Port database service
This commit is contained in:
parent
f6104035d4
commit
0a1e0625ab
@ -2,19 +2,7 @@
|
|||||||
- name: "Deploy services"
|
- name: "Deploy services"
|
||||||
hosts: asgard
|
hosts: asgard
|
||||||
|
|
||||||
vars:
|
|
||||||
versions:
|
|
||||||
database:
|
|
||||||
postgres: "15.0"
|
|
||||||
cloud:
|
|
||||||
nextcloud: "25-fpm"
|
|
||||||
git:
|
|
||||||
gitea: "1"
|
|
||||||
notes:
|
|
||||||
joplin: "2.9-beta"
|
|
||||||
|
|
||||||
tasks:
|
tasks:
|
||||||
- import_tasks: tasks/services/c-deploy/00-hosts.yml
|
|
||||||
- include_tasks: tasks/services/c-deploy/01-service-deploy.yml
|
- include_tasks: tasks/services/c-deploy/01-service-deploy.yml
|
||||||
with_items: "{{ host_services }}"
|
with_items: "{{ host_services }}"
|
||||||
loop_control:
|
loop_control:
|
||||||
|
@ -1 +0,0 @@
|
|||||||
{{ services[service_name].password }}
|
|
@ -1,16 +0,0 @@
|
|||||||
- block:
|
|
||||||
|
|
||||||
- name: Create database password
|
|
||||||
template:
|
|
||||||
src: "{{ local_service_home }}/.config/{{ service_user_name }}.template/database.password.j2"
|
|
||||||
dest: "{{ service_home }}/.config/{{ service_user_name }}/database.password"
|
|
||||||
mode: 0600
|
|
||||||
register: database_password_file
|
|
||||||
|
|
||||||
- name: Record changes
|
|
||||||
set_fact:
|
|
||||||
service_changed: true
|
|
||||||
when:
|
|
||||||
database_password_file is changed
|
|
||||||
|
|
||||||
become_user: "{{ service_user_name }}"
|
|
@ -87,3 +87,16 @@
|
|||||||
vars:
|
vars:
|
||||||
services_service_name: "lrproxy"
|
services_service_name: "lrproxy"
|
||||||
tags: "always"
|
tags: "always"
|
||||||
|
|
||||||
|
- name: "deploy"
|
||||||
|
ansible.builtin.include_role:
|
||||||
|
name: "deploy/database"
|
||||||
|
apply:
|
||||||
|
tags:
|
||||||
|
- "services:{{ services_service_name }}"
|
||||||
|
- "services:deploy"
|
||||||
|
- "services:deploy:{{ services_service_name }}"
|
||||||
|
- "services:{{ services_service_name }}:deploy"
|
||||||
|
vars:
|
||||||
|
services_service_name: "database"
|
||||||
|
tags: "always"
|
||||||
|
60
plays/services/roles/deploy/database/tasks/main.yml
Normal file
60
plays/services/roles/deploy/database/tasks/main.yml
Normal file
@ -0,0 +1,60 @@
|
|||||||
|
- name: "set the user variables"
|
||||||
|
ansible.builtin.import_role:
|
||||||
|
name: "include"
|
||||||
|
vars_from: "user"
|
||||||
|
|
||||||
|
- name: "set the version variables"
|
||||||
|
ansible.builtin.import_role:
|
||||||
|
name: "deploy/include"
|
||||||
|
vars_from: "versions"
|
||||||
|
|
||||||
|
- block:
|
||||||
|
|
||||||
|
- name: "configure postgres password"
|
||||||
|
ansible.builtin.template:
|
||||||
|
src: "./postgres/database.password.j2"
|
||||||
|
dest: "{{ services_service_user_home }}/.config/{{ services_service_user_name }}/database.password"
|
||||||
|
mode: 0600
|
||||||
|
register: services_deploy_database_password_file
|
||||||
|
|
||||||
|
- name: "configure systemd service"
|
||||||
|
ansible.builtin.template:
|
||||||
|
src: "./systemd/{{ item }}.j2"
|
||||||
|
dest: "{{ services_service_user_home }}/.config/systemd/user/{{ item }}"
|
||||||
|
mode: 0644
|
||||||
|
loop:
|
||||||
|
- "pod-database.service"
|
||||||
|
- "container-database-postgres.service"
|
||||||
|
register: services_deploy_database_systemd_files
|
||||||
|
|
||||||
|
- name: "systemd user daemon reload"
|
||||||
|
ansible.builtin.systemd:
|
||||||
|
daemon_reload: true
|
||||||
|
scope: "user"
|
||||||
|
when:
|
||||||
|
services_deploy_database_systemd_files.changed
|
||||||
|
|
||||||
|
- name: "enable the service"
|
||||||
|
ansible.builtin.systemd:
|
||||||
|
name: "pod-{{ services_service_name }}.service"
|
||||||
|
enabled: true
|
||||||
|
scope: "user"
|
||||||
|
|
||||||
|
- name: "start the service"
|
||||||
|
ansible.builtin.systemd:
|
||||||
|
name: "pod-{{ services_service_name }}.service"
|
||||||
|
state: "started"
|
||||||
|
scope: "user"
|
||||||
|
register: services_deploy_database_service_start
|
||||||
|
|
||||||
|
- name: "restart the service"
|
||||||
|
ansible.builtin.systemd:
|
||||||
|
name: "pod-{{ services_service_name }}.service"
|
||||||
|
state: restarted
|
||||||
|
scope: user
|
||||||
|
when:
|
||||||
|
(services_deploy_database_password_file.changed or
|
||||||
|
services_deploy_database_systemd_files.changed) and
|
||||||
|
not services_deploy_database_service_start.changed
|
||||||
|
|
||||||
|
become_user: "{{ services_service_user_name }}"
|
@ -0,0 +1 @@
|
|||||||
|
{{ services[services_service_name].password }}
|
@ -27,7 +27,7 @@ ExecStart=/usr/bin/podman run \
|
|||||||
-e POSTGRES_INITDB_WALDIR=/var/lib/postgresql-wal \
|
-e POSTGRES_INITDB_WALDIR=/var/lib/postgresql-wal \
|
||||||
-v /var/lib/yggdrasil/data/pod-database/data/_data:/var/lib/postgresql/data \
|
-v /var/lib/yggdrasil/data/pod-database/data/_data:/var/lib/postgresql/data \
|
||||||
--name=pod-database-postgres \
|
--name=pod-database-postgres \
|
||||||
docker.io/library/postgres:{{ versions.database.postgres }}
|
docker.io/library/postgres:{{ services_deploy_versions.database.postgres }}
|
||||||
ExecStop=/usr/bin/podman stop --ignore --cidfile %t/container-database-postgres.ctr-id -t 10
|
ExecStop=/usr/bin/podman stop --ignore --cidfile %t/container-database-postgres.ctr-id -t 10
|
||||||
ExecStopPost=/usr/bin/podman rm --ignore -f --cidfile %t/container-database-postgres.ctr-id
|
ExecStopPost=/usr/bin/podman rm --ignore -f --cidfile %t/container-database-postgres.ctr-id
|
||||||
PIDFile=%t/container-database-postgres.pid
|
PIDFile=%t/container-database-postgres.pid
|
15
plays/services/roles/deploy/include/vars/versions.yml
Normal file
15
plays/services/roles/deploy/include/vars/versions.yml
Normal file
@ -0,0 +1,15 @@
|
|||||||
|
services_deploy_versions:
|
||||||
|
rproxy:
|
||||||
|
nginx: "stable"
|
||||||
|
www:
|
||||||
|
nginx: "stable"
|
||||||
|
lrproxy:
|
||||||
|
nginx: "stable"
|
||||||
|
database:
|
||||||
|
postgres: "15.0"
|
||||||
|
cloud:
|
||||||
|
nextcloud: "25-fpm"
|
||||||
|
git:
|
||||||
|
gitea: "1"
|
||||||
|
notes:
|
||||||
|
joplin: "2.9-beta"
|
@ -3,6 +3,11 @@
|
|||||||
name: "include"
|
name: "include"
|
||||||
vars_from: "user"
|
vars_from: "user"
|
||||||
|
|
||||||
|
- name: "set the version variables"
|
||||||
|
ansible.builtin.import_role:
|
||||||
|
name: "deploy/include"
|
||||||
|
vars_from: "versions"
|
||||||
|
|
||||||
- name: "set the rproxy variables"
|
- name: "set the rproxy variables"
|
||||||
ansible.builtin.include_vars:
|
ansible.builtin.include_vars:
|
||||||
file: "nginx.yml"
|
file: "nginx.yml"
|
||||||
|
@ -27,7 +27,7 @@ ExecStart=/usr/bin/podman run \
|
|||||||
-v ./.config/pod-lrproxy/dhparam.pem:/etc/ssl/certs/dhparam.pem:ro \
|
-v ./.config/pod-lrproxy/dhparam.pem:/etc/ssl/certs/dhparam.pem:ro \
|
||||||
-v /var/lib/yggdrasil/data/pod-lrproxy/etc-letsencrypt/_data:/etc/letsencrypt:ro \
|
-v /var/lib/yggdrasil/data/pod-lrproxy/etc-letsencrypt/_data:/etc/letsencrypt:ro \
|
