Paul Brinkmeier
ef9d3d0beb
All checks were successful
continuous-integration/drone/push Build is passing
65 lines
1.7 KiB
YAML
65 lines
1.7 KiB
YAML
---
|
|
- name: Update Docker configuration on shamash
|
|
hosts: misc
|
|
tasks:
|
|
- name: Add users for running containers
|
|
become: true
|
|
ansible.builtin.user:
|
|
name: "{{ item.name }}"
|
|
uid: "{{ item.uid }}"
|
|
create_home: false
|
|
state: present
|
|
loop:
|
|
- name: jupyter
|
|
uid: 42000
|
|
state: present
|
|
- name: gitea
|
|
uid: 42001
|
|
state: present
|
|
# All services that are behind Caddy need to be in this network
|
|
- name: Create Caddy network
|
|
become: true
|
|
docker_network:
|
|
name: caddy-network
|
|
state: present
|
|
- name: Upload docker configuration
|
|
become: true
|
|
ansible.builtin.copy:
|
|
src: ../../docker
|
|
dest: /etc/pbri
|
|
# Files should inaccessible to non-root users.
|
|
mode: u=rw,g=,o=
|
|
# Directories should be listable
|
|
directory_mode: u=rwx,g=rx,o=rx
|
|
- name: Create directory for docker volumes
|
|
become: true
|
|
ansible.builtin.file:
|
|
path: /var/lib/pbri/docker
|
|
state: directory
|
|
# Hide contents from non-root users
|
|
mode: u=rwx,g=,o=
|
|
- name: Set up docker stuff
|
|
become: true
|
|
docker_compose:
|
|
project_src: "/etc/pbri/docker/{{ item.name }}"
|
|
state: "{{ item.state }}"
|
|
build: true
|
|
debug: true
|
|
loop:
|
|
- name: caddy
|
|
state: present
|
|
- name: gitea
|
|
state: present
|
|
- name: drone
|
|
state: present
|
|
- name: codi
|
|
state: present
|
|
- name: Add Notebooks folder
|
|
become: true
|
|
ansible.builtin.file:
|
|
path: /home/jupyter/Notebooks
|
|
owner: jupyter
|
|
group: jupyter
|
|
state: directory
|
|
mode: 0755
|