From 496028663236bfc417a9830f1cce253b7b789686 Mon Sep 17 00:00:00 2001 From: Anarion Date: Wed, 8 Mar 2023 21:47:39 +0100 Subject: [PATCH] First portion of migration freshrss, get_iplayer, gitlab, glances, gotify, guacamole, healthchecks.io --- ansible-nas.code-workspace | 15 +++ nas.yml | 7 -- roles/freshrss/defaults/main.yml | 5 + roles/freshrss/docs/freshrss.md | 21 ++++ roles/freshrss/molecule/default/molecule.yml | 6 + .../freshrss/molecule/default/side_effect.yml | 10 ++ roles/freshrss/molecule/default/verify.yml | 19 +++ .../molecule/default/verify_stopped.yml | 19 +++ roles/freshrss/tasks/main.yml | 72 ++++++----- roles/get_iplayer/defaults/main.yml | 5 + roles/get_iplayer/docs/get_iplayer.md | 11 ++ .../get_iplayer/molecule/default/molecule.yml | 6 + .../molecule/default/side_effect.yml | 10 ++ roles/get_iplayer/molecule/default/verify.yml | 19 +++ .../molecule/default/verify_stopped.yml | 19 +++ roles/get_iplayer/tasks/main.yml | 50 +++++--- roles/gitlab/defaults/main.yml | 7 ++ roles/gitlab/docs/gitlab.md | 13 ++ roles/gitlab/molecule/default/molecule.yml | 6 + roles/gitlab/molecule/default/side_effect.yml | 10 ++ roles/gitlab/molecule/default/verify.yml | 19 +++ .../molecule/default/verify_stopped.yml | 19 +++ roles/gitlab/tasks/main.yml | 118 ++++++++++-------- roles/glances/defaults/main.yml | 5 + roles/glances/docs/glances.md | 15 +++ roles/glances/molecule/default/molecule.yml | 6 + .../glances/molecule/default/side_effect.yml | 10 ++ roles/glances/molecule/default/verify.yml | 19 +++ .../molecule/default/verify_stopped.yml | 19 +++ roles/glances/tasks/main.yml | 60 +++++---- roles/gotify/defaults/main.yml | 8 +- roles/gotify/docs/gotify.md | 16 +++ roles/gotify/molecule/default/molecule.yml | 6 + roles/gotify/molecule/default/side_effect.yml | 10 ++ roles/gotify/molecule/default/verify.yml | 19 +++ .../molecule/default/verify_stopped.yml | 19 +++ roles/gotify/tasks/main.yml | 70 ++++++----- roles/guacamole/defaults/main.yml | 5 + roles/guacamole/docs/guacamole.md | 17 +++ roles/guacamole/molecule/default/molecule.yml | 6 + .../molecule/default/side_effect.yml | 10 ++ roles/guacamole/molecule/default/verify.yml | 19 +++ .../molecule/default/verify_stopped.yml | 19 +++ roles/guacamole/tasks/main.yml | 102 ++++++++------- roles/healthchecks.io/docs/healthchecks.io.md | 11 ++ .../molecule/default/molecule.yml | 6 + .../molecule/default/side_effect.yml | 10 ++ .../molecule/default/verify.yml | 19 +++ .../molecule/default/verify_stopped.yml | 19 +++ roles/healthchecks.io/tasks/main.yml | 24 +++- 50 files changed, 818 insertions(+), 217 deletions(-) create mode 100644 ansible-nas.code-workspace create mode 100644 roles/freshrss/docs/freshrss.md create mode 100644 roles/freshrss/molecule/default/molecule.yml create mode 100644 roles/freshrss/molecule/default/side_effect.yml create mode 100644 roles/freshrss/molecule/default/verify.yml create mode 100644 roles/freshrss/molecule/default/verify_stopped.yml create mode 100644 roles/get_iplayer/docs/get_iplayer.md create mode 100644 roles/get_iplayer/molecule/default/molecule.yml create mode 100644 roles/get_iplayer/molecule/default/side_effect.yml create mode 100644 roles/get_iplayer/molecule/default/verify.yml create mode 100644 roles/get_iplayer/molecule/default/verify_stopped.yml create mode 100644 roles/gitlab/docs/gitlab.md create mode 100644 roles/gitlab/molecule/default/molecule.yml create mode 100644 roles/gitlab/molecule/default/side_effect.yml create mode 100644 roles/gitlab/molecule/default/verify.yml create mode 100644 roles/gitlab/molecule/default/verify_stopped.yml create mode 100644 roles/glances/docs/glances.md create mode 100644 roles/glances/molecule/default/molecule.yml create mode 100644 roles/glances/molecule/default/side_effect.yml create mode 100644 roles/glances/molecule/default/verify.yml create mode 100644 roles/glances/molecule/default/verify_stopped.yml create mode 100644 roles/gotify/docs/gotify.md create mode 100644 roles/gotify/molecule/default/molecule.yml create mode 100644 roles/gotify/molecule/default/side_effect.yml create mode 100644 roles/gotify/molecule/default/verify.yml create mode 100644 roles/gotify/molecule/default/verify_stopped.yml create mode 100644 roles/guacamole/docs/guacamole.md create mode 100644 roles/guacamole/molecule/default/molecule.yml create mode 100644 roles/guacamole/molecule/default/side_effect.yml create mode 100644 roles/guacamole/molecule/default/verify.yml create mode 100644 roles/guacamole/molecule/default/verify_stopped.yml create mode 100644 roles/healthchecks.io/docs/healthchecks.io.md create mode 100644 roles/healthchecks.io/molecule/default/molecule.yml create mode 100644 roles/healthchecks.io/molecule/default/side_effect.yml create mode 100644 roles/healthchecks.io/molecule/default/verify.yml create mode 100644 roles/healthchecks.io/molecule/default/verify_stopped.yml diff --git a/ansible-nas.code-workspace b/ansible-nas.code-workspace new file mode 100644 index 00000000..cec4ab85 --- /dev/null +++ b/ansible-nas.code-workspace @@ -0,0 +1,15 @@ +{ + "folders": [ + { + "path": "." + } + ], + "settings": { + "yaml.schemas": { + "https://raw.githubusercontent.com/ansible/ansible-lint/main/src/ansiblelint/schemas/ansible.json#/$defs/tasks": "file:///c%3A/Users/anarion/Documents/repos/ansible-nas/roles/immich/tasks/main.yml" + }, + "files.associations": { + "*.yaml": "home-assistant" + } + }, +} \ No newline at end of file diff --git a/nas.yml b/nas.yml index b71dcd39..bf2eff18 100644 --- a/nas.yml +++ b/nas.yml @@ -116,12 +116,10 @@ - role: freshrss tags: - freshrss - when: (freshrss_enabled | default(False)) - role: get_iplayer tags: - get_iplayer - when: (get_iplayer_enabled | default(False)) - role: gitea tags: @@ -130,27 +128,22 @@ - role: gitlab tags: - gitlab - when: (gitlab_enabled | default(False)) - role: glances tags: - glances - when: (glances_enabled | default(False)) - role: gotify tags: - gotify - when: (gotify_enabled | default(False)) - role: guacamole tags: - guacamole - when: (guacamole_enabled | default(False)) - role: healthchecks.io tags: - healthchecks.io - when: (healthchecks_enabled | default(False)) - role: heimdall tags: diff --git a/roles/freshrss/defaults/main.yml b/roles/freshrss/defaults/main.yml index a662c442..9dcc3401 100644 --- a/roles/freshrss/defaults/main.yml +++ b/roles/freshrss/defaults/main.yml @@ -10,5 +10,10 @@ freshrss_extensions_directory: "{{ docker_home }}/freshrss" freshrss_port: "8089" freshrss_hostname: "freshrss" +# docker +freshrss_container_name: freshrss +freshrss_image_name: "freshrss/freshrss" +freshrss_image_version: latest + # specs freshrss_memory: 1g diff --git a/roles/freshrss/docs/freshrss.md b/roles/freshrss/docs/freshrss.md new file mode 100644 index 00000000..d9cc30c9 --- /dev/null +++ b/roles/freshrss/docs/freshrss.md @@ -0,0 +1,21 @@ +# Freshrss + +Homepage: + +FreshRSS is a self-hosted RSS feed aggregator like Leed or Kriss Feed. + +It is lightweight, easy to work with, powerful, and customizable. + +It is a multi-user application with an anonymous reading mode. It supports custom tags. There is an API for (mobile) clients, and a Command-Line Interface. + +Thanks to the WebSub standard (formerly PubSubHubbub), FreshRSS is able to receive instant push notifications from compatible sources, such as Mastodon, Friendica, WordPress, Blogger, FeedBurner, etc. + +FreshRSS natively supports basic Web scraping, based on XPath, for Web sites not providing any RSS / Atom feed. + +Finally, it supports extensions for further tuning. + +## Usage + +Set `freshrss_enabled: true` in your `inventories//nas.yml` file. + +The FreshRSS web interface can be found at . diff --git a/roles/freshrss/molecule/default/molecule.yml b/roles/freshrss/molecule/default/molecule.yml new file mode 100644 index 00000000..76523f3f --- /dev/null +++ b/roles/freshrss/molecule/default/molecule.yml @@ -0,0 +1,6 @@ +--- +provisioner: + inventory: + group_vars: + all: + freshrss_enabled: true diff --git a/roles/freshrss/molecule/default/side_effect.yml b/roles/freshrss/molecule/default/side_effect.yml new file mode 100644 index 00000000..da69dc58 --- /dev/null +++ b/roles/freshrss/molecule/default/side_effect.yml @@ -0,0 +1,10 @@ +--- +- name: Stop + hosts: all + become: true + tasks: + - name: "Include {{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }} role" + ansible.builtin.include_role: + name: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }}" + vars: + freshrss_enabled: false diff --git a/roles/freshrss/molecule/default/verify.yml b/roles/freshrss/molecule/default/verify.yml new file mode 100644 index 00000000..08aa5cca --- /dev/null +++ b/roles/freshrss/molecule/default/verify.yml @@ -0,0 +1,19 @@ +--- +- name: Verify + hosts: all + gather_facts: false + tasks: + - name: Include vars + ansible.builtin.include_vars: + file: ../../defaults/main.yml + + - name: Get freshrss container state + community.docker.docker_container: + name: "{{ freshrss_container_name }}" + register: result + + - name: Check if freshrss containers are running + ansible.builtin.assert: + that: + - result.container['State']['Status'] == "running" + - result.container['State']['Restarting'] == false diff --git a/roles/freshrss/molecule/default/verify_stopped.yml b/roles/freshrss/molecule/default/verify_stopped.yml new file mode 100644 index 00000000..f25fad5b --- /dev/null +++ b/roles/freshrss/molecule/default/verify_stopped.yml @@ -0,0 +1,19 @@ +--- +- name: Verify + hosts: all + gather_facts: false + tasks: + - name: Include vars + ansible.builtin.include_vars: + file: ../../defaults/main.yml + + - name: Try and stop and remove freshrss + community.docker.docker_container: + name: "{{ freshrss_container_name }}" + state: absent + register: result + + - name: Check if freshrss is stopped + ansible.builtin.assert: + that: + - not result.changed diff --git a/roles/freshrss/tasks/main.yml b/roles/freshrss/tasks/main.yml index c39bd64d..74494d2c 100644 --- a/roles/freshrss/tasks/main.yml +++ b/roles/freshrss/tasks/main.yml @@ -1,32 +1,44 @@ --- -- name: Create FreshRSS Directories - file: - path: "{{ item }}" - state: directory - # mode: 0755 - with_items: - - "{{ freshrss_data_directory }}/data" - - "{{ freshrss_extensions_directory }}/extensions" +- name: Start FreshRSS + block: + - name: Create FreshRSS Directories + ansible.builtin.file: + path: "{{ item }}" + state: directory + with_items: + - "{{ freshrss_data_directory }}/data" + - "{{ freshrss_extensions_directory }}/extensions" -- name: FreshRSS Docker Container - docker_container: - name: freshrss - image: freshrss/freshrss - pull: true - volumes: - - "{{ freshrss_data_directory }}/data:/var/www/FreshRSS/data:rw" - - "{{ freshrss_extensions_directory }}/extensions:/var/www/FreshRSS/extensions:rw" - ports: - - "{{ freshrss_port }}:80" - env: - TZ: "{{ ansible_nas_timezone }}" - CRON_MIN: "1,31" - restart_policy: unless-stopped - memory: "{{ freshrss_memory }}" - labels: - traefik.enable: "{{ freshrss_available_externally | string }}" - traefik.http.routers.freshrss.rule: "Host(`{{ freshrss_hostname }}.{{ ansible_nas_domain }}`)" - traefik.http.routers.freshrss.tls.certresolver: "letsencrypt" - traefik.http.routers.freshrss.tls.domains[0].main: "{{ ansible_nas_domain }}" - traefik.http.routers.freshrss.tls.domains[0].sans: "*.{{ ansible_nas_domain }}" - traefik.http.services.freshrss.loadbalancer.server.port: "80" + - name: FreshRSS Docker Container + community.docker.docker_container: + container_default_behavior: no_defaults + name: "{{ freshrss_container_name }}" + image: "{{ freshrss_image_name }}:{{ freshrss_image_version }}" + pull: true + volumes: + - "{{ freshrss_data_directory }}/data:/var/www/FreshRSS/data:rw" + - "{{ freshrss_extensions_directory }}/extensions:/var/www/FreshRSS/extensions:rw" + ports: + - "{{ freshrss_port }}:80" + env: + TZ: "{{ ansible_nas_timezone }}" + CRON_MIN: "1,31" + restart_policy: unless-stopped + memory: "{{ freshrss_memory }}" + labels: + traefik.enable: "{{ freshrss_available_externally | string }}" + traefik.http.routers.freshrss.rule: "Host(`{{ freshrss_hostname }}.