mirror of
https://github.com/Crocmagnon/ansible.git
synced 2024-12-30 18:02:02 +01:00
refactor docker using role
This commit is contained in:
parent
c6b4cb700b
commit
b3706204ce
16 changed files with 74 additions and 286 deletions
1
.github/workflows/deploy.yml
vendored
1
.github/workflows/deploy.yml
vendored
|
@ -25,6 +25,7 @@ jobs:
|
|||
ANSIBLE_INVENTORY: inventories/github.yaml
|
||||
ANSIBLE_VAULT_PASSWORD_FILE: vault.pass
|
||||
ANSIBLE_FORCE_COLOR: "true"
|
||||
ANSIBLE_ROLES_PATH: "./roles"
|
||||
run: |
|
||||
echo '${{ secrets.ANSIBLE_VAULT_PASSWORD }}' > $ANSIBLE_VAULT_PASSWORD_FILE
|
||||
ls $ANSIBLE_VAULT_PASSWORD_FILE
|
||||
|
|
1
.github/workflows/dry-run.yml
vendored
1
.github/workflows/dry-run.yml
vendored
|
@ -23,6 +23,7 @@ jobs:
|
|||
ANSIBLE_INVENTORY: inventories/github.yaml
|
||||
ANSIBLE_VAULT_PASSWORD_FILE: vault.pass
|
||||
ANSIBLE_FORCE_COLOR: "true"
|
||||
ANSIBLE_ROLES_PATH: "./roles"
|
||||
run: |
|
||||
echo '${{ secrets.ANSIBLE_VAULT_PASSWORD }}' > $ANSIBLE_VAULT_PASSWORD_FILE
|
||||
ls $ANSIBLE_VAULT_PASSWORD_FILE
|
||||
|
|
|
@ -1,3 +1,4 @@
|
|||
[env]
|
||||
ANSIBLE_INVENTORY = "{{config_root}}/inventories/local.yaml"
|
||||
ANSIBLE_VAULT_PASSWORD_FILE = "{{config_root}}/vault.pass"
|
||||
ANSIBLE_ROLES_PATH = "{{config_root}}/roles"
|
||||
|
|
|
@ -3,45 +3,12 @@
|
|||
hosts: servers
|
||||
gather_facts: false
|
||||
tasks:
|
||||
- name: Create dir
|
||||
ansible.builtin.file:
|
||||
path: "{{ dir }}"
|
||||
state: directory
|
||||
mode: "0775"
|
||||
- name: Write files
|
||||
ansible.builtin.copy:
|
||||
src: "{{ item }}"
|
||||
dest: "{{ dir }}/"
|
||||
mode: preserve
|
||||
with_fileglob:
|
||||
- files/{{ app_name }}/*
|
||||
- files/{{ app_name }}/.*
|
||||
notify:
|
||||
- Restart service
|
||||
- name: Write templates
|
||||
ansible.builtin.template:
|
||||
src: "{{ item }}"
|
||||
dest: "{{ dir }}/{{ item | basename | regex_replace('\\.j2$', '') }}"
|
||||
mode: preserve
|
||||
with_fileglob:
|
||||
- templates/{{ app_name }}/*.j2
|
||||
- templates/{{ app_name }}/.*.j2
|
||||
notify:
|
||||
- Restart service
|
||||
- name: Ensure service is started
|
||||
community.docker.docker_compose_v2:
|
||||
project_src: "{{ dir }}"
|
||||
state: present
|
||||
|
||||
handlers:
|
||||
- name: Restart service
|
||||
community.docker.docker_compose_v2:
|
||||
project_src: "{{ dir }}"
|
||||
state: restarted
|
||||
- name: Docker
|
||||
ansible.builtin.include_role:
|
||||
name: docker
|
||||
|
||||
vars:
|
||||
app_name: charasheet
|
||||
dir: /mnt/data/{{ app_name }}
|
||||
docker_app_name: charasheet
|
||||
secret_key: !vault |
|
||||
$ANSIBLE_VAULT;1.1;AES256
|
||||
35666131616231643064336266303061326534356131666364633932373330663637343836353837
|
||||
|
|
|
@ -3,45 +3,12 @@
|
|||
hosts: servers
|
||||
