diff --git a/roles/role_deploy_SemanticScuttle/tasks/main.yml b/roles/role_deploy_SemanticScuttle/tasks/main.yml index 712487f..3ae5a9f 100644 --- a/roles/role_deploy_SemanticScuttle/tasks/main.yml +++ b/roles/role_deploy_SemanticScuttle/tasks/main.yml @@ -8,7 +8,6 @@ containers.podman.podman_network: name: php5-fpm become: true - when: not scuttle_installed_flag.stat.exists - name: Create volumes directories ansible.builtin.file: @@ -82,6 +81,7 @@ containers.podman.podman_container: name: apache-scuttle image: "{{ private_registry_domain }}/apache-scuttle:72099cd4a1" + state: present network: - reverse-proxy - php5-fpm @@ -90,18 +90,23 @@ env: FPM_HOST: php5-fpm:9000 SERVER_NAME: "scuttle.{{ DOMAIN }}" + generate_systemd: + path: /etc/systemd/system become: true - name: Create php5-fpm container containers.podman.podman_container: name: php5-fpm image: "{{ private_registry_domain }}/php5-fpm:f533a39b96" + state: present network: - php5-fpm - mysqlnet volume: - /mnt/volumes/scuttle_code/data:/var/www/html:z - /mnt/volumes/scuttle_php5-fpm_conf/data:/etc/php5/fpm/pool.d:Z + generate_systemd: + path: /etc/systemd/system become: true - name: Add cloud.{{ DOMAIN }} to /etc/hosts @@ -109,7 +114,6 @@ path: "/etc/hosts" line: "127.0.0.1 scuttle.{{ DOMAIN }} scuttle" become: true - when: not scuttle_installed_flag.stat.exists # A local volume is needed to store install states - name: Create /mnt/volumes/install_states directory if it does not exist diff --git a/roles/role_deploy_dovecot/tasks/main.yml b/roles/role_deploy_dovecot/tasks/main.yml index d1a4c22..1cd82c8 100644 --- a/roles/role_deploy_dovecot/tasks/main.yml +++ b/roles/role_deploy_dovecot/tasks/main.yml @@ -59,7 +59,6 @@ mode: '0755' recurse: yes become: true - when: not dovecot_installed_flag.stat.exists - name: Remove temp directory ansible.builtin.file: @@ -67,7 +66,6 @@ state: absent changed_when: false become: true - when: not dovecot_installed_flag.stat.exists - name: Create temp directory ansible.builtin.file: @@ -76,7 +74,6 @@ recurse: yes changed_when: false become: true - when: not dovecot_installed_flag.stat.exists - name: Extract dovecot certs from secrets.tar.gz.enc shell: "openssl enc -aes-256-cbc -md md5 -pass env:SECRETS_ARCHIVE_PASSPHRASE -d -in {{ remote_workdir }}/secrets.tar.gz.enc | tar -zxv -C {{ item.dir }} --strip 3 {{ item.name }}" @@ -89,7 +86,6 @@ environment: SECRETS_ARCHIVE_PASSPHRASE: "{{ lookup('env', 'SECRETS_ARCHIVE_PASSPHRASE') }}" become: true - when: not dovecot_installed_flag.stat.exists - name: Copy dovecot SSL cert ansible.builtin.copy: @@ -100,7 +96,6 @@ group: root mode: "u=rw,g=r,o=r" become: true - when: not dovecot_installed_flag.stat.exists - name: Copy dovecot SSL key ansible.builtin.copy: @@ -111,7 +106,6 @@ group: root mode: "u=rw,g=,o=" become: true - when: not dovecot_installed_flag.stat.exists - name: Retrieve config repo ansible.builtin.git: @@ -121,7 +115,6 @@ accept_hostkey: true force: true changed_when: false - when: not dovecot_installed_flag.stat.exists - name: Copy config ansible.builtin.copy: @@ -131,7 +124,6 @@ become: true with_items: - dovecot_expire.sh - when: not dovecot_installed_flag.stat.exists - name: Template dovecot config files ansible.builtin.template: @@ -142,7 +134,6 @@ - 15-lda.conf - 10-mail.conf - users - when: not dovecot_installed_flag.stat.exists - name: Fix permissions ansible.builtin.file: @@ -154,7 +145,6 @@ with_items: - name: dovecot_expire.sh mode: "u=rwx,g=rx,o=" - when: not dovecot_installed_flag.stat.exists - name: Login to {{ private_registry_domain }} and create ${XDG_RUNTIME_DIR}/containers/auth.json containers.podman.podman_login: @@ -163,7 +153,6 @@ registry: "{{ private_registry_domain }}" changed_when: false become: true - when: not dovecot_installed_flag.stat.exists - name: Create podman networks containers.podman.podman_network: @@ -171,12 +160,12 @@ become: true with_items: - mailnet - when: not dovecot_installed_flag.stat.exists - name: Create dovecot container containers.podman.podman_container: name: dovecot image: "{{ private_registry_domain }}/dovecot:530c367996" + state: present network: - mailnet ports: @@ -191,8 +180,17 @@ - /usr/local/docker-mounted-files/docker-mail-stack/10-mail.conf:/etc/dovecot/conf.d/10-mail.conf:Z - /usr/local/docker-mounted-files/docker-mail-stack/certs/dovecot.crt:/etc/dovecot/dovecot.pem:z - /usr/local/docker-mounted-files/docker-mail-stack/certs/dovecot.key:/etc/dovecot/private/dovecot.pem:Z + generate_systemd: + path: /etc/systemd/system + become: true + +- name: start/enable container service + ansible.builtin.systemd: + daemon-reload: true + name: container-dovecot + state: started + enabled: true become: true - when: not dovecot_installed_flag.stat.exists - name: Add services to /etc/hosts ansible.builtin.lineinfile: @@ -202,7 +200,6 @@ with_items: - imap - sieve - when: not dovecot_installed_flag.stat.exists # A local volume is needed to store install states - name: Create /mnt/volumes/install_states directory if it does not exist diff --git a/roles/role_deploy_feed2imap/tasks/main.yml b/roles/role_deploy_feed2imap/tasks/main.yml index a2e3484..a20b3f5 100644 --- a/roles/role_deploy_feed2imap/tasks/main.yml +++ b/roles/role_deploy_feed2imap/tasks/main.yml @@ -49,6 +49,7 @@ containers.podman.podman_container: name: feed2imap image: "{{ private_registry_domain }}/feed2imap:10d378f5cf" + state: present network: - mailnet volume: @@ -56,4 +57,14 @@ - /usr/local/docker-mounted-files/docker-mail-stack/certs/dovecot.crt:/usr/local/share/ca-certificates/dovecot.crt:z etc_hosts: imap.scimetis.net: "{{ ansible_default_ipv4.address }}" + generate_systemd: + path: /etc/systemd/system + become: true + +- name: start/enable container service + ansible.builtin.systemd: + daemon-reload: true + name: container-feed2imap + state: started + enabled: true become: true diff --git a/roles/role_deploy_grafana/tasks/main.yml b/roles/role_deploy_grafana/tasks/main.yml index ad18711..efc40ea 100644 --- a/roles/role_deploy_grafana/tasks/main.yml +++ b/roles/role_deploy_grafana/tasks/main.yml @@ -81,6 +81,7 @@ containers.podman.podman_container: name: grafana image: docker.io/grafana/grafana:10.2.4 + state: present network: - reverse-proxy - mysqlnet @@ -90,6 +91,17 @@ - /mnt/volumes/var_lib_grafana/data:/var/lib/grafana:Z - /mnt/volumes/etc_grafana/data:/etc/grafana:Z - /mnt/volumes/var_log_grafana/data:/var/log/grafana:Z + generate_systemd: + path: /etc/systemd/system + become: true + when: not grafana_installed_flag.stat.exists + +- name: start/enable container service + ansible.builtin.systemd: + daemon-reload: true + name: container-grafana + state: started + enabled: true become: true when: not grafana_installed_flag.stat.exists diff --git a/roles/role_deploy_nextcloud/tasks/main.yml b/roles/role_deploy_nextcloud/tasks/main.yml index 4ab19bb..0280822 100644 --- a/roles/role_deploy_nextcloud/tasks/main.yml +++ b/roles/role_deploy_nextcloud/tasks/main.yml @@ -90,6 +90,7 @@ containers.podman.podman_container: name: nextcloud image: "{{ private_registry_domain }}/nextcloud:19.0.13-apache-full" + state: present network: - reverse-proxy - mysqlnet @@ -98,6 +99,17 @@ - /mnt/volumes/nextcloud/data:/var/www/html:Z - /usr/local/docker-mounted-files/docker-nextcloud-stack/supervisord.conf:/supervisord.conf:z - /usr/local/docker-mounted-files/docker-nextcloud-stack/run_elasticsearch.sh:/run_elasticsearch.sh:z + generate_systemd: + path: /etc/systemd/system + become: true + when: not nextcloud_installed_flag.stat.exists + +- name: start/enable container service + ansible.builtin.systemd: + daemon-reload: true + name: container-nextcloud + state: started + enabled: true become: true when: not nextcloud_installed_flag.stat.exists diff --git a/roles/role_deploy_registry/tasks/main.yml b/roles/role_deploy_registry/tasks/main.yml index ce5ea7e..706b0e3 100644 --- a/roles/role_deploy_registry/tasks/main.yml +++ b/roles/role_deploy_registry/tasks/main.yml @@ -88,6 +88,7 @@ containers.podman.podman_container: name: registry image: docker.io/registry:2.8.3 + state: present network: - reverse-proxy expose: @@ -102,6 +103,17 @@ REGISTRY_AUTH: htpasswd REGISTRY_AUTH_HTPASSWD_PATH: /auth/htpasswd REGISTRY_AUTH_HTPASSWD_REALM: Registry Realm + generate_systemd: + path: /etc/systemd/system + become: true + when: not registry_installed_flag.stat.exists + +- name: start/enable container service + ansible.builtin.systemd: + daemon-reload: true + name: container-registry + state: started + enabled: true become: true when: not registry_installed_flag.stat.exists diff --git a/roles/role_deploy_store-metrics-in-db/tasks/main.yml b/roles/role_deploy_store-metrics-in-db/tasks/main.yml index a27d320..2ba2a0e 100644 --- a/roles/role_deploy_store-metrics-in-db/tasks/main.yml +++ b/roles/role_deploy_store-metrics-in-db/tasks/main.yml @@ -34,6 +34,7 @@ containers.podman.podman_container: name: store-metrics-in-db image: "{{ private_registry_domain }}/store-metrics-in-db:22e20028fc" + state: present network: - mysqlnet - metricsnet @@ -47,4 +48,14 @@ FLASK_RUN_PORT: 3001 volume: - /usr/local/docker-mounted-files/docker-store-metrics-in-db-stack/conf.yml:/root/conf.yml:Z + generate_systemd: + path: /etc/systemd/system + become: true + +- name: start/enable container service + ansible.builtin.systemd: + daemon-reload: true + name: container-store-metrics-in-db + state: started + enabled: true become: true diff --git a/tasks/deploy_gogs.yml b/tasks/deploy_gogs.yml index 123e118..dd48e8c 100644 --- a/tasks/deploy_gogs.yml +++ b/tasks/deploy_gogs.yml @@ -52,6 +52,7 @@ containers.podman.podman_container: name: gogs image: docker.io/gogs/gogs:0.12.3 + state: present network: - reverse-proxy - mysqlnet @@ -59,6 +60,17 @@ - 2222:22/tcp volume: - /mnt/volumes/gogs_data/data:/data:Z + generate_systemd: + path: /etc/systemd/system + become: true + when: not gogs_installed_flag.stat.exists + +- name: start/enable container service + ansible.builtin.systemd: + daemon-reload: true + name: container-gogs + state: started + enabled: true become: true when: not gogs_installed_flag.stat.exists diff --git a/tasks/deploy_mysql-server.yml b/tasks/deploy_mysql-server.yml index 140620d..087f099 100644 --- a/tasks/deploy_mysql-server.yml +++ b/tasks/deploy_mysql-server.yml @@ -19,11 +19,13 @@ registry: "{{ private_registry_domain }}" changed_when: false become: true + when: not mysql_installed_flag.stat.exists - name: Create mysql-server container containers.podman.podman_container: name: mysql-server image: "{{ private_registry_domain }}/mysql-server:fc2f81452f" + state: present network: - mysqlnet volume: @@ -31,7 +33,19 @@ - /mnt/volumes/mysql-server_dumps/data:/mnt/dumps:z - /mnt/volumes/mysql-server_scripts:/mnt/mysql-server_scripts:z - /usr/local/docker-mounted-files/docker-mysql-server-stack/debian.cnf:/etc/mysql/debian.cnf:z + generate_systemd: + path: /etc/systemd/system become: true + when: not mysql_installed_flag.stat.exists + +- name: start/enable container service + ansible.builtin.systemd: + daemon-reload: true + name: container-mysql-server + state: started + enabled: true + become: true + when: not mysql_installed_flag.stat.exists - name: Include tasks/mysql-server_install_from_backup_stage_3.yml ansible.builtin.include_tasks: "tasks/mysql-server_install_from_backup_stage_3.yml" diff --git a/tasks/deploy_reverse-proxy.yml b/tasks/deploy_reverse-proxy.yml index 1871f90..263d358 100644 --- a/tasks/deploy_reverse-proxy.yml +++ b/tasks/deploy_reverse-proxy.yml @@ -92,11 +92,13 @@ registry: "{{ private_registry_domain }}" changed_when: false become: true + when: not reverse_proxy_installed_flag.stat.exists - name: Create reverse-proxy container containers.podman.podman_container: name: reverse-proxy image: "{{ private_registry_domain }}/reverse-proxy:8c0dc1f517" + state: present network: - reverse-proxy ports: @@ -106,5 +108,16 @@ - /mnt/volumes/reverse-proxy_conf/data:/etc/apache2/sites-available:Z - /mnt/volumes/reverse-proxy_conf_enabled/data:/etc/apache2/sites-enabled:Z - /mnt/volumes/reverse-proxy_letsencrypt/data:/etc/letsencrypt:Z + generate_systemd: + path: /etc/systemd/system become: true + when: not reverse_proxy_installed_flag.stat.exists +- name: start/enable container service + ansible.builtin.systemd: + daemon-reload: true + name: container-reverse-proxy + state: started + enabled: true + become: true + when: not reverse_proxy_installed_flag.stat.exists