Add watchtower to ansible for real and fix .gitignore
This commit is contained in:
parent
5908976abc
commit
9425376412
GPG key ID:
13AD60C237A28DFE
4 changed files with 52 additions and 7 deletions
14
.gitignore
vendored
14
.gitignore
vendored
|
|
@ -6,10 +6,10 @@ serguzim.net.png
|
||||||
diagram_assets/
|
diagram_assets/
|
||||||
|
|
||||||
# services already handled by ansible
|
# services already handled by ansible
|
||||||
acme-dns/
|
/acme-dns/
|
||||||
caddy/config/conf.002.d/acme.serguzim.me.conf
|
/caddy/config/conf.002.d/acme.serguzim.me.conf
|
||||||
gitea/
|
/gitea/
|
||||||
caddy/config/conf.002.d/git.serguzim.me.conf
|
/caddy/config/conf.002.d/git.serguzim.me.conf
|
||||||
umami/
|
/umami/
|
||||||
caddy/config/conf.002.d/analytics.serguzim.me.conf
|
/caddy/config/conf.002.d/analytics.serguzim.me.conf
|
||||||
watchtower/
|
/watchtower/
|
||||||
|
|
|
||||||
3
_ansible/roles/watchtower/files/run-once.sh
Normal file
3
_ansible/roles/watchtower/files/run-once.sh
Normal file
|
|
@ -0,0 +1,3 @@
|
||||||
|
#!/usr/bin/env sh
|
||||||
|
|
||||||
|
docker compose run -e WATCHTOWER_RUN_ONCE=true -e WATCHTOWER_NOTIFICATIONS= watchtower
|
||||||
15
_ansible/roles/watchtower/tasks/main.yml
Normal file
15
_ansible/roles/watchtower/tasks/main.yml
Normal file
|
|
@ -0,0 +1,15 @@
|
||||||
|
---
|
||||||
|
- name: Deploy {{ svc.name }}
|
||||||
|
tags:
|
||||||
|
- watchtower
|
||||||
|
- container
|
||||||
|
block:
|
||||||
|
- import_tasks: steps/create-service-directory.yml
|
||||||
|
- import_tasks: steps/template-docker-compose.yml
|
||||||
|
- import_tasks: steps/template-service-env.yml
|
||||||
|
|
||||||
|
- name: Copy the run-once script
|
||||||
|
ansible.builtin.copy:
|
||||||
|
src: run-once.sh
|
||||||
|
dest: "{{ (service_path, 'run-once.sh') | path_join }}"
|
||||||
|
mode: '0755'
|
||||||
27
_ansible/roles/watchtower/vars/main.yml
Normal file
27
_ansible/roles/watchtower/vars/main.yml
Normal file
|
|
@ -0,0 +1,27 @@
|
||||||
|
svc:
|
||||||
|
name: watchtower
|
||||||
|
|
||||||
|
svc_env:
|
||||||
|
WATCHTOWER_LABEL_ENABLE: true
|
||||||
|
WATCHTOWER_CLEANUP: true
|
||||||
|
WATCHTOWER_SCHEDULE: "0 27 20 * * *"
|
||||||
|
|
||||||
|
WATCHTOWER_NOTIFICATIONS: email
|
||||||
|
WATCHTOWER_NOTIFICATION_EMAIL_FROM: "{{ svc.name }}@serguzim.me"
|
||||||
|
WATCHTOWER_NOTIFICATION_EMAIL_TO: "{{ admin_email }}"
|
||||||
|
WATCHTOWER_NOTIFICATION_EMAIL_SERVER: "{{ mailer.host }}"
|
||||||
|
WATCHTOWER_NOTIFICATION_EMAIL_SERVER_PORT: "{{ mailer.port }}"
|
||||||
|
WATCHTOWER_NOTIFICATION_EMAIL_SERVER_USER: "{{ svc.name }}@serguzim.me"
|
||||||
|
WATCHTOWER_NOTIFICATION_EMAIL_SERVER_PASSWORD: "{{ vault_watchtower.mailer.pass }}"
|
||||||
|
WATCHTOWER_NOTIFICATION_EMAIL_DELAY: 5
|
||||||
|
|
||||||
|
compose:
|
||||||
|
watchtower: false
|
||||||
|
image: containerrr/watchtower
|
||||||
|
env: true
|
||||||
|
volumes:
|
||||||
|
- /var/run/docker.sock:/var/run/docker.sock
|
||||||
|
file:
|
||||||
|
services:
|
||||||
|
app:
|
||||||
|
hostname: "{{ ansible_facts.hostname }}"
|
||||||
Reference in a new issue