inventory, roles: update group_vars/all.yaml and set service files to centralize subuid for containers
This commit is contained in:
@@ -37,30 +37,37 @@ services:
|
|||||||
domain: "postgresql"
|
domain: "postgresql"
|
||||||
ports:
|
ports:
|
||||||
tcp: "5432" # postgresql db connection port
|
tcp: "5432" # postgresql db connection port
|
||||||
|
subuid: "100998"
|
||||||
ldap:
|
ldap:
|
||||||
domain: "ldap"
|
domain: "ldap"
|
||||||
ports:
|
ports:
|
||||||
http: "17170"
|
http: "17170"
|
||||||
ldaps: "6360"
|
ldaps: "6360"
|
||||||
|
subuid: "100999"
|
||||||
ca:
|
ca:
|
||||||
domain: "ca"
|
domain: "ca"
|
||||||
ports:
|
ports:
|
||||||
https: "9000"
|
https: "9000"
|
||||||
|
subuid: "100999"
|
||||||
x509-exporter:
|
x509-exporter:
|
||||||
ports:
|
ports:
|
||||||
http: "9793"
|
http: "9793"
|
||||||
|
subuid: "165533"
|
||||||
prometheus:
|
prometheus:
|
||||||
domain: "prometheus"
|
domain: "prometheus"
|
||||||
ports:
|
ports:
|
||||||
https: "9090"
|
https: "9090"
|
||||||
|
subuid: "165533"
|
||||||
loki:
|
loki:
|
||||||
domain: "loki"
|
domain: "loki"
|
||||||
ports:
|
ports:
|
||||||
https: "3100"
|
https: "3100"
|
||||||
|
subuid: "110000"
|
||||||
grafana:
|
grafana:
|
||||||
domain: "grafana"
|
domain: "grafana"
|
||||||
ports:
|
ports:
|
||||||
http: "3000"
|
http: "3000"
|
||||||
|
subuid: "100471"
|
||||||
caddy:
|
caddy:
|
||||||
ports:
|
ports:
|
||||||
http: "2080"
|
http: "2080"
|
||||||
@@ -77,6 +84,8 @@ services:
|
|||||||
domain: "authelia"
|
domain: "authelia"
|
||||||
ports:
|
ports:
|
||||||
http: "9091"
|
http: "9091"
|
||||||
|
redis:
|
||||||
|
subuid: "100998"
|
||||||
vaultwarden:
|
vaultwarden:
|
||||||
domain:
|
domain:
|
||||||
public: "vault"
|
public: "vault"
|
||||||
@@ -89,6 +98,7 @@ services:
|
|||||||
internal: "gitea.app"
|
internal: "gitea.app"
|
||||||
ports:
|
ports:
|
||||||
http: "3000"
|
http: "3000"
|
||||||
|
subuid: "100999"
|
||||||
immich:
|
immich:
|
||||||
domain:
|
domain:
|
||||||
public: "immich"
|
public: "immich"
|
||||||
@@ -105,6 +115,7 @@ services:
|
|||||||
internal: "budget.app"
|
internal: "budget.app"
|
||||||
ports:
|
ports:
|
||||||
http: "5006"
|
http: "5006"
|
||||||
|
subuid: "101000"
|
||||||
paperless:
|
paperless:
|
||||||
domain:
|
domain:
|
||||||
public: "paperless"
|
public: "paperless"
|
||||||
@@ -112,12 +123,14 @@ services:
|
|||||||
ports:
|
ports:
|
||||||
http: "8001"
|
http: "8001"
|
||||||
redis: "6380"
|
redis: "6380"
|
||||||
|
subuid: "100999"
|
||||||
vikunja:
|
vikunja:
|
||||||
domain:
|
domain:
|
||||||
public: "vikunja"
|
public: "vikunja"
|
||||||
internal: "vikunja.app"
|
internal: "vikunja.app"
|
||||||
ports:
|
ports:
|
||||||
http: "3456"
|
http: "3456"
|
||||||
|
subuid: "100999"
|
||||||
|
|
||||||
version:
|
version:
|
||||||
packages:
|
packages:
|
||||||
|
|||||||
@@ -1,13 +1,9 @@
|
|||||||
---
|
---
|
||||||
- name: Set actual budget container subuid
|
|
||||||
ansible.builtin.set_fact:
|
|
||||||
actualbudget_subuid: "101000"
|
|
||||||
|
|
||||||
- name: Create actual budget directory
|
- name: Create actual budget directory
|
||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
path: "{{ node['home_path'] }}/data/containers/actual-budget"
