group updates to public branch

lj020326 · May 3, 2024 · bd56c26 · bd56c26
1 parent b8c3aae
commit bd56c26
Show file tree

Hide file tree

Showing 17 changed files with 80 additions and 42 deletions.
diff --git a/roles/bootstrap-docker/defaults/main.yml b/roles/bootstrap-docker/defaults/main.yml
@@ -232,9 +232,6 @@ bootstrap_docker__pip_docker_state: "present"
 bootstrap_docker__pip_docker_compose_state: "present"
 #bootstrap_docker__pip_docker_compose_state: "forcereinstall"
 
-bootstrap_docker__packages:
-  - docker-buildx-plugin
-
 bootstrap_docker__default_pip_packages:
   - name: "requests"
     state: "{{ bootstrap_docker__pip_docker_state }}"
@@ -243,12 +240,12 @@ bootstrap_docker__default_pip_packages:
   - name: "docker"
     state: "{{ bootstrap_docker__pip_docker_state }}"
     virtual_env_state: "{{ bootstrap_docker__pip_docker_state }}"
-  - name: "docker-compose"
-    version: "{{ bootstrap_docker__compose_version | d() }}"
-    path: "/usr/local/bin/docker-compose"
-    src: "{{ bootstrap_docker__pip_virtualenv + '/bin/docker-compose' }}"
-    state: "{{ bootstrap_docker__pip_docker_compose_state }}"
-    virtual_env_state: "{{ bootstrap_docker__pip_docker_compose_state }}"
+#  - name: "docker-compose"
+#    version: "{{ bootstrap_docker__compose_version | d() }}"
+#    path: "/usr/local/bin/docker-compose"
+#    src: "{{ bootstrap_docker__pip_virtualenv + '/bin/docker-compose' }}"
+#    state: "{{ bootstrap_docker__pip_docker_compose_state }}"
+#    virtual_env_state: "{{ bootstrap_docker__pip_docker_compose_state }}"
 #bootstrap_docker__pip_packages: []
 
 __bootstrap_docker__pip_packages: "{{ bootstrap_docker__pip_packages | d(bootstrap_docker__default_pip_packages) }}"

diff --git a/roles/bootstrap-docker/tasks/ce/apt.yml b/roles/bootstrap-docker/tasks/ce/apt.yml
@@ -113,8 +113,13 @@
 #        - "{{ role_path }}/tasks/ce/os"
 
 - name: "{{ __log_prefix_apt }} Install docker-ce"
-  ansible.builtin.apt:
-    name: docker-ce
+  ansible.builtin.package:
+    name:
+      - docker-ce
+      - docker-ce-cli
+      - containerd.io
+      - docker-buildx-plugin
+      - docker-compose-plugin
     state: present
   notify: Docker | Restart Docker
   register: task_result

diff --git a/roles/bootstrap-docker/tasks/ce/yum.yml b/roles/bootstrap-docker/tasks/ce/yum.yml
@@ -88,7 +88,13 @@
 
 - name: "{{ __log_prefix_yum }} Install docker-ce"
   ansible.builtin.package:
-    name: docker-ce
+    name:
+      - docker-ce
+      - docker-ce-cli
+      - containerd.io
+      - docker-buildx-plugin
+      - docker-compose-plugin
+#    name: docker-ce
     state: present
   notify: Docker | Restart Docker
   register: task_result

diff --git a/roles/bootstrap-docker/tasks/install.yml b/roles/bootstrap-docker/tasks/install.yml
@@ -40,8 +40,9 @@
   when: bootstrap_docker__repo == "other"
 
 - name: "Docker | Install additional packages"
+  when: bootstrap_docker__additional_packages|d([])|length>0
   ansible.builtin.package:
-    name: "{{ bootstrap_docker__packages }}"
+    name: "{{ bootstrap_docker__additional_packages }}"
     state: present
 
