From 3150bf5c2c4a80a3ae7b1b1f9d58e752bf236374 Mon Sep 17 00:00:00 2001 From: uumas Date: Fri, 25 Nov 2022 20:00:47 +0200 Subject: [PATCH] Update galaxy.yml, make ansible-lint happier --- galaxy.yml | 5 ++-- roles/container/meta/main.yml | 2 +- roles/container/tasks/main.yml | 43 +++++++++++++++-------------- roles/docker/tasks/main.yml | 2 +- roles/element/meta/main.yml | 2 +- roles/element/tasks/main.yml | 3 +- roles/gitea/tasks/main.yml | 6 ++-- roles/hedgedoc/meta/main.yml | 1 - roles/jitsi/defaults/main.yml | 1 - roles/jitsi/meta/main.yml | 2 +- roles/jitsi/tasks/main.yml | 3 +- roles/keycloak/meta/main.yml | 3 +- roles/unifi/meta/main.yml | 1 - roles/wekan/meta/main.yml | 1 - roles/wekan/tasks/main.yml | 1 + roles/wordpress/defaults/main.yml | 1 - roles/wordpress/tasks/main.yml | 5 ++-- roles/wordpress/vars/log_volume.yml | 1 - roles/wordpress/vars/www_volume.yml | 1 - 19 files changed, 40 insertions(+), 44 deletions(-) diff --git a/galaxy.yml b/galaxy.yml index 29938bd..8f9500a 100644 --- a/galaxy.yml +++ b/galaxy.yml @@ -2,11 +2,12 @@ namespace: uumas name: docker -version: 0.5.5 +description: Roles for installing services in docker containers +version: 0.6.0 readme: README.md repository: https://git.uumas.fi/uumas/ansible-docker license_file: LICENSE dependencies: - uumas.general: '>=0.5.0' + uumas.general: '>=0.5.5' authors: - uumas diff --git a/roles/container/meta/main.yml b/roles/container/meta/main.yml index 78053e7..6230755 100644 --- a/roles/container/meta/main.yml +++ b/roles/container/meta/main.yml @@ -1,4 +1,4 @@ --- dependencies: - - docker + - role: docker diff --git a/roles/container/tasks/main.yml b/roles/container/tasks/main.yml index 523c84c..ac38768 100644 --- a/roles/container/tasks/main.yml +++ b/roles/container/tasks/main.yml @@ -6,6 +6,7 @@ when: docker_service_suffix is defined - name: Convert docker_volumes from legacy format + when: docker_volumes is defined and docker_volumes[0] is not mapping block: - name: Warn about docker_volumes legacy format debug: @@ -13,20 +14,19 @@ - name: Add legacy docker volumes to docker_volumes_new using the new format set_fact: - docker_volumes_new: "{{ docker_volumes_new | default([]) + [{ 'name': item.split(':')[0], 'path': item.split(':')[1] }] }}" + docker_volumes_new: "{{ docker_volumes_new | default([]) + [{'name': item.split(':')[0], 'path': item.split(':')[1]}] }}" when: "'/' not in item.split(':')[0]" loop: "{{ docker_volumes }}" - name: Add legacy docker src bind mounts to docker_volumes_new using the new format set_fact: - docker_volumes_new: "{{ docker_volumes_new | default([]) + [{ 'src': item.split(':')[0], 'path': item.split(':')[1] }] }}" + docker_volumes_new: "{{ docker_volumes_new | default([]) + [{'src': item.split(':')[0], 'path': item.split(':')[1]}] }}" when: "'/' in item.split(':')[0]" loop: "{{ docker_volumes }}" - name: Set final_docker_volumes variable set_fact: final_docker_volumes: "{{ docker_volumes_new }}" - when: docker_volumes is defined and docker_volumes[0] is not mapping -- name: "{{ docker_service_name }} docker network" +- name: Docker network {{ docker_service_name }} docker_network: name: "{{ docker_service_name }}" when: docker_network_mode is not defined or docker_network_mode != 'host' @@ -38,7 +38,7 @@ when: docker_network_mode is not defined or docker_network_mode != 'host' - name: Reverse proxy - include_role: + include_role: name: uumas.general.reverse_proxy vars: vhost_id: "{{ docker_service_name }}" @@ -48,7 +48,7 @@ when: reverse_proxy_type != 'none' and reverse_proxy_type != 'traefik' - name: Set published ports variable - set_fact: + set_fact: container_published_ports: ["127.0.0.1:{{ ports[docker_service_name][docker_proxy_target_protocol] }}:{{ docker_image_http_port }}"] when: reverse_proxy_type != 'traefik' and (docker_network_mode is not defined or docker_network_mode != 'host') @@ -57,6 +57,7 @@ when: reverse_proxy_type == 'traefik' - name: Database container + when: docker_database is defined block: - name: Set postgres container vars set_fact: @@ -88,11 +89,11 @@ db_published_ports: ["127.0.0.1:{{ ports[docker_service_name].db }}:{{ db_image_port }}"] when: ports[docker_service_name].db is defined - - name: "{{ docker_database }} database container for {{ docker_service_name }}" + - name: Database container for {{ docker_service_name + ' (' + docker_database + ')' }} docker_container: name: "{{ docker_service_name }}_db" image: "{{ db_container_image }}" - pull: yes + pull: true env: "{{ db_container_env | default(omit) }}" published_ports: "{{ db_published_ports | default(omit) }}" restart_policy: always @@ -100,33 +101,35 @@ - "{{ docker_service_name }}_db:{{ db_container_data }}" networks: "{{ container_networks | default(omit) }}" log_driver: local - when: docker_database is defined - name: Additional services + when: docker_additional_services is defined block: - name: "Memcached container for {{ docker_service_name }}" docker_container: name: "{{ docker_service_name }}_memcached" image: memcached:alpine - pull: yes + pull: true restart_policy: always networks: "{{ container_networks | default(omit) }}" log_driver: local when: "'memcached' in docker_additional_services" - when: docker_additional_services is defined -- name: "Create /opt/{{ docker_service }} directory" +- name: Create directory /opt/{{ docker_service }} file: path: "/opt/{{ docker_service }}" state: directory + mode: 0755 when: (dockerfile is defined and dockerfile | length > 0) or docker_host_user or docker_volume_type == 'bind' - name: Image build + when: dockerfile is defined and dockerfile | length > 0 block: - name: Put dockerfile in place template: src: Dockerfile.j2 dest: "/opt/{{ docker_service }}/Dockerfile" + mode: 0644 - name: Build docker image for {{ docker_service }} docker_image: @@ -137,9 +140,9 @@ pull: true path: "/opt/{{ docker_service }}" register: docker_built_image - when: dockerfile is defined and dockerfile | length > 0 - name: Container user + when: docker_host_user block: - name: "Create user for {{ docker_service_name }}" user: @@ -153,18 +156,19 @@ - name: Set docker container user set_fact: docker_user: "{{ user.uid }}:{{ user.group }}" - when: docker_host_user - name: Bind mounts + when: "docker_volume_type == 'bind'" block: - - name: "Create /opt/{{ docker_service }}/{{ docker_service_suffix }} directory" + - name: Create directory /opt/{{ docker_service + '/' + docker_service_suffix }} file: path: "/opt/{{ docker_service }}/{{ docker_service_suffix }}" state: directory owner: "{{ user.uid | default(omit) }}" - group: "{{ user.group | default(omit)}}" + group: "{{ user.group | default(omit) }}" + mode: 0755 when: docker_service_suffix is defined - + - name: Set docker_mounts_dir set_fact: docker_mounts_dir: "/opt/{{ docker_service }}/{{ docker_service_suffix }}/mounts" @@ -174,10 +178,11 @@ docker_mounts_dir: "/opt/{{ docker_service }}/mounts" when: docker_service_suffix is not defined - - name: "Create {{ docker_mounts_dir }} directory" + - name: Create