diff --git a/ansible/group_vars/gods/vars.yaml b/ansible/group_vars/gods/vars.yaml index e425179..89ae453 100644 --- a/ansible/group_vars/gods/vars.yaml +++ b/ansible/group_vars/gods/vars.yaml @@ -1,2 +1,15 @@ --- ansible_python_interpreter: /usr/bin/python3 +gods_users: + - name: postgres + uid: 70 + state: present + - name: hackmd + uid: 1500 + state: present + - name: gitea + uid: 42001 + state: present + - name: caddy + uid: 42002 + state: present diff --git a/ansible/playbooks/nanna-docker.yaml b/ansible/playbooks/nanna-docker.yaml index 30bc12c..6594064 100644 --- a/ansible/playbooks/nanna-docker.yaml +++ b/ansible/playbooks/nanna-docker.yaml @@ -1,28 +1,25 @@ --- - name: Update Docker configuration - hosts: nanna + hosts: gods tasks: + - name: Add groups + become: true + ansible.builtin.group: + name: "{{ item.name }}" + gid: "{{ item.uid }}" + state: "{{ item.state }}" + system: true + loop: "{{ gods_users }}" - name: Add users for running containers become: true ansible.builtin.user: name: "{{ item.name }}" uid: "{{ item.uid }}" + group: "{{ item.name }}" state: "{{ item.state }}" create_home: false system: true - loop: - - name: postgres - uid: 70 - state: present - - name: hackmd - uid: 1500 - state: present - - name: gitea - uid: 42001 - state: present - - name: caddy - uid: 42002 - state: present + loop: "{{ gods_users }}" - name: Create Caddy network become: true community.docker.docker_network: @@ -74,6 +71,8 @@ user: caddy - name: caddy_data user: caddy + - name: codi_uploads + user: hackmd # Since some docker-compose configuration might want to pull # images from the Gitea package repository, we need to ensure # that Gitea is reachable before those configurations are deployed. diff --git a/ansible/roles/docker/defaults/main.yaml b/ansible/roles/docker/defaults/main.yaml index 8e28402..dbf87dd 100644 --- a/ansible/roles/docker/defaults/main.yaml +++ b/ansible/roles/docker/defaults/main.yaml @@ -1,4 +1,3 @@ --- docker_apt_arch: "amd64" docker_ubuntu_release: "{{ ansible_distribution_release }}" -