|
path: "{{ node['home_path'] }}/data/containers/actual-budget"
|
||||||
state: "directory"
|
state: "directory"
|
||||||
owner: "{{ actualbudget_subuid }}"
|
owner: "{{ services['actualbudget']['subuid'] }}"
|
||||||
group: "svadmins"
|
group: "svadmins"
|
||||||
mode: "0770"
|
mode: "0770"
|
||||||
become: true
|
become: true
|
||||||
|
|||||||
@@ -1,13 +1,9 @@
|
|||||||
---
|
---
|
||||||
- name: Set gitea container subuid
|
|
||||||
ansible.builtin.set_fact:
|
|
||||||
gitea_subuid: "100999"
|
|
||||||
|
|
||||||
- name: Create gitea directory
|
- name: Create gitea directory
|
||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
path: "{{ node['home_path'] }}/{{ item }}"
|
path: "{{ node['home_path'] }}/{{ item }}"
|
||||||
state: "directory"
|
state: "directory"
|
||||||
owner: "{{ gitea_subuid }}"
|
owner: "{{ services['gitea']['subuid'] }}"
|
||||||
group: "svadmins"
|
group: "svadmins"
|
||||||
mode: "0770"
|
mode: "0770"
|
||||||
loop:
|
loop:
|
||||||
@@ -21,7 +17,7 @@
|
|||||||
content: |
|
content: |
|
||||||
{{ hostvars['console']['ca']['root']['crt'] }}
|
{{ hostvars['console']['ca']['root']['crt'] }}
|
||||||
dest: "{{ node['home_path'] }}/containers/gitea/ssl/{{ root_cert_filename }}"
|
dest: "{{ node['home_path'] }}/containers/gitea/ssl/{{ root_cert_filename }}"
|
||||||
owner: "{{ gitea_subuid }}"
|
owner: "{{ services['gitea']['subuid'] }}"
|
||||||
group: "svadmins"
|
group: "svadmins"
|
||||||
mode: "0440"
|
mode: "0440"
|
||||||
become: true
|
become: true
|
||||||
|
|||||||
@@ -2,13 +2,12 @@
|
|||||||
- name: Set redis service name
|
- name: Set redis service name
|
||||||
ansible.builtin.set_fact:
|
ansible.builtin.set_fact:
|
||||||
redis_service: "immich"
|
redis_service: "immich"
|
||||||
redis_subuid: "100998"
|
|
||||||
|
|
||||||
- name: Create redis_immich directory
|
- name: Create redis_immich directory
|
||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
path: "{{ node['home_path'] }}/{{ item }}"
|
path: "{{ node['home_path'] }}/{{ item }}"
|
||||||
state: "directory"
|
state: "directory"
|
||||||
owner: "{{ redis_subuid }}"
|
owner: "{{ services['redis']['subuid'] }}"
|
||||||
group: "svadmins"
|
group: "svadmins"
|
||||||
mode: "0770"
|
mode: "0770"
|
||||||
loop:
|
loop:
|
||||||
|
|||||||
@@ -2,13 +2,12 @@
|
|||||||
- name: Set redis service name
|
- name: Set redis service name
|
||||||
ansible.builtin.set_fact:
|
ansible.builtin.set_fact:
|
||||||
redis_service: "paperless"
|
redis_service: "paperless"
|
||||||
redis_subuid: "100998"
|
|
||||||
|
|
||||||
- name: Create redis_paperless directory
|
- name: Create redis_paperless directory
|
||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
path: "{{ node['home_path'] }}/{{ item }}"
|
path: "{{ node['home_path'] }}/{{ item }}"
|
||||||
state: "directory"
|
state: "directory"
|
||||||
owner: "{{ redis_subuid }}"
|
owner: "{{ services['redis']['subuid'] }}"
|
||||||
group: "svadmins"
|
group: "svadmins"
|
||||||
mode: "0770"
|
mode: "0770"
|
||||||
loop:
|
loop:
|
||||||
@@ -44,15 +43,11 @@
|
|||||||
scope: "user"
|
scope: "user"
|
||||||
when: is_redis_conf.changed or is_redis_containerfile.changed # noqa: no-handler
|
