Added first, albeit incomplete, playbook for microservices container infrastructure set-up on VPS

2025-03-09 16:40:56 -04:00
parent f1982c64eb
commit ea44f0706a
1 changed files with 125 additions and 0 deletions
--- a/playbooks/cengine.init.yaml
+++ b/playbooks/cengine.init.yaml
@@ -0,0 +1,125 @@
+---
+- name: Ensuring microservice infrastructure
+  hosts: webservers
+  tasks:
+    - name: Ensure podman is installed
+      ansible.builtin.package:
+        name: podman
+        state: present
+      become: true
+    - name: Ensure podman-compose is installed
+      ansible.builtin.package:
+        name: podman-compose
+        state: present
+      become: true
+    - name: Ensure git is installed
+      ansible.builtin.package:
+        name: git
+        state: present
+      become: true
+    - name: Ensure possession of cloned repository with Compose files
+      ansible.builtin.git:
+        repo: senpai@sukaato.moe:repos/sukaato-compose.git
+        dest: ~/dev/sukaato-compose
+        version: latest
+      register: sshgit
+      ignore_errors: true
+    - name: Ensure possession of cloned repository with Compose files
+      ansible.builtin.git:
+        repo: 'https://git.sukaato.moe/' # @TODO: Finish HTTPS URI
+        dest: ~/dev/sukaato-compose
+        version: latest
+      register: webgit
+      ignore_errors: true
+      when: sshgit is failed or sshgit is skipped
+    - name: Ensure possession of cloned repository with Compose files
+      ansible.builtin.git:
+        repo: ~/repos/sukaato-compose.git
+        dest: ~/dev/sukaato-compose
+        version: latest
+      register: autogit
+      ignore_errors: true
+      when: webgit is failed or webgit is skipped
+    - name: Ensuring pods or containers are run
+      block:
+        - name: Ensuring pods or containers are run from Compose file(s)
+          ansible.builtin.command:
+            cmd: podman-compose up -d
+            chdir: ~/dev/sukaato-compose
+          register: podup
+          changed_when: podup.rc != 0
+      rescue:
+        - name: Ensure existence of Caddy data container volume
+          containers.podman.podman_volume:
+            state: present
+            name: caddy_data
+        - name: Ensure existence of Caddy configuration container volume
+          containers.podman.podman_volume:
+            state: present
+            name: caddy_config
+        - name: Ensure existence of directory for Caddyfile root path # @TODO: Specify ownership
+          ansible.builtin.file:
+            path: /srv/www/sukaato.moe
+            state: directory
+            mode: '0755'
+        - name: Ensure existence of directory for Caddyfile root path
+          ansible.builtin.file:
+            path: ~/.config/caddy
+            state: directory
+            mode: '0755'
+        - name: Ensure Caddyfile is copied into separate directory
+          ansible.builtin.file:
+            src: /srv/www/sukaato.moe/Caddyfile
+            dest: ~/.config/caddy/Caddyfile
+            mode: '0644'
+            state: hard
+        - name: Ensure possession of Caddy container image
+          containers.podman.podman_image:
+            name: caddy
+            tag: 2.9.1-alpine
+        - name: Ensure possession of Nextcloud container image
+          containers.podman.podman_image:
+            name: nextcloud
+            tag: 31.0.0-fpm-alpine
+        - name: Ensure possession of Gitea container image
+          containers.podman.podman_image:
+            name: gitea
+            tag: 1.23.5
+        - name: Ensure existence of shared network for Caddy reverse proxying
+          containers.podman.podman_network:
+            name: caddynet
+        - name: Ensure containers are running with appropriate configuration
+          containers.podman.podman_containers:
+            containers:
+              - name: revproxy
+                state: started
+                restart_policy: on-failure:5
+                image: caddy
+                publish:
+                  - "80:80"
+                  - "443:443"
+                  - "443:443/udp"
+                volumes:
+                  - "caddy_config:/config"
+                  - "caddy_data:/data"
+                  - "/srv/www/sukaato.moe:/srv/www/sukaato.moe"
+                  - "~/.config/caddy:/etc/caddy"
+                network:
+                  - "caddynet"
+                generate_systemd:
+                  restart_policy: always
+                  stop_timeout: 120
+                  names: true
+                  container_prefix: pm@
+              - name: cloud # @TODO: fill out rest of needed attributes
+                state: present # @TODO: Change to "started" later on
+                restart_policy: on-failure:5
+                image: nextcloud
+                network:
+                  - "caddynet"
+              - name: http_git # @TODO: fill out rest of needed attributes
+                state: present # @TODO: Change to "started" later on
+                restart_policy: on-failure:5
+                image: gitea
+                network:
+                  - "caddynet"