Migrate services part

2024-09-27 00:02:36 +02:00 · 2024-09-27 00:02:36 +02:00 · 73bce8f6e5
commit 73bce8f6e5
parent 7c59e4ae57
157 changed files with 3883 additions and 9 deletions
--- a/roles/lego/tasks/config.yml
+++ b/roles/lego/tasks/config.yml
@ -0,0 +1,19 @@
+---
+- name: Set config path
+  ansible.builtin.set_fact:
+    config_path: "{{ (service_path, 'config') | path_join }}"
+- name: Create config directory
+  ansible.builtin.file:
+    path: "{{ config_path }}"
+    state: directory
+    mode: "0755"
+- name: Copy the acme-dns-accounts
+  ansible.builtin.template:
+    src: "json.j2"
+    dest: "{{ (config_path, 'acme-dns-accounts.json') | path_join }}"
+    mode: "0644"
+- name: Copy the hook script
+  ansible.builtin.copy:
+    src: "hook.sh"
+    dest: "{{ (config_path, 'hook.sh') | path_join }}"
+    mode: "0755"
--- a/roles/lego/tasks/lego.d.yml
+++ b/roles/lego/tasks/lego.d.yml
@ -0,0 +1,16 @@
+---
+- name: Set lego.d path
+  ansible.builtin.set_fact:
+    lego_d_path: "{{ (service_path, 'lego.d') | path_join }}"
+- name: Create lego.d directory
+  ansible.builtin.file:
+    path: "{{ lego_d_path }}"
+    state: directory
+    mode: "0755"
+- name: Copy the additional lego scripts
+  ansible.builtin.copy:
+    src: "{{ item }}"
+    dest: "{{ lego_d_path }}"
+    mode: "0755"
+  with_fileglob:
+    - "{{ ansible_facts.hostname }}/*"
--- a/roles/lego/tasks/main.yml
+++ b/roles/lego/tasks/main.yml
@ -0,0 +1,35 @@
+---
+- name: Set common facts
+  ansible.builtin.import_tasks: tasks/set-default-facts.yml
+
+- name: Deploy {{ svc.name }}
+  vars:
+    svc: "{{ lego_svc }}"
+    env: "{{ lego_env }}"
+    json: "{{ vault_acmedns_registered | acmedns_to_lego }}"
+    compose: "{{ lego_compose }}"
+  block:
+    - name: Import prepare tasks for common service
+      ansible.builtin.import_tasks: tasks/prepare-common-service.yml
+
+    - name: Create _certificates directory
+      ansible.builtin.file:
+        path: "{{ certificates_path }}"
+        state: directory
+        mode: "0755"
+
+    - name: Import tasks specific to the config directory
+      ansible.builtin.import_tasks: config.yml
+    - name: Import tasks specific to lego.d
+      ansible.builtin.import_tasks: lego.d.yml
+    - name: Import tasks specific to systemd
+      ansible.builtin.import_tasks: systemd.yml
+
+    - name: Copy the run script
+      ansible.builtin.copy:
+        src: "lego.sh"
+        dest: "{{ (service_path, 'lego.sh') | path_join }}"
+        mode: "0755"
+
+    - name: Import tasks create a service.env file
+      ansible.builtin.import_tasks: tasks/steps/template-service-env.yml
--- a/roles/lego/tasks/systemd.yml
+++ b/roles/lego/tasks/systemd.yml
@ -0,0 +1,24 @@
+---
+- name: Copy the system service
+  ansible.builtin.template:
+    src: lego@.service.j2
+    dest: /etc/systemd/system/lego@.service
+    mode: "0644"
+  become: true
+- name: Copy the system timer
+  ansible.builtin.copy:
+    src: lego@.timer
+    dest: /etc/systemd/system/lego@.timer
+    mode: "0644"
+  become: true
+- name: Enable the system timers
+  ansible.builtin.systemd_service:
+    name: lego@{{ item }}.timer
+    state: started
+    enabled: true
+    daemon_reload: true
+  loop:
+    - msrg.cc
+    - db.serguzim.me
+    - registry.serguzim.me
+  become: true