gather_facts: false
|
||||
tasks:
|
||||
- name: Create dir
|
||||
ansible.builtin.file:
|
||||
path: "{{ dir }}"
|
||||
state: directory
|
||||
mode: "0775"
|
||||
- name: Write files
|
||||
ansible.builtin.copy:
|
||||
src: "{{ item }}"
|
||||
dest: "{{ dir }}/"
|
||||
mode: preserve
|
||||
with_fileglob:
|
||||
- files/{{ app_name }}/*
|
||||
- files/{{ app_name }}/.*
|
||||
notify:
|
||||
- Restart service
|
||||
- name: Write templates
|
||||
ansible.builtin.template:
|
||||
src: "{{ item }}"
|
||||
dest: "{{ dir }}/{{ item | basename | regex_replace('\\.j2$', '') }}"
|
||||
mode: preserve
|
||||
with_fileglob:
|
||||
- templates/{{ app_name }}/*.j2
|
||||
- templates/{{ app_name }}/.*.j2
|
||||
notify:
|
||||
- Restart service
|
||||
- name: Ensure service is started
|
||||
community.docker.docker_compose_v2:
|
||||
project_src: "{{ dir }}"
|
||||
state: present
|
||||
|
||||
handlers:
|
||||
- name: Restart service
|
||||
community.docker.docker_compose_v2:
|
||||
project_src: "{{ dir }}"
|
||||
state: restarted
|
||||
- name: Docker
|
||||
ansible.builtin.include_role:
|
||||
name: docker
|
||||
|
||||
vars:
|
||||
app_name: checkout
|
||||
dir: /mnt/data/{{ app_name }}
|
||||
docker_app_name: checkout
|
||||
secret_key: !vault |
|
||||
$ANSIBLE_VAULT;1.1;AES256
|
||||
33393761643061393863616663323863663033313865383135663939636433393730643831616231
|
||||
|
|
|
@ -3,45 +3,12 @@
|
|||
hosts: servers
|
||||
gather_facts: false
|
||||
tasks:
|
||||
- name: Create dir
|
||||
ansible.builtin.file:
|
||||
path: "{{ dir }}"
|
||||
state: directory
|
||||
mode: "0775"
|
||||
- name: Write files
|
||||
ansible.builtin.copy:
|
||||
src: "{{ item }}"
|
||||
dest: "{{ dir }}/"
|
||||
mode: preserve
|
||||
with_fileglob:
|
||||
- files/{{ app_name }}/*
|
||||
- files/{{ app_name }}/.*
|
||||
notify:
|
||||
- Restart service
|
||||
- name: Write templates
|
||||
ansible.builtin.template:
|
||||
src: "{{ item }}"
|
||||
dest: "{{ dir }}/{{ item | basename | regex_replace('\\.j2$', '') }}"
|
||||
mode: preserve
|
||||
with_fileglob:
|
||||
- templates/{{ app_name }}/*.j2
|
||||
- templates/{{ app_name }}/.*.j2
|
||||
notify:
|
||||
- Restart service
|
||||
- name: Ensure service is started
|
||||
community.docker.docker_compose_v2:
|
||||
project_src: "{{ dir }}"
|
||||
state: present
|
||||
|
||||
handlers:
|
||||
- name: Restart service
|
||||
community.docker.docker_compose_v2:
|
||||
project_src: "{{ dir }}"
|
||||
state: restarted
|
||||
- name: Docker
|
||||
ansible.builtin.include_role:
|
||||
name: docker
|
||||
|
||||
vars:
|
||||
app_name: code
|
||||
dir: /mnt/data/{{ app_name }}
|
||||
docker_app_name: code
|
||||
password: !vault |
|
||||
$ANSIBLE_VAULT;1.1;AES256
|
||||
65333933333436616332666161653932633431333334636364346239346530336337303939643435
