remove systemd and use native docker-compose #1

Merged
xoxys merged 2 commits from refactoring into master 2020-06-23 09:07:07 +00:00
11 changed files with 132 additions and 150 deletions

View File

@ -1,12 +1,52 @@
--- ---
freshrss_version: latest freshrss_version: latest
freshrss_service_directory: /var/lib/docker/services/freshrss
freshrss_container_name: freshrss
freshrss_image: "xoxys/freshrss:{{ freshrss_version }}" freshrss_image: "xoxys/freshrss:{{ freshrss_version }}"
freshrss_restart_policy: on-failure # @var freshrss_base_url:description: >
freshrss_exposed_port: 80 # Specify address of the freshrss instance, used when building absolute urls, e.g. for websub.
freshrss_exposed_ip: 127.0.0.1 # @end
freshrss_base_url: "http://localhost/"
freshrss_service_directory: /var/lib/docker/services/freshrss
freshrss_container_name: freshrss
freshrss_restart_policy: always
freshrss_service_stopped: False
# @var freshrss_networks:example: >
# freshrss_networks:
# - name: default
# # optional network driver, defaults to 'bride'
# driver: host
# @end
freshrss_networks:
- name: default
freshrss_networks_applied:
- default
# @var freshrss_volumes:description: > Define required docker volumes.
# @end
# @var freshrss_volumes:example: >
# freshrss_volumes:
# # Instead of the name you could specify a path on the container host system,
# # but you also have to enable bind mount for this volume
# - name: data
# # target location inside the container
# dest: /var/www/app/data
# # enable bind mount, if false volume will be configured as named volume
# # keep in mind you MUST set bind in any case
# bind: True
# @end
freshrss_volumes:
- name: data
dest: /var/www/app/data
bind: False
- name: extensions
dest: /var/www/app/extensions
bind: False
freshrss_exposed_ports:
- "127.0.0.1:8080:8080"
freshrss_extra_hosts: [] freshrss_extra_hosts: []
# @var freshrss_memory_limit: $ "_unset_" # @var freshrss_memory_limit: $ "_unset_"
@ -36,23 +76,18 @@ freshrss_default_password: "freshrss"
# @end # @end
# @var freshrss_salt: $ "_unset_" # @var freshrss_salt: $ "_unset_"
# @var freshrss_base_url:description: >
# Specify address of the freshrss instance, used when building
# absolute urls, e.g. for websub.
# @end
freshrss_base_url: "http://localhost/"
freshrss_language: "en" freshrss_language: "en"
freshrss_title: "FreshRSS" freshrss_title: "FreshRSS"
# @var freshrss_meta_description: $ "_unset_" # @var freshrss_meta_description: $ "_unset_"
freshrss_allow_anonymous: "false" freshrss_allow_anonymous: False
freshrss_allow_anonymous_refresh: "false" freshrss_allow_anonymous_refresh: False
freshrss_auth_type: "form" freshrss_auth_type: "form"
freshrss_api_enabled: "false" freshrss_api_enabled: False
freshrss_unsafe_autologin_enabled: "false" freshrss_unsafe_autologin_enabled: False
freshrss_simplepie_syslog_enabled: "true" freshrss_simplepie_syslog_enabled: True
freshrss_pubsubhubbub_enabled: "false" freshrss_pubsubhubbub_enabled: False
freshrss_allow_robots: "false" freshrss_allow_robots: False
freshrss_allow_referrer: "false" freshrss_allow_referrer: False
freshrss_limits_cookie_duration: "2592000" freshrss_limits_cookie_duration: "2592000"
freshrss_limits_cache_duration: "800" freshrss_limits_cache_duration: "800"
freshrss_limits_timeout: "15" freshrss_limits_timeout: "15"
@ -74,16 +109,14 @@ freshrss_limits_max_registrations: "1"
freshrss_extensions_enabled: freshrss_extensions_enabled:
- "Tumblr-GDPR" - "Tumblr-GDPR"
freshrss_db_type: pgsql freshrss_db_type: sqlite
freshrss_db_server: localhost freshrss_db_server: localhost
freshrss_db_port: 5432 freshrss_db_port: 5432
freshrss_db_name: freshrss freshrss_db_name: freshrss
freshrss_db_user: pgfreshrss freshrss_db_user: freshrss
freshrss_db_password: secure freshrss_db_password: secure
# @var freshrss_db_ssl_mode:description: This variable is only supported for `pgsql` DB type. # @var freshrss_db_ssl_mode:description: This variable is only supported for `pgsql` DB type.
freshrss_db_ssl_mode: disable freshrss_db_ssl_mode: disable
# @var freshrss_db_ssl_mode:description: This variable is only supported for `pgsql` DB type. # @var freshrss_db_ssl_mode:description: This variable is only supported for `pgsql` DB type.
freshrss_db_ssl_rootcert: /etc/ssl/certs/ca-certificates.crt freshrss_db_ssl_rootcert: /etc/ssl/certs/ca-certificates.crt
freshrss_docker_compose_bin: /usr/local/bin/docker-compose

