saibotk-de/infrastructure
saibotk-de/infrastructure
1
0
Fork 0
Code Issues Pull requests Releases 42 Activity
infrastructure/roles/hedgedoc/tasks/main.yml

140 lines
4.1 KiB
YAML
Raw Permalink Blame History

- name: Update default SELinux contexts
community.general.sefcontext:
target: "{{ item.target }}"
setype: "container_file_t"
selevel: "{{ item.selevel }}"
state: present
loop:
- target: "{{ hedgedoc_install_dir }}/uploads(/.*)?"
selevel: "{{ hedgedoc_selinux_level }}"
- target: "{{ hedgedoc_install_dir }}/postgres(/.*)?"
selevel: "{{ hedgedoc_postgres_selinux_level }}"
become: true
notify: "hedgedoc selinux context changed"
- name: Create hedgedoc directories.
ansible.builtin.file:
path: "{{ hedgedoc_install_dir }}"
owner: "root"
group: "root"
mode: "0700"
state: directory
become: true
- name: Ensure hedgedoc data directories exist.
block:
- name: Stat hedgedoc uploads dir.
ansible.builtin.stat:
path: "{{ hedgedoc_install_dir }}/uploads"
become: true
register: hedgedoc_stat_uploads_dir
- name: Stat hedgedoc postgres dir.
ansible.builtin.stat:
path: "{{ hedgedoc_install_dir }}/postgres"
become: true
register: hedgedoc_stat_postgres_dir
- name: Create hedgedoc data directories.
ansible.builtin.file:
path: "{{ item.path }}"
state: directory
mode: "0700"
owner: "{{ item.owner }}"
group: "{{ item.group }}"
loop:
- path: "{{ hedgedoc_install_dir }}/uploads"
owner: "{{ hedgedoc_stat_uploads_dir.stat.uid | default('root') }}"
group: "{{ hedgedoc_stat_uploads_dir.stat.gid | default('root') }}"
- path: "{{ hedgedoc_install_dir }}/postgres"
owner: "{{ hedgedoc_stat_postgres_dir.stat.uid | default('root') }}"
group: "{{ hedgedoc_stat_postgres_dir.stat.gid | default('root') }}"
become: true
- name: Deploy hedgedoc environment file.
ansible.builtin.template:
src: hedgedoc.env.j2
dest: "{{ hedgedoc_install_dir }}/hedgedoc.env"
mode: "0600"
owner: "root"
group: "root"
become: true
notify:
- "hedgedoc service changed"
- name: Deploy postgres environment file.
ansible.builtin.template:
src: hedgedoc-postgres.env.j2
dest: "{{ hedgedoc_install_dir }}/hedgedoc-postgres.env"
mode: "0600"
owner: "root"
group: "root"
become: true
notify:
- "hedgedoc postgres service changed"
- name: Add caddy config file.
block:
- name: Check caddy config dir.
ansible.builtin.stat:
path: "{{ caddy_install_dir }}/config"
become: true
register: caddy_stat_config_dir
- name: Template caddy config for hedgedoc.
ansible.builtin.template:
src: hedgedoc.caddy.j2
dest: "{{ caddy_install_dir }}/config/hedgedoc.caddy"
mode: "0600"
setype: "container_file_t"
selevel: "{{ caddy_selinux_level }}"
owner: "{{ caddy_stat_config_dir.stat.uid }}"
group: "{{ caddy_stat_config_dir.stat.gid }}"
notify: "caddy config changed"
become: true
- name: Create hedgedoc postgres socket volume.
ansible.builtin.template:
src: hedgedoc-postgres-socket.volume
dest: /etc/containers/systemd/hedgedoc-postgres-socket.volume
owner: "root"
group: "root"
mode: "0644"
become: true
notify:
- "hedgedoc service changed"
- "hedgedoc postgres service changed"
- name: Create hedgedoc container file.
ansible.builtin.template:
src: hedgedoc.container.j2
dest: /etc/containers/systemd/hedgedoc.container
owner: "root"
group: "root"
mode: "0644"
become: true
notify: "hedgedoc service changed"
- name: Create hedgedoc postgres container file.
ansible.builtin.template:
src: hedgedoc-postgres.container.j2
dest: /etc/containers/systemd/hedgedoc-postgres.container
owner: "root"
group: "root"
mode: "0644"
become: true
notify: "hedgedoc postgres service changed"
- name: Flush handlers
ansible.builtin.meta: flush_handlers
- name: Ensure hedgedoc services are started and enabled.
ansible.builtin.systemd:
state: started
enabled: true
name: "{{ item }}"
daemon_reload: true
loop:
- hedgedoc.service
- hedgedoc-postgres.service
become: true
Reference in a new issue View git blame Copy permalink