81 lines
2.4 KiB
YAML
81 lines
2.4 KiB
YAML
- name: "Create {{ coturn_project_dir }} project directory"
|
|
file:
|
|
path: "{{ coturn_project_dir }}"
|
|
state: directory
|
|
|
|
- name: Template docker-compose.yaml to project directory
|
|
template:
|
|
src: docker-compose.yaml
|
|
dest: "{{ coturn_project_dir }}/docker-compose.yaml"
|
|
owner: "{{ ansible_env['USER'] }}"
|
|
group: "{{ ansible_env['USER'] }}"
|
|
mode: '640'
|
|
|
|
- name: Template turnserver.conf to project directory
|
|
template:
|
|
src: turnserver.conf
|
|
dest: "{{ coturn_project_dir }}/turnserver.conf"
|
|
owner: "{{ ansible_env['USER'] }}"
|
|
mode: '640'
|
|
# Store result to restart services if the file changed
|
|
register: coturn_template_turnserver_result
|
|
|
|
# Separate task because template module cannot chown/chgrp to a non-existing user/group
|
|
- name: "Change group of turnserver.conf to coturn GID ({{ users['coturn'] + uid_shift }})"
|
|
file:
|
|
path: "{{ coturn_project_dir }}/turnserver.conf"
|
|
group: "{{ users['coturn'] + uid_shift }}"
|
|
become: true
|
|
|
|
- name: Set limited permissions on certificate directories
|
|
file:
|
|
path: "/etc/{{ item }}"
|
|
state: directory
|
|
owner: root
|
|
group: root
|
|
mode: '751'
|
|
become: true
|
|
loop:
|
|
- letsencrypt
|
|
- letsencrypt/live
|
|
- letsencrypt/archive
|
|
|
|
- name: Set limited permissions on certificate directories
|
|
file:
|
|
path: "/etc/letsencrypt/{{ item }}/turn.{{ domain }}"
|
|
state: directory
|
|
owner: "{{ host_uid }}"
|
|
group: "{{ users['coturn'] + uid_shift }}"
|
|
mode: '550'
|
|
become: true
|
|
loop:
|
|
- live
|
|
- archive
|
|
|
|
- name: Set limited permissions on certificate key file
|
|
file:
|
|
path: "/etc/letsencrypt/live/turn.{{ domain }}/privkey.pem"
|
|
owner: root
|
|
group: "{{ users['coturn'] + uid_shift }}"
|
|
mode: '640'
|
|
become: true
|
|
|
|
- name: Pull project services
|
|
community.docker.docker_compose:
|
|
project_src: "{{ coturn_project_dir }}"
|
|
recreate: never
|
|
pull: true
|
|
debug: true
|
|
when: docker_pull_images | bool
|
|
register: coturn_docker_compose_pull_result
|
|
|
|
- name: Display pulled image(s) name
|
|
set_fact:
|
|
coturn_pulled_images: "{{ coturn_pulled_images | default([]) + [item.pulled_image.name] }}"
|
|
loop: "{{ coturn_docker_compose_pull_result['actions'] | default([]) | selectattr('pulled_image', 'defined') }}"
|
|
|
|
- name: Create/Restart project services
|
|
community.docker.docker_compose:
|
|
project_src: "{{ coturn_project_dir }}"
|
|
# Restart if config file(s) changed
|
|
restarted: "{{ coturn_template_turnserver_result['changed'] | bool }}"
|