From a112b67eda7f1ddea492eda60fe693e2ca071f70 Mon Sep 17 00:00:00 2001 From: Kevin Veen-Birkenbach Date: Sun, 31 Dec 2023 11:14:18 +0100 Subject: [PATCH] Added draft for central postgres and mariadb. variables and networks still need to be adapted --- group_vars/all | 3 ++ roles/docker-akaunting/tasks/main.yml | 5 +++ .../templates/docker-compose.yml.j2 | 6 ++- roles/docker-attendize/tasks/main.yml | 5 +++ .../templates/docker-compose.yml.j2 | 17 +++++++-- roles/docker-funkwhale/tasks/main.yml | 5 +++ .../templates/docker-compose.yml.j2 | 22 ++++++----- roles/docker-funkwhale/vars/main.yml | 4 ++ roles/docker-gitea/tasks/main.yml | 5 +++ .../templates/docker-compose.yml.j2 | 12 ++++-- roles/docker-gitlab/tasks/main.yml | 5 +++ .../templates/docker-compose.yml.j2 | 14 +++++-- roles/docker-jenkins/README.md | 1 + roles/docker-joomla/tasks/main.yml | 5 +++ .../templates/docker-compose.yml.j2 | 8 +++- roles/docker-listmonk/tasks/main.yml | 5 +++ .../templates/docker-compose.yml.j2 | 13 ++++--- roles/docker-mailu/tasks/main.yml | 5 +++ .../templates/docker-compose.yml.j2 | 13 +++++-- roles/docker-mariadb/handlers/main.yml | 21 ----------- roles/docker-mariadb/tasks/main.yml | 36 +++++++++++++++++- roles/docker-mastodon/tasks/main.yml | 5 +++ .../templates/docker-compose.yml.j2 | 26 ++++++------- roles/docker-mastodon/vars/main.yml | 7 ++-- roles/docker-matomo/tasks/main.yml | 5 +++ .../templates/docker-compose.yml.j2 | 11 +++--- roles/docker-matrix-compose/tasks/main.yml | 5 +++ .../templates/docker-compose.yml.j2 | 23 +++--------- roles/docker-mybb/tasks/main.yml | 5 +++ .../templates/docker-compose.yml.j2 | 12 ++++-- roles/docker-nextcloud/tasks/main.yml | 5 +++ .../templates/docker-compose.yml.j2 | 32 ++++++---------- roles/docker-openproject/tasks/main.yml | 5 +++ .../templates/docker-compose.yml.j2 | 37 ++++++++++--------- roles/docker-openproject/templates/env.j2 | 5 +-- roles/docker-peertube/tasks/main.yml | 7 +++- .../templates/docker-compose.yml.j2 | 22 ++++------- roles/docker-pixelfed/tasks/main.yml | 7 +++- .../templates/docker-compose.yml.j2 | 15 ++++++-- roles/docker-pixelfed/templates/env.j2 | 12 ++---- roles/docker-postgres/handlers/main.yml | 22 ----------- roles/docker-postgres/tasks/main.yml | 32 ++++++++++++++++ roles/docker-wordpress/tasks/main.yml | 5 +++ .../templates/docker-compose.yml.j2 | 6 ++- roles/docker-yourls/tasks/main.yml | 5 +++ .../templates/docker-compose.yml.j2 | 25 +++---------- templates/docker-mariadb-service.yml.j2 | 1 + templates/docker-postgres-service.yml.j2 | 1 + 48 files changed, 340 insertions(+), 213 deletions(-) create mode 100644 roles/docker-jenkins/README.md delete mode 100644 roles/docker-mariadb/handlers/main.yml delete mode 100644 roles/docker-postgres/handlers/main.yml diff --git a/group_vars/all b/group_vars/all index a4e71f79..9e5851e9 100644 --- a/group_vars/all +++ b/group_vars/all @@ -96,6 +96,9 @@ nginx_upstreams_directory: "{{nginx_configuration_directory}}upstreams/" ## Docker Applications +### Enable Central MariaDB +enable_central_database: true + ### Domain Names for Various Services domain_akaunting: "akaunting.{{top_domain}}" domain_baserow: "baserow.{{top_domain}}" diff --git a/roles/docker-akaunting/tasks/main.yml b/roles/docker-akaunting/tasks/main.yml index d5f921e3..f5f0e389 100644 --- a/roles/docker-akaunting/tasks/main.yml +++ b/roles/docker-akaunting/tasks/main.yml @@ -2,6 +2,11 @@ - name: "include tasks nginx-docker-proxy-domain.yml" include_tasks: nginx-docker-proxy-domain.yml +- name: Create database in central MariaDB + include_role: + name: docker-mariadb + when: enable_central_database | bool + - name: "include tasks update-repository-with-docker-compose.yml" include_tasks: update-repository-with-docker-compose.yml diff --git a/roles/docker-akaunting/templates/docker-compose.yml.j2 b/roles/docker-akaunting/templates/docker-compose.yml.j2 index 3a5cfce1..dfe128d5 100644 --- a/roles/docker-akaunting/templates/docker-compose.yml.j2 +++ b/roles/docker-akaunting/templates/docker-compose.yml.j2 @@ -14,11 +14,15 @@ services: - env/run.env environment: - AKAUNTING_SETUP +{% if not ( enable_central_database | lower | bool ) %} depends_on: - database {% include 'templates/docker-mariadb-service.yml.j2' %} +{% endif %} volumes: data: - database: \ No newline at end of file +{% if not ( enable_central_database | lower | bool ) %} + database: +{% endif %} \ No newline at end of file diff --git a/roles/docker-attendize/tasks/main.yml b/roles/docker-attendize/tasks/main.yml index e3495508..542f3dfb 100644 --- a/roles/docker-attendize/tasks/main.yml +++ b/roles/docker-attendize/tasks/main.yml @@ -11,5 +11,10 @@ dest: "{{nginx_servers_directory}}{{domain}}.conf" notify: restart nginx +- name: Create database in central MariaDB + include_role: + name: docker-mariadb + when: enable_central_database | bool + - name: "include tasks update-repository-with-docker-compose.yml" include_tasks: update-repository-with-docker-compose.yml \ No newline at end of file diff --git a/roles/docker-attendize/templates/docker-compose.yml.j2 b/roles/docker-attendize/templates/docker-compose.yml.j2 index 844fb203..4642d39c 100644 --- a/roles/docker-attendize/templates/docker-compose.yml.j2 +++ b/roles/docker-attendize/templates/docker-compose.yml.j2 @@ -9,7 +9,9 @@ services: - .:/usr/share/nginx/html - .:/var/www depends_on: +{% if not ( enable_central_database | lower | bool ) %} - database +{% endif %} - maildev - redis - worker @@ -18,15 +20,15 @@ services: worker: image: attendize_worker:latest depends_on: +{% if not ( enable_central_database | lower | bool ) %} - database +{% endif %} - maildev - redis volumes: - .:/usr/share/nginx/html - .:/var/www -{% include 'templates/docker-mariadb-service.yml.j2' %} - maildev: image: maildev/maildev ports: @@ -34,6 +36,15 @@ services: {% include 'templates/docker-redis-service.yml.j2' %} +{% if not ( enable_central_database | lower | bool ) %} + depends_on: + - database + +{% include 'templates/docker-mariadb-service.yml.j2' %} +{% endif %} + volumes: + redis: +{% if not ( enable_central_database | lower | bool ) %} database: - redis: \ No newline at end of file +{% endif %} \ No newline at end of file diff --git a/roles/docker-funkwhale/tasks/main.yml b/roles/docker-funkwhale/tasks/main.yml index 54a4de6d..ec7197ea 100644 --- a/roles/docker-funkwhale/tasks/main.yml +++ b/roles/docker-funkwhale/tasks/main.yml @@ -2,6 +2,11 @@ - name: "include tasks nginx-docker-proxy-domain.yml" include_tasks: nginx-docker-proxy-domain.yml +- name: Create database in central MariaDB + include_role: + name: docker-mariadb + when: enable_central_database | bool + - name: "create {{docker_compose_instance_directory}}" file: path: "{{docker_compose_instance_directory}}" diff --git a/roles/docker-funkwhale/templates/docker-compose.yml.j2 b/roles/docker-funkwhale/templates/docker-compose.yml.j2 index 5defaa4e..940becd9 100644 --- a/roles/docker-funkwhale/templates/docker-compose.yml.j2 +++ b/roles/docker-funkwhale/templates/docker-compose.yml.j2 @@ -1,14 +1,6 @@ version: "3" services: - postgres: - restart: always - env_file: .env - environment: - - "POSTGRES_HOST_AUTH_METHOD=trust" - image: postgres:15-alpine - volumes: - - database:/var/lib/postgresql/data {% include 'templates/docker-redis-service.yml.j2' %} @@ -18,7 +10,9 @@ services: restart: always image: funkwhale/api:${FUNKWHALE_VERSION:-latest} depends_on: +{% if not ( enable_central_database | lower | bool ) %} - postgres +% endif %} - redis env_file: .env command: celery -A funkwhale_api.taskapp worker -l INFO --concurrency=${CELERYD_CONCURRENCY-0} @@ -31,7 +25,9 @@ services: restart: always image: funkwhale/api:${FUNKWHALE_VERSION:-latest} depends_on: +{% if not ( enable_central_database | lower | bool ) %} - postgres +% endif %} - redis env_file: .env command: celery -A funkwhale_api.taskapp beat --pidfile= -l INFO @@ -65,7 +61,15 @@ services: ports: # override those variables in your .env file if needed - "${FUNKWHALE_API_IP}:${FUNKWHALE_API_PORT}:80" + +{% if not ( enable_central_database | lower | bool ) %} +{% include 'templates/docker-postgres-service.yml.j2' %} +{% endif %} + volumes: data: redis: - database: \ No newline at end of file + +{% if not ( enable_central_database | lower | bool ) %} + database: +{% endif %} \ No newline at end of file diff --git a/roles/docker-funkwhale/vars/main.yml b/roles/docker-funkwhale/vars/main.yml index 82942d2b..407b9deb 100644 --- a/roles/docker-funkwhale/vars/main.yml +++ b/roles/docker-funkwhale/vars/main.yml @@ -1,3 +1,7 @@ docker_compose_project_name: "funkwhale" docker_compose_instance_directory: "{{path_docker_compose_instances}}{{docker_compose_project_name}}/" nginx_docker_reverse_proxy_extra_configuration: "client_max_body_size 512M;" +database_databasename: "{{docker_compose_project_name}}" +database_username: "{{docker_compose_project_name}}" +database_password: "{{funkwhale_database_password}}" +database_version: "{{ funkwhale_database_version | default(postgres_default_version) }}" diff --git a/roles/docker-gitea/tasks/main.yml b/roles/docker-gitea/tasks/main.yml index c9af2eab..a2efdf59 100644 --- a/roles/docker-gitea/tasks/main.yml +++ b/roles/docker-gitea/tasks/main.yml @@ -2,6 +2,11 @@ - name: "include tasks nginx-docker-proxy-domain.yml" include_tasks: nginx-docker-proxy-domain.yml +- name: create database in central MariaDB + include_role: + name: docker-mariadb + when: enable_central_database | bool + - name: "create {{docker_compose_instance_directory}}" file: path: "{{docker_compose_instance_directory}}" diff --git a/roles/docker-gitea/templates/docker-compose.yml.j2 b/roles/docker-gitea/templates/docker-compose.yml.j2 index 568826cb..cb43f04f 100644 --- a/roles/docker-gitea/templates/docker-compose.yml.j2 +++ b/roles/docker-gitea/templates/docker-compose.yml.j2 @@ -23,20 +23,24 @@ services: ports: - "127.0.0.1:{{http_port}}:3000" - "{{ssh_port}}:22" - links: - - database volumes: - data:/data - /etc/timezone:/etc/timezone:ro - /etc/localtime:/etc/localtime:ro +{% if not ( enable_central_database | lower | bool ) %} depends_on: - database - + links: + - database {% include 'templates/docker-mariadb-service.yml.j2' %} +{% endif %} volumes: - database: data: +{% if not ( enable_central_database | lower | bool ) %} + database: +{% endif %} + networks: default: driver: bridge diff --git a/roles/docker-gitlab/tasks/main.yml b/roles/docker-gitlab/tasks/main.yml index c9af2eab..806daaec 100644 --- a/roles/docker-gitlab/tasks/main.yml +++ b/roles/docker-gitlab/tasks/main.yml @@ -2,6 +2,11 @@ - name: "include tasks nginx-docker-proxy-domain.yml" include_tasks: nginx-docker-proxy-domain.yml +- name: create database in central Postgres + include_role: + name: docker-postgres + when: enable_central_database | bool + - name: "create {{docker_compose_instance_directory}}" file: path: "{{docker_compose_instance_directory}}" diff --git a/roles/docker-gitlab/templates/docker-compose.yml.j2 b/roles/docker-gitlab/templates/docker-compose.yml.j2 index c32dbfe5..e5fc014b 100644 --- a/roles/docker-gitlab/templates/docker-compose.yml.j2 +++ b/roles/docker-gitlab/templates/docker-compose.yml.j2 @@ -33,17 +33,23 @@ services: - 'data:/var/opt/gitlab' shm_size: '256m' depends_on: +{% if not ( enable_central_database | lower | bool ) %} database: condition: service_healthy +{% endif %} redis: -{% include 'templates/docker-postgres-service.yml.j2' %} - {% include 'templates/docker-redis-service.yml.j2' %} +{% if not ( enable_central_database | lower | bool ) %} +{% include 'templates/docker-postgres-service.yml.j2' %} +{% endif %} + volumes: - database: + redis: config: logs: data: - redis: \ No newline at end of file +{% if not ( enable_central_database | lower | bool ) %} + database: +{% endif %} diff --git a/roles/docker-jenkins/README.md b/roles/docker-jenkins/README.md new file mode 100644 index 00000000..92e8f32c --- /dev/null +++ b/roles/docker-jenkins/README.md @@ -0,0 +1 @@ +This role is deprecated. Needs to be reimplemented. \ No newline at end of file diff --git a/roles/docker-joomla/tasks/main.yml b/roles/docker-joomla/tasks/main.yml index ee608ad6..d9bad86f 100644 --- a/roles/docker-joomla/tasks/main.yml +++ b/roles/docker-joomla/tasks/main.yml @@ -5,6 +5,11 @@ loop_control: loop_var: domain +- name: create database in central MariaDB + include_role: + name: docker-mariadb + when: enable_central_database | bool + - name: "create {{docker_compose_instance_directory}}" file: path: "{{docker_compose_instance_directory}}" diff --git a/roles/docker-joomla/templates/docker-compose.yml.j2 b/roles/docker-joomla/templates/docker-compose.yml.j2 index a9e7f4d1..ec3707a4 100644 --- a/roles/docker-joomla/templates/docker-compose.yml.j2 +++ b/roles/docker-joomla/templates/docker-compose.yml.j2 @@ -11,15 +11,21 @@ services: JOOMLA_DB_PASSWORD: "{{database_password}}" JOOMLA_DB_NAME: "{{database_databasename}}" restart: always +{% if not ( enable_central_database | lower | bool ) %} links: - database +{% endif %} volumes: - data:/var/www/html ports: - "127.0.0.1:{{http_port}}:80" +{% if not ( enable_central_database | lower | bool ) %} {% include 'templates/docker-mariadb-service.yml.j2' %} +{% endif %} volumes: + data: +{% if not ( enable_central_database | lower | bool ) %} database: - data: \ No newline at end of file +{% endif %} diff --git a/roles/docker-listmonk/tasks/main.yml b/roles/docker-listmonk/tasks/main.yml index b52055a9..80e3da76 100644 --- a/roles/docker-listmonk/tasks/main.yml +++ b/roles/docker-listmonk/tasks/main.yml @@ -2,6 +2,11 @@ - name: "include tasks nginx-docker-proxy-domain.yml" include_tasks: nginx-docker-proxy-domain.yml +- name: create database in central Postgres + include_role: + name: docker-postgres + when: enable_central_database | bool + - name: "create {{docker_compose_instance_directory}}" file: path: "{{docker_compose_instance_directory}}" diff --git a/roles/docker-listmonk/templates/docker-compose.yml.j2 b/roles/docker-listmonk/templates/docker-compose.yml.j2 index 025242c1..3a659b29 100644 --- a/roles/docker-listmonk/templates/docker-compose.yml.j2 +++ b/roles/docker-listmonk/templates/docker-compose.yml.j2 @@ -2,8 +2,6 @@ version: "3.7" services: -{% include 'templates/docker-postgres-service.yml.j2' %} - application: restart: unless-stopped image: listmonk/listmonk:latest @@ -11,10 +9,15 @@ services: - "127.0.0.1:{{http_port}}:9000" environment: - TZ=Etc/UTC - depends_on: - - database volumes: - ./config.toml:/listmonk/config.toml +{% if not ( enable_central_database | lower | bool ) %} + depends_on: + - database + +{% include 'templates/docker-postgres-service.yml.j2' %} + volumes: - database: \ No newline at end of file + database: +{% endif %} \ No newline at end of file diff --git a/roles/docker-mailu/tasks/main.yml b/roles/docker-mailu/tasks/main.yml index 6aa7d45a..4b09d8b2 100644 --- a/roles/docker-mailu/tasks/main.yml +++ b/roles/docker-mailu/tasks/main.yml @@ -28,6 +28,11 @@ state: directory mode: 0755 +- name: create database in central MariaDB + include_role: + name: docker-mariadb + when: enable_central_database | bool + - name: add docker-compose.yml template: src: "docker-compose.yml.j2" diff --git a/roles/docker-mailu/templates/docker-compose.yml.j2 b/roles/docker-mailu/templates/docker-compose.yml.j2 index 0841486d..74eccd20 100644 --- a/roles/docker-mailu/templates/docker-compose.yml.j2 +++ b/roles/docker-mailu/templates/docker-compose.yml.j2 @@ -3,15 +3,11 @@ version: '2.2' services: {% include 'templates/docker-redis-service.yml.j2' %} - env_file: mailu.env depends_on: - resolver dns: - 192.168.203.254 - -{% include 'templates/docker-mariadb-service.yml.j2' %} - depends_on: - resolver dns: @@ -53,8 +49,10 @@ services: depends_on: resolver: condition: service_started +{% if not ( enable_central_database | lower | bool ) %} database: condition: service_healthy +{% endif %} networks: - default - webmail @@ -73,7 +71,9 @@ services: - resolver - front - redis +{% if not ( enable_central_database | lower | bool ) %} - database +{% endif %} logging: driver: journald dns: @@ -202,9 +202,14 @@ services: - webmail dns: - 192.168.203.254 +{% if not ( enable_central_database | lower | bool ) %} +{% include 'templates/docker-postgres-service.yml.j2' %} +{% endif %} volumes: +{% if not ( enable_central_database | lower | bool ) %} database: +{% endif %} smtp_queue: admin_data: webdav_data: diff --git a/roles/docker-mariadb/handlers/main.yml b/roles/docker-mariadb/handlers/main.yml deleted file mode 100644 index e2b48f3f..00000000 --- a/roles/docker-mariadb/handlers/main.yml +++ /dev/null @@ -1,21 +0,0 @@ -- name: create database - mysql_db: - name: "{{database_databasename}}" - state: present - login_user: root - login_password: "{{central_mariadb_root_password}}" - login_host: 127.0.0.1 - login_port: 3306 - listen: create database - -- name: create database user - mysql_user: - name: "{{database_username}}" - password: "{{database_password}}" - priv: '{{database_databasename}}.*:ALL' - state: present - login_user: root - login_password: "{{central_mariadb_root_password}}" - login_host: 127.0.0.1 - login_port: 3306 - listen: create database \ No newline at end of file diff --git a/roles/docker-mariadb/tasks/main.yml b/roles/docker-mariadb/tasks/main.yml index 913ce72b..db699b76 100644 --- a/roles/docker-mariadb/tasks/main.yml +++ b/roles/docker-mariadb/tasks/main.yml @@ -7,16 +7,48 @@ - name: install MariaDB docker_container: name: mariadb - image: mariadb:latest + image: mariadb:latest #could lead to problems with nextcloud detach: yes env: - MARIADB_ROOT_PASSWORD: "{{central_mariadb_root_password}}" + MARIADB_ROOT_PASSWORD: "{{central_mariadb_root_password}}" + MARIADB_AUTO_UPGRADE: "1" networks: - name: mariadb_network published_ports: - "127.0.0.1:3306:3306" + command: "--transaction-isolation=READ-COMMITTED --binlog-format=ROW" #for nextcloud when: run_once_docker_mariadb is not defined +- name: wait for availability of mariadb + wait_for: + host: "127.0.0.1" + port: "3306" + delay: 0 + timeout: 120 + when: run_once_docker_mariadb is not defined + +- name: create database + mysql_db: + name: "{{database_databasename}}" + state: present + login_user: root + login_password: "{{central_mariadb_root_password}}" + login_host: 127.0.0.1 + login_port: 3306 + listen: create database + +- name: create database user + mysql_user: + name: "{{database_username}}" + password: "{{database_password}}" + priv: '{{database_databasename}}.*:ALL' + state: present + login_user: root + login_password: "{{central_mariadb_root_password}}" + login_host: 127.0.0.1 + login_port: 3306 + listen: create database + - name: run the docker_mariadb tasks once set_fact: run_once_docker_mariadb: true diff --git a/roles/docker-mastodon/tasks/main.yml b/roles/docker-mastodon/tasks/main.yml index 1c0c6c96..988ff131 100644 --- a/roles/docker-mastodon/tasks/main.yml +++ b/roles/docker-mastodon/tasks/main.yml @@ -5,6 +5,11 @@ loop_control: loop_var: domain +- name: create database in central Postgres + include_role: + name: docker-postgres + when: enable_central_database | bool + - name: "create {{docker_compose_instance_directory}}" file: path: "{{docker_compose_instance_directory}}" diff --git a/roles/docker-mastodon/templates/docker-compose.yml.j2 b/roles/docker-mastodon/templates/docker-compose.yml.j2 index 943140bc..0c22ce4c 100644 --- a/roles/docker-mastodon/templates/docker-compose.yml.j2 +++ b/roles/docker-mastodon/templates/docker-compose.yml.j2 @@ -1,19 +1,5 @@ version: '3' services: - database: - restart: always - image: postgres:14-alpine - shm_size: 256mb - networks: - - internal_network - healthcheck: - test: ['CMD', 'pg_isready', '-U', 'postgres'] - volumes: - - database:/var/lib/postgresql/data - environment: - - 'POSTGRES_HOST_AUTH_METHOD=trust' - logging: - driver: journald {% include 'templates/docker-redis-service.yml.j2' %} @@ -34,7 +20,9 @@ services: ports: - "127.0.0.1:{{http_port}}:3000" depends_on: +{% if not ( enable_central_database | lower | bool ) %} - database +{% endif %} - redis volumes: - data:/mastodon/public/system @@ -54,7 +42,9 @@ services: ports: - "127.0.0.1:{{stream_port}}:4000" depends_on: +{% if not ( enable_central_database | lower | bool ) %} - database +{% endif %} - redis logging: driver: journald @@ -64,7 +54,9 @@ services: env_file: .env.production command: bundle exec sidekiq depends_on: +{% if not ( enable_central_database | lower | bool ) %} - database +{% endif %} - redis networks: - external_network @@ -75,8 +67,14 @@ services: test: ['CMD-SHELL', "ps aux | grep '[s]idekiq\ 6' || false"] logging: driver: journald +{% if not ( enable_central_database | lower | bool ) %} +{% include 'templates/docker-postgres-service.yml.j2' %} +{% endif %} + volumes: +{% if not ( enable_central_database | lower | bool ) %} database: +{% endif %} redis: data: networks: diff --git a/roles/docker-mastodon/vars/main.yml b/roles/docker-mastodon/vars/main.yml index 6479a2e7..9b10f8be 100644 --- a/roles/docker-mastodon/vars/main.yml +++ b/roles/docker-mastodon/vars/main.yml @@ -1,6 +1,7 @@ docker_compose_project_name: "mastodon" docker_compose_instance_directory: "{{path_docker_compose_instances}}{{docker_compose_project_name}}/" database_host: "database" -database_databasename: "postgres" # todo: Change this to standart name scheme for future setups -database_username: "postgres" # todo: Change this to standart name scheme for future setups -database_password: "" # todo: Change this to standart name scheme for future setups \ No newline at end of file +database_databasename: "{{docker_compose_project_name}}" +database_username: "{{docker_compose_project_name}}" +database_password: "{{mastodon_database_password}}" +database_version: "{{ mastodon_database_version | default(postgres_default_version) }}" \ No newline at end of file diff --git a/roles/docker-matomo/tasks/main.yml b/roles/docker-matomo/tasks/main.yml index 994978ba..eb7b25ed 100644 --- a/roles/docker-matomo/tasks/main.yml +++ b/roles/docker-matomo/tasks/main.yml @@ -2,6 +2,11 @@ - name: "include tasks nginx-docker-proxy-domain.yml" include_tasks: nginx-docker-proxy-domain.yml +- name: create database in central MariaDB + include_role: + name: docker-mariadb + when: enable_central_database | bool + - name: "create {{docker_compose_instance_directory}}" file: path: "{{docker_compose_instance_directory}}" diff --git a/roles/docker-matomo/templates/docker-compose.yml.j2 b/roles/docker-matomo/templates/docker-compose.yml.j2 index f7ffd3bb..022c018d 100644 --- a/roles/docker-matomo/templates/docker-compose.yml.j2 +++ b/roles/docker-matomo/templates/docker-compose.yml.j2 @@ -14,17 +14,18 @@ services: MATOMO_DATABASE_USERNAME: "{{database_username}}" MATOMO_DATABASE_PASSWORD: "{{database_password}}" MATOMO_DATABASE_DBNAME: "{{database_databasename}}" - links: - - database - depends_on: - - database volumes: - data:/var/www/html - +{% if not ( enable_central_database | lower | bool ) %} + depends_on: + - database {% include 'templates/docker-mariadb-service.yml.j2' %} +{% endif %} volumes: +{% if not ( enable_central_database | lower | bool ) %} database: +{% endif %} data: networks: default: diff --git a/roles/docker-matrix-compose/tasks/main.yml b/roles/docker-matrix-compose/tasks/main.yml index 8e6f4a15..a3e7ed9b 100644 --- a/roles/docker-matrix-compose/tasks/main.yml +++ b/roles/docker-matrix-compose/tasks/main.yml @@ -4,6 +4,11 @@ vars: domain: "{{synapse_domain}}" http_port: "{{synapse_http_port}}" + +- name: create database in central Postgres + include_role: + name: docker-postgres + when: enable_central_database | bool - name: "include tasks nginx-docker-proxy-domain.yml" include_tasks: nginx-docker-proxy-domain.yml diff --git a/roles/docker-matrix-compose/templates/docker-compose.yml.j2 b/roles/docker-matrix-compose/templates/docker-compose.yml.j2 index b63ea2a6..02605f95 100644 --- a/roles/docker-matrix-compose/templates/docker-compose.yml.j2 +++ b/roles/docker-matrix-compose/templates/docker-compose.yml.j2 @@ -16,25 +16,12 @@ services: - SYNAPSE_REPORT_STATS=no ports: - "127.0.0.1:{{synapse_http_port}}:8008" +{% if not ( enable_central_database | lower | bool ) %} depends_on: - database - database: - logging: - driver: journald - image: postgres:16 - restart: unless-stopped - volumes: - - database:/var/lib/postgresql/data - environment: - - POSTGRES_DB={{database_databasename}} - - POSTGRES_USER={{database_username}} - - POSTGRES_PASSWORD={{database_password}} - - POSTGRES_INITDB_ARGS=--encoding=UTF8 --locale=C - healthcheck: - test: ["CMD-SHELL", "pg_isready -U {{database_username}}"] - interval: 10s - timeout: 5s - retries: 6 +{% include 'templates/docker-postgres-service.yml.j2' %} +{% endif %} + element: image: vectorim/element-web:latest restart: unless-stopped @@ -73,7 +60,9 @@ services: # - instagram_bridge_data:/data volumes: +{% if not ( enable_central_database | lower | bool ) %} database: +{% endif %} synapse_data: #telegram_bridge_data: #whatsapp_bridge_data: diff --git a/roles/docker-mybb/tasks/main.yml b/roles/docker-mybb/tasks/main.yml index db179fa1..01a73412 100644 --- a/roles/docker-mybb/tasks/main.yml +++ b/roles/docker-mybb/tasks/main.yml @@ -5,6 +5,11 @@ loop_control: loop_var: domain +- name: create database in central MariaDB + include_role: + name: docker-mariadb + when: enable_central_database | bool + - name: "create {{docker_compose_instance_confd_directory}} and parent directories" file: path: "{{docker_compose_instance_confd_directory}}" diff --git a/roles/docker-mybb/templates/docker-compose.yml.j2 b/roles/docker-mybb/templates/docker-compose.yml.j2 index cea2b610..806a9018 100644 --- a/roles/docker-mybb/templates/docker-compose.yml.j2 +++ b/roles/docker-mybb/templates/docker-compose.yml.j2 @@ -7,17 +7,17 @@ services: tag: "mybb_application" image: mybb/mybb:latest restart: always - links: - - database volumes: - data:/var/www/html +{% if not ( enable_central_database | lower | bool ) %} + depends_on: + - database +{% endif %} server: logging: driver: journald options: tag: "mybb_server" - links: - - application image: nginx:mainline restart: always ports: @@ -26,10 +26,14 @@ services: - "{{docker_compose_instance_confd_directory}}:{{target_mount_conf_d_directory}}:ro" - "data:/var/www/html:ro" +{% if not ( enable_central_database | lower | bool ) %} {% include 'templates/docker-mariadb-service.yml.j2' %} +{% endif %} volumes: +{% if not ( enable_central_database | lower | bool ) %} database: +{% endif %} data: networks: default: diff --git a/roles/docker-nextcloud/tasks/main.yml