diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 8dabbcc..47f03c8 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -25,6 +25,7 @@ jobs: ANSIBLE_INVENTORY: inventories/github.yaml ANSIBLE_VAULT_PASSWORD_FILE: vault.pass ANSIBLE_FORCE_COLOR: "true" + ANSIBLE_ROLES_PATH: "./roles" run: | echo '${{ secrets.ANSIBLE_VAULT_PASSWORD }}' > $ANSIBLE_VAULT_PASSWORD_FILE ls $ANSIBLE_VAULT_PASSWORD_FILE diff --git a/.github/workflows/dry-run.yml b/.github/workflows/dry-run.yml index 4381810..7e87eb0 100644 --- a/.github/workflows/dry-run.yml +++ b/.github/workflows/dry-run.yml @@ -23,6 +23,7 @@ jobs: ANSIBLE_INVENTORY: inventories/github.yaml ANSIBLE_VAULT_PASSWORD_FILE: vault.pass ANSIBLE_FORCE_COLOR: "true" + ANSIBLE_ROLES_PATH: "./roles" run: | echo '${{ secrets.ANSIBLE_VAULT_PASSWORD }}' > $ANSIBLE_VAULT_PASSWORD_FILE ls $ANSIBLE_VAULT_PASSWORD_FILE diff --git a/.mise.toml b/.mise.toml index 9cec2f4..b5bc8be 100644 --- a/.mise.toml +++ b/.mise.toml @@ -1,3 +1,4 @@ [env] ANSIBLE_INVENTORY = "{{config_root}}/inventories/local.yaml" ANSIBLE_VAULT_PASSWORD_FILE = "{{config_root}}/vault.pass" +ANSIBLE_ROLES_PATH = "{{config_root}}/roles" diff --git a/playbooks/apps/charasheet.yaml b/playbooks/apps/charasheet.yaml index cff3c4e..b1d37b0 100644 --- a/playbooks/apps/charasheet.yaml +++ b/playbooks/apps/charasheet.yaml @@ -3,45 +3,12 @@ hosts: servers gather_facts: false tasks: - - name: Create dir - ansible.builtin.file: - path: "{{ dir }}" - state: directory - mode: "0775" - - name: Write files - ansible.builtin.copy: - src: "{{ item }}" - dest: "{{ dir }}/" - mode: preserve - with_fileglob: - - files/{{ app_name }}/* - - files/{{ app_name }}/.* - notify: - - Restart service - - name: Write templates - ansible.builtin.template: - src: "{{ item }}" - dest: "{{ dir }}/{{ item | basename | regex_replace('\\.j2$', '') }}" - mode: preserve - with_fileglob: - - templates/{{ app_name }}/*.j2 - - templates/{{ app_name }}/.*.j2 - notify: - - Restart service - - name: Ensure service is started - community.docker.docker_compose_v2: - project_src: "{{ dir }}" - state: present - - handlers: - - name: Restart service - community.docker.docker_compose_v2: - project_src: "{{ dir }}" - state: restarted + - name: Docker + ansible.builtin.include_role: + name: docker vars: - app_name: charasheet - dir: /mnt/data/{{ app_name }} + docker_app_name: charasheet secret_key: !vault | $ANSIBLE_VAULT;1.1;AES256 35666131616231643064336266303061326534356131666364633932373330663637343836353837 diff --git a/playbooks/apps/checkout.yaml b/playbooks/apps/checkout.yaml index f2c91cb..feef0b9 100644 --- a/playbooks/apps/checkout.yaml +++ b/playbooks/apps/checkout.yaml @@ -3,45 +3,12 @@ hosts: servers gather_facts: false tasks: - - name: Create dir - ansible.builtin.file: - path: "{{ dir }}" - state: directory - mode: "0775" - - name: Write files - ansible.builtin.copy: - src: "{{ item }}" - dest: "{{ dir }}/" - mode: preserve - with_fileglob: - - files/{{ app_name }}/* - - files/{{ app_name }}/.* - notify: - - Restart service - - name: Write templates - ansible.builtin.template: - src: "{{ item }}" - dest: "{{ dir }}/{{ item | basename | regex_replace('\\.j2$', '') }}" - mode: preserve - with_fileglob: - - templates/{{ app_name }}/*.j2 - - templates/{{ app_name }}/.