gaugendre/ansible
1
0
Fork 0
mirror of https://github.com/Crocmagnon/ansible.git synced 2024-11-21 06:48:02 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

refactor docker using role

Browse source
This commit is contained in:
Gabriel Augendre 2024-10-11 18:41:46 +02:00
parent c6b4cb700b
commit b3706204ce
16 changed files with 74 additions and 286 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
.github/workflows/deploy.yml vendored
View file

@ -25,6 +25,7 @@ jobs:
ANSIBLE_INVENTORY: inventories/github.yaml ANSIBLE_INVENTORY: inventories/github.yaml
ANSIBLE_VAULT_PASSWORD_FILE: vault.pass ANSIBLE_VAULT_PASSWORD_FILE: vault.pass
ANSIBLE_FORCE_COLOR: "true" ANSIBLE_FORCE_COLOR: "true"
ANSIBLE_ROLES_PATH: "./roles"
run: | run: |
echo '${{ secrets.ANSIBLE_VAULT_PASSWORD }}' > $ANSIBLE_VAULT_PASSWORD_FILE echo '${{ secrets.ANSIBLE_VAULT_PASSWORD }}' > $ANSIBLE_VAULT_PASSWORD_FILE
ls $ANSIBLE_VAULT_PASSWORD_FILE ls $ANSIBLE_VAULT_PASSWORD_FILE

1
.github/workflows/dry-run.yml vendored
View file

@ -23,6 +23,7 @@ jobs:
ANSIBLE_INVENTORY: inventories/github.yaml ANSIBLE_INVENTORY: inventories/github.yaml
ANSIBLE_VAULT_PASSWORD_FILE: vault.pass ANSIBLE_VAULT_PASSWORD_FILE: vault.pass
ANSIBLE_FORCE_COLOR: "true" ANSIBLE_FORCE_COLOR: "true"
ANSIBLE_ROLES_PATH: "./roles"
run: | run: |
echo '${{ secrets.ANSIBLE_VAULT_PASSWORD }}' > $ANSIBLE_VAULT_PASSWORD_FILE echo '${{ secrets.ANSIBLE_VAULT_PASSWORD }}' > $ANSIBLE_VAULT_PASSWORD_FILE
ls $ANSIBLE_VAULT_PASSWORD_FILE ls $ANSIBLE_VAULT_PASSWORD_FILE

1
.mise.toml
View file

@ -1,3 +1,4 @@
[env] [env]
ANSIBLE_INVENTORY = "{{config_root}}/inventories/local.yaml" ANSIBLE_INVENTORY = "{{config_root}}/inventories/local.yaml"
ANSIBLE_VAULT_PASSWORD_FILE = "{{config_root}}/vault.pass" ANSIBLE_VAULT_PASSWORD_FILE = "{{config_root}}/vault.pass"
ANSIBLE_ROLES_PATH = "{{config_root}}/roles"

41
playbooks/apps/charasheet.yaml
View file

@ -3,45 +3,12 @@
hosts: servers hosts: servers
gather_facts: false gather_facts: false
tasks: tasks:
- name: Create dir - name: Docker
ansible.builtin.file: ansible.builtin.include_role:
path: "{{ dir }}" name: docker
state: directory
mode: "0775"
- name: Write files
ansible.builtin.copy:
src: "{{ item }}"
dest: "{{ dir }}/"
mode: preserve
with_fileglob:
- files/{{ app_name }}/*
- files/{{ app_name }}/.*
notify:
- Restart service
- name: Write templates
ansible.builtin.template:
src: "{{ item }}"
dest: "{{ dir }}/{{ item | basename | regex_replace('\\.j2$', '') }}"
mode: preserve
with_fileglob:
- templates/{{ app_name }}/*.j2
- templates/{{ app_name }}/.*.j2
notify:
- Restart service
- name: Ensure service is started
community.docker.docker_compose_v2:
project_src: "{{ dir }}"
state: present
handlers:
- name: Restart service
community.docker.docker_compose_v2:
project_src: "{{ dir }}"
state: restarted
vars: vars:
app_name: charasheet docker_app_name: charasheet
dir: /mnt/data/{{ app_name }}
secret_key: !vault | secret_key: !vault |
$ANSIBLE_VAULT;1.1;AES256 $ANSIBLE_VAULT;1.1;AES256
35666131616231643064336266303061326534356131666364633932373330663637343836353837 35666131616231643064336266303061326534356131666364633932373330663637343836353837

