mirror of
https://github.com/kevinveenbirkenbach/computer-playbook.git
synced 2025-08-29 23:08:06 +02:00
Refactored docker logic
This commit is contained in:
147
tasks/plays/01_constructor.yml
Normal file
147
tasks/plays/01_constructor.yml
Normal file
@@ -0,0 +1,147 @@
|
||||
---
|
||||
- name: Merge variables
|
||||
block:
|
||||
- name: Merge users
|
||||
set_fact:
|
||||
users: "{{ default_users | combine(users| default({}), recursive=True) }}"
|
||||
|
||||
- name: Merge system_email definitions
|
||||
set_fact:
|
||||
system_email: "{{ default_system_email | combine(system_email | default({}, true), recursive=True) }}"
|
||||
|
||||
- name: Merge application definitions
|
||||
set_fact:
|
||||
applications: "{{ defaults_applications | combine(applications | default({}, true), recursive=True) }}"
|
||||
|
||||
- name: Merge current play applications
|
||||
set_fact:
|
||||
current_play_applications: >-
|
||||
{{
|
||||
applications |
|
||||
applications_if_group_and_deps(group_names)
|
||||
}}
|
||||
|
||||
- name: Merge current play domain definitions
|
||||
set_fact:
|
||||
current_play_domains: >-
|
||||
{{ current_play_applications |
|
||||
canonical_domains_map(primary_domain) |
|
||||
combine(domains | default({}, true), recursive=True)
|
||||
}}
|
||||
|
||||
- name: Merge domain definitions for all domains
|
||||
set_fact:
|
||||
domains: >-
|
||||
{{
|
||||
defaults_applications |
|
||||
canonical_domains_map(primary_domain) |
|
||||
combine(domains | default({}, true), recursive=True)
|
||||
}}
|
||||
|
||||
- name: Merge redirect_domain_mappings
|
||||
set_fact:
|
||||
# The following mapping is necessary to define the exceptions for domains which are created, but which aren't used
|
||||
redirect_domain_mappings: "{{
|
||||
[] |
|
||||
add_redirect_if_group('assets-server', domains | get_domain('assets-server'), domains | get_domain('file-server'), group_names) |
|
||||
merge_mapping(redirect_domain_mappings, 'source')
|
||||
}}"
|
||||
|
||||
- name: Set current play redirect domain mappings
|
||||
set_fact:
|
||||
current_play_domain_mappings_redirect: >-
|
||||
{{
|
||||
current_play_applications |
|
||||
domain_mappings(primary_domain) |
|
||||
merge_mapping(redirect_domain_mappings, 'source')
|
||||
}}
|
||||
|
||||
- name: Set current play all domains incl. www redirect if enabled
|
||||
set_fact:
|
||||
current_play_domains_all: >-
|
||||
{{
|
||||
(current_play_domains |
|
||||
combine(
|
||||
current_play_domain_mappings_redirect |
|
||||
items2dict(key_name='target', value_name='source'),
|
||||
recursive=True
|
||||
)) |
|
||||
generate_all_domains(
|
||||
('www_redirect' in group_names)
|
||||
)
|
||||
}}
|
||||
|
||||
- name: Merge networks definitions
|
||||
set_fact:
|
||||
networks: "{{ defaults_networks | combine(networks | default({}, true), recursive=True) }}"
|
||||
|
||||
- name: Merge oidc configuration
|
||||
set_fact:
|
||||
oidc: "{{ defaults_oidc | combine(oidc | default({}, true), recursive=True) }}"
|
||||
|
||||
- name: Merge design configuration
|
||||
set_fact:
|
||||
design: "{{ defaults_design | combine(design | default({}, true), recursive=True) }}"
|
||||
|
||||
- name: Merge service_provider configuration
|
||||
set_fact:
|
||||
service_provider: "{{ defaults_service_provider | combine(service_provider | default({}, true), recursive=True) }}"
|
||||
|
||||
- name: init root user
|
||||
include_role:
|
||||
name: user-root
|
||||
|
||||
- name: update device
|
||||
include_role:
|
||||
name: update
|
||||
when: mode_update | bool
|
||||
|
||||
- name: setup standard wireguard
|
||||
when: ("wireguard_server" in group_names)
|
||||
include_role:
|
||||
name: wireguard
|
||||
|
||||
# vpn setup
|
||||
- name: setup wireguard client behind firewall\nat
|
||||
when: ("wireguard_behind_firewall" in group_names)
|
||||
include_role:
|
||||
name: client-wireguard-behind-firewall
|
||||
|
||||
- name: setup wireguard client
|
||||
when: ("wireguard_client" in group_names)
|
||||
include_role:
|
||||
name: client-wireguard
|
||||
|
||||
## backup setup
|
||||
- name: setup replica backup hosts
|
||||
when: ("backup_remote_to_local" in group_names)
|
||||
include_role:
|
||||
name: backup-remote-to-local
|
||||
|
||||
- name: setup backup to swappable
|
||||
when: ("backup_to_usb" in group_names)
|
||||
include_role:
|
||||
name: backup-data-to-usb
|
||||
|
||||
## driver setup
|
||||
- name: driver-intel
|
||||
when: ("intel" in group_names)
|
||||
include_role:
|
||||
name: driver-intel
|
||||
|
||||
- name: setup multiprinter hosts
|
||||
when: ("epson_multiprinter" in group_names)
|
||||
include_role:
|
||||
name: driver-epson-multiprinter
|
||||
|
||||
|