{{ ansible_nas_domain }}`)" + traefik.http.routers.freshrss.tls.certresolver: "letsencrypt" + traefik.http.routers.freshrss.tls.domains[0].main: "{{ ansible_nas_domain }}" + traefik.http.routers.freshrss.tls.domains[0].sans: "*.{{ ansible_nas_domain }}" + traefik.http.services.freshrss.loadbalancer.server.port: "80" + when: freshrss_enabled is true + + +- name: Stop FreshRSS + block: + - name: Stop FreshRSS + community.docker.docker_container: + name: "{{ freshrss_container_name }}" + state: absent + when: freshrss_enabled is false diff --git a/roles/get_iplayer/defaults/main.yml b/roles/get_iplayer/defaults/main.yml index c45a0124..56aac558 100644 --- a/roles/get_iplayer/defaults/main.yml +++ b/roles/get_iplayer/defaults/main.yml @@ -8,5 +8,10 @@ get_iplayer_download_directory: "{{ tv_root }}/iplayer_downloads" # network get_iplayer_port: "8182" +# docker +get_iplayer_container_name: "get_iplayer" +get_iplayer_image_name: "kolonuk/get_iplayer" +get_iplayer_image_version: "latest" + # specs get_iplayer_memory: "1g" diff --git a/roles/get_iplayer/docs/get_iplayer.md b/roles/get_iplayer/docs/get_iplayer.md new file mode 100644 index 00000000..48173c24 --- /dev/null +++ b/roles/get_iplayer/docs/get_iplayer.md @@ -0,0 +1,11 @@ +# Get_iPlayer + +Homepage: + +Downloads TV and radio programmes from BBC iPlayer. + +## Usage + +Set `get_iplayer_enabled: true` in your `inventories//nas.yml` file. + +The get_iplayer web interface can be found at . diff --git a/roles/get_iplayer/molecule/default/molecule.yml b/roles/get_iplayer/molecule/default/molecule.yml new file mode 100644 index 00000000..02aa4913 --- /dev/null +++ b/roles/get_iplayer/molecule/default/molecule.yml @@ -0,0 +1,6 @@ +--- +provisioner: + inventory: + group_vars: + all: + get_iplayer_enabled: true diff --git a/roles/get_iplayer/molecule/default/side_effect.yml b/roles/get_iplayer/molecule/default/side_effect.yml new file mode 100644 index 00000000..b8671855 --- /dev/null +++ b/roles/get_iplayer/molecule/default/side_effect.yml @@ -0,0 +1,10 @@ +--- +- name: Stop + hosts: all + become: true + tasks: + - name: "Include {{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }} role" + ansible.builtin.include_role: + name: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }}" + vars: + get_iplayer_enabled: false diff --git a/roles/get_iplayer/molecule/default/verify.yml b/roles/get_iplayer/molecule/default/verify.yml new file mode 100644 index 00000000..e702ec7b --- /dev/null +++ b/roles/get_iplayer/molecule/default/verify.yml @@ -0,0 +1,19 @@ +--- +- name: Verify + hosts: all + gather_facts: false + tasks: + - name: Include vars + ansible.builtin.include_vars: + file: ../../defaults/main.yml + + - name: Get get_iplayer container state + community.docker.docker_container: + name: "{{ get_iplayer_container_name }}" + register: result + + - name: Check if get_iplayer containers are running + ansible.builtin.assert: + that: + - result.container['State']['Status'] == "running" + - result.container['State']['Restarting'] == false diff --git a/roles/get_iplayer/molecule/default/verify_stopped.yml b/roles/get_iplayer/molecule/default/verify_stopped.yml new file mode 100644 index 00000000..dfe21621 --- /dev/null +++ b/roles/get_iplayer/molecule/default/verify_stopped.yml @@ -0,0 +1,19 @@ +--- +- name: Verify + hosts: all + gather_facts: false + tasks: + - name: Include vars + ansible.builtin.include_vars: + file: ../../defaults/main.yml + + - name: Try and stop and remove get_iplayer + community.docker.docker_container: + name: "{{ get_iplayer_container_name }}" + state: absent + register: result + + - name: Check if get_iplayer is stopped + ansible.builtin.assert: + that: + - not result.changed diff --git a/roles/get_iplayer/tasks/main.yml b/roles/get_iplayer/tasks/main.yml index 4f05f6e9..4db0cb8f 100644 --- a/roles/get_iplayer/tasks/main.yml +++ b/roles/get_iplayer/tasks/main.yml @@ -1,21 +1,33 @@ --- -- name: Create get_iplayer Directories - file: - path: "{{ item }}" - state: directory - with_items: - - "{{ get_iplayer_config_directory }}" - - "{{ get_iplayer_download_directory }}" +- name: Start get_iplayer + block: + - name: Create get_iplayer Directories + ansible.builtin.file: + path: "{{ item }}" + state: directory + with_items: + - "{{ get_iplayer_config_directory }}" + - "{{ get_iplayer_download_directory }}" -- name: Get_iplayer Docker Container - docker_container: - name: get_iplayer - image: kolonuk/get_iplayer - pull: true - volumes: - - "{{ get_iplayer_config_directory }}:/root/.get_iplayer:rw" - - "{{ get_iplayer_download_directory }}:/root/output:rw" - ports: - - "{{ get_iplayer_port }}:8181" - restart_policy: unless-stopped - memory: "{{ get_iplayer_memory }}" + - name: Create get_iplayer Docker Container + community.docker.docker_container: + container_default_behavior: no_defaults + name: "{{ get_iplayer_container_name }}" + image: "{{ get_iplayer_image_name }}:{{ get_iplayer_image_version }}" + pull: true + volumes: + - "{{ get_iplayer_config_directory }}:/root/.get_iplayer:rw" + - "{{ get_iplayer_download_directory }}:/root/output:rw" + ports: + - "{{ get_iplayer_port }}:8181" + restart_policy: unless-stopped + memory: "{{ get_iplayer_memory }}" + when: get_iplayer_enabled is true + +- name: Stop get_iplayer + block: + - name: Stop get_iplayer + community.docker.docker_container: + name: "{{ get_iplayer_container_name }}" + state: absent + when: get_iplayer_enabled is false diff --git a/roles/gitlab/defaults/main.yml b/roles/gitlab/defaults/main.yml index d663eb2f..db33f9d7 100644 --- a/roles/gitlab/defaults/main.yml +++ b/roles/gitlab/defaults/main.yml @@ -12,5 +12,12 @@ gitlab_port_http: "4080" gitlab_port_https: "4443" gitlab_port_ssh: "422" +# docker +gitlab_container_name: "gitlab" +gitlab_image_name: "gitlab/gitlab-ce" +gitlab_image_version: "latest" +gitlab_user_id: "1000" +gitlab_group_id: "1000" + # specs gitlab_memory: "4g" diff --git a/roles/gitlab/docs/gitlab.md b/roles/gitlab/docs/gitlab.md new file mode 100644 index 00000000..f1b6873f --- /dev/null +++ b/roles/gitlab/docs/gitlab.md @@ -0,0 +1,13 @@ +# GitLab + +Homepage: + +If Gitea isn't powerful enough for you then consider GitLab. It's a much more powerful (and consequently bigger) Git repository solution that includes a suite of code analytics. On the other hand it requires more RAM. + +## Usage + +Set `gitlab_enabled: true` in your `inventories//nas.yml` file. + +To make GitLab available externally via Traefik set `gitlab_available_externally: true` in your `inventories//nas.yml` file. + +The first time you run GitLab you'll be prompted for an account's password. The password is for GitLab's `root` administrator account. From there you can log in to create additional users and further configure the application. diff --git a/roles/gitlab/molecule/default/molecule.yml b/roles/gitlab/molecule/default/molecule.yml new file mode 100644 index 00000000..177a9b8c --- /dev/null +++ b/roles/gitlab/molecule/default/molecule.yml @@ -0,0 +1,6 @@ +--- +provisioner: + inventory: + group_vars: + all: + gitlab_enabled: true diff --git a/roles/gitlab/molecule/default/side_effect.yml b/roles/gitlab/molecule/default/side_effect.yml new file mode 100644 index 00000000..1c319b01 --- /dev/null +++ b/roles/gitlab/molecule/default/side_effect.yml @@ -0,0 +1,10 @@ +--- +- name: Stop + hosts: all + become: true + tasks: + - name: "Include {{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }} role" + ansible.builtin.include_role: + name: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }}" + vars: + gitlab_enabled: false diff --git a/roles/gitlab/molecule/default/verify.yml b/roles/gitlab/molecule/default/verify.yml new file mode 100644 index 00000000..318e6b65 --- /dev/null +++ b/roles/gitlab/molecule/default/verify.yml @@ -0,0 +1,19 @@ +--- +- name: Verify + hosts: all + gather_facts: false + tasks: + - name: Include vars + ansible.builtin.include_vars: + file: ../../defaults/main.yml + + - name: Get gitlab container state + community.docker.docker_container: + name: "{{ gitlab_container_name }}" + register: result + + - name: Check if gitlab containers are running + ansible.builtin.assert: + that: + - result.container['State']['Status'] == "running" + - result.container['State']['Restarting'] == false diff --git a/roles/gitlab/molecule/default/verify_stopped.yml b/roles/gitlab/molecule/default/verify_stopped.yml new file mode 100644 index 00000000..46bcc078 --- /dev/null +++ b/roles/gitlab/molecule/default/verify_stopped.yml @@ -0,0 +1,19 @@ +--- +- name: Verify + hosts: all + gather_facts: false + tasks: + - name: Include vars + ansible.builtin.include_vars: + file: ../../defaults/main.yml + + - name: Try and stop and remove gitlab + community.docker.docker_container: + name: "{{ gitlab_container_name }}" + state: absent + register: result + + - name: Check if gitlab is stopped + ansible.builtin.assert: + that: + - not result.changed diff --git a/roles/gitlab/tasks/main.yml b/roles/gitlab/tasks/main.yml index 31f2d4c9..549da0b2 100644 --- a/roles/gitlab/tasks/main.yml +++ b/roles/gitlab/tasks/main.yml @@ -1,57 +1,69 @@ --- -# The gitlab uid/gid matches 'git:git' in the Gitlab Docker image. -- name: Create Gitlab group account - group: - name: gitlab - gid: 998 - state: present +- name: Start Gitlab + block: + # The gitlab uid/gid matches 'git:git' in the Gitlab Docker image. + - name: Create Gitlab group account + group: + name: gitlab + gid: 998 + state: present -- name: Create Gitlab user account - user: - name: gitlab - uid: 998 - state: present - system: yes - update_password: on_create - create_home: no - group: gitlab + - name: Create Gitlab user account + user: + name: gitlab + uid: 998 + state: present + system: yes + update_password: on_create + create_home: no + group: gitlab -- name: Create Gitlab Directories - file: - path: "{{ item }}" - state: directory - owner: gitlab - group: gitlab - with_items: - - "{{ gitlab_data_directory }}/config" - - "{{ gitlab_data_directory }}/log" - - "{{ gitlab_data_directory }}/data" + - name: Create Gitlab Directories + file: + path: "{{ item }}" + state: directory + owner: gitlab + group: gitlab + with_items: + - "{{ gitlab_data_directory }}/config" + - "{{ gitlab_data_directory }}/log" + - "{{ gitlab_data_directory }}/data" -- name: Create Gitlab Docker Container - docker_container: - name: gitlab - image: gitlab/gitlab-ce:latest - pull: true - volumes: - - "{{ gitlab_data_directory }}/config:/etc/gitlab:rw" - - "{{ gitlab_data_directory }}/log:/var/log/gitlab:rw" - - "{{ gitlab_data_directory }}/data:/var/opt/gitlab:rw" - network_mode: "bridge" - ports: - - "{{ gitlab_port_http }}:80" - - "{{ gitlab_port_https }}:443" - - "{{ gitlab_port_ssh }}:22" - env: - TZ: "{{ ansible_nas_timezone }}" - PUID: "{{ gitlab_user_id }}" - PGID: "{{ gitlab_group_id }}" - restart_policy: unless-stopped - hostname: "{{ gitlab_hostname }}.{{ ansible_nas_domain }}" - memory: "{{ gitlab_memory }}" - labels: - traefik.enable: "{{ gitlab_available_externally | string }}" - traefik.http.routers.gitlab.rule: "Host(`{{ gitlab_hostname }}.{{ ansible_nas_domain }}`)" - traefik.http.routers.gitlab.tls.certresolver: "letsencrypt" - traefik.http.routers.gitlab.tls.domains[0].main: "{{ ansible_nas_domain }}" - traefik.http.routers.gitlab.tls.domains[0].sans: "*.