*.j2 - notify: - - Restart service - - name: Ensure service is started - community.docker.docker_compose_v2: - project_src: "{{ dir }}" - state: present - - handlers: - - name: Restart service - community.docker.docker_compose_v2: - project_src: "{{ dir }}" - state: restarted + - name: Docker + ansible.builtin.include_role: + name: docker vars: - app_name: checkout - dir: /mnt/data/{{ app_name }} + docker_app_name: checkout secret_key: !vault | $ANSIBLE_VAULT;1.1;AES256 33393761643061393863616663323863663033313865383135663939636433393730643831616231 diff --git a/playbooks/apps/code.yaml b/playbooks/apps/code.yaml index 53f31f7..54d6447 100644 --- a/playbooks/apps/code.yaml +++ b/playbooks/apps/code.yaml @@ -3,45 +3,12 @@ hosts: servers gather_facts: false tasks: - - name: Create dir - ansible.builtin.file: - path: "{{ dir }}" - state: directory - mode: "0775" - - name: Write files - ansible.builtin.copy: - src: "{{ item }}" - dest: "{{ dir }}/" - mode: preserve - with_fileglob: - - files/{{ app_name }}/* - - files/{{ app_name }}/.* - notify: - - Restart service - - name: Write templates - ansible.builtin.template: - src: "{{ item }}" - dest: "{{ dir }}/{{ item | basename | regex_replace('\\.j2$', '') }}" - mode: preserve - with_fileglob: - - templates/{{ app_name }}/*.j2 - - templates/{{ app_name }}/.*.j2 - notify: - - Restart service - - name: Ensure service is started - community.docker.docker_compose_v2: - project_src: "{{ dir }}" - state: present - - handlers: - - name: Restart service - community.docker.docker_compose_v2: - project_src: "{{ dir }}" - state: restarted + - name: Docker + ansible.builtin.include_role: + name: docker vars: - app_name: code - dir: /mnt/data/{{ app_name }} + docker_app_name: code password: !vault | $ANSIBLE_VAULT;1.1;AES256 65333933333436616332666161653932633431333334636364346239346530336337303939643435 diff --git a/playbooks/apps/collabora.yaml b/playbooks/apps/collabora.yaml index 492b1d5..a6c2585 100644 --- a/playbooks/apps/collabora.yaml +++ b/playbooks/apps/collabora.yaml @@ -3,45 +3,12 @@ hosts: servers gather_facts: false tasks: - - name: Create dir - ansible.builtin.file: - path: "{{ dir }}" - state: directory - mode: "0775" - - name: Write files - ansible.builtin.copy: - src: "{{ item }}" - dest: "{{ dir }}/" - mode: preserve - with_fileglob: - - files/{{ app_name }}/* - - files/{{ app_name }}/.* - notify: - - Restart service - - name: Write templates - ansible.builtin.template: - src: "{{ item }}" - dest: "{{ dir }}/{{ item | basename | regex_replace('\\.j2$', '') }}" - mode: preserve - with_fileglob: - - templates/{{ app_name }}/*.j2 - - templates/{{ app_name }}/.*.j2 - notify: - - Restart service - - name: Ensure service is started - community.docker.docker_compose_v2: - project_src: "{{ dir }}" - state: present - - handlers: - - name: Restart service - community.docker.docker_compose_v2: - project_src: "{{ dir }}" - state: restarted + - name: Docker + ansible.builtin.include_role: + name: docker vars: - app_name: collabora - dir: /mnt/data/{{ app_name }} + docker_app_name: collabora password: !vault | $ANSIBLE_VAULT;1.1;AES256 64396634656334643030623536313236663438653730663266346530326233353836656339356631 diff --git a/playbooks/apps/files/gitea/docker-compose.yaml b/playbooks/apps/files/git/docker-compose.yaml similarity index 100% rename from playbooks/apps/files/gitea/docker-compose.yaml rename to playbooks/apps/files/git/docker-compose.yaml diff --git