From 0c90eaaa24db37b8aa9d3de4b34edb991c66fcda Mon Sep 17 00:00:00 2001 From: Kevin Veen-Birkenbach Date: Sun, 21 Jan 2024 12:23:39 +0100 Subject: [PATCH 1/7] Solved matrix chatgpt domain bug --- roles/docker-matrix-compose/templates/docker-compose.yml.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/docker-matrix-compose/templates/docker-compose.yml.j2 b/roles/docker-matrix-compose/templates/docker-compose.yml.j2 index 6798eb8c..bac6c3eb 100644 --- a/roles/docker-matrix-compose/templates/docker-compose.yml.j2 +++ b/roles/docker-matrix-compose/templates/docker-compose.yml.j2 @@ -90,7 +90,7 @@ services: KEYV_URL: '' KEYV_BOT_ENCRYPTION: 'false' KEYV_BOT_STORAGE: 'true' - MATRIX_HOMESERVER_URL: 'http://synapse' + MATRIX_HOMESERVER_URL: 'https://{{synapse_domain}}' MATRIX_BOT_USERNAME: '@chatgptbot:{{matrix_server_name}}' MATRIX_ACCESS_TOKEN: '{{ matrix_chatgpt_bridge_access_token | default('') }}' MATRIX_BOT_PASSWORD: '{{matrix_chatgpt_bridge_user_password}}' From 0647cad07235b662282bea90648490e748141367 Mon Sep 17 00:00:00 2001 From: Kevin Veen-Birkenbach Date: Mon, 22 Jan 2024 18:53:35 +0100 Subject: [PATCH 2/7] Optimized variables, configuration and role moodle --- group_vars/all | 108 ++++++++++-------- playbook.servers.yml | 9 ++ roles/docker-akaunting/README.md | 2 +- .../templates/docker-compose.yml.j2 | 2 +- .../templates/docker-compose.yml.j2 | 22 ++-- .../templates/docker-compose.yml.j2 | 6 +- roles/docker-matrix-ansible/tasks/main.yml | 2 +- roles/docker-moodle/README.md | 4 + .../templates/docker-compose.yml.j2 | 11 +- roles/docker-nextcloud/README.md | 2 +- .../templates/docker-compose.yml.j2 | 4 +- roles/docker-pixelfed/tasks/main.yml | 2 +- tasks/seed-database-to-backup.yml | 2 +- 13 files changed, 104 insertions(+), 72 deletions(-) create mode 100644 roles/docker-moodle/README.md diff --git a/group_vars/all b/group_vars/all index 5c5cb4ef..ff8ed9fe 100644 --- a/group_vars/all +++ b/group_vars/all @@ -1,14 +1,18 @@ # General -pause_duration: "120" # Database delay to wait for the central database before continue tasks -top_domain: "localhost" # Change this in inventory to your domain -ip4_address: "127.0.0.1" # Change thie in inventory to the ip address of your server -backups_folder_path: "/Backups/" # Path to the backups folder +pause_duration: "120" # Database delay to wait for the central database before continue tasks +top_domain: "localhost" # Change this in inventory to your domain +ip4_address: "127.0.0.1" # Change thie in inventory to the ip address of your server +backups_folder_path: "/Backups/" # Path to the backups folder + +# Administrator +administrator_username: "administrator" # Username of the administrator +administrator_email: "{{administrator_username}}@{{top_domain}}" # Email of the administrator # Mode # The following modes can be combined with each other mode_reset: false # Cleans up all CyMaIS files. It's necessary to run to whole playbook and not particial roles when using this function. -mode_verbose: false # Prints well formated debug information +mode_debug: false # Prints well formated debug information mode_test: false # Executes test routines instead of productive routines mode_update: true # Executes updates mode_backup: true # Activates the backup before the update procedure @@ -111,17 +115,10 @@ nginx_upstreams_directory: "{{nginx_configuration_directory}}upstreams/" nginx_well_known_root: "/usr/share/nginx/well-known/" # Path where well-known files are stored nginx_homepage_root: "/usr/share/nginx/homepage/" # Path where the static homepage files are stored -## Docker Applications +## Domains -### Enable Central MariaDB -enable_central_database: true -enable_central_database_mailu: "{{enable_central_database}}" - -### Enable Storage Optimizer for Docker Volumes -enable_system_storage_optimizer: true - -### Domain Names for Various Services -domain_akaunting: "akaunting.{{top_domain}}" +### Service Domains +domain_akaunting: "accounting.{{top_domain}}" domain_baserow: "baserow.{{top_domain}}" domain_bigbluebutton: "meet.{{top_domain}}" domain_elk: "elk.{{top_domain}}" @@ -132,10 +129,11 @@ domain_gitlab: "gitlab.