kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-08-15 08:30:46 +02:00
Code Issues Packages Projects Releases Wiki Activity
computer-playbook/roles/sys-rpr-docker-soft
History
Kevin Veen-Birkenbach 4fa1c6cfbd
ansible: quote file modes; keycloak: robust LDAP bind update + config cleanup 
Highlights
- Quote all file modes as strings ("0755"/"0770") across multiple roles to avoid YAML octal quirks and improve portability.
- Keycloak: introduce actions.{import_realm,update_ldap_bind} feature flags and wire them via vars/config.
- Implement idempotent LDAP bind updater (tasks/03_update-ldap-bind.yml):
  * kcadm login with no_log protection,
  * fetch LDAP UserStorage component by name,
  * compare current bindDn/bindCredential and update only when changed.
- Keycloak realm import template: keep providerId="ldap" and set name from keycloak_ldap_component_name.
- Centralize Keycloak readiness check in tasks/main.yml; remove duplicate waits from 02_update_client_redirects.yml and 04_ssh_public_key.yml.
- 01_import.yml: fix typo (keycloak), quote modes, tidy spacing, and replace Jinja-in-Jinja fileglob with concatenation.
- 02_update_client_redirects.yml: correct assert fail_msg filename; keep login-first flow.
- Minor template/vars tidy-ups (spacing, comments, consistent variable usage).

Files touched (excerpt)
- roles/*/*: replace 0755/0770 → "0755"/"0770"
- roles/web-app-keycloak/config/main.yml: add actions map
- roles/web-app-keycloak/vars/main.yml: unify Keycloak vars and feature flags
- roles/web-app-keycloak/tasks/{01_import,02_update_client_redirects,03_update-ldap-bind,04_ssh_public_key,main}.yml
- roles/web-app-keycloak/templates/{docker-compose.yml.j2,import/realm.json.j2}

https://chatgpt.com/share/689bda16-b138-800f-8258-e13f6d7d8239
2025-08-13 02:20:38 +02:00
..
files
Renamed cymais to infinito and did some other optimations and logout implementations
2025-07-29 16:35:42 +02:00
handlers
Renamed cymais to infinito and did some other optimations and logout implementations
2025-07-29 16:35:42 +02:00
meta
Optimized URLS
2025-08-13 00:33:47 +02:00
tasks
ansible: quote file modes; keycloak: robust LDAP bind update + config cleanup
2025-08-13 02:20:38 +02:00
templates
Renamed cymais to infinito and did some other optimations and logout implementations
2025-07-29 16:35:42 +02:00
vars
Another big round of refactoring and cleaning...
2025-07-11 17:55:26 +02:00
README.md
Optimized URLS
2025-08-13 00:33:47 +02:00

README.md

Docker Healer 🩺

Description

This Ansible role automatically restarts Docker Compose configurations with exited or unhealthy containers on Arch Linux systems. It ensures the stability of containerized workloads by recovering from common error conditions like port binding issues.

Overview

Tailored for Arch Linux, this role monitors containers for failure states and initiates a controlled restart of affected Compose configurations. If port conflicts prevent recovery, the role stops the affected stack, restarts Docker, and recreates the container environment.

Purpose

The purpose of this role is to provide automated healing for Docker Compose environments, minimizing manual recovery effort and reducing downtime.

Features

  • Container Health Monitoring: Detects unhealthy or exited containers.
  • Automated Recovery: Restarts failed containers and resolves port binding issues.
  • Run-once Setup Logic: Ensures idempotent execution by controlling task flow with internal flags.
  • System Role Integration: Seamlessly integrates with Infinito.Nexus system maintenance logic.

Credits 📝

Developed and maintained by Kevin Veen-Birkenbach.
Learn more at www.veen.world

Part of the Infinito.Nexus Project
License: Infinito.Nexus NonCommercial License (CNCL)