role: docker erweitert (#166)
bugfix no log base dir set fact state vars state Doku tasks unnütze kennwörter entfernt nutzer optional dir_name darf empty sein erstelle docker-networks Co-authored-by: Michael Grote <michael.grote@posteo.de> Reviewed-on: mg/ansible#166 Co-Authored-By: mg <mg@noreply.git.mgrote.net> Co-Committed-By: mg <mg@noreply.git.mgrote.net>
This commit is contained in:
parent
dc76186744
commit
7ce808198e
10 changed files with 112 additions and 48 deletions
|
@ -5,10 +5,16 @@
|
||||||
- name: homer
|
- name: homer
|
||||||
dir_name: docker-homer
|
dir_name: docker-homer
|
||||||
repository_url: git.mgrote.net/mg/docker-homer
|
repository_url: git.mgrote.net/mg/docker-homer
|
||||||
repository_user: mg
|
state: present
|
||||||
repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
|
|
||||||
- name: watchtower
|
- name: watchtower
|
||||||
dir_name: docker-watchtower
|
dir_name: docker-watchtower
|
||||||
repository_url: git.mgrote.net/mg/docker-watchtower
|
repository_url: git.mgrote.net/mg/docker-watchtower
|
||||||
repository_user: mg
|
repository_user: mg
|
||||||
repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
|
repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
|
||||||
|
state: present
|
||||||
|
- name: munin-master
|
||||||
|
dir_name: docker-munin-master
|
||||||
|
repository_url: git.mgrote.net/mg/docker-munin-master
|
||||||
|
repository_user: mg
|
||||||
|
repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
|
||||||
|
state: absent
|
||||||
|
|
|
@ -7,21 +7,21 @@
|
||||||
repository_url: git.mgrote.net/mg/docker-munin-master
|
repository_url: git.mgrote.net/mg/docker-munin-master
|
||||||
repository_user: mg
|
repository_user: mg
|
||||||
repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
|
repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
|
||||||
|
state: present
|
||||||
- name: watchtower
|
- name: watchtower
|
||||||
dir_name: docker-watchtower
|
dir_name: docker-watchtower
|
||||||
repository_url: git.mgrote.net/mg/docker-watchtower
|
repository_url: git.mgrote.net/mg/docker-watchtower
|
||||||
repository_user: mg
|
state: present
|
||||||
repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
|
|
||||||
- name: homer
|
- name: homer
|
||||||
dir_name: docker-homer
|
dir_name: docker-homer
|
||||||
repository_url: git.mgrote.net/mg/docker-homer
|
repository_url: git.mgrote.net/mg/docker-homer
|
||||||
repository_user: mg
|
state: present
|
||||||
repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
|
|
||||||
- name: unifi-controller
|
- name: unifi-controller
|
||||||
dir_name: docker-unifi-controller
|
dir_name: docker-unifi-controller
|
||||||
repository_url: git.mgrote.net/mg/docker-unifi-controller
|
repository_url: git.mgrote.net/mg/docker-unifi-controller
|
||||||
repository_user: mg
|
repository_user: mg
|
||||||
repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
|
repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
|
||||||
|
state: present
|
||||||
### geerlingguy.munin-node
|
### geerlingguy.munin-node
|
||||||
munin_node_allowed_cidrs: [0.0.0.0/0] # weil der munin-server aus einem anderen subnet zugreift
|
munin_node_allowed_cidrs: [0.0.0.0/0] # weil der munin-server aus einem anderen subnet zugreift
|
||||||
munin_node_allowed_ips: # weil der munin-server aus einem anderen subnet zugreift
|
munin_node_allowed_ips: # weil der munin-server aus einem anderen subnet zugreift
|
||||||
|
|
|
@ -7,23 +7,27 @@
|
||||||
repository_url: git.mgrote.net/mg/docker-miniflux
|
repository_url: git.mgrote.net/mg/docker-miniflux
|
||||||
repository_user: mg
|
repository_user: mg
|
||||||
repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
|
repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
|
||||||
|
state: present
|
||||||
- name: navidrome-mg
|
- name: navidrome-mg
|
||||||
dir_name: docker-navidrome-mg
|
dir_name: docker-navidrome-mg
|
||||||
repository_url: git.mgrote.net/mg/docker-navidrome-mg
|
repository_url: git.mgrote.net/mg/docker-navidrome-mg
|
||||||
repository_user: mg
|
repository_user: mg
|
||||||
repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
|
repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
|
||||||
|
state: present
|
||||||
- name: nightscout
|
- name: nightscout
|
||||||
dir_name: docker-nightscout
|
dir_name: docker-nightscout
|
||||||
repository_url: git.mgrote.net/mg/docker-nightscout
|
repository_url: git.mgrote.net/mg/docker-nightscout
|
||||||
repository_user: mg
|
repository_user: mg
|
||||||
repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
|
repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
|
||||||
|
state: present
|
||||||
- name: traefik
|
- name: traefik
|
||||||
dir_name: docker-traefik
|
dir_name: docker-traefik
|
||||||
repository_url: git.mgrote.net/mg/docker-traefik
|
repository_url: git.mgrote.net/mg/docker-traefik
|
||||||
repository_user: mg
|
repository_user: mg
|
||||||
repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
|
repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
|
||||||
|
network_name: nw_proxy_traefik
|
||||||
|
state: present
|
||||||
- name: watchtower
|
- name: watchtower
|
||||||
dir_name: docker-watchtower
|
dir_name: docker-watchtower
|
||||||
repository_url: git.mgrote.net/mg/docker-watchtower
|
repository_url: git.mgrote.net/mg/docker-watchtower
|
||||||
repository_user: mg
|
state: present
|
||||||
repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
|
|
||||||
|
|
|
@ -5,5 +5,4 @@
|
||||||
- name: watchtower
|
- name: watchtower
|
||||||
dir_name: docker-watchtower
|
dir_name: docker-watchtower
|
||||||
repository_url: git.mgrote.net/mg/docker-watchtower
|
repository_url: git.mgrote.net/mg/docker-watchtower
|
||||||
repository_user: mg
|
state: present
|
||||||
repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
|
|
||||||
|
|
|
@ -9,7 +9,20 @@ Die `docker-compose.yml` mit im Repository-Root liegen.
|
||||||
- [x] Ubuntu (>=20.04)
|
- [x] Ubuntu (>=20.04)
|
||||||
|
|
||||||
### Variablen + Defaults
|
### Variablen + Defaults
|
||||||
see [defaults](./defaults/main.yml)
|
```
|
||||||
|
# Directory where all Repos get saved
|
||||||
|
docker_compose_base_dir: /home/mg/docker
|
||||||
|
|
||||||
|
# Dictionary of Repositories
|
||||||
|
docker_compose_projects:
|
||||||
|
- name: homer # Name of Project, is alo the dir_name if it isn't set
|
||||||
|
dir_name: docker-homer # Directory-Name where the repo is saved; optional; just dont let it empty, remove it
|
||||||
|
repository_url: git.mgrote.net/mg/docker-homer.git # URL to repository, WITHOUT protocol; only https supported
|
||||||
|
repository_user: mg # git user for login on private Repositories; optional; just dont let it empty, remove it
|
||||||
|
repository_user_password: k1BvXXXXXXXrbg # git user password for login on private Repositories; optional; just dont let it empty, remove it
|
||||||
|
network_name: homer-network # docker-network to create; optional; just dont let it empty, remove it
|
||||||
|
state: present|absent # should the project be present or absent?
|
||||||
|
```
|
||||||
|
|
||||||
|
|
||||||
### Benötigt
|
### Benötigt
|
||||||
|
|
|
@ -1,9 +0,0 @@
|
||||||
---
|
|
||||||
# docker_compose_base_dir: /home/mg/docker # Directory where all Repos get saved
|
|
||||||
|
|
||||||
# docker_compose_projects: # Dictionary of Repositories
|
|
||||||
# - name: homer # Name
|
|
||||||
# dir_name: docker-homer # DirectoryNAME where the repo is saved
|
|
||||||
# repository_url: git.mgrote.net/mg/docker-homer.git #URL to repository, WITHOUT protocol; only https supported
|
|
||||||
# repository_user: mg # git user
|
|
||||||
# repository_user_password: k1BvXXXXXXXrbg #git user password
|
|
|
@ -0,0 +1,24 @@
|
||||||
|
---
|
||||||
|
- name: set dir - "{{ item.name }}"
|
||||||
|
set_fact:
|
||||||
|
project_dir: "{{ docker_compose_base_dir }}/{{ item.dir_name | default (item.name) }}"
|
||||||
|
when:
|
||||||
|
- docker_compose_base_dir is defined
|
||||||
|
- docker_compose_projects is defined
|
||||||
|
|
||||||
|
- name: check if dir exists
|
||||||
|
stat:
|
||||||
|
path: "{{ project_dir }}"
|
||||||
|
register: dir
|
||||||
|
|
||||||
|