b/roles/docker-nextcloud/tasks/main.yml index 2df12ad9..18964e5b 100644 --- a/roles/docker-nextcloud/tasks/main.yml +++ b/roles/docker-nextcloud/tasks/main.yml @@ -20,6 +20,11 @@ dest: "{{path_docker_volumes}}nextcloud/nginx.conf" notify: docker compose project setup +- name: create database in central MariaDB + include_role: + name: docker-mariadb + when: enable_central_database | bool + - name: "create {{docker_compose_instance_directory}}" file: path: "{{docker_compose_instance_directory}}" diff --git a/roles/docker-nextcloud/templates/docker-compose.yml.j2 b/roles/docker-nextcloud/templates/docker-compose.yml.j2 index 356fcf31..6c326e23 100644 --- a/roles/docker-nextcloud/templates/docker-compose.yml.j2 +++ b/roles/docker-nextcloud/templates/docker-compose.yml.j2 @@ -6,8 +6,6 @@ services: restart: always logging: driver: journald - depends_on: - - database volumes: - data:/var/www/html environment: @@ -15,25 +13,13 @@ services: MYSQL_USER: "{{database_username}}" MYSQL_PASSWORD: "{{database_password}}" MYSQL_HOST: {{database_host}}:3306 - database: - logging: - driver: journald - image: mariadb:10.5 - command: "--transaction-isolation=READ-COMMITTED --binlog-format=ROW" - environment: - MYSQL_DATABASE: "{{database_databasename}}" - MYSQL_USER: "{{database_username}}" - MYSQL_PASSWORD: "{{database_password}}" - MYSQL_ROOT_PASSWORD: "{{database_password}}" - MARIADB_AUTO_UPGRADE: "1" - volumes: - - database:/var/lib/mysql - restart: always - healthcheck: - test: "/usr/bin/mariadb --user={{database_username}} --password={{database_password}} --execute \"SHOW DATABASES;\"" - interval: 3s - timeout: 1s - retries: 5 +{% if not ( enable_central_database | lower | bool ) %} + depends_on: + - database + +{% include 'templates/docker-mariadb-service.yml.j2' %} +{% endif %} + web: image: nginx:alpine logging: @@ -59,10 +45,14 @@ services: - data:/var/www/html entrypoint: /cron.sh depends_on: +{% if not ( enable_central_database | lower | bool ) %} - database +{% endif %} - redis volumes: +{% if not ( enable_central_database | lower | bool ) %} database: +{% endif %} data: redis: networks: diff --git a/roles/docker-openproject/tasks/main.yml b/roles/docker-openproject/tasks/main.yml index 0f4713ea..59716155 100644 --- a/roles/docker-openproject/tasks/main.yml +++ b/roles/docker-openproject/tasks/main.yml @@ -2,6 +2,11 @@ - name: "include tasks nginx-docker-proxy-domain.yml" include_tasks: nginx-docker-proxy-domain.yml +- name: create database in central Postgres + include_role: + name: docker-postgres + when: enable_central_database | bool + - name: "include tasks update-repository-with-docker-compose.yml" include_tasks: update-repository-with-docker-compose.yml diff --git a/roles/docker-openproject/templates/docker-compose.yml.j2 b/roles/docker-openproject/templates/docker-compose.yml.j2 index 603edf4c..9eba94d8 100644 --- a/roles/docker-openproject/templates/docker-compose.yml.j2 +++ b/roles/docker-openproject/templates/docker-compose.yml.j2 @@ -5,8 +5,8 @@ networks: backend: volumes: - pgdata: - opdata: + database: + data: x-op-restart-policy: &restart_policy restart: unless-stopped @@ -15,8 +15,8 @@ x-op-image: &image x-op-app: &app <<: [*image, *restart_policy] environment: - OPENPROJECT_HTTPS: "${OPENPROJECT_HTTPS:-true}" - OPENPROJECT_HOST__NAME: "${OPENPROJECT_HOST__NAME:-localhost:8080}" + OPENPROJECT_HTTPS: "${OPENPROJECT_HTTPS}" + OPENPROJECT_HOST__NAME: "${OPENPROJECT_HOST__NAME}" OPENPROJECT_HSTS: "${OPENPROJECT_HSTS:-true}" RAILS_CACHE_STORE: "memcache" OPENPROJECT_CACHE__MEMCACHE__SERVER: "cache:11211" @@ -27,19 +27,14 @@ x-op-app: &app # set to true to enable the email receiving feature. See ./docker/cron for more options IMAP_ENABLED: "${IMAP_ENABLED:-false}" volumes: - - "${OPDATA}:/var/openproject/assets" - - "${PGDATA}:/var/openproject/pgdata" + - "data:/var/openproject/assets" + - "database:/var/openproject/pgdata" services: - database: - image: postgres:13 - <<: *restart_policy - stop_grace_period: "3s" - volumes: - - "${PGDATA}:/var/lib/postgresql/data" - environment: - POSTGRES_PASSWORD: ${POSTGRES_PASSWORD} - POSTGRES_DB: openproject + +{% if not ( enable_central_database | lower | bool ) %} +{% include 'templates/docker-postgres-service.yml.j2' %} +{% endif %} networks: - backend @@ -53,7 +48,7 @@ services: <<: [*image, *restart_policy] command: "./docker/prod/proxy" ports: - - "${PORT:-8080}:80" + - "${PORT}:80" environment: APP_HOST: web OPENPROJECT_RAILS__RELATIVE__URL__ROOT: "${OPENPROJECT_RAILS__RELATIVE__URL__ROOT:-}" @@ -62,8 +57,8 @@ services: networks: - frontend volumes: - - "${OPDATA}:/var/openproject/assets" - - "${PGDATA}:/var/openproject/pgdata" + - "data:/var/openproject/assets" + - "database:/var/openproject/pgdata" web: <<: *app @@ -72,7 +67,9 @@ services: - frontend - backend depends_on: +{% if not ( enable_central_database | lower | bool ) %} - database +{% endif %} - cache - seeder labels: @@ -99,7 +96,9 @@ services: networks: - backend depends_on: +{% if not ( enable_central_database | lower | bool ) %} - database +{% endif %} - cache - seeder @@ -109,7 +108,9 @@ services: networks: - backend depends_on: +{% if not ( enable_central_database | lower | bool ) %} - database +{% endif %} - cache - seeder diff --git a/roles/docker-openproject/templates/env.j2 b/roles/docker-openproject/templates/env.j2 