directory {{ docker_mounts_dir }} file: path: "{{ docker_mounts_dir }}" state: directory + mode: 0755 - name: "Create docker bind mount directories for {{ docker_service_name }}" file: @@ -194,7 +199,6 @@ docker_volume_definition: "{{ docker_volume_definition | default([]) + [docker_mounts_dir + '/' + item.name + ':' + item.path] }}" when: item.name is defined loop: "{{ docker_volumes }}" - when: "docker_volume_type == 'bind'" - name: Set docker_volume_definition for src binds set_fact: @@ -232,4 +236,3 @@ mode: 0750 when: "docker_volume_type == 'bind' and item.name is defined" loop: "{{ final_docker_volumes }}" - diff --git a/roles/docker/tasks/main.yml b/roles/docker/tasks/main.yml index f106006..52c5df7 100644 --- a/roles/docker/tasks/main.yml +++ b/roles/docker/tasks/main.yml @@ -25,7 +25,7 @@ url: 'https://download.docker.com/linux/debian/gpg' - name: Add docker repo apt_repository: - repo: "deb [arch={{ dpkg_arch }}] https://download.docker.com/linux/{{ ansible_distribution|lower }} {{ ansible_distribution_release }} stable" + repo: "deb [arch={{ dpkg_arch }}] https://download.docker.com/linux/{{ ansible_distribution | lower }} {{ ansible_distribution_release }} stable" filename: 'docker' mode: '644' diff --git a/roles/element/meta/main.yml b/roles/element/meta/main.yml index 0687a69..d6d6149 100644 --- a/roles/element/meta/main.yml +++ b/roles/element/meta/main.yml @@ -1,7 +1,7 @@ --- dependencies: - - docker + - role: docker - role: uumas.general.reverse_proxy vhost_id: element vhost_domains: "{{ element_domains }}" diff --git a/roles/element/tasks/main.yml b/roles/element/tasks/main.yml index 685a3f6..a490270 100644 --- a/roles/element/tasks/main.yml +++ b/roles/element/tasks/main.yml @@ -1,7 +1,7 @@ --- - name: Set element published ports variable - set_fact: + set_fact: element_published_ports: ["127.0.0.1:{{ ports.element_http }}:80"] when: reverse_proxy_type != 'traefik' @@ -33,4 +33,3 @@ content: "{{ element_config }}" dest: "{{ element_config_volume.Source }}/config.json" mode: '644' - diff --git a/roles/gitea/tasks/main.yml b/roles/gitea/tasks/main.yml index 1460b14..945791f 100644 --- a/roles/gitea/tasks/main.yml +++ b/roles/gitea/tasks/main.yml @@ -4,16 +4,16 @@ group: name: git gid: 2132 - system: yes + system: true - name: Create git user on host for gitea ssh user: name: git uid: 2132 group: git - system: yes + system: true home: /var/lib/gitea - generate_ssh_key: yes + generate_ssh_key: true register: git_user - name: Add git user's own ssh key to its authorized keys diff --git a/roles/hedgedoc/meta/main.yml b/roles/hedgedoc/meta/main.yml index 8874f89..2be3417 100644 --- a/roles/hedgedoc/meta/main.yml +++ b/roles/hedgedoc/meta/main.yml @@ -15,4 +15,3 @@ dependencies: CMD_ALLOW_ANONYMOUS: "false" CMD_ALLOW_ANONYMOUS_EDITS: "true" CMD_ALLOW_FREEURL: "true" - diff --git a/roles/jitsi/defaults/main.yml b/roles/jitsi/defaults/main.yml index bc04e4e..d809a31 100644 --- a/roles/jitsi/defaults/main.yml +++ b/roles/jitsi/defaults/main.yml @@ -1,4 +1,3 @@ --- jitsi_docker_tag: stable - diff --git a/roles/jitsi/meta/main.yml b/roles/jitsi/meta/main.yml index d34c2ed..5a3174f 100644 --- a/roles/jitsi/meta/main.yml +++ b/roles/jitsi/meta/main.yml @@ -1,7 +1,7 @@ --- dependencies: - - docker + - role: docker - role: uumas.general.reverse_proxy vhost_id: jitsi vhost_domains: diff --git a/roles/jitsi/tasks/main.yml b/roles/jitsi/tasks/main.yml index 8ecd24e..39e7e06 100644 --- a/roles/jitsi/tasks/main.yml +++ b/roles/jitsi/tasks/main.yml @@ -5,7 +5,7 @@ name: meet.jitsi - name: Set jitsi meet web published ports variable - set_fact: + set_fact: jitsi_web_published_ports: ["127.0.0.1:{{ ports.jitsi_http }}:80"] when: reverse_proxy_type != 'traefik' @@ -124,4 +124,3 @@ - name: meet.jitsi aliases: - meet.jitsi - diff --git a/roles/keycloak/meta/main.yml b/roles/keycloak/meta/main.yml index 9abe0db..0fae98d 100644 --- a/roles/keycloak/meta/main.yml +++ b/roles/keycloak/meta/main.yml @@ -6,7 +6,7 @@ dependencies: docker_image: quay.io/keycloak/keycloak:latest docker_image_http_port: 8080 docker_database: postgres - docker_entrypoint: + docker_entrypoint: - /opt/keycloak/bin/kc.sh - start - --auto-build @@ -20,4 +20,3 @@ dependencies: KC_DB_URL: jdbc:postgresql://keycloak_db/keycloak KC_DB_USERNAME: keycloak KC_DB_PASSWORD: "{{ database_passwords.keycloak }}" - diff --git a/roles/unifi/meta/main.yml b/roles/unifi/meta/main.yml index f5d4565..be14984 100644 --- a/roles/unifi/meta/main.yml +++ b/roles/unifi/meta/main.yml @@ -11,4 +11,3 @@ dependencies: docker_env: UNIFI_HTTPS_PORT: "{{ ports.unifi.https }}" PORTAL_HTTP_PORT: "8808" - diff --git a/roles/wekan/meta/main.yml b/roles/wekan/meta/main.yml index ec47a46..957553f 100644 --- a/roles/wekan/meta/main.yml +++ b/roles/wekan/meta/main.yml @@ -12,4 +12,3 @@ dependencies: MONGO_URL: mongodb://wekan_db:27017/wekan ROOT_URL: "https://{{ docker_vhost_domains.wekan[0] }}" WRITABLE_PATH: /data - diff --git a/roles/wekan/tasks/main.yml b/roles/wekan/tasks/main.yml index 9bacbfd..f5c38bd 100644 --- a/roles/wekan/tasks/main.yml +++ b/roles/wekan/tasks/main.yml @@ -10,3 +10,4 @@ state: directory owner: 999 group: 999 + mode: 0755 diff --git a/roles/wordpress/defaults/main.yml b/roles/wordpress/defaults/main.yml index 15a039e..582be2a 100644 --- a/roles/wordpress/defaults/main.yml +++ b/roles/wordpress/defaults/main.yml @@ -11,4 +11,3 @@ wordpress_symlinks: false wordpress_docker_volumes: - name: html path: /var/www/html - diff --git a/roles/wordpress/tasks/main.yml b/roles/wordpress/tasks/main.yml index 0e9d3d3..393e559 100644 --- a/roles/wordpress/tasks/main.yml +++ b/roles/wordpress/tasks/main.yml @@ -2,7 +2,9 @@ - name: Add memcached php extension to container set_fact: - dockerfile: "{{ dockerfile | combine({'run': ['apt-get update && apt-get install -y libmemcached-dev zlib1g-dev && pecl install memcached-3.2.0 && docker-php-ext-enable memcached']}, list_merge='append') }}" + dockerfile: "{{ dockerfile | combine({'run': \ + ['apt-get update && apt-get install -y libmemcached-dev zlib1g-dev && \ + pecl install memcached-3.2.0 && docker-php-ext-enable memcached']}, list_merge='append') }}" when: "'memcached' in docker_additional_services" - name: Add pdo_mysql php extension to container @@ -32,4 +34,3 @@ WORDPRESS_CONFIG_EXTRA: | define('WP_SITEURL', 'https://{{ docker_vhost_domains[docker_service_name][0] }}'); define('WP_HOME', 'https://{{ docker_vhost_domains[docker_service_name][0] }}'); - diff --git a/roles/wordpress/vars/log_volume.yml b/roles/wordpress/vars/log_volume.yml index 295a6f4..2f5ccbd 100644 --- a/roles/wordpress/vars/log_volume.yml +++ b/roles/wordpress/vars/log_volume.yml @@ -3,4 +3,3 @@ wordpress_log_volume: - name: logs path: /var/log/apache2 - diff --git a/roles/wordpress/vars/www_volume.yml b/roles/wordpress/vars/www_volume.yml index 4cd1f68..27ba927 100644 --- a/roles/wordpress/vars/www_volume.yml +++ b/roles/wordpress/vars/www_volume.yml @@ -3,4 +3,3 @@ wordpress_www_volume: - name: www path: /var/www -