sgratias/semaphore
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
cece6892ab719c3f6c7fb12bd604f057ed81c687
semaphore/dockerapps.yml
staffadmin cece6892ab add renwe https tasks
2023-09-24 04:54:00 +02:00

132 lines
4.7 KiB
YAML
Raw Blame History

---
- name: Docker and Docker-Compose playbook
hosts: all
become: true
# #
# # @author Stéphane Gratias (2021).
#
roles:
# manage docker-compose@dev systemd unit file
- { role: tumf.systemd-service, tags: docker-compose,
when: ansible_service_mgr == 'systemd',
vars: {
# do not restart service via systemd
ansible_unit_test: true,
systemd_service_name: "docker-compose@lab",
# [Unit]
systemd_service_Unit_Description: "%i service with docker compose",
systemd_service_Service_Type: "simple",
systemd_service_Unit_After: [ "docker.service" ],
systemd_service_Unit_Requires: [ "docker.service" ],
# [Service]
systemd_service_Service_WorkingDirectory: "{{ dockerapp_tree_base_dir | last }}/{{ dockerapp_service }}",
# Remove old containers, images and volumes
systemd_service_Service_ExecStartPre: [
"{{ '/usr/local/bin' if docker_install_compose else '/usr/bin' }}/docker-compose down -v",
"{{ '/usr/local/bin' if docker_install_compose else '/usr/bin' }}/docker-compose rm -fv",
],
# Compose up
systemd_service_Service_ExecStart: "{{ '/usr/local/bin' if docker_install_compose else '/usr/bin' }}/docker-compose up",
# Compose down, remove containers and volumes
systemd_service_Service_ExecStop: "{{ '/usr/local/bin' if docker_install_compose else '/usr/bin' }}/docker-compose down -v",
systemd_service_Service_Restart: "always",
# [Install]
systemd_service_Install_WantedBy: "multi-user.target"
}
}
tasks:
- name: create docker app base dir
file:
path: "{{ item }}"
state: directory
mode: 0755
owner: root
group: root
with_items:
- "{{ dockerapp_tree_base_dir | last }}"
- "{{ dockerapp_tree_base_dir | last }}/{{ dockerapp_service }}"
- "{{ dockerapp_tree_base_dir | last }}/{{ dockerapp_service }}/logs"
tags:
- docker-compose
- bootstrap_dockerapp_create_base_dir
- name: create docker volumes tree for containers
file:
path: "{{ dockerapp_tree_base_dir | last }}/{{ dockerapp_service }}/{{ item | default('') }}"
state: directory
mode: 0755
with_items: "{{ dockerapp_tree_volumes | default([]) }}"
tags:
- docker-compose
- bootstrap_dockerapp_create_app_dir
- name: create the main docker-compose file (docker-compose.yml)
template:
src: "../templates/docker-compose.yml.j2"
dest: "{{ dockerapp_tree_base_dir | last }}/{{ dockerapp_service }}/docker-compose.yml"
mode: 0600
tags:
- docker-compose
- bootstrap_dockerapp_configure_docker_compose
- name: uncomment acme.caserver line
ansible.builtin.lineinfile:
path: /etc/sudoers
state: absent
regexp: '^%wheel'
tags:
- renew-httos
- name: remove appdata/traefik2/acme/letsencrypt/acme.json file
file:
path: "{{ dockerapp_tree_base_dir | last }}/{{ dockerapp_service }}/appdata/traefik2/acme/letsencrypt/acme.json"
state: absent
tags:
- renew-https
- name: Run `docker-compose down`
community.docker.docker_compose:
project_src: "{{ dockerapp_tree_base_dir | last }}/{{ dockerapp_service }}/docker-compose.yml"
state: absent
tags:
- renew-https
- name: Run `docker-compose up`
community.docker.docker_compose:
project_src: "{{ dockerapp_tree_base_dir | last }}/{{ dockerapp_service }}/docker-compose.yml"
build: false
tags:
- renew-https
- name: Wait 5 minutes for news cert/key on acme.json (stagging)
pause:
seconds: 300
tags:
- renew-https
- name: comment acme.caserver line
ansible.builtin.lineinfile:
path: /etc/sudoers
state: absent
regexp: '^%wheel'
tags:
- renew-https
- name: remove appdata/traefik2/acme/letsencrypt/acme.json file
file:
path: "{{ dockerapp_tree_base_dir | last }}/{{ dockerapp_service }}/appdata/traefik2/acme/letsencrypt/acme.json"
state: absent
tags:
- renew-https
- name: Run `docker-compose restart traefik`
community.docker.docker_compose:
project_src: "{{ dockerapp_tree_base_dir | last }}/{{ dockerapp_service }}/docker-compose.yml"
restarted: true
services:
- traefik
tags:
- renew-https
Reference in New Issue View Git Blame Copy Permalink