role: docker erweitert (#166)

bugfix no log

base dir set fact

state vars

state

Doku tasks

unnütze kennwörter entfernt

nutzer optional

dir_name darf empty sein

erstelle docker-networks

Co-authored-by: Michael Grote <michael.grote@posteo.de>
Reviewed-on: mg/ansible#166
Co-Authored-By: mg <mg@noreply.git.mgrote.net>
Co-Committed-By: mg <mg@noreply.git.mgrote.net>
This commit is contained in:
Michael Grote 2021-07-20 10:14:07 +02:00
parent dc76186744
commit 7ce808198e
10 changed files with 112 additions and 48 deletions

View file

@ -5,10 +5,16 @@
- name: homer - name: homer
dir_name: docker-homer dir_name: docker-homer
repository_url: git.mgrote.net/mg/docker-homer repository_url: git.mgrote.net/mg/docker-homer
repository_user: mg state: present
repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
- name: watchtower - name: watchtower
dir_name: docker-watchtower dir_name: docker-watchtower
repository_url: git.mgrote.net/mg/docker-watchtower repository_url: git.mgrote.net/mg/docker-watchtower
repository_user: mg repository_user: mg
repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}" repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
state: present
- name: munin-master
dir_name: docker-munin-master
repository_url: git.mgrote.net/mg/docker-munin-master
repository_user: mg
repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
state: absent

View file

@ -7,21 +7,21 @@
repository_url: git.mgrote.net/mg/docker-munin-master repository_url: git.mgrote.net/mg/docker-munin-master
repository_user: mg repository_user: mg
repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}" repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
state: present
- name: watchtower - name: watchtower
dir_name: docker-watchtower dir_name: docker-watchtower
repository_url: git.mgrote.net/mg/docker-watchtower repository_url: git.mgrote.net/mg/docker-watchtower
repository_user: mg state: present
repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
- name: homer - name: homer
dir_name: docker-homer dir_name: docker-homer
repository_url: git.mgrote.net/mg/docker-homer repository_url: git.mgrote.net/mg/docker-homer
repository_user: mg state: present
repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
- name: unifi-controller - name: unifi-controller
dir_name: docker-unifi-controller dir_name: docker-unifi-controller
repository_url: git.mgrote.net/mg/docker-unifi-controller repository_url: git.mgrote.net/mg/docker-unifi-controller
repository_user: mg repository_user: mg
repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}" repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
state: present
### geerlingguy.munin-node ### geerlingguy.munin-node
munin_node_allowed_cidrs: [0.0.0.0/0] # weil der munin-server aus einem anderen subnet zugreift munin_node_allowed_cidrs: [0.0.0.0/0] # weil der munin-server aus einem anderen subnet zugreift
munin_node_allowed_ips: # weil der munin-server aus einem anderen subnet zugreift munin_node_allowed_ips: # weil der munin-server aus einem anderen subnet zugreift

View file

@ -7,23 +7,27 @@
repository_url: git.mgrote.net/mg/docker-miniflux repository_url: git.mgrote.net/mg/docker-miniflux
repository_user: mg repository_user: mg
repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}" repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
state: present
- name: navidrome-mg - name: navidrome-mg
dir_name: docker-navidrome-mg dir_name: docker-navidrome-mg
repository_url: git.mgrote.net/mg/docker-navidrome-mg repository_url: git.mgrote.net/mg/docker-navidrome-mg
repository_user: mg repository_user: mg
repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}" repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
state: present
- name: nightscout - name: nightscout
dir_name: docker-nightscout dir_name: docker-nightscout
repository_url: git.mgrote.net/mg/docker-nightscout repository_url: git.mgrote.net/mg/docker-nightscout
repository_user: mg repository_user: mg
repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}" repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
state: present
- name: traefik - name: traefik
dir_name: docker-traefik dir_name: docker-traefik
repository_url: git.mgrote.net/mg/docker-traefik repository_url: git.mgrote.net/mg/docker-traefik
repository_user: mg repository_user: mg
repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}" repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"
network_name: nw_proxy_traefik
state: present
- name: watchtower - name: watchtower
dir_name: docker-watchtower dir_name: docker-watchtower
repository_url: git.mgrote.net/mg/docker-watchtower repository_url: git.mgrote.net/mg/docker-watchtower
repository_user: mg state: present
repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"

View file

@ -5,5 +5,4 @@
- name: watchtower - name: watchtower
dir_name: docker-watchtower dir_name: docker-watchtower
repository_url: git.mgrote.net/mg/docker-watchtower repository_url: git.mgrote.net/mg/docker-watchtower
repository_user: mg state: present
repository_user_password: "{{ lookup('keepass', 'gitea_mg_https_password', 'password') }}"

