container: rework bind mount directory permissions, move from volume syntax to mount syntax, add single file template volumes
This commit is contained in:
uumas
@@ -1,7 +1,9 @@
|
||||
---
|
||||
|
||||
- name: Bind mounts
|
||||
when: "docker_volume_type == 'bind'"
|
||||
- name: Create directories and put files in them
|
||||
when:
|
||||
- docker_volumes | length > 0
|
||||
- (docker_volume_type == 'bind') or (docker_volumes | selectattr('template', 'defined') | list | length > 0)
|
||||
block:
|
||||
- name: Create directory /opt/{{ docker_service + '/' + docker_service_suffix }}
|
||||
file:
|
||||
@@ -25,31 +27,48 @@
|
||||
file:
|
||||
path: "{{ docker_mounts_dir }}"
|
||||
state: directory
|
||||
mode: 0755
|
||||
owner: "{{ user.uid | default(omit) }}"
|
||||
group: "{{ user.group | default(omit) }}"
|
||||
mode: 0700
|
||||
- name: Define mounts directory owner
|
||||
set_fact:
|
||||
mount_owner: "{{ user.uid if docker_host_user else image_user | default('') }}"
|
||||
mount_group: "{{ user.group if docker_host_user else '' }}"
|
||||
|
||||
- name: "Create docker bind mount directories for {{ docker_service_name }}"
|
||||
file:
|
||||
path: "{{ docker_mounts_dir }}/{{ item.name }}"
|
||||
state: directory
|
||||
owner: "{{ user.uid if item.set_owner is not defined or item.set_owner else omit | default(omit) }}"
|
||||
group: "{{ user.group if item.set_group is not defined or item.set_group else omit | default(omit) }}"
|
||||
mode: 0750
|
||||
owner: "{{ mount_owner if (item.set_owner is not defined or item.set_owner) and mount_owner | length > 0 else omit }}"
|
||||
group: "{{ mount_group if (item.set_group is not defined or item.set_group) and mount_group | length > 0 else omit }}"
|
||||
when: item.name is defined
|
||||
loop: "{{ docker_volumes }}"
|
||||
- name: Set docker_volume_definition for named binds
|
||||
set_fact:
|
||||
docker_volume_definition: "{{ docker_volume_definition + [docker_mounts_dir + '/' + item.name + ':' + item.path] }}"
|
||||
docker_volume_definition: "{{ docker_volume_definition + [{'source': docker_mounts_dir + '/' + item.name, 'target': item.path, 'type': 'bind'}] }}"
|
||||
when: item.name is defined
|
||||
loop: "{{ docker_volumes }}"
|
||||
|
||||
- name: Set docker_volume_definition for src binds
|
||||
set_fact:
|
||||
docker_volume_definition: "{{ docker_volume_definition + [item.src + ':' + item.path] }}"
|
||||
when: item.src is defined
|
||||
loop: "{{ final_docker_volumes }}"
|
||||
- name: Template docker template mounts for {{ docker_service_name }}
|
||||
template:
|
||||
src: "{{ item.template }}.j2"
|
||||
dest: "{{ docker_mounts_dir }}/{{ item.template }}"
|
||||
when: item.template is defined
|
||||
loop: "{{ docker_volumes }}"
|
||||
- name: Set docker_volume_definition for template mounts
|
||||
set_fact:
|
||||
docker_volume_definition: "{{ docker_volume_definition + [{'source': docker_mounts_dir + '/' + item.template, 'target': item.path, 'read_only': true}] }}"
|
||||
when: item.template is defined
|
||||
loop: "{{ docker_volumes }}"
|
||||
|
||||
- name: Set docker_volume_definition for named volumes
|
||||
set_fact:
|
||||
docker_volume_definition: "{{ docker_volume_definition + [item.name + ':' + item.path] }}"
|
||||
docker_volume_definition: "{{ docker_volume_definition + [{'source': docker_service_name + '_' + item.name, 'target': item.path}] }}"
|
||||
when: docker_volume_type == 'named' and item.name is defined
|
||||
loop: "{{ final_docker_volumes }}"
|
||||
|
||||
- name: Set docker_volume_definition for src binds
|
||||
set_fact:
|
||||
docker_volume_definition: "{{ docker_volume_definition + [{'source': item.src, 'target': item.path}] }}"
|
||||
when: item.src is defined
|
||||
loop: "{{ final_docker_volumes }}"
|
||||
|
||||
Reference in New Issue
Block a user