{{ ansible_nas_domain }}" - traefik.http.services.gitlab.loadbalancer.server.port: "80" + - name: Create Gitlab Docker Container + community.docker.docker_container: + container_default_behavior: no_defaults + name: "{{ gitlab_container_name }}" + image: "{{ gitlab_image_name }}:{{ gitlab_image_version }}" + pull: true + volumes: + - "{{ gitlab_data_directory }}/config:/etc/gitlab:rw" + - "{{ gitlab_data_directory }}/log:/var/log/gitlab:rw" + - "{{ gitlab_data_directory }}/data:/var/opt/gitlab:rw" + network_mode: "bridge" + ports: + - "{{ gitlab_port_http }}:80" + - "{{ gitlab_port_https }}:443" + - "{{ gitlab_port_ssh }}:22" + env: + TZ: "{{ ansible_nas_timezone }}" + PUID: "{{ gitlab_user_id }}" + PGID: "{{ gitlab_group_id }}" + restart_policy: unless-stopped + hostname: "{{ gitlab_hostname }}.{{ ansible_nas_domain }}" + memory: "{{ gitlab_memory }}" + labels: + traefik.enable: "{{ gitlab_available_externally | string }}" + traefik.http.routers.gitlab.rule: "Host(`{{ gitlab_hostname }}.{{ ansible_nas_domain }}`)" + traefik.http.routers.gitlab.tls.certresolver: "letsencrypt" + traefik.http.routers.gitlab.tls.domains[0].main: "{{ ansible_nas_domain }}" + traefik.http.routers.gitlab.tls.domains[0].sans: "*.{{ ansible_nas_domain }}" + traefik.http.services.gitlab.loadbalancer.server.port: "80" + when: gitlab_enabled is true + +- name: Stop Gitlab + block: + - name: Stop Gitlab + community.docker.docker_container: + name: "{{ gitlab_container_name }}" + state: absent + when: gitlab_enabled is false diff --git a/roles/glances/defaults/main.yml b/roles/glances/defaults/main.yml index d5fbc587..f54f5bea 100644 --- a/roles/glances/defaults/main.yml +++ b/roles/glances/defaults/main.yml @@ -12,5 +12,10 @@ glances_port_two: "61209" glances_security_options: - "apparmor=unconfined" +# docker +glances_container_name: "glances" +glances_image_name: "nicolargo/glances" +glances_image_version: "latest" + # specs glances_memory: 1g diff --git a/roles/glances/docs/glances.md b/roles/glances/docs/glances.md new file mode 100644 index 00000000..382a5490 --- /dev/null +++ b/roles/glances/docs/glances.md @@ -0,0 +1,15 @@ +# Glances + +Homepage: + +Glances is a cross-platform system monitoring tool written in Python. + +## Usage + +Set `glances_enabled: true` in your `inventories//nas.yml` file. + +The Glances web interface can be found at . + +## Specific Configuration + +Glances can be integrated with InfluxDB and Grafana. diff --git a/roles/glances/molecule/default/molecule.yml b/roles/glances/molecule/default/molecule.yml new file mode 100644 index 00000000..425b90c9 --- /dev/null +++ b/roles/glances/molecule/default/molecule.yml @@ -0,0 +1,6 @@ +--- +provisioner: + inventory: + group_vars: + all: + glances_enabled: true diff --git a/roles/glances/molecule/default/side_effect.yml b/roles/glances/molecule/default/side_effect.yml new file mode 100644 index 00000000..b1924b70 --- /dev/null +++ b/roles/glances/molecule/default/side_effect.yml @@ -0,0 +1,10 @@ +--- +- name: Stop + hosts: all + become: true + tasks: + - name: "Include {{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }} role" + ansible.builtin.include_role: + name: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }}" + vars: + glances_enabled: false diff --git a/roles/glances/molecule/default/verify.yml b/roles/glances/molecule/default/verify.yml new file mode 100644 index 00000000..2a9e2cc2 --- /dev/null +++ b/roles/glances/molecule/default/verify.yml @@ -0,0 +1,19 @@ +--- +- name: Verify + hosts: all + gather_facts: false + tasks: + - name: Include vars + ansible.builtin.include_vars: + file: ../../defaults/main.yml + + - name: Get glances container state + community.docker.docker_container: + name: "{{ glances_container_name }}" + register: result + + - name: Check if glances containers are running + ansible.builtin.assert: + that: + - result.container['State']['Status'] == "running" + - result.container['State']['Restarting'] == false diff --git a/roles/glances/molecule/default/verify_stopped.yml b/roles/glances/molecule/default/verify_stopped.yml new file mode 100644 index 00000000..5fcee409 --- /dev/null +++ b/roles/glances/molecule/default/verify_stopped.yml @@ -0,0 +1,19 @@ +--- +- name: Verify + hosts: all + gather_facts: false + tasks: + - name: Include vars + ansible.builtin.include_vars: + file: ../../defaults/main.yml + + - name: Try and stop and remove glances + community.docker.docker_container: + name: "{{ glances_container_name }}" + state: absent + register: result + + - name: Check if glances is stopped + ansible.builtin.assert: + that: + - not result.changed diff --git a/roles/glances/tasks/main.yml b/roles/glances/tasks/main.yml index f732f268..a89a7f24 100644 --- a/roles/glances/tasks/main.yml +++ b/roles/glances/tasks/main.yml @@ -1,25 +1,37 @@ --- -- name: Create Glances Docker Container - docker_container: - name: glances - image: nicolargo/glances - pull: true - volumes: - - "/var/run/docker.sock:/var/run/docker.sock:ro" - - "/etc/timezone:/etc/timezone:ro" - pid_mode: host - ports: - - "{{ glances_port_one }}:61208" - - "{{ glances_port_two }}:61209" - env: - GLANCES_OPT: "-w" - restart_policy: unless-stopped - security_opts: "{{ glances_security_options }}" - memory: "{{ glances_memory }}" - labels: - traefik.enable: "{{ glances_available_externally | string }}" - traefik.http.routers.glances.rule: "Host(`{{ glances_hostname }}.{{ ansible_nas_domain }}`)" - traefik.http.routers.glances.tls.certresolver: "letsencrypt" - traefik.http.routers.glances.tls.domains[0].main: "{{ ansible_nas_domain }}" - traefik.http.routers.glances.tls.domains[0].sans: "*.{{ ansible_nas_domain }}" - traefik.http.services.glances.loadbalancer.server.port: "61208" +- name: Start Glances + block: + - name: Create Glances Docker Container + community.docker.docker_container: + container_default_behavior: no_defaults + name: "{{ glances_container_name }}" + image: "{{ glances_image_name }}:{{ glances_image_version }}" + pull: true + volumes: + - "/var/run/docker.sock:/var/run/docker.sock:ro" + - "/etc/timezone:/etc/timezone:ro" + pid_mode: host + ports: + - "{{ glances_port_one }}:61208" + - "{{ glances_port_two }}:61209" + env: + GLANCES_OPT: "-w" + restart_policy: unless-stopped + security_opts: "{{ glances_security_options }}" + memory: "{{ glances_memory }}" + labels: + traefik.enable: "{{ glances_available_externally | string }}" + traefik.http.routers.glances.rule: "Host(`{{ glances_hostname }}.