Fix app user and group uid and gid

Prepare for system upgrade
2025-12-11 10:52:27 +03:00
parent 7e67409393
commit c2ea2cdb39
18 changed files with 78 additions and 2 deletions
--- a/playbook-authelia.yml
+++ b/playbook-authelia.yml
@@ -10,6 +10,8 @@
  vars:
    app_name: "authelia"
    app_user: "{{ app_name }}"
    app_owner_uid: 1011
    app_owner_gid: 1012
    base_dir: "{{ (application_dir, app_name) | path_join }}"
    config_dir: "{{ (base_dir, 'config') | path_join }}"
@@ -19,6 +21,8 @@
        name: owner
      vars:
        owner_name: "{{ app_user }}"
        owner_uid: "{{ app_owner_uid }}"
        owner_gid: "{{ app_owner_gid }}"
        owner_extra_groups: ["docker"]
    - name: "Create internal application directories"
--- a/playbook-caddyproxy.yml
+++ b/playbook-caddyproxy.yml
@@ -9,6 +9,8 @@
  vars:
    app_name: "caddyproxy"
    app_user: "{{ app_name }}"
    app_owner_uid: 1010
    app_owner_gid: 1011
    base_dir: "{{ (application_dir, app_name) | path_join }}"
    data_dir: "{{ (base_dir, 'data') | path_join }}"
@@ -23,6 +25,8 @@
        name: owner
      vars:
        owner_name: "{{ app_user }}"
        owner_uid: "{{ app_owner_uid }}"
        owner_gid: "{{ app_owner_gid }}"
        owner_extra_groups: ["docker"]
    - name: "Create internal application directories"
--- a/playbook-dozzle.yml
+++ b/playbook-dozzle.yml
@@ -9,6 +9,8 @@
  vars:
    app_name: "dozzle"
    app_user: "{{ app_name }}"
    app_owner_uid: 1016
    app_owner_gid: 1017
    base_dir: "{{ (application_dir, app_name) | path_join }}"
  tasks:
@@ -17,6 +19,8 @@
        name: owner
      vars:
        owner_name: "{{ app_user }}"
        owner_uid: "{{ app_owner_uid }}"
        owner_gid: "{{ app_owner_gid }}"
        owner_extra_groups: ["docker"]
    - name: "Create internal application directories"
--- a/playbook-gitea.yml
+++ b/playbook-gitea.yml
@@ -9,6 +9,8 @@
  vars:
    app_name: "gitea"
    app_user: "{{ app_name }}"
    app_owner_uid: 1005
    app_owner_gid: 1006
    base_dir: "{{ (application_dir, app_name) | path_join }}"
    data_dir: "{{ (base_dir, 'data') | path_join }}"
    backups_dir: "{{ (base_dir, 'backups') | path_join }}"
@@ -19,6 +21,8 @@
        name: owner
      vars:
        owner_name: "{{ app_user }}"
        owner_uid: "{{ app_owner_uid }}"
        owner_gid: "{{ app_owner_gid }}"
        owner_extra_groups: ["docker"]
    - name: "Create internal application directories"
--- a/playbook-gramps.yml
+++ b/playbook-gramps.yml
@@ -9,6 +9,8 @@
  vars:
    app_name: "gramps"
    app_user: "{{ app_name }}"
    app_owner_uid: 1009
    app_owner_gid: 1010
    base_dir: "{{ (application_dir, app_name) | path_join }}"
    data_dir: "{{ (base_dir, 'data') | path_join }}"
    backups_dir: "{{ (base_dir, 'backups') | path_join }}"
@@ -20,6 +22,8 @@
        name: owner
      vars:
        owner_name: "{{ app_user }}"
        owner_uid: "{{ app_owner_uid }}"
        owner_gid: "{{ app_owner_gid }}"
        owner_extra_groups: ["docker"]
    - name: "Create application internal directories"
--- a/playbook-homepage.yml
+++ b/playbook-homepage.yml
@@ -14,8 +14,20 @@
        name: owner
      vars:
        owner_name: "{{ app_user }}"
        owner_uid: "{{ app_owner_uid }}"
        owner_gid: "{{ app_owner_gid }}"
        owner_extra_groups: ["docker"]
    - name: "Create application internal directories"
      ansible.builtin.file:
        path: "{{ item }}"
        state: "directory"
        owner: "{{ app_user }}"
        group: "{{ app_user }}"
        mode: "0750"
      loop:
        - "{{ base_dir }}"
    - name: "Login to yandex docker registry."