|
||||
|
|
|
@ -3,45 +3,12 @@
|
|||
hosts: servers
|
||||
gather_facts: false
|
||||
tasks:
|
||||
- name: Create dir
|
||||
ansible.builtin.file:
|
||||
path: "{{ dir }}"
|
||||
state: directory
|
||||
mode: "0775"
|
||||
- name: Write files
|
||||
ansible.builtin.copy:
|
||||
src: "{{ item }}"
|
||||
dest: "{{ dir }}/"
|
||||
mode: preserve
|
||||
with_fileglob:
|
||||
- files/{{ app_name }}/*
|
||||
- files/{{ app_name }}/.*
|
||||
notify:
|
||||
- Restart service
|
||||
- name: Write templates
|
||||
ansible.builtin.template:
|
||||
src: "{{ item }}"
|
||||
dest: "{{ dir }}/{{ item | basename | regex_replace('\\.j2$', '') }}"
|
||||
mode: preserve
|
||||
with_fileglob:
|
||||
- templates/{{ app_name }}/*.j2
|
||||
- templates/{{ app_name }}/.*.j2
|
||||
notify:
|
||||
- Restart service
|
||||
- name: Ensure service is started
|
||||
community.docker.docker_compose_v2:
|
||||
project_src: "{{ dir }}"
|
||||
state: present
|
||||
|
||||
handlers:
|
||||
- name: Restart service
|
||||
community.docker.docker_compose_v2:
|
||||
project_src: "{{ dir }}"
|
||||
state: restarted
|
||||
- name: Docker
|
||||
ansible.builtin.include_role:
|
||||
name: docker
|
||||
|
||||
vars:
|
||||
app_name: collabora
|
||||
dir: /mnt/data/{{ app_name }}
|
||||
docker_app_name: collabora
|
||||
password: !vault |
|
||||
$ANSIBLE_VAULT;1.1;AES256
|
||||
64396634656334643030623536313236663438653730663266346530326233353836656339356631
|
||||
|
|
|
@ -1,23 +1,11 @@
|
|||
---
|
||||
- name: Setup gitea
|
||||
- name: Gitea
|
||||
hosts: servers
|
||||
gather_facts: false
|
||||
tasks:
|
||||
- name: Create dir
|
||||
ansible.builtin.file:
|
||||
path: "{{ dir }}"
|
||||
state: directory
|
||||
mode: "0775"
|
||||
- name: Write env file
|
||||
ansible.builtin.copy:
|
||||
src: files/gitea/gitea.env
|
||||
dest: "{{ dir }}/gitea.env"
|
||||
mode: "0644"
|
||||
- name: Write docker-compose.yaml
|
||||
ansible.builtin.copy:
|
||||
src: files/gitea/docker-compose.yaml
|
||||
dest: "{{ dir }}/docker-compose.yaml"
|
||||
mode: "0644"
|
||||
- name: Docker
|
||||
ansible.builtin.include_role:
|
||||
name: docker
|
||||
- name: Write app.ini
|
||||
ansible.builtin.template:
|
||||
src: templates/gitea_app.ini.j2
|
||||
|
@ -25,19 +13,10 @@
|
|||
mode: "0600"
|
||||
notify:
|
||||
- Restart service
|
||||
- name: Ensure service is started
|
||||
community.docker.docker_compose_v2:
|
||||
project_src: "{{ dir }}"
|
||||
state: present
|
||||
|
||||
handlers:
|
||||
- name: Restart service
|
||||
community.docker.docker_compose_v2:
|
||||
project_src: "{{ dir }}"
|
||||
state: restarted
|
||||
|
||||
vars:
|
||||
dir: /mnt/data/git
|
||||
docker_app_name: git
|
||||
dir: /mnt/data/{{ docker_app_name }}
|
||||
lfs_jwt_secret: !vault |
|
||||
$ANSIBLE_VAULT;1.1;AES256
|
||||
