file: update.yml

33
roles/postgres/tasks/setup.yml Normal file
View file

@ -0,0 +1,33 @@
- name: "(Re)Create {{ project_dir }} project directory"
file:
path: "{{ project_dir }}"
state: "{{ item }}"
loop:
- absent
- directory
- name: "Create (if not exists) directory {{ volumes['postgres_datadir'] }} & set permissions"
file:
path: "{{ volumes['postgres_datadir'] }}"
state: directory
owner: "{{ users['postgres'] + uid_shift }}"
group: "{{ users['postgres'] + uid_shift }}"
mode: '700'
become: true
- name: "Check if directory {{ volumes['postgres_datadir'] }} is empty"
find:
paths: "{{ volumes['postgres_datadir'] }}"
register: postgres_find_datadir_result
become: true
- name: Template docker-compose.yaml & .env to project directory
template:
src: "{{ item }}"
dest: "{{ project_dir }}/{{ item }}"
owner: "{{ host_uid }}"
group: "{{ host_uid }}"
mode: '600'
loop:
- docker-compose.yaml
- .env

34
roles/postgres/tasks/update.yml
View file

@ -1,34 +1,3 @@
- name: "Create {{ project_dir }} directory"
file:
path: "{{ project_dir }}"
state: directory
- name: "Create (if not exists) directory {{ volumes['postgres_datadir'] }} & set permissions"
file:
path: "{{ volumes['postgres_datadir'] }}"
state: directory
owner: "{{ users['postgres'] + uid_shift }}"
group: "{{ users['postgres'] + uid_shift }}"
mode: '700'
become: true
- name: "Check if directory {{ volumes['postgres_datadir'] }} is empty"
find:
paths: "{{ volumes['postgres_datadir'] }}"
register: postgres_find_datadir_result
become: true
- name: Template docker-compose.yaml & .env to project directory
template:
src: "{{ item }}"
dest: "{{ project_dir }}/{{ item }}"
owner: "{{ host_uid }}"
group: "{{ host_uid }}"
mode: '600'
loop:
- docker-compose.yaml
- .env
- name: Pull project services
community.docker.docker_compose:
project_src: "{{ project_dir }}"
@ -47,8 +16,9 @@
include_tasks:
file: backup.yml
# Make a backup if we didn't already make one and we pulled a new image
when: not run_backup and postgres_pulled_images is defined
when: not run_backup | default(false) and postgres_pulled_images is defined
- name: Create/Restart project services
community.docker.docker_compose:
project_src: "{{ project_dir }}"
restarted: "{{ run_setup | default(false) | bool }}"

5
roles/searxng/tasks/main.yml
View file

@ -1,3 +1,8 @@
- name: Include setup tasks
include_tasks:
file: setup.yml
when: run_setup | default(false) | bool
- name: Include update tasks
include_tasks:
file: update.yml

23
roles/searxng/tasks/setup.yml Normal file
View file

@ -0,0 +1,23 @@
- name: "(Re)Create {{ project_dir }} project directory"
file:
path: "{{ project_dir }}"
state: "{{ item }}"
loop:
- absent
- directory
- name: Template docker-compose.yaml to project directory
template:
src: docker-compose.yaml
dest: "{{ project_dir }}/docker-compose.yaml"
owner: "{{ host_uid }}"
group: "{{ host_uid }}"
mode: '640'
- name: Copy settings.yml and limiter.toml to project directory
copy:
src: "{{ role_path }}/files/"
dest: "{{ project_dir }}"
owner: "{{ host_uid }}"
group: "{{ host_uid }}"
mode: '644'