{{top_domain}}" domain_listmonk: "newsletter.{{top_domain}}" domain_mailu: "mail.{{top_domain}}" domain_mastodon: "microblog.{{top_domain}}" -domains_mastodon_alternates: [] +domains_mastodon_alternates: ["mastodon.{{top_domain}}"] domain_matomo: "matomo.{{top_domain}}" domain_matrix_synapse: "matrix.{{top_domain}}" domain_matrix_element: "element.{{top_domain}}" +domain_moodle: "academy.{{top_domain}}" domain_mediawiki: "wiki.{{top_domain}}" domain_nextcloud: "cloud.{{top_domain}}" domain_pixelfed: "picture.{{top_domain}}" @@ -147,6 +145,32 @@ domain_yourls: "s.{{top_domain}}" domain_openproject: "project.{{top_domain}}" domains_wordpress: ["wordpress.{{top_domain}}","blog.{{top_domain}}"] +### Domain Redirects +redirect_domain_mappings: +- { source: "akaunting.{{top_domain}}", target: "{{domain_akaunting}}" } +- { source: "bbb.{{top_domain}}", target: "{{domain_bigbluebutton}}" } +- { source: "discourse.{{top_domain}}", target: "{{domain_discourse}}" } +- { source: "funkwhale.{{top_domain}}", target: "{{domain_funkwhale}}" } +- { source: "gitea.{{top_domain}}", target: "{{domain_gitea}}" } +- { source: "listmonk.{{top_domain}}", target: "{{domain_listmonk}}" } +- { source: "moodle.{{top_domain}}", target: "{{domain_moodle}}" } +- { source: "nextcloud.{{top_domain}}", target: "{{domain_nextcloud}}" } +- { source: "openproject.{{top_domain}}", target: "{{domain_openproject}}" } +- { source: "peertube.{{top_domain}}", target: "{{domain_peertube}}" } +- { source: "pictures.{{top_domain}}", target: "{{domain_pixelfed}}" } +- { source: "pixelfed.{{top_domain}}", target: "{{domain_pixelfed}}" } +- { source: "short.{{top_domain}}", target: "{{domain_yourls}}" } +- { source: "videos.{{top_domain}}", target: "{{domain_peertube}}" } + +## Docker Applications + +### Enable Central MariaDB +enable_central_database: true +enable_central_database_mailu: "{{enable_central_database}}" + +### Enable Storage Optimizer for Docker Volumes +enable_system_storage_optimizer: true + ### Common Configurations postgres_default_version: "16" @@ -154,10 +178,10 @@ postgres_default_version: "16" docker_restart_policy: "unless-stopped" #### Akaunting -version_akaunting: "latest" -akaunting_company_name: "DUMMY_VALUE_NEEDS_TO_BE_CHANGED" -akaunting_company_email: "DUMMY_VALUE_NEEDS_TO_BE_CHANGED" -akaunting_setup_admin_email: "DUMMY_VALUE_NEEDS_TO_BE_CHANGED" +akaunting_version: "latest" +akaunting_company_name: "{{top_domain}}" +akaunting_company_email: "{{administrator_email}}" +akaunting_setup_admin_email: "{{administrator_email}}" #### Big Blue Button bigbluebutton_enable_greenlight: "true" @@ -166,42 +190,30 @@ bigbluebutton_enable_greenlight: "true" listmonk_admin_username: "admin" #### Mastodon -version_mastodon: "latest" +mastodon_version: "latest" mastodon_single_user_mode: false #### Matrix -matrix_admin_name: "admin" # Accountname of the matrix admin -matrix_playbook_tags: "setup-all,start" # For the initial update use: install-all,ensure-matrix-users-created,start -matrix_role: "compose" # Role to setup Matrix. Valid values: ansible, compose -matrix_server_name: "{{top_domain}}" # Adress for the account names etc. +matrix_admin_name: "{{administrator_username}}" # Accountname of the matrix admin +matrix_playbook_tags: "setup-all,start" # For the initial update use: install-all,ensure-matrix-users-created,start +matrix_role: "compose" # Role to setup Matrix. Valid values: ansible, compose +matrix_server_name: "{{top_domain}}" # Adress for the account names etc. #### Mailu -version_mailu: "2.0" -mailu_domain: "{{top_domain}}" -mailu_subnet: "192.168.203.0/24" +mailu_version: "2.0" +mailu_domain: "{{top_domain}}" +mailu_subnet: "192.168.203.0/24" + +#### Moodle +moodle_site_name: "Global Learning Academy on {{top_domain}}" +moodle_user_name: "{{administrator_username}}" +moodle_user_email: "{{administrator_email}}" #### Nextcloud -version_nextcloud: "production" # Danger: Nextcloud can't skipp major version updates. +nextcloud_version: "production" # Danger: Nextcloud can't skipp major version updates. #### Pixelfed -pixelfed_app_name: "Pictures" +pixelfed_app_name: "Pictures on {{top_domain}}" #### YOURLS -yourls_user: "admin" - - -# Routing Configurations for Domain Redirections -redirect_domain_mappings: -- { source: "bbb.