34656631616165623233353835386162343837363230366136303764613334323262313233616462
|
||||
|
|
|
@ -3,42 +3,8 @@
|
|||
hosts: servers
|
||||
gather_facts: false
|
||||
tasks:
|
||||
- name: Create dir
|
||||
ansible.builtin.file:
|
||||
path: "{{ dir }}"
|
||||
state: directory
|
||||
mode: "0775"
|
||||
- name: Write files
|
||||
ansible.builtin.copy:
|
||||
src: "{{ item }}"
|
||||
dest: "{{ dir }}/"
|
||||
mode: preserve
|
||||
with_fileglob:
|
||||
- files/{{ app_name }}/*
|
||||
- files/{{ app_name }}/.*
|
||||
notify:
|
||||
- Restart service
|
||||
- name: Write templates
|
||||
ansible.builtin.template:
|
||||
src: "{{ item }}"
|
||||
dest: "{{ dir }}/{{ item | basename | regex_replace('\\.j2$', '') }}"
|
||||
mode: preserve
|
||||
with_fileglob:
|
||||
- templates/{{ app_name }}/*.j2
|
||||
- templates/{{ app_name }}/.*.j2
|
||||
notify:
|
||||
- Restart service
|
||||
- name: Ensure service is started
|
||||
community.docker.docker_compose_v2:
|
||||
project_src: "{{ dir }}"
|
||||
state: present
|
||||
|
||||
handlers:
|
||||
- name: Restart service
|
||||
community.docker.docker_compose_v2:
|
||||
project_src: "{{ dir }}"
|
||||
state: restarted
|
||||
- include_role:
|
||||
name: docker
|
||||
|
||||
vars:
|
||||
app_name: ==APP==
|
||||
dir: /mnt/data/{{ app_name }}
|
||||
docker_app_name: ==APP==
|
||||
|
|
|
@ -3,42 +3,9 @@
|
|||
hosts: servers
|
||||
gather_facts: false
|
||||
tasks:
|
||||
- name: Create dir
|
||||
ansible.builtin.file:
|
||||
path: "{{ dir }}"
|
||||
state: directory
|
||||
mode: "0775"
|
||||
- name: Write files
|
||||
ansible.builtin.copy:
|
||||
src: "{{ item }}"
|
||||
dest: "{{ dir }}/"
|
||||
mode: preserve
|
||||
with_fileglob:
|
||||
- files/{{ app_name }}/*
|
||||
- files/{{ app_name }}/.*
|
||||
notify:
|
||||
- Restart service
|
||||
- name: Write templates
|
||||
ansible.builtin.template:
|
||||
src: "{{ item }}"
|
||||
dest: "{{ dir }}/{{ item | basename | regex_replace('\\.j2$', '') }}"
|
||||
mode: preserve
|
||||
with_fileglob:
|
||||
- templates/{{ app_name }}/*.j2
|
||||
- templates/{{ app_name }}/.*.j2
|
||||
notify:
|
||||
- Restart service
|
||||
- name: Ensure service is started
|
||||
community.docker.docker_compose_v2:
|
||||
project_src: "{{ dir }}"
|
||||
state: present
|
||||
|
||||
handlers:
|
||||
- name: Restart service
|
||||
community.docker.docker_compose_v2:
|
||||
project_src: "{{ dir }}"
|
||||
state: restarted
|
||||
- name: Docker
|
||||
ansible.builtin.include_role:
|
||||
name: docker
|
||||
|
||||
vars:
|
||||
app_name: test_headers
|
||||
dir: /mnt/data/{{ app_name }}
|
||||
docker_app_name: test_headers
|
||||
|
|
|
@ -3,45 +3,12 @@
|
|||
hosts: servers
|
||||
gather_facts: false
|
||||
tasks:
|
||||
- name: Create dir
|
||||
ansible.builtin.file:
|
||||
path: "{{ dir }}"
