diff --git a/ansible/inventory/runa.yml b/ansible/inventory/runa.yml index 277046a..d49c897 100644 --- a/ansible/inventory/runa.yml +++ b/ansible/inventory/runa.yml @@ -2,9 +2,8 @@ runa: vars: ansible_user: nschottelius ansible_become: true - docker_compose: false + docker_compose: [] docker_compose_version: "1.29.1" - runs_synapse: false ssh_keys: - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE9P5aA5O4Vsgg5sB6Ojk+z1f5F97hvwRRd3gi+a+GGq nico-2016" - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCjWYALKYHTs6mX7GrrpxR0TPhxwVplmmcTPAA7zjhVCZajcUwLduy3Yct4YXBwRiEydGyhExoVVB8i7UhyvMQsTheRk751uJZyKWIkqbQJoJx1LPmZ00EJNaiIEiJih762D9KWZ1GoLBfB4QAEmoWDzVm3CFJ9tBVEsQ7i9BH+Cbe2GsnqflfWjb09bZhaOSTrmWNcBxgpXirZyi8EI0SrVtmnwVzdH8HXOalvFqW57aY1q/RjE1DIh7Pp+RiGscZz6CJ5oJtSEKbjZ2aUe4gomlQwYmGNVk22RdjvB7+0KDXMwdp702Z5ETv2xYk9v5YrA/lsWk/9JX8vGYb5Y5N+GGG9woZ5M1JIRjXduxNf68VMSQbxZTeonoWkh6Q8CNgDsHyyAyNuPAss7SCCGk5G8s0q/4IDGfV0A1QKFhHOId1qEqGQtLKaRbo6ZTi9wXSieA5D3kMNh+WWufutxI/t56USzNSaeYjqpYwiICBZ8jzWBJrDamiFne4KkW3PTao7Czv6yIeXHHfGYDtdvXppMSjamw+rbA/btTes5X+pYlFxniO5sZJUa+jnJOo3SYBGoRYftqxw7Usqm/i/koHP1RM8L3Iq+/xXNr5+AyFzRBCUUuDfRw1MY1n9OJXvYykNGth4ablfVFcP1R8Qq7jVGksK1dzckzD9SmCdubzwtw== nico-2014" @@ -13,16 +12,18 @@ runa: lat: hosts: mtx-elem-1.lat.internal.ru.com: - docker_compose: true + docker_compose: + - elementweb # 10.165.66.57 mtx-elem-2.lat.internal.ru.com: - docker_compose: true + docker_compose: + - elementweb # 10.165.66.58 mtx-syna-1.lat.internal.ru.com: - docker_compose: true - runs_synapse: true + docker_compose: + - synapse # 10.165.66.59 mtx-syna-2.lat.internal.ru.com: - docker_compose: true - runs_synapse: true + docker_compose: + - synapse # 10.165.66.60 diff --git a/ansible/roles/base/tasks/main.yml b/ansible/roles/base/tasks/main.yml index 8cb218e..97e51b4 100644 --- a/ansible/roles/base/tasks/main.yml +++ b/ansible/roles/base/tasks/main.yml @@ -34,4 +34,13 @@ path: /mnt state: mounted fstype: nfs - when: runs_synapse + when: '"synapse" in docker_compose' +- name: Create docker-compose project directories + ansible.builtin.file: + path: /mnt/synapse_data + state: directory + mode: '0700' + owner: "{{ ansible_user }}" + tags: + - directory + when: '"synapse" in docker_compose' diff --git a/ansible/roles/docker-compose/files/elementweb/docker-compose.yaml b/ansible/roles/docker-compose/files/elementweb/docker-compose.yaml new file mode 100644 index 0000000..ef4329f --- /dev/null +++ b/ansible/roles/docker-compose/files/elementweb/docker-compose.yaml @@ -0,0 +1,44 @@ +version: '3' +services: + synapse: + image: matrixdotorg/synapse:latest + restart: unless-stopped + environment: + - SYNAPSE_CONFIG_PATH=/data/homeserver.yaml + - SERVERNAME=${homeServerFQDN} + - PUBLICBASEURL=${synapseFQDN} + - ELEMENTWEB=${elementWebFQDN} + ports: + - "8008:8008/tcp" + volumes: + - ./synapse:/data + entrypoint: sh -c "/data/homeserver.yaml.sh && chmod -R 777 /data && /start.py" + depends_on: + - postgres + + element: + image: vectorim/element-web:latest + restart: unless-stopped + environment: + - SERVERNAME=${homeServerFQDN} + - PUBLICBASEURL=${synapseFQDN} + - ELEMENTWEB=${elementWebFQDN} + volumes: + - ./element/config.json.sh:/app/config.json.sh + command: sh -c "/app/config.json.sh && nginx -g 'daemon off;'" + #entrypoint: /app/config.json.sh + ports: + - "80:80/tcp" + + postgres: + image: postgres:14 + restart: unless-stopped + ports: + - "5432:5432/tcp" + volumes: + - ./postgresdata:/var/lib/postgresql/data + environment: + - POSTGRES_DB=synapse + - POSTGRES_USER=synapse + - POSTGRES_PASSWORD=NEEDTOSETPASSWORD + - POSTGRES_INITDB_ARGS=--encoding=UTF-8 --lc-collate=C --lc-ctype=C diff --git a/ansible/roles/docker-compose/files/synapse/.env b/ansible/roles/docker-compose/files/synapse/.env new file mode 100644 index 0000000..3b4567e --- /dev/null +++ b/ansible/roles/docker-compose/files/synapse/.env @@ -0,0 +1,4 @@ +SYNAPSE_VERSION=v1.92.3 + +HOME_SERVER_FQDN=corp-serv.net +SYNAPSE_FQDN=synapse.corp-apps.com diff --git a/ansible/roles/docker-compose/files/synapse/docker-compose.yaml b/ansible/roles/docker-compose/files/synapse/docker-compose.yaml new file mode 100644 index 0000000..b936f85 --- /dev/null +++ b/ansible/roles/docker-compose/files/synapse/docker-compose.yaml @@ -0,0 +1,14 @@ +version: '3' +services: + synapse: + image: matrixdotorg/synapse:${SYNAPSE_VERSION} + environment: + - SYNAPSE_CONFIG_PATH=/data/homeserver.yaml + - SERVERNAME=${HOME_SERVER_FQDN} + - PUBLICBASEURL=${SYNAPSE_FQDN} + ports: + - "8008:8008/tcp" + volumes: + - /mnt/synapse_data:/data + entrypoint: sh -c "/data/homeserver.yaml.sh && chmod -R 777 /data && /start.py" + restart: always diff --git a/ansible/roles/docker-compose/tasks/main.yml b/ansible/roles/docker-compose/tasks/main.yml index 2a89033..7b4bac1 100644 --- a/ansible/roles/docker-compose/tasks/main.yml +++ b/ansible/roles/docker-compose/tasks/main.yml @@ -32,12 +32,6 @@ - containerd.io state: latest -# - name: Convert old images to new runtime -# shell: -# cmd: " grep -rl 'docker-runc' /var/lib/docker/containers/ | xargs sed -i 's/docker-runc/runc/g' " -# changed_when: false -# failed_when: false - - name: Start Docker service service: name: docker @@ -77,3 +71,34 @@ when: > docker_compose_current_version is not defined or docker_compose_current_version is version(docker_compose_latest, '<') +- name: Add our user to docker group + ansible.builtin.user: + name: "{{ ansible_user }}" + groups: docker + append: yes + tags: + - usergroup +- name: Create docker-compose base directory + ansible.builtin.file: + path: /home/{{ ansible_user }}/docker_compose + state: directory + mode: '0755' + tags: + - dir +- name: Create docker-compose project directories + ansible.builtin.file: + path: /home/{{ ansible_user }}/docker_compose/{{ item }} + state: directory + mode: '0755' + loop: "{{ docker_compose }}" + tags: + - dir +- name: Copy docker-compose contents + ansible.builtin.copy: + src: files/{{ item }}/ + dest: /home/{{ ansible_user }}/docker_compose/{{ item }} + owner: "{{ ansible_user }}" + mode: '0600' + loop: "{{ docker_compose }}" + tags: + - files