From 075a1fdcd9a34de82500980abc8be0903ac82b3e Mon Sep 17 00:00:00 2001
From: Javier Feliz <javier0eduardo@hotmail.com>
Date: Sun, 6 Jul 2025 21:18:56 -0400
Subject: [PATCH] Add extra roles

---
 group_vars/all.yml                           |  8 ++++
 roles/app/database/defaults/main.yml         |  0
 roles/app/database/tasks/main.yml            | 20 +++++++++
 roles/docker/install/defaults/main.yml       |  0
 roles/docker/install/tasks/main.yml          | 45 ++++++++++++++++++++
 roles/docker/portainer/defaults/main.yml     |  0
 roles/docker/portainer/tasks/main.yml        | 22 ++++++++++
 roles/docker/stack/defaults/main.yml         |  2 +
 roles/docker/stack/tasks/main.yml            | 27 ++++++++++++
 roles/postgres/database/defaults/main.yml    |  0
 roles/postgres/database/tasks/main.yml       | 10 +++++
 roles/postgres/priviledges/defaults/main.yml |  1 +
 roles/postgres/priviledges/tasks/main.yml    | 28 ++++++++++++
 roles/postgres/user/defaults/main.yml        |  1 +
 roles/postgres/user/tasks/main.yml           | 11 +++++
 roles/services/postgres/defaults/main.yml    |  5 +++
 roles/services/postgres/tasks/main.yml       | 20 +++++++++
 17 files changed, 200 insertions(+)
 create mode 100755 roles/app/database/defaults/main.yml
 create mode 100755 roles/app/database/tasks/main.yml
 create mode 100755 roles/docker/install/defaults/main.yml
 create mode 100755 roles/docker/install/tasks/main.yml
 create mode 100755 roles/docker/portainer/defaults/main.yml
 create mode 100755 roles/docker/portainer/tasks/main.yml
 create mode 100755 roles/docker/stack/defaults/main.yml
 create mode 100755 roles/docker/stack/tasks/main.yml
 create mode 100755 roles/postgres/database/defaults/main.yml
 create mode 100755 roles/postgres/database/tasks/main.yml
 create mode 100755 roles/postgres/priviledges/defaults/main.yml
 create mode 100755 roles/postgres/priviledges/tasks/main.yml
 create mode 100755 roles/postgres/user/defaults/main.yml
 create mode 100755 roles/postgres/user/tasks/main.yml
 create mode 100644 roles/services/postgres/defaults/main.yml
 create mode 100644 roles/services/postgres/tasks/main.yml

diff --git a/group_vars/all.yml b/group_vars/all.yml
index 31bd3ed..476e9c6 100755
--- a/group_vars/all.yml
+++ b/group_vars/all.yml
@@ -8,3 +8,11 @@ pg_host: 10.89.0.102
 pg_port: 5432
 pg_user: postgres
 pg_password: password
+
+# Local paths
+docker_stacks: "{{ project_root }}/docker"
+assets: "{{ project_root }}/assets"
+
+# Remote paths
+remote_stacks: "/home/javi/docker"
+remote_app_mounts: "/home/docker"
diff --git a/roles/app/database/defaults/main.yml b/roles/app/database/defaults/main.yml
new file mode 100755
index 0000000..e69de29
diff --git a/roles/app/database/tasks/main.yml b/roles/app/database/tasks/main.yml
new file mode 100755
index 0000000..1fb4cf8
--- /dev/null
+++ b/roles/app/database/tasks/main.yml
@@ -0,0 +1,20 @@
+---
+- name: Create app database
+  ansible.builtin.include_role:
+    name: postgres/database
+  vars:
+    database: "{{ app_name }}"
+
+- name: Create app db user 
+  ansible.builtin.include_role:
+    name: postgres/user
+  vars:
+    user: "{{ app_name }}"
+    password: "password"
+
+- name: Give app user full priviledges on DB 
+  ansible.builtin.include_role:
+    name: postgres/priviledges
+  vars:
+    database: "{{ app_name }}"
+    user: "{{ app_name }}"
\ No newline at end of file
diff --git a/roles/docker/install/defaults/main.yml b/roles/docker/install/defaults/main.yml
new file mode 100755
index 0000000..e69de29
diff --git a/roles/docker/install/tasks/main.yml b/roles/docker/install/tasks/main.yml
new file mode 100755
index 0000000..86b2c7c
--- /dev/null
+++ b/roles/docker/install/tasks/main.yml
