From 379b1d420eb2814e4364f5f079846df6856ede13 Mon Sep 17 00:00:00 2001 From: Kevin Veen-Birkenbach Date: Wed, 3 Dec 2025 18:00:30 +0100 Subject: [PATCH] Refactor MariaDB and PostgreSQL roles for Ansible 2.20 compatibility and Infinito.Nexus conventions MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - Replace legacy docker_container-based MariaDB deployment with docker-compose based workflow - Add custom Dockerfile and docker-compose templates for MariaDB - Split MariaDB command into separate arguments to avoid entrypoint parsing errors - Introduce MARIADB_CUSTOM_IMAGE and MARIADB_EXPOSE_LOCAL variables - Add docker_compose_flush_handlers to ensure correct handler execution on first run - Replace utils/once/finalize.yml with utils/once/flag.yml for new run-once semantics - Align variable naming with Infinito.Nexus UPPERCASE conventions - Fix PostgreSQL custom image variable name (POSTGRES_CUSTOM_IMAGE_NAME → POSTGRES_CUSTOM_IMAGE) - Remove obsolete flush_handlers var injection in svc-db-postgres/tasks/main.yml - General cleanup after migration from Ansible 2.18 → 2.20 Conversation reference: https://chatgpt.com/share/69306c81-9934-800f-b317-f53a8f246a73 --- roles/svc-db-mariadb/tasks/01_core.yml | 33 +++---------------- roles/svc-db-mariadb/templates/Dockerfile.j2 | 1 + .../templates/docker-compose.yml.j2 | 29 ++++++++++++++++ roles/svc-db-mariadb/templates/env.j2 | 2 ++ roles/svc-db-mariadb/vars/main.yml | 20 ++++++----- roles/svc-db-postgres/tasks/01_core.yml | 3 +- roles/svc-db-postgres/tasks/main.yml | 3 -- .../templates/docker-compose.yml.j2 | 2 +- roles/svc-db-postgres/vars/main.yml | 2 +- 9 files changed, 51 insertions(+), 44 deletions(-) create mode 100644 roles/svc-db-mariadb/templates/Dockerfile.j2 create mode 100644 roles/svc-db-mariadb/templates/docker-compose.yml.j2 create mode 100644 roles/svc-db-mariadb/templates/env.j2 diff --git a/roles/svc-db-mariadb/tasks/01_core.yml b/roles/svc-db-mariadb/tasks/01_core.yml index b8687b2a..0c24ca43 100644 --- a/roles/svc-db-mariadb/tasks/01_core.yml +++ b/roles/svc-db-mariadb/tasks/01_core.yml @@ -1,31 +1,9 @@ - name: "Setup docker network for {{ application_id }}" include_tasks: "{{ [playbook_dir, 'roles/docker-compose/tasks/utils/network.yml' ] | path_join }}" vars: - docker_network_name: "{{ MARIADB_NETWORK }}" - docker_network_subnet: "{{ MARIADB_SUBNET }}" - -- name: install MariaDB - community.docker.docker_container: - name: "{{ MARIADB_NAME }}" - image: "{{ MARIADB_IMAGE }}:{{ MARIADB_VERSION}}" - detach: yes - env: - MARIADB_ROOT_PASSWORD: "{{ MARIADB_ROOT_PWD }}" - MARIADB_AUTO_UPGRADE: "1" - networks: - - name: "{{ MARIADB_NETWORK }}" - volumes: - - "{{ MARIADB_VOLUME }}:/var/lib/mysql" - published_ports: - - "127.0.0.1:{{ MARIADB_PORT }}:3306" # can be that this will be removed if all applications use sockets - command: "--transaction-isolation=READ-COMMITTED --binlog-format=ROW" #for nextcloud - restart_policy: "{{ DOCKER_RESTART_POLICY }}" - healthcheck: - test: "/usr/bin/mariadb --user=root --password={{ MARIADB_ROOT_PWD }} --execute \"SHOW DATABASES;\"" - interval: 10s - timeout: 5s - retries: 18 - register: setup_mariadb_container_result + docker_network_name: "{{ MARIADB_NETWORK }}" + docker_network_subnet: "{{ MARIADB_SUBNET }}" + docker_compose_flush_handlers: true - name: install python-mysqlclient community.general.pacman: @@ -41,8 +19,5 @@ - db_info.container.State.Health.Status == "healthy" retries: 30 delay: 5 - when: - - setup_mariadb_container_result is defined - - setup_mariadb_container_result.changed -- include_tasks: utils/once/finalize.yml +- include_tasks: utils/once/flag.yml diff --git a/roles/svc-db-mariadb/templates/Dockerfile.j2 b/roles/svc-db-mariadb/templates/Dockerfile.j2 new file mode 100644 index 00000000..94411a0e --- /dev/null +++ b/roles/svc-db-mariadb/templates/Dockerfile.j2 @@ -0,0 +1 @@ +FROM {{ MARIADB_IMAGE }}:{{ MARIADB_VERSION}} diff --git a/roles/svc-db-mariadb/templates/docker-compose.yml.j2 b/roles/svc-db-mariadb/templates/docker-compose.yml.j2 new file mode 100644 index 00000000..f74b9e1e --- /dev/null +++ b/roles/svc-db-mariadb/templates/docker-compose.yml.j2 @@ -0,0 +1,29 @@ +{% include 'roles/docker-compose/templates/base.yml.j2' %} + + mariadb: + container_name: "{{ MARIADB_NAME }}" + image: "{{ MARIADB_CUSTOM_IMAGE }}" + {{ lookup('template', 'roles/docker-container/templates/build.yml.j2') | indent(4) }} + command: + - "--transaction-isolation=READ-COMMITTED" + - "--binlog-format=ROW" + +{% include 'roles/docker-container/templates/base.yml.j2' %} +{% if MARIADB_EXPOSE_LOCAL %} + ports: + - "127.0.0.1:{{ MARIADB_PORT }}:3306" +{% endif %} + volumes: + - "data:/var/lib/mysql" +{% include 'roles/docker-container/templates/networks.yml.j2' %} + healthcheck: + test: "/usr/bin/mariadb --user=root --password={{ MARIADB_ROOT_PWD }} --execute \"SHOW DATABASES;\"" + interval: 10s + timeout: 5s + retries: 18 + +{% include 'roles/docker-compose/templates/volumes.yml.j2' %} + data: + name: "{{ MARIADB_VOLUME }}" + +{% include 'roles/docker-compose/templates/networks.yml.j2' %} \ No newline at end of file diff --git a/roles/svc-db-mariadb/templates/env.j2 b/roles/svc-db-mariadb/templates/env.j2 new file mode 100644 index 00000000..0f96d30f --- /dev/null +++ b/roles/svc-db-mariadb/templates/env.j2 @@ -0,0 +1,2 @@ +MARIADB_ROOT_PASSWORD: "{{ MARIADB_ROOT_PWD }}" +MARIADB_AUTO_UPGRADE: "1" \ No newline at end of file diff --git a/roles/svc-db-mariadb/vars/main.yml b/roles/svc-db-mariadb/vars/main.yml index 7cca4290..61eb6f08 100644 --- a/roles/svc-db-mariadb/vars/main.yml +++ b/roles/svc-db-mariadb/vars/main.yml @@ -1,9 +1,11 @@ -application_id: svc-db-mariadb -MARIADB_ROOT_PWD: "{{ applications | get_app_conf(application_id,'credentials.root_password') }}" -MARIADB_SUBNET: "{{ networks.local['svc-db-mariadb'].subnet }}" -MARIADB_NETWORK: "{{ applications | get_app_conf(application_id,'docker.network') }}" -MARIADB_VOLUME: "{{ applications | get_app_conf(application_id,'docker.volumes.data') }}" -MARIADB_IMAGE: "{{ applications | get_app_conf(application_id,'docker.services.mariadb.image','mariadb') }}" -MARIADB_VERSION: "{{ applications | get_app_conf(application_id,'docker.services.mariadb.version') }}" -MARIADB_NAME: "{{ applications | get_app_conf(application_id,'docker.services.mariadb.name') }}" -MARIADB_PORT: "{{ database_port | default(ports.localhost.database[ application_id ]) }}" +application_id: svc-db-mariadb +MARIADB_ROOT_PWD: "{{ applications | get_app_conf(application_id,'credentials.root_password') }}" +MARIADB_SUBNET: "{{ networks.local['svc-db-mariadb'].subnet }}" +MARIADB_NETWORK: "{{ applications | get_app_conf(application_id,'docker.network') }}" +MARIADB_VOLUME: "{{ applications | get_app_conf(application_id,'docker.volumes.data') }}" +MARIADB_IMAGE: "{{ applications | get_app_conf(application_id,'docker.services.mariadb.image','mariadb') }}" +MARIADB_VERSION: "{{ applications | get_app_conf(application_id,'docker.services.mariadb.version') }}" +MARIADB_NAME: "{{ applications | get_app_conf(application_id,'docker.services.mariadb.name') }}" +MARIADB_PORT: "{{ database_port | default(ports.localhost.database[ application_id ]) }}" +MARIADB_CUSTOM_IMAGE: "mariadb_custom" +MARIADB_EXPOSE_LOCAL: false \ No newline at end of file diff --git a/roles/svc-db-postgres/tasks/01_core.yml b/roles/svc-db-postgres/tasks/01_core.yml index 514cb904..bededb2f 100644 --- a/roles/svc-db-postgres/tasks/01_core.yml +++ b/roles/svc-db-postgres/tasks/01_core.yml @@ -8,10 +8,11 @@ vars: docker_network_name: "{{ POSTGRES_NETWORK_NAME }}" docker_network_subnet: "{{ POSTGRES_SUBNET }}" + docker_compose_flush_handlers: true - name: install python-psycopg2 community.general.pacman: name: python-psycopg2 state: present -- include_tasks: utils/once/finalize.yml \ No newline at end of file +- include_tasks: utils/once/flag.yml \ No newline at end of file diff --git a/roles/svc-db-postgres/tasks/main.yml b/roles/svc-db-postgres/tasks/main.yml index 56dd96ea..ca6b2710 100644 --- a/roles/svc-db-postgres/tasks/main.yml +++ b/roles/svc-db-postgres/tasks/main.yml @@ -1,7 +1,4 @@ - include_tasks: 01_core.yml - vars: - # Force the flush of the pg handler on the first run - flush_handlers: true when: run_once_svc_db_postgres is not defined - include_tasks: "{{ [ playbook_dir, 'tasks/utils/load_handlers.yml' ] | path_join }}" diff --git a/roles/svc-db-postgres/templates/docker-compose.yml.j2 b/roles/svc-db-postgres/templates/docker-compose.yml.j2 index 38549a45..9de9aa29 100644 --- a/roles/svc-db-postgres/templates/docker-compose.yml.j2 +++ b/roles/svc-db-postgres/templates/docker-compose.yml.j2 @@ -2,7 +2,7 @@ postgres: container_name: "{{ POSTGRES_CONTAINER }}" - image: "{{ POSTGRES_CUSTOM_IMAGE_NAME }}" + image: "{{ POSTGRES_CUSTOM_IMAGE }}" {{ lookup('template', 'roles/docker-container/templates/build.yml.j2') | indent(4) }} command: - "postgres" diff --git a/roles/svc-db-postgres/vars/main.yml b/roles/svc-db-postgres/vars/main.yml index d654fa89..cb59cdde 100644 --- a/roles/svc-db-postgres/vars/main.yml +++ b/roles/svc-db-postgres/vars/main.yml @@ -16,7 +16,7 @@ POSTGRES_SUBNET: "{{ networks.local['svc-db-postgres']. POSTGRES_PASSWORD: "{{ applications | get_app_conf(application_id, 'credentials.POSTGRES_PASSWORD') }}" POSTGRES_PORT: "{{ database_port | default(ports.localhost.database[ application_id ]) }}" POSTGRES_EXPOSE_LOCAL: True # Exposes the db to localhost, almost everytime neccessary -POSTGRES_CUSTOM_IMAGE_NAME: "postgres_custom" +POSTGRES_CUSTOM_IMAGE: "postgres_custom" POSTGRES_LOCAL_HOST: "127.0.0.1" POSTGRES_VECTOR_ENABLED: True # Required by discourse, propably in a later step it makes sense to define this as a configuration option in config/main.yml POSTGRES_RETRIES: 5