 - name: "Docker | Ensure service starts at boot"

diff --git a/roles/bootstrap-docker/vars/debian.yml b/roles/bootstrap-docker/vars/debian.yml
@@ -1,5 +1,13 @@
 ---
 # Debian vars file for bootstrap_docker
+## ref: https://docs.docker.com/compose/install/linux/
+#bootstrap_docker__additional_packages:
+#  - docker-ce
+#  - docker-ce-cli
+#  - containerd.io
+#  - docker-buildx-plugin
+#  - docker-compose-plugin
+
 bootstrap_docker__btrfs_package: btrfs-tools
 
 bootstrap_docker__ce_repo_url: https://download.docker.com/linux/debian

diff --git a/roles/bootstrap-docker/vars/ubuntu.yml b/roles/bootstrap-docker/vars/ubuntu.yml
@@ -1,5 +1,10 @@
 ---
+
 # Ubuntu vars file for bootstrap_docker
+#bootstrap_docker__additional_packages:
+#  - docker-buildx-plugin
+#  - docker-compose-plugin
+
 bootstrap_docker__btrfs_package: btrfs-tools
 
 bootstrap_docker__ce_repo_url: https://download.docker.com/linux/ubuntu

diff --git a/roles/bootstrap-pip/tasks/install-pip-libs.yml b/roles/bootstrap-pip/tasks/install-pip-libs.yml
@@ -33,7 +33,8 @@
       msg:
         - "__virtual_env_python={{ __virtual_env_python }}"
         - "ansible_python_interpreter={{ ansible_python_interpreter }}"
-        - "discovered_interpreter_python={{ discovered_interpreter_python }}"
+        - "ansible_playbook_python={{ ansible_playbook_python | d('') }}"
+        - "discovered_interpreter_python={{ discovered_interpreter_python | d('') }}"
 
   - name: "{{ __bootstrap_pip__log_prefix_pipenv }} Remove existing virtualenv if rebuilding venv"
     when:

diff --git a/roles/bootstrap-systemd-service/templates/service.j2 b/roles/bootstrap-systemd-service/templates/service.j2
@@ -115,6 +115,7 @@ ExecReload={{ bootstrap_systemd_service__Service_ExecReload }}
 ExecReload={{ _item }}
 {% endfor %}
 {% endif -%}
+{% endif -%}
 
 {% if bootstrap_systemd_service__Service_ExecStop is defined %}
 ExecStop={{ bootstrap_systemd_service__Service_ExecStop }}
@@ -151,6 +152,7 @@ ExecStopPost={{ bootstrap_systemd_service__Service_ExecStopPost }}
 ExecStartPost={{ _item }}
 {% endfor %}
 {% endif -%}
+{% endif -%}
 
 {% if bootstrap_systemd_service__Service_PIDFile is defined %}
 PIDFile={{ bootstrap_systemd_service__Service_PIDFile }}
@@ -181,6 +183,7 @@ WantedBy={{ bootstrap_systemd_service__Install_WantedBy }}
 Before={{ _wantedby_item }}
 {% endfor %}
 {% endif -%}
+{% endif -%}
 
 {% if bootstrap_systemd_service__Install_RequiredBy is defined %}
 {% if bootstrap_systemd_service__Install_RequiredBy is string -%}
@@ -190,6 +193,7 @@ RequiredBy={{ bootstrap_systemd_service__Install_RequiredBy }}
 Before={{ _requiredby_item }}
 {% endfor %}
 {% endif -%}
+{% endif -%}
 
 {% if bootstrap_systemd_service__Install_UpheldBy is defined %}
 {% if bootstrap_systemd_service__Install_UpheldBy is string -%}
@@ -199,6 +203,7 @@ UpheldBy={{ bootstrap_systemd_service__Install_UpheldBy }}
 Before={{ _upheldby_item }}
 {% endfor %}
 {% endif -%}
+{% endif -%}
 
 {% if bootstrap_systemd_service__Install_Also is defined %}
 Also={{ bootstrap_systemd_service__Install_Also }}

diff --git a/...-stack/tasks/apps/nextcloud/pre-start.yml → ...k/tasks/apps/nextcloud-save/pre-start.yml b/...-stack/tasks/apps/nextcloud/pre-start.yml → ...k/tasks/apps/nextcloud-save/pre-start.yml
@@ -1,5 +1,10 @@
 ---
 