{{top_domain}}", target: "{{domain_bigbluebutton}}" } -- { source: "discourse.{{top_domain}}", target: "{{domain_discourse}}" } -- { source: "funkwhale.{{top_domain}}", target: "{{domain_funkwhale}}" } -- { source: "gitea.{{top_domain}}", target: "{{domain_gitea}}" } -- { source: "listmonk.{{top_domain}}", target: "{{domain_listmonk}}" } -- { source: "mastodon.{{top_domain}}", target: "{{domain_mastodon}}" } -- { source: "nextcloud.{{top_domain}}", target: "{{domain_nextcloud}}" } -- { source: "openproject.{{top_domain}}", target: "{{domain_openproject}}" } -- { source: "peertube.{{top_domain}}", target: "{{domain_peertube}}" } -- { source: "pictures.{{top_domain}}", target: "{{domain_pixelfed}}" } -- { source: "pixelfed.{{top_domain}}", target: "{{domain_pixelfed}}" } -- { source: "short.{{top_domain}}", target: "{{domain_yourls}}" } -- { source: "videos.{{top_domain}}", target: "{{domain_peertube}}" } \ No newline at end of file +yourls_user: "{{administrator_username}}" \ No newline at end of file diff --git a/playbook.servers.yml b/playbook.servers.yml index 542ebb03..a2936dcc 100644 --- a/playbook.servers.yml +++ b/playbook.servers.yml @@ -248,6 +248,15 @@ domain: "{{domain_akaunting}}" http_port: 8025 +- name: setup moodle instance + hosts: moodle + become: true + roles: + - role: docker-moodle + vars: + domain: "{{domain_moodle}}" + http_port: 8026 + # Native Webserver Roles - name: setup nginx-homepages hosts: homepage diff --git a/roles/docker-akaunting/README.md b/roles/docker-akaunting/README.md index 0946f5b2..1cba3d80 100644 --- a/roles/docker-akaunting/README.md +++ b/roles/docker-akaunting/README.md @@ -87,7 +87,7 @@ Detailed steps for backing up your Akaunting instance, including setting manual Variables are crucial in configuring your Akaunting setup. Ensure you set the following variables correctly in your environment: - `docker_compose_instance_directory`: Set this variable to the path where your Docker Compose files for Akaunting are located. -- `akaunting_db_password`, `version_akaunting`, `akaunting_company_name`, `akaunting_company_email`, `akaunting_setup_admin_email`, and `akaunting_setup_admin_password`: These should be set in your `.env` files as per your requirements. +- `akaunting_db_password`, `akaunting_version`, `akaunting_company_name`, `akaunting_company_email`, `akaunting_setup_admin_email`, and `akaunting_setup_admin_password`: These should be set in your `.env` files as per your requirements. ### Additional Configuration - **SSL Certificate**: The guide includes steps to receive a certificate for your domain. diff --git a/roles/docker-akaunting/templates/docker-compose.yml.j2 b/roles/docker-akaunting/templates/docker-compose.yml.j2 index 780c8148..6a0dd0d7 100644 --- a/roles/docker-akaunting/templates/docker-compose.yml.j2 +++ b/roles/docker-akaunting/templates/docker-compose.yml.j2 @@ -5,7 +5,7 @@ services: {% include 'templates/docker/services/' + database_type + '.yml.j2' %} application: - image: docker.io/akaunting/akaunting:{{version_akaunting}} + image: docker.io/akaunting/akaunting:{{akaunting_version}} build: context: . ports: diff --git a/roles/docker-mailu/templates/docker-compose.yml.j2 b/roles/docker-mailu/templates/docker-compose.yml.j2 index ceace30a..18cb5ddf 100644 --- a/roles/docker-mailu/templates/docker-compose.yml.j2 +++ b/roles/docker-mailu/templates/docker-compose.yml.j2 @@ -8,7 +8,7 @@ services: # Core services resolver: - image: ghcr.io/mailu/unbound:{{version_mailu}} + image: ghcr.io/mailu/unbound:{{mailu_version}} env_file: mailu.env restart: {{docker_restart_policy}} {% include 'templates/docker/container/networks.yml.j2' %} @@ -17,7 +17,7 @@ services: driver: journald front: - image: ghcr.io/mailu/nginx:{{version_mailu}} + image: ghcr.io/mailu/nginx:{{mailu_version}} restart: {{docker_restart_policy}} env_file: mailu.env logging: @@ -44,7 +44,7 @@ services: - 192.168.203.254 