157 lines
3.2 KiB
YAML
157 lines
3.2 KiB
YAML
---
|
|
|
|
- name: Install Docker packages
|
|
community.general.pacman:
|
|
name:
|
|
- docker
|
|
- docker-compose
|
|
|
|
- name: Create docker user
|
|
user:
|
|
name: docker
|
|
group: docker
|
|
|
|
- name: Create Gitea user
|
|
user:
|
|
name: gitea
|
|
register: user_gitea
|
|
when: '"gitea" in group_names'
|
|
|
|
- name: Create Syncthing group
|
|
group:
|
|
name: vault
|
|
state: present
|
|
|
|
- name: Create Syncthing user
|
|
user:
|
|
name: syncthing
|
|
group: vault
|
|
register: user_syncthing
|
|
when: '"syncthing" in group_names'
|
|
|
|
- name: Create Syncthing vault directories
|
|
file:
|
|
path: "{{ item }}"
|
|
state: directory
|
|
owner: syncthing
|
|
group: vault
|
|
mode: "u=rwX,g=rwX,o="
|
|
with_items:
|
|
- "{{ vault_path }}"
|
|
- "{{ archive_path }}"
|
|
|
|
- name: Create Syncthing config directory
|
|
file:
|
|
path: "{{ syncthing_conf_dir }}"
|
|
state: directory
|
|
owner: syncthing
|
|
group: vault
|
|
mode: "u=rwX,g=,o="
|
|
|
|
- name: Add unpriviledged user to file management group
|
|
user:
|
|
name: "{{ username }}"
|
|
append: yes
|
|
groups: vault
|
|
|
|
- name: Create Paperless group
|
|
group:
|
|
name: paperless
|
|
state: present
|
|
register: group_paperless
|
|
|
|
- name: Create Paperless user
|
|
user:
|
|
name: paperless
|
|
group: paperless
|
|
register: user_paperless
|
|
|
|
- name: Create Paperless directories
|
|
file:
|
|
path: "{{ dataroot }}/paperless/{{ item }}"
|
|
state: directory
|
|
owner: paperless
|
|
group: paperless
|
|
mode: "u=rwX,g=,o="
|
|
with_items:
|
|
- data
|
|
- media
|
|
|
|
- name: Create Paperless consume directory
|
|
file:
|
|
path: "{{ dataroot }}/paperless/consume"
|
|
state: directory
|
|
owner: paperless
|
|
group: vault
|
|
mode: "u=rwX,g=rwX,o="
|
|
|
|
- name: Create Paperless .env file
|
|
template:
|
|
src: "paperless.env.j2"
|
|
dest: "{{ docker_compose_dir }}/paperless.env"
|
|
lstrip_blocks: true
|
|
|
|
- name: Create Navidrome user
|
|
user:
|
|
name: navidrome
|
|
register: user_navidrome
|
|
when: '"navidrome" in group_names'
|
|
|
|
- name: Create Navidrome directory
|
|
file:
|
|
path: "{{ dataroot }}/navidrome"
|
|
state: directory
|
|
owner: navidrome
|
|
group: navidrome
|
|
mode: "u=rwX,g=rwX,o="
|
|
|
|
- name: Create music directory
|
|
file:
|
|
path: "{{ music_path }}"
|
|
state: directory
|
|
owner: navidrome
|
|
group: vault
|
|
mode: "u=rwX,g=rwX,o="
|
|
|
|
- name: Set ACL to allow navidrome to read synced music
|
|
ansible.posix.acl:
|
|
default: true
|
|
entity: navidrome
|
|
etype: user
|
|
permissions: rx
|
|
recursive: true
|
|
state: present
|
|
path: "{{ music_path }}"
|
|
|
|
- name: Create docker-compose directory
|
|
ansible.builtin.file:
|
|
path: "{{ docker_compose_dir }}"
|
|
owner: "{{ admin_username }}"
|
|
group: "{{ admin_username }}"
|
|
state: directory
|
|
|
|
- name: Create Synapse user
|
|
user:
|
|
name: synapse
|
|
register: user_synapse
|
|
when: '"synapse" in group_names'
|
|
|
|
- name: Generate docker-compose.yml
|
|
template:
|
|
src: "docker-compose.yml.j2"
|
|
dest: "{{ docker_compose_dir }}/docker-compose.yml"
|
|
lstrip_blocks: true
|
|
register: generateComp
|
|
|
|
- name: Create systemd unit file
|
|
template:
|
|
src: "docker-compose.service.j2"
|
|
dest: "/etc/systemd/system/docker-compose.service"
|
|
|
|
- name: Compose up (update images if necessary)
|
|
systemd:
|
|
name: docker-compose
|
|
state: reloaded
|
|
enabled: true
|
|
register: compUp
|