Add docker and upgrade playbooks

2024-12-21 14:30:02 +03:00 · 2024-12-21 14:30:02 +03:00 · 22e09afd00
commit 22e09afd00
parent 9c5266deab
5 changed files with 55 additions and 26 deletions
--- a/README.md
+++ b/README.md
@ -15,7 +15,7 @@

 ```bash
 $ cp ansible-vault-password-file.dist ansible-vault-password-file
-$ ansible-galaxy install --role-file ansible/requirements.yml
+$ ansible-galaxy install --role-file requirements.yml
 ```

 ## Структура
@ -24,7 +24,7 @@ $ ansible-galaxy install --role-file ansible/requirements.yml
 - Для доступа используется ssh-ключ.
 - Докер используется для запуска и изоляции приложений. Для загрузки образов настраивается Yandex Docker Registry.
 - Выход во внешнюю сеть через proxy server [Caddy](https://caddyserver.com/).
- Чувствительные данные в `ansible/vars/vars.yaml` зашифрованы с помощью Ansible Vault.
+- Чувствительные данные в `vars/vars.yaml` зашифрованы с помощью Ansible Vault.
 - Для мониторинга за сервером устанавливается [netdata](https://github.com/netdata/netdata).

 ## Частые команды
--- a/playbook-configuration.yml
+++ b/playbook-configuration.yml
@ -7,21 +7,6 @@

  tasks:

-
-    - name: 'Install python docker lib.'
-      pip:
-        name: docker
-      tags:
-        - docker
-
-    - import_role:
-        name: geerlingguy.docker
-      vars:
-        docker_users:
-          - major
-      tags:
-        - docker
-
    - name: 'Ensure networkd service is started (required by Caddy).'
      systemd:
        name: systemd-networkd
@ -42,14 +27,6 @@
      tags:
        - webserver

-    - import_role:
-        name: netdata
-      vars:
-        netdata_version: 'v2.0.0'
-        netdata_exposed_port: '{{ netdata_port }}'
-      tags:
-        - monitoring
-
    # Applications

    - import_role:
--- a/playbook-docker.yml
+++ b/playbook-docker.yml
@ -0,0 +1,25 @@
+---
+- name: 'Configure docker parameters'
+  hosts: all
+
+  vars_files:
+    - vars/ports.yml
+    - vars/vars.yml
+
+  tasks:
+
+    - name: 'Install python docker lib from pip'
+      ansible.builtin.pip:
+        name: docker
+
+    - name: 'Install docker'
+      ansible.builtin.import_role:
+        name: geerlingguy.docker
+      vars:
+        docker_edition: 'ce'
+        docker_packages:
+          - "docker-{{ docker_edition }}"
+          - "docker-{{ docker_edition }}-cli"
+          - "docker-{{ docker_edition }}-rootless-extras"        
+        docker_users:
+          - major
--- a/playbook-upgrade.yml
+++ b/playbook-upgrade.yml
@ -0,0 +1,27 @@
+---
+- name: 'Update and upgrade system packages'
+  hosts: all
+
+  vars_files:
+    - vars/ports.yml
+    - vars/vars.yml
+
+  tasks:
+    - name: Perform an upgrade of packages
+      ansible.builtin.apt:
+        upgrade: 'yes'
+        update_cache: yes
+
+    - name: Check if a reboot is required
+      ansible.builtin.stat:
+        path: /var/run/reboot-required
+        get_checksum: no
+      register: reboot_required_file
+
+    - name: Reboot the server (if required)
+      ansible.builtin.reboot:
+      when: reboot_required_file.stat.exists == true
+
+    - name: Remove dependencies that are no longer required
+      ansible.builtin.apt:
+        autoremove: yes
--- a/requirements.yml
+++ b/requirements.yml
@ -6,7 +6,7 @@
  version: 2.4.0

 - src: geerlingguy.docker
-  version: 6.1.0
+  version: 7.4.3

 - src: caddy_ansible.caddy_ansible
  version: v3.2.0