diff --git a/app/gitea/.env b/files/gitea/.env similarity index 100% rename from app/gitea/.env rename to files/gitea/.env diff --git a/app/gitea/.gitignore b/files/gitea/.gitignore similarity index 100% rename from app/gitea/.gitignore rename to files/gitea/.gitignore diff --git a/app/gitea/docker-compose.yml b/files/gitea/docker-compose.yml.j2 similarity index 84% rename from app/gitea/docker-compose.yml rename to files/gitea/docker-compose.yml.j2 index b24bc34..0d9d6b9 100644 --- a/app/gitea/docker-compose.yml +++ b/files/gitea/docker-compose.yml.j2 @@ -1,8 +1,9 @@ services: server: - image: gitea/gitea:1.23.1 + image: gitea/gitea:1.22.6 restart: unless-stopped + container_name: gitea_web_app environment: - "USER_UID=${USER_UID}" - "USER_GID=${USER_GID}" diff --git a/playbook-configuration.yml b/playbook-configuration.yml index b32c582..9f882d5 100644 --- a/playbook-configuration.yml +++ b/playbook-configuration.yml @@ -8,25 +8,6 @@ tasks: # Applications - - ansible.builtin.import_role: - name: docker-app - vars: - username: gitea - extra_groups: - - docker - ssh_keys: - - '{{ lookup("file", "files/av_id_rsa.pub") }}' - env: - PROJECT_NAME: gitea - DOCKER_PREFIX: gitea - IMAGE_PREFIX: gitea - CONTAINER_PREFIX: gitea - WEB_SERVER_PORT: "127.0.0.1:{{ gitea_port }}" - USER_UID: "{{ uc_result.uid }}" - USER_GID: "{{ uc_result.group }}" - tags: - - apps - - ansible.builtin.import_role: name: docker-app vars: diff --git a/playbook-gitea.yml b/playbook-gitea.yml new file mode 100644 index 0000000..2b37249 --- /dev/null +++ b/playbook-gitea.yml @@ -0,0 +1,55 @@ +--- +- name: "Configure gitea application" + hosts: all + + vars_files: + - vars/ports.yml + - vars/vars.yml + + vars: + app_name: "gitea" + app_user: "{{ app_name }}" + base_dir: "/home/{{ app_name }}" + + tasks: + - name: "Create user and environment" + ansible.builtin.import_role: + name: owner + vars: + owner_name: "{{ app_user }}" + owner_extra_groups: + - "docker" + owner_ssh_keys: + - "{{ lookup('file', 'files/av_id_rsa.pub') }}" + owner_env: + PROJECT_NAME: "{{ app_name }}" + DOCKER_PREFIX: "{{ app_name }}" + IMAGE_PREFIX: "{{ app_name }}" + CONTAINER_PREFIX: "{{ app_name }}" + WEB_SERVER_PORT: "127.0.0.1:{{ gitea_port }}" + USER_UID: "{{ user_create_result.uid }}" + USER_GID: "{{ user_create_result.group }}" + + - name: "Create internal application directories" + ansible.builtin.file: + path: "{{ item }}" + state: "directory" + owner: "{{ app_user }}" + group: "{{ app_user }}" + mode: "0775" + loop: + - "{{ (base_dir, 'data') | path_join }}" + + - name: "Copy docker compose file" + ansible.builtin.template: + src: "./files/{{ app_name }}/docker-compose.yml.j2" + dest: "{{ base_dir }}/docker-compose.yml" + owner: "{{ app_user }}" + group: "{{ app_user }}" + mode: "0644" + + - name: "Run application with docker compose" + community.docker.docker_compose_v2: + project_src: "{{ base_dir }}" + state: "present" + remove_orphans: true diff --git a/roles/owner/defaults/main.yml b/roles/owner/defaults/main.yml index 863b77e..d0947a5 100644 --- a/roles/owner/defaults/main.yml +++ b/roles/owner/defaults/main.yml @@ -1,5 +1,6 @@ --- -owner_name: '' -owner_group: '{{ owner_name }}' +owner_name: "" +owner_group: "{{ owner_name }}" +owner_extra_groups: [] owner_ssh_keys: [] owner_env: {} diff --git a/roles/owner/tasks/main.yml b/roles/owner/tasks/main.yml index a93ad3e..27b854d 100644 --- a/roles/owner/tasks/main.yml +++ b/roles/owner/tasks/main.yml @@ -1,60 +1,52 @@ --- - name: 'Check app requirements for user "{{ owner_name }}".' - fail: + ansible.builtin.fail: msg: You must set owner name. when: not owner_name - name: 'Create group "{{ owner_group }}".' - group: - name: '{{ owner_group }}' + ansible.builtin.group: + name: "{{ owner_group }}" state: present - name: 'Create user "{{ owner_name }}".' - user: - name: '{{ owner_name }}' - group: '{{ owner_group }}' - groups: '{{ owner_extra_groups }}' + ansible.builtin.user: + name: "{{ owner_name }}" + group: "{{ owner_group }}" + groups: "{{ owner_extra_groups }}" shell: /bin/bash - register: uc_result + register: user_create_result - name: 'Set up user ssh keys for user "{{ owner_name }}".' - authorized_key: - user: '{{ owner_name }}' - key: '{{ item }}' + ansible.posix.authorized_key: + user: "{{ owner_name }}" + key: "{{ item }}" state: present - with_items: '{{ owner_ssh_keys }}' + with_items: "{{ owner_ssh_keys }}" when: owner_ssh_keys | length > 0 -- name: 'Prepare env variables.' - set_fact: - env_dict: '{{ owner_env | combine({ - "CURRENT_UID": uc_result.uid | default(owner_name), - "CURRENT_GID": uc_result.group | default(owner_group) }) }}' - tags: - - env +- name: "Prepare env variables." + ansible.builtin.set_fact: + env_dict: '{{ owner_env | combine({ "CURRENT_UID": user_create_result.uid | default(owner_name), "CURRENT_GID": user_create_result.group | default(owner_group) + }) }}' - name: 'Set up environment variables for user "{{ owner_name }}".' - template: + ansible.builtin.template: src: env.j2 - dest: '/home/{{ owner_name }}/.env' - owner: '{{ owner_name }}' - group: '{{ owner_group }}' - tags: - - env + dest: "/home/{{ owner_name }}/.env" + owner: "{{ owner_name }}" + group: "{{ owner_group }}" + mode: "0640" -- name: 'Remove absent environment variables for user "{{ owner_name }}" from bashrc.' - lineinfile: - path: '/home/{{ owner_name }}/.bashrc' - regexp: '^export {{ item.key }}=' +- name: 'Remove from bashrc absent environment variables for user "{{ owner_name }}".' + ansible.builtin.lineinfile: + path: "/home/{{ owner_name }}/.bashrc" + regexp: "^export {{ item.key }}=" state: absent - with_dict: '{{ env_dict }}' - tags: - - env + with_dict: "{{ env_dict }}" -- name: 'Include environment variables for user "{{ owner_name }}" in bashrc.' - lineinfile: - path: '/home/{{ owner_name }}/.bashrc' - regexp: '^export \$\(grep -v' +- name: 'Include in bashrc environment variables for user "{{ owner_name }}".' + ansible.builtin.lineinfile: + path: "/home/{{ owner_name }}/.bashrc" + regexp: "^export \\$\\(grep -v" line: 'export $(grep -v "^#" "$HOME"/.env | xargs)' - tags: - - env