ansible/privfrontends/playbook.yaml

---
- name: Setup Caddy
  hosts: privfrontends
  roles:
    - role: caddy_ansible.caddy_ansible
      caddy_systemd_capabilities_enabled: true
      caddy_config: "{{ lookup('template', './templates/Caddyfile.j2') }}"
      caddy_user: "caddy"
      caddy_home: "/var/lib/caddy"
      # Static weekly builds of caddy with rfc2136 dns plugin
      caddy_url_base: "https://cb.projectsegfau.lt/api/download"
  tasks:
    - name: Copy per-server caddy extras
      copy:
        src: "./templates/{{ inventory_hostname }}/"
        dest: /etc/caddy/
        remote_src: true
        directory_mode: true
- name: Setup docker compose for privacy frontends
  hosts: privfrontends
  vars:
    docker_services:
      - anonymousoverflow
      - beatbump
      - breezewiki
      - gothub
      - gothub-dev
      - invidious
      - librarian
      - libreddit
      - nitter
      - rimgo
      - scribe
      - teddit
      - watchtower
    non_pizza_docker_services:
      - piped
      - searxng-docker
  tasks:
    #
    # community.docker does not support compose 2.0 right now.
    # https://github.com/ansible-collections/community.docker/issues/216
    #
    - name: Update docker compose files and restart those with changes
      include_tasks: docker-tasks.yaml
      with_items: "{{ docker_services }}"
    - name: Update docker compose files and restart those with changes (Privacy Frontends but without Pizza1)
      include_tasks: docker-tasks.yaml
      with_items: "{{ non_pizza_docker_services }}"

- name: Setup cron jobs
  hosts: privfrontends
  tasks:
    - name: Restart invidious every hour
      cron:
        name: "hourly invidious restart"
        special_time: hourly
        job: "docker restart invidious-invidious-1 && curl https://healthchecks.projectsegfau.lt/ping/{{invidious_hc_uuid}}"
    - name: Restart teddit every hour
      cron:
        name: "hourly teddit restart"
        special_time: hourly
        job: "docker restart teddit && curl https://healthchecks.projectsegfau.lt/ping/{{teddit_hc_uuid}}"
init 2023-05-13 06:44:40 +05:30			`---`
			`- name: Setup Caddy`
			`hosts: privfrontends`
			`roles:`
			`- role: caddy_ansible.caddy_ansible`
			`caddy_systemd_capabilities_enabled: true`
update 2023-05-29 14:08:34 +05:30			`caddy_config: "{{ lookup('template', './templates/Caddyfile.j2') }}"`
init 2023-05-13 06:44:40 +05:30			`caddy_user: "caddy"`
			`caddy_home: "/var/lib/caddy"`
			`# Static weekly builds of caddy with rfc2136 dns plugin`
			`caddy_url_base: "https://cb.projectsegfau.lt/api/download"`
			`tasks:`
			`- name: Copy per-server caddy extras`
ansible.builtin prefix is un-necessary 2023-05-14 15:56:43 +05:30			`copy:`
update 2023-05-29 14:08:34 +05:30			`src: "./templates/{{ inventory_hostname }}/"`
			`dest: /etc/caddy/`
			`remote_src: true`
			`directory_mode: true`
init 2023-05-13 06:44:40 +05:30			`- name: Setup docker compose for privacy frontends`
ansible.builtin prefix is un-necessary 2023-05-14 15:56:43 +05:30			`hosts: privfrontends`
init 2023-05-13 06:44:40 +05:30			`vars:`
			`docker_services:`
			`- anonymousoverflow`
			`- beatbump`
			`- breezewiki`
			`- gothub`
			`- gothub-dev`
			`- invidious`
			`- librarian`
			`- libreddit`
			`- nitter`
			`- rimgo`
			`- scribe`
			`- teddit`
			`- watchtower`
			`non_pizza_docker_services:`
			`- piped`
			`- searxng-docker`
			`tasks:`
			`#`
			`# community.docker does not support compose 2.0 right now.`
			`# https://github.com/ansible-collections/community.docker/issues/216`
			`#`
			`- name: Update docker compose files and restart those with changes`
			`include_tasks: docker-tasks.yaml`
			`with_items: "{{ docker_services }}"`
			`- name: Update docker compose files and restart those with changes (Privacy Frontends but without Pizza1)`
			`include_tasks: docker-tasks.yaml`
			`with_items: "{{ non_pizza_docker_services }}"`
add hourly restarts and make keys diff per-host 2023-05-16 15:25:01 +05:30
			`- name: Setup cron jobs`
			`hosts: privfrontends`
			`tasks:`
			`- name: Restart invidious every hour`
			`cron:`
			`name: "hourly invidious restart"`
			`special_time: hourly`
			`job: "docker restart invidious-invidious-1 && curl https://healthchecks.projectsegfau.lt/ping/{{invidious_hc_uuid}}"`
			`- name: Restart teddit every hour`
			`cron:`
			`name: "hourly teddit restart"`
			`special_time: hourly`
			`job: "docker restart teddit && curl https://healthchecks.projectsegfau.lt/ping/{{teddit_hc_uuid}}"`