+- name: "Docker Stack | nextcloud | pre-start | check if config.php exists"
+  stat:
+    path: "{{ __docker_stack__nextcloud__config_dir }}/config.php"
+  register: __config_php
+
 ## ref: https://github.com/ReinerNippes/nextcloud_on_docker/blob/master/roles/nextcloud_config/tasks/main.yml
 - name: "Docker Stack | nextcloud | pre-start | first setup nextcloud"
   ansible.builtin.shell: >
@@ -12,7 +17,7 @@
     --admin-user {{ __docker_stack__nextcloud__admin }} 
     --admin-pass {{ __docker_stack__nextcloud__passwd }} 
     --data-dir {{ __docker_stack__nextcloud__data_dir }}
-  when: ( not config_php.stat.exists )
+  when: ( not __config_php.stat.exists )
   register: __nextcloud_first_setup_nextcloud
 
 - name: "Docker Stack | nextcloud | pre-start | configure nextcloud"

diff --git a/roles/docker-stack/tasks/restart-docker-daemon.yml b/roles/docker-stack/tasks/restart-docker-daemon.yml
@@ -3,7 +3,7 @@
 - name: "{{ __docker_stack__log_prefix__restart_daemon }} Shut down services defined in docker-compose.yml"
   ignore_errors: yes
   when: not docker_stack__swarm_mode|d(False)|bool
-  community.docker.docker_compose:
+  community.docker.docker_compose_v2:
     project_src: "{{ docker_stack__dir }}"
     remove_orphans: "{{ docker_stack__remove_orphans }}"
     state: absent

diff --git a/roles/docker-stack/tasks/run-compose-action.yml b/roles/docker-stack/tasks/run-compose-action.yml
@@ -55,9 +55,10 @@
   block:
     ## run docker compose
     ## ref: https://stackoverflow.com/questions/44962282/how-to-write-an-ansible-playbook-with-docker-compose
+    ## ref: https://askubuntu.com/questions/1508129/docker-compose-giving-containerconfig-errors-after-update-today
     - name: "{{ __docker_stack__log_prefix__run_compose }} Run docker-compose in {{ docker_stack__dir }}"
       when: not docker_stack__swarm_mode|d(False)|bool
-      community.docker.docker_compose:
+      community.docker.docker_compose_v2:
         project_src: "{{ docker_stack__dir }}"
         remove_orphans: "{{ docker_stack__remove_orphans }}"
         state: "{{ __docker_stack__compose_state }}"
@@ -119,7 +120,7 @@
       ## run docker compose
       ## ref: https://stackoverflow.com/questions/44962282/how-to-write-an-ansible-playbook-with-docker-compose
       - name: "{{ __docker_stack__log_prefix__run_compose }} Retry to Run the services defined in docker-compose.yml"
-        community.docker.docker_compose:
+        community.docker.docker_compose_v2:
           project_src: "{{ docker_stack__dir }}"
           remove_orphans: "{{ docker_stack__remove_orphans }}"
           state: "{{ __docker_stack__compose_state }}"

diff --git a/roles/docker-stack/templates/docker-compose.yml.j2 b/roles/docker-stack/templates/docker-compose.yml.j2
@@ -1,6 +1,10 @@
 {{ ansible_managed | comment }}
 
-version: "3.7"
+##########
+## ref: https://github.com/docker/compose/issues/11628
+## version is only informative since a long time ago now. You can use loose options and you don't need it, check the spec:
+## https://github.com/compose-spec/compose-spec/blob/master/spec.md#version-and-name-top-level-elements
+#version: "3.7"
 
 {% if __docker_stack__networks %}
 networks:

diff --git a/roles/docker-stack/templates/jenkins/jenkins.env.j2 b/roles/docker-stack/templates/jenkins/jenkins.env.j2
@@ -67,7 +67,7 @@ BITBUCKET_SSH_USERNAME={{ __docker_stack__jenkins__cred_bitbucket_ssh_username }
 BITBUCKET_SSH_PRIVATE_KEY="{{ __docker_stack__jenkins__cred_bitbucket_ssh_private_key }}"
 
 BITBUCKET_CLOUD_OAUTH_USERNAME={{ __docker_stack__jenkins__cred_bitbucket_cloud_oauth_key }}
-BITBUCKET_CLOUD_OAUTH_PASSWORD="{{ __docker_stack__jenkins__cred_bitbucket_cloud_oauth_key }}"
+BITBUCKET_CLOUD_OAUTH_PASSWORD={{ __docker_stack__jenkins__cred_bitbucket_cloud_oauth_token }}
 