26
roles/searxng/tasks/update.yml
View file

@ -1,26 +1,3 @@
- name: "Create {{ project_dir }} project directory"
file:
path: "{{ project_dir }}"
state: directory
- name: Template docker-compose.yaml to project directory
template:
src: docker-compose.yaml
dest: "{{ project_dir }}/docker-compose.yaml"
owner: "{{ host_uid }}"
group: "{{ host_uid }}"
mode: '640'
- name: Copy settings.yml and limiter.toml to project directory
copy:
src: "{{ role_path }}/files/"
dest: "{{ project_dir }}"
owner: "{{ host_uid }}"
group: "{{ host_uid }}"
mode: '644'
# Store result to restart services if the file(s) changed
register: searxng_copy_files_result
- name: Pull project services
community.docker.docker_compose:
project_src: "{{ project_dir }}"
@ -38,5 +15,4 @@
- name: Create/Restart project services
community.docker.docker_compose:
project_src: "{{ project_dir }}"
# Restart if config file(s) changed
restarted: "{{ searxng_copy_files_result['changed'] | bool }}"
restarted: "{{ run_setup | default(false) | bool }}"

5
roles/synapse/tasks/main.yml
View file

@ -3,6 +3,11 @@
file: backup.yml
when: run_backup | default(false) | bool
- name: Include setup tasks
include_tasks:
file: setup.yml
when: run_setup | default(false) | bool
- name: Include update tasks
include_tasks:
file: update.yml

34
roles/synapse/tasks/setup.yml Normal file
View file

@ -0,0 +1,34 @@
- name: "(Re)Create {{ project_dir }} project directory"
file:
path: "{{ project_dir }}"
state: "{{ item }}"
loop:
- absent
- directory
- name: Template docker-compose.yaml & homeserver.yaml to project directory
template:
src: "{{ item }}"
dest: "{{ project_dir }}/{{ item }}"
owner: "{{ host_uid }}"
group: "{{ host_uid }}"
mode: '640'
loop:
- docker-compose.yaml
- homeserver.yaml
# Separate task because template module cannot chown/chgrp to a non-existing user/group
- name: "Change group of homeserver.yaml to synapse GID ({{ users['synapse'] + uid_shift }})"
file:
path: "{{ project_dir }}/homeserver.yaml"
group: "{{ users['synapse'] + uid_shift }}"
become: true
- name: "Create (if not exists) directory {{ volumes['synapse_datadir'] }} & set permissions"
file:
path: "{{ volumes['synapse_datadir'] }}"
state: directory
owner: "{{ users['synapse'] + uid_shift }}"
group: "{{ users['synapse'] + uid_shift }}"
mode: '770'
become: true

43
roles/synapse/tasks/update.yml
View file

@ -1,41 +1,3 @@
- name: "Create {{ project_dir }} project directory"
file:
path: "{{ project_dir }}"
state: directory
- name: Template docker-compose.yaml to project directory
template:
src: docker-compose.yaml
dest: "{{ project_dir }}/docker-compose.yaml"
owner: "{{ host_uid }}"
group: "{{ host_uid }}"
mode: '640'
- name: Template homeserver.yaml to project directory
template:
src: homeserver.yaml
dest: "{{ project_dir }}/homeserver.yaml"
owner: "{{ host_uid }}"
mode: '640'
# Store result to restart services if the file changed
register: synapse_template_homeserver_result
# Separate task because template module cannot chown/chgrp to a non-existing user/group
- name: "Change group of homeserver.yaml to synapse GID ({{ users['synapse'] + uid_shift }})"
file:
path: "{{ project_dir }}/homeserver.yaml"
group: "{{ users['synapse'] + uid_shift }}"
become: true
- name: "Create directory {{ volumes['synapse_datadir'] }} with correct permissions"
file:
path: "{{ volumes['synapse_datadir'] }}"
state: directory
owner: "{{ users['synapse'] + uid_shift }}"
group: "{{ users['synapse'] + uid_shift }}"
mode: '770'
become: true
- name: Pull project services
community.docker.docker_compose:
project_src: "{{ project_dir }}"
@ -54,10 +16,9 @@
include_tasks:
file: backup.yml
# Make a backup if we didn't already make one and we pulled a new image
when: not run_backup and synapse_pulled_images is defined
when: not run_backup | default(false) and synapse_pulled_images is defined
- name: Create/Restart project services
community.docker.docker_compose:
project_src: "{{ project_dir }}"
# Restart if config file(s) changed
restarted: "{{ synapse_template_homeserver_result['changed'] | bool }}"
restarted: "{{ run_setup | default(false) | bool }}"

