mg/homeserver
1
0
Fork 0
Code Issues 1 Pull requests 3 Activity Actions

docker_networks: replace self-written code with module (#599)

Browse source 
Reviewed-on: #599
Co-authored-by: Michael Grote <michael.grote@posteo.de>
Co-committed-by: Michael Grote <michael.grote@posteo.de>
This commit is contained in:
Michael Grote 2023-11-12 21:53:11 +01:00 committed by mg
parent f4db26b373
commit 55f002f828
6 changed files with 25 additions and 22 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
docker-compose/woodpecker/docker-compose.yml.j2
View file

@ -3,6 +3,7 @@ version: '3'
services: services:
woodpecker-server: woodpecker-server:
restart: always
container_name: woodpecker-server container_name: woodpecker-server
image: woodpeckerci/woodpecker-server:latest image: woodpeckerci/woodpecker-server:latest
ports: ports:

1
group_vars/ansible.yml
View file

@ -7,6 +7,7 @@ pip_install_packages:
- name: ara - name: ara
- name: jmespath - name: jmespath
- name: ansible - name: ansible
- name: docker-compose
### mgrote.apt_manage_packages ### mgrote.apt_manage_packages
apt_packages_extra: apt_packages_extra:

4
group_vars/docker.yml
View file

@ -14,8 +14,10 @@ lvm_groups:
mntp: /var/lib/docker mntp: /var/lib/docker
manage_lvm: true manage_lvm: true
pvresize_to_max: true pvresize_to_max: true
### mgrote.restic ### mgrote.restic
restic_folders_to_backup: "/ /var/lib/docker" # --one-file-system ist gesetzt, also werden weitere Dateisysteme nicht eingeschlossen, es sei denn sie werden hier explizit angegeben; https://restic.readthedocs.io/en/latest/040_backup.html#excluding-files restic_folders_to_backup: "/ /var/lib/docker" # --one-file-system ist gesetzt, also werden weitere Dateisysteme nicht eingeschlossen, es sei denn sie werden hier explizit angegeben; https://restic.readthedocs.io/en/latest/040_backup.html#excluding-files
### mgrote.user ### mgrote.user
users: users:
- username: mg - username: mg
@ -47,6 +49,8 @@ users:
docker_users: docker_users:
- mg - mg
- docker-user - docker-user
docker_install_compose: true
docker_add_repo: false # erstelle kein Repo-Eintrag unter /etc/apt/sources.list.d/, steht explizit unter "repos_override"
### mgrote.docker-compose-deploy ### mgrote.docker-compose-deploy
docker_compose_base_dir: /home/docker-user docker_compose_base_dir: /home/docker-user

3
host_vars/docker10.grote.lan.yml
View file

@ -73,6 +73,9 @@ compose_files:
network: traefik network: traefik
- name: photoprism - name: photoprism
state: present state: present
- name: whoami
state: absent
network: traefik_test
### oefenweb.ufw ### oefenweb.ufw
ufw_rules: ufw_rules:

1
requirements.yml
View file

@ -2,6 +2,7 @@ collections:
- git+https://git.mgrote.net/ansible-collections-mirrors/community.general - git+https://git.mgrote.net/ansible-collections-mirrors/community.general
- git+https://git.mgrote.net/ansible-collections-mirrors/community.crypto - git+https://git.mgrote.net/ansible-collections-mirrors/community.crypto
- git+https://git.mgrote.net/ansible-collections-mirrors/ansible.posix - git+https://git.mgrote.net/ansible-collections-mirrors/ansible.posix
- git+https://git.mgrote.net/ansible-collections-mirrors/community.docker
roles: roles:
- src: https://git.mgrote.net/ansible-roles-mirrors/pyratlabs-ansible-role-k3s - src: https://git.mgrote.net/ansible-roles-mirrors/pyratlabs-ansible-role-k3s
scm: git scm: git

