From aeaecbafe468e1f0c4c91603f57055e031f422f9 Mon Sep 17 00:00:00 2001 From: "Justin D. Fetherolf" Date: Fri, 9 Dec 2022 17:47:32 -0700 Subject: [PATCH] refactor(mumble): add molecule and readme; attempt permissions Add the expected molecule files as well as the readme for the role. Attempt to change permissions to the uid/gid used inside the Mumble container for the data directory. Refs: #620 --- roles/mumble/docs/mumble.md | 15 +++++++++++++++ roles/mumble/modlecule/default/molecule.yml | 7 +++++++ .../mumble/modlecule/default/side_effect.yml | 11 +++++++++++ roles/mumble/modlecule/default/verify.yml | 19 +++++++++++++++++++ .../modlecule/default/verify_stopped.yml | 19 +++++++++++++++++++ roles/mumble/tasks/main.yaml | 5 +++-- 6 files changed, 74 insertions(+), 2 deletions(-) create mode 100644 roles/mumble/docs/mumble.md create mode 100644 roles/mumble/modlecule/default/molecule.yml create mode 100644 roles/mumble/modlecule/default/side_effect.yml create mode 100644 roles/mumble/modlecule/default/verify.yml create mode 100644 roles/mumble/modlecule/default/verify_stopped.yml diff --git a/roles/mumble/docs/mumble.md b/roles/mumble/docs/mumble.md new file mode 100644 index 00000000..a166aac7 --- /dev/null +++ b/roles/mumble/docs/mumble.md @@ -0,0 +1,15 @@ +# Mumble + +Homepage: + +Mumble is a free, open source, low latency, high quality voice chat application. + +## Usage + +Set `mumble_enabled: true` in your `inventories//nas.yml` file. +The configuration here applies a server password, via `mumble_server_password`, to the Mumble instance, so that if you make this application available externally it won't be +accessible to everyone by default. That being said, it is **strongly** encouraged that +you change this value to something unique. + +Clients can then connect to the service at `ansible_nas_host_or_ip:64738` using the +password that you've definitely changed. diff --git a/roles/mumble/modlecule/default/molecule.yml b/roles/mumble/modlecule/default/molecule.yml new file mode 100644 index 00000000..5513870a --- /dev/null +++ b/roles/mumble/modlecule/default/molecule.yml @@ -0,0 +1,7 @@ +--- +provisioner: + inventory: + group_vars: + all: + mumble_enabled: true + diff --git a/roles/mumble/modlecule/default/side_effect.yml b/roles/mumble/modlecule/default/side_effect.yml new file mode 100644 index 00000000..3044d1c0 --- /dev/null +++ b/roles/mumble/modlecule/default/side_effect.yml @@ -0,0 +1,11 @@ +--- +- name: Stop + hosts: all + become: true + tasks: + - name: "Include {{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }} role" + include_role: + name: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }}" + vars: + mumble_enabled: false + diff --git a/roles/mumble/modlecule/default/verify.yml b/roles/mumble/modlecule/default/verify.yml new file mode 100644 index 00000000..145baab7 --- /dev/null +++ b/roles/mumble/modlecule/default/verify.yml @@ -0,0 +1,19 @@ +--- +- name: Verify + hosts: all + gather_facts: false + tasks: + - include_vars: + file: ../../defaults/main.yml + + - name: Get container state + docker_container_info: + name: "{{ mumble_container_name }}" + register: result + + - name: Check Mumble is running + assert: + that: + - result.container['State']['Status'] == "running" + - result.container['State']['Restarting'] == false + diff --git a/roles/mumble/modlecule/default/verify_stopped.yml b/roles/mumble/modlecule/default/verify_stopped.yml new file mode 100644 index 00000000..7ebff65d --- /dev/null +++ b/roles/mumble/modlecule/default/verify_stopped.yml @@ -0,0 +1,19 @@ +--- +- name: Verify + hosts: all + gather_facts: false + tasks: + - include_vars: + file: ../../defaults/main.yml + + - name: Try and stop and remove Mumble + docker_container: + name: "{{ mumble_container_name }}" + state: absent + register: result + + - name: Check Mumble is stopped + assert: + that: + - not result.changed + diff --git a/roles/mumble/tasks/main.yaml b/roles/mumble/tasks/main.yaml index f836ff22..569f14dd 100644 --- a/roles/mumble/tasks/main.yaml +++ b/roles/mumble/tasks/main.yaml @@ -7,11 +7,12 @@ state: directory # The mumble image gets uid/gid at build time, and uses 1000 for both, by default. # This ends up with permission denied on the data directory, unless we fully open the permissions. - mode: "0777" + owner: 1000 + group: 1000 with_items: - "{{ mumble_data_directory }}" - - name: Mumble Docker Container + - name: Create Mumble Docker Container docker_container: name: "{{ mumble_container_name }}" image: mumblevoip/mumble-server:latest