||||
- name: setup hibernate lid switch
|
||||
when: ("driver-lid-switch" in group_names)
|
||||
include_role:
|
||||
name: driver-lid-switch
|
||||
|
||||
## system setup
|
||||
- name: setup swapfile hosts
|
||||
when: ("swapfile" in group_names)
|
||||
include_role:
|
||||
name: system-swapfile
|
||||
84
tasks/plays/02_personal-computer.yml
Normal file
84
tasks/plays/02_personal-computer.yml
Normal file
@@ -0,0 +1,84 @@
|
||||
---
|
||||
## pc applications
|
||||
- name: general host setup
|
||||
when: ("personal_computers" in group_names)
|
||||
include_role:
|
||||
name: "{{ item }}"
|
||||
loop:
|
||||
- persona-administrator
|
||||
- driver-non-free
|
||||
|
||||
- name: persona-employee
|
||||
when: ("collection_officetools" in group_names)
|
||||
include_role:
|
||||
name: "{{ item }}"
|
||||
loop:
|
||||
- persona-employee
|
||||
- client-jrnl
|
||||
|
||||
|
||||
- name: personal computer for business
|
||||
when: ("business_personal_computer" in group_names)
|
||||
include_role:
|
||||
name: client-gnucash
|
||||
|
||||
- name: persona-designer
|
||||
when: ("collection_designer" in group_names)
|
||||
include_role:
|
||||
name: persona-designer
|
||||
|
||||
- name: client-qbittorrent
|
||||
when: ("collection_torrent" in group_names)
|
||||
include_role:
|
||||
name: client-qbittorrent
|
||||
|
||||
- name: persona-streamer
|
||||
when: ("collection_streamer" in group_names)
|
||||
include_role:
|
||||
name: persona-streamer
|
||||
|
||||
- name: client-bluray-player
|
||||
when: ("collection_bluray_player" in group_names)
|
||||
include_role:
|
||||
name: client-bluray-player
|
||||
|
||||
- name: GNOME setup
|
||||
when: ("gnome" in group_names)
|
||||
include_role:
|
||||
name: client-gnome
|
||||
|
||||
- name: setup ssh client
|
||||
when: ("ssh-client" in group_names)
|
||||
include_role:
|
||||
name: client-ssh
|
||||
|
||||
- name: setup gaming hosts
|
||||
when: ("gaming" in group_names)
|
||||
include_role:
|
||||
name: persona-gamer
|
||||
|
||||
- name: setup entertainment hosts
|
||||
when: ("entertainment" in group_names)
|
||||
include_role:
|
||||
name: client-spotify
|
||||
|
||||
- name: setup torbrowser hosts
|
||||
when: ("torbrowser" in group_names)
|
||||
include_role:
|
||||
name: client-torbrowser
|
||||
|
||||
- name: setup nextcloud-client
|
||||
when: ("nextcloud_client" in group_names)
|
||||
include_role:
|
||||
name: client-nextcloud
|
||||
|
||||
- name: setup docker
|
||||
when: ("docker_client" in group_names)
|
||||
include_role:
|
||||
name: client-docker
|
||||
|
||||
# driver
|
||||
- name: setup msi rgb keyboard
|
||||
when: ("msi_perkeyrgb" in group_names)
|
||||
include_role:
|
||||
name: driver-msi-keyboard-color
|
||||
40
tasks/plays/02_server.yml
Normal file
40
tasks/plays/02_server.yml
Normal file
@@ -0,0 +1,40 @@
|
||||
---
|
||||
- name: servers host setup
|
||||
when: ("servers" in group_names)
|
||||
include_role:
|
||||
name: "{{ item }}"
|
||||
loop:
|
||||
- system-security
|
||||
- journalctl
|
||||
- health-disc-space
|
||||
- cleanup-disc-space
|
||||
- health-btrfs
|
||||
- system-btrfs-auto-balancer
|
||||
|
||||
- name: "Integrate Docker Role includes"
|
||||
include_tasks: "./tasks/utils/docker-roles.yml"
|
||||
|
||||
# Native Webserver Roles
|
||||
- name: setup nginx-serve-htmls
|
||||
when: ("nginx-serve-htmls" in group_names)
|
||||
include_role:
|
||||
name: nginx-serve-html
|
||||
vars:
|
||||
domain: "{{primary_domain}}"
|
||||
|
||||
- name: "setup corporate identity"
|
||||
when: ("corporate_identity" in group_names)
|
||||
include_role:
|
||||
name: persona-corporate
|
||||
|
||||
- name: setup redirect hosts
|
||||
when: ("redirect" in group_names)
|
||||
include_role:
|
||||
name: nginx-redirect-domains
|
||||
vars:
|
||||
domain_mappings: "{{ current_play_domain_mappings_redirect}}"
|
||||
|
||||
- name: setup www redirect
|
||||
when: ("www_redirect" in group_names)
|
||||
include_role:
|
||||
name: nginx-redirect-www
|
||||
15
tasks/plays/03_destructor.yml
Normal file
15
tasks/plays/03_destructor.yml
Normal file
@@ -0,0 +1,15 @@
|
||||
- name: optimize storage performance
|
||||
include_role:
|
||||
name: system-storage-optimizer
|
||||
when: "(path_mass_storage is defined or path_rapid_storage is defined) and enable_system_storage_optimizer | bool and (docker_enabled is defined and docker_enabled | bool) "
|
||||
|
||||
- name: Cleanup Docker Anonymous Volumes
|
||||
import_role:
|
||||
name: cleanup-docker-anonymous-volumes
|
||||
when: mode_cleanup | bool
|
||||
|
||||
- name: Show all facts
|
||||
debug:
|
||||
var: ansible_facts
|
||||
when: enable_debug | bool
|
||||
|
||||
Reference in New Issue
Block a user