javif89/ansible-starter-kit
2
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add extra roles

Browse Source
This commit is contained in:
Javier Feliz 2025-07-06 21:18:56 -04:00
parent 336b830bba
commit 075a1fdcd9
17 changed files with 200 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
group_vars/all.yml
View File

@ -8,3 +8,11 @@ pg_host: 10.89.0.102
pg_port: 5432 pg_port: 5432
pg_user: postgres pg_user: postgres
pg_password: password pg_password: password
# Local paths
docker_stacks: "{{ project_root }}/docker"
assets: "{{ project_root }}/assets"
# Remote paths
remote_stacks: "/home/javi/docker"
remote_app_mounts: "/home/docker"

0
roles/app/database/defaults/main.yml Executable file
View File

20
roles/app/database/tasks/main.yml Executable file
View File

@ -0,0 +1,20 @@
---
- name: Create app database
ansible.builtin.include_role:
name: postgres/database
vars:
database: "{{ app_name }}"
- name: Create app db user
ansible.builtin.include_role:
name: postgres/user
vars:
user: "{{ app_name }}"
password: "password"
- name: Give app user full priviledges on DB
ansible.builtin.include_role:
name: postgres/priviledges
vars:
database: "{{ app_name }}"
user: "{{ app_name }}"

0
roles/docker/install/defaults/main.yml Executable file
View File

45
roles/docker/install/tasks/main.yml Executable file
View File

@ -0,0 +1,45 @@
---
- name: Update apt cache
ansible.builtin.apt:
update_cache: yes
- name: Install prerequisite packages
ansible.builtin.apt:
name:
- ca-certificates
- curl
state: present
- name: Create apt keyrings directory
ansible.builtin.file:
path: /etc/apt/keyrings
state: directory
mode: '0755'
- name: Download Docker GPG key
ansible.builtin.get_url:
url: "https://download.docker.com/linux/ubuntu/gpg"
dest: /etc/apt/keyrings/docker.asc
mode: '0644'
- name: Add Docker apt repository
ansible.builtin.apt_repository:
repo: "deb [arch={{ docker_arch }} signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/ubuntu {{ ansible_distribution_release }} stable"
filename: docker
state: present
vars:
docker_arch: "{{ ansible_architecture | regex_replace('x86_64', 'amd64') }}"
- name: Update apt cache after adding Docker repository
ansible.builtin.apt:
update_cache: true
- name: Install Docker packages
ansible.builtin.apt:
name:
- docker-ce
- docker-ce-cli
- containerd.io
- docker-buildx-plugin
- docker-compose-plugin
state: present

0
roles/docker/portainer/defaults/main.yml Executable file
View File

22
roles/docker/portainer/tasks/main.yml Executable file
View File

@ -0,0 +1,22 @@
- name: Pull Portainer Agent image
become: true
community.docker.docker_image:
name: portainer/agent
tag: latest
source: pull
- name: Deploy Portainer Agent container
become: true
community.docker.docker_container:
name: portainer_agent
image: portainer/agent
pull: false # we already pulled above
state: started
restart_policy: always
ports:
- "9001:9001"
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- /var/lib/docker/volumes:/var/lib/docker/volumes
- /:/host
timeout: 120 # wait up to 2m for it to come up

2
roles/docker/stack/defaults/main.yml Executable file
View File

@ -0,0 +1,2 @@
apps: []
stack_name: "willneverexist"

27
roles/docker/stack/tasks/main.yml Executable file
View File

@ -0,0 +1,27 @@
---
- name: Create app mount directories
ansible.builtin.file:
path: "{{ remote_app_mounts }}/{{ item }}"
state: directory
mode: '0777'
loop: "{{ apps }}"
- name: Create stack directory
ansible.builtin.file:
path: "{{ remote_stacks }}/{{ stack_name }}"
state: directory
mode: '0777'
- name: Copy docker-compose.yml to server
ansible.builtin.copy:
src: '{{ docker_stacks }}/{{ stack_name }}/docker-compose.yml'
dest: '{{ remote_stacks }}/{{ stack_name }}/docker-compose.yml'
owner: javi
group: javi
mode: '0777'
- name: Start up the containers
ansible.builtin.command: docker compose up -d
become: true
args:
chdir: "{{ remote_stacks }}/{{ stack_name }}"

0
roles/postgres/database/defaults/main.yml Executable file
View File

10
roles/postgres/database/tasks/main.yml Executable file
View File

@ -0,0 +1,10 @@
---
- name: Create database
delegate_to: localhost
community.postgresql.postgresql_db:
name: "{{ database }}"
state: present
login_host: "{{ pg_host }}"
login_port: "{{ pg_port }}"
login_user: "{{ pg_user }}"
login_password: "{{ pg_password }}"

1
roles/postgres/priviledges/defaults/main.yml Executable file
View File

@ -0,0 +1 @@
priviledges: ALL

28
roles/postgres/priviledges/tasks/main.yml Executable file
View File

@ -0,0 +1,28 @@
---
- name: Grant database-level privileges on "{{ database }}"
delegate_to: localhost
community.postgresql.postgresql_privs:
db: "{{ database }}"
type: database
objs: "{{ database }}"
privs: "CREATE"
role: "{{ user }}"
state: present
login_host: "{{ pg_host }}"
login_port: "{{ pg_port }}"
login_user: "{{ pg_user }}"
login_password: "{{ pg_password }}"
- name: Give user full priviledges on database
delegate_to: localhost
community.postgresql.postgresql_privs:
db: "{{ database }}"
type: schema
objs: public
privs: "{{ priviledges }}"
role: "{{ user }}"
state: present
login_host: "{{ pg_host }}"
login_port: "{{ pg_port }}"
login_user: "{{ pg_user }}"
login_password: "{{ pg_password }}"

1
roles/postgres/user/defaults/main.yml Executable file
View File

@ -0,0 +1 @@
password: "password"

11
roles/postgres/user/tasks/main.yml Executable file
View File

@ -0,0 +1,11 @@
---
- name: Create postgres user
delegate_to: localhost
community.postgresql.postgresql_user:
name: "{{ user }}"
password: "{{ password }}"
state: present
login_host: "{{ pg_host }}"
login_port: "{{ pg_port }}"
login_user: "{{ pg_user }}"
login_password: "{{ pg_password }}"

5
roles/services/postgres/defaults/main.yml Normal file
View File

@ -0,0 +1,5 @@
data_dir_mount: "/home/docker/postgres-data/"
default_user: "postgres"
default_password: "password"
port: "5432"
container_name: "postgres"

20
roles/services/postgres/tasks/main.yml Normal file
View File

@ -0,0 +1,20 @@
- name: Create data folder
ansible.builtin.file:
dest: "{{data_dir_mount}}"
state: directory
mode: '0777'
- name: Put up the postgres container
community.docker.docker_container:
name: "{{postgres_container_name}}"
image: postgres:17.4
restart: always
state: started
pull: true
ports:
- "{{ port }}:5432"
env:
POSTGRES_USER: "{{ default_user }}"
POSTGRES_PASSWORD: "{{ default_password }}"
volumes:
- "{{ data_dir_mount }}:/var/lib/postgresql/data/"