service: Allow socat without reverse proxy config

2025-07-11 20:41:04 +03:00
parent 303d3a384a
commit f52ba4eced
5 changed files with 32 additions and 25 deletions
--- a/roles/service/defaults/main.yaml
+++ b/roles/service/defaults/main.yaml
@@ -2,6 +2,7 @@
 service_container_command: []

 service_domains: []
+service_container_http_port: 0
 service_vhost_locations: []
 service_proxy_pass_host_header: true

--- a/roles/service/meta/argument_specs.yaml
+++ b/roles/service/meta/argument_specs.yaml
@@ -27,6 +27,7 @@ argument_specs:
          - Required if service_domains is not empty.
        type: int
        required: false
+        default: 0
      service_proxy_pass_host_header:
        description: Passed to vhost role as vhost_proxy_pass_header
        type: bool
--- a/roles/service/tasks/main.yaml
+++ b/roles/service/tasks/main.yaml
@@ -40,6 +40,10 @@
    container_wants: "{{ _service_container_wants }}"
    container_auto_update: "{{ service_auto_update }}"

+- name: Socat for {{ service_name }}
+  ansible.builtin.include_tasks: socat.yaml
+  when: service_container_http_port > 0
+
 - name: Reverse proxy for {{ service_name }}
  ansible.builtin.include_tasks: proxy.yaml
  when: service_domains | length > 0
--- a/roles/service/tasks/proxy.yaml
+++ b/roles/service/tasks/proxy.yaml
@@ -1,29 +1,4 @@
 ---
- name: Socat socket for {{ service_name }}
-  ansible.builtin.template:
-    src: socat.socket.j2
-    dest: /etc/systemd/system/{{ service_name }}-socat.socket
-    mode: "0644"
-  notify: Restart socat socket for {{ service_name }}
-
- name: Socat container for {{ service_name }}
-  ansible.builtin.import_role:
-    name: container
-  vars:
-    container_name: "{{ service_name }}-socat"
-    container_image: "docker.io/alpine/socat:latest"
-    container_command:
-      - "ACCEPT-FD:3,fork"
-      - "TCP:{{ service_name }}:{{ service_container_http_port }}"
-    container_user: nobody
-    container_networks:
-      - "{{ service_name }}"
-    container_requires:
-      - "{{ service_name }}-socat.socket"
-      - "{{ service_name }}.service"
-    container_auto_start: false
-    container_auto_update: "{{ service_auto_update }}"
-
 - name: Reverse proxy for {{ service_name }}
  ansible.builtin.import_role:
    name: uumas.general.vhost
--- a/roles/service/tasks/socat.yaml
+++ b/roles/service/tasks/socat.yaml
@@ -0,0 +1,26 @@
+---
+- name: Socat socket for {{ service_name }}
+  ansible.builtin.template:
+    src: socat.socket.j2
+    dest: /etc/systemd/system/{{ service_name }}-socat.socket
+    mode: "0644"
+  notify: Restart socat socket for {{ service_name }}
+
+- name: Socat container for {{ service_name }}
+  ansible.builtin.import_role:
+    name: container
+  vars:
+    container_name: "{{ service_name }}-socat"
+    container_image: "docker.io/alpine/socat:latest"
+    container_command:
+      - "ACCEPT-FD:3,fork"
+      - "TCP:{{ service_name }}:{{ service_container_http_port }}"
+    container_user: nobody
+    container_networks:
+      - "{{ service_name }}"
+    container_requires:
+      - "{{ service_name }}-socat.socket"
+      - "{{ service_name }}.service"
+    container_auto_start: false
+    container_auto_update: "{{ service_auto_update }}"
+