ansible-collection-uffd/roles/uffd/tasks/main.yml

---
- name: 'Install required software'
  become: true
  ansible.builtin.apt:
    name: 'podman'
    state: 'present'
    update_cache: true
    cache_valid_time: 3600

# Build image to run uffd in
- name: 'Create temporary build directory'
  become: true
  ansible.builtin.file:
    path: '{{ uffd_build_tempdir }}'
    state: 'directory'
    mode: 'u=rwx,g=rx,o=rx'

- name: 'Copy required files for image'
  become: true
  ansible.builtin.template:
    src: 'container/{{ item.file }}'
    dest: '{{ uffd_build_tempdir }}/{{ item.file }}'
    owner: 'root'
    group: 'root'
    mode: '{{ item.mode }}'
  loop:
    - file: 'cccv-archive.list'
      mode: 'u=rw,g=r,o=r'
    - file: 'cccv-archive-key.asc'
      mode: 'u=rw,g=r,o=r'
    - file: 'Containerfile'
      mode: 'u=rw,g=r,o=r'
    - file: 'entrypoint.sh'
      mode: 'u=rwx,g=rx,o=rx'

- name: 'Create uffd container'
  become: true
  containers.podman.podman_image:
    build:
      cache: false
      force_rm: true
      rm: true
    pull: false
    push: false
    force: '{{ uffd_build_force_rebuild }}'
    name: 'uffd'
    path: '{{ uffd_build_tempdir }}'

- name: 'Cleanup temporary build directory'
  become: true
  ansible.builtin.file:
    state: 'absent'
    path: '{{ uffd_build_tempdir }}'

# Create things needed by the uffd container
- name: 'Prepare uffd network'
  become: true
  containers.podman.podman_network:
    name: '{{ uffd_podman_network }}'
    state: 'present'

- name: 'Prepare uffd volumes'
  become: true
  containers.podman.podman_volume:
    name: '{{ item }}'
    state: 'present'
  loop:
    - '{{ uffd_static_files_volume }}'
    - '{{ uffd_data_volume }}'

- name: 'Create uffd data directory'
  become: true
  ansible.builtin.file:
    path: '{{ uffd_data_dir }}'
    state: 'directory'
    mode: 'u=rwx,g=rx,o=rx'

- name: 'Copy required files for uffd'
  become: true
  ansible.builtin.template:
    src: '{{ item.src }}'
    dest: '{{ item.dest }}'
    owner: 'root'
    group: 'root'
    mode: 'u=rw,g=r,o=r'
  notify: 'Restart uffd container'
  loop:
    - src: 'uffd/uffd.cfg'
      dest: '{{ uffd_data_dir }}/uffd.cfg'
    - src: 'systemd/container-uffd.service.j2'
      dest: '/etc/systemd/system/container-uffd.service'

- name: 'Start and enable uffd service'
  become: true
  ansible.builtin.systemd:
    name: 'container-uffd.service'
    state: 'started'
    daemon_reload: true
    enabled: true

### Create nginx frontend
- name: 'Copy required files for nginx'
  become: true
  ansible.builtin.template:
    src: '{{ item.src }}'
    dest: '{{ item.dest }}'
    owner: 'root'
    group: 'root'
    mode: 'u=rw,g=r,o=r'
  notify: 'Restart uffd nginx container'
  loop:
    - src: 'nginx/nginx.conf'
      dest: '{{ uffd_data_dir }}/nginx.conf'
    - src: 'systemd/container-uffd-nginx.service.j2'
      dest: '/etc/systemd/system/container-uffd-nginx.service'

- name: 'Start and enable uffd-nginx service'
  become: true
  ansible.builtin.systemd:
    name: 'container-uffd-nginx.service'
    state: 'started'
    daemon_reload: true
    enabled: true
First version of the uffd collection Signed-off-by: Nis Wechselberg <enbewe@enbewe.de> 2024-06-17 16:32:48 +02:00			`---`
			`- name: 'Install required software'`
			`become: true`
			`ansible.builtin.apt:`
			`name: 'podman'`
			`state: 'present'`
			`update_cache: true`
			`cache_valid_time: 3600`