when: is_redis_conf.changed or is_redis_containerfile.changed # noqa: no-handler
|
||||||
|
|
||||||
- name: Set paperless subuid
|
|
||||||
ansible.builtin.set_fact:
|
|
||||||
paperless_subuid: "100999"
|
|
||||||
|
|
||||||
- name: Create paperless directory
|
- name: Create paperless directory
|
||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
path: "{{ node['home_path'] }}/{{ item }}"
|
path: "{{ node['home_path'] }}/{{ item }}"
|
||||||
state: "directory"
|
state: "directory"
|
||||||
owner: "{{ paperless_subuid }}"
|
owner: "{{ services['paperless']['subuid'] }}"
|
||||||
group: "svadmins"
|
group: "svadmins"
|
||||||
mode: "0770"
|
mode: "0770"
|
||||||
loop:
|
loop:
|
||||||
@@ -70,7 +65,7 @@
|
|||||||
content: |
|
content: |
|
||||||
{{ hostvars['console']['ca']['root']['crt'] }}
|
{{ hostvars['console']['ca']['root']['crt'] }}
|
||||||
dest: "{{ node['home_path'] }}/containers/paperless/ssl/{{ root_cert_filename }}"
|
dest: "{{ node['home_path'] }}/containers/paperless/ssl/{{ root_cert_filename }}"
|
||||||
owner: "{{ paperless_subuid }}"
|
owner: "{{ services['paperless']['subuid'] }}"
|
||||||
group: "svadmins"
|
group: "svadmins"
|
||||||
mode: "0440"
|
mode: "0440"
|
||||||
become: true
|
become: true
|
||||||
|
|||||||
@@ -1,13 +1,9 @@
|
|||||||
---
|
---
|
||||||
- name: Set vikunja subuid
|
|
||||||
ansible.builtin.set_fact:
|
|
||||||
vikunja_subuid: "100999"
|
|
||||||
|
|
||||||
- name: Create vikunja directory
|
- name: Create vikunja directory
|
||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
path: "{{ node['home_path'] }}/{{ item }}"
|
path: "{{ node['home_path'] }}/{{ item }}"
|
||||||
state: "directory"
|
state: "directory"
|
||||||
owner: "{{ vikunja_subuid }}"
|
owner: "{{ services['vikunja']['subuid'] }}"
|
||||||
group: "svadmins"
|
group: "svadmins"
|
||||||
mode: "0770"
|
mode: "0770"
|
||||||
loop:
|
loop:
|
||||||
@@ -21,7 +17,7 @@
|
|||||||
content: |
|
content: |
|
||||||
{{ hostvars['console']['ca']['root']['crt'] }}
|
{{ hostvars['console']['ca']['root']['crt'] }}
|
||||||
dest: "{{ node['home_path'] }}/containers/vikunja/ssl/{{ root_cert_filename }}"
|
dest: "{{ node['home_path'] }}/containers/vikunja/ssl/{{ root_cert_filename }}"
|
||||||
owner: "{{ vikunja_subuid }}"
|
owner: "{{ services['vikunja']['subuid'] }}"
|
||||||
group: "svadmins"
|
group: "svadmins"
|
||||||
mode: "0440"
|
mode: "0440"
|
||||||
become: true
|
become: true
|
||||||
|
|||||||
@@ -1,12 +1,8 @@
|
|||||||
---
|
---
|
||||||
- name: Set ca container subuid
|
|
||||||
ansible.builtin.set_fact:
|
|
||||||
ca_subuid: "100999"
|
|
||||||
|
|
||||||
- name: Create ca directory
|
- name: Create ca directory
|
||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
path: "{{ node['home_path'] }}/containers/{{ item }}"
|
path: "{{ node['home_path'] }}/containers/{{ item }}"
|
||||||
owner: "{{ ca_subuid }}"
|
owner: "{{ services['ca']['subuid'] }}"
|
||||||
group: "svadmins"
|
group: "svadmins"
|
||||||
state: "directory"
|
state: "directory"
|
||||||
mode: "0770"
|
mode: "0770"
|
||||||
@@ -32,7 +28,7 @@
|
|||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: "{{ hostvars['console']['node']['config_path'] }}/services/containers/infra/ca/config/{{ item }}.j2"
|