{{ ansible_nas_domain }}`)" + traefik.http.routers.glances.tls.certresolver: "letsencrypt" + traefik.http.routers.glances.tls.domains[0].main: "{{ ansible_nas_domain }}" + traefik.http.routers.glances.tls.domains[0].sans: "*.{{ ansible_nas_domain }}" + traefik.http.services.glances.loadbalancer.server.port: "61208" + when: glances_enabled is true + +- name: Stop Glances + block: + - name: Stop Glances + community.docker.docker_container: + name: "{{ glances_container_name }}" + state: absent + when: glances_enabled is false diff --git a/roles/gotify/defaults/main.yml b/roles/gotify/defaults/main.yml index 1ae240af..6bd37c22 100644 --- a/roles/gotify/defaults/main.yml +++ b/roles/gotify/defaults/main.yml @@ -5,14 +5,14 @@ gotify_available_externally: false # data directory gotify_data_directory: "{{ docker_home }}/gotify" -# docker image to use -gotify_docker_image: gotify/server:latest - # network gotify_port: "2346" gotify_hostname: "gotify" -# user to run container with +# docker +gotify_container_name: "gotify" +gotify_image_name: "gotify/server" +gotify_image_version: "latest" gotify_user_id: "0" gotify_group_id: "0" diff --git a/roles/gotify/docs/gotify.md b/roles/gotify/docs/gotify.md new file mode 100644 index 00000000..a440b5df --- /dev/null +++ b/roles/gotify/docs/gotify.md @@ -0,0 +1,16 @@ +# Gotify + +Homepage: + +A simple server for sending and receiving messages in real-time per WebSocket. (Includes a sleek web-ui) + +## Usage + +Set `gotify_enabled: true` in your `inventories//nas.yml` file. + +The Gotify web interface can be found at . + +Android client: [https://play.google.com/store/apps/details?id=com.github.gotify](https://play.google.com/store/apps/details?id=com.github.gotify) +iOS client: n/a +Chrome extension: n/a +Firefox extension: diff --git a/roles/gotify/molecule/default/molecule.yml b/roles/gotify/molecule/default/molecule.yml new file mode 100644 index 00000000..bcda5085 --- /dev/null +++ b/roles/gotify/molecule/default/molecule.yml @@ -0,0 +1,6 @@ +--- +provisioner: + inventory: + group_vars: + all: + gotify_enabled: true diff --git a/roles/gotify/molecule/default/side_effect.yml b/roles/gotify/molecule/default/side_effect.yml new file mode 100644 index 00000000..36038c8e --- /dev/null +++ b/roles/gotify/molecule/default/side_effect.yml @@ -0,0 +1,10 @@ +--- +- name: Stop + hosts: all + become: true + tasks: + - name: "Include {{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }} role" + ansible.builtin.include_role: + name: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }}" + vars: + gotify_enabled: false diff --git a/roles/gotify/molecule/default/verify.yml b/roles/gotify/molecule/default/verify.yml new file mode 100644 index 00000000..62059cb7 --- /dev/null +++ b/roles/gotify/molecule/default/verify.yml @@ -0,0 +1,19 @@ +--- +- name: Verify + hosts: all + gather_facts: false + tasks: + - name: Include vars + ansible.builtin.include_vars: + file: ../../defaults/main.yml + + - name: Get gotify container state + community.docker.docker_container: + name: "{{ gotify_container_name }}" + register: result + + - name: Check if gotify containers are running + ansible.builtin.assert: + that: + - result.container['State']['Status'] == "running" + - result.container['State']['Restarting'] == false diff --git a/roles/gotify/molecule/default/verify_stopped.yml b/roles/gotify/molecule/default/verify_stopped.yml new file mode 100644 index 00000000..541bbe3d --- /dev/null +++ b/roles/gotify/molecule/default/verify_stopped.yml @@ -0,0 +1,19 @@ +--- +- name: Verify + hosts: all + gather_facts: false + tasks: + - name: Include vars + ansible.builtin.include_vars: + file: ../../defaults/main.yml + + - name: Try and stop and remove gotify + community.docker.docker_container: + name: "{{ gotify_container_name }}" + state: absent + register: result + + - name: Check if gotify is stopped + ansible.builtin.assert: + that: + - not result.changed diff --git a/roles/gotify/tasks/main.yml b/roles/gotify/tasks/main.yml index 7560d692..ef6f33f8 100644 --- a/roles/gotify/tasks/main.yml +++ b/roles/gotify/tasks/main.yml @@ -1,31 +1,43 @@ --- -- name: Create Gotify Data Directory - file: - path: "{{ item }}" - state: directory - with_items: - - "{{ gotify_data_directory }}" +- name: Start Gotify + block: + - name: Create Gotify Data Directory + ansible.builtin.file: + path: "{{ item }}" + state: directory + with_items: + - "{{ gotify_data_directory }}" -- name: Gotify Docker Container - docker_container: - name: gotify - image: "{{ gotify_docker_image }}" - pull: true - ports: - - "{{ gotify_port }}:80" - volumes: - - "/var/run/docker.sock:/var/run/docker.sock" - - "{{ gotify_data_directory }}:/app/data:rw" - env: - TZ: "{{ ansible_nas_timezone }}" - PUID: "{{ gotify_user_id }}" - PGID: "{{ gotify_group_id }}" - restart_policy: unless-stopped - memory: "{{ gotify_memory }}" - labels: - traefik.enable: "{{ gotify_available_externally | string }}" - traefik.http.routers.gotify.rule: "Host(`{{ gotify_hostname }}.{{ ansible_nas_domain }}`)" - traefik.http.routers.gotify.tls.certresolver: "letsencrypt" - traefik.http.routers.gotify.tls.domains[0].main: "{{ ansible_nas_domain }}" - traefik.http.routers.gotify.tls.domains[0].sans: "*.{{ ansible_nas_domain }}" - traefik.http.services.gotify.loadbalancer.server.port: "80" + - name: Gotify Docker Container + community.docker.docker_container: + container_default_behavior: no_defaults + name: "{{ gotify_container_name }}" + image: "{{ gotify_image_name }}:{{ gotify_image_version }}" + pull: true + ports: + - "{{ gotify_port }}:80" + volumes: + - "/var/run/docker.sock:/var/run/docker.sock" + - "{{ gotify_data_directory }}:/app/data:rw" + env: + TZ: "{{ ansible_nas_timezone }}" + PUID: "{{ gotify_user_id }}" + PGID: "{{ gotify_group_id }}" + restart_policy: unless-stopped + memory: "{{ gotify_memory }}" + labels: + traefik.enable: "{{ gotify_available_externally | string }}" + traefik.http.routers.gotify.rule: "Host(`{{ gotify_hostname }}.