diff --git a/playbooks/cengine.init.yaml b/playbooks/cengine.init.yaml new file mode 100644 index 0000000..f14a6bb --- /dev/null +++ b/playbooks/cengine.init.yaml @@ -0,0 +1,125 @@ +--- +- name: Ensuring microservice infrastructure + hosts: webservers + tasks: + - name: Ensure podman is installed + ansible.builtin.package: + name: podman + state: present + become: true + - name: Ensure podman-compose is installed + ansible.builtin.package: + name: podman-compose + state: present + become: true + - name: Ensure git is installed + ansible.builtin.package: + name: git + state: present + become: true + - name: Ensure possession of cloned repository with Compose files + ansible.builtin.git: + repo: senpai@sukaato.moe:repos/sukaato-compose.git + dest: ~/dev/sukaato-compose + version: latest + register: sshgit + ignore_errors: true + - name: Ensure possession of cloned repository with Compose files + ansible.builtin.git: + repo: 'https://git.sukaato.moe/' # @TODO: Finish HTTPS URI + dest: ~/dev/sukaato-compose + version: latest + register: webgit + ignore_errors: true + when: sshgit is failed or sshgit is skipped + - name: Ensure possession of cloned repository with Compose files + ansible.builtin.git: + repo: ~/repos/sukaato-compose.git + dest: ~/dev/sukaato-compose + version: latest + register: autogit + ignore_errors: true + when: webgit is failed or webgit is skipped + - name: Ensuring pods or containers are run + block: + - name: Ensuring pods or containers are run from Compose file(s) + ansible.builtin.command: + cmd: podman-compose up -d + chdir: ~/dev/sukaato-compose + register: podup + changed_when: podup.rc != 0 + rescue: + - name: Ensure existence of Caddy data container volume + containers.podman.podman_volume: + state: present + name: caddy_data + - name: Ensure existence of Caddy configuration container volume + containers.podman.podman_volume: + state: present + name: caddy_config + - name: Ensure existence of directory for Caddyfile root path # @TODO: Specify ownership + ansible.builtin.file: + path: /srv/www/sukaato.moe + state: directory + mode: '0755' + - name: Ensure existence of directory for Caddyfile root path + ansible.builtin.file: + path: ~/.config/caddy + state: directory + mode: '0755' + - name: Ensure Caddyfile is copied into separate directory + ansible.builtin.file: + src: /srv/www/sukaato.moe/Caddyfile + dest: ~/.config/caddy/Caddyfile + mode: '0644' + state: hard + - name: Ensure possession of Caddy container image + containers.podman.podman_image: + name: caddy + tag: 2.9.1-alpine + - name: Ensure possession of Nextcloud container image + containers.podman.podman_image: + name: nextcloud + tag: 31.0.0-fpm-alpine + - name: Ensure possession of Gitea container image + containers.podman.podman_image: + name: gitea + tag: 1.23.5 + - name: Ensure existence of shared network for Caddy reverse proxying + containers.podman.podman_network: + name: caddynet + - name: Ensure containers are running with appropriate configuration + containers.podman.podman_containers: + containers: + - name: revproxy + state: started + restart_policy: on-failure:5 + image: caddy + publish: + - "80:80" + - "443:443" + - "443:443/udp" + volumes: + - "caddy_config:/config" + - "caddy_data:/data" + - "/srv/www/sukaato.moe:/srv/www/sukaato.moe" + - "~/.config/caddy:/etc/caddy" + network: + - "caddynet" + generate_systemd: + restart_policy: always + stop_timeout: 120 + names: true + container_prefix: pm@ + - name: cloud # @TODO: fill out rest of needed attributes + state: present # @TODO: Change to "started" later on + restart_policy: on-failure:5 + image: nextcloud + network: + - "caddynet" + - name: http_git # @TODO: fill out rest of needed attributes + state: present # @TODO: Change to "started" later on + restart_policy: on-failure:5 + image: gitea + network: + - "caddynet"