- name: stop container - "{{ item.name }}"
|
||||||
|
ansible.builtin.shell: docker-compose down
|
||||||
|
args:
|
||||||
|
chdir: "{{ project_dir }}"
|
||||||
|
when: dir.stat.exists == true
|
||||||
|
|
||||||
|
- name: remove repository - "{{ item.name }}"
|
||||||
|
ansible.builtin.file:
|
||||||
|
state: absent
|
||||||
|
dest: "{{ project_dir }}"
|
||||||
|
when: dir.stat.exists == true
|
|
@ -0,0 +1,45 @@
|
||||||
|
---
|
||||||
|
- name: set username and passwort - "{{ item.name }}"
|
||||||
|
set_fact:
|
||||||
|
login: "{{ item.repository_user }}:{{ item.repository_user_password }}@"
|
||||||
|
when:
|
||||||
|
- item.repository_user is defined
|
||||||
|
- item.repository_user_password is defined
|
||||||
|
|
||||||
|
- name: set dir - "{{ item.name }}"
|
||||||
|
set_fact:
|
||||||
|
project_dir: "{{ docker_compose_base_dir }}/{{ item.dir_name | default (item.name) }}"
|
||||||
|
when:
|
||||||
|
- docker_compose_base_dir is defined
|
||||||
|
- docker_compose_projects is defined
|
||||||
|
|
||||||
|
- name: check if repo exists - "{{ item.name }}"
|
||||||
|
stat:
|
||||||
|
path: "{{ project_dir }}"
|
||||||
|
register: repo_exists
|
||||||
|
|
||||||
|
- name: stash changes - "{{ item.name }}"
|
||||||
|
ansible.builtin.shell: git stash
|
||||||
|
args:
|
||||||
|
chdir: "{{ project_dir }}"
|
||||||
|
changed_when: false
|
||||||
|
when: repo_exists.stat.exists == true
|
||||||
|
|
||||||
|
- name: clone public repository - "{{ item.name }}"
|
||||||
|
ansible.builtin.git:
|
||||||
|
repo: "https://{{ login | default () }}{{ item.repository_url }}"
|
||||||
|
dest: "{{ project_dir }}"
|
||||||
|
register: repo
|
||||||
|
|
||||||
|
- name: create networks - "{{ item.name }}"
|
||||||
|
ansible.builtin.shell: "docker network create {{ item.network_name }}" # erstelle network
|
||||||
|
when: "item.network_name is defined" # wenn network_name definiert ist
|
||||||
|
register: network_result # speichere ergebnis in var
|
||||||
|
changed_when: "network_result.rc == 0" # markiere tasks als changed when exit-code == 0
|
||||||
|
ignore_errors: yes # ignoriere fehler
|
||||||
|
|
||||||
|
- name: (re)start container - "{{ item.name }}"
|
||||||
|
ansible.builtin.shell: docker-compose down && docker-compose up -d
|
||||||
|
args:
|
||||||
|
chdir: "{{ project_dir }}"
|
||||||
|
when: repo.changed
|
|
@ -1,24 +0,0 @@
|
||||||
---
|
|
||||||
- name: check if repo exists
|
|
||||||
stat:
|
|
||||||
path: "{{ docker_compose_base_dir }}/{{ item.dir_name }}"
|
|
||||||
register: repo_exists
|
|
||||||
|
|
||||||
- name: stash changes
|
|
||||||
ansible.builtin.shell: git stash
|
|
||||||
args:
|
|
||||||
chdir: "{{ docker_compose_base_dir }}/{{ item.dir_name }}"
|
|
||||||
changed_when: false
|
|
||||||
when: repo_exists.stat.exists == true
|
|
||||||
|
|
||||||
- name: clone public repository - "{{ item.name }}"
|
|
||||||
ansible.builtin.git:
|
|
||||||
repo: "https://{{ item.repository_user }}:{{ item.repository_user_password }}@{{ item.repository_url }}"
|
|
||||||
dest: "{{ docker_compose_base_dir }}/{{ item.dir_name }}"
|
|
||||||
register: repo
|
|
||||||
|
|
||||||
- name: (re)start container - "{{ item.name }}"
|
|
||||||
ansible.builtin.shell: docker-compose down && docker-compose up -d
|
|
||||||
args:
|
|
||||||
chdir: "{{ docker_compose_base_dir }}/{{ item.dir_name }}"
|
|
||||||
when: repo.changed
|
|
|
@ -1,8 +1,14 @@
|
||||||
---
|
---
|
||||||
- name: loop docker tasks
|
- name: loop docker tasks - up
|
||||||
include_tasks: dockercompose.yml
|
include_tasks: dockercompose-up.yml
|
||||||
loop: "{{ docker_compose_projects }}"
|
loop: "{{ docker_compose_projects }}"
|
||||||
when:
|
when:
|
||||||
- docker_compose_base_dir is defined
|
- item.state == "present"
|
||||||
- docker_compose_projects is defined
|
no_log: true
|
||||||
|
|
||||||
|
- name: loop docker tasks - down
|
||||||
|
include_tasks: dockercompose-down.yml
|
||||||
|
loop: "{{ docker_compose_projects }}"
|
||||||
|
when:
|
||||||
|
- item.state == "absent"
|
||||||
no_log: true
|
no_log: true
|
||||||
|
|
Loading…
Reference in a new issue