serguzim/services
Archived
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Improve ansible stuff and prepare caddy

Browse source
This commit is contained in:
Tobias Reisinger 2023-06-26 01:17:41 +02:00
parent 2d8c670110
commit 3b9ed6a4f4
Signed by: serguzim
GPG key ID: 13AD60C237A28DFE
10 changed files with 83 additions and 42 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
_ansible/README.md Normal file
View file

@ -0,0 +1,13 @@
# Ansible project to deploy services
## Variables
### CLI variable overwrites
#### force_gitea_runner_registration
`-e force_gitea_runner_registration=True`
Force gitea-runner to prompt a new registration token.
#### docker_update
`-e docker_update=True`
Pull and build the docker compose services

1
_ansible/inventory/group_vars/all/main.yml
View file

@ -11,3 +11,4 @@ mailer:
services_path: /opt/services/ services_path: /opt/services/
caddy_config_path: "{{ (services_path, 'caddy', 'config', 'conf.d') | path_join }}" caddy_config_path: "{{ (services_path, 'caddy', 'config', 'conf.d') | path_join }}"
managed_sites: []

2
_ansible/local-dev.yml
View file

@ -14,3 +14,5 @@
- umami - umami
- watchtower - watchtower
- wiki-js - wiki-js
- caddy

11
_ansible/roles/caddy/tasks/clean-sites.yml Normal file
View file

@ -0,0 +1,11 @@
- name: Find caddy site configs, but exclude managed sites
ansible.builtin.find:
paths: "{{ caddy_config_path }}"
excludes: "{{ managed_sites | default([]) }}"
register: files_to_delete
- name: Remove unmanaged sites
file:
path: "{{ item.path }}"
state: absent
with_items: "{{ files_to_delete.files }}"

11
_ansible/roles/caddy/tasks/main.yml Normal file
View file

@ -0,0 +1,11 @@
---
- name: Deploy {{ svc.name }}
tags:
- caddy
- reverse_proxy
- webserver
block:
- import_tasks: deploy-common-service.yml
- import_tasks: clean-sites.yml
- import_tasks: reload-caddy.yml

16
_ansible/roles/caddy/tasks/reload-caddy.yml Normal file
View file

@ -0,0 +1,16 @@
- name: Check caddy configuration
ansible.builtin.command:
cmd: docker compose exec app sh -c "caddy validate --config /etc/caddy/Caddyfile"
chdir: "{{ service_path }}"
when: "'local-dev' != inventory_hostname"
register: cmd_result
changed_when: false
- name: Reload caddy configuration
ansible.builtin.command:
cmd: docker compose exec app sh -c "caddy reload --config /etc/caddy/Caddyfile"
chdir: "{{ service_path }}"
when:
- "'local-dev' != inventory_hostname"
- cmd_result.rc == 0
changed_when: true # TODO find a way to detect changes

3
_ansible/tasks/deploy-common-service.yml
View file

@ -1,5 +1,6 @@
- import_tasks: steps/create-service-directory.yml - import_tasks: steps/create-service-directory.yml
- import_tasks: steps/template-docker-compose.yml - import_tasks: steps/template-docker-compose.yml
- import_tasks: steps/template-service-env.yml - import_tasks: steps/template-service-env.yml
- import_tasks: steps/template-site-config.yml - include_tasks: steps/template-site-config.yml
when: svc.domain is defined
- import_tasks: steps/start-service.yml - import_tasks: steps/start-service.yml

22
_ansible/tasks/steps/start-service.yml
View file

@ -1,3 +1,25 @@
- name: Build service
ansible.builtin.command:
cmd: docker compose build --pull
chdir: "{{ service_path }}"
when:
- "'local-dev' != inventory_hostname"
- docker_update is defined
- docker_update
register: cmd_result
changed_when: True
- name: Pull service
ansible.builtin.command:
cmd: docker compose pull --ignore-buildable
chdir: "{{ service_path }}"
when:
- "'local-dev' != inventory_hostname"
- docker_update is defined
- docker_update
register: cmd_result
changed_when: True
- name: Start service - name: Start service
ansible.builtin.command: ansible.builtin.command:
cmd: docker compose up -d cmd: docker compose up -d

7
_ansible/tasks/steps/template-site-config.yml
View file

@ -1,6 +1,9 @@
- name: Template caddy config - name: Template caddy site
ansible.builtin.template: ansible.builtin.template:
src: caddy_site.conf.j2 src: caddy_site.conf.j2
dest: "{{ (caddy_config_path, svc.domain + '.conf') | path_join }}" dest: "{{ (caddy_config_path, svc.domain + '.conf') | path_join }}"
mode: "0644" mode: "0644"
when: svc.domain is defined
- name: Register caddy site
ansible.builtin.set_fact:
managed_sites: "{{ managed_sites + [svc.domain + '.conf'] }}"

39
create.sh
View file

@ -1,39 +0,0 @@
#!/usr/bin/env sh
printf "Project name: "
read -r PROJECT
mkdir -p "$PROJECT"
cd "$PROJECT" || exit
printf "Image name: "
read -r IMAGE
printf "App name (network alias): "
read -r NAME
printf "Enable watchtower [true/false]: "
read -r WATCHTOWER_ENABLE
cat <<EOF >"docker-compose.yml"
version: '3'
services:
app:
image: ${IMAGE}
restart: always
labels:
com.centurylinklabs.watchtower.enable: ${WATCHTOWER_ENABLE}
env_file:
- .env
- .secret.env
networks:
apps:
aliases:
- ${NAME}
networks:
apps:
external: true
EOF
vim -O2 "docker-compose.yml" ".env"