||||||
--name=pod-lrproxy-nginx \
|
--name=pod-lrproxy-nginx \
|
||||||
docker.io/library/nginx:stable
|
docker.io/library/nginx:{{ services_deploy_versions.lrproxy.nginx }}
|
||||||
ExecStop=/usr/bin/podman stop --ignore --cidfile %t/container-lrproxy-nginx.ctr-id -t 10
|
ExecStop=/usr/bin/podman stop --ignore --cidfile %t/container-lrproxy-nginx.ctr-id -t 10
|
||||||
ExecStopPost=/usr/bin/podman rm --ignore -f --cidfile %t/container-lrproxy-nginx.ctr-id
|
ExecStopPost=/usr/bin/podman rm --ignore -f --cidfile %t/container-lrproxy-nginx.ctr-id
|
||||||
PIDFile=%t/container-lrproxy-nginx.pid
|
PIDFile=%t/container-lrproxy-nginx.pid
|
||||||
|
@ -3,6 +3,11 @@
|
|||||||
name: "include"
|
name: "include"
|
||||||
vars_from: "user"
|
vars_from: "user"
|
||||||
|
|
||||||
|
- name: "set the version variables"
|
||||||
|
ansible.builtin.import_role:
|
||||||
|
name: "deploy/include"
|
||||||
|
vars_from: "versions"
|
||||||
|
|
||||||
- name: "set the rproxy variables"
|
- name: "set the rproxy variables"
|
||||||
ansible.builtin.include_vars:
|
ansible.builtin.include_vars:
|
||||||
file: "nginx.yml"
|
file: "nginx.yml"
|
||||||
|
@ -29,7 +29,7 @@ ExecStart=/usr/bin/podman run \
|
|||||||
-v var-lib-letsencrypt:/var/lib/letsencrypt:ro \
|
-v var-lib-letsencrypt:/var/lib/letsencrypt:ro \
|
||||||
-v var-www-html:/var/www/html \
|
-v var-www-html:/var/www/html \
|
||||||
--name=pod-rproxy-nginx \
|
--name=pod-rproxy-nginx \
|
||||||
docker.io/library/nginx:stable
|
docker.io/library/nginx:{{ services_deploy_versions.www.nginx }}
|
||||||
ExecStop=/usr/bin/podman stop --ignore --cidfile %t/container-rproxy-nginx.ctr-id -t 10
|
ExecStop=/usr/bin/podman stop --ignore --cidfile %t/container-rproxy-nginx.ctr-id -t 10
|
||||||
ExecStopPost=/usr/bin/podman rm --ignore -f --cidfile %t/container-rproxy-nginx.ctr-id
|
ExecStopPost=/usr/bin/podman rm --ignore -f --cidfile %t/container-rproxy-nginx.ctr-id
|
||||||
PIDFile=%t/container-rproxy-nginx.pid
|
PIDFile=%t/container-rproxy-nginx.pid
|
||||||
|
@ -3,6 +3,11 @@
|
|||||||
name: "include"
|
name: "include"
|
||||||
vars_from: "user"
|
vars_from: "user"
|
||||||
|
|
||||||
|
- name: "set the version variables"
|
||||||
|
ansible.builtin.import_role:
|
||||||
|
name: "deploy/include"
|
||||||
|
vars_from: "versions"
|
||||||
|
|
||||||
- name: "check if hugo is installed"
|
- name: "check if hugo is installed"
|
||||||
ansible.builtin.stat:
|
ansible.builtin.stat:
|
||||||
path: "/usr/local/bin/hugo"
|
path: "/usr/local/bin/hugo"
|
||||||
|
@ -24,7 +24,7 @@ ExecStart=/usr/bin/podman run \
|
|||||||
-v /etc/resolv.conf:/etc/resolv.conf:ro \
|
-v /etc/resolv.conf:/etc/resolv.conf:ro \
|
||||||
-v ./.config/pod-www/wojciechkozlowski.eu/public:/usr/share/nginx/html:ro \
|
-v ./.config/pod-www/wojciechkozlowski.eu/public:/usr/share/nginx/html:ro \
|
||||||
--name=pod-www-nginx \
|
--name=pod-www-nginx \
|
||||||
docker.io/library/nginx:stable
|
docker.io/library/nginx:{{ services_deploy_versions.www.nginx }}
|
||||||
ExecStop=/usr/bin/podman stop --ignore --cidfile %t/container-www-nginx.ctr-id -t 10
|
ExecStop=/usr/bin/podman stop --ignore --cidfile %t/container-www-nginx.ctr-id -t 10
|
||||||
ExecStopPost=/usr/bin/podman rm --ignore -f --cidfile %t/container-www-nginx.ctr-id
|
ExecStopPost=/usr/bin/podman rm --ignore -f --cidfile %t/container-www-nginx.ctr-id
|
||||||
PIDFile=%t/container-www-nginx.pid
|
PIDFile=%t/container-www-nginx.pid
|
||||||
|
Loading…
Reference in New Issue
Block a user