a/playbooks/apps/files/gitea/gitea.env b/playbooks/apps/files/git/gitea.env similarity index 100% rename from playbooks/apps/files/gitea/gitea.env rename to playbooks/apps/files/git/gitea.env diff --git a/playbooks/apps/gitea.yaml b/playbooks/apps/gitea.yaml index 3e1b18b..061ff63 100644 --- a/playbooks/apps/gitea.yaml +++ b/playbooks/apps/gitea.yaml @@ -1,23 +1,11 @@ --- -- name: Setup gitea +- name: Gitea hosts: servers gather_facts: false tasks: - - name: Create dir - ansible.builtin.file: - path: "{{ dir }}" - state: directory - mode: "0775" - - name: Write env file - ansible.builtin.copy: - src: files/gitea/gitea.env - dest: "{{ dir }}/gitea.env" - mode: "0644" - - name: Write docker-compose.yaml - ansible.builtin.copy: - src: files/gitea/docker-compose.yaml - dest: "{{ dir }}/docker-compose.yaml" - mode: "0644" + - name: Docker + ansible.builtin.include_role: + name: docker - name: Write app.ini ansible.builtin.template: src: templates/gitea_app.ini.j2 @@ -25,19 +13,10 @@ mode: "0600" notify: - Restart service - - name: Ensure service is started - community.docker.docker_compose_v2: - project_src: "{{ dir }}" - state: present - - handlers: - - name: Restart service - community.docker.docker_compose_v2: - project_src: "{{ dir }}" - state: restarted vars: - dir: /mnt/data/git + docker_app_name: git + dir: /mnt/data/{{ docker_app_name }} lfs_jwt_secret: !vault | $ANSIBLE_VAULT;1.1;AES256 34656631616165623233353835386162343837363230366136303764613334323262313233616462 diff --git a/playbooks/apps/template.yaml.dist b/playbooks/apps/template.yaml.dist index 910fd93..78ce074 100644 --- a/playbooks/apps/template.yaml.dist +++ b/playbooks/apps/template.yaml.dist @@ -3,42 +3,8 @@ hosts: servers gather_facts: false tasks: - - name: Create dir - ansible.builtin.file: - path: "{{ dir }}" - state: directory - mode: "0775" - - name: Write files - ansible.builtin.copy: - src: "{{ item }}" - dest: "{{ dir }}/" - mode: preserve - with_fileglob: - - files/{{ app_name }}/* - - files/{{ app_name }}/.* - notify: - - Restart service - - name: Write templates - ansible.builtin.template: - src: "{{ item }}" - dest: "{{ dir }}/{{ item | basename | regex_replace('\\.j2$', '') }}" - mode: preserve - with_fileglob: - - templates/{{ app_name }}/*.j2 - - templates/{{ app_name }}/.*.j2 - notify: - - Restart service - - name: Ensure service is started - community.docker.docker_compose_v2: - project_src: "{{ dir }}" - state: present - - handlers: - - name: Restart service - community.docker.docker_compose_v2: - project_src: "{{ dir }}" - state: restarted + - include_role: + name: docker vars: - app_name: ==APP== - dir: /mnt/data/{{ app_name }} + docker_app_name: ==APP== diff --git a/playbooks/apps/test_headers.yaml b/playbooks/apps/test_headers.yaml index 916eec1..1eab926 100644 --- a/playbooks/apps/test_headers.yaml +++ b/playbooks/apps/test_headers.yaml @@ -3,42 +3,9 @@ hosts: servers gather_facts: false tasks: - - name: Create dir - ansible.builtin.file: - path: "{{ dir }}" - state: directory - mode: "0775" - - name: Write files - ansible.builtin.copy: - src: "{{ item }}" - dest: "{{ dir }}/" - mode: preserve - with_fileglob: - - files/{{ app_name }}/* - - files/{{ app_name }}/.* - notify: - - Restart service - - name: Write templates - ansible.builtin.template: - src: "{{ item }}" - dest: "{{ dir }}/{{ item | basename | regex_replace('\\.j2$', '') }}" - mode: preserve - with_fileglob: - - templates/{{ app_name }}/*.j2 - - templates/{{ app_name }}/.