--- - name: Validate required passwords are set ansible.builtin.assert: that: - ntfy_admin_password is defined - ntfy_admin_password | length >= 12 fail_msg: | ntfy_admin_password is required (min 12 chars). See roles/ntfy/defaults/main.yml for configuration instructions. success_msg: "Password validation passed" - name: Create ntfy project directory ansible.builtin.file: path: "{{ podman_projects_dir | default('/opt/podman') }}/ntfy" state: directory owner: "{{ ansible_user }}" group: "{{ ansible_user }}" mode: "0755" - name: Create ntfy data directories ansible.builtin.file: path: "{{ item }}" state: directory owner: "{{ ansible_user }}" group: "{{ ansible_user }}" mode: "0755" loop: - "{{ ntfy_data_dir }}" - "{{ ntfy_cache_dir }}" - name: Deploy ntfy server configuration ansible.builtin.template: src: server.yml.j2 dest: "{{ podman_projects_dir | default('/opt/podman') }}/ntfy/server.yml" owner: "{{ ansible_user }}" group: "{{ ansible_user }}" mode: "0644" notify: Restart ntfy - name: Deploy Kubernetes YAML for ntfy ansible.builtin.template: src: ntfy.yaml.j2 dest: "{{ podman_projects_dir | default('/opt/podman') }}/ntfy/ntfy.yaml" owner: "{{ ansible_user }}" group: "{{ ansible_user }}" mode: "0644" notify: Restart ntfy - name: Get home directory for {{ ansible_user }} ansible.builtin.getent: database: passwd key: "{{ ansible_user }}" - name: Set user home directory fact ansible.builtin.set_fact: user_home_dir: "{{ getent_passwd[ansible_user][4] }}" - name: Create systemd user directory for ntfy ansible.builtin.file: path: "{{ user_home_dir }}/.config/systemd/user" state: directory owner: "{{ ansible_user }}" group: "{{ ansible_user }}" mode: "0755" - name: Create systemd service for ntfy (user scope) ansible.builtin.template: src: ntfy.service.j2 dest: "{{ user_home_dir }}/.config/systemd/user/ntfy.service" owner: "{{ ansible_user }}" group: "{{ ansible_user }}" mode: "0644" notify: Reload systemd user - name: Enable lingering for user {{ ansible_user }} ansible.builtin.command: "loginctl enable-linger {{ ansible_user }}" when: ansible_user != 'root' - name: Enable and start ntfy service (user scope) ansible.builtin.command: "systemctl --user enable --now ntfy.service" become_user: "{{ ansible_user }}" - name: Wait for ntfy to be ready ansible.builtin.wait_for: port: "{{ ntfy_port }}" host: 127.0.0.1 timeout: 60 - name: Check if admin user already exists ansible.builtin.command: cmd: podman exec ntfy-server ntfy user list register: ntfy_user_list changed_when: false failed_when: false become_user: "{{ ansible_user }}" - name: Create admin user in ntfy ansible.builtin.shell: | printf '%s\n%s\n' '{{ ntfy_admin_password }}' '{{ ntfy_admin_password }}' | podman exec -i ntfy-server ntfy user add --role=admin {{ ntfy_admin_user }} when: ntfy_admin_user not in ntfy_user_list.stdout register: ntfy_user_create changed_when: ntfy_user_create.rc == 0 become_user: "{{ ansible_user }}" - name: Set admin user password ansible.builtin.shell: | printf '%s\n%s\n' '{{ ntfy_admin_password }}' '{{ ntfy_admin_password }}' | podman exec -i ntfy-server ntfy user change-pass {{ ntfy_admin_user }} when: ntfy_admin_user in ntfy_user_list.stdout changed_when: false become_user: "{{ ansible_user }}" - name: Deploy nginx vhost configuration for ntfy ansible.builtin.template: src: nginx-vhost.conf.j2 dest: "{{ nginx_conf_dir | default('/etc/nginx/conf.d') }}/ntfy.conf" owner: root group: root mode: "0644" when: ntfy_nginx_enabled notify: Reload nginx - name: Remove nginx vhost configuration for ntfy ansible.builtin.file: path: "{{ nginx_conf_dir | default('/etc/nginx/conf.d') }}/ntfy.conf" state: absent when: not ntfy_nginx_enabled notify: Reload nginx