docker-compose: dir owner (#231)

Co-authored-by: Michael Grote <michael.grote@posteo.de> Reviewed-on: mg/ansible#231 Co-authored-by: mg <michael.grote@posteo.de> Co-committed-by: mg <michael.grote@posteo.de>
2021-10-22 15:58:27 +02:00 · 2021-10-22 15:58:27 +02:00 · 3cdb9ec604
commit 3cdb9ec604
parent b311fc8236
6 changed files with 24 additions and 4 deletions
--- a/host_vars/docker-test.grote.lan.yml
+++ b/host_vars/docker-test.grote.lan.yml
@ -6,6 +6,7 @@
      dir_name: docker-homer
      repository_url: git.mgrote.net/mg/docker-homer
      state: present
      os_username: mg
      git_branch: test
    - name: watchtower
      dir_name: docker-watchtower
@ -13,14 +14,12 @@
      repository_user: mg
      repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
      state: present
-    - name: lazydocker
+      os_username: mg
      dir_name: docker-lazydocker
      repository_url: git.mgrote.net/mg/docker-lazydocker
      state: absent # danach löschen
    - name: munin-master-test
      dir_name: docker-munin-master-test
      repository_url: git.mgrote.net/mg/docker-munin-master_test
      state: present
      os_username: mg
  ### geerlingguy.munin-node
  munin_node_allowed_cidrs: [0.0.0.0/0] # weil der munin-server aus einem anderen subnet zugreift
  munin_node_allowed_ips: # weil der munin-server aus einem anderen subnet zugreift
--- a/host_vars/docker2.grote.lan.yml
+++ b/host_vars/docker2.grote.lan.yml
@ -5,20 +5,24 @@
      dir_name: docker-munin-master
      repository_url: git.mgrote.net/mg/docker-munin-master_production
      state: present
      os_username: mg
    - name: watchtower
      dir_name: docker-watchtower
      repository_url: git.mgrote.net/mg/docker-watchtower
      state: present
      os_username: mg
    - name: homer
      dir_name: docker-homer
      repository_url: git.mgrote.net/mg/docker-homer
      state: present
      os_username: mg
    - name: unifi-controller
      dir_name: docker-unifi-controller
      repository_url: git.mgrote.net/mg/docker-unifi-controller
      repository_user: mg
      repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
      state: present
      os_username: mg
  ### geerlingguy.munin-node
  munin_node_allowed_cidrs: [0.0.0.0/0] # weil der munin-server aus einem anderen subnet zugreift
  munin_node_allowed_ips: # weil der munin-server aus einem anderen subnet zugreift
--- a/host_vars/docker3.grote.lan.yml
+++ b/host_vars/docker3.grote.lan.yml
@ -7,18 +7,21 @@
      repository_user: mg
      repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
      state: present
      os_username: mg
    - name: navidrome-mg
      dir_name: docker-navidrome-mg
      repository_url: git.mgrote.net/mg/docker-navidrome-mg
      repository_user: mg
      repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
      state: present
      os_username: mg
    - name: nightscout
      dir_name: docker-nightscout
      repository_url: git.mgrote.net/mg/docker-nightscout
      repository_user: mg
      repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
      state: present
      os_username: mg
    - name: traefik
      dir_name: docker-traefik
      repository_url: git.mgrote.net/mg/docker-traefik
@ -26,10 +29,12 @@
      repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
      network_name: nw_proxy_traefik
      state: present
      os_username: mg
    - name: watchtower
      dir_name: docker-watchtower
      repository_url: git.mgrote.net/mg/docker-watchtower
      state: present
      os_username: mg
  ### mgrote.restic
  restic_folders_to_backup: /usr/local /etc /root /home /var/lib/docker
--- a/host_vars/docker4.grote.lan.yml
+++ b/host_vars/docker4.grote.lan.yml
@ -5,14 +5,17 @@
      dir_name: docker-watchtower
      repository_url: git.mgrote.net/mg/docker-watchtower
      state: present
      os_username: mg
    - name: ansible-ara
      dir_name: docker-ansible-ara
      repository_url: git.mgrote.net/mg/docker-ansible-ara
      state: present
      os_username: mg
    - name: photoprism # wird der container woanders hin verschoben restic ausnahmen wieder eintrage, oder /var/lib/docker aus restic entfernen
      dir_name: docker-photoprism
      repository_url: git.mgrote.net/mg/docker-photoprism
      state: present
      os_username: mg
      repository_user: mg
      repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
--- a/roles/mgrote.docker-compose-deploy/README.md
+++ b/roles/mgrote.docker-compose-deploy/README.md
@ -22,6 +22,7 @@ docker_compose_projects:
    network_name: homer-network                         # docker-network to create; optional; just dont let it empty, remove it
    state: present|absent                               # should the project be present or absent?
    git_branch: master                                  # branch to checkout; optional; just dont let it empty, remove it
    os_username: mg                                     # user who should get permissions on the directory
 ```
--- a/roles/mgrote.docker-compose-deploy/tasks/dockercompose-up.yml
+++ b/roles/mgrote.docker-compose-deploy/tasks/dockercompose-up.yml
@ -32,6 +32,14 @@
      version: "{{ item.git_branch | default ('master') }}"
    register: repo
  - name: set owner recursive for repo
    file:
      path: "{{ project_dir }}"
      owner: "{{ item.os_username }}"
      group: "{{ item.os_username }}"
      recurse: yes
    when: repo is changed
  - name: create networks - "{{ item.name }}"
    ansible.builtin.shell: "docker network create {{ item.network_name }}" # erstelle network
    when: "item.network_name is defined" # wenn network_name definiert ist