From d7e0b254dbf947f7dcdcb7b6589ba3b90c812b21 Mon Sep 17 00:00:00 2001 From: "tom.chivert" Date: Mon, 1 Dec 2025 14:55:32 +0100 Subject: [PATCH] add docker_services_external_networks and docker_services_external_volumes variables --- defaults/main.yml | 4 ++++ tasks/docker.yml | 8 ++++++-- tasks/gitlab-runner.yml | 3 +++ tasks/gitlab.yml | 4 ++++ tasks/grafana.yml | 3 +++ tasks/requirements.yml | 1 - tasks/traefik.yml | 5 +++++ tasks/wikijs.yml | 2 ++ tasks/wireguard.yml | 1 + templates/compose/cadvisor.yml.j2 | 2 -- templates/compose/gitlab-runner.yml.j2 | 18 ++++++++++++++++-- templates/compose/gitlab.yml.j2 | 20 ++++++++++++++++++-- templates/compose/grafana.yml.j2 | 17 ++++++++++++++--- templates/compose/maildev.yml.j2 | 7 +++++-- templates/compose/redisinsight.yml.j2 | 13 +++++++++++-- templates/compose/traefik.yml.j2 | 15 ++++++++++++--- templates/compose/watchtower.yml.j2 | 2 -- templates/compose/wikijs.yml.j2 | 16 ++++++++++++++++ templates/compose/wireguard.yml.j2 | 12 ++++++++++-- 19 files changed, 130 insertions(+), 23 deletions(-) diff --git a/defaults/main.yml b/defaults/main.yml index 6b9335c..ae1dbd0 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -1,4 +1,8 @@ --- +### Docker Services +docker_services_external_volumes: true +docker_services_external_networks: true + ### Grafana grafana_auth_anonymous_enabled: true grafana_auth_anonymous_org_role: Viewer diff --git a/tasks/docker.yml b/tasks/docker.yml index b224cc2..0de1607 100644 --- a/tasks/docker.yml +++ b/tasks/docker.yml @@ -1,8 +1,10 @@ --- - name: add official GPG key - apt_key: + get_url: url: https://download.docker.com/linux/{{ ansible_distribution | lower }}/gpg - state: present + dest: /etc/apt/trusted.gpg.d/docker.asc + mode: '0644' + force: true tags: ['docker'] - name: add repository @@ -21,6 +23,7 @@ - docker-compose-plugin - python3-docker state: present + ignore_errors: '{{ ansible_check_mode }}' tags: ['docker'] - name: create docker-compose directory @@ -35,6 +38,7 @@ name: docker state: started enabled: true + ignore_errors: '{{ ansible_check_mode }}' tags: ['docker'] - name: copy rsyslog config diff --git a/tasks/gitlab-runner.yml b/tasks/gitlab-runner.yml index 20c7175..ad79f38 100644 --- a/tasks/gitlab-runner.yml +++ b/tasks/gitlab-runner.yml @@ -11,11 +11,13 @@ - name: gitlab-runner | create docker network docker_network: name: 'gitlab-runner' + when: docker_services_external_networks tags: ['docker_gitlab-runner'] - name: gitlab-runner | create docker volumes docker_volume: name: '{{ item }}' + when: docker_services_external_volumes with_items: - gitlab-runner-dind__var_lib_docker - gitlab-runner-dind__certs @@ -56,6 +58,7 @@ {% if gitlab_runner_extra_hosts is defined %} extra_hosts = [{% for host in gitlab_runner_extra_hosts %}"{{ host }}"{{ ", " if not loop.last else "" }}{% endfor %}] {% endif %} + when: docker_services_external_volumes notify: 'gitlab-runner-restart' tags: ['docker_gitlab-runner'] diff --git a/tasks/gitlab.yml b/tasks/gitlab.yml index 32480d5..b2215f5 100644 --- a/tasks/gitlab.yml +++ b/tasks/gitlab.yml @@ -12,6 +12,7 @@ - name: 'gitlab | create docker volumes' docker_volume: name: '{{ item }}' + when: docker_services_external_volumes with_items: - 