			`# Build image to run uffd in`
			`- name: 'Create temporary build directory'`
			`become: true`
			`ansible.builtin.file:`
			`path: '{{ uffd_build_tempdir }}'`
			`state: 'directory'`
			`mode: 'u=rwx,g=rx,o=rx'`

			`- name: 'Copy required files for image'`
			`become: true`
			`ansible.builtin.template:`
			`src: 'container/{{ item.file }}'`
			`dest: '{{ uffd_build_tempdir }}/{{ item.file }}'`
			`owner: 'root'`
			`group: 'root'`
			`mode: '{{ item.mode }}'`
			`loop:`
			`- file: 'cccv-archive.list'`
			`mode: 'u=rw,g=r,o=r'`
			`- file: 'cccv-archive-key.asc'`
			`mode: 'u=rw,g=r,o=r'`
			`- file: 'Containerfile'`
			`mode: 'u=rw,g=r,o=r'`
			`- file: 'entrypoint.sh'`
			`mode: 'u=rwx,g=rx,o=rx'`

			`- name: 'Create uffd container'`
			`become: true`
			`containers.podman.podman_image:`
			`build:`
			`cache: false`
			`force_rm: true`
			`rm: true`
			`pull: false`
			`push: false`
			`force: '{{ uffd_build_force_rebuild }}'`
			`name: 'uffd'`
			`path: '{{ uffd_build_tempdir }}'`

			`- name: 'Cleanup temporary build directory'`
			`become: true`
			`ansible.builtin.file:`
			`state: 'absent'`
			`path: '{{ uffd_build_tempdir }}'`

			`# Create things needed by the uffd container`
			`- name: 'Prepare uffd network'`
			`become: true`
			`containers.podman.podman_network:`
			`name: '{{ uffd_podman_network }}'`
			`state: 'present'`

			`- name: 'Prepare uffd volumes'`
			`become: true`
			`containers.podman.podman_volume:`
			`name: '{{ item }}'`
			`state: 'present'`
			`loop:`
			`- '{{ uffd_static_files_volume }}'`
			`- '{{ uffd_data_volume }}'`

			`- name: 'Create uffd data directory'`
			`become: true`
			`ansible.builtin.file:`
			`path: '{{ uffd_data_dir }}'`
			`state: 'directory'`
			`mode: 'u=rwx,g=rx,o=rx'`

			`- name: 'Copy required files for uffd'`
			`become: true`
			`ansible.builtin.template:`
			`src: '{{ item.src }}'`
			`dest: '{{ item.dest }}'`
			`owner: 'root'`
			`group: 'root'`
			`mode: 'u=rw,g=r,o=r'`
			`notify: 'Restart uffd container'`
			`loop:`
			`- src: 'uffd/uffd.cfg'`
			`dest: '{{ uffd_data_dir }}/uffd.cfg'`
			`- src: 'systemd/container-uffd.service.j2'`
			`dest: '/etc/systemd/system/container-uffd.service'`

			`- name: 'Start and enable uffd service'`
			`become: true`
			`ansible.builtin.systemd:`
			`name: 'container-uffd.service'`
			`state: 'started'`
			`daemon_reload: true`
			`enabled: true`

			`### Create nginx frontend`
			`- name: 'Copy required files for nginx'`
			`become: true`
			`ansible.builtin.template:`
			`src: '{{ item.src }}'`
			`dest: '{{ item.dest }}'`
			`owner: 'root'`
			`group: 'root'`
			`mode: 'u=rw,g=r,o=r'`
			`notify: 'Restart uffd nginx container'`
			`loop:`
			`- src: 'nginx/nginx.conf'`
			`dest: '{{ uffd_data_dir }}/nginx.conf'`
			`- src: 'systemd/container-uffd-nginx.service.j2'`
			`dest: '/etc/systemd/system/container-uffd-nginx.service'`

			`- name: 'Start and enable uffd-nginx service'`
			`become: true`
			`ansible.builtin.systemd:`
			`name: 'container-uffd-nginx.service'`
			`state: 'started'`
			`daemon_reload: true`
			`enabled: true`