View File

@ -1,9 +0,0 @@
---
- name: Restart container
systemd:
state: restarted
daemon_reload: yes
name: freshrss
listen: __freshrss_restart
become: True
become_user: root

View File

@ -1,33 +1,11 @@
--- ---
- name: Converge (Stage 1) - name: Converge
hosts: all
roles:
- role: xoxys.python3
- role: xoxys.docker_engine
- name: Converge (Stage 2)
hosts: all hosts: all
vars: vars:
postgres_repository_enabled: True dockerengine_packages_extra:
postgres_connection_addresses: - epel-release
- "{{ ansible_docker0.ipv4.address }}" - python-pip
postgres_users:
- name: "pgfreshrss"
password: "secure"
priv: ALL
db: "freshrss"
postgres_dbs:
- name: "freshrss"
postgres_hba_entries_extra:
- contype: host
databases:
- all
users:
- all
address: "172.18.0.0/16"
auth_method: md5
freshrss_db_server: "{{ ansible_docker0.ipv4.address }}"
roles: roles:
- role: xoxys.postgres - role: xoxys.docker_engine
- role: xoxys.freshrss_docker - role: xoxys.freshrss_docker

View File

@ -1,15 +1,5 @@
--- ---
- src: https://gitea.rknet.org/ansible/xoxys.python3.git
name: xoxys.python3
scm: git
version: master
- src: https://gitea.rknet.org/ansible/xoxys.docker_engine.git - src: https://gitea.rknet.org/ansible/xoxys.docker_engine.git
name: xoxys.docker_engine name: xoxys.docker_engine
scm: git scm: git
version: master version: refactoring
- src: https://gitea.rknet.org/ansible/xoxys.postgres.git
name: xoxys.postgres
scm: git
version: master

View File

@ -17,12 +17,12 @@ def test_freshrss_running(host):
def test_freshrss_socket(host): def test_freshrss_socket(host):
# Verify the socket is listening for HTTP traffic # Verify the socket is listening for HTTP traffic
assert host.socket("tcp://127.0.0.1:80").is_listening assert host.socket("tcp://127.0.0.1:8080").is_listening
def test_freshrss_conn_error(host): def test_freshrss_conn_error(host):
code = int(host.run("curl -s -w '%{http_code}' http://localhost/ -o /dev/null").stdout) code = int(host.run("curl -s -w '%{http_code}' http://127.0.0.1:8080/ -o /dev/null").stdout)
body = host.run("curl -sX GET http://localhost/").stdout body = host.run("curl -sX GET http://127.0.0.1:8080/").stdout
assert code == 200 assert code == 200
assert "FreshRSS" in body assert "FreshRSS" in body

View File

@ -1,4 +1,2 @@
--- ---
- include_tasks: prepare.yml
- include_tasks: setup.yml - include_tasks: setup.yml
- include_tasks: post.yml

View File

@ -1,10 +0,0 @@
---
- block:
- name: Ensure freshrss service is up and running
systemd:
state: started
daemon_reload: yes
enabled: yes
name: freshrss
become: True
become_user: root

View File

@ -1,8 +0,0 @@
---
- name: Ensure service directory exists
file:
path: "{{ freshrss_service_directory }}"
state: directory
mode: 0755
become: True
become_user: root