View file

@ -9,7 +9,20 @@ Die `docker-compose.yml` mit im Repository-Root liegen.
- [x] Ubuntu (>=20.04) - [x] Ubuntu (>=20.04)
### Variablen + Defaults ### Variablen + Defaults
see [defaults](./defaults/main.yml) ```
# Directory where all Repos get saved
docker_compose_base_dir: /home/mg/docker
# Dictionary of Repositories
docker_compose_projects:
- name: homer # Name of Project, is alo the dir_name if it isn't set
dir_name: docker-homer # Directory-Name where the repo is saved; optional; just dont let it empty, remove it
repository_url: git.mgrote.net/mg/docker-homer.git # URL to repository, WITHOUT protocol; only https supported
repository_user: mg # git user for login on private Repositories; optional; just dont let it empty, remove it
repository_user_password: k1BvXXXXXXXrbg # git user password for login on private Repositories; optional; just dont let it empty, remove it
network_name: homer-network # docker-network to create; optional; just dont let it empty, remove it
state: present|absent # should the project be present or absent?
```
### Benötigt ### Benötigt

View file

@ -1,9 +0,0 @@
---
# docker_compose_base_dir: /home/mg/docker # Directory where all Repos get saved
# docker_compose_projects: # Dictionary of Repositories
# - name: homer # Name
# dir_name: docker-homer # DirectoryNAME where the repo is saved
# repository_url: git.mgrote.net/mg/docker-homer.git #URL to repository, WITHOUT protocol; only https supported
# repository_user: mg # git user
# repository_user_password: k1BvXXXXXXXrbg #git user password

View file

@ -0,0 +1,24 @@
---
- name: set dir - "{{ item.name }}"
set_fact:
project_dir: "{{ docker_compose_base_dir }}/{{ item.dir_name | default (item.name) }}"
when:
- docker_compose_base_dir is defined
- docker_compose_projects is defined
- name: check if dir exists
stat:
path: "{{ project_dir }}"
register: dir
- name: stop container - "{{ item.name }}"
ansible.builtin.shell: docker-compose down
args:
chdir: "{{ project_dir }}"
when: dir.stat.exists == true
- name: remove repository - "{{ item.name }}"
ansible.builtin.file:
state: absent
dest: "{{ project_dir }}"
when: dir.stat.exists == true

View file

@ -0,0 +1,45 @@
---
- name: set username and passwort - "{{ item.name }}"
set_fact:
login: "{{ item.repository_user }}:{{ item.repository_user_password }}@"
when:
- item.repository_user is defined
- item.repository_user_password is defined
- name: set dir - "{{ item.name }}"
set_fact:
project_dir: "{{ docker_compose_base_dir }}/{{ item.dir_name | default (item.name) }}"
when:
- docker_compose_base_dir is defined
- docker_compose_projects is defined
- name: check if repo exists - "{{ item.name }}"
stat:
path: "{{ project_dir }}"
register: repo_exists
- name: stash changes - "{{ item.name }}"
ansible.builtin.shell: git stash
args:
chdir: "{{ project_dir }}"
changed_when: false
when: repo_exists.stat.exists == true
- name: clone public repository - "{{ item.name }}"
ansible.builtin.git:
repo: "https://{{ login | default () }}{{ item.repository_url }}"
dest: "{{ project_dir }}"
register: repo
- name: create networks - "{{ item.name }}"
ansible.builtin.shell: "docker network create {{ item.network_name }}" # erstelle network
when: "item.network_name is defined" # wenn network_name definiert ist
register: network_result # speichere ergebnis in var
changed_when: "network_result.rc == 0" # markiere tasks als changed when exit-code == 0
ignore_errors: yes # ignoriere fehler
- name: (re)start container - "{{ item.name }}"
ansible.builtin.shell: docker-compose down && docker-compose up -d
args:
chdir: "{{ project_dir }}"
when: repo.changed

View file

@ -1,24 +0,0 @@
---
- name: check if repo exists
stat:
path: "{{ docker_compose_base_dir }}/{{ item.dir_name }}"
register: repo_exists
- name: stash changes
ansible.builtin.shell: git stash
args:
chdir: "{{ docker_compose_base_dir }}/{{ item.dir_name }}"
changed_when: false
when: repo_exists.stat.exists == true
- name: clone public repository - "{{ item.name }}"
ansible.builtin.git:
repo: "https://{{ item.repository_user }}:{{ item.repository_user_password }}@{{ item.repository_url }}"
dest: "{{ docker_compose_base_dir }}/{{ item.dir_name }}"
register: repo
- name: (re)start container - "{{ item.name }}"
ansible.builtin.shell: docker-compose down && docker-compose up -d
args:
chdir: "{{ docker_compose_base_dir }}/{{ item.dir_name }}"
when: repo.changed

View file

@ -1,8 +1,14 @@
--- ---
- name: loop docker tasks - name: loop docker tasks - up
include_tasks: dockercompose.yml include_tasks: dockercompose-up.yml
loop: "{{ docker_compose_projects }}" loop: "{{ docker_compose_projects }}"
when: when:
- docker_compose_base_dir is defined - item.state == "present"
- docker_compose_projects is defined no_log: true
- name: loop docker tasks - down
include_tasks: dockercompose-down.yml
loop: "{{ docker_compose_projects }}"
when:
- item.state == "absent"
no_log: true no_log: true