src: "{{ hostvars['console']['node']['config_path'] }}/services/containers/infra/ca/config/{{ item }}.j2"
|
||||||
dest: "{{ node['home_path'] }}/containers/ca/config/{{ item }}"
|
dest: "{{ node['home_path'] }}/containers/ca/config/{{ item }}"
|
||||||
owner: "{{ ca_subuid }}"
|
owner: "{{ services['ca']['subuid'] }}"
|
||||||
group: "svadmins"
|
group: "svadmins"
|
||||||
mode: "0400"
|
mode: "0400"
|
||||||
loop:
|
loop:
|
||||||
@@ -46,7 +42,7 @@
|
|||||||
content: |
|
content: |
|
||||||
{{ item.value }}
|
{{ item.value }}
|
||||||
dest: "{{ item.path }}/{{ item.name }}"
|
dest: "{{ item.path }}/{{ item.name }}"
|
||||||
owner: "{{ ca_subuid }}"
|
owner: "{{ services['ca']['subuid'] }}"
|
||||||
group: "svadmins"
|
group: "svadmins"
|
||||||
mode: "{{ item.mode }}"
|
mode: "{{ item.mode }}"
|
||||||
loop:
|
loop:
|
||||||
|
|||||||
@@ -1,12 +1,8 @@
|
|||||||
---
|
---
|
||||||
- name: Set grafana container subuid
|
|
||||||
ansible.builtin.set_fact:
|
|
||||||
grafana_subuid: "100471"
|
|
||||||
|
|
||||||
- name: Create grafana directory
|
- name: Create grafana directory
|
||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
path: "{{ node['home_path'] }}/containers/{{ item }}"
|
path: "{{ node['home_path'] }}/containers/{{ item }}"
|
||||||
owner: "{{ grafana_subuid }}"
|
owner: "{{ services['grafana']['subuid'] }}"
|
||||||
group: "svadmins"
|
group: "svadmins"
|
||||||
state: "directory"
|
state: "directory"
|
||||||
mode: "0770"
|
mode: "0770"
|
||||||
@@ -24,7 +20,7 @@
|
|||||||
content: |
|
content: |
|
||||||
{{ hostvars['console']['ca']['root']['crt'] }}
|
{{ hostvars['console']['ca']['root']['crt'] }}
|
||||||
dest: "{{ node['home_path'] }}/containers/grafana/ssl/{{ root_cert_filename }}"
|
dest: "{{ node['home_path'] }}/containers/grafana/ssl/{{ root_cert_filename }}"
|
||||||
owner: "{{ grafana_subuid }}"
|
owner: "{{ services['grafana']['subuid'] }}"
|
||||||
group: "svadmins"
|
group: "svadmins"
|
||||||
mode: "0400"
|
mode: "0400"
|
||||||
become: true
|
become: true
|
||||||
@@ -51,7 +47,7 @@
|
|||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: "{{ hostvars['console']['node']['config_path'] }}/services/containers/infra/grafana/etc/{{ item }}.j2"
|
src: "{{ hostvars['console']['node']['config_path'] }}/services/containers/infra/grafana/etc/{{ item }}.j2"
|
||||||
dest: "{{ node['home_path'] }}/containers/grafana/etc/{{ item }}"
|
dest: "{{ node['home_path'] }}/containers/grafana/etc/{{ item }}"
|
||||||
owner: "{{ grafana_subuid }}"
|
owner: "{{ services['grafana']['subuid'] }}"
|
||||||
group: "svadmins"
|
group: "svadmins"
|
||||||
mode: "0400"
|
mode: "0400"
|
||||||
loop:
|
loop:
|
||||||
@@ -65,7 +61,7 @@
|
|||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: "{{ hostvars['console']['node']['config_path'] }}/services/containers/infra/grafana/etc/provisioning/datasources/datasources.yaml.j2"
|
src: "{{ hostvars['console']['node']['config_path'] }}/services/containers/infra/grafana/etc/provisioning/datasources/datasources.yaml.j2"
|
||||||
dest: "{{ node['home_path'] }}/containers/grafana/etc/provisioning/datasources/datasources.yaml"
|
dest: "{{ node['home_path'] }}/containers/grafana/etc/provisioning/datasources/datasources.yaml"