5
roles/syncthing/tasks/main.yml
View file

@ -1,3 +1,8 @@
- name: Include setup tasks
include_tasks:
file: setup.yml
when: run_setup | default(false) | bool
- name: Include update tasks
include_tasks:
file: update.yml

15
roles/syncthing/tasks/setup.yml Normal file
View file

@ -0,0 +1,15 @@
- name: "(Re)Create {{ project_dir }} project directory"
file:
path: "{{ project_dir }}"
state: "{{ item }}"
loop:
- absent
- directory
- name: Template docker-compose.yaml to project directory
template:
src: docker-compose.yaml
dest: "{{ project_dir }}/docker-compose.yaml"
owner: "{{ host_uid }}"
group: "{{ host_uid }}"
mode: '640'

14
roles/syncthing/tasks/update.yml
View file

@ -1,16 +1,3 @@
- name: "Create {{ project_dir }} project directory"
file:
path: "{{ project_dir }}"
state: directory
- name: Template docker-compose.yaml to project directory
template:
src: docker-compose.yaml
dest: "{{ project_dir }}/docker-compose.yaml"
owner: "{{ host_uid }}"
group: "{{ host_uid }}"
mode: '640'
- name: Pull project services
community.docker.docker_compose:
project_src: "{{ project_dir }}"
@ -28,3 +15,4 @@
- name: Create/Restart project services
community.docker.docker_compose:
project_src: "{{ project_dir }}"
restarted: "{{ run_setup | default(false) | bool }}"

5
roles/uptime-kuma/tasks/main.yml
View file

@ -3,6 +3,11 @@
file: backup.yml
when: run_backup | default(false) | bool
- name: Include setup tasks
include_tasks:
file: setup.yml
when: run_setup | default(false) | bool
- name: Include update tasks
include_tasks:
file: update.yml

24
roles/uptime-kuma/tasks/setup.yml Normal file
View file

@ -0,0 +1,24 @@
- name: "(Re)Create {{ project_dir }} project directory"
file:
path: "{{ project_dir }}"
state: "{{ item }}"
loop:
- absent
- directory
- name: Template docker-compose.yaml to project directory
template:
src: docker-compose.yaml
dest: "{{ project_dir }}/docker-compose.yaml"
owner: "{{ host_uid }}"
group: "{{ host_uid }}"
mode: '640'
- name: "Create (if not exists) directory {{ volumes['uptime_kuma_datadir'] }} & set permissions"
file:
path: "{{ volumes['uptime_kuma_datadir'] }}"
state: directory
owner: "{{ users['uptime_kuma'] + uid_shift }}"
group: "{{ users['uptime_kuma'] + uid_shift }}"
mode: '770'
become: true

25
roles/uptime-kuma/tasks/update.yml
View file

@ -1,25 +1,3 @@
- name: "Create {{ project_dir }} project directory"
file:
path: "{{ project_dir }}"
state: directory
- name: Template docker-compose.yaml to project directory
template:
src: docker-compose.yaml
dest: "{{ project_dir }}/docker-compose.yaml"
owner: "{{ host_uid }}"
group: "{{ host_uid }}"
mode: '640'
- name: "Create directory {{ volumes['uptime_kuma_datadir'] }} with correct permissions"
file:
path: "{{ volumes['uptime_kuma_datadir'] }}"
state: directory
owner: "{{ users['uptime_kuma'] + uid_shift }}"
group: "{{ users['uptime_kuma'] + uid_shift }}"
mode: '770'
become: true
- name: Pull project services
community.docker.docker_compose:
project_src: "{{ project_dir }}"
@ -38,8 +16,9 @@
include_tasks:
file: backup.yml
# Make a backup if we didn't already make one and we pulled a new image
when: not run_backup and uptime_kuma_pulled_images is defined
when: not run_backup | default(false) and uptime_kuma_pulled_images is defined
- name: Create/Restart project services
community.docker.docker_compose:
project_src: "{{ project_dir }}"
restarted: "{{ run_setup | default(false) | bool }}"

