rolle: docker-compose-deploy (#155)

git stash doku vars aufgeteilt doku aufgeräumt no log doku vars passwort entfernt und neu gesetzt keepass: gitea_mg_https_password angelegt dependencies vars auskommentiert readme vars wip ordnernamen als var basisrolle steht basis musterrolle geklont Co-authored-by: Michael Grote <michael.grote@posteo.de> Reviewed-on: mg/ansible#155 Co-Authored-By: mg <mg@noreply.git.mgrote.net> Co-Committed-By: mg <mg@noreply.git.mgrote.net>
2021-07-16 12:38:15 +02:00 · 2021-07-16 12:38:15 +02:00 · 68d9bd0dbd
commit 68d9bd0dbd
parent 89ceefa1d3
10 changed files with 127 additions and 2 deletions
--- a/group_vars/docker.yml
+++ b/group_vars/docker.yml
@ -14,8 +14,6 @@
        **/**AppData***/**
        /var/lib/docker/volumes/***Musik***
        /var/lib/docker/volumes/***musik***
        /var/lib/docker/volumes/***musik***
        /var/lib/docker/volumes/***musik***
        /var/lib/docker/volumes/docker-photoprism_pp_smb_bilder***/**
        # https://github.com/restic/restic/issues/1005
        # https://forum.restic.net/t/exclude-syntax-confusion/1531/12
--- a/host_vars/docker-test.grote.lan.yml
+++ b/host_vars/docker-test.grote.lan.yml
@ -0,0 +1,9 @@
 ---
  ### mgrote.docker-compose-deploy
  docker_compose_base_dir: /home/mg/docker
  docker_compose_projects:
    - name: homer
      dir_name: docker-homer
      repository_url: git.mgrote.net/mg/docker-homer
      repository_user: mg
      repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
--- a/host_vars/docker.grote.lan.yml
+++ b/host_vars/docker.grote.lan.yml
@ -0,0 +1,49 @@
 ---
  ### mgrote.docker-compose-deploy
  docker_compose_base_dir: /home/mg/docker
  docker_compose_projects:
    - name: homer
      dir_name: docker-homer
      repository_url: git.mgrote.net/mg/docker-homer
      repository_user: mg
      repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
    - name: miniflux
      dir_name: docker-miniflux
      repository_url: git.mgrote.net/mg/docker-miniflux
      repository_user: mg
      repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
    - name: munin-master
      dir_name: docker-munin-master
      repository_url: git.mgrote.net/mg/docker-munin-master
      repository_user: mg
      repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
    - name: navidrome-mg
      dir_name: docker-navidrome-mg
      repository_url: git.mgrote.net/mg/docker-navidrome-mg
      repository_user: mg
      repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
    - name: nightscout
      dir_name: docker-nightscout
      repository_url: git.mgrote.net/mg/docker-nightscout
      repository_user: mg
      repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
    - name: photoprism
      dir_name: docker-photoprism
      repository_url: git.mgrote.net/mg/docker-photoprism
      repository_user: mg
      repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
    - name: traefik
      dir_name: docker-traefik
      repository_url: git.mgrote.net/mg/docker-traefik
      repository_user: mg
      repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
    - name: unifi-controller
      dir_name: docker-unifi-controller
      repository_url: git.mgrote.net/mg/docker-unifi-controller
      repository_user: mg
      repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
    - name: watchtower
      dir_name: docker-watchtower
      repository_url: git.mgrote.net/mg/docker-watchtower
      repository_user: mg
      repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
--- a/keepass_db.kdbx
+++ b/keepass_db.kdbx
--- a/playbooks/3_service/docker.yml
+++ b/playbooks/3_service/docker.yml
@ -4,3 +4,4 @@
    - { role: geerlingguy.pip, tags: "pip", become: true }
    - { role: geerlingguy.docker, tags: "docker", become: true }
    - { role: gantsign.ctop, tags: "ctop", become: true }
    - { role: mgrote.docker-compose-deploy, tags: "compose", become: true }
--- a/roles/mgrote.docker-compose-deploy/README.md
+++ b/roles/mgrote.docker-compose-deploy/README.md
@ -0,0 +1,16 @@
 ## mgrote.docker-compose-deploy
 ### Beschreibung
 Klont Repositories und startet dir darin enthaltenen `docker-compose`-Projekte.
 Abhängigkeiten werden nicht aufgelöst, z.B. fehlende Netze(`docker network create nw_proxy_traefik`)
 Die `docker-compose.yml` mit im Repository-Root liegen.
 ### Getestet auf
 - [x] Ubuntu (>=20.04)
 ### Variablen + Defaults
 see [defaults](./defaults/main.yml)
 ### Benötigt
 - `geerlingguy.docker`
--- a/roles/mgrote.docker-compose-deploy/defaults/main.yml
+++ b/roles/mgrote.docker-compose-deploy/defaults/main.yml
@ -0,0 +1,9 @@
 ---
 #  docker_compose_base_dir: /home/mg/docker # Directory where all Repos get saved
 #  docker_compose_projects: # Dictionary of Repositories
 #    - name: homer # Name
 #      dir_name: docker-homer # DirectoryNAME where the repo is saved
 #      repository_url: git.mgrote.net/mg/docker-homer.git #URL to repository, WITHOUT protocol; only https supported
 #      repository_user: mg # git user
 #      repository_user_password: k1BvXXXXXXXrbg #git user password
--- a/roles/mgrote.docker-compose-deploy/meta/main.yml
+++ b/roles/mgrote.docker-compose-deploy/meta/main.yml
@ -0,0 +1,3 @@
 ---
  dependencies:
    - role: geerlingguy.docker
--- a/roles/mgrote.docker-compose-deploy/tasks/dockercompose.yml
+++ b/roles/mgrote.docker-compose-deploy/tasks/dockercompose.yml
@ -0,0 +1,32 @@
 ---
  - name: check if repo exists
    stat:
      path: "{{ docker_compose_base_dir }}/{{ item.dir_name }}"
    register: repo_exists
  - name: stash changes
    ansible.builtin.shell: git stash
    args:
      chdir: "{{ docker_compose_base_dir }}/{{ item.dir_name }}"
    changed_when: false
    when: repo_exists.stat.exists == true
    register: stashed
  - name: clone public repository - "{{ item.name }}"
    ansible.builtin.git:
      repo: "https://{{ item.repository_user }}:{{ item.repository_user_password }}@{{ item.repository_url }}"
      dest: "{{ docker_compose_base_dir }}/{{ item.dir_name }}"
    register: repo
  - name: pop stashed changes
    ansible.builtin.shell: git stash pop
    args:
      chdir: "{{ docker_compose_base_dir }}/{{ item.dir_name }}"
    changed_when: false
    when: stashed.changed
  - name: (re)start container - "{{ item.name }}"
    ansible.builtin.shell: docker-compose down && docker-compose up -d
    args:
      chdir: "{{ docker_compose_base_dir }}/{{ item.dir_name }}"
    when: repo.changed
--- a/roles/mgrote.docker-compose-deploy/tasks/main.yml
+++ b/roles/mgrote.docker-compose-deploy/tasks/main.yml
@ -0,0 +1,8 @@
 ---
  - name: loop docker tasks
    include_tasks: dockercompose.yml
    loop: "{{ docker_compose_projects }}"
    when:
      - docker_compose_base_dir is defined
      - docker_compose_projects is defined
    no_log: true