From c4fc0db80185fbae9b760be23ddf15558f7f0e31 Mon Sep 17 00:00:00 2001 From: Alexandre Couedelo Date: Tue, 4 Mar 2025 19:03:09 +0000 Subject: [PATCH 1/7] feat(rclone): install plugin on all hosts --- .github/workflows/ansible.yml | 5 +- .../docker-swarm-portainer-caddy-openziti.yml | 59 +++++++++++++++++++ .../defaults/main.yaml | 1 + .../docker-swarm-plugin-rclone/meta/main.yaml | 4 ++ .../tasks/main.yaml | 35 +++++++++++ 5 files changed, 103 insertions(+), 1 deletion(-) create mode 100644 ansible/docker-swarm-portainer-caddy-openziti.yml create mode 100644 ansible/roles/docker-swarm-plugin-rclone/defaults/main.yaml create mode 100644 ansible/roles/docker-swarm-plugin-rclone/meta/main.yaml create mode 100644 ansible/roles/docker-swarm-plugin-rclone/tasks/main.yaml diff --git a/.github/workflows/ansible.yml b/.github/workflows/ansible.yml index 7eae5c7..53beb5d 100644 --- a/.github/workflows/ansible.yml +++ b/.github/workflows/ansible.yml @@ -96,7 +96,7 @@ jobs: - name: run playbook run: | - ansible-playbook -i inventory ansible/docker-swarm-portainer-caddy.yml + ansible-playbook -i inventory ansible/docker-swarm-portainer-caddy-openziti.yml env: BRANCH_NAME: ${{ github.head_ref }} # This is used by caddy to authenticate users @@ -105,3 +105,6 @@ jobs: CADDY_JWT_SHARED_KEY: ${{ secrets.CADDY_JWT_SHARED_KEY }} # This is used by caddy to configure dns records CADDY_DIGITALOCEAN_API_TOKEN: ${{ secrets.CADDY_DIGITALOCEAN_API_TOKEN }} + # This is used by rclone to create volumes sync with do space + RCLONE_DIGITALOCEAN_ACCESS_KEY_ID: ${{ secrets.RCLONE_DIGITALOCEAN_ACCESS_KEY_ID }} + RCLONE_DIGITALOCEAN_SECRET_ACCESS_KEY: ${{ secrets.RCLONE_DIGITALOCEAN_SECRET_ACCESS_KEY }} diff --git a/ansible/docker-swarm-portainer-caddy-openziti.yml b/ansible/docker-swarm-portainer-caddy-openziti.yml new file mode 100644 index 0000000..684cf88 --- /dev/null +++ b/ansible/docker-swarm-portainer-caddy-openziti.yml @@ -0,0 +1,59 @@ +- name: Determine affected roles + hosts: localhost + gather_facts: false + + roles: + - utils-affected-roles + +# BASE +- name: This is the base requirement for all nodes + hosts: all + become: true + + roles: + - role: docker + when: "'docker' in hostvars['localhost']['roles_with_changes']" + +# SWARM +- name: This setup the Docker Swarm Manager + hosts: managers + gather_facts: true + become: true + + roles: + # NOTE: One node requires python and extra tools to setup the swarm, I call it the controller. + # I case we have an issue all master are setup as potential controller + # this role is for the host running ansible to manage the swarm + - role: docker-swarm-controller + when: "'docker-swarm-controller' in hostvars['localhost']['roles_with_changes']" + # this role is for creating the swarm and adding host as manager + - role: docker-swarm-manager + when: "'docker-swarm-manager' in hostvars['localhost']['roles_with_changes']" + +- name: This setup nodes to join the Swarm + hosts: nodes + + roles: + - role: docker-swarm-node # this role is for host to join the swarm + when: "'docker-swarm-node' in hostvars['localhost']['roles_with_changes']" + +# PLUGINS +- name: This installs docker plugins on all hosts + hosts: all + become: true + + roles: + - role: docker-swarm-plugin-rclone + when: "'docker-swarm-plugin-rclone' in hostvars['localhost']['roles_with_changes']" + +# APPS +- name: This install Caddy and Portainer in the Swarm + hosts: managers[0] # Only one manager need to be hit + become: true + + roles: + - role: docker-swarm-app-caddy + when: "'docker-swarm-app-caddy' in hostvars['localhost']['roles_with_changes']" + - role: docker-swarm-app-portainer + caddy: true + when: "'docker-swarm-app-portainer' in hostvars['localhost']['roles_with_changes']" diff --git a/ansible/roles/docker-swarm-plugin-rclone/defaults/main.yaml b/ansible/roles/docker-swarm-plugin-rclone/defaults/main.yaml new file mode 100644 index 0000000..89e2576 --- /dev/null +++ b/ansible/roles/docker-swarm-plugin-rclone/defaults/main.yaml @@ -0,0 +1 @@ +s3_endpoint: lon1.digitaloceanspaces.com diff --git a/ansible/roles/docker-swarm-plugin-rclone/meta/main.yaml b/ansible/roles/docker-swarm-plugin-rclone/meta/main.yaml new file mode 100644 index 0000000..76b10a9 --- /dev/null +++ b/ansible/roles/docker-swarm-plugin-rclone/meta/main.yaml @@ -0,0 +1,4 @@ +dependencies: [] + # - docker + # List your role dependencies here, one per line. Be sure to remove the '[]' above, + # if you add dependencies to this list. diff --git a/ansible/roles/docker-swarm-plugin-rclone/tasks/main.yaml b/ansible/roles/docker-swarm-plugin-rclone/tasks/main.yaml new file mode 100644 index 0000000..79e6add --- /dev/null +++ b/ansible/roles/docker-swarm-plugin-rclone/tasks/main.yaml @@ -0,0 +1,35 @@ +################################################# +# OR INFRA Role: Docker Swarm Plugins Rclone +# Source: +# https://rclone.org/docker/ +################################################# + +### +# GENERAL Setup +### +- name: Install required system packages + apt: + name: "{{ item }}" + state: present + update_cache: true + loop: ['fuse'] + +- name: Install rclone plugin + community.docker.docker_plugin: + plugin_name: rclone/docker-volume-rclone + state: present + +######## +# Testing Setup +# Create a test volume +######## +- name: Create a volume using rclone + community.docker.docker_volume: + name: firstr_clone_volume + driver: rclone + driver_options: + type: s3 + provider: DigitalOcean + endpoint: "{{s3_endpoint}}" + access_key_id: "{{ lookup('env', 'RCLONE_DIGITALOCEAN_ACCESS_KEY_ID') }}" + secret_access_key: "{{ lookup('env', 'RCLONE_DIGITALOCEAN_SECRET_ACCESS_KEY') }}" From 4811507140891b986fa2d981eacc6971dc1fe0c5 Mon Sep 17 00:00:00 2001 From: Alexandre Couedelo Date: Tue, 4 Mar 2025 19:13:31 +0000 Subject: [PATCH 2/7] fix: plugin alias --- ansible/roles/docker-swarm-plugin-rclone/tasks/main.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/ansible/roles/docker-swarm-plugin-rclone/tasks/main.yaml b/ansible/roles/docker-swarm-plugin-rclone/tasks/main.yaml index 79e6add..7cefbe7 100644 --- a/ansible/roles/docker-swarm-plugin-rclone/tasks/main.yaml +++ b/ansible/roles/docker-swarm-plugin-rclone/tasks/main.yaml @@ -17,6 +17,7 @@ - name: Install rclone plugin community.docker.docker_plugin: plugin_name: rclone/docker-volume-rclone + alias: rclone state: present ######## From a7940ee5678a14a4fe8f111bf0cccea047ca282a Mon Sep 17 00:00:00 2001 From: Alexandre Couedelo Date: Tue, 4 Mar 2025 20:52:59 +0000 Subject: [PATCH 3/7] fix: missing dir for rclone --- ansible/roles/docker-swarm-plugin-rclone/tasks/main.yaml | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/ansible/roles/docker-swarm-plugin-rclone/tasks/main.yaml b/ansible/roles/docker-swarm-plugin-rclone/tasks/main.yaml index 7cefbe7..0aa42f5 100644 --- a/ansible/roles/docker-swarm-plugin-rclone/tasks/main.yaml +++ b/ansible/roles/docker-swarm-plugin-rclone/tasks/main.yaml @@ -20,6 +20,15 @@ alias: rclone state: present +- name: Creates directory rclone + file: + path: "{{ item }}" + state: directory + mode: '0644' + loop: + - '/var/lib/docker-plugins/rclone/config' + - '/var/lib/docker-plugins/rclone/cache' + ######## # Testing Setup # Create a test volume From 9aeb00ef3a0f5aaed1a62ac950289b1508af5a03 Mon Sep 17 00:00:00 2001 From: Alexandre Couedelo Date: Tue, 4 Mar 2025 22:27:23 +0100 Subject: [PATCH 4/7] Update ansible/roles/docker-swarm-plugin-rclone/tasks/main.yaml --- ansible/roles/docker-swarm-plugin-rclone/tasks/main.