add support for docker-compose contents

ansible/inventory/runa.yml

@@ -2,9 +2,8 @@ runa:
   vars:
     ansible_user: nschottelius
     ansible_become: true
-    docker_compose: false
+    docker_compose: []
     docker_compose_version: "1.29.1"
-    runs_synapse: false
     ssh_keys:
       - "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIE9P5aA5O4Vsgg5sB6Ojk+z1f5F97hvwRRd3gi+a+GGq nico-2016"
       - "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCjWYALKYHTs6mX7GrrpxR0TPhxwVplmmcTPAA7zjhVCZajcUwLduy3Yct4YXBwRiEydGyhExoVVB8i7UhyvMQsTheRk751uJZyKWIkqbQJoJx1LPmZ00EJNaiIEiJih762D9KWZ1GoLBfB4QAEmoWDzVm3CFJ9tBVEsQ7i9BH+Cbe2GsnqflfWjb09bZhaOSTrmWNcBxgpXirZyi8EI0SrVtmnwVzdH8HXOalvFqW57aY1q/RjE1DIh7Pp+RiGscZz6CJ5oJtSEKbjZ2aUe4gomlQwYmGNVk22RdjvB7+0KDXMwdp702Z5ETv2xYk9v5YrA/lsWk/9JX8vGYb5Y5N+GGG9woZ5M1JIRjXduxNf68VMSQbxZTeonoWkh6Q8CNgDsHyyAyNuPAss7SCCGk5G8s0q/4IDGfV0A1QKFhHOId1qEqGQtLKaRbo6ZTi9wXSieA5D3kMNh+WWufutxI/t56USzNSaeYjqpYwiICBZ8jzWBJrDamiFne4KkW3PTao7Czv6yIeXHHfGYDtdvXppMSjamw+rbA/btTes5X+pYlFxniO5sZJUa+jnJOo3SYBGoRYftqxw7Usqm/i/koHP1RM8L3Iq+/xXNr5+AyFzRBCUUuDfRw1MY1n9OJXvYykNGth4ablfVFcP1R8Qq7jVGksK1dzckzD9SmCdubzwtw== nico-2014"
@@ -13,16 +12,18 @@ runa:
     lat:
       hosts:
         mtx-elem-1.lat.internal.ru.com:
-          docker_compose: true
+          docker_compose:
+            - elementweb
           # 10.165.66.57
         mtx-elem-2.lat.internal.ru.com:
-          docker_compose: true
+          docker_compose:
+            - elementweb
           # 10.165.66.58
         mtx-syna-1.lat.internal.ru.com:
-          docker_compose: true
+          docker_compose:
-          runs_synapse: true
+            - synapse
           # 10.165.66.59
         mtx-syna-2.lat.internal.ru.com:
-          docker_compose: true
+          docker_compose:
-          runs_synapse: true
+            - synapse
           # 10.165.66.60

ansible/roles/base/tasks/main.yml

@@ -34,4 +34,13 @@
     path: /mnt
     state: mounted
     fstype: nfs
-  when: runs_synapse
+  when: '"synapse" in docker_compose'
+- name: Create docker-compose project directories
+  ansible.builtin.file:
+    path: /mnt/synapse_data
+    state: directory
+    mode: '0700'
+    owner: "{{ ansible_user }}"
+  tags:
+    - directory
+  when: '"synapse" in docker_compose'

ansible/roles/docker-compose/files/elementweb/docker-compose.yaml

@@ -0,0 +1,44 @@
+version: '3'
+services:
+  synapse:
+    image: matrixdotorg/synapse:latest
+    restart: unless-stopped
+    environment:
+      - SYNAPSE_CONFIG_PATH=/data/homeserver.yaml
+      - SERVERNAME=${homeServerFQDN}
+      - PUBLICBASEURL=${synapseFQDN}
+      - ELEMENTWEB=${elementWebFQDN}
+    ports:
+      - "8008:8008/tcp"
+    volumes:
+      - ./synapse:/data
+    entrypoint: sh -c "/data/homeserver.yaml.sh && chmod -R 777 /data  && /start.py"
+    depends_on:
+      - postgres
+
+  element:
+    image: vectorim/element-web:latest
+    restart: unless-stopped
+    environment:
+      - SERVERNAME=${homeServerFQDN}
+      - PUBLICBASEURL=${synapseFQDN}
+      - ELEMENTWEB=${elementWebFQDN}
+    volumes:
+      - ./element/config.json.sh:/app/config.json.sh
+    command: sh -c "/app/config.json.sh && nginx -g 'daemon off;'"
+    #entrypoint: /app/config.json.sh
+    ports:
+      - "80:80/tcp"
+
+  postgres:
+    image: postgres:14
+    restart: unless-stopped
+    ports:
+      - "5432:5432/tcp"
+    volumes:
+     - ./postgresdata:/var/lib/postgresql/data
+    environment:
+     - POSTGRES_DB=synapse
+     - POSTGRES_USER=synapse
+     - POSTGRES_PASSWORD=NEEDTOSETPASSWORD
+     - POSTGRES_INITDB_ARGS=--encoding=UTF-8 --lc-collate=C --lc-ctype=C

ansible/roles/docker-compose/files/synapse/.env

@@ -0,0 +1,4 @@
+SYNAPSE_VERSION=v1.92.3
+
+HOME_SERVER_FQDN=corp-serv.net
+SYNAPSE_FQDN=synapse.corp-apps.com

ansible/roles/docker-compose/files/synapse/docker-compose.yaml

@@ -0,0 +1,14 @@
+version: '3'
+services:
+  synapse:
+    image: matrixdotorg/synapse:${SYNAPSE_VERSION}
+    environment:
+      - SYNAPSE_CONFIG_PATH=/data/homeserver.yaml
+      - SERVERNAME=${HOME_SERVER_FQDN}
+      - PUBLICBASEURL=${SYNAPSE_FQDN}
+    ports:
+      - "8008:8008/tcp"
+    volumes:
+      - /mnt/synapse_data:/data
+    entrypoint: sh -c "/data/homeserver.yaml.sh && chmod -R 777 /data  && /start.py"
+    restart: always

ansible/roles/docker-compose/tasks/main.yml

@@ -32,12 +32,6 @@
       - containerd.io
     state: latest
 
-# - name: Convert old images to new runtime
-#   shell:
-#     cmd: " grep -rl 'docker-runc' /var/lib/docker/containers/ | xargs sed -i 's/docker-runc/runc/g' "
-#   changed_when: false
-#   failed_when: false
-
 - name: Start Docker service
   service:
     name: docker
@@ -77,3 +71,34 @@
   when: >
     docker_compose_current_version is not defined
     or docker_compose_current_version is version(docker_compose_latest, '<')
+- name: Add our user to docker group
+  ansible.builtin.user:
+    name: "{{ ansible_user }}"
+    groups: docker
+    append: yes
+  tags:
+    - usergroup
+- name: Create docker-compose base directory
+  ansible.builtin.file:
+    path: /home/{{ ansible_user }}/docker_compose
+    state: directory
+    mode: '0755'
+  tags:
+    - dir
+- name: Create docker-compose project directories
+  ansible.builtin.file:
+    path: /home/{{ ansible_user }}/docker_compose/{{ item }}
+    state: directory
+    mode: '0755'
+  loop: "{{ docker_compose }}"
+  tags:
+    - dir
+- name: Copy docker-compose contents
+  ansible.builtin.copy:
+    src: files/{{ item }}/
+    dest: /home/{{ ansible_user }}/docker_compose/{{ item }}
+    owner: "{{ ansible_user }}"
+    mode: '0600'
+  loop: "{{ docker_compose }}"
+  tags:
+    - files