      ansible.builtin.script:
        cmd: "files/yandex-docker-registry-auth.sh"
--- a/playbook-memos.yml
+++ b/playbook-memos.yml
@@ -9,6 +9,8 @@
  vars:
    app_name: "memos"
    app_user: "{{ app_name }}"
    app_owner_uid: 1019
    app_owner_gid: 1020
    base_dir: "{{ (application_dir, app_name) | path_join }}"
    data_dir: "{{ (base_dir, 'data') | path_join }}"
    backups_dir: "{{ (base_dir, 'backups') | path_join }}"
@@ -20,6 +22,8 @@
        name: owner
      vars:
        owner_name: "{{ app_user }}"
        owner_uid: "{{ app_owner_uid }}"
        owner_gid: "{{ app_owner_gid }}"
        owner_extra_groups: ["docker"]
    - name: "Create application internal directories"
--- a/playbook-miniflux.yml
+++ b/playbook-miniflux.yml
@@ -9,6 +9,8 @@
  vars:
    app_name: "miniflux"
    app_user: "{{ app_name }}"
    app_owner_uid: 1013
    app_owner_gid: 1014
    base_dir: "{{ (application_dir, app_name) | path_join }}"
    data_dir: "{{ (base_dir, 'data') | path_join }}"
    secrets_dir: "{{ (base_dir, 'secrets') | path_join }}"
@@ -21,6 +23,8 @@
        name: owner
      vars:
        owner_name: "{{ app_user }}"
        owner_uid: "{{ app_owner_uid }}"
        owner_gid: "{{ app_owner_gid }}"
        owner_extra_groups: ["docker"]
    - name: "Create internal directories"
--- a/playbook-netdata.yml
+++ b/playbook-netdata.yml
@@ -9,6 +9,8 @@
  vars:
    app_name: "netdata"
    app_user: "{{ app_name }}"
    app_owner_uid: 1012
    app_owner_gid: 1013
    base_dir: "{{ (application_dir, app_name) | path_join }}"
    config_dir: "{{ (base_dir, 'config') | path_join }}"
    config_go_d_dir: "{{ (config_dir, 'go.d') | path_join }}"
@@ -20,6 +22,8 @@
        name: owner
      vars:
        owner_name: "{{ app_user }}"
        owner_uid: "{{ app_owner_uid }}"
        owner_gid: "{{ app_owner_gid }}"
        owner_extra_groups: ["docker"]
    - name: "Create internal application directories"
--- a/playbook-outline.yml
+++ b/playbook-outline.yml
@@ -9,6 +9,8 @@
  vars:
    app_name: "outline"
    app_user: "{{ app_name }}"
    app_owner_uid: 1007
    app_owner_gid: 1008
    base_dir: "{{ (application_dir, app_name) | path_join }}"
    data_dir: "{{ (base_dir, 'data') | path_join }}"
    postgres_data_dir: "{{ (base_dir, 'data', 'postgres') | path_join }}"
@@ -20,6 +22,8 @@
        name: owner
      vars:
        owner_name: "{{ app_user }}"
        owner_uid: "{{ app_owner_uid }}"
        owner_gid: "{{ app_owner_gid }}"
        owner_extra_groups: ["docker"]
    - name: "Create internal directories"
--- a/playbook-rssbridge.yml
+++ b/playbook-rssbridge.yml
@@ -9,6 +9,8 @@
  vars:
    app_name: "rssbridge"
    app_user: "{{ app_name }}"
    app_owner_uid: 1014
    app_owner_gid: 1015
    base_dir: "{{ (application_dir, app_name) | path_join }}"
  tasks:
@@ -17,6 +19,8 @@
        name: owner
      vars:
        owner_name: "{{ app_user }}"
        owner_uid: "{{ app_owner_uid }}"
        owner_gid: "{{ app_owner_gid }}"
        owner_extra_groups: ["docker"]
    - name: "Create internal application directories"
--- a/playbook-transcriber.yml
+++ b/playbook-transcriber.yml
@@ -14,6 +14,8 @@
        name: owner
      vars:
        owner_name: "{{ app_user }}"