index 056dc098..6b1b2aca 100644 --- a/roles/docker-openproject/templates/env.j2 +++ b/roles/docker-openproject/templates/env.j2 @@ -15,7 +15,4 @@ IMAP_ENABLED=false POSTGRES_PASSWORD="{{ database_password }}" DATABASE_URL="postgres://{{ database_username }}:{{ database_password }}@{{database_host}}/{{database_databasename}}?pool=20&encoding=unicode&reconnect=true" RAILS_MIN_THREADS=4 -RAILS_MAX_THREADS=16 - -PGDATA="pgdata" -OPDATA="opdata" \ No newline at end of file +RAILS_MAX_THREADS=16 \ No newline at end of file diff --git a/roles/docker-peertube/tasks/main.yml b/roles/docker-peertube/tasks/main.yml index 9a8e6c70..a97df60c 100644 --- a/roles/docker-peertube/tasks/main.yml +++ b/roles/docker-peertube/tasks/main.yml @@ -4,7 +4,12 @@ loop: "{{ domains }}" loop_control: loop_var: domain - + +- name: create database in central Postgres + include_role: + name: docker-postgres + when: enable_central_database | bool + - name: "create {{docker_compose_instance_directory}}" file: path: "{{docker_compose_instance_directory}}" diff --git a/roles/docker-peertube/templates/docker-compose.yml.j2 b/roles/docker-peertube/templates/docker-compose.yml.j2 index 907aa155..9f0fc721 100644 --- a/roles/docker-peertube/templates/docker-compose.yml.j2 +++ b/roles/docker-peertube/templates/docker-compose.yml.j2 @@ -12,22 +12,14 @@ services: - assets:/app/client/dist - data:/data - config:/config + restart: "always" depends_on: - - database - redis - restart: "always" - database: - image: postgres:13-alpine - env_file: - - .env - volumes: - - database:/var/lib/postgresql/data - restart: "always" - healthcheck: - test: ["CMD-SHELL", "pg_isready -U peertube"] - interval: 10s - timeout: 5s - retries: 6 +{% if not ( enable_central_database | lower | bool ) %} + - database + +{% include 'templates/docker-postgres-service.yml.j2' %} +{% endif %} {% include 'templates/docker-redis-service.yml.j2' %} @@ -35,7 +27,9 @@ services: - .env volumes: assets: +{% if not ( enable_central_database | lower | bool ) %} database: +{% endif %} data: redis: config: \ No newline at end of file diff --git a/roles/docker-pixelfed/tasks/main.yml b/roles/docker-pixelfed/tasks/main.yml index 9494f848..8eb1ae02 100644 --- a/roles/docker-pixelfed/tasks/main.yml +++ b/roles/docker-pixelfed/tasks/main.yml @@ -1,7 +1,12 @@ --- - name: "include tasks nginx-docker-proxy-domain.yml" include_tasks: nginx-docker-proxy-domain.yml - + +- name: create database in central MariaDB + include_role: + name: docker-mariadb + when: enable_central_database | bool + - name: "create {{docker_compose_instance_directory}}" file: path: "{{docker_compose_instance_directory}}" diff --git a/roles/docker-pixelfed/templates/docker-compose.yml.j2 b/roles/docker-pixelfed/templates/docker-compose.yml.j2 index 77a68306..1f8d0780 100644 --- a/roles/docker-pixelfed/templates/docker-compose.yml.j2 +++ b/roles/docker-pixelfed/templates/docker-compose.yml.j2 @@ -15,7 +15,9 @@ services: ports: - "{{http_port}}:80" depends_on: +{% if not ( enable_central_database | lower | bool ) %} - database +{% endif %} - redis worker: image: zknt/pixelfed @@ -29,22 +31,27 @@ services: - "bootstrap:/var/www/bootstrap" - "./env:/var/www/.env" entrypoint: /worker-entrypoint.sh - depends_on: - - database - - redis - - application healthcheck: test: php artisan horizon:status | grep running interval: 60s timeout: 5s retries: 1 + depends_on: + - redis + - application +{% if not ( enable_central_database | lower | bool ) %} + + - database {% include 'templates/docker-mariadb-service.yml.j2' %} +{% endif %} {% include 'templates/docker-redis-service.yml.j2' %} volumes: +{% if not ( enable_central_database | lower | bool ) %} database: +{% endif %} redis: application_data: bootstrap: \ No newline at end of file diff --git a/roles/docker-pixelfed/templates/env.j2 b/roles/docker-pixelfed/templates/env.j2 index a49dd72d..10457d2c 100644 --- a/roles/docker-pixelfed/templates/env.j2 +++ b/roles/docker-pixelfed/templates/env.j2 @@ -56,17 +56,11 @@ MAIL_ENCRYPTION=tls ## Databases (MySQL) DB_CONNECTION=mysql -DB_DATABASE=pixelfed -DB_HOST=database +DB_DATABASE={{database_databasename}} +DB_HOST={{database_host}} DB_PASSWORD="{{pixelfed_database_password}}" DB_PORT=3306 -DB_USERNAME=pixelfed -# pass the same values to the db itself -MYSQL_DATABASE="pixelfed" -MYSQL_USER="pixelfed" -MYSQL_PASSWORD="{{pixelfed_database_password}}" -MYSQL_ROOT_PASSWORD="{{pixelfed_database_password}}" -MARIADB_AUTO_UPGRADE="1" +DB_USERNAME={{database_username}} ## Cache (Redis) REDIS_CLIENT=phpredis diff --git a/roles/docker-postgres/handlers/main.yml b/roles/docker-postgres/handlers/main.yml deleted file mode 100644 index 4e07555e..00000000 --- a/roles/docker-postgres/handlers/main.yml +++ /dev/null @@ -1,22 +0,0 @@ -- name: Create database - postgresql_db: - name: "{{ database_databasename }}" - state: present - login_user: postgres - login_password: "{{ central_postgres_password }}" - login_host: 127.0.0.1 - login_port: 5432 - listen: create database - -- name: Create database user - postgresql_user: - name: "{{ database_username }}" - password: "{{ database_password }}" - db: "{{ database_databasename }}" - priv: ALL - state: present - login_user: postgres - login_password: "{{ central_postgres_password }}" - login_host: 127.0.0.1 - login_port: 