View File

@ -1,20 +1,28 @@
--- ---
- block: - block:
- name: Ensure service directory exists
file:
path: "{{ freshrss_service_directory }}"
state: directory
mode: 0755
- name: Deploy compose file to '{{ freshrss_service_directory }}' - name: Deploy compose file to '{{ freshrss_service_directory }}'
template: template:
src: "services/freshrss-compose.yml.j2" src: "services/freshrss-compose.yml.j2"
dest: "{{ freshrss_service_directory }}/docker-compose.yml" dest: "{{ freshrss_service_directory }}/docker-compose.yml"
owner: root owner: root
group: root group: root
mode: 0644 mode: 0640
validate: "{{ freshrss_docker_compose_bin }} -f %s config -q" validate: "docker-compose -f %s config -q"
notify: __freshrss_restart
- name: Create systemd unit files - name: Ensure service is up and running
template: docker_compose:
src: "etc/systemd/system/freshrss.service.j2" project_src: "{{ freshrss_service_directory }}"
dest: "/etc/systemd/system/freshrss.service" pull: yes
mode: 0644 remove_orphans: yes
notify: __freshrss_restart stopped: "{{ freshrss_service_stopped }}"
state: present
# temp. disable changes; breaks idempotency for whatever reason
changed_when: False
become: True become: True
become_user: root become_user: root

View File

@ -1,22 +0,0 @@
#jinja2:lstrip_blocks: True
{{ ansible_managed | comment }}
[Unit]
Description=FreshRSS feed aggregator
Requires=docker.service network-online.target
After=docker.service network-online.target
[Service]
WorkingDirectory={{ freshrss_service_directory }}
Type=simple
TimeoutStartSec=15min
Restart={{ freshrss_restart_policy }}
ExecStartPre={{ freshrss_docker_compose_bin }} pull --quiet --ignore-pull-failures
ExecStart={{ freshrss_docker_compose_bin }} up --remove-orphans
ExecStop={{ freshrss_docker_compose_bin }} down --remove-orphans
ExecReload={{ freshrss_docker_compose_bin }} pull --quiet --ignore-pull-failures
[Install]
WantedBy=multi-user.target