*.j2 - notify: - - Restart service - - name: Ensure service is started - community.docker.docker_compose_v2: - project_src: "{{ dir }}" - state: present - - handlers: - - name: Restart service - community.docker.docker_compose_v2: - project_src: "{{ dir }}" - state: restarted + - name: Docker + ansible.builtin.include_role: + name: docker vars: - app_name: test_headers - dir: /mnt/data/{{ app_name }} + docker_app_name: test_headers diff --git a/playbooks/apps/wallabag.yaml b/playbooks/apps/wallabag.yaml index 6effc2e..99d00a8 100644 --- a/playbooks/apps/wallabag.yaml +++ b/playbooks/apps/wallabag.yaml @@ -3,45 +3,12 @@ hosts: servers gather_facts: false tasks: - - name: Create dir - ansible.builtin.file: - path: "{{ dir }}" - state: directory - mode: "0775" - - name: Write files - ansible.builtin.copy: - src: "{{ item }}" - dest: "{{ dir }}/" - mode: preserve - with_fileglob: - - files/{{ app_name }}/* - - files/{{ app_name }}/.* - notify: - - Restart service - - name: Write templates - ansible.builtin.template: - src: "{{ item }}" - dest: "{{ dir }}/{{ item | basename | regex_replace('\\.j2$', '') }}" - mode: preserve - with_fileglob: - - templates/{{ app_name }}/*.j2 - - templates/{{ app_name }}/.*.j2 - notify: - - Restart service - - name: Ensure service is started - community.docker.docker_compose_v2: - project_src: "{{ dir }}" - state: present - - handlers: - - name: Restart service - community.docker.docker_compose_v2: - project_src: "{{ dir }}" - state: restarted + - name: Docker + ansible.builtin.include_role: + name: docker vars: - app_name: wallabag - dir: /mnt/data/{{ app_name }} + docker_app_name: wallabag secret_key: !vault | $ANSIBLE_VAULT;1.1;AES256 31346432623062383331306633383230376264326530643236393838356166346563653637376666 diff --git a/roles/docker/defaults/main.yaml b/roles/docker/defaults/main.yaml new file mode 100644 index 0000000..299a5b2 --- /dev/null +++ b/roles/docker/defaults/main.yaml @@ -0,0 +1,3 @@ +--- +docker_app_name: some-app +docker_dir: /mnt/data/{{ docker_app_name }} diff --git a/roles/docker/handlers/main.yaml b/roles/docker/handlers/main.yaml new file mode 100644 index 0000000..ea034da --- /dev/null +++ b/roles/docker/handlers/main.yaml @@ -0,0 +1,5 @@ +--- +- name: Restart service + community.docker.docker_compose_v2: + project_src: "{{ docker_dir }}" + state: restarted diff --git a/roles/docker/tasks/main.yaml b/roles/docker/tasks/main.yaml new file mode 100644 index 0000000..5a8e9d4 --- /dev/null +++ b/roles/docker/tasks/main.yaml @@ -0,0 +1,30 @@ +--- +- name: Create dir + ansible.builtin.file: + path: "{{ docker_dir }}" + state: directory + mode: "0775" +- name: Write files + ansible.builtin.copy: + src: "{{ item }}" + dest: "{{ docker_dir }}/" + mode: preserve + with_fileglob: + - files/{{ docker_app_name }}/* + - files/{{ docker_app_name }}/.* + notify: + - Restart service +- name: Write templates + ansible.builtin.template: + src: "{{ item }}" + dest: "{{ docker_dir }}/{{ item | basename | regex_replace('\\.j2$', '') }}" + mode: preserve + with_fileglob: + - templates/{{ docker_app_name }}/*.j2 + - templates/{{ docker_app_name }}/.*.j2 + notify: + - Restart service +- name: Ensure service is started + community.docker.docker_compose_v2: + project_src: "{{ docker_dir }}" + state: present