|
||||||
owner: "{{ grafana_subuid }}"
|
owner: "{{ services['grafana']['subuid'] }}"
|
||||||
group: "svadmins"
|
group: "svadmins"
|
||||||
mode: "0400"
|
mode: "0400"
|
||||||
become: true
|
become: true
|
||||||
|
|||||||
@@ -1,12 +1,8 @@
|
|||||||
---
|
---
|
||||||
- name: Set ldap container subuid
|
|
||||||
ansible.builtin.set_fact:
|
|
||||||
ldap_subuid: "100999"
|
|
||||||
|
|
||||||
- name: Create ldap directory
|
- name: Create ldap directory
|
||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
path: "{{ node['home_path'] }}/containers/{{ item }}"
|
path: "{{ node['home_path'] }}/containers/{{ item }}"
|
||||||
owner: "{{ ldap_subuid }}"
|
owner: "{{ services['ldap']['subuid'] }}"
|
||||||
group: "svadmins"
|
group: "svadmins"
|
||||||
state: "directory"
|
state: "directory"
|
||||||
mode: "0770"
|
mode: "0770"
|
||||||
@@ -21,7 +17,7 @@
|
|||||||
content: |
|
content: |
|
||||||
{{ item.value }}
|
{{ item.value }}
|
||||||
dest: "{{ node['home_path'] }}/containers/ldap/ssl/{{ item.name }}"
|
dest: "{{ node['home_path'] }}/containers/ldap/ssl/{{ item.name }}"
|
||||||
owner: "{{ ldap_subuid }}"
|
owner: "{{ services['ldap']['subuid'] }}"
|
||||||
group: "svadmins"
|
group: "svadmins"
|
||||||
mode: "{{ item.mode }}"
|
mode: "{{ item.mode }}"
|
||||||
loop:
|
loop:
|
||||||
|
|||||||
@@ -1,13 +1,9 @@
|
|||||||
---
|
---
|
||||||
- name: Set loki container subuid
|
|
||||||
ansible.builtin.set_fact:
|
|
||||||
loki_subuid: "110000" # 10001
|
|
||||||
|
|
||||||
- name: Create loki directory
|
- name: Create loki directory
|
||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
path: "{{ node['home_path'] }}/containers/{{ item }}"
|
path: "{{ node['home_path'] }}/containers/{{ item }}"
|
||||||
state: "directory"
|
state: "directory"
|
||||||
owner: "{{ loki_subuid }}"
|
owner: "{{ services['loki']['subuid'] }}"
|
||||||
group: "svadmins"
|
group: "svadmins"
|
||||||
mode: "0770"
|
mode: "0770"
|
||||||
loop:
|
loop:
|
||||||
@@ -21,7 +17,7 @@
|
|||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: "{{ hostvars['console']['node']['config_path'] }}/services/containers/infra/loki/etc/loki.yaml.j2"
|
src: "{{ hostvars['console']['node']['config_path'] }}/services/containers/infra/loki/etc/loki.yaml.j2"
|
||||||
dest: "{{ node['home_path'] }}/containers/loki/etc/loki.yaml"
|
dest: "{{ node['home_path'] }}/containers/loki/etc/loki.yaml"
|
||||||
owner: "{{ loki_subuid }}"
|
owner: "{{ services['loki']['subuid'] }}"
|
||||||
group: "svadmins"
|
group: "svadmins"
|
||||||
mode: "0600"
|
mode: "0600"
|
||||||
become: true
|
become: true
|
||||||
@@ -33,7 +29,7 @@
|
|||||||
content: |
|
content: |
|
||||||
{{ item.value }}
|
{{ item.value }}
|
||||||
dest: "{{ node['home_path'] }}/containers/loki/ssl/{{ item.name }}"
|
dest: "{{ node['home_path'] }}/containers/loki/ssl/{{ item.name }}"
|
||||||
owner: "{{ loki_subuid }}"
|
owner: "{{ services['loki']['subuid'] }}"
|
||||||
group: "svadmins"
|
group: "svadmins"
|
||||||
mode: "{{ item.mode }}"
|
mode: "{{ item.mode }}"
|
||||||
loop:
|
loop:
|
||||||
|
|||||||
@@ -1,8 +1,4 @@
|
|||||||
---
|
---
|
||||||
- name: Set postgresql container subuid
|
|
||||||
ansible.builtin.set_fact:
|
|
||||||