5432 - listen: create database diff --git a/roles/docker-postgres/tasks/main.yml b/roles/docker-postgres/tasks/main.yml index 9cdba2cf..f8771b43 100644 --- a/roles/docker-postgres/tasks/main.yml +++ b/roles/docker-postgres/tasks/main.yml @@ -11,12 +11,44 @@ detach: yes env: POSTGRES_PASSWORD: "{{ central_postgres_password }}" + POSTGRES_INITDB_ARGS: "--encoding=UTF8 --locale=C" # Necessary for docker-matrix networks: - name: postgres_network published_ports: - "127.0.0.1:5432:5432" when: run_once_docker_postgres is not defined +- name: wait for availability of postgres + wait_for: + host: "127.0.0.1" + port: "5432" + delay: 0 + timeout: 120 + when: run_once_docker_postgres is not defined + +- name: Create database + postgresql_db: + name: "{{ database_databasename }}" + state: present + login_user: postgres + login_password: "{{ central_postgres_password }}" + login_host: 127.0.0.1 + login_port: 5432 + listen: create database + +- name: Create database user + postgresql_user: + name: "{{ database_username }}" + password: "{{ database_password }}" + db: "{{ database_databasename }}" + priv: ALL + state: present + login_user: postgres + login_password: "{{ central_postgres_password }}" + login_host: 127.0.0.1 + login_port: 5432 + listen: create database + - name: Run the docker_postgres tasks once set_fact: run_once_docker_postgres: true diff --git a/roles/docker-wordpress/tasks/main.yml b/roles/docker-wordpress/tasks/main.yml index ce9ba222..3feb730c 100644 --- a/roles/docker-wordpress/tasks/main.yml +++ b/roles/docker-wordpress/tasks/main.yml @@ -8,6 +8,11 @@ vars: nginx_docker_reverse_proxy_extra_configuration: "client_max_body_size {{wordpress_max_upload_size}};" +- name: create database in central MariaDB + include_role: + name: docker-mariadb + when: enable_central_database | bool + - name: "create {{docker_compose_instance_directory}}" file: path: "{{docker_compose_instance_directory}}" diff --git a/roles/docker-wordpress/templates/docker-compose.yml.j2 b/roles/docker-wordpress/templates/docker-compose.yml.j2 index 3f4d6946..14ded290 100644 --- a/roles/docker-wordpress/templates/docker-compose.yml.j2 +++ b/roles/docker-wordpress/templates/docker-compose.yml.j2 @@ -15,17 +15,19 @@ services: WORDPRESS_DB_USER: "{{database_username}}" WORDPRESS_DB_PASSWORD: "{{database_password}}" WORDPRESS_DB_NAME: "{{database_databasename}}" - links: - - database volumes: - data:/var/www/html +{% if not ( enable_central_database | lower | bool ) %} depends_on: - database {% include 'templates/docker-mariadb-service.yml.j2' %} +{% endif %} volumes: +{% if not ( enable_central_database | lower | bool ) %} database: +{% endif %} data: networks: default: diff --git a/roles/docker-yourls/tasks/main.yml b/roles/docker-yourls/tasks/main.yml index 994978ba..eb7b25ed 100644 --- a/roles/docker-yourls/tasks/main.yml +++ b/roles/docker-yourls/tasks/main.yml @@ -2,6 +2,11 @@ - name: "include tasks nginx-docker-proxy-domain.yml" include_tasks: nginx-docker-proxy-domain.yml +- name: create database in central MariaDB + include_role: + name: docker-mariadb + when: enable_central_database | bool + - name: "create {{docker_compose_instance_directory}}" file: path: "{{docker_compose_instance_directory}}" diff --git a/roles/docker-yourls/templates/docker-compose.yml.j2 b/roles/docker-yourls/templates/docker-compose.yml.j2 index 4f0a7cc5..b28dcdab 100644 --- a/roles/docker-yourls/templates/docker-compose.yml.j2 +++ b/roles/docker-yourls/templates/docker-compose.yml.j2 @@ -16,30 +16,15 @@ services: YOURLS_SITE: "https://{{domain}}" YOURLS_USER: "{{yourls_user}}" YOURLS_PASS: "{{yourls_user_password}}" - links: - - database +{% if not ( enable_central_database | lower | bool ) %} depends_on: - database - database: - logging: - driver: journald - image: mariadb - restart: always - environment: - MYSQL_DATABASE: "yourls" - MYSQL_USER: "yourls" - MYSQL_PASSWORD: "{{yourls_database_password}}" - MYSQL_ROOT_PASSWORD: "{{yourls_database_password}}" - MARIADB_AUTO_UPGRADE: "1" - volumes: - - database:/var/lib/mysql - healthcheck: - test: "/usr/bin/mariadb --user=yourls --password={{yourls_database_password}} --execute \"SHOW DATABASES;\"" - interval: 3s - timeout: 1s - retries: 5 + +{% include 'templates/docker-mariadb-service.yml.j2' %} + volumes: database: +{% endif %} networks: default: driver: bridge diff --git a/templates/docker-mariadb-service.yml.j2 b/templates/docker-mariadb-service.yml.j2 index 38130425..16b1f8c2 100644 --- a/templates/docker-mariadb-service.yml.j2 +++ b/templates/docker-mariadb-service.yml.j2 @@ -9,6 +9,7 @@ MYSQL_PASSWORD: "{{database_password}}" MYSQL_ROOT_PASSWORD: "{{database_password}}" MARIADB_AUTO_UPGRADE: "1" + command: "--transaction-isolation=READ-COMMITTED --binlog-format=ROW" volumes: - database:/var/lib/mysql healthcheck: diff --git a/templates/docker-postgres-service.yml.j2 b/templates/docker-postgres-service.yml.j2 index 6f3eb8f3..049e4d9e 100644 --- a/templates/docker-postgres-service.yml.j2 +++ b/templates/docker-postgres-service.yml.j2 @@ -5,6 +5,7 @@ - POSTGRES_PASSWORD={{database_password}} - POSTGRES_USER={{database_username}} - POSTGRES_DB={{database_databasename}} + - POSTGRES_INITDB_ARGS="--encoding=UTF8 --locale=C" restart: always healthcheck: test: ["CMD-SHELL", "pg_isready -U {{database_databasename}}"]