diff --git a/playbook-authelia.yml b/playbook-authelia.yml index 992a02e..5396f5c 100644 --- a/playbook-authelia.yml +++ b/playbook-authelia.yml @@ -10,6 +10,8 @@ vars: app_name: "authelia" app_user: "{{ app_name }}" + app_owner_uid: 1011 + app_owner_gid: 1012 base_dir: "{{ (application_dir, app_name) | path_join }}" config_dir: "{{ (base_dir, 'config') | path_join }}" @@ -19,6 +21,8 @@ name: owner vars: owner_name: "{{ app_user }}" + owner_uid: "{{ app_owner_uid }}" + owner_gid: "{{ app_owner_gid }}" owner_extra_groups: ["docker"] - name: "Create internal application directories" diff --git a/playbook-caddyproxy.yml b/playbook-caddyproxy.yml index ddd6b3c..95a15fb 100644 --- a/playbook-caddyproxy.yml +++ b/playbook-caddyproxy.yml @@ -9,6 +9,8 @@ vars: app_name: "caddyproxy" app_user: "{{ app_name }}" + app_owner_uid: 1010 + app_owner_gid: 1011 base_dir: "{{ (application_dir, app_name) | path_join }}" data_dir: "{{ (base_dir, 'data') | path_join }}" @@ -23,6 +25,8 @@ name: owner vars: owner_name: "{{ app_user }}" + owner_uid: "{{ app_owner_uid }}" + owner_gid: "{{ app_owner_gid }}" owner_extra_groups: ["docker"] - name: "Create internal application directories" diff --git a/playbook-dozzle.yml b/playbook-dozzle.yml index 87cf8a4..0ac8869 100644 --- a/playbook-dozzle.yml +++ b/playbook-dozzle.yml @@ -9,6 +9,8 @@ vars: app_name: "dozzle" app_user: "{{ app_name }}" + app_owner_uid: 1016 + app_owner_gid: 1017 base_dir: "{{ (application_dir, app_name) | path_join }}" tasks: @@ -17,6 +19,8 @@ name: owner vars: owner_name: "{{ app_user }}" + owner_uid: "{{ app_owner_uid }}" + owner_gid: "{{ app_owner_gid }}" owner_extra_groups: ["docker"] - name: "Create internal application directories" diff --git a/playbook-gitea.yml b/playbook-gitea.yml index 58018a5..ecdaf69 100644 --- a/playbook-gitea.yml +++ b/playbook-gitea.yml @@ -9,6 +9,8 @@ vars: app_name: "gitea" app_user: "{{ app_name }}" + app_owner_uid: 1005 + app_owner_gid: 1006 base_dir: "{{ (application_dir, app_name) | path_join }}" data_dir: "{{ (base_dir, 'data') | path_join }}" backups_dir: "{{ (base_dir, 'backups') | path_join }}" @@ -19,6 +21,8 @@ name: owner vars: owner_name: "{{ app_user }}" + owner_uid: "{{ app_owner_uid }}" + owner_gid: "{{ app_owner_gid }}" owner_extra_groups: ["docker"] - name: "Create internal application directories" diff --git a/playbook-gramps.yml b/playbook-gramps.yml index 27bf658..6646cc0 100644 --- a/playbook-gramps.yml +++ b/playbook-gramps.yml @@ -9,6 +9,8 @@ vars: app_name: "gramps" app_user: "{{ app_name }}" + app_owner_uid: 1009 + app_owner_gid: 1010 base_dir: "{{ (application_dir, app_name) | path_join }}" data_dir: "{{ (base_dir, 'data') | path_join }}" backups_dir: "{{ (base_dir, 'backups') | path_join }}" @@ -20,6 +22,8 @@ name: owner vars: owner_name: "{{ app_user }}" + owner_uid: "{{ app_owner_uid }}" + owner_gid: "{{ app_owner_gid }}" owner_extra_groups: ["docker"] - name: "Create application internal directories" diff --git a/playbook-homepage.yml b/playbook-homepage.yml index 73046dc..e9ab6a2 100644 --- a/playbook-homepage.yml +++ b/playbook-homepage.yml @@ -14,8 +14,20 @@ name: owner vars: owner_name: "{{ app_user }}" + owner_uid: "{{ app_owner_uid }}" + owner_gid: "{{ app_owner_gid }}" owner_extra_groups: ["docker"] + - name: "Create application internal directories" + ansible.builtin.file: + path: "{{ item }}" + state: "directory" + owner: "{{ app_user }}" + group: "{{ app_user }}" + mode: "0750" + loop: + - "{{ base_dir }}" + - name: "Login to yandex docker registry." ansible.builtin.script: cmd: "files/yandex-docker-registry-auth.sh" diff --git a/playbook-memos.yml b/playbook-memos.yml index be5e101..51da9d7 100644 --- a/playbook-memos.yml +++ b/playbook-memos.yml @@ -9,6 +9,8 @@ vars: app_name: "memos" app_user: "{{ app_name }}" + app_owner_uid: 1019 + app_owner_gid: 1020 base_dir: "{{ (application_dir, app_name) | path_join }}" data_dir: "{{ (base_dir, 'data') | path_join }}" backups_dir: "{{ (base_dir, 'backups') | path_join }}" @@ -20,6 +22,8 @@ name: owner vars: owner_name: "{{ app_user }}" + owner_uid: "{{ app_owner_uid }}" + owner_gid: "{{ app_owner_gid }}" owner_extra_groups: ["docker"] - name: "Create application internal directories" diff --git a/playbook-miniflux.yml b/playbook-miniflux.yml index 4f3ece9..c4a7b8e 100644 --- a/playbook-miniflux.yml +++ b/playbook-miniflux.yml @@ -9,6 +9,8 @@ vars: app_name: "miniflux" app_user: "{{ app_name }}" + app_owner_uid: 1013 + app_owner_gid: 1014 base_dir: "{{ (application_dir, app_name) | path_join }}" data_dir: "{{ (base_dir, 'data') | path_join }}" secrets_dir: "{{ (base_dir, 'secrets') | path_join }}" @@ -21,6 +23,8 @@ name: owner vars: owner_name: "{{ app_user }}" + owner_uid: "{{ app_owner_uid }}" + owner_gid: "{{ app_owner_gid }}" owner_extra_groups: ["docker"] - name: "Create internal directories" diff --git a/playbook-netdata.yml b/playbook-netdata.yml index 4b7ae5e..cc19316 100644 --- a/playbook-netdata.yml +++ b/playbook-netdata.yml @@ -9,6 +9,8 @@ vars: app_name: "netdata" app_user: "{{ app_name }}" + app_owner_uid: 1012 + app_owner_gid: 1013 base_dir: "{{ (application_dir, app_name) | path_join }}" config_dir: "{{ (base_dir, 'config') | path_join }}" config_go_d_dir: "{{ (config_dir, 'go.d') | path_join }}" @@ -20,6 +22,8 @@ name: owner vars: owner_name: "{{ app_user }}" + owner_uid: "{{ app_owner_uid }}" + owner_gid: "{{ app_owner_gid }}" owner_extra_groups: ["docker"] - name: "Create internal application directories" diff --git a/playbook-outline.yml b/playbook-outline.yml index 72ea8dc..9ba1082 100644 --- a/playbook-outline.yml +++ b/playbook-outline.yml @@ -9,6 +9,8 @@ vars: app_name: "outline" app_user: "{{ app_name }}" + app_owner_uid: 1007 + app_owner_gid: 1008 base_dir: "{{ (application_dir, app_name) | path_join }}" data_dir: "{{ (base_dir, 'data') | path_join }}" postgres_data_dir: "{{ (base_dir, 'data', 'postgres') | path_join }}" @@ -20,6 +22,8 @@ name: owner vars: owner_name: "{{ app_user }}" + owner_uid: "{{ app_owner_uid }}" + owner_gid: "{{ app_owner_gid }}" owner_extra_groups: ["docker"] - name: "Create internal directories" diff --git a/playbook-rssbridge.yml b/playbook-rssbridge.yml index 5510afc..fb4b810 100644 --- a/playbook-rssbridge.yml +++ b/playbook-rssbridge.yml @@ -9,6 +9,8 @@ vars: app_name: "rssbridge" app_user: "{{ app_name }}" + app_owner_uid: 1014 + app_owner_gid: 1015 base_dir: "{{ (application_dir, app_name) | path_join }}" tasks: @@ -17,6 +19,8 @@ name: owner vars: owner_name: "{{ app_user }}" + owner_uid: "{{ app_owner_uid }}" + owner_gid: "{{ app_owner_gid }}" owner_extra_groups: ["docker"] - name: "Create internal application directories" diff --git a/playbook-transcriber.yml b/playbook-transcriber.yml index 2f34913..cedf7d6 100644 --- a/playbook-transcriber.yml +++ b/playbook-transcriber.yml @@ -14,6 +14,8 @@ name: owner vars: owner_name: "{{ app_user }}" + owner_uid: "{{ app_owner_uid }}" + owner_gid: "{{ app_owner_gid }}" owner_extra_groups: ["docker"] - name: "Create application internal directories" @@ -24,6 +26,7 @@ group: "{{ app_user }}" mode: "0750" loop: + - "{{ base_dir }}" - "{{ config_dir }}" - "{{ data_dir }}" - "{{ backups_dir }}" diff --git a/playbook-wakapi.yml b/playbook-wakapi.yml index f785769..58c4bbc 100644 --- a/playbook-wakapi.yml +++ b/playbook-wakapi.yml @@ -9,6 +9,8 @@ vars: app_name: "wakapi" app_user: "{{ app_name }}" + app_owner_uid: 1015 + app_owner_gid: 1016 base_dir: "{{ (application_dir, app_name) | path_join }}" data_dir: "{{ (base_dir, 'data') | path_join }}" backups_dir: "{{ (base_dir, 'backups') | path_join }}" @@ -20,6 +22,8 @@ name: owner vars: owner_name: "{{ app_user }}" + owner_uid: "{{ app_owner_uid }}" + owner_gid: "{{ app_owner_gid }}" owner_extra_groups: ["docker"] - name: "Create application internal directories" diff --git a/playbook-wanderer.yml b/playbook-wanderer.yml index a962b23..e91ee09 100644 --- a/playbook-wanderer.yml +++ b/playbook-wanderer.yml @@ -9,6 +9,8 @@ vars: app_name: "wanderer" app_user: "{{ app_name }}" + app_owner_uid: 1018 + app_owner_gid: 1019 base_dir: "{{ (application_dir, app_name) | path_join }}" data_dir: "{{ (base_dir, 'data') | path_join }}" backups_dir: "{{ (base_dir, 'backups') | path_join }}" @@ -23,6 +25,8 @@ name: owner vars: owner_name: "{{ app_user }}" + owner_uid: "{{ app_owner_uid }}" + owner_gid: "{{ app_owner_gid }}" owner_extra_groups: ["docker"] - name: "Create application internal directories" diff --git a/roles/owner/defaults/main.yml b/roles/owner/defaults/main.yml index d0947a5..63aa1b7 100644 --- a/roles/owner/defaults/main.yml +++ b/roles/owner/defaults/main.yml @@ -1,6 +1,8 @@ --- owner_name: "" +owner_uid: 0 owner_group: "{{ owner_name }}" +owner_gid: "{{ owner_uid }}" owner_extra_groups: [] owner_ssh_keys: [] owner_env: {} diff --git a/roles/owner/tasks/main.yml b/roles/owner/tasks/main.yml index 145f1a0..139d55c 100644 --- a/roles/owner/tasks/main.yml +++ b/roles/owner/tasks/main.yml @@ -4,9 +4,15 @@ msg: You must set owner name. when: not owner_name +- name: 'Check app requirements for user "{{ owner_name }}".' + ansible.builtin.fail: + msg: You must set owner uid. + when: not owner_uid + - name: 'Create group "{{ owner_group }}".' ansible.builtin.group: name: "{{ owner_group }}" + gid: "{{ owner_gid }}" state: present - name: 'Create user "{{ owner_name }}".' @@ -14,6 +20,7 @@ name: "{{ owner_name }}" group: "{{ owner_group }}" groups: "{{ owner_extra_groups }}" + uid: "{{ owner_uid }}" shell: /bin/bash register: user_create_result diff --git a/vars/homepage.yml b/vars/homepage.yml index 8682166..e393142 100644 --- a/vars/homepage.yml +++ b/vars/homepage.yml @@ -1,7 +1,9 @@ --- app_name: "homepage" app_user: "{{ app_name }}" -base_dir: "/home/{{ app_user }}" +app_owner_uid: 1008 +app_owner_gid: 1009 +base_dir: "{{ (application_dir, app_name) | path_join }}" docker_registry_prefix: "cr.yandex/crplfk0168i4o8kd7ade" # Registry images diff --git a/vars/transcriber.yml b/vars/transcriber.yml index 5f62033..daa4f30 100644 --- a/vars/transcriber.yml +++ b/vars/transcriber.yml @@ -1,7 +1,9 @@ --- app_name: "transcriber" app_user: "{{ app_name }}" -base_dir: "/home/{{ app_user }}" +app_owner_uid: 1017 +app_owner_gid: 1018 +base_dir: "{{ (application_dir, app_name) | path_join }}" config_dir: "{{ (base_dir, 'config') | path_join }}" config_file: "{{ (config_dir, 'config.toml') | path_join }}"