From 03564b34bb2bbdb5cd49e4dd7ea1d1f82bec5808 Mon Sep 17 00:00:00 2001 From: Kevin Veen-Birkenbach Date: Fri, 15 Aug 2025 21:35:45 +0200 Subject: [PATCH] Optimized reset routine for docker images and specially discourse --- roles/cmp-rdbms/vars/database.yml | 11 ++-- roles/srv-web-7-7-inj-matomo/tasks/main.yml | 1 - roles/svc-db-mariadb/tasks/02_init.yml | 2 +- roles/sys-svc-docker/tasks/01_core.yml | 8 +-- roles/sys-svc-docker/tasks/02_reset.yml | 1 - roles/web-app-discourse/tasks/02_reset.yml | 51 +++++++++++++++---- roles/web-app-discourse/vars/main.yml | 2 +- roles/web-app-gitea/templates/env.j2 | 2 +- roles/web-app-joomla/templates/env.j2 | 2 +- .../web-app-listmonk/templates/config.toml.j2 | 2 +- roles/web-app-moodle/templates/env.j2 | 2 +- roles/web-app-nextcloud/templates/env.j2 | 2 +- roles/web-app-pixelfed/templates/env.j2 | 2 +- roles/web-app-snipe-it/templates/env.j2 | 2 +- roles/web-app-wordpress/templates/env.j2 | 2 +- 15 files changed, 61 insertions(+), 31 deletions(-) diff --git a/roles/cmp-rdbms/vars/database.yml b/roles/cmp-rdbms/vars/database.yml index de1993d8..a401a28e 100644 --- a/roles/cmp-rdbms/vars/database.yml +++ b/roles/cmp-rdbms/vars/database.yml @@ -2,8 +2,9 @@ _dbtype: "{{ (database_type | d('') | trim) }}" _database_id: "{{ ('svc-db-' ~ _dbtype) if _dbtype else '' }}" _database_central_name: "{{ (applications | get_app_conf(_database_id, 'docker.services.' ~ _dbtype ~ '.name', False, '')) if _dbtype else '' }}" -_database_consumer_entity_name: "{{ (database_application_id | d(application_id)) | get_entity_name }}" -_database_central_enabled: "{{ (applications | get_app_conf(database_application_id, 'features.central_database', False)) if _dbtype else False }}" +_database_consumer_id: "{{ database_application_id | d(application_id) }}" +_database_consumer_entity_name: "{{ _database_consumer_id | get_entity_name }}" +_database_central_enabled: "{{ (applications | get_app_conf(_database_consumer_id, 'features.central_database', False)) if _dbtype else False }}" # Definition @@ -11,9 +12,9 @@ database_name: "{{ _database_consumer_entity_name }}" database_instance: "{{ _database_central_name if _database_central_enabled else database_name }}" # This could lead to bugs at dedicated database @todo cleanup database_host: "{{ _database_central_name if _database_central_enabled else 'database' }}" # This could lead to bugs at dedicated database @todo cleanup database_username: "{{ _database_consumer_entity_name }}" -database_password: "{{ applications | get_app_conf(database_application_id, 'credentials.database_password', true) }}" +database_password: "{{ applications | get_app_conf(_database_consumer_id, 'credentials.database_password', true) }}" database_port: "{{ (ports.localhost.database[_database_id] | d('')) if _dbtype else '' }}" -database_env: "{{docker_compose.directories.env}}{{ database_type }}.env" +database_env: "{{ docker_compose.directories.env }}{{ database_type }}.env" database_url_jdbc: "jdbc:{{ database_type if database_type == 'mariadb' else 'postgresql' }}://{{ database_host }}:{{ database_port }}/{{ database_name }}" -database_url_full: "{{ database_type }}://{{ database_username }}:{{ database_password }}@{{ database_host }}:{{database_port}}/{{ database_name }}" +database_url_full: "{{ database_type }}://{{ database_username }}:{{ database_password }}@{{ database_host }}:{{ database_port }}/{{ database_name }}" database_volume: "{{ _database_consumer_entity_name ~ '_' if not _database_central_enabled }}{{ database_host }}" diff --git a/roles/srv-web-7-7-inj-matomo/tasks/main.yml b/roles/srv-web-7-7-inj-matomo/tasks/main.yml index b97d75b0..8550516c 100644 --- a/roles/srv-web-7-7-inj-matomo/tasks/main.yml +++ b/roles/srv-web-7-7-inj-matomo/tasks/main.yml @@ -64,4 +64,3 @@ applications: "{{ applications | append_csp_hash(application_id, matomo_tracking_code_one_liner) }}" no_log: "{{ MASK_CREDENTIALS_IN_LOGS | bool }}" changed_when: false - diff --git a/roles/svc-db-mariadb/tasks/02_init.yml b/roles/svc-db-mariadb/tasks/02_init.yml index 1c26285a..3c74bf20 100644 --- a/roles/svc-db-mariadb/tasks/02_init.yml +++ b/roles/svc-db-mariadb/tasks/02_init.yml @@ -19,7 +19,7 @@ login_user: root login_password: "{{mariadb_root_pwd}}" login_host: 127.0.0.1 - login_port: "{{database_port}}" + login_port: "{{ database_port }}" # Deactivated due to https://chatgpt.com/share/683ba14b-0e74-800f-9ad1-a8979bc77093 # @todo Remove if this works fine in the future. diff --git a/roles/sys-svc-docker/tasks/01_core.yml b/roles/sys-svc-docker/tasks/01_core.yml index 89a90d4e..c178df87 100644 --- a/roles/sys-svc-docker/tasks/01_core.yml +++ b/roles/sys-svc-docker/tasks/01_core.yml @@ -6,14 +6,14 @@ state: present notify: docker restart -- name: "Load cleanup tasks when MODE_CLEANUP or MODE_RESET is enabled" - include_tasks: "03_cleanup.yml" - when: MODE_CLEANUP | bool or MODE_RESET | bool - - name: "Load reset tasks when MODE_RESET is enabled" include_tasks: "02_reset.yml" when: MODE_RESET | bool +- name: "Load cleanup tasks when MODE_CLEANUP or MODE_RESET is enabled" + include_tasks: "03_cleanup.yml" + when: MODE_CLEANUP | bool or MODE_RESET | bool + - name: Include backup, repair and health services for docker include_role: name: "{{ item }}" diff --git a/roles/sys-svc-docker/tasks/02_reset.yml b/roles/sys-svc-docker/tasks/02_reset.yml index 588432ec..f84915ca 100644 --- a/roles/sys-svc-docker/tasks/02_reset.yml +++ b/roles/sys-svc-docker/tasks/02_reset.yml @@ -8,7 +8,6 @@ name: "{{ (item.Names | default([item.Name]))[0] | regex_replace('^/','') }}" state: absent force_kill: true - remove_volumes: false # NEVER SET TO TRUE - PREVENTS DELETION OF VOLUMES loop: "{{ docker_info.containers }}" loop_control: label: "{{ (item.Names | default([item.Name]))[0] }}" diff --git a/roles/web-app-discourse/tasks/02_reset.yml b/roles/web-app-discourse/tasks/02_reset.yml index 9a2a50bf..3583b6b9 100644 --- a/roles/web-app-discourse/tasks/02_reset.yml +++ b/roles/web-app-discourse/tasks/02_reset.yml @@ -1,14 +1,45 @@ -- name: "Load database variables for reset function" - include_vars: "{{playbook_dir}}/roles/cmp-rdbms/vars/main.yml" +# This reset function is redundant, because the 'sys-scv-docker' role reset will take care of it +# anyhow lets keep this here for documentary purposes -- name: "cleanup central database from {{ application_id }}_default network" - command: - cmd: "docker network disconnect {{applications | get_app_conf(application_id, 'network', True)}} {{ database_host }}" - ignore_errors: true +- name: "Load database & docker-compose variables for reset" + ansible.builtin.include_vars: + file: "{{ item }}" + loop: + - "{{ playbook_dir }}/roles/docker-compose/vars/docker-compose.yml" + - "{{ playbook_dir }}/roles/cmp-rdbms/vars/database.yml" -- name: "destroy container {{ DISCOURSE_CONTAINER }}" - command: +- name: Sanity check for required vars + assert: + that: + - database_type is defined + - applications is defined + - docker_compose is defined + - ports is defined + fail_msg: "Load roles/docker-compose/vars/docker-compose.yml and set `database_type` first." + +- name: "Disconnect DB container from Discourse networks" + ansible.builtin.command: + cmd: "docker network disconnect {{ discourse_network_item }} {{ database_host }}" + loop: + - "{{ DISCOURSE_NETWORK }}" + - "{{ DISCOURSE_PG_NETWORK }}" + loop_control: + loop_var: discourse_network_item + label: "{{ discourse_network_item }}" + register: disc_net_disconnect + changed_when: disc_net_disconnect.rc == 0 + failed_when: > + disc_net_disconnect.rc != 0 and + ('is not connected' not in (disc_net_disconnect.stderr | default('') | lower)) and + ('no such network' not in (disc_net_disconnect.stderr | default('') | lower)) and + ('no such container' not in (disc_net_disconnect.stderr | default('') | lower)) + +- name: "destroy container '{{ DISCOURSE_CONTAINER }}'" + ansible.builtin.command: cmd: "./launcher destroy {{ DISCOURSE_CONTAINER }}" chdir: "{{ DISCOURSE_REPOSITORY_DIR }}" - ignore_errors: true - notify: recreate discourse \ No newline at end of file + register: discourse_destroy + changed_when: discourse_destroy.rc == 0 + failed_when: > + discourse_destroy.rc != 0 and + ('unable to change directory before execution' not in (discourse_destroy.msg | default('') | lower)) diff --git a/roles/web-app-discourse/vars/main.yml b/roles/web-app-discourse/vars/main.yml index 3d2f2452..eb35ef0e 100644 --- a/roles/web-app-discourse/vars/main.yml +++ b/roles/web-app-discourse/vars/main.yml @@ -11,7 +11,7 @@ DISCOURSE_CONTAINER: "{{ applications | get_app_conf(application_id, DISCOURSE_NETWORK: "{{ applications | get_app_conf(application_id, 'docker.network') }}" DISCOURSE_VOLUME: "{{ applications | get_app_conf(application_id, 'docker.volumes.data') }}" DISCOURSE_PLUGINS: "{{ applications | get_app_conf(application_id, 'plugins') }}" -DISCOURSE_PG_NETWORK: "{{ applications | get_app_conf('svc-db-postgres', 'docker.network' ) }}" +DISCOURSE_PG_NETWORK: "{{ applications | get_app_conf('svc-db-' ~ database_type, 'docker.network' ) }}" DISCOURSE_REDIS_HOST: "{{ application_id | get_entity_name }}-redis" DISCOURSE_REPOSITORY_URL: "{{ applications | get_app_conf(application_id, 'docker.services.discourse.repository') }}" diff --git a/roles/web-app-gitea/templates/env.j2 b/roles/web-app-gitea/templates/env.j2 index 98701916..4713babc 100644 --- a/roles/web-app-gitea/templates/env.j2 +++ b/roles/web-app-gitea/templates/env.j2 @@ -15,7 +15,7 @@ GITEA__log__LEVEL={% if MODE_DEBUG | bool %}Debug{% else %}Info{% endif %} # Database DB_TYPE=mysql -DB_HOST={{ database_host }}:{{database_port}} +DB_HOST={{ database_host }}:{{ database_port }} DB_NAME={{ database_name }} DB_USER={{ database_username }} DB_PASSWD={{ database_password }} diff --git a/roles/web-app-joomla/templates/env.j2 b/roles/web-app-joomla/templates/env.j2 index 842a38ae..a36ba0cc 100644 --- a/roles/web-app-joomla/templates/env.j2 +++ b/roles/web-app-joomla/templates/env.j2 @@ -1,4 +1,4 @@ -JOOMLA_DB_HOST="{{ database_host }}:{{database_port}}" +JOOMLA_DB_HOST="{{ database_host }}:{{ database_port }}" JOOMLA_DB_USER="{{ database_username }}" JOOMLA_DB_PASSWORD="{{ database_password }}" JOOMLA_DB_NAME="{{ database_name }}" \ No newline at end of file diff --git a/roles/web-app-listmonk/templates/config.toml.j2 b/roles/web-app-listmonk/templates/config.toml.j2 index d7281fb0..93267ed3 100644 --- a/roles/web-app-listmonk/templates/config.toml.j2 +++ b/roles/web-app-listmonk/templates/config.toml.j2 @@ -8,7 +8,7 @@ address = "0.0.0.0:{{ container_port }}" # Database. [db] host = "{{ database_host }}" -port = {{database_port}} +port = {{ database_port }} user = "{{ database_username }}" password = "{{ database_password }}" diff --git a/roles/web-app-moodle/templates/env.j2 b/roles/web-app-moodle/templates/env.j2 index ee3382d3..b62c4cc4 100644 --- a/roles/web-app-moodle/templates/env.j2 +++ b/roles/web-app-moodle/templates/env.j2 @@ -11,7 +11,7 @@ BITNAMI_DEBUG={% if MODE_DEBUG | bool %}true{% else %}false{% endif %} # Database MOODLE_DATABASE_HOST={{ database_host }} -MOODLE_DATABASE_PORT_NUMBER={{database_port}} +MOODLE_DATABASE_PORT_NUMBER={{ database_port }} MOODLE_DATABASE_USER={{ database_username }} MOODLE_DATABASE_NAME={{ database_name }} MOODLE_DATABASE_PASSWORD={{ database_password }} diff --git a/roles/web-app-nextcloud/templates/env.j2 b/roles/web-app-nextcloud/templates/env.j2 index d3541cfa..3c328fe7 100644 --- a/roles/web-app-nextcloud/templates/env.j2 +++ b/roles/web-app-nextcloud/templates/env.j2 @@ -5,7 +5,7 @@ MYSQL_DATABASE= "{{ database_name }}" MYSQL_USER= "{{ database_username }}" MYSQL_PASSWORD= "{{ database_password }}" -MYSQL_HOST= "{{ database_host }}:{{database_port}}" +MYSQL_HOST= "{{ database_host }}:{{ database_port }}" # PHP PHP_MEMORY_LIMIT= "{{applications | get_app_conf(application_id, 'performance.php.memory_limit')}}" diff --git a/roles/web-app-pixelfed/templates/env.j2 b/roles/web-app-pixelfed/templates/env.j2 index cba88760..39d92cc5 100644 --- a/roles/web-app-pixelfed/templates/env.j2 +++ b/roles/web-app-pixelfed/templates/env.j2 @@ -61,7 +61,7 @@ DB_CONNECTION=mysql DB_DATABASE={{ database_name }} DB_HOST={{ database_host }} DB_PASSWORD="{{ database_password }}" -DB_PORT="{{database_port}}" +DB_PORT="{{ database_port }}" DB_USERNAME={{ database_username }} ## Cache (Redis) diff --git a/roles/web-app-snipe-it/templates/env.j2 b/roles/web-app-snipe-it/templates/env.j2 index 463bb8c1..af615497 100644 --- a/roles/web-app-snipe-it/templates/env.j2 +++ b/roles/web-app-snipe-it/templates/env.j2 @@ -21,7 +21,7 @@ PUBLIC_FILESYSTEM_DISK=local_public # -------------------------------------------- DB_CONNECTION=mysql DB_HOST={{ database_host }} -DB_PORT={{database_port}} +DB_PORT={{ database_port }} DB_DATABASE={{ database_name }} DB_USERNAME={{ database_username }} DB_PASSWORD={{ database_password }} diff --git a/roles/web-app-wordpress/templates/env.j2 b/roles/web-app-wordpress/templates/env.j2 index 134b0017..ae3a8559 100644 --- a/roles/web-app-wordpress/templates/env.j2 +++ b/roles/web-app-wordpress/templates/env.j2 @@ -1,4 +1,4 @@ -WORDPRESS_DB_HOST= "{{ database_host }}:{{database_port}}" +WORDPRESS_DB_HOST= "{{ database_host }}:{{ database_port }}" WORDPRESS_DB_USER= "{{ database_username }}" WORDPRESS_DB_PASSWORD= "{{ database_password }}" WORDPRESS_DB_NAME= "{{ database_name }}"