{{ ansible_nas_domain }}`)" + traefik.http.routers.gotify.tls.certresolver: "letsencrypt" + traefik.http.routers.gotify.tls.domains[0].main: "{{ ansible_nas_domain }}" + traefik.http.routers.gotify.tls.domains[0].sans: "*.{{ ansible_nas_domain }}" + traefik.http.services.gotify.loadbalancer.server.port: "80" + when: gotify_enabled is true + +- name: Stop Gotify + block: + - name: Stop Gotify + community.docker.docker_container: + name: "{{ gotify_container_name }}" + state: absent + when: gotify_enabled is false diff --git a/roles/guacamole/defaults/main.yml b/roles/guacamole/defaults/main.yml index 04147f56..ce2f2af3 100644 --- a/roles/guacamole/defaults/main.yml +++ b/roles/guacamole/defaults/main.yml @@ -9,5 +9,10 @@ guacamole_data_directory: "{{ docker_home }}/guacamole" guacamole_port: "8090" guacamole_hostname: "guacamole" +# docker +guacamole_container_name: "guacamole" +guacamole_image_name: "oznu/guacamole" +guacamole_image_version: "latest" + # specs guacamole_memory: 1g diff --git a/roles/guacamole/docs/guacamole.md b/roles/guacamole/docs/guacamole.md new file mode 100644 index 00000000..11e022e3 --- /dev/null +++ b/roles/guacamole/docs/guacamole.md @@ -0,0 +1,17 @@ +# Guacamole + +Homepage: + +Apache Guacamole is a clientless remote desktop gateway. It supports standard protocols like VNC, RDP, and SSH. + +## Usage + +Set `guacamole_enabled: true` in your `inventories//nas.yml` file. + +## Specific Configuration + +The default username and password is `guacadmin`. Change it! + +## What to connect to? + +You can run a virtual desktop from your Ansible-NAS box, check out the [Virtual Desktop docs](virtual_desktop.md). diff --git a/roles/guacamole/molecule/default/molecule.yml b/roles/guacamole/molecule/default/molecule.yml new file mode 100644 index 00000000..6522e319 --- /dev/null +++ b/roles/guacamole/molecule/default/molecule.yml @@ -0,0 +1,6 @@ +--- +provisioner: + inventory: + group_vars: + all: + guacamole_enabled: true diff --git a/roles/guacamole/molecule/default/side_effect.yml b/roles/guacamole/molecule/default/side_effect.yml new file mode 100644 index 00000000..ca633833 --- /dev/null +++ b/roles/guacamole/molecule/default/side_effect.yml @@ -0,0 +1,10 @@ +--- +- name: Stop + hosts: all + become: true + tasks: + - name: "Include {{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }} role" + ansible.builtin.include_role: + name: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }}" + vars: + guacamole_enabled: false diff --git a/roles/guacamole/molecule/default/verify.yml b/roles/guacamole/molecule/default/verify.yml new file mode 100644 index 00000000..dc90031f --- /dev/null +++ b/roles/guacamole/molecule/default/verify.yml @@ -0,0 +1,19 @@ +--- +- name: Verify + hosts: all + gather_facts: false + tasks: + - name: Include vars + ansible.builtin.include_vars: + file: ../../defaults/main.yml + + - name: Get guacamole container state + community.docker.docker_container: + name: "{{ guacamole_container_name }}" + register: result + + - name: Check if guacamole containers are running + ansible.builtin.assert: + that: + - result.container['State']['Status'] == "running" + - result.container['State']['Restarting'] == false diff --git a/roles/guacamole/molecule/default/verify_stopped.yml b/roles/guacamole/molecule/default/verify_stopped.yml new file mode 100644 index 00000000..f3b6955b --- /dev/null +++ b/roles/guacamole/molecule/default/verify_stopped.yml @@ -0,0 +1,19 @@ +--- +- name: Verify + hosts: all + gather_facts: false + tasks: + - name: Include vars + ansible.builtin.include_vars: + file: ../../defaults/main.yml + + - name: Try and stop and remove guacamole + community.docker.docker_container: + name: "{{ guacamole_container_name }}" + state: absent + register: result + + - name: Check if guacamole is stopped + ansible.builtin.assert: + that: + - not result.changed diff --git a/roles/guacamole/tasks/main.yml b/roles/guacamole/tasks/main.yml index 913067c1..1eee84fd 100644 --- a/roles/guacamole/tasks/main.yml +++ b/roles/guacamole/tasks/main.yml @@ -1,51 +1,63 @@ --- -- name: Create Guacamole directories - file: - path: "{{ item }}" - state: directory - with_items: - - "{{ guacamole_data_directory }}/config" +- name: Start Guacamole + block: + - name: Create Guacamole directories + ansible.builtin.file: + path: "{{ item }}" + state: directory + with_items: + - "{{ guacamole_data_directory }}/config" -- name: Remove Old Guacamole Mysql Docker Container - docker_container: - name: guacamole-mysql - state: absent - keep_volumes: true + - name: Remove Old Guacamole Mysql Docker Container + docker_container: + name: guacamole-mysql + state: absent + keep_volumes: true -- name: Remove Old Guacamole guacd Docker Container - docker_container: - name: guacamole-guacd - state: absent - keep_volumes: true + - name: Remove Old Guacamole guacd Docker Container + docker_container: + name: guacamole-guacd + state: absent + keep_volumes: true -- name: Remove old Guacamole directories - file: - path: "{{ item }}" - state: absent - with_items: - - "{{ guacamole_data_directory }}/mysql" + - name: Remove old Guacamole directories + file: + path: "{{ item }}" + state: absent + with_items: + - "{{ guacamole_data_directory }}/mysql" -- name: Guacamole Container - docker_container: - name: guacamole - image: "oznu/guacamole" - pull: true - volumes: - - "{{ guacamole_data_directory }}/config:/config:rw" - ports: - - "{{ guacamole_port }}:8080" - restart_policy: unless-stopped - memory: "{{ guacamole_memory }}" - labels: - traefik.enable: "{{ guacamole_available_externally | string }}" - traefik.http.routers.guacamole.rule: "Host(`{{ guacamole_hostname }}.{{ ansible_nas_domain }}`)" - traefik.http.routers.guacamole.tls.certresolver: "letsencrypt" - traefik.http.routers.guacamole.tls.domains[0].main: "{{ ansible_nas_domain }}" - traefik.http.routers.guacamole.tls.domains[0].sans: "*.{{ ansible_nas_domain }}" - traefik.http.services.guacamole.loadbalancer.server.port: "8080" + - name: Guacamole Container + community.docker.docker_container: + container_default_behavior: no_defaults + name: "{{ guacamole_container_name }}" + image: "{{ guacamole_image_name }}:{{ guacamole_image_version }}" + pull: true + volumes: + - "{{ guacamole_data_directory }}/config:/config:rw" + ports: + - "{{ guacamole_port }}:8080" + restart_policy: unless-stopped + memory: "{{ guacamole_memory }}" + labels: + traefik.enable: "{{ guacamole_available_externally | string }}" + traefik.http.routers.guacamole.rule: "Host(`{{ guacamole_hostname }}.{{ ansible_nas_domain }}`)" + traefik.http.routers.guacamole.tls.certresolver: "letsencrypt" + traefik.http.routers.guacamole.tls.domains[0].main: "{{ ansible_nas_domain }}" + traefik.http.routers.guacamole.tls.domains[0].sans: "*.{{ ansible_nas_domain }}" + traefik.http.services.guacamole.loadbalancer.server.port: "8080" -- name: Restart Guacamole Container - docker_container: - name: guacamole - image: "oznu/guacamole" - restart: true + - name: Restart Guacamole Container + community.docker.docker_container: + name: "{{ guacamole_container_name }}" + image: "{{ guacamole_image_name }}:{{ guacamole_image_version }}" + restart: true + when: guacamole_enabled is true + +- name: Stop Guacamole + block: + - name: Stop Guacamole + community.docker.docker_container: + name: "{{ guacamole_container_name }}" + state: absent + when: guacamole_enabled is false diff --git a/roles/healthchecks.io/docs/healthchecks.io.md b/roles/healthchecks.io/docs/healthchecks.io.md new file mode 100644 index 00000000..3c9db8eb --- /dev/null +++ b/roles/healthchecks.io/docs/healthchecks.io.md @@ -0,0 +1,11 @@ +# Healthchecks.io + +Homepage: + +A simple cronjob that uses `curl` to ping a given endpoint on the `healthchecks.io` servers. You can choose how often it should ping the endpoint, and what happens when it doesn't. Email/Slack/Telegram and many more services can be integrated. + +## Usage + +Create your own project on , and set both the time between pings and the grace time. Set your prefered integration such as email. + +Set `healthchecks_enabled: true` in your `inventories//nas.yml` file, and if your time between pings is different than the default `healthchecks_ping_minutes`, change it. Finally, set your ping url in the `healthchecks_url` variable. diff --git a/roles/healthchecks.io/molecule/default/molecule.yml b/roles/healthchecks.io/molecule/default/molecule.yml new file mode 100644 index 00000000..5343b31e --- /dev/null +++ b/roles/healthchecks.io/molecule/default/molecule.yml @@ -0,0 +1,6 @@ +--- +provisioner: + inventory: + group_vars: + all: + healthchecks_enabled: true diff --git a/roles/healthchecks.io/molecule/default/side_effect.yml b/roles/healthchecks.io/molecule/default/side_effect.yml new file mode 100644 index 00000000..2b445448 --- /dev/null +++ b/roles/healthchecks.io/molecule/default/side_effect.yml @@ -0,0 +1,10 @@ +--- +- name: Stop + hosts: all + become: true + tasks: + - name: "Include {{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }} role" + ansible.builtin.include_role: + name: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }}" + vars: + healthchecks_enabled: false diff --git a/roles/healthchecks.io/molecule/default/verify.yml b/roles/healthchecks.io/molecule/default/verify.yml new file mode 100644 index 00000000..69fff456 --- /dev/null +++ b/roles/healthchecks.io/molecule/default/verify.yml @@ -0,0 +1,19 @@ +--- +- name: Verify + hosts: all + gather_facts: false + tasks: + - name: Include vars + ansible.builtin.include_vars: + file: ../../defaults/main.yml + + - name: Check cron job file + ansible.builtin.fetch: + src: /var/spool/cron/crontabs/root + dest: /tmp/fetched + + - name: Check if cron job does exist + ansible.builtin.assert: + that: "lookup('file', '/tmp/fetched/instance/var/spool/cron/crontabs/root') is search('healthchecks.io')" + fail_msg: "Cron job 'healthchecks.io' does not exist!" + success_msg: "Cron job 'healthchecks.io' does exist!" diff --git a/roles/healthchecks.io/molecule/default/verify_stopped.yml b/roles/healthchecks.io/molecule/default/verify_stopped.yml new file mode 100644 index 00000000..b0fa2024 --- /dev/null +++ b/roles/healthchecks.io/molecule/default/verify_stopped.yml @@ -0,0 +1,19 @@ +--- +- name: Verify + hosts: all + gather_facts: false + tasks: + - name: Include vars + ansible.builtin.include_vars: + file: ../../defaults/main.yml + + - name: Check cron job file + ansible.builtin.fetch: + src: /var/spool/cron/crontabs/root + dest: /tmp/fetched + + - name: Check if cron job does not exist + ansible.builtin.assert: + that: "not lookup('file', '/tmp/fetched/instance/var/spool/cron/crontabs/root') is search('healthchecks.io')" + fail_msg: "Cron job 'healthchecks.io' still exists!" + success_msg: "Cron job 'healthchecks.io' does not exist!" diff --git a/roles/healthchecks.io/tasks/main.yml b/roles/healthchecks.io/tasks/main.yml index e9a7e145..0e79f7cf 100644 --- a/roles/healthchecks.io/tasks/main.yml +++ b/roles/healthchecks.io/tasks/main.yml @@ -1,7 +1,19 @@ --- -- name: Add healthchecks.io cronjob - cron: - name: healthchecks.io - minute: "*/{{ healthchecks_ping_minutes }}" - user: root - job: "curl -m 10 --retry 5 {{ healthchecks_url }}" +- name: Start Healthchecks + block: + - name: Add healthchecks.io cronjob + ansible.builtin.cron: + name: healthchecks.io + minute: "*/{{ healthchecks_ping_minutes }}" + user: root + job: "curl -m 10 --retry 5 {{ healthchecks_url }}" + when: healthchecks_enabled is true + +- name: Stop Healthchecks + block: + - name: Remove healthchecks.io cronjob + ansible.builtin.cron: + name: healthchecks.io + user: root + state: absent + when: healthchecks_enabled is false