admin: - image: ghcr.io/mailu/admin:{{version_mailu}} + image: ghcr.io/mailu/admin:{{mailu_version}} restart: {{docker_restart_policy}} env_file: mailu.env volumes: @@ -62,7 +62,7 @@ services: {% include 'templates/docker/container/networks.yml.j2' %} imap: - image: ghcr.io/mailu/dovecot:{{version_mailu}} + image: ghcr.io/mailu/dovecot:{{mailu_version}} restart: {{docker_restart_policy}} env_file: mailu.env volumes: @@ -78,7 +78,7 @@ services: {% include 'templates/docker/container/networks.yml.j2' %} smtp: - image: ghcr.io/mailu/postfix:{{version_mailu}} + image: ghcr.io/mailu/postfix:{{mailu_version}} restart: {{docker_restart_policy}} env_file: mailu.env volumes: @@ -94,7 +94,7 @@ services: {% include 'templates/docker/container/networks.yml.j2' %} oletools: - image: ghcr.io/mailu/oletools:{{version_mailu}} + image: ghcr.io/mailu/oletools:{{mailu_version}} hostname: oletools restart: {{docker_restart_policy}} depends_on: @@ -105,7 +105,7 @@ services: noinet: antispam: - image: ghcr.io/mailu/rspamd:{{version_mailu}} + image: ghcr.io/mailu/rspamd:{{mailu_version}} restart: {{docker_restart_policy}} env_file: mailu.env volumes: @@ -127,7 +127,7 @@ services: # Optional services antivirus: - image: ghcr.io/mailu/clamav:{{version_mailu}} + image: ghcr.io/mailu/clamav:{{mailu_version}} restart: {{docker_restart_policy}} env_file: mailu.env volumes: @@ -141,7 +141,7 @@ services: {% include 'templates/docker/container/networks.yml.j2' %} webdav: - image: ghcr.io/mailu/radicale:{{version_mailu}} + image: ghcr.io/mailu/radicale:{{mailu_version}} restart: {{docker_restart_policy}} env_file: mailu.env volumes: @@ -156,7 +156,7 @@ services: radicale: fetchmail: - image: ghcr.io/mailu/fetchmail:{{version_mailu}} + image: ghcr.io/mailu/fetchmail:{{mailu_version}} volumes: - "admin_data:/data" restart: {{docker_restart_policy}} @@ -173,7 +173,7 @@ services: {% include 'templates/docker/container/networks.yml.j2' %} webmail: - image: ghcr.io/mailu/webmail:{{version_mailu}} + image: ghcr.io/mailu/webmail:{{mailu_version}} restart: {{docker_restart_policy}} env_file: mailu.env volumes: diff --git a/roles/docker-mastodon/templates/docker-compose.yml.j2 b/roles/docker-mastodon/templates/docker-compose.yml.j2 index ae34b5df..58aef252 100644 --- a/roles/docker-mastodon/templates/docker-compose.yml.j2 +++ b/roles/docker-mastodon/templates/docker-compose.yml.j2 @@ -6,7 +6,7 @@ services: {% include 'templates/docker/services/' + database_type + '.yml.j2' %} web: - image: ghcr.io/mastodon/mastodon:{{version_mastodon}} + image: ghcr.io/mastodon/mastodon:{{mastodon_version}} restart: {{docker_restart_policy}} env_file: .env.production command: bash -c "rm -f /mastodon/tmp/pids/server.pid; bundle exec rails s -p 3000" @@ -22,7 +22,7 @@ services: {% include 'templates/docker/container/networks.yml.j2' %} streaming: - image: ghcr.io/mastodon/mastodon:{{version_mastodon}} + image: ghcr.io/mastodon/mastodon:{{mastodon_version}} restart: {{docker_restart_policy}} env_file: .env.production command: node ./streaming @@ -36,7 +36,7 @@ services: {% include 'templates/docker/container/networks.yml.j2' %} sidekiq: - image: ghcr.io/mastodon/mastodon:{{version_mastodon}} + image: ghcr.io/mastodon/mastodon:{{mastodon_version}} restart: {{docker_restart_policy}} env_file: .env.production command: bundle exec sidekiq diff --git a/roles/docker-matrix-ansible/tasks/main.yml b/roles/docker-matrix-ansible/tasks/main.yml index c8196e59..db177a1d 100644 --- a/roles/docker-matrix-ansible/tasks/main.yml +++ b/roles/docker-matrix-ansible/tasks/main.yml @@ -68,7 +68,7 @@ - name: show variable information debug: msg: "hosts_path: {{hosts_path}}\nmatrix_inventory_tmp_dir:{{ matrix_inventory_tmp_dir }}" - when: mode_verbose | bool + when: mode_debug | bool - name: install requirements local_action: command just roles diff --git a/roles/docker-moodle/README.md b/roles/docker-moodle/README.md new file mode 100644 index 00000000..795147fb --- /dev/null +++ b/roles/docker-moodle/README.md @@ -0,0 +1,4 @@ +# role docker-moodle + +## further information +- https://github.com/bitnami/containers/tree/main/bitnami/moodle \ No newline at end of file diff --git a/roles/docker-moodle/templates/docker-compose.yml.j2 b/roles/docker-moodle/templates/docker-compose.yml.j2 index ba82a2c5..88cfcc49 100644 --- a/roles/docker-moodle/templates/docker-compose.yml.j2 +++ b/roles/docker-moodle/templates/docker-compose.yml.j2 @@ -4,14 +4,21 @@ services: moodle: image: docker.io/bitnami/moodle:latest ports: - - '80:8080' - - '443:8443' + - 127.0.0.1:{{http_port}}:80 environment: - MOODLE_DATABASE_HOST={{database_host}} - MOODLE_DATABASE_PORT_NUMBER=3306 - MOODLE_DATABASE_USER={{database_username}} - MOODLE_DATABASE_NAME={{database_name}} + - MOODLE_DATABASE_PASSWORD={{database_password}} - ALLOW_EMPTY_PASSWORD=no + - MOODLE_SITE_NAME="{{moodle_site_name}}" + - MOODLE_SSLPROXY=yes + - MOODLE_REVERSE_PROXY=yes + - MOODLE_USERNAME={{moodle_user_name}} + - MOODLE_PASSWORD={{moodle_user_password}} + - MOODLE_EMAIL={{moodle_user_email}} + - BITNAMI_DEBUG={% if mode_debug | bool %}true{% else %}false{% endif %} volumes: - 'moodle:/bitnami/moodle' - 'data:/bitnami/moodledata' diff --git a/roles/docker-nextcloud/README.md b/roles/docker-nextcloud/README.md index f5d8b3c7..24c7ede7 100644 --- a/roles/docker-nextcloud/README.md +++ b/roles/docker-nextcloud/README.md @@ -21,7 +21,7 @@ To update the nextcloud container execute the following commands on the server: docker-compose down ``` -Afterwards update the ***version_nextcloud*** variable to the next version and run the this repository with this ansible role. +Afterwards update the ***nextcloud_version*** variable to the next version and run the this repository with this ansible role. It is only possible to update from one to the next major version at a time diff --git a/roles/docker-nextcloud/templates/docker-compose.yml.j2 b/roles/docker-nextcloud/templates/docker-compose.yml.j2 index a56700ba..80c659d2 100644 --- a/roles/docker-nextcloud/templates/docker-compose.yml.j2 +++ b/roles/docker-nextcloud/templates/docker-compose.yml.j2 @@ -7,7 +7,7 @@ services: {% include 'templates/docker/services/' + database_type + '.yml.j2' %} application: - image: "nextcloud:{{version_nextcloud}}-fpm-alpine" + image: "nextcloud:{{nextcloud_version}}-fpm-alpine" container_name: nextcloud-application restart: {{docker_restart_policy}} logging: @@ -43,7 +43,7 @@ services: cron: container_name: nextcloud-cron - image: "nextcloud:{{version_nextcloud}}-fpm-alpine" + image: "nextcloud:{{nextcloud_version}}-fpm-alpine" restart: {{docker_restart_policy}} logging: driver: journald diff --git a/roles/docker-pixelfed/tasks/main.yml b/roles/docker-pixelfed/tasks/main.yml index 3507b873..22e0125b 100644 --- a/roles/docker-pixelfed/tasks/main.yml +++ b/roles/docker-pixelfed/tasks/main.yml @@ -11,7 +11,7 @@ - name: add env template: - src: env.j2 + src: env.j2 dest: "{{docker_compose_instance_directory}}env" mode: '770' force: yes diff --git a/tasks/seed-database-to-backup.yml b/tasks/seed-database-to-backup.yml index 736d7ec7..f348f307 100644 --- a/tasks/seed-database-to-backup.yml +++ b/tasks/seed-database-to-backup.yml @@ -5,7 +5,7 @@ database_name: "{{ database_name | default('undefined') }}" database_username: "{{ database_username | default('undefined') }}" database_password: "{{ database_password | default('undefined') }}" - when: mode_verbose | bool + when: mode_debug | bool - name: seed database values command: From 16c685e061035973cf61b0ef2f4d09daf0e7de6c Mon Sep 17 00:00:00 2001 From: Kevin Veen-Birkenbach Date: Tue, 23 Jan 2024 09:58:47 +0100 Subject: [PATCH 3/7] Implemented heal-docker.cymais.service start instantly after docker-to-local routine --- group_vars/all | 4 ++-- .../templates/backup-data-to-usb.service.j2 | 1 + .../templates/backup-docker-to-local-everything.service.j2 | 3 ++- 3 files changed, 5 insertions(+), 3 deletions(-) diff --git a/group_vars/all b/group_vars/all index ff8ed9fe..342b842c 100644 --- a/group_vars/all +++ b/group_vars/all @@ -21,8 +21,8 @@ mode_setup: false # Execute the setup and initializing procedures # Server Tact Variables -## Ours in which the server is 100% working. Rest of the time