View File

@ -1,21 +1,34 @@
#jinja2:lstrip_blocks: True #jinja2:lstrip_blocks: True
{{ ansible_managed | comment }} {{ ansible_managed | comment }}
version: '2.1' version: '2.4'
services: services:
freshrss: freshrss:
container_name: {{ freshrss_container_name }} container_name: {{ freshrss_container_name }}
image: {{ freshrss_image }} image: {{ freshrss_image }}
restart: unless-stopped restart: {{ freshrss_restart_policy }}
{% if freshrss_exposed_ports | default([]) %}
ports: ports:
- {{ freshrss_exposed_ip + ':' if freshrss_exposed_ip is defined else '' }}{{ freshrss_exposed_port }}:8080 {% for port in freshrss_exposed_ports %}
- {{ port | quote }}
{% endfor %}
{% endif %}
{% if freshrss_volumes | default([]) %}
volumes: volumes:
- extensions:/var/www/app/extensions {% for volume in freshrss_volumes %}
- data:/var/www/app/data - "{{ volume.name }}:{{ volume.dest }}"
{% endfor %}
{% endif %}
{% if freshrss_networks_applied | default([]) %}
networks:
{% for network in freshrss_networks_applied %}
- {{ network }}
{% endfor %}
{% endif %}
{% if freshrss_extra_hosts | default([]) %} {% if freshrss_extra_hosts | default([]) %}
extra_hosts: extra_hosts:
{% for host in freshrss_extra_hosts %} {% for host in freshrss_extra_hosts %}
- {{ '"' + host + '"' }} - {{ host | quote }}
{% endfor %} {% endfor %}
{% endif %} {% endif %}
environment: environment:
@ -31,15 +44,15 @@ services:
{% endif %} {% endif %}
- FRESHRSS_DEFAULT_USER={{ freshrss_default_user }} - FRESHRSS_DEFAULT_USER={{ freshrss_default_user }}
- FRESHRSS_DEFAULT_PASSWORD={{ freshrss_default_password }} - FRESHRSS_DEFAULT_PASSWORD={{ freshrss_default_password }}
- FRESHRSS_ALLOW_ANONYMOUS={{ freshrss_allow_anonymous }} - FRESHRSS_ALLOW_ANONYMOUS={{ freshrss_allow_anonymous | bool | lower }}
- FRESHRSS_ALLOW_ANONYMOUS_REFRESH={{ freshrss_allow_anonymous_refresh }} - FRESHRSS_ALLOW_ANONYMOUS_REFRESH={{ freshrss_allow_anonymous_refresh | bool | lower }}
- FRESHRSS_AUTH_TYPE={{ freshrss_auth_type }} - FRESHRSS_AUTH_TYPE={{ freshrss_auth_type }}
- FRESHRSS_API_ENABLED={{ freshrss_api_enabled }} - FRESHRSS_API_ENABLED={{ freshrss_api_enabled | bool | lower }}
- FRESHRSS_UNSAFE_AUTOLOGIN_ENABLED={{ freshrss_unsafe_autologin_enabled }} - FRESHRSS_UNSAFE_AUTOLOGIN_ENABLED={{ freshrss_unsafe_autologin_enabled | bool | lower }}
- FRESHRSS_SIMPLEPIE_SYSLOG_ENABLED={{ freshrss_simplepie_syslog_enabled }} - FRESHRSS_SIMPLEPIE_SYSLOG_ENABLED={{ freshrss_simplepie_syslog_enabled | bool | lower }}
- FRESHRSS_PUBSUBHUBBUB_ENABLED={{ freshrss_pubsubhubbub_enabled }} - FRESHRSS_PUBSUBHUBBUB_ENABLED={{ freshrss_pubsubhubbub_enabled | bool | lower }}
- FRESHRSS_ALLOW_ROBOTS={{ freshrss_allow_robots }} - FRESHRSS_ALLOW_ROBOTS={{ freshrss_allow_robots | bool | lower }}
- FRESHRSS_ALLOW_REFERRER={{ freshrss_allow_referrer }} - FRESHRSS_ALLOW_REFERRER={{ freshrss_allow_referrer | bool | lower }}
- FRESHRSS_LIMITS_COOKIE_DURATION={{ freshrss_limits_cookie_duration }} - FRESHRSS_LIMITS_COOKIE_DURATION={{ freshrss_limits_cookie_duration }}
- FRESHRSS_LIMITS_CACHE_DURATION={{ freshrss_limits_cache_duration }} - FRESHRSS_LIMITS_CACHE_DURATION={{ freshrss_limits_cache_duration }}
- FRESHRSS_LIMITS_TIMEOUT={{ freshrss_limits_timeout }} - FRESHRSS_LIMITS_TIMEOUT={{ freshrss_limits_timeout }}
@ -68,18 +81,20 @@ services:
{% if freshrss_curlopt_proxyuserpwd is defined and freshrss_curlopt_proxyuserpwd %} {% if freshrss_curlopt_proxyuserpwd is defined and freshrss_curlopt_proxyuserpwd %}
- FRESHRSS_CURLOPT_PROXYUSERPWD={{ freshrss_curlopt_proxyuserpwd }} - FRESHRSS_CURLOPT_PROXYUSERPWD={{ freshrss_curlopt_proxyuserpwd }}
{% endif %} {% endif %}
- FRESHRSS_DB_TYPE=pgsql - FRESHRSS_DB_TYPE={{ freshrss_db_type }}
{% if freshrss_db_type != "sqlite" %}
{% if freshrss_db_type == "pgsql" %} {% if freshrss_db_type == "pgsql" %}
- FRESHRSS_DB_HOST={{ freshrss_db_server }};sslmode={{ freshrss_db_ssl_mode }} - FRESHRSS_DB_HOST={{ freshrss_db_server }};sslmode={{ freshrss_db_ssl_mode }}
- FRESHRSS_POSTGRES_SSL_ROOTCERT={{ freshrss_db_ssl_rootcert }}
{% else %} {% else %}
- FRESHRSS_DB_HOST={{ freshrss_db_server }} - FRESHRSS_DB_HOST={{ freshrss_db_server }}
{% endif %} {% endif %}
- FRESHRSS_POSTGRES_SSL_ROOTCERT={{ freshrss_db_ssl_rootcert }}
- FRESHRSS_DB_PORT={{ freshrss