docker_networks: replace self-written code with module (#599)

Reviewed-on: #599
Co-authored-by: Michael Grote <michael.grote@posteo.de>
Co-committed-by: Michael Grote <michael.grote@posteo.de>
This commit is contained in:
Michael Grote 2023-11-12 21:53:11 +01:00 committed by mg
parent f4db26b373
commit 55f002f828
6 changed files with 25 additions and 22 deletions

View file

@ -3,6 +3,7 @@ version: '3'
services:
woodpecker-server:
restart: always
container_name: woodpecker-server
image: woodpeckerci/woodpecker-server:latest
ports:

View file

@ -7,6 +7,7 @@ pip_install_packages:
- name: ara
- name: jmespath
- name: ansible
- name: docker-compose
### mgrote.apt_manage_packages
apt_packages_extra:

View file

@ -14,8 +14,10 @@ lvm_groups:
mntp: /var/lib/docker
manage_lvm: true
pvresize_to_max: true
### mgrote.restic
restic_folders_to_backup: "/ /var/lib/docker" # --one-file-system ist gesetzt, also werden weitere Dateisysteme nicht eingeschlossen, es sei denn sie werden hier explizit angegeben; https://restic.readthedocs.io/en/latest/040_backup.html#excluding-files
### mgrote.user
users:
- username: mg
@ -47,6 +49,8 @@ users:
docker_users:
- mg
- docker-user
docker_install_compose: true
docker_add_repo: false # erstelle kein Repo-Eintrag unter /etc/apt/sources.list.d/, steht explizit unter "repos_override"
### mgrote.docker-compose-deploy
docker_compose_base_dir: /home/docker-user

View file

@ -73,6 +73,9 @@ compose_files:
network: traefik
- name: photoprism
state: present
- name: whoami
state: absent
network: traefik_test
### oefenweb.ufw
ufw_rules:

View file

@ -2,6 +2,7 @@ collections:
- git+https://git.mgrote.net/ansible-collections-mirrors/community.general
- git+https://git.mgrote.net/ansible-collections-mirrors/community.crypto
- git+https://git.mgrote.net/ansible-collections-mirrors/ansible.posix
- git+https://git.mgrote.net/ansible-collections-mirrors/community.docker
roles:
- src: https://git.mgrote.net/ansible-roles-mirrors/pyratlabs-ansible-role-k3s
scm: git

View file

@ -9,7 +9,7 @@
group: "{{ compose_group }}"
# https://codeutility.org/ansible-can-the-templates-module-handle-multiple-templates-directories-stack-overflow/
- name: copy all directories recursively
- name: ensure all directories exists
ansible.builtin.file:
dest: "{{ compose_dest_basedir }}/{{ item | replace(compose_src_basedir + '/', '') }}"
state: directory
@ -18,7 +18,7 @@
group: "{{ compose_group }}"
with_items: "{{ lookup('pipe', 'find '+ compose_src_basedir +'/ -type d').split('\n') }}"
- name: copy all files recursively (can take a long time)
- name: ensure all files exists (can take a long time)
ansible.builtin.copy:
mode: "{{ compose_file_permissions }}"
owner: "{{ compose_owner }}"
@ -28,7 +28,7 @@
with_items: "{{ lookup('pipe', 'find '+ compose_src_basedir +'/ -type f -not -name *.j2 ').split('\n') }}"
no_log: true
- name: copy templates files recursively
- name: ensure templated files exists
ansible.builtin.template:
mode: "{{ compose_file_permissions }}"
owner: "{{ compose_owner }}"
@ -36,24 +36,18 @@
src: "{{ item }}"
dest: "{{ compose_dest_basedir }}/{{ item | replace(compose_src_basedir + '/', '') | replace('.j2', '') }}"
with_items: "{{ lookup('pipe', 'find '+ compose_src_basedir +'/ -type f -name *.j2').split('\n') }}"
register: copy_template
no_log: true
# - name: print $copy_template
# ansible.builtin.debug:
# var: copy_template
- name: create networks
- name: Ensure needed networks exists
become: true
ansible.builtin.command: "docker network create {{ item.network }}" # erstelle network
register: network_result # speichere ergebnis in var
changed_when: "network_result.rc == 0" # markiere tasks als changed when exit-code == 0
failed_when:
- "not 'Error response from daemon: network with name' in network_result.stderr"
- "not network_result.rc == 0"
community.docker.docker_network:
name: "{{ item.network }}"
state: present
internal: false
enable_ipv6: false
driver: bridge
loop: "{{ compose_files }}"
when:
- item.state == "present"
- item.network is defined
- name: (re)start container
@ -78,16 +72,15 @@
- item.state == "absent"
ignore_errors: true # noqa ignore-errors
- name: remove old networks
- name: Ensure old networks are absent
become: true
ansible.builtin.command: "docker network remove {{ item.network }}" # erstelle network
register: network_result # speichere ergebnis in var
changed_when: "network_result.rc == 0" # markiere tasks als changed when exit-code == 0
ignore_errors: true # noqa ignore-errors
community.docker.docker_network:
name: "{{ item.network }}"
state: absent
loop: "{{ compose_files }}"
when:
- item.state == "absent"
- item.network is defined
- item.state == "absent"
- name: remove old docker-compose files & directories
become: true