        owner_uid: "{{ app_owner_uid }}"
        owner_gid: "{{ app_owner_gid }}"
        owner_extra_groups: ["docker"]
    - name: "Create application internal directories"
@@ -24,6 +26,7 @@
        group: "{{ app_user }}"
        mode: "0750"
      loop:
        - "{{ base_dir }}"
        - "{{ config_dir }}"
        - "{{ data_dir }}"
        - "{{ backups_dir }}"
--- a/playbook-wakapi.yml
+++ b/playbook-wakapi.yml
@@ -9,6 +9,8 @@
  vars:
    app_name: "wakapi"
    app_user: "{{ app_name }}"
    app_owner_uid: 1015
    app_owner_gid: 1016
    base_dir: "{{ (application_dir, app_name) | path_join }}"
    data_dir: "{{ (base_dir, 'data') | path_join }}"
    backups_dir: "{{ (base_dir, 'backups') | path_join }}"
@@ -20,6 +22,8 @@
        name: owner
      vars:
        owner_name: "{{ app_user }}"
        owner_uid: "{{ app_owner_uid }}"
        owner_gid: "{{ app_owner_gid }}"
        owner_extra_groups: ["docker"]
    - name: "Create application internal directories"
--- a/playbook-wanderer.yml
+++ b/playbook-wanderer.yml
@@ -9,6 +9,8 @@
  vars:
    app_name: "wanderer"
    app_user: "{{ app_name }}"
    app_owner_uid: 1018
    app_owner_gid: 1019
    base_dir: "{{ (application_dir, app_name) | path_join }}"
    data_dir: "{{ (base_dir, 'data') | path_join }}"
    backups_dir: "{{ (base_dir, 'backups') | path_join }}"
@@ -23,6 +25,8 @@
        name: owner
      vars:
        owner_name: "{{ app_user }}"
        owner_uid: "{{ app_owner_uid }}"
        owner_gid: "{{ app_owner_gid }}"
        owner_extra_groups: ["docker"]
    - name: "Create application internal directories"
--- a/roles/owner/defaults/main.yml
+++ b/roles/owner/defaults/main.yml
@@ -1,6 +1,8 @@
 ---
 owner_name: ""
 owner_uid: 0
 owner_group: "{{ owner_name }}"
 owner_gid: "{{ owner_uid }}"
 owner_extra_groups: []
 owner_ssh_keys: []
 owner_env: {}
--- a/roles/owner/tasks/main.yml
+++ b/roles/owner/tasks/main.yml
@@ -4,9 +4,15 @@
    msg: You must set owner name.
  when: not owner_name
 - name: 'Check app requirements for user "{{ owner_name }}".'
  ansible.builtin.fail:
    msg: You must set owner uid.
  when: not owner_uid
 - name: 'Create group "{{ owner_group }}".'
  ansible.builtin.group:
    name: "{{ owner_group }}"
    gid: "{{ owner_gid }}"
    state: present
 - name: 'Create user "{{ owner_name }}".'
@@ -14,6 +20,7 @@
    name: "{{ owner_name }}"
    group: "{{ owner_group }}"
    groups: "{{ owner_extra_groups }}"
    uid: "{{ owner_uid }}"
    shell: /bin/bash
  register: user_create_result
--- a/vars/homepage.yml
+++ b/vars/homepage.yml
@@ -1,7 +1,9 @@
 ---
 app_name: "homepage"
 app_user: "{{ app_name }}"
-base_dir: "/home/{{ app_user }}"
+app_owner_uid: 1008
 app_owner_gid: 1009
 base_dir: "{{ (application_dir, app_name) | path_join }}"
 docker_registry_prefix: "cr.yandex/crplfk0168i4o8kd7ade"
 # Registry images
--- a/vars/transcriber.yml
+++ b/vars/transcriber.yml
@@ -1,7 +1,9 @@
 ---
 app_name: "transcriber"
 app_user: "{{ app_name }}"
-base_dir: "/home/{{ app_user }}"
+app_owner_uid: 1017
 app_owner_gid: 1018
 base_dir: "{{ (application_dir, app_name) | path_join }}"
 config_dir: "{{ (base_dir, 'config') | path_join }}"
 config_file: "{{ (config_dir, 'config.toml') | path_join }}"