jokester/ansible-playbooks
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: podman connect

Browse Source
This commit is contained in:
Clément Désiles
2025-12-21 22:25:57 +01:00
parent c197f28013
commit 10f4eb5817
23 changed files with 291 additions and 571 deletions
Download Patch File Download Diff File Expand all files Collapse all files
roles/ntfy/tasks/main.yml
+13 -10
View File
@@ -11,7 +11,7 @@
- name: Create ntfy project directory
ansible.builtin.file:
path: "{{ podman_projects_dir }}/ntfy"
path: "{{ podman_projects_dir | default('/opt/podman') }}/ntfy"
state: directory
owner: "{{ ansible_user }}"
group: "{{ ansible_user }}"
@@ -31,16 +31,16 @@
- name: Deploy ntfy server configuration
ansible.builtin.template:
src: server.yml.j2
dest: "{{ podman_projects_dir }}/ntfy/server.yml"
dest: "{{ podman_projects_dir | default('/opt/podman') }}/ntfy/server.yml"
owner: "{{ ansible_user }}"
group: "{{ ansible_user }}"
mode: "0644"
notify: Restart ntfy
- name: Deploy docker-compose.yml for ntfy
- name: Deploy Kubernetes YAML for ntfy
ansible.builtin.template:
src: docker-compose.yml.j2
dest: "{{ podman_projects_dir }}/ntfy/docker-compose.yml"
src: ntfy.yaml.j2
dest: "{{ podman_projects_dir | default('/opt/podman') }}/ntfy/ntfy.yaml"
owner: "{{ ansible_user }}"
group: "{{ ansible_user }}"
mode: "0644"
@@ -70,28 +70,31 @@
- name: Check if admin user already exists
ansible.builtin.command:
cmd: podman exec ntfy ntfy user list
cmd: podman exec ntfy-server ntfy user list
register: ntfy_user_list
changed_when: false
failed_when: false
become_user: "{{ ansible_user }}"
- name: Create admin user in ntfy
ansible.builtin.shell: |
printf '%s\n%s\n' '{{ ntfy_admin_password }}' '{{ ntfy_admin_password }}' | podman exec -i ntfy ntfy user add --role=admin {{ ntfy_admin_user }}
printf '%s\n%s\n' '{{ ntfy_admin_password }}' '{{ ntfy_admin_password }}' | podman exec -i ntfy-server ntfy user add --role=admin {{ ntfy_admin_user }}
when: ntfy_admin_user not in ntfy_user_list.stdout
register: ntfy_user_create
changed_when: ntfy_user_create.rc == 0
become_user: "{{ ansible_user }}"
- name: Set admin user password
ansible.builtin.shell: |
printf '%s\n%s\n' '{{ ntfy_admin_password }}' '{{ ntfy_admin_password }}' | podman exec -i ntfy ntfy user change-pass {{ ntfy_admin_user }}
printf '%s\n%s\n' '{{ ntfy_admin_password }}' '{{ ntfy_admin_password }}' | podman exec -i ntfy-server ntfy user change-pass {{ ntfy_admin_user }}
when: ntfy_admin_user in ntfy_user_list.stdout
changed_when: false
become_user: "{{ ansible_user }}"
- name: Deploy nginx vhost configuration for ntfy
ansible.builtin.template:
src: nginx-vhost.conf.j2
dest: "{{ nginx_conf_dir }}/ntfy.conf"
dest: "{{ nginx_conf_dir | default('/etc/nginx/conf.d') }}/ntfy.conf"
owner: root
group: root
mode: "0644"
@@ -100,7 +103,7 @@
- name: Remove nginx vhost configuration for ntfy
ansible.builtin.file:
path: "{{ nginx_conf_dir }}/ntfy.conf"