 GITHUB_USERNAME={{ __docker_stack__jenkins__cred_github_username }}
 GITHUB_PASSWORD={{ __docker_stack__jenkins__cred_github_password }}
diff --git a/roles/docker-stack/vars/app-services/common/docker_stack_media.yml b/roles/docker-stack/vars/app-services/common/docker_stack_media.yml
@@ -1,7 +1,9 @@
 ---
 
 __docker_stack__media__plex_host: "{{ docker_stack__plex_host | d('media.example.int:32400') }}"
-__docker_stack__media__plex_host_url: "{{ docker_stack__plex_host_url | d('http://' + __docker_stack__media__plex_host + '/') }}"
+__docker_stack__media__plex_host_url_default: "http://{{ __docker_stack__media__plex_host }}/"
+__docker_stack__media__plex_host_url: "{{ docker_stack__plex_host_url 
+  | d(__docker_stack__media__plex_host_url_default) }}"
 __docker_stack__media__plex_host_ip: "{{ docker_stack__plex_host_ip | d('192.168.1.105') }}"
 __docker_stack__media__plex_host_port: "{{ docker_stack__plex_host_port | d('32400') }}"
 __docker_stack__media__plex_apikey: "{{ docker_stack__plex_apikey | d('apikey') }}"
@@ -14,20 +16,20 @@ __docker_stack__media__openvpn_image: "{{ docker_stack__media__openvpn_image | d
 __docker_stack__media__openvpn_network: "{{ docker_stack__openvpn_network | d('192.168.0.0/16') }}"
 
 __docker_stack__media__transmission_image: "{{ docker_stack__media__transmission_image | d('dperson/transmission:latest') }}"
-__docker_stack__media__qbittorrent_image: "{{ docker_stack__qbittorrent_image | d('ghcr.io/lscr.io/linuxserver/qbittorrent:latest') }}"
+__docker_stack__media__qbittorrent_image: "{{ docker_stack__qbittorrent_image | d('ghcr.io/linuxserver/qbittorrent:latest') }}"
 
 __docker_stack__media__sonarr_image: "{{ docker_stack__media__sonarr_image | d('lscr.io/linuxserver/sonarr:latest') }}"
 __docker_stack__media__radarr_image: "{{ docker_stack__media__radarr_image | d('lscr.io/linuxserver/radarr:latest') }}"
 __docker_stack__media__lidarr_image: "{{ docker_stack__media__lidarr_image | d('lscr.io/linuxserver/lidarr:latest') }}"
 __docker_stack__media__bazarr_image: "{{ docker_stack__media__bazarr_image | d('lscr.io/linuxserver/bazarr:latest') }}"
-#__docker_stack__media__readarr_image: "ghcr.io/lscr.io/linuxserver/readarr:nightly"
+#__docker_stack__media__readarr_image: "ghcr.io/linuxserver/readarr:nightly"
 #__docker_stack__media__readarr_image: "{{ docker_stack__media__readarr_image | d('lscr.io/linuxserver/readarr:latest') }}"
 __docker_stack__media__readarr_image: "{{ docker_stack__media__readarr_image | d('lscr.io/linuxserver/readarr:nightly') }}"
 #__docker_stack__media__lazylibrarian_image: "lscr.io/linuxserver/lazylibrarian:latest"
 __docker_stack__media__lazylibrarian_image: "{{ docker_stack__media__readarr_image | d('lscr.io/linuxserver/lazylibrarian:latest') }}"
 
 #__docker_stack__media__prowlarr_image: "lscr.io/linuxserver/prowlarr:latest"
-#__docker_stack__media__prowlarr_image: "ghcr.io/lscr.io/linuxserver/prowlarr:develop"
+#__docker_stack__media__prowlarr_image: "ghcr.io/linuxserver/prowlarr:develop"
 __docker_stack__media__prowlarr_image: "{{ docker_stack__media__prowlarr_image | d('lscr.io/linuxserver/prowlarr:latest') }}"
 
 ########## MEDIA NODE CONFIGS ############
@@ -151,8 +153,7 @@ __docker_stack__media__openvpn_certkey: "{{ docker_stack__openvpn_certkey | d(__
 
