Great docker refactoring

2025-08-29 15:06:26 +02:00 · 2025-07-06 18:53:45 +02:00
parent bd9e43506f
commit 0347d238c2
27 changed files with 107 additions and 119 deletions
--- a/tasks/plays/01_constructor.yml
+++ b/tasks/plays/01_constructor.yml
@@ -1,16 +1,8 @@
 ---
-
- name: Show effective filter_plugins setting
-  shell: ansible-config dump --only-changed | grep -i filter_plugins || echo "using default"
-  register: filter_cfg
-
- name: Debug filter_plugins config
+- name: "Debug: allowed_applications"
  debug:
-    msg: "{{ filter_cfg.stdout_lines }}"
-
- name: "Debug: show which ansible.cfg was used"
-  debug:
-    msg: "{{ ansible_config_file }}"
+    msg: "{{ allowed_applications }}"
+  when: enable_debug | bool

 - name: Merge variables
  block:
@@ -110,51 +102,51 @@
  when: mode_update | bool

 - name: setup standard wireguard
-  when: ("wireguard_server" in group_names)
+  when: ('wireguard_server' | application_allowed(group_names, allowed_applications))
  include_role:
    name: wireguard

 # vpn setup
 - name: setup wireguard client behind firewall\nat
-  when: ("wireguard_behind_firewall" in group_names)
+  when: ('wireguard_behind_firewall' | application_allowed(group_names, allowed_applications))
  include_role:
    name: client-wireguard-behind-firewall

 - name: setup wireguard client
-  when: ("wireguard_client" in group_names)
+  when: ('wireguard_client' | application_allowed(group_names, allowed_applications))
  include_role:
    name: client-wireguard

 ## backup setup
 - name: setup replica backup hosts
-  when: ("backup_remote_to_local" in group_names)
+  when: ('backup_remote_to_local' | application_allowed(group_names, allowed_applications))
  include_role:
    name: backup-remote-to-local

 - name: setup backup to swappable
-  when: ("backup_to_usb" in group_names)
+  when: ('backup_to_usb' | application_allowed(group_names, allowed_applications))
  include_role:
    name: backup-data-to-usb

 ## driver setup
 - name: driver-intel
-  when: ("intel" in group_names)
+  when: ('intel' | application_allowed(group_names, allowed_applications))
  include_role:
    name: driver-intel

 - name: setup multiprinter hosts
-  when: ("epson_multiprinter" in group_names)
+  when: ('epson_multiprinter' | application_allowed(group_names, allowed_applications))
  include_role:
    name: driver-epson-multiprinter


 - name: setup hibernate lid switch
-  when: ("driver-lid-switch" in group_names)
+  when: ('driver-lid-switch' | application_allowed(group_names, allowed_applications))
  include_role:
    name: driver-lid-switch

 ## system setup 
 - name: setup swapfile hosts
-  when: ("swapfile" in group_names)
+  when: ('swapfile' | application_allowed(group_names, allowed_applications))
  include_role:
    name: system-swapfile
--- a/tasks/plays/02_server.yml
+++ b/tasks/plays/02_server.yml
@@ -16,25 +16,25 @@

 # Native Webserver Roles
 - name: setup nginx-serve-htmls
-  when: ("nginx-serve-htmls" in group_names)
  include_role:
    name: nginx-serve-html
  vars:
    domain: "{{primary_domain}}"
+  when: ('nginx-serve-htmls' | application_allowed(group_names, allowed_applications))

 - name: "setup corporate identity"
-  when: ("corporate_identity" in group_names)
  include_role:
    name: persona-corporate
+  when: ('corporate_identity' | application_allowed(group_names, allowed_applications))

 - name: setup redirect hosts
-  when: ("redirect" in group_names)
+  when: ('redirect' | application_allowed(group_names, allowed_applications))
  include_role:
    name: nginx-redirect-domains
  vars:
    domain_mappings: "{{ current_play_domain_mappings_redirect}}"

 - name: setup www redirect 
-  when: ("www_redirect" in group_names)
+  when: ('www_redirect' | application_allowed(group_names, allowed_applications))
  include_role:
    name: nginx-redirect-www
--- a/tasks/plays/03_destructor.yml
+++ b/tasks/plays/03_destructor.yml
@@ -1,8 +1,8 @@
 - name: optimize storage performance
  include_role:
    name: system-storage-optimizer
-  when: "(path_mass_storage is defined or path_rapid_storage is defined) and enable_system_storage_optimizer | bool and (docker_enabled is defined and docker_enabled | bool) "
-
+  when: ('storage-optimizer' | application_allowed(group_names, allowed_applications))
+  
 - name: Cleanup Docker Anonymous Volumes
  import_role:
    name: cleanup-docker-anonymous-volumes
--- a/tasks/utils/update-repository-with-files.yml
+++ b/tasks/utils/update-repository-with-files.yml
@@ -22,16 +22,6 @@
    chdir: "{{docker_compose.directories.instance}}"
  ignore_errors: true

-# This could be replaced by include_role: docker-repository-setup
-# Attendize and Akaunting still use this. When you refactor this code replace this.
- name: pull docker repository
-  git:
-    repo: "{{ docker_repository_address }}"
-    dest: "{{ docker_repository_directory  | default(docker_compose.directories.instance) }}"
-    update: yes
-  notify: docker compose up
-  become: true
-
 - name: "restore detached files"
  command: >
    mv "/tmp/{{application_id}}-{{ item }}.backup" "{{docker_compose.directories.instance}}{{ item }}"