5
roles/vaultwarden/tasks/main.yml
View file

@ -3,6 +3,11 @@
file: backup.yml
when: run_backup | default(false) | bool
- name: Include setup tasks
include_tasks:
file: setup.yml
when: run_setup | default(false) | bool
- name: Include update tasks
include_tasks:
file: update.yml

27
roles/vaultwarden/tasks/setup.yml Normal file
View file

@ -0,0 +1,27 @@
- name: "(Re)Create {{ project_dir }} project directory"
file:
path: "{{ project_dir }}"
state: "{{ item }}"
loop:
- absent
- directory
- name: Template docker-compose.yaml & .env to project directory
template:
src: "{{ item }}"
dest: "{{ project_dir }}/{{ item }}"
owner: "{{ host_uid }}"
group: "{{ host_uid }}"
mode: '640'
loop:
- docker-compose.yaml
- .env
- name: "Create (if not exists) directory {{ volumes['vaultwarden_datadir'] }} & set permissions"
file:
path: "{{ volumes['vaultwarden_datadir'] }}"
state: directory
owner: "{{ users['vaultwarden'] + uid_shift }}"
group: "{{ users['vaultwarden'] + uid_shift }}"
mode: '770'
become: true

28
roles/vaultwarden/tasks/update.yml
View file

@ -1,28 +1,3 @@
- name: "Create {{ project_dir }} project directory"
file:
path: "{{ project_dir }}"
state: directory
- name: Template docker-compose.yaml & .env to project directory
template:
src: "{{ item }}"
dest: "{{ project_dir }}/{{ item }}"
owner: "{{ host_uid }}"
group: "{{ host_uid }}"
mode: '640'
loop:
- docker-compose.yaml
- .env
- name: "Create directory {{ volumes['vaultwarden_datadir'] }} with correct permissions"
file:
path: "{{ volumes['vaultwarden_datadir'] }}"
state: directory
owner: "{{ users['vaultwarden'] + uid_shift }}"
group: "{{ users['vaultwarden'] + uid_shift }}"
mode: '770'
become: true
- name: Pull project services
community.docker.docker_compose:
project_src: "{{ project_dir }}"
@ -41,8 +16,9 @@
include_tasks:
file: backup.yml
# Make a backup if we didn't already make one and we pulled a new image
when: not run_backup and vaultwarden_pulled_images is defined
when: not run_backup | default(false) and vaultwarden_pulled_images is defined
- name: Create/Restart project services
community.docker.docker_compose:
project_src: "{{ project_dir }}"
restarted: "{{ run_setup | default(false) | bool }}"

7
roles/vaultwarden/templates/.env
View file

@ -1,2 +1,9 @@
ADMIN_TOKEN='{{ vaultwarden_secrets["admin_token_hash"] }}'
DOMAIN=https://vw.{{ domain }}
SIGNUPS_ALLOWED=false
SMTP_HOST=mail.{{ domain }}
SMTP_FROM=vaultwarden@{{ domain }}
SMTP_PORT={{ ports['mailserver_smtps'] }}
SMTP_SECURITY=force_tls
SMTP_USERNAME='{{ vaultwarden_secrets["smtp_username"] }}'
SMTP_PASSWORD='{{ vaultwarden_secrets["smtp_password"] }}'

11
roles/vaultwarden/templates/docker-compose.yaml
View file

@ -4,16 +4,7 @@ services:
container_name: vaultwarden
restart: always
user: {{ users['vaultwarden'] }}:{{ users['vaultwarden'] }}
environment:
- DOMAIN=https://vw.{{ domain }}
- SIGNUPS_ALLOWED=false
- ADMIN_TOKEN=${ADMIN_TOKEN}
- SMTP_HOST=mail.{{ domain }}
- SMTP_FROM=vaultwarden@{{ domain }}
- SMTP_PORT={{ ports['mailserver_smtps'] }}
- SMTP_SECURITY=force_tls
- SMTP_USERNAME={{ vaultwarden_secrets['smtp_username'] }}
- SMTP_PASSWORD=${SMTP_PASSWORD}
env_file: .env
ports:
- 127.0.0.1:{{ ports['vaultwarden'] }}:80
volumes: