diff --git a/inventory/group_vars/nucs.yml b/inventory/group_vars/nucs.yml index da24364..69f1dc9 100644 --- a/inventory/group_vars/nucs.yml +++ b/inventory/group_vars/nucs.yml @@ -1 +1,2 @@ -# Group variables for nucs group +base_data_dir: /data +base_service_dir: /srv diff --git a/roles/common/tasks/main.yml b/roles/common/tasks/main.yml index fa79f23..ab05296 100644 --- a/roles/common/tasks/main.yml +++ b/roles/common/tasks/main.yml @@ -5,13 +5,13 @@ state: latest update_cache: yes cache_valid_time: 86400 # One day -- name: Create /data directory +- name: Create base data directory file: - path: /data + path: "{{ base_data_dir }}" state: directory -- name: Create /srv directory +- name: Create base service directory file: - path: /srv + path: "{{ base_service_dir }}" state: directory - name: Disable systemd-resolved systemd: diff --git a/roles/forgejo/tasks/main.yml b/roles/forgejo/tasks/main.yml index 2422a53..a2ce768 100644 --- a/roles/forgejo/tasks/main.yml +++ b/roles/forgejo/tasks/main.yml @@ -1,31 +1,31 @@ - name: Create app directory file: - path: /srv/forgejo + path: "{{ service_dir }}" state: directory - name: Copy Docker Compose script - copy: - src: "{{ role_path }}/files/docker-compose.yml" - dest: /srv/forgejo/docker-compose.yml + template: + src: "{{ role_path }}/templates/docker-compose.yml.j2" + dest: "{{ service_dir }}/docker-compose.yml" - name: Create data directory file: - path: /data/forgejo + path: "{{ data_dir }}" state: directory owner: 1000 group: 1000 - name: Copy conf directory file: - path: /srv/forgejo/conf + path: "{{ service_dir }}/conf" state: directory owner: 1000 group: 1000 - name: Copy app.ini template: src: "{{ role_path }}/templates/app.ini" - dest: /srv/forgejo/conf/app.ini + dest: "{{ service_dir }}/conf/app.ini" register: config - name: Start the Docker Compose docker_compose: - project_src: /srv/forgejo + project_src: "{{ service_dir }}" pull: true remove_orphans: true restarted: "{{ config.changed }}" diff --git a/roles/forgejo/files/docker-compose.yml b/roles/forgejo/templates/docker-compose.yml.j2 similarity index 92% rename from roles/forgejo/files/docker-compose.yml rename to roles/forgejo/templates/docker-compose.yml.j2 index 98be775..a72e115 100644 --- a/roles/forgejo/files/docker-compose.yml +++ b/roles/forgejo/templates/docker-compose.yml.j2 @@ -15,8 +15,8 @@ services: networks: - traefik volumes: - - /data/forgejo:/data - - /srv/forgejo/conf:/data/gitea/conf + - {{ data_dir }}:/data + - {{ service_dir }}/conf:/data/gitea/conf - /etc/timezone:/etc/timezone:ro - /etc/localtime:/etc/localtime:ro labels: diff --git a/roles/forgejo/vars/main.yml b/roles/forgejo/vars/main.yml index 1f23d70..f0ac50e 100644 --- a/roles/forgejo/vars/main.yml +++ b/roles/forgejo/vars/main.yml @@ -1,3 +1,7 @@ +service_name: forgejo +data_dir: "{{ base_data_dir }}/{{ service_name }}" +service_dir: "{{ base_service_dir }}/{{ service_name }}" + forgejo: root_url: "https://git.pizzapim.nl" mailer_host: "smtp.tweak.nl" diff --git a/roles/kms/tasks/main.yml b/roles/kms/tasks/main.yml index 536bad6..2518ba7 100644 --- a/roles/kms/tasks/main.yml +++ b/roles/kms/tasks/main.yml @@ -1,14 +1,14 @@ - name: Create app directory file: - path: /srv/kms + path: "{{ service_dir }}" state: directory - name: Copy Docker Compose script copy: src: "{{ role_path }}/files/docker-compose.yml" - dest: /srv/kms/docker-compose.yml + dest: "{{ service_dir }}/docker-compose.yml" - name: Start the Docker Compose docker_compose: - project_src: /srv/kms + project_src: "{{ service_dir }}" pull: true remove_orphans: true diff --git a/roles/kms/vars/main.yml b/roles/kms/vars/main.yml new file mode 100644 index 0000000..8f2f2a2 --- /dev/null +++ b/roles/kms/vars/main.yml @@ -0,0 +1,2 @@ +service_name: kms +service_dir: "{{ base_service_dir }}/{{ service_name }}" diff --git a/roles/mastodon/tasks/main.yml b/roles/mastodon/tasks/main.yml index 4a4cccb..6f4ea70 100644 --- a/roles/mastodon/tasks/main.yml +++ b/roles/mastodon/tasks/main.yml @@ -1,22 +1,22 @@ - name: Create Mastodon app directory file: - path: /srv/mastodon + path: "{{ service_dir }}" state: directory - name: Copy .env.production copy: src: "{{ role_path }}/files/.env.production" - dest: /srv/mastodon/.env.production + dest: "{{ service_dir }}.env.production" - name: Copy Docker Compose script template: src: "{{ role_path }}/templates/docker-compose.yml.j2" - dest: /srv/mastodon/docker-compose.yml + dest: "{{ service_dir }}/docker-compose.yml" - name: Create Mastodon data directory file: - path: /data/mastodon + path: "{{ data_dir }}" state: directory mode: 0777 - name: Start Docker Compose docker_compose: - project_src: /srv/mastodon + project_src: "{{ service_dir }}" pull: true remove_orphans: true diff --git a/roles/mastodon/templates/docker-compose.yml.j2 b/roles/mastodon/templates/docker-compose.yml.j2 index 01b2ea0..e809bb7 100644 --- a/roles/mastodon/templates/docker-compose.yml.j2 +++ b/roles/mastodon/templates/docker-compose.yml.j2 @@ -9,7 +9,7 @@ services: healthcheck: test: ['CMD', 'pg_isready', '-U', 'postgres'] volumes: - - /data/mastodon/postgres14:/var/lib/postgresql/data + - {{ data_dir }}/postgres14:/var/lib/postgresql/data environment: - 'POSTGRES_HOST_AUTH_METHOD=trust' - 'POSTGRES_PASSWORD={{ mastodon_postgres_password }}' @@ -24,7 +24,7 @@ services: healthcheck: test: ['CMD', 'redis-cli', 'ping'] volumes: - - /data/mastodon/redis:/data + - {{ data_dir }}/redis:/data environment: - 'REDIS_PASSWORD={{ mastodon_redis_password }}' @@ -46,7 +46,7 @@ services: - db - redis volumes: - - /data/mastodon/public/system:/mastodon/public/system + - {{ data_dir }}/public/system:/mastodon/public/system labels: - traefik.http.routers.mastodon.entrypoints=websecure - traefik.http.routers.mastodon.rule=Host(`social.pizzapim.nl`) @@ -91,7 +91,7 @@ services: networks: - default volumes: - - /data/mastodon/public/system:/mastodon/public/system + - {{ data_dir }}/public/system:/mastodon/public/system healthcheck: test: ['CMD-SHELL', "ps aux | grep '[s]idekiq\ 6' || false"] diff --git a/roles/mastodon/vars/main.yml b/roles/mastodon/vars/main.yml index 505d001..0f488b3 100644 --- a/roles/mastodon/vars/main.yml +++ b/roles/mastodon/vars/main.yml @@ -1,3 +1,7 @@ +service_name: mastodon +data_dir: "{{ base_data_dir }}/{{ service_name }}" +service_dir: "{{ base_service_dir }}/{{ service_name }}" + mastodon_postgres_password: !vault | $ANSIBLE_VAULT;1.1;AES256 34643131323762373635383736636432643161646130373565333432323337646435656233383131 diff --git a/roles/pizzeria/tasks/main.yml b/roles/pizzeria/tasks/main.yml index 5f27e49..3d18940 100644 --- a/roles/pizzeria/tasks/main.yml +++ b/roles/pizzeria/tasks/main.yml @@ -1,9 +1,9 @@ - name: Clone pizzeria repository git: - repo: "{{ pizzeria.git_origin }}" - dest: /srv/pizzeria + repo: "{{ git_origin }}" + dest: "{{ service_dir }}" - name: Start the Docker Compose docker_compose: - project_src: /srv/pizzeria + project_src: "{{ service_dir }}" pull: true remove_orphans: true diff --git a/roles/pizzeria/vars/main.yml b/roles/pizzeria/vars/main.yml index 21308b6..33149bb 100644 --- a/roles/pizzeria/vars/main.yml +++ b/roles/pizzeria/vars/main.yml @@ -1,2 +1,4 @@ -pizzeria: - git_origin: https://git.pizzapim.nl/pim/pizzeria.git +service_name: pizzeria +data_dir: "{{ base_data_dir }}/{{ service_name }}" +service_dir: "{{ base_service_dir }}/{{ service_name }}" +git_origin: https://git.pizzapim.nl/pim/pizzeria.git diff --git a/roles/radicale/tasks/main.yml b/roles/radicale/tasks/main.yml index a2974ba..48afa89 100644 --- a/roles/radicale/tasks/main.yml +++ b/roles/radicale/tasks/main.yml @@ -1,29 +1,29 @@ - name: Create Radicale app directory file: - path: /srv/radicale + path: "{{ service_dir }}" state: directory - name: Copy docker-compose.yml file - copy: - src: "{{ role_path }}/files/docker-compose.yml" - dest: /srv/radicale/docker-compose.yml + template: + src: "{{ role_path }}/templates/docker-compose.yml.j2" + dest: "{{ service_dir }}/docker-compose.yml" - name: Create Radicale config directory file: - path: /srv/radicale/config + path: "{{ service_dir }}/config" state: directory - name: Copy radicale.conf copy: src: "{{ role_path }}/files/radicale.conf" - dest: /srv/radicale/config/radicale.conf + dest: "{{ service_dir }}/config/radicale.conf" - name: Copy users file copy: src: "{{ role_path }}/files/users" - dest: /srv/radicale/config/users + dest: "{{ service_dir }}/config/users" - name: Create Radicale data directory file: - path: /data/radicale + path: "{{ data_dir }}" state: directory - name: Start Docker Compose docker_compose: - project_src: /srv/radicale + project_src: "{{ service_dir }}" pull: true remove_orphans: true diff --git a/roles/radicale/files/docker-compose.yml b/roles/radicale/templates/docker-compose.yml.j2 similarity index 86% rename from roles/radicale/files/docker-compose.yml rename to roles/radicale/templates/docker-compose.yml.j2 index 556e883..1e9362f 100644 --- a/roles/radicale/files/docker-compose.yml +++ b/roles/radicale/templates/docker-compose.yml.j2 @@ -9,8 +9,8 @@ services: restart: always image: mailu/radicale:1.9 volumes: - - /data/radicale:/data - - /srv/radicale/config:/radicale + - {{ data_dir }}:/data + - {{ service_dir }}/config:/radicale command: radicale -S -C /radicale/radicale.conf networks: - traefik diff --git a/roles/radicale/vars/main.yml b/roles/radicale/vars/main.yml new file mode 100644 index 0000000..5c891bc --- /dev/null +++ b/roles/radicale/vars/main.yml @@ -0,0 +1,3 @@ +service_name: radicale +data_dir: "{{ base_data_dir }}/{{ service_name }}" +service_dir: "{{ base_service_dir }}/{{ service_name }}" diff --git a/roles/syncthing/tasks/main.yml b/roles/syncthing/tasks/main.yml index 4b73ced..614d481 100644 --- a/roles/syncthing/tasks/main.yml +++ b/roles/syncthing/tasks/main.yml @@ -1,34 +1,34 @@ - name: Create Syncthing app directory file: - path: /srv/syncthing + path: "{{ service_dir }}" state: directory - name: Create Syncthing configuration directory file: - path: /srv/syncthing/config + path: "{{ service_dir }}/config" state: directory - name: Copy Syncthing private key copy: src: "{{ role_path }}/files/key.pem" - dest: /srv/syncthing/config/key.pem + dest: "{{ service_dir }}/config/key.pem" - name: Copy Syncthing certificate copy: src: "{{ role_path }}/files/cert.pem" - dest: /srv/syncthing/config/cert.pem + dest: "{{ service_dir }}/config/cert.pem" - name: Copy Syncthing configuration template: src: "{{ role_path }}/templates/config.xml.j2" - dest: /srv/syncthing/config/config.xml + dest: "{{ service_dir }}/config/config.xml" - name: Create Syncthing data directory file: - path: /data/syncthing + path: "{{ data_dir }}" state: directory mode: 0777 - name: Copy Docker Compose script - copy: - src: "{{ role_path }}/files/docker-compose.yml" - dest: /srv/syncthing/docker-compose.yml + template: + src: "{{ role_path }}/templates/docker-compose.yml.j2" + dest: "{{ service_dir }}/docker-compose.yml" - name: Start Docker Compose docker_compose: - project_src: /srv/syncthing + project_src: "{{ service_dir }}" pull: true remove_orphans: true diff --git a/roles/syncthing/files/docker-compose.yml b/roles/syncthing/templates/docker-compose.yml.j2 similarity index 83% rename from roles/syncthing/files/docker-compose.yml rename to roles/syncthing/templates/docker-compose.yml.j2 index 4505a69..512eef6 100644 --- a/roles/syncthing/files/docker-compose.yml +++ b/roles/syncthing/templates/docker-compose.yml.j2 @@ -10,8 +10,8 @@ services: - PGID=1000 - TZ=Europe/Amsterdam volumes: - - /srv/syncthing/config:/config - - /data/syncthing:/data + - {{ service_dir }}/config:/config + - {{ data_dir }}:/data ports: - 8384:8384 - 22000:22000/tcp diff --git a/roles/syncthing/vars/main.yml b/roles/syncthing/vars/main.yml index 7e33fce..4e73ff7 100644 --- a/roles/syncthing/vars/main.yml +++ b/roles/syncthing/vars/main.yml @@ -1,3 +1,7 @@ +service_name: syncthing +data_dir: "{{ base_data_dir }}/{{ service_name }}" +service_dir: "{{ base_service_dir }}/{{ service_name }}" + syncthing: apikey: !vault | $ANSIBLE_VAULT;1.1;AES256 diff --git a/roles/traefik/tasks/main.yml b/roles/traefik/tasks/main.yml index e87ed92..635c1dd 100644 --- a/roles/traefik/tasks/main.yml +++ b/roles/traefik/tasks/main.yml @@ -1,30 +1,30 @@ - name: Create traefik app directory file: - path: /srv/traefik + path: "{{ service_dir }}" state: directory - name: Create acme file copy: content: "" - dest: /srv/traefik/acme.json + dest: "{{ service_dir }}/acme.json" force: no mode: 0600 - name: Copy Docker Compose script - copy: - src: "{{ role_path }}/files/docker-compose.yml" - dest: /srv/traefik/docker-compose.yml + template: + src: "{{ role_path }}/templates/docker-compose.yml.j2" + dest: "{{ service_dir }}/docker-compose.yml" - name: Copy traefik.toml copy: src: "{{ role_path }}/files/traefik.toml" - dest: /srv/traefik/traefik.toml + dest: "{{ service_dir }}/traefik.toml" - name: Copy services.toml copy: src: "{{ role_path }}/files/services.toml" - dest: /srv/traefik/services.toml + dest: "{{ service_dir }}/services.toml" - name: Create traefik network docker_network: name: "traefik" - name: Start Docker Compose docker_compose: - project_src: /srv/traefik + project_src: "{{ service_dir }}" pull: true remove_orphans: true diff --git a/roles/traefik/files/docker-compose.yml b/roles/traefik/templates/docker-compose.yml.j2 similarity index 82% rename from roles/traefik/files/docker-compose.yml rename to roles/traefik/templates/docker-compose.yml.j2 index ac79916..f913135 100644 --- a/roles/traefik/files/docker-compose.yml +++ b/roles/traefik/templates/docker-compose.yml.j2 @@ -20,9 +20,9 @@ services: - "56287:56287" volumes: - /var/run/docker.sock:/var/run/docker.sock - - /srv/traefik/traefik.toml:/etc/traefik/traefik.toml - - /srv/traefik/services.toml:/etc/traefik/services.toml - - /srv/traefik/acme.json:/acme.json + - {{ service_dir }}/traefik.toml:/etc/traefik/traefik.toml + - {{ service_dir }}/services.toml:/etc/traefik/services.toml + - {{ service_dir }}/acme.json:/acme.json networks: - traefik labels: diff --git a/roles/traefik/vars/main.yml b/roles/traefik/vars/main.yml new file mode 100644 index 0000000..2e1116f --- /dev/null +++ b/roles/traefik/vars/main.yml @@ -0,0 +1,2 @@ +service_name: traefik +service_dir: "{{ base_service_dir }}/{{ service_name }}"