- name: Update default SELinux contexts community.general.sefcontext: target: "{{ item.target }}" setype: "container_file_t" selevel: "{{ item.selevel }}" state: present loop: - target: "{{ hedgedoc_install_dir }}/uploads(/.*)?" selevel: "{{ hedgedoc_selinux_level }}" - target: "{{ hedgedoc_install_dir }}/postgres(/.*)?" selevel: "{{ hedgedoc_postgres_selinux_level }}" become: true notify: "hedgedoc selinux context changed" - name: Create hedgedoc directories. ansible.builtin.file: path: "{{ hedgedoc_install_dir }}" owner: "root" group: "root" mode: "0700" state: directory become: true - name: Ensure hedgedoc data directories exist. block: - name: Stat hedgedoc uploads dir. ansible.builtin.stat: path: "{{ hedgedoc_install_dir }}/uploads" become: true register: hedgedoc_stat_uploads_dir - name: Stat hedgedoc postgres dir. ansible.builtin.stat: path: "{{ hedgedoc_install_dir }}/postgres" become: true register: hedgedoc_stat_postgres_dir - name: Create hedgedoc data directories. ansible.builtin.file: path: "{{ item.path }}" state: directory mode: "0700" owner: "{{ item.owner }}" group: "{{ item.group }}" loop: - path: "{{ hedgedoc_install_dir }}/uploads" owner: "{{ hedgedoc_stat_uploads_dir.stat.uid | default('root') }}" group: "{{ hedgedoc_stat_uploads_dir.stat.gid | default('root') }}" - path: "{{ hedgedoc_install_dir }}/postgres" owner: "{{ hedgedoc_stat_postgres_dir.stat.uid | default('root') }}" group: "{{ hedgedoc_stat_postgres_dir.stat.gid | default('root') }}" become: true - name: Deploy hedgedoc environment file. ansible.builtin.template: src: hedgedoc.env.j2 dest: "{{ hedgedoc_install_dir }}/hedgedoc.env" mode: "0600" owner: "root" group: "root" become: true notify: - "hedgedoc service changed" - name: Deploy postgres environment file. ansible.builtin.template: src: hedgedoc-postgres.env.j2 dest: "{{ hedgedoc_install_dir }}/hedgedoc-postgres.env" mode: "0600" owner: "root" group: "root" become: true notify: - "hedgedoc postgres service changed" - name: Add caddy config file. block: - name: Check caddy config dir. ansible.builtin.stat: path: "{{ caddy_install_dir }}/config" become: true register: caddy_stat_config_dir - name: Template caddy config for hedgedoc. ansible.builtin.template: src: hedgedoc.caddy.j2 dest: "{{ caddy_install_dir }}/config/hedgedoc.caddy" mode: "0600" setype: "container_file_t" selevel: "{{ caddy_selinux_level }}" owner: "{{ caddy_stat_config_dir.stat.uid }}" group: "{{ caddy_stat_config_dir.stat.gid }}" notify: "caddy config changed" become: true - name: Create hedgedoc postgres socket volume. ansible.builtin.template: src: hedgedoc-postgres-socket.volume dest: /etc/containers/systemd/hedgedoc-postgres-socket.volume owner: "root" group: "root" mode: "0644" become: true notify: - "hedgedoc service changed" - "hedgedoc postgres service changed" - name: Create hedgedoc container file. ansible.builtin.template: src: hedgedoc.container.j2 dest: /etc/containers/systemd/hedgedoc.container owner: "root" group: "root" mode: "0644" become: true notify: "hedgedoc service changed" - name: Create hedgedoc postgres container file. ansible.builtin.template: src: hedgedoc-postgres.container.j2 dest: /etc/containers/systemd/hedgedoc-postgres.container owner: "root" group: "root" mode: "0644" become: true notify: "hedgedoc postgres service changed" - name: Flush handlers ansible.builtin.meta: flush_handlers - name: Ensure hedgedoc services are started and enabled. ansible.builtin.systemd: state: started enabled: true name: "{{ item }}" daemon_reload: true loop: - hedgedoc.service - hedgedoc-postgres.service become: true