@@ -0,0 +1,45 @@
+---
+- name: Update apt cache
+  ansible.builtin.apt:
+    update_cache: yes
+
+- name: Install prerequisite packages
+  ansible.builtin.apt:
+    name:
+    - ca-certificates
+    - curl
+    state: present
+
+- name: Create apt keyrings directory
+  ansible.builtin.file:
+    path: /etc/apt/keyrings
+    state: directory
+    mode: '0755'
+
+- name: Download Docker GPG key
+  ansible.builtin.get_url:
+    url: "https://download.docker.com/linux/ubuntu/gpg"
+    dest: /etc/apt/keyrings/docker.asc
+    mode: '0644'
+
+- name: Add Docker apt repository
+  ansible.builtin.apt_repository:
+    repo: "deb [arch={{ docker_arch }} signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu {{ ansible_distribution_release }} stable"
+    filename: docker
+    state: present
+  vars:
+    docker_arch: "{{ ansible_architecture | regex_replace('x86_64', 'amd64') }}"
+
+- name: Update apt cache after adding Docker repository
+  ansible.builtin.apt:
+    update_cache: true
+
+- name: Install Docker packages
+  ansible.builtin.apt:
+    name:
+    - docker-ce
+    - docker-ce-cli
+    - containerd.io
+    - docker-buildx-plugin
+    - docker-compose-plugin
+    state: present
\ No newline at end of file
diff --git a/roles/docker/portainer/defaults/main.yml b/roles/docker/portainer/defaults/main.yml
new file mode 100755
index 0000000..e69de29
diff --git a/roles/docker/portainer/tasks/main.yml b/roles/docker/portainer/tasks/main.yml
new file mode 100755
index 0000000..a18e91d
--- /dev/null
+++ b/roles/docker/portainer/tasks/main.yml
@@ -0,0 +1,22 @@
+- name: Pull Portainer Agent image
+  become: true
+  community.docker.docker_image:
+    name: portainer/agent
+    tag: latest
+    source: pull
+
+- name: Deploy Portainer Agent container
+  become: true
+  community.docker.docker_container:
+    name: portainer_agent
+    image: portainer/agent
+    pull: false           # we already pulled above
+    state: started
+    restart_policy: always
+    ports:
+      - "9001:9001"
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+      - /var/lib/docker/volumes:/var/lib/docker/volumes
+      - /:/host
+    timeout: 120      # wait up to 2m for it to come up
diff --git a/roles/docker/stack/defaults/main.yml b/roles/docker/stack/defaults/main.yml
new file mode 100755
index 0000000..6b7f1a5
--- /dev/null
+++ b/roles/docker/stack/defaults/main.yml
@@ -0,0 +1,2 @@
+apps: []
+stack_name: "willneverexist"
\ No newline at end of file
diff --git a/roles/docker/stack/tasks/main.yml b/roles/docker/stack/tasks/main.yml
new file mode 100755
index 0000000..ab0863b
--- /dev/null
+++ b/roles/docker/stack/tasks/main.yml
@@ -0,0 +1,27 @@
+---
+- name: Create app mount directories
+  ansible.builtin.file:
+    path: "{{ remote_app_mounts }}/{{ item }}"
+    state: directory
+    mode: '0777'
+  loop: "{{ apps }}"
+
+- name: Create stack directory
+  ansible.builtin.file:
+    path: "{{ remote_stacks }}/{{ stack_name }}"
+    state: directory
+    mode: '0777'
+
+- name: Copy docker-compose.yml to server
+  ansible.builtin.copy:
+    src: '{{ docker_stacks }}/{{ stack_name }}/docker-compose.yml'
+    dest: '{{ remote_stacks }}/{{ stack_name }}/docker-compose.yml'
+    owner: javi
+    group: javi
+    mode: '0777'
+
+- name: Start up the containers
+  ansible.builtin.command: docker compose up -d
+  become: true
+  args:
+    chdir: "{{ remote_stacks }}/{{ stack_name }}" 
\ No newline at end of file
diff --git a/roles/postgres/database/defaults/main.yml b/roles/postgres/database/defaults/main.yml
new file mode 100755
index 0000000..e69de29
diff --git a/roles/postgres/database/tasks/main.yml b/roles/postgres/database/tasks/main.yml
new file mode 100755