is reserved for maintanance -hours_server_awake: "0..1,9..23" +## Ours in which the server is "awake" (100% working). Rest of the time is reserved for maintanance +hours_server_awake: "0..23" ## Random delay for systemd timers to avoid peak loads. randomized_delay_sec: "5min" diff --git a/roles/backup-data-to-usb/templates/backup-data-to-usb.service.j2 b/roles/backup-data-to-usb/templates/backup-data-to-usb.service.j2 index d089ac16..194774ce 100644 --- a/roles/backup-data-to-usb/templates/backup-data-to-usb.service.j2 +++ b/roles/backup-data-to-usb/templates/backup-data-to-usb.service.j2 @@ -4,6 +4,7 @@ Wants={{systemctl_mount_service_name}} OnFailure=systemd-notifier.cymais@%n.service [Service] +Type=oneshot ExecStart=/bin/python {{ backup_to_usb_script_path }} {{backup_to_usb_source}} {{backup_to_usb_destination}} ExecStartPost=/bin/systemctl start cleanup-backups.cymais.service diff --git a/roles/backup-docker-to-local/templates/backup-docker-to-local-everything.service.j2 b/roles/backup-docker-to-local/templates/backup-docker-to-local-everything.service.j2 index e6806af4..5c4beff4 100644 --- a/roles/backup-docker-to-local/templates/backup-docker-to-local-everything.service.j2 +++ b/roles/backup-docker-to-local/templates/backup-docker-to-local-everything.service.j2 @@ -5,4 +5,5 @@ OnFailure=systemd-notifier.cymais@%n.service cleanup-failed-docker-backups.cymai [Service] Type=oneshot ExecStartPre=/bin/sh -c '/usr/bin/python {{ path_system_lock_script }} {{ system_maintenance_services | join(' ') }} --ignore {{ system_maintenance_backup_services | reject('equalto', 'backup-docker-to-local') | join(' ') }} --timeout "{{sytem_maintenance_lock_timeout_backup_services}}"' -ExecStart=/bin/sh -c '/usr/bin/python {{backup_docker_to_local_folder}}backup-docker-to-local.py --everything' \ No newline at end of file +ExecStart=/bin/sh -c '/usr/bin/python {{backup_docker_to_local_folder}}backup-docker-to-local.py --everything' +ExecStartPost=/bin/systemctl start heal-docker.cymais.service \ No newline at end of file From a1ce214d03f9f82d62d7dadf82df30b7b87e28dd Mon Sep 17 00:00:00 2001 From: Kevin Veen-Birkenbach Date: Tue, 23 Jan 2024 09:58:47 +0100 Subject: [PATCH 4/7] Implemented heal-docker.cymais.service start instantly after docker-to-local routine --- group_vars/all | 4 ++-- .../templates/backup-data-to-usb.service.j2 | 1 + roles/backup-docker-to-local/handlers/main.yml | 5 +++++ .../templates/backup-docker-to-local-everything.service.j2 | 3 ++- .../templates/backup-docker-to-local.service.j2 | 3 ++- 5 files changed, 12 insertions(+), 4 deletions(-) diff --git a/group_vars/all b/group_vars/all index ff8ed9fe..342b842c 100644 --- a/group_vars/all +++ b/group_vars/all @@ -21,8 +21,8 @@ mode_setup: false # Execute the setup and initializing procedures # Server Tact Variables -## Ours in which the server is 100% working. Rest of the time is reserved for maintanance -hours_server_awake: "0..1,9..23" +## Ours in which the server is "awake" (100% working). Rest of the time is reserved for maintanance +hours_server_awake: "0..23" ## Random delay for systemd timers to avoid peak loads. randomized_delay_sec: "5min" diff --git a/roles/backup-data-to-usb/templates/backup-data-to-usb.service.j2 b/roles/backup-data-to-usb/templates/backup-data-to-usb.service.j2 index d089ac16..194774ce 100644 --- a/roles/backup-data-to-usb/templates/backup-data-to-usb.service.j2 +++ b/roles/backup-data-to-usb/templates/backup-data-to-usb.service.j2 @@ -4,6 +4,7 @@ Wants={{systemctl_mount_service_name}} OnFailure=systemd-notifier.cymais@%n.service [Service] +Type=oneshot ExecStart=/bin/python {{ backup_to_usb_script_path }} {{backup_to_usb_source}} {{backup_to_usb_destination}} ExecStartPost=/bin/systemctl start cleanup-backups.cymais.service diff --git a/roles/backup-docker-to-local/handlers/main.yml b/roles/backup-docker-to-local/handlers/main.yml index 498593d0..06980672 100644 --- a/roles/backup-docker-to-local/handlers/main.yml +++ b/roles/backup-docker-to-local/handlers/main.yml @@ -1,3 +1,8 @@ +- name: "reload backup-docker-to-local-everything.cymais.service" + systemd: + name: backup-docker-to-local-everything.cymais.service + daemon_reload: yes + - name: "reload backup-docker-to-local.cymais.service" systemd: name: backup-docker-to-local.cymais.service diff --git a/roles/backup-docker-to-local/templates/backup-docker-to-local-everything.service.j2 b/roles/backup-docker-to-local/templates/backup-docker-to-local-everything.service.j2 index e6806af4..5c4beff4 100644 --- a/roles/backup-docker-to-local/templates/backup-docker-to-local-everything.service.j2 +++ b/roles/backup-docker-to-local/templates/backup-docker-to-local-everything.service.j2 @@ -5,4 +5,5 @@ OnFailure=systemd-notifier.cymais@%n.service cleanup-failed-docker-backups.cymai [Service] Type=oneshot ExecStartPre=/bin/sh -c '/usr/bin/python {{ path_system_lock_script }} {{ system_maintenance_services | join(' ') }} --ignore {{ system_maintenance_backup_services | reject('equalto', 'backup-docker-to-local') | join(' ') }} --timeout "{{sytem_maintenance_lock_timeout_backup_services}}"' -ExecStart=/bin/sh -c '/usr/bin/python {{backup_docker_to_local_folder}}backup-docker-to-local.py --everything' \ No newline at end of file +ExecStart=/bin/sh -c '/usr/bin/python {{backup_docker_to_local_folder}}backup-docker-to-local.py --everything' +ExecStartPost=/bin/systemctl start heal-docker.cymais.service \ No newline at end of file diff --git a/roles/backup-docker-to-local/templates/backup-docker-to-local.service.j2 b/roles/backup-docker-to-local/templates/backup-docker-to-local.service.j2 index cdeba0f1..16dcf3d1 100644 --- a/roles/backup-docker-to-local/templates/backup-docker-to-local.service.j2 +++ b/roles/backup-docker-to-local/templates/backup-docker-to-local.service.j2 @@ -5,4 +5,5 @@ OnFailure=systemd-notifier.cymais@%n.service cleanup-failed-docker-backups.cymai [Service] Type=oneshot ExecStartPre=/bin/sh -c '/usr/bin/python {{ path_system_lock_script }} {{ system_maintenance_services | join(' ') }} --ignore {{ system_maintenance_backup_services | reject('equalto', 'backup-docker-to-local-everything') | join(' ') }} --timeout "{{sytem_maintenance_lock_timeout_backup_services}}"' -ExecStart=/bin/sh -c '/usr/bin/python {{backup_docker_to_local_folder}}backup-docker-to-local.py' \ No newline at end of file +ExecStart=/bin/sh -c '/usr/bin/python {{backup_docker_to_local_folder}}backup-docker-to-local.py' +ExecStartPost=/bin/systemctl start heal-docker.cymais.service \ No newline at end of file From cf1756829586ebbbfa0ae7facc4a70403ae73218 Mon Sep 17 00:00:00 2001 From: Kevin Veen-Birkenbach Date: Tue, 23 Jan 2024 15:08:56 +0100 Subject: [PATCH 5/7] Start heal-docker.cymais.service in background to don't block main service --- .../templates/backup-docker-to-local-everything.service.j2 | 2 +- .../templates/backup-docker-to-local.service.j2 | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/roles/backup-docker-to-local/templates/backup-docker-to-local-everything.service.j2 b/roles/backup-docker-to-local/templates/backup-docker-to-local-everything.service.j2 index 5c4beff4..0a402610 100644 --- a/roles/backup-docker-to-local/templates/backup-docker-to-local-everything.service.j2 +++ b/roles/backup-docker-to-local/templates/backup-docker-to-local-everything.service.j2 @@ -6,4 +6,4 @@ OnFailure=systemd-notifier.cymais@%n.service cleanup-failed-docker-backups.cymai Type=oneshot ExecStartPre=/bin/sh -c '/usr/bin/python {{ path_system_lock_script }} {{ system_maintenance_services | join(' ') }} --ignore {{ system_maintenance_backup_services | reject('equalto', 'backup-docker-to-local') | join(' ') }} --timeout "{{sytem_maintenance_lock_timeout_backup_services}}"' ExecStart=/bin/sh -c '/usr/bin/python {{backup_docker_to_local_folder}}backup-docker-to-local.py --everything' -ExecStartPost=/bin/systemctl start heal-docker.cymais.service \ No newline at end of file +ExecStartPost=/bin/sh -c '/bin/systemctl start heal-docker.cymais.service &' \ No newline at end of file diff --git a/roles/backup-docker-to-local/templates/backup-docker-to-local.service.j2 b/roles/backup-docker-to-local/templates/backup-docker-to-local.service.j2 index 16dcf3d1..1c5cf75b 