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/ansible/roles/docker-swarm-plugin-rclone/tasks/main.yaml b/ansible/roles/docker-swarm-plugin-rclone/tasks/main.yaml index 0aa42f5..8bf96b5 100644 --- a/ansible/roles/docker-swarm-plugin-rclone/tasks/main.yaml +++ b/ansible/roles/docker-swarm-plugin-rclone/tasks/main.yaml @@ -25,9 +25,9 @@ path: "{{ item }}" state: directory mode: '0644' - loop: - - '/var/lib/docker-plugins/rclone/config' - - '/var/lib/docker-plugins/rclone/cache' + loop: + - '/var/lib/docker-plugins/rclone/config' + - '/var/lib/docker-plugins/rclone/cache' ######## # Testing Setup From 85629e130dbf59ef030b13179c0ae6da220b03b6 Mon Sep 17 00:00:00 2001 From: Alexandre Couedelo Date: Tue, 4 Mar 2025 22:28:31 +0100 Subject: [PATCH 5/7] Update ansible/roles/docker-swarm-plugin-rclone/tasks/main.yaml --- ansible/roles/docker-swarm-plugin-rclone/tasks/main.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ansible/roles/docker-swarm-plugin-rclone/tasks/main.yaml b/ansible/roles/docker-swarm-plugin-rclone/tasks/main.yaml index 8bf96b5..33b4ce7 100644 --- a/ansible/roles/docker-swarm-plugin-rclone/tasks/main.yaml +++ b/ansible/roles/docker-swarm-plugin-rclone/tasks/main.yaml @@ -35,7 +35,7 @@ ######## - name: Create a volume using rclone community.docker.docker_volume: - name: firstr_clone_volume + name: first_rclone_volume driver: rclone driver_options: type: s3 From b7a6cf3a6703da2cd007a83fec0b1a82502d0832 Mon Sep 17 00:00:00 2001 From: Alexandre Couedelo Date: Tue, 4 Mar 2025 23:16:00 +0100 Subject: [PATCH 6/7] Update ansible/roles/docker-swarm-plugin-rclone/tasks/main.yaml --- ansible/roles/docker-swarm-plugin-rclone/tasks/main.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ansible/roles/docker-swarm-plugin-rclone/tasks/main.yaml b/ansible/roles/docker-swarm-plugin-rclone/tasks/main.yaml index 33b4ce7..964cd33 100644 --- a/ansible/roles/docker-swarm-plugin-rclone/tasks/main.yaml +++ b/ansible/roles/docker-swarm-plugin-rclone/tasks/main.yaml @@ -18,7 +18,7 @@ community.docker.docker_plugin: plugin_name: rclone/docker-volume-rclone alias: rclone - state: present + state: enable - name: Creates directory rclone file: From 9046e05867e28dbfc7e64fb01d4a45485df506ab Mon Sep 17 00:00:00 2001 From: Alexandre Couedelo Date: Tue, 4 Mar 2025 23:33:42 +0100 Subject: [PATCH 7/7] Update ansible/roles/docker-swarm-plugin-rclone/tasks/main.yaml --- ansible/roles/docker-swarm-plugin-rclone/tasks/main.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/ansible/roles/docker-swarm-plugin-rclone/tasks/main.yaml b/ansible/roles/docker-swarm-plugin-rclone/tasks/main.yaml index 964cd33..0726ae2 100644 --- a/ansible/roles/docker-swarm-plugin-rclone/tasks/main.yaml +++ b/ansible/roles/docker-swarm-plugin-rclone/tasks/main.yaml @@ -39,7 +39,7 @@ driver: rclone driver_options: type: s3 - provider: DigitalOcean - endpoint: "{{s3_endpoint}}" - access_key_id: "{{ lookup('env', 'RCLONE_DIGITALOCEAN_ACCESS_KEY_ID') }}" - secret_access_key: "{{ lookup('env', 'RCLONE_DIGITALOCEAN_SECRET_ACCESS_KEY') }}" + s3-provider: DigitalOcean + s3-endpoint: "{{s3_endpoint}}" + s3-access_key_id: "{{ lookup('env', 'RCLONE_DIGITALOCEAN_ACCESS_KEY_ID') }}" + s3-secret_access_key: "{{ lookup('env', 'RCLONE_DIGITALOCEAN_SECRET_ACCESS_KEY') }}"