'gitlab__etc_config' - 'gitlab__var_log_gitlab' @@ -21,11 +22,13 @@ - name: 'gitlab | create docker volume backup' docker_volume: name: 'gitlab__backups' + when: docker_services_external_volumes tags: ['docker_gitlab'] - name: 'gitlab | create docker volume gitlab__run_secrets' docker_volume: name: 'gitlab__run_secrets' + when: docker_services_external_volumes register: 'register_docker_volume_gitlab_gitlab__run_secrets' tags: ['docker_gitlab'] @@ -34,6 +37,7 @@ dest: '{{ register_docker_volume_gitlab_gitlab__run_secrets.volume.Mountpoint }}/gitlab_root_password' mode: '0600' content: '{{ gitlab_root_password }}' + when: docker_services_external_volumes ignore_errors: '{{ ansible_check_mode }}' tags: ['docker_gitlab'] diff --git a/tasks/grafana.yml b/tasks/grafana.yml index 2e61f59..e09f825 100644 --- a/tasks/grafana.yml +++ b/tasks/grafana.yml @@ -14,14 +14,17 @@ - name: grafana | create docker volume data docker_volume: name: grafana__var_lib_grafana + when: docker_services_external_volumes tags: ['docker_grafana'] - name: grafana | create provisioning dashboards docker volume docker_volume: name: grafana__etc_grafana_provisioning_dashboards + when: docker_services_external_volumes tags: ['docker_grafana'] - name: grafana | create provisioning datasources docker volume docker_volume: name: grafana__etc_grafana_provisioning_datasources + when: docker_services_external_volumes tags: ['docker_grafana'] diff --git a/tasks/requirements.yml b/tasks/requirements.yml index 577ec87..9e2b322 100644 --- a/tasks/requirements.yml +++ b/tasks/requirements.yml @@ -11,7 +11,6 @@ - ca-certificates - curl - gnupg-agent - - software-properties-common - python3-pip - virtualenv - python3-setuptools diff --git a/tasks/traefik.yml b/tasks/traefik.yml index 252fd09..f87f537 100644 --- a/tasks/traefik.yml +++ b/tasks/traefik.yml @@ -12,17 +12,20 @@ - name: traefik | create docker network docker_network: name: 'traefik' + when: docker_services_external_networks tags: ['docker_traefik'] - name: traefik | create letsencrypt docker volume docker_volume: name: traefik__letsencrypt + when: docker_services_external_volumes register: register_docker_volume_traefik__letsencrypt tags: ['docker_traefik'] - name: traefik | create config docker volume docker_volume: name: traefik__etc_traefik + when: docker_services_external_volumes register: register_docker_volume_traefik__etc_traefik tags: ['docker_traefik'] @@ -33,6 +36,7 @@ owner: root group: root mode: 0644 + when: docker_services_external_volumes notify: traefik-restart tags: ['docker_traefik'] @@ -41,4 +45,5 @@ path: /var/lib/docker/volumes/traefik__etc_traefik/_data/dynamic state: directory mode: '0755' + when: docker_services_external_volumes tags: ['docker_traefik'] \ No newline at end of file diff --git a/tasks/wikijs.yml b/tasks/wikijs.yml index 182153d..ae71201 100644 --- a/tasks/wikijs.yml +++ b/tasks/wikijs.yml @@ -25,6 +25,7 @@ - name: wikijs | create docker network docker_network: name: 'wikijs' + when: docker_services_external_networks tags: - wikijs tags: ['docker_wikijs'] @@ -32,6 +33,7 @@ - name: wikijs | create docker volumes docker_volume: name: "{{ item }}" + when: docker_services_external_volumes with_items: - wikijs__config - wikijs__data