41
playbooks/apps/checkout.yaml
View file

@ -3,45 +3,12 @@
hosts: servers hosts: servers
gather_facts: false gather_facts: false
tasks: tasks:
- name: Create dir - name: Docker
ansible.builtin.file: ansible.builtin.include_role:
path: "{{ dir }}" name: docker
state: directory
mode: "0775"
- name: Write files
ansible.builtin.copy:
src: "{{ item }}"
dest: "{{ dir }}/"
mode: preserve
with_fileglob:
- files/{{ app_name }}/*
- files/{{ app_name }}/.*
notify:
- Restart service
- name: Write templates
ansible.builtin.template:
src: "{{ item }}"
dest: "{{ dir }}/{{ item | basename | regex_replace('\\.j2$', '') }}"
mode: preserve
with_fileglob:
- templates/{{ app_name }}/*.j2
- templates/{{ app_name }}/.*.j2
notify:
- Restart service
- name: Ensure service is started
community.docker.docker_compose_v2:
project_src: "{{ dir }}"
state: present
handlers:
- name: Restart service
community.docker.docker_compose_v2:
project_src: "{{ dir }}"
state: restarted
vars: vars:
app_name: checkout docker_app_name: checkout
dir: /mnt/data/{{ app_name }}
secret_key: !vault | secret_key: !vault |
$ANSIBLE_VAULT;1.1;AES256 $ANSIBLE_VAULT;1.1;AES256
33393761643061393863616663323863663033313865383135663939636433393730643831616231 33393761643061393863616663323863663033313865383135663939636433393730643831616231

41
playbooks/apps/code.yaml
View file

@ -3,45 +3,12 @@
hosts: servers hosts: servers
gather_facts: false gather_facts: false
tasks: tasks:
- name: Create dir - name: Docker
ansible.builtin.file: ansible.builtin.include_role:
path: "{{ dir }}" name: docker
state: directory
mode: "0775"
- name: Write files
ansible.builtin.copy:
src: "{{ item }}"
dest: "{{ dir }}/"
mode: preserve
with_fileglob:
- files/{{ app_name }}/*
- files/{{ app_name }}/.*
notify:
- Restart service
- name: Write templates
ansible.builtin.template:
src: "{{ item }}"
dest: "{{ dir }}/{{ item | basename | regex_replace('\\.j2$', '') }}"
mode: preserve
with_fileglob:
- templates/{{ app_name }}/*.j2
- templates/{{ app_name }}/.*.j2
notify:
- Restart service
- name: Ensure service is started
community.docker.docker_compose_v2:
project_src: "{{ dir }}"
state: present
handlers:
- name: Restart service
community.docker.docker_compose_v2:
project_src: "{{ dir }}"
state: restarted
vars: vars:
app_name: code docker_app_name: code
dir: /mnt/data/{{ app_name }}
password: !vault | password: !vault |
$ANSIBLE_VAULT;1.1;AES256 $ANSIBLE_VAULT;1.1;AES256
65333933333436616332666161653932633431333334636364346239346530336337303939643435 65333933333436616332666161653932633431333334636364346239346530336337303939643435

41
playbooks/apps/collabora.yaml
View file

@ -3,45 +3,12 @@
hosts: servers hosts: servers
gather_facts: false gather_facts: false
tasks: tasks:
- name: Create dir - name: Docker
ansible.builtin.file: ansible.builtin.include_role:
path: "{{ dir }}" name: docker
state: directory
mode: "0775"
- name: Write files
ansible.builtin.copy:
src: "{{ item }}"
dest: "{{ dir }}/"
mode: preserve
with_fileglob:
- files/{{ app_name }}/*
- files/{{ app_name }}/.*
notify:
- Restart service
- name: Write templates
ansible.builtin.template:
src: "{{ item }}"
dest: "{{ dir }}/{{ item | basename | regex_replace('\\.j2$', '') }}"
mode: preserve
with_fileglob:
- templates/{{ app_name }}/*.j2
- templates/{{ app_name }}/.*.j2
notify:
- Restart service
- name: Ensure service is started
community.docker.docker_compose_v2:
project_src: "{{ dir }}"
state: present
handlers:
- name: Restart service
community.docker.docker_compose_v2:
project_src: "{{ dir }}"
state: restarted
vars: vars:
app_name: collabora docker_app_name: collabora
dir: /mnt/data/{{ app_name }}
password: !vault | password: !vault |
$ANSIBLE_VAULT;1.1;AES256 $ANSIBLE_VAULT;1.1;AES256
64396634656334643030623536313236663438653730663266346530326233353836656339356631 64396634656334643030623536313236663438653730663266346530326233353836656339356631

0
playbooks/apps/files/gitea/docker-compose.yaml → playbooks/apps/files/git/docker-compose.yaml
View file

0
playbooks/apps/files/gitea/gitea.env → playbooks/apps/files/git/gitea.env
View file

33
playbooks/apps/gitea.yaml
View file

@ -1,23 +1,11 @@
--- ---
- name: Setup gitea - name: Gitea
hosts: servers hosts: servers
gather_facts: false gather_facts: false
tasks: tasks:
- name: Create dir - name: Docker
ansible.builtin.file: ansible.builtin.include_role:
path: "{{ dir }}" name: docker
state: directory
mode: "0775"
- name: Write env file
ansible.builtin.copy:
src: files/gitea/gitea.env
dest: "{{ dir }}/gitea.env"
mode: "0644"
- name: Write docker-compose.yaml
ansible.builtin.copy:
src: files/gitea/docker-compose.yaml
dest: "{{ dir }}/docker-compose.yaml"
mode: "0644"
- name: Write app.ini - name: Write app.ini
ansible.builtin.template: ansible.builtin.template:
src: templates/gitea_app.ini.j2 src: templates/gitea_app.ini.j2
@ -25,19 +13,10 @@
mode: "0600" mode: "0600"
notify: notify:
- Restart service - Restart service
- name: Ensure service is started
community.docker.docker_compose_v2:
project_src: "{{ dir }}"
state: present
handlers:
- name: Restart service
community.docker.docker_compose_v2:
project_src: "{{ dir }}"
state: restarted
vars: vars:
dir: /mnt/data/git docker_app_name: git
dir: /mnt/data/{{ docker_app_name }}
lfs_jwt_secret: !vault | lfs_jwt_secret: !vault |
$ANSIBLE_VAULT;1.1;AES256 $ANSIBLE_VAULT;1.1;AES256
34656631616165623233353835386162343837363230366136303764613334323262313233616462 34656631616165623233353835386162343837363230366136303764613334323262313233616462

40
playbooks/apps/template.yaml.dist
View file

@ -3,42 +3,8 @@
hosts: servers hosts: servers
gather_facts: false gather_facts: false
tasks: tasks:
- name: Create dir - include_role:
ansible.builtin.file: name: docker
path: "{{ dir }}"
state: directory
mode: "0775"
- name: Write files
ansible.builtin.copy:
src: "{{ item }}"
dest: "{{ dir }}/"
mode: preserve
with_fileglob:
- files/{{ app_name }}/*
- files/{{ app_name }}/.*
notify:
- Restart service
- name: Write templates
ansible.builtin.template:
src: "{{ item }}"
dest: "{{ dir }}/{{ item | basename | regex_replace('\\.j2$', '') }}"
mode: preserve
with_fileglob:
- templates/{{ app_name }}/*.j2
- templates/{{ app_name }}/.*.j2
notify:
- Restart service
- name: Ensure service is started
community.docker.docker_compose_v2:
project_src: "{{ dir }}"
state: present
handlers:
- name: Restart service
community.docker.docker_compose_v2:
project_src: "{{ dir }}"
state: restarted
vars: vars:
app_name: ==APP== docker_app_name: ==APP==
dir: /mnt/data/{{ app_name }}

41
playbooks/apps/test_headers.yaml
View file

@ -3,42 +3,9 @@
hosts: servers hosts: servers
gather_facts: false gather_facts: false
tasks: tasks:
- name: Create dir - name: Docker
ansible.builtin.file: ansible.builtin.include_role:
path: "{{ dir }}" name: docker
state: directory
mode: "0775"
- name: Write files
ansible.builtin.copy:
src: "{{ item }}"
dest: "{{ dir }}/"
mode: preserve
with_fileglob:
- files/{{ app_name }}/*
- files/{{ app_name }}/.*
notify:
- Restart service
- name: Write templates
ansible.builtin.template:
src: "{{ item }}"
dest: "{{ dir }}/{{ item | basename | regex_replace('\\.j2$', '') }}"
mode: preserve
with_fileglob:
- templates/{{ app_name }}/*.j2
- templates/{{ app_name }}/.*.j2
notify:
- Restart service
- name: Ensure service is started
community.docker.docker_compose_v2:
project_src: "{{ dir }}"
state: present
handlers:
- name: Restart service
community.docker.docker_compose_v2:
project_src: "{{ dir }}"
state: restarted
vars: vars:
app_name: test_headers docker_app_name: test_headers
dir: /mnt/data/{{ app_name }}

41
playbooks/apps/wallabag.yaml
View file

@ -3,45 +3,12 @@
hosts: servers hosts: servers
gather_facts: false gather_facts: false
tasks: tasks:
- name: Create dir - name: Docker
ansible.builtin.file: ansible.builtin.include_role:
path: "{{ dir }}" name: docker
state: directory
mode: "0775"
- name: Write files
ansible.builtin.copy:
src: "{{ item }}"
dest: "{{ dir }}/"
mode: preserve
with_fileglob:
- files/{{ app_name }}/*
- files/{{ app_name }}/.*
notify:
- Restart service
- name: Write templates
ansible.builtin.template:
src: "{{ item }}"
dest: "{{ dir }}/{{ item | basename | regex_replace('\\.j2$', '') }}"
mode: preserve
with_fileglob:
- templates/{{ app_name }}/*.j2
- templates/{{ app_name }}/.*.j2
notify:
- Restart service
- name: Ensure service is started
community.docker.docker_compose_v2:
project_src: "{{ dir }}"
state: present
handlers:
- name: Restart service
community.docker.docker_compose_v2:
project_src: "{{ dir }}"
state: restarted
vars: vars:
app_name: wallabag docker_app_name: wallabag
dir: /mnt/data/{{ app_name }}
secret_key: !vault | secret_key: !vault |
$ANSIBLE_VAULT;1.1;AES256 $ANSIBLE_VAULT;1.1;AES256
31346432623062383331306633383230376264326530643236393838356166346563653637376666 31346432623062383331306633383230376264326530643236393838356166346563653637376666

3
roles/docker/defaults/main.yaml Normal file
View file

@ -0,0 +1,3 @@
---
docker_app_name: some-app
docker_dir: /mnt/data/{{ docker_app_name }}

5
roles/docker/handlers/main.yaml Normal file
View file

@ -0,0 +1,5 @@
---
- name: Restart service
community.docker.docker_compose_v2:
project_src: "{{ docker_dir }}"
state: restarted

30
roles/docker/tasks/main.yaml Normal file
View file

@ -0,0 +1,30 @@
---
- name: Create dir
ansible.builtin.file:
path: "{{ docker_dir }}"
state: directory
mode: "0775"
- name: Write files
ansible.builtin.copy:
src: "{{ item }}"
dest: "{{ docker_dir }}/"
mode: preserve
with_fileglob:
- files/{{ docker_app_name }}/*
- files/{{ docker_app_name }}/.*
notify:
- Restart service
- name: Write templates
ansible.builtin.template:
src: "{{ item }}"
dest: "{{ docker_dir }}/{{ item | basename | regex_replace('\\.j2$', '') }}"
mode: preserve
with_fileglob:
- templates/{{ docker_app_name }}/*.j2
- templates/{{ docker_app_name }}/.*.j2
notify:
- Restart service
- name: Ensure service is started
community.docker.docker_compose_v2:
project_src: "{{ docker_dir }}"
state: present