path: "{{ nginx_conf_dir | default('/etc/nginx/conf.d') }}/ntfy.conf"
state: absent
when: not ntfy_nginx_enabled
notify: Reload nginx
roles/ntfy/templates/docker-compose.yml.j2
-23
View File
@@ -1,23 +0,0 @@
---
services:
ntfy:
container_name: ntfy
image: {{ ntfy_image }}:{{ ntfy_version }}
command:
- serve
volumes:
- /etc/localtime:/etc/localtime:ro
- {{ podman_projects_dir }}/ntfy/server.yml:/etc/ntfy/server.yml:ro
- {{ ntfy_cache_dir }}:/var/cache/ntfy:rw,Z
- {{ ntfy_data_dir }}:/var/lib/ntfy:rw,Z
ports:
- "{{ ntfy_port }}:80"
restart: always
healthcheck:
test: ["CMD-SHELL", "wget -q --tries=1 http://localhost:80/v1/health -O - | grep -Eo '\"healthy\"\\s*:\\s*true' || exit 1"]
interval: 30s
timeout: 10s
retries: 3
start_period: 40s
environment:
TZ: {{ ntfy_timezone }}
roles/ntfy/templates/nginx-vhost.conf.j2
+3 -3
View File
@@ -25,10 +25,10 @@ server {
ssl_certificate_key /etc/letsencrypt/live/{{ ntfy_nginx_hostname }}/privkey.pem;
# SSL configuration
ssl_protocols {{ nginx_ssl_protocols }};
ssl_prefer_server_ciphers {{ 'on' if nginx_ssl_prefer_server_ciphers else 'off' }};
ssl_protocols {{ nginx_ssl_protocols | default('TLSv1.3') }};
ssl_prefer_server_ciphers on;
{% if nginx_log_backend == 'journald' %}
{% if nginx_log_backend | default('journald') == 'journald' %}
access_log syslog:server=unix:/dev/log,nohostname,tag=nginx_ntfy;
error_log syslog:server=unix:/dev/log,nohostname,tag=nginx_ntfy;
{% else %}
roles/ntfy/templates/ntfy.service.j2
+3 -3
View File
@@ -8,9 +8,9 @@ Type=oneshot
RemainAfterExit=true
User={{ ansible_user }}
Group={{ ansible_user }}
WorkingDirectory={{ podman_projects_dir }}/ntfy
ExecStart=/usr/bin/podman-compose up -d
ExecStop=/usr/bin/podman-compose down
WorkingDirectory={{ podman_projects_dir | default('/opt/podman') }}/ntfy
ExecStart=/usr/bin/podman play kube --replace ntfy.yaml
ExecStop=/usr/bin/podman play kube --down ntfy.yaml
Restart=on-failure
RestartSec=10
roles/ntfy/templates/ntfy.yaml.j2
+57
View File
@@ -0,0 +1,57 @@
---
apiVersion: v1
kind: Pod
metadata:
name: ntfy
labels:
app: ntfy
spec:
containers:
- name: server
image: {{ ntfy_image }}:{{ ntfy_version }}
args:
- serve
ports:
- containerPort: 80
hostPort: {{ ntfy_port }}
env:
- name: TZ
value: "{{ ntfy_timezone }}"
volumeMounts:
- name: localtime
mountPath: /etc/localtime
readOnly: true
- name: ntfy-config
mountPath: /etc/ntfy/server.yml
readOnly: true
- name: ntfy-cache
mountPath: /var/cache/ntfy
- name: ntfy-data
mountPath: /var/lib/ntfy
livenessProbe:
httpGet:
path: /v1/health
port: 80
initialDelaySeconds: 40
periodSeconds: 30
timeoutSeconds: 10
failureThreshold: 3
restartPolicy: Always
volumes:
- name: localtime
hostPath:
path: /etc/localtime
type: File
- name: ntfy-config
hostPath:
path: {{ podman_projects_dir | default('/opt/podman') }}/ntfy/server.yml
type: File
- name: ntfy-cache
hostPath:
path: {{ ntfy_cache_dir }}
type: Directory
- name: ntfy-data
hostPath:
path: {{ ntfy_data_dir }}
type: Directory