 __docker_stack__media__networks:
   vpn:
-    external:
-      name: vpn
+    external: true
 
 
 __docker_stack__media__config_dirs:
@@ -197,28 +198,26 @@ __docker_stack__media__config_dirs:
   - path: "{{ __docker_stack__media__config_dir }}/airsonic/config"
   - path: "{{ __docker_stack__media__config_dir }}/airsonic/podcasts"
   - path: "{{ __docker_stack__media__config_dir }}/airsonic/playlists"
-#  - { path: "{{ __docker_stack__media__config_dir }}/lazylibrarian" }
+#  - path: "{{ __docker_stack__media__config_dir }}/lazylibrarian"
   - path: "{{ __docker_stack__media__config_dir }}/readarr"
   - path: "{{ __docker_stack__media__config_dir }}/calibre"
   - path: "{{ __docker_stack__media__config_dir }}/calibre-web"
-
   - path: "{{ __docker_stack__media__config_dir }}/embyms"
   - path: "{{ __docker_stack__media__config_dir }}/jellyfin"
-
   - path: "{{ __docker_stack__media__config_dir }}/makemkv"
   - path: "{{ __docker_stack__media__config_dir }}/mariadb"
   - path: "{{ __docker_stack__media__config_dir }}/lychee"
-#    - { path: "{{ __docker_stack__media__config_dir }}/piwigo" }
+#  - path: "{{ __docker_stack__media__config_dir }}/piwigo"
   - path: "{{ __docker_stack__media__config_dir }}/photoshow"
   - path: "{{ __docker_stack__media__config_dir }}/couchpotato"
   - path: "{{ __docker_stack__media__config_dir }}/ombi"
   - path: "{{ __docker_stack__media__config_dir }}/homeassistant"
   - path: "{{ __docker_stack__media__config_dir }}/hydra"
   - path: "{{ __docker_stack__media__config_dir }}/shared"
-  - path: "{{ __docker_stack__media__config_dir}/thelounge"}
+  - path: "{{ __docker_stack__media__config_dir }}/thelounge"
   ## converters
   - path: "{{ __docker_stack__media__config_dir }}/handbrake/config"
-  - path: "{{ __docker_stack__media__config_dir}/handbrake/watch"}
+  - path: "{{ __docker_stack__media__config_dir }}/handbrake/watch"
   - path: "{{ __docker_stack__media__path }}/handbrake/output"
   - path: "{{ __docker_stack__media__config_dir }}/mkvtoolnix/config"
   ## app dirs:
@@ -243,7 +242,7 @@ __docker_stack__media__config_dirs:
 
 __docker_stack__media__config_tpls:
 #  - src: 'media/config-nordvpn.ovpn.j2'
-    dest: "{{ __docker_stack__media__config_dir }}/openvpn/nordvpn.ovpn"
+#    dest: "{{ __docker_stack__media__config_dir }}/openvpn/nordvpn.ovpn"
   - src: 'media/config-sabnzbd.ini.j2'
     dest: "{{ __docker_stack__media__config_dir }}/sabnzbd/sabnzbd.ini"
   - src: 'media/config-couchpotato.ini.j2'
@@ -257,7 +256,8 @@ __docker_stack__media__config_tpls:
 #  - src: 'media/config-lazylibrarian.xml.j2'
 #    dest: "{{ __docker_stack__media__config_dir }}/lazylibrarian/config.xml"
   - src: 'media/config-transmission.json.j2'
-    dest: "{{ __docker_stack__media__config_dir }}/transmission/settings.json", force: yes
+    dest: "{{ __docker_stack__media__config_dir }}/transmission/settings.json"
+    force: yes
 #  - src: 'media/config-organizr-nginx-default.conf.j2'
 #    dest: "{{ __docker_stack__media__config_dir }}/organizr/nginx/site-confs/default"
 