100644 --- a/roles/backup-docker-to-local/templates/backup-docker-to-local.service.j2 +++ b/roles/backup-docker-to-local/templates/backup-docker-to-local.service.j2 @@ -6,4 +6,4 @@ OnFailure=systemd-notifier.cymais@%n.service cleanup-failed-docker-backups.cymai Type=oneshot ExecStartPre=/bin/sh -c '/usr/bin/python {{ path_system_lock_script }} {{ system_maintenance_services | join(' ') }} --ignore {{ system_maintenance_backup_services | reject('equalto', 'backup-docker-to-local-everything') | join(' ') }} --timeout "{{sytem_maintenance_lock_timeout_backup_services}}"' ExecStart=/bin/sh -c '/usr/bin/python {{backup_docker_to_local_folder}}backup-docker-to-local.py' -ExecStartPost=/bin/systemctl start heal-docker.cymais.service \ No newline at end of file +ExecStartPost=/bin/sh -c '/bin/systemctl start heal-docker.cymais.service &' \ No newline at end of file From 4778bd9f35e5d70d0083a22fde84577c9b01db1c Mon Sep 17 00:00:00 2001 From: Kevin Veen-Birkenbach Date: Tue, 23 Jan 2024 20:20:45 +0100 Subject: [PATCH 6/7] Solved port bug --- roles/docker-moodle/templates/docker-compose.yml.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/docker-moodle/templates/docker-compose.yml.j2 b/roles/docker-moodle/templates/docker-compose.yml.j2 index 88cfcc49..4940305e 100644 --- a/roles/docker-moodle/templates/docker-compose.yml.j2 +++ b/roles/docker-moodle/templates/docker-compose.yml.j2 @@ -4,7 +4,7 @@ services: moodle: image: docker.io/bitnami/moodle:latest ports: - - 127.0.0.1:{{http_port}}:80 + - 127.0.0.1:{{http_port}}:8080 environment: - MOODLE_DATABASE_HOST={{database_host}} - MOODLE_DATABASE_PORT_NUMBER=3306 From 2f7f22dcbc0fb6f0386481078c102fef020e4298 Mon Sep 17 00:00:00 2001 From: Kevin Veen-Birkenbach Date: Mon, 29 Jan 2024 20:05:57 +0100 Subject: [PATCH 7/7] Implemented directory validator --- roles/backup-directory-validator/tasks/main.yml | 12 ++++++++++++ roles/backup-directory-validator/vars/main.yml | 1 + roles/backup-docker-to-local/meta/main.yml | 3 ++- roles/cleanup-failed-docker-backups/meta/main.yml | 1 + 4 files changed, 16 insertions(+), 1 deletion(-) create mode 100644 roles/backup-directory-validator/tasks/main.yml create mode 100644 roles/backup-directory-validator/vars/main.yml diff --git a/roles/backup-directory-validator/tasks/main.yml b/roles/backup-directory-validator/tasks/main.yml new file mode 100644 index 00000000..753ceefd --- /dev/null +++ b/roles/backup-directory-validator/tasks/main.yml @@ -0,0 +1,12 @@ +- name: pull directory-validator.git + git: + repo: "https://github.com/kevinveenbirkenbach/directory-validator.git" + dest: "{{backup_directory_validator_folder}}" + update: yes + ignore_errors: true + when: run_once_backup_directory_validator is not defined + +- name: run the backup_directory_validator tasks once + set_fact: + run_once_backup_directory_validator: true + when: run_once_backup_directory_validator is not defined diff --git a/roles/backup-directory-validator/vars/main.yml b/roles/backup-directory-validator/vars/main.yml new file mode 100644 index 00000000..8b7ac34a --- /dev/null +++ b/roles/backup-directory-validator/vars/main.yml @@ -0,0 +1 @@ +backup_directory_validator_folder: "{{path_administrator_scripts}}directory-validator/" \ No newline at end of file diff --git a/roles/backup-docker-to-local/meta/main.yml b/roles/backup-docker-to-local/meta/main.yml index 09266425..319b42db 100644 --- a/roles/backup-docker-to-local/meta/main.yml +++ b/roles/backup-docker-to-local/meta/main.yml @@ -3,4 +3,5 @@ dependencies: - backups-provider - systemd-notifier - cleanup-failed-docker-backups - - system-maintenance-lock \ No newline at end of file + - system-maintenance-lock + - backup-directory-validator \ No newline at end of file diff --git a/roles/cleanup-failed-docker-backups/meta/main.yml b/roles/cleanup-failed-docker-backups/meta/main.yml index 34f87494..aa351d63 100644 --- a/roles/cleanup-failed-docker-backups/meta/main.yml +++ b/roles/cleanup-failed-docker-backups/meta/main.yml @@ -2,3 +2,4 @@ dependencies: - git - systemd-notifier - system-maintenance-lock + - backup-directory-validator