postgresql_subuid: "100998"
|
|
||||||
|
|
||||||
- name: Set connected services list
|
- name: Set connected services list
|
||||||
ansible.builtin.set_fact:
|
ansible.builtin.set_fact:
|
||||||
connected_services:
|
connected_services:
|
||||||
@@ -19,7 +15,7 @@
|
|||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
path: "{{ node['home_path'] }}/containers/{{ item }}"
|
path: "{{ node['home_path'] }}/containers/{{ item }}"
|
||||||
state: "directory"
|
state: "directory"
|
||||||
owner: "{{ postgresql_subuid }}"
|
owner: "{{ services['postgresql']['subuid'] }}"
|
||||||
group: "svadmins"
|
group: "svadmins"
|
||||||
mode: "0770"
|
mode: "0770"
|
||||||
loop:
|
loop:
|
||||||
@@ -56,7 +52,7 @@
|
|||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: "{{ hostvars['console']['node']['config_path'] }}/services/containers/infra/postgresql/config/{{ item }}.j2"
|
src: "{{ hostvars['console']['node']['config_path'] }}/services/containers/infra/postgresql/config/{{ item }}.j2"
|
||||||
dest: "{{ node['home_path'] }}/containers/postgresql/config/{{ item }}"
|
dest: "{{ node['home_path'] }}/containers/postgresql/config/{{ item }}"
|
||||||
owner: "{{ postgresql_subuid }}"
|
owner: "{{ services['postgresql']['subuid'] }}"
|
||||||
group: "svadmins"
|
group: "svadmins"
|
||||||
mode: "0600"
|
mode: "0600"
|
||||||
loop:
|
loop:
|
||||||
@@ -71,7 +67,7 @@
|
|||||||
content: |
|
content: |
|
||||||
{{ item.value }}
|
{{ item.value }}
|
||||||
dest: "{{ node['home_path'] }}/containers/postgresql/ssl/{{ item.name }}"
|
dest: "{{ node['home_path'] }}/containers/postgresql/ssl/{{ item.name }}"
|
||||||
owner: "{{ postgresql_subuid }}"
|
owner: "{{ services['postgresql']['subuid'] }}"
|
||||||
group: "svadmins"
|
group: "svadmins"
|
||||||
mode: "{{ item.mode }}"
|
mode: "{{ item.mode }}"
|
||||||
loop:
|
loop:
|
||||||
@@ -107,7 +103,7 @@
|
|||||||
ansible.builtin.copy:
|
ansible.builtin.copy:
|
||||||
src: "{{ hostvars['console']['node']['config_path'] }}/services/containers/infra/postgresql/init/pg_cluster.sql"
|
src: "{{ hostvars['console']['node']['config_path'] }}/services/containers/infra/postgresql/init/pg_cluster.sql"
|
||||||
dest: "{{ node['home_path'] }}/containers/postgresql/init/0_pg_cluster.sql"
|
dest: "{{ node['home_path'] }}/containers/postgresql/init/0_pg_cluster.sql"
|
||||||
owner: "{{ postgresql_subuid }}"
|
owner: "{{ services['postgresql']['subuid'] }}"
|
||||||
group: "svadmins"
|
group: "svadmins"
|
||||||
mode: "0600"
|
mode: "0600"
|
||||||
|
|
||||||
@@ -115,7 +111,7 @@
|
|||||||
ansible.builtin.copy:
|
ansible.builtin.copy:
|
||||||
src: "{{ hostvars['console']['node']['config_path'] }}/services/containers/infra/postgresql/init/pg_{{ item }}.sql"
|
src: "{{ hostvars['console']['node']['config_path'] }}/services/containers/infra/postgresql/init/pg_{{ item }}.sql"
|
||||||
dest: "{{ node['home_path'] }}/containers/postgresql/init/{{ index_num + 1 }}_pg_{{ item }}.sql"
|
dest: "{{ node['home_path'] }}/containers/postgresql/init/{{ index_num + 1 }}_pg_{{ item }}.sql"
|
||||||
owner: "{{ postgresql_subuid }}"
|
owner: "{{ services['postgresql']['subuid'] }}"
|
||||||
group: "svadmins"
|
group: "svadmins"
|
||||||
mode: "0600"
|
mode: "0600"