37
roles/mgrote_docker_compose_inline/tasks/main.yml
View file

@ -9,7 +9,7 @@
group: "{{ compose_group }}" group: "{{ compose_group }}"
# https://codeutility.org/ansible-can-the-templates-module-handle-multiple-templates-directories-stack-overflow/ # https://codeutility.org/ansible-can-the-templates-module-handle-multiple-templates-directories-stack-overflow/
- name: copy all directories recursively - name: ensure all directories exists
ansible.builtin.file: ansible.builtin.file:
dest: "{{ compose_dest_basedir }}/{{ item | replace(compose_src_basedir + '/', '') }}" dest: "{{ compose_dest_basedir }}/{{ item | replace(compose_src_basedir + '/', '') }}"
state: directory state: directory
@ -18,7 +18,7 @@
group: "{{ compose_group }}" group: "{{ compose_group }}"
with_items: "{{ lookup('pipe', 'find '+ compose_src_basedir +'/ -type d').split('\n') }}" with_items: "{{ lookup('pipe', 'find '+ compose_src_basedir +'/ -type d').split('\n') }}"
- name: copy all files recursively (can take a long time) - name: ensure all files exists (can take a long time)
ansible.builtin.copy: ansible.builtin.copy:
mode: "{{ compose_file_permissions }}" mode: "{{ compose_file_permissions }}"
owner: "{{ compose_owner }}" owner: "{{ compose_owner }}"
@ -28,7 +28,7 @@
with_items: "{{ lookup('pipe', 'find '+ compose_src_basedir +'/ -type f -not -name *.j2 ').split('\n') }}" with_items: "{{ lookup('pipe', 'find '+ compose_src_basedir +'/ -type f -not -name *.j2 ').split('\n') }}"
no_log: true no_log: true
- name: copy templates files recursively - name: ensure templated files exists
ansible.builtin.template: ansible.builtin.template:
mode: "{{ compose_file_permissions }}" mode: "{{ compose_file_permissions }}"
owner: "{{ compose_owner }}" owner: "{{ compose_owner }}"
@ -36,24 +36,18 @@
src: "{{ item }}" src: "{{ item }}"
dest: "{{ compose_dest_basedir }}/{{ item | replace(compose_src_basedir + '/', '') | replace('.j2', '') }}" dest: "{{ compose_dest_basedir }}/{{ item | replace(compose_src_basedir + '/', '') | replace('.j2', '') }}"
with_items: "{{ lookup('pipe', 'find '+ compose_src_basedir +'/ -type f -name *.j2').split('\n') }}" with_items: "{{ lookup('pipe', 'find '+ compose_src_basedir +'/ -type f -name *.j2').split('\n') }}"
register: copy_template
no_log: true no_log: true
# - name: print $copy_template - name: Ensure needed networks exists
# ansible.builtin.debug:
# var: copy_template
- name: create networks
become: true become: true
ansible.builtin.command: "docker network create {{ item.network }}" # erstelle network community.docker.docker_network:
register: network_result # speichere ergebnis in var name: "{{ item.network }}"
changed_when: "network_result.rc == 0" # markiere tasks als changed when exit-code == 0 state: present
failed_when: internal: false
- "not 'Error response from daemon: network with name' in network_result.stderr" enable_ipv6: false
- "not network_result.rc == 0" driver: bridge
loop: "{{ compose_files }}" loop: "{{ compose_files }}"
when: when:
- item.state == "present"
- item.network is defined - item.network is defined
- name: (re)start container - name: (re)start container
@ -78,16 +72,15 @@
- item.state == "absent" - item.state == "absent"
ignore_errors: true # noqa ignore-errors ignore_errors: true # noqa ignore-errors
- name: remove old networks - name: Ensure old networks are absent
become: true become: true
ansible.builtin.command: "docker network remove {{ item.network }}" # erstelle network community.docker.docker_network:
register: network_result # speichere ergebnis in var name: "{{ item.network }}"
changed_when: "network_result.rc == 0" # markiere tasks als changed when exit-code == 0 state: absent
ignore_errors: true # noqa ignore-errors
loop: "{{ compose_files }}" loop: "{{ compose_files }}"
when: when:
- item.state == "absent"
- item.network is defined - item.network is defined
- item.state == "absent"
- name: remove old docker-compose files & directories - name: remove old docker-compose files & directories
become: true become: true