Fix issues with cloud service

This commit is contained in:
Wojciech Kozlowski 2022-11-03 22:02:47 +01:00
parent baa6583484
commit 3fb47b587d
10 changed files with 81 additions and 23 deletions

View File

@ -0,0 +1 @@
{{ services[service_name].admin_password }}

View File

@ -0,0 +1 @@
{{ services[service_name].admin_user }}

View File

@ -0,0 +1 @@
{{ services[service_name].database_name }}

View File

@ -0,0 +1 @@
{{ services[service_name].database_password }}

View File

@ -0,0 +1 @@
{{ services[service_name].database_user }}

View File

@ -1,10 +1,15 @@
[Unit] [Unit]
Description=Podman container-cloud-cron.service Description=Podman container-cloud-cron.service
Documentation=man:podman-generate-systemd(1) Documentation=man:podman-generate-systemd(1)
Wants=network.target
After=network-online.target
BindsTo=pod-cloud.service
After=pod-cloud.service
OnFailure=status-mail@%n.service OnFailure=status-mail@%n.service
[Service] [Service]
Environment=PODMAN_SYSTEMD_UNIT=%n Environment=PODMAN_SYSTEMD_UNIT=%n
Restart=on-failure
TimeoutStopSec=70 TimeoutStopSec=70
ExecStartPre=/bin/rm -f %t/container-cloud-cron.pid %t/container-cloud-cron.ctr-id ExecStartPre=/bin/rm -f %t/container-cloud-cron.pid %t/container-cloud-cron.ctr-id
ExecStart=/usr/bin/podman run \ ExecStart=/usr/bin/podman run \
@ -13,13 +18,19 @@ ExecStart=/usr/bin/podman run \
--cgroups=no-conmon \ --cgroups=no-conmon \
--pod-id-file %t/pod-cloud.pod-id \ --pod-id-file %t/pod-cloud.pod-id \
--replace \ --replace \
--label "io.containers.autoupdate=image" \
-dt \
--add-host=pod-database:{{ services['database'].address }} \ --add-host=pod-database:{{ services['database'].address }} \
-v /var/lib/yggdrasil/valkyrie-resolv.conf:/etc/resolv.conf:ro \ -v /var/lib/yggdrasil/valkyrie-resolv.conf:/etc/resolv.conf:ro \
-v /var/lib/yggdrasil/data/pod-cloud/nextcloud/_data:/var/www/html \ -v /var/lib/yggdrasil/data/pod-cloud/nextcloud/_data:/var/www/html \
-v /var/lib/yggdrasil/data/pod-cloud/data/_data:/var/www/html/data \ -v /var/lib/yggdrasil/data/pod-cloud/data/_data:/var/www/html/data \
--name=pod-cloud-cron \ --name=pod-cloud-cron \
--user=www-data \
docker.io/library/nextcloud:{{ versions.cloud.nextcloud }} \ docker.io/library/nextcloud:{{ versions.cloud.nextcloud }} \
php -f /var/www/html/cron.php /cron.sh
ExecStop=/usr/bin/podman stop --ignore --cidfile %t/container-cloud-cron.ctr-id -t 10
ExecStopPost=/usr/bin/podman rm --ignore -f --cidfile %t/container-cloud-cron.ctr-id ExecStopPost=/usr/bin/podman rm --ignore -f --cidfile %t/container-cloud-cron.ctr-id
Type=oneshot PIDFile=%t/container-cloud-cron.pid
Type=forking
[Install]
WantedBy=multi-user.target default.target

View File

@ -1,11 +0,0 @@
[Unit]
Description=Run nextcloud cron job
BindsTo=pod-cloud.service
After=pod-cloud.service
[Timer]
OnActiveSec=5min
OnUnitActiveSec=5min
[Install]
WantedBy=pod-cloud.service

View File

@ -24,6 +24,27 @@ ExecStart=/usr/bin/podman run \
-v /var/lib/yggdrasil/valkyrie-resolv.conf:/etc/resolv.conf:ro \ -v /var/lib/yggdrasil/valkyrie-resolv.conf:/etc/resolv.conf:ro \
-v /var/lib/yggdrasil/data/pod-cloud/nextcloud/_data:/var/www/html \ -v /var/lib/yggdrasil/data/pod-cloud/nextcloud/_data:/var/www/html \
-v /var/lib/yggdrasil/data/pod-cloud/data/_data:/var/www/html/data \ -v /var/lib/yggdrasil/data/pod-cloud/data/_data:/var/www/html/data \
-v ./.config/pod-cloud/database.name:/run/secrets/database.name:ro \
-v ./.config/pod-cloud/database.user:/run/secrets/database.user:ro \
-v ./.config/pod-cloud/database.password:/run/secrets/database.password:ro \
-v ./.config/pod-cloud/admin.user:/run/secrets/admin.user:ro \
-v ./.config/pod-cloud/admin.password:/run/secrets/admin.password:ro \
-e POSTGRES_HOST=pod-database:5432 \
-e POSTGRES_DB_FILE=/run/secrets/database.name \
-e POSTGRES_USER_FILE=/run/secrets/database.user \
-e POSTGRES_PASSWORD_FILE=/run/secrets/database.password \
-e NEXTCLOUD_ADMIN_USER_FILE=/run/secrets/admin.user \
-e NEXTCLOUD_ADMIN_PASSWORD_FILE=/run/secrets/admin.password \
-e NEXTCLOUD_TRUSTED_DOMAINS="{{ services[service_name].domain }}" \
-e OVERWRITEPROTOCOL="https" \
-e SMTP_HOST="{{ services[service_name].smtp_host }}" \
-e SMTP_SECURE="ssl" \
-e SMTP_PORT=465 \
-e SMTP_AUTHTYPE="PLAIN" \
-e SMTP_NAME="{{ services[service_name].smtp_name }}" \
-e SMTP_PASSWORD="{{ services[service_name].smtp_password }}" \
-e MAIL_FROM_ADDRESS="cloud" \
-e MAIL_DOMAIN="{{ services[service_name].domain }}" \
--name=pod-cloud-nextcloud \ --name=pod-cloud-nextcloud \
docker.io/library/nextcloud:{{ versions.cloud.nextcloud }} docker.io/library/nextcloud:{{ versions.cloud.nextcloud }}
ExecStop=/usr/bin/podman stop --ignore --cidfile %t/container-cloud-nextcloud.ctr-id -t 10 ExecStop=/usr/bin/podman stop --ignore --cidfile %t/container-cloud-nextcloud.ctr-id -t 10

View File

@ -3,8 +3,8 @@ Description=Podman pod-cloud.service
Documentation=man:podman-generate-systemd(1) Documentation=man:podman-generate-systemd(1)
Wants=network.target Wants=network.target
After=network-online.target After=network-online.target
Requires=container-cloud-nginx.service container-cloud-nextcloud.service Requires=container-cloud-nginx.service container-cloud-nextcloud.service container-cloud-cron.service
Before=container-cloud-nginx.service container-cloud-nextcloud.service Before=container-cloud-nginx.service container-cloud-nextcloud.service container-cloud-cron.service
OnFailure=status-mail@%n.service OnFailure=status-mail@%n.service
[Service] [Service]

View File

@ -1,16 +1,48 @@
- block: - block:
- name: Enable container-cloud-cron timer - name: Copy database name file
systemd: template:
name: container-cloud-cron.timer src: "{{ local_service_home }}/.config/{{ service_user_name }}.template/database.name.j2"
enabled: yes dest: "{{ service_home }}/.config/{{ service_user_name }}/database.name"
scope: user mode: 0600
register: container_cloud_cron_timer register: database_name_file
- name: Copy database user file
template:
src: "{{ local_service_home }}/.config/{{ service_user_name }}.template/database.user.j2"
dest: "{{ service_home }}/.config/{{ service_user_name }}/database.user"
mode: 0600
register: database_user_file
- name: Copy database password file
template:
src: "{{ local_service_home }}/.config/{{ service_user_name }}.template/database.password.j2"
dest: "{{ service_home }}/.config/{{ service_user_name }}/database.password"
mode: 0600
register: database_password_file
- name: Copy admin user file
template:
src: "{{ local_service_home }}/.config/{{ service_user_name }}.template/admin.user.j2"
dest: "{{ service_home }}/.config/{{ service_user_name }}/admin.user"
mode: 0600
register: admin_user_file
- name: Copy admin password file
template:
src: "{{ local_service_home }}/.config/{{ service_user_name }}.template/admin.password.j2"
dest: "{{ service_home }}/.config/{{ service_user_name }}/admin.password"
mode: 0600
register: admin_password_file
- name: Record changes - name: Record changes
set_fact: set_fact:
service_changed: true service_changed: true
when: when:
container_cloud_cron_timer is changed database_name_file is changed or
database_user_file is changed or
database_password_file is changed or
admin_user_file is changed or
admin_password_file is changed
become_user: "{{ service_user_name }}" become_user: "{{ service_user_name }}"