|
||||||
loop: "{{ connected_services }}"
|
loop: "{{ connected_services }}"
|
||||||
|
|||||||
@@ -1,13 +1,9 @@
|
|||||||
---
|
---
|
||||||
- name: Set prometheus container subuid
|
|
||||||
ansible.builtin.set_fact:
|
|
||||||
prometheus_subuid: "165533" # nobody - 65534
|
|
||||||
|
|
||||||
- name: Create prometheus directory
|
- name: Create prometheus directory
|
||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
path: "{{ node['home_path'] }}/containers/{{ item }}"
|
path: "{{ node['home_path'] }}/containers/{{ item }}"
|
||||||
state: "directory"
|
state: "directory"
|
||||||
owner: "{{ prometheus_subuid }}"
|
owner: "{{ services['prometheus']['subuid'] }}"
|
||||||
group: "svadmins"
|
group: "svadmins"
|
||||||
mode: "0770"
|
mode: "0770"
|
||||||
loop:
|
loop:
|
||||||
@@ -21,7 +17,7 @@
|
|||||||
ansible.builtin.template:
|
ansible.builtin.template:
|
||||||
src: "{{ hostvars['console']['node']['config_path'] }}/services/containers/infra/prometheus/etc/{{ item }}.j2"
|
src: "{{ hostvars['console']['node']['config_path'] }}/services/containers/infra/prometheus/etc/{{ item }}.j2"
|
||||||
dest: "{{ node['home_path'] }}/containers/prometheus/etc/{{ item }}"
|
dest: "{{ node['home_path'] }}/containers/prometheus/etc/{{ item }}"
|
||||||
owner: "{{ prometheus_subuid }}"
|
owner: "{{ services['prometheus']['subuid'] }}"
|
||||||
group: "svadmins"
|
group: "svadmins"
|
||||||
mode: "0600"
|
mode: "0600"
|
||||||
loop:
|
loop:
|
||||||
@@ -37,7 +33,7 @@
|
|||||||
content: |
|
content: |
|
||||||
{{ item.value }}
|
{{ item.value }}
|
||||||
dest: "{{ node['home_path'] }}/containers/prometheus/ssl/{{ item.name }}"
|
dest: "{{ node['home_path'] }}/containers/prometheus/ssl/{{ item.name }}"
|
||||||
owner: "{{ prometheus_subuid }}"
|
owner: "{{ services['prometheus']['subuid'] }}"
|
||||||
group: "svadmins"
|
group: "svadmins"
|
||||||
mode: "{{ item.mode }}"
|
mode: "{{ item.mode }}"
|
||||||
loop:
|
loop:
|
||||||
|
|||||||
@@ -1,13 +1,9 @@
|
|||||||
---
|
---
|
||||||
- name: Set x509-exporter container subuid
|
|
||||||
ansible.builtin.set_fact:
|
|
||||||
x509_exporter_subuid: "165533" # nobody - 65534
|
|
||||||
|
|
||||||
- name: Create x509-exporter directory
|
- name: Create x509-exporter directory
|
||||||
ansible.builtin.file:
|
ansible.builtin.file:
|
||||||
path: "{{ node['home_path'] }}/containers/{{ item }}"
|
path: "{{ node['home_path'] }}/containers/{{ item }}"
|
||||||
state: "directory"
|
state: "directory"
|
||||||
owner: "{{ x509_exporter_subuid }}"
|
owner: "{{ services['x509-exporter']['subuid'] }}"
|
||||||
group: "svadmins"
|
group: "svadmins"
|
||||||
mode: "0770"
|
mode: "0770"
|
||||||
loop:
|
loop:
|
||||||
@@ -20,7 +16,7 @@
|
|||||||
content: |
|
content: |
|
||||||
{{ item.value }}
|
{{ item.value }}
|
||||||
dest: "{{ node['home_path'] }}/containers/x509-exporter/certs/{{ item.name }}"
|
dest: "{{ node['home_path'] }}/containers/x509-exporter/certs/{{ item.name }}"
|
||||||
owner: "{{ x509_exporter_subuid }}"
|
owner: "{{ services['x509-exporter']['subuid'] }}"
|
||||||
group: "svadmins"
|
group: "svadmins"
|
||||||
mode: "0440"
|
mode: "0440"
|
||||||
loop:
|
loop:
|
||||||
|
|||||||
Reference in New Issue
Block a user