index 0000000..b54e09e
--- /dev/null
+++ b/roles/postgres/database/tasks/main.yml
@@ -0,0 +1,10 @@
+---
+- name: Create database
+  delegate_to: localhost
+  community.postgresql.postgresql_db:
+    name: "{{ database }}"
+    state: present
+    login_host: "{{ pg_host }}"
+    login_port: "{{ pg_port }}"
+    login_user: "{{ pg_user }}"
+    login_password: "{{ pg_password }}"
diff --git a/roles/postgres/priviledges/defaults/main.yml b/roles/postgres/priviledges/defaults/main.yml
new file mode 100755
index 0000000..84dc138
--- /dev/null
+++ b/roles/postgres/priviledges/defaults/main.yml
@@ -0,0 +1 @@
+priviledges: ALL
\ No newline at end of file
diff --git a/roles/postgres/priviledges/tasks/main.yml b/roles/postgres/priviledges/tasks/main.yml
new file mode 100755
index 0000000..b47041a
--- /dev/null
+++ b/roles/postgres/priviledges/tasks/main.yml
@@ -0,0 +1,28 @@
+---
+- name: Grant database-level privileges on "{{ database }}"
+  delegate_to: localhost
+  community.postgresql.postgresql_privs:
+    db: "{{ database }}"
+    type: database
+    objs: "{{ database }}"
+    privs: "CREATE"
+    role: "{{ user }}"
+    state: present
+    login_host: "{{ pg_host }}"
+    login_port: "{{ pg_port }}"
+    login_user: "{{ pg_user }}"
+    login_password: "{{ pg_password }}"
+
+- name: Give user full priviledges on database
+  delegate_to: localhost
+  community.postgresql.postgresql_privs:
+    db: "{{ database }}"
+    type: schema
+    objs: public
+    privs: "{{ priviledges }}"
+    role: "{{ user }}"
+    state: present
+    login_host: "{{ pg_host }}"
+    login_port: "{{ pg_port }}"
+    login_user: "{{ pg_user }}"
+    login_password: "{{ pg_password }}"
\ No newline at end of file
diff --git a/roles/postgres/user/defaults/main.yml b/roles/postgres/user/defaults/main.yml
new file mode 100755
index 0000000..3fab93f
--- /dev/null
+++ b/roles/postgres/user/defaults/main.yml
@@ -0,0 +1 @@
+password: "password"
\ No newline at end of file
diff --git a/roles/postgres/user/tasks/main.yml b/roles/postgres/user/tasks/main.yml
new file mode 100755
index 0000000..bbdd928
--- /dev/null
+++ b/roles/postgres/user/tasks/main.yml
@@ -0,0 +1,11 @@
+---
+- name: Create postgres user
+  delegate_to: localhost
+  community.postgresql.postgresql_user:
+    name: "{{ user }}"
+    password: "{{ password }}"
+    state: present
+    login_host: "{{ pg_host }}"
+    login_port: "{{ pg_port }}"
+    login_user: "{{ pg_user }}"
+    login_password: "{{ pg_password }}"
\ No newline at end of file
diff --git a/roles/services/postgres/defaults/main.yml b/roles/services/postgres/defaults/main.yml
new file mode 100644
index 0000000..e72078e
--- /dev/null
+++ b/roles/services/postgres/defaults/main.yml
@@ -0,0 +1,5 @@
+data_dir_mount: "/home/docker/postgres-data/"
+default_user: "postgres"
+default_password: "password"
+port: "5432"
+container_name: "postgres"
\ No newline at end of file
diff --git a/roles/services/postgres/tasks/main.yml b/roles/services/postgres/tasks/main.yml
new file mode 100644
index 0000000..bd7d809
--- /dev/null
+++ b/roles/services/postgres/tasks/main.yml
@@ -0,0 +1,20 @@
+- name: Create data folder
+  ansible.builtin.file:
+    dest: "{{data_dir_mount}}"
+    state: directory
+    mode: '0777'
+
+- name: Put up the postgres container
+  community.docker.docker_container:
+    name: "{{postgres_container_name}}"
+    image: postgres:17.4
+    restart: always
+    state: started
+    pull: true
+    ports:
+      - "{{ port }}:5432"
+    env:
+      POSTGRES_USER: "{{ default_user }}" 
+      POSTGRES_PASSWORD: "{{ default_password }}"
+    volumes:
+      - "{{ data_dir_mount }}:/var/lib/postgresql/data/"
\ No newline at end of file