add docker

README.md

@@ -3,6 +3,7 @@
 ansible-galaxy install -r requirements.yml -p roles/galaxy/ --force
 ansible-playbook playbook.yaml # Initialize
 ansible-playbook -i inventory.yml -e @secrets.enc --ask-vault-pass playbooks/caddy.yaml  # Caddy
+ansible-playbook -i inventory.yml -e @secrets.enc --ask-vault-pass playbooks/docker.yaml # Docker Compose
 ```
 
 To add secrets: `ansible-vault edit secrets.enc`

compose/libreddit/compose.yml.j2

@@ -0,0 +1,16 @@
+services:
+  libreddit:
+    image: libreddit/libreddit:latest
+    ports:
+      - 127.0.0.1:6464:8080
+    restart: unless-stopped
+    healthcheck:
+      test: ["CMD", "wget", "--spider", "-q", "--tries=1", "http://localhost:8080/settings"]
+      interval: 5m
+      timeout: 3s
+    environment:
+      - FRONT_PAGE=popular
+      - COMMENT_SORT=new
+      - BLUR_NSFW=on
+      - USE_HLS=off
+      - AUTOPLAY_VIDEOS=of

compose/libreddit/extras.conf.j2

@@ -0,0 +1 @@
+SOMETHING HERE

compose/teddit/compose.yml.j2

@@ -0,0 +1,41 @@
+version: "3.8"
+
+services:
+
+  teddit:
+    restart: always
+    container_name: teddit
+    image: teddit/teddit:latest
+    environment:
+      - DOMAIN=teddit.projectsegfau.lt
+      - USE_HELMET=true
+      - USE_HELMET_HSTS=true
+      - TRUST_PROXY=true
+      - REDIS_HOST=teddit-redis
+    ports:
+      - "9061:8080"
+    networks:
+      - teddit_net
+    healthcheck:
+      test: ["CMD", "wget" ,"--no-verbose", "--tries=1", "--spider", "http://localhost:8080/about"]
+      interval: 1m
+      timeout: 3s
+    depends_on:
+      - teddit-redis
+
+  teddit-redis:
+    restart: always
+    container_name: teddit-redis
+    image: redis:6.2.5-alpine
+    command: redis-server
+    environment:
+      - REDIS_REPLICATION_MODE=master
+    networks:
+      - teddit_net
+    volumes:
+      - teddit-redis:/data
+volumes:
+  teddit-redis:
+
+networks:
+  teddit_net:

playbook.yaml

@@ -12,6 +12,8 @@
         - sudo
         - net-tools
         - nmap
+        - python3-pip
+        - python3-docker
 - name: Add users
   hosts: ansibletest
   vars:

playbooks/docker-tasks.yaml

@@ -0,0 +1,35 @@
+---
+- name: Copy docker-compose templates for the service
+  ansible.builtin.template:
+    src: ../compose/{{item}}/compose.yml.j2
+    dest: /opt/docker/{{item}}/compose.yml
+    backup: yes
+  register: check_status
+
+- name: check if extras file exists for the service
+  local_action: stat path=../compose/{{item}}/extras.conf.j2
+  register: file
+- name: Copy extras file
+  ansible.builtin.template:
+    src: ../compose/{{item}}/extras.conf.j2
+    dest: /opt/docker/{{item}}/extras.conf
+    backup: yes
+  when: file.stat.exists
+
+- name: "Update docker service image"
+  command:
+    chdir: "/opt/docker/{{ item }}"
+    cmd: docker compose pull
+  when: check_status is changed
+
+- name: "Stop docker service"
+  command:
+    chdir: "/opt/docker/{{ item }}"
+    cmd: docker compose down
+  when: check_status is changed
+
+- name: "Start docker service"
+  command:
+    chdir: "/opt/docker/{{ item }}"
+    cmd: docker compose up -d --build --remove-orphans
+  when: check_status is changed

playbooks/docker.yaml

@@ -1,27 +1,14 @@
 ---
 - hosts: all
+  vars:
+    docker_services:
+      - libreddit
+      - teddit
   tasks:
-    - name: Remove old compose files
+    #
-      ansible.builtin.file:
+    # community.docker does not support compose 2.0 right now.
-        path: /opt/docker/{{item}}
+    # https://github.com/ansible-collections/community.docker/issues/216
-        state: absent
+    #
-      with_fileglob:
+  - name: Update docker compose files and restart those with changes
-        - "/home/arya/projects/ansibletest/compose/*"
+    include_tasks: docker-tasks.yaml
-    - name: Copy compose files
+    with_items: "{{ docker_services }}"
-      copy:
-        src: /home/arya/projects/ansibletest/compose/{{item}}
-        dest: /opt/docker/
-      with_fileglob:
-        - "/home/arya/projects/ansibletest/compose/*"
-    - name: stop compose
-      docker_compose:
-        project_src: /opt/docker/{{item}}
-        state: absent
-      with_fileglob:
-        - "/home/arya/projects/ansibletest/compose/*"
-    - name: start compose
-      docker_compose:
-        project_src: /opt/docker/{{item}}
-        state: present
-      with_fileglob:
-        - "/home/arya/projects/ansibletest/compose/*"