@@ -268,9 +268,9 @@ __docker_stack__media__config_files:
 #  - src: 'files/scripts/certs/validate_ssl_endpoint.sh'
 #    dest: "{{ __docker_stack__media__config_dir }}/shared/validate_ssl_endpoint.sh"
   - src: 'files/ombi/docker/OmbiSettings.db'
-    dest: "{{ __docker_stack__media__config_dir}/ombi/OmbiSettings.db"}
+    dest: "{{ __docker_stack__media__config_dir }}/ombi/OmbiSettings.db"
 #  - src: 'files/openvpn/nordvpn.udp.ovpn'
-#    dest: "{{ __docker_stack__media__config_dir}/openvpn/nordvpn.upd.ovpn"}
+#    dest: "{{ __docker_stack__media__config_dir }}/openvpn/nordvpn.upd.ovpn"
   - src: 'files/prometheus/rules/swarm_node.rules.yml'
     dest: "{{ __docker_stack__media__config_dir }}/prometheus/rules/swarm_node.rules.yml"
   - src: 'files/prometheus/rules/swarm_task.rules.yml'
@@ -1111,7 +1111,7 @@ __docker_stack__media__services:
   ## ref: https://dev.to/adamkdean/setup-your-own-persistent-web-irc-client-3678
   thelounge:
     active: no
-    image: ghcr.io/lscr.io/linuxserver/thelounge
+    image: ghcr.io/linuxserver/thelounge
     container_name: thelounge
     environment:
       PUID: "{{ docker_stack__user_uid }}"

diff --git a/roles/docker-stack/vars/app-services/common/docker_stack_nextcloud.yml b/roles/docker-stack/vars/app-services/common/docker_stack_nextcloud.yml
@@ -186,7 +186,7 @@ __docker_stack__nextcloud__ldap_config:
   - "ldapGidNumber 'gidNumber'"
   - "ldapGroupDisplayName 'cn'"
   - "ldapGroupFilter '(&({{ __docker_stack__nextcloud__ldap_group_filter }}))'"
-  - "ldapGroupFilterGroups """
+  - "ldapGroupFilterGroups ''"
   - "ldapGroupFilterMode 0"
   - "ldapGroupFilterObjectclass '{{ __docker_stack__nextcloud__ldap_group_objectclass }}'"
   - "ldapGroupMemberAssocAttr '{{ __docker_stack__nextcloud__ldap_group_ref }}'"
@@ -253,7 +253,7 @@ __docker_stack__nextcloud__config_files:
     remote_src: yes
 
 
-docker_stack__appspec__media:
+docker_stack__appspec__nextcloud:
   dirs: "{{ __docker_stack__nextcloud__config_dirs | d([]) }}"
   files: "{{ __docker_stack__nextcloud__config_files | d([]) }}"
   templates: "{{ __docker_stack__nextcloud__config_tpls | d([]) }}"

diff --git a/roles/docker-stack/vars/app-services/common/docker_stack_pydio.yml b/roles/docker-stack/vars/app-services/common/docker_stack_pydio.yml
@@ -42,7 +42,7 @@ __docker_stack__pydio__ldap_port: "{{ docker_stack__pydio__ldap_port | d('636')
 __docker_stack__pydio__ldap_user: "{{ docker_stack__pydio__ldap_user | d('changeme') }}"
 __docker_stack__pydio__ldap_password: "{{ docker_stack__pydio__ldap_password | d('changeme') }}"
 
-__docker_stack__pydio__ldap_base_dn: "{{ docker_stack__pydio__ldap_base_dn | d('dc=example,dc=int") }}"
+__docker_stack__pydio__ldap_base_dn: "{{ docker_stack__pydio__ldap_base_dn | d('dc=example,dc=int') }}"
 
 __docker_stack__pydio__ldap_group_filter_default: "objectClass=group"
 __docker_stack__pydio__ldap_groupattr_default: "ou=groups,{{ __docker_stack__pydio__ldap_base_dn }}"
@@ -129,7 +129,7 @@ __docker_stack__pydio__config_tpls:
 #    remote_src: yes
 
 
-docker_stack__appspec__media:
+docker_stack__appspec__pydio:
   dirs: "{{ __docker_stack__pydio__config_dirs | d([]) }}"
   files: "{{ __docker_stack__pydio__config_files | d([]) }}"
   templates: "{{ __docker_stack__pydio__config_tpls | d([]) }}"

diff --git a/roles/docker-stack/vars/app-services/common/docker_stack_redis.yml b/roles/docker-stack/vars/app-services/common/docker_stack_redis.yml
@@ -48,7 +48,7 @@ __docker_stack__redis__services:
 
   # Redis Commander - Redis Management Tool
   rediscom:
-    container_name: rediscommander
+    container_name: rediscom
 #    image: rediscommander/redis-commander:latest
     image: ghcr.io/joeferner/redis-commander:latest
     restart: unless-stopped