|
||||
state: directory
|
||||
mode: "0775"
|
||||
- name: Write files
|
||||
ansible.builtin.copy:
|
||||
src: "{{ item }}"
|
||||
dest: "{{ dir }}/"
|
||||
mode: preserve
|
||||
with_fileglob:
|
||||
- files/{{ app_name }}/*
|
||||
- files/{{ app_name }}/.*
|
||||
notify:
|
||||
- Restart service
|
||||
- name: Write templates
|
||||
ansible.builtin.template:
|
||||
src: "{{ item }}"
|
||||
dest: "{{ dir }}/{{ item | basename | regex_replace('\\.j2$', '') }}"
|
||||
mode: preserve
|
||||
with_fileglob:
|
||||
- templates/{{ app_name }}/*.j2
|
||||
- templates/{{ app_name }}/.*.j2
|
||||
notify:
|
||||
- Restart service
|
||||
- name: Ensure service is started
|
||||
community.docker.docker_compose_v2:
|
||||
project_src: "{{ dir }}"
|
||||
state: present
|
||||
|
||||
handlers:
|
||||
- name: Restart service
|
||||
community.docker.docker_compose_v2:
|
||||
project_src: "{{ dir }}"
|
||||
state: restarted
|
||||
- name: Docker
|
||||
ansible.builtin.include_role:
|
||||
name: docker
|
||||
|
||||
vars:
|
||||
app_name: wallabag
|
||||
dir: /mnt/data/{{ app_name }}
|
||||
docker_app_name: wallabag
|
||||
secret_key: !vault |
|
||||
$ANSIBLE_VAULT;1.1;AES256
|
||||
31346432623062383331306633383230376264326530643236393838356166346563653637376666
|
||||
|
|
3
roles/docker/defaults/main.yaml
Normal file
3
roles/docker/defaults/main.yaml
Normal file
|
@ -0,0 +1,3 @@
|
|||
---
|
||||
docker_app_name: some-app
|
||||
docker_dir: /mnt/data/{{ docker_app_name }}
|
5
roles/docker/handlers/main.yaml
Normal file
5
roles/docker/handlers/main.yaml
Normal file
|
@ -0,0 +1,5 @@
|
|||
---
|
||||
- name: Restart service
|
||||
community.docker.docker_compose_v2:
|
||||
project_src: "{{ docker_dir }}"
|
||||
state: restarted
|
30
roles/docker/tasks/main.yaml
Normal file
30
roles/docker/tasks/main.yaml
Normal file
|
@ -0,0 +1,30 @@
|
|||
---
|
||||
- name: Create dir
|
||||
ansible.builtin.file:
|
||||
path: "{{ docker_dir }}"
|
||||
state: directory
|
||||
mode: "0775"
|
||||
- name: Write files
|
||||
ansible.builtin.copy:
|
||||
src: "{{ item }}"
|
||||
dest: "{{ docker_dir }}/"
|
||||
mode: preserve
|
||||
with_fileglob:
|
||||
- files/{{ docker_app_name }}/*
|
||||
- files/{{ docker_app_name }}/.*
|
||||
notify:
|
||||
- Restart service
|
||||
- name: Write templates
|
||||
ansible.builtin.template:
|
||||
src: "{{ item }}"
|
||||
dest: "{{ docker_dir }}/{{ item | basename | regex_replace('\\.j2$', '') }}"
|
||||
mode: preserve
|
||||
with_fileglob:
|
||||
- templates/{{ docker_app_name }}/*.j2
|
||||
- templates/{{ docker_app_name }}/.*.j2
|
||||
notify:
|
||||
- Restart service
|
||||
- name: Ensure service is started
|
||||
community.docker.docker_compose_v2:
|
||||
project_src: "{{ docker_dir }}"
|
||||
state: present
|
Loading…
Reference in a new issue