--- - name: Check if install from backup is already done stat: path: /mnt/volumes/install_states/reverse-proxy_installed register: reverse_proxy_installed_flag - name: Create reverse-proxy network containers.podman.podman_network: name: reverse-proxy become: true when: not reverse_proxy_installed_flag.stat.exists - name: Setup volume ansible.builtin.include_role: name: role_setup_volume vars: volume: "{{ item }}" with_items: - name: reverse-proxy_conf size: 1 vol_type: classic - name: reverse-proxy_conf_enabled size: 1 vol_type: classic - name: reverse-proxy_letsencrypt size: 1 vol_type: classic - name: tmp_duplicity_workdir size: 20 vol_type: high-speed - name: duplicity_cache size: 5 vol_type: high-speed when: not reverse_proxy_installed_flag.stat.exists - name: change ownership of duplicity working directories ansible.builtin.file: path: "{{ item }}" owner: "{{ LINUX_USERNAME }}" group: "{{ LINUX_USERNAME }}" become: true with_items: - "{{ DUPLICITY_WORKDIR }}" - "{{ DUPLICITY_ARCHIVE_DIR }}" when: not reverse_proxy_installed_flag.stat.exists - name: restore volume backup ansible.builtin.command: cmd: "duplicity restore --file-to-restore {{ item }}.tar.gz --do-not-restore-ownership --archive-dir {{ DUPLICITY_ARCHIVE_DIR }} swift://backup_ovh1 {{ DUPLICITY_WORKDIR }}/{{ item }}.tar.gz" environment: SWIFT_USERNAME: "{{ OS_USERNAME }}" SWIFT_PASSWORD: "{{ OS_PASSWORD }}" SWIFT_AUTHURL: "{{ OS_AUTH_URL }}" SWIFT_REGIONNAME: "{{ SWIFT_REGIONNAME }}" SWIFT_TENANTNAME: "{{ OS_TENANT_NAME }}" SWIFT_AUTHVERSION: "{{ OS_IDENTITY_API_VERSION }}" PASSPHRASE: "{{ DUPLICITY_PASSPHRASE}}" # /usr/bin/duplicity uses "-s" python argument to prevent loading modules from user's python directory, # this variable will override that. PYTHONPATH: ".local/lib/python3.9/site-packages" register: duplicity_result with_items: - reverse-proxy_conf - reverse-proxy_conf_enabled - reverse-proxy_letsencrypt failed_when: duplicity_result is failed and (duplicity_result.rc is not defined or duplicity_result.rc != 11) changed_when: duplicity_result.rc is defined and duplicity_result.rc == 0 when: not reverse_proxy_installed_flag.stat.exists - name: Unarchive volume backup ansible.builtin.command: cmd: "tar -xzvf {{ DUPLICITY_WORKDIR }}/{{ item }}.tar.gz -C /mnt/volumes/{{ item }}/data --strip 2" become: true with_items: - reverse-proxy_conf - reverse-proxy_conf_enabled - reverse-proxy_letsencrypt when: not reverse_proxy_installed_flag.stat.exists # A local volume is needed to store install states - name: Create /mnt/volumes/install_states directory if it does not exist ansible.builtin.file: path: "/mnt/volumes/install_states" state: directory mode: '0755' become: true when: not reverse_proxy_installed_flag.stat.exists - name: Create reverse-proxy_installed state file ansible.builtin.file: path: "/mnt/volumes/install_states/reverse-proxy_installed" state: touch mode: '0755' become: true when: not reverse_proxy_installed_flag.stat.exists - name: Get docker-reverse-proxy repo's last commit ansible.builtin.git: repo: https://github.com/yohan-b/docker-reverse-proxy.git clone: no update: no version: master register: git changed_when: false - name: Set fact commit set_fact: commit: "{{ git.after[0:10] }}" - name: Build reverse-proxy image containers.podman.podman_image: name: reverse-proxy path: https://github.com/yohan-b/docker-reverse-proxy.git force: true build: force_rm: true annotation: git_commit: "{{ commit }}" become: true register: image - name: Create reverse-proxy container containers.podman.podman_container: name: reverse-proxy image: reverse-proxy recreate: "{{ image is changed }}" network: - reverse-proxy ports: - 80:80/tcp - 443:443/tcp volume: - /mnt/volumes/reverse-proxy_conf/data:/etc/apache2/sites-available:Z - /mnt/volumes/reverse-proxy_conf_enabled/data:/etc/apache2/sites-enabled:Z - /mnt/volumes/reverse-proxy_letsencrypt/data:/etc/letsencrypt:Z become: true