diff --git a/tasks/wireguard.yml b/tasks/wireguard.yml index a665025..14e49a2 100644 --- a/tasks/wireguard.yml +++ b/tasks/wireguard.yml @@ -11,6 +11,7 @@ - name: 'wireguard | create docker volumes' docker_volume: name: '{{ item }}' + when: docker_services_external_volumes with_items: - 'wireguard__etc_wireguard' tags: ['docker_wireguard'] diff --git a/templates/compose/cadvisor.yml.j2 b/templates/compose/cadvisor.yml.j2 index 887bce9..3d3e0c1 100644 --- a/templates/compose/cadvisor.yml.j2 +++ b/templates/compose/cadvisor.yml.j2 @@ -1,5 +1,3 @@ -version: '3.7' - services: cadvisor: image: gcr.io/cadvisor/cadvisor:latest diff --git a/templates/compose/gitlab-runner.yml.j2 b/templates/compose/gitlab-runner.yml.j2 index 0100b6d..19a6b2d 100644 --- a/templates/compose/gitlab-runner.yml.j2 +++ b/templates/compose/gitlab-runner.yml.j2 @@ -1,10 +1,14 @@ -version: '3.7' - networks: +{% if docker_services_external_networks %} gitlab-runner: external: true +{% else %} + gitlab-runner: + name: gitlab-runner +{% endif %} volumes: +{% if docker_services_external_volumes %} gitlab-runner-dind__var_lib_docker: external: true gitlab-runner-dind__certs: @@ -13,6 +17,16 @@ volumes: external: true gitlab-runner__etc_gitlab-runner: external: true +{% else %} + gitlab-runner-dind__var_lib_docker: + name: gitlab-runner-dind__var_lib_docker + gitlab-runner-dind__certs: + name: gitlab-runner-dind__certs + gitlab-runner__home_gitlab-runner: + name: gitlab-runner__home_gitlab-runner + gitlab-runner__etc_gitlab-runner: + name: gitlab-runner__etc_gitlab-runner +{% endif %} services: gitlab-runner: diff --git a/templates/compose/gitlab.yml.j2 b/templates/compose/gitlab.yml.j2 index 8c9f4c8..01c58b9 100644 --- a/templates/compose/gitlab.yml.j2 +++ b/templates/compose/gitlab.yml.j2 @@ -1,10 +1,14 @@ -version: '3.7' - networks: +{% if docker_services_external_networks %} traefik: external: true +{% else %} + traefik: + name: traefik +{% endif %} volumes: +{% if docker_services_external_volumes %} gitlab__etc_config: external: true gitlab__var_log_gitlab: @@ -15,6 +19,18 @@ volumes: external: true gitlab__run_secrets: external: true +{% else %} + gitlab__etc_config: + name: gitlab__etc_config + gitlab__var_log_gitlab: + name: gitlab__var_log_gitlab + gitlab__var_opt_gitlab: + name: gitlab__var_opt_gitlab + gitlab__backups: + name: gitlab__backups + gitlab__run_secrets: + name: gitlab__run_secrets +{% endif %} services: gitlab: diff --git a/templates/compose/grafana.yml.j2 b/templates/compose/grafana.yml.j2 index 921e9a6..c863030 100644 --- a/templates/compose/grafana.yml.j2 +++ b/templates/compose/grafana.yml.j2 @@ -1,17 +1,28 @@ ---- -version: '3.7' - networks: +{% if docker_services_external_networks %} traefik: external: true +{% else %} + traefik: + name: traefik +{% endif %} volumes: +{% if docker_services_external_volumes %} grafana__var_lib_grafana: external: true grafana__etc_grafana_provisioning_dashboards: external: true grafana__etc_grafana_provisioning_datasources: external: true +{% else %} + grafana__var_lib_grafana: + name: grafana__var_lib_grafana + grafana__etc_grafana_provisioning_dashboards: + name: grafana__etc_grafana_provisioning_dashboards + grafana__etc_grafana_provisioning_datasources: + name: grafana__etc_grafana_provisioning_datasources +{% endif %} services: grafana: diff --git a/templates/compose/maildev.yml.j2 b/templates/compose/maildev.yml.j2 index d4bba38..cb5426d 100644 --- a/templates/compose/maildev.yml.j2 +++ b/templates/compose/maildev.yml.j2 @@ -1,8 +1,11 @@ -version: '3.7' - networks: +{% if docker_services_external_networks %} traefik: external: true +{% else %} + traefik: + name: traefik +{% endif %} services: maildev: diff --git a/templates/compose/redisinsight.yml.j2 b/templates/compose/redisinsight.yml.j2 index dbdb8c6..3b6317d 100644 --- a/templates/compose/redisinsight.yml.j2 +++ b/templates/compose/redisinsight.yml.j2 @@ -1,11 +1,20 @@ -version: '3.7' - networks: +{% if docker_services_external_networks %} traefik: external: true +{% else %} + traefik: + name: traefik +{% endif %} volumes: +{% if docker_services_external_volumes %} redisinsight__db: + external: true +{% else %} + redisinsight__db: + name: redisinsight__db +{% endif %} services: redisinsight: diff --git a/templates/compose/traefik.yml.j2 b/templates/compose/traefik.yml.j2 index d0218e3..1cedb27 100644 --- a/templates/compose/traefik.yml.j2 +++ b/templates/compose/traefik.yml.j2 @@ -1,15 +1,24 @@ ---- -version: '3.7' - networks: +{% if docker_services_external_networks %} traefik: external: true +{% else %} + traefik: + name: traefik +{% endif %} volumes: +{% if docker_services_external_volumes %} traefik__etc_traefik: external: true traefik__letsencrypt: external: true +{% else %} + traefik__etc_traefik: + name: traefik__etc_traefik + traefik__letsencrypt: + name: traefik__letsencrypt +{% endif %} services: traefik: diff --git a/templates/compose/watchtower.yml.j2 b/templates/compose/watchtower.yml.j2 index be9e1a2..6484cce 100644 --- a/templates/compose/watchtower.yml.j2 +++ b/templates/compose/watchtower.yml.j2 @@ -1,5 +1,3 @@ -version: '3.7' - services: watchtower: image: containrrr/watchtower:latest diff --git a/templates/compose/wikijs.yml.j2 b/templates/compose/wikijs.yml.j2 index 8129817..57b7041 100644 --- a/templates/compose/wikijs.yml.j2 +++ b/templates/compose/wikijs.yml.j2 @@ -1,16 +1,32 @@ networks: +{% if docker_services_external_networks %} traefik: external: true wikijs: external: true +{% else %} + traefik: + name: traefik + wikijs: + name: wikijs +{% endif %} volumes: +{% if docker_services_external_volumes %} wikijs__config: external: true wikijs__data: external: true wikijs_db__var_lib_mysql: external: true +{% else %} + wikijs__config: + name: wikijs__config + wikijs__data: + name: wikijs__data + wikijs_db__var_lib_mysql: + name: wikijs_db__var_lib_mysql +{% endif %} services: wikijs_db: diff --git a/templates/compose/wireguard.yml.j2 b/templates/compose/wireguard.yml.j2 index 236f1f5..368f073 100644 --- a/templates/compose/wireguard.yml.j2 +++ b/templates/compose/wireguard.yml.j2 @@ -1,12 +1,20 @@ -version: '3.7' - networks: +{% if docker_services_external_networks %} traefik: external: true +{% else %} + traefik: + name: traefik +{% endif %} volumes: +{% if docker_services_external_volumes %} wireguard__etc_wireguard: external: true +{% else %} + wireguard__etc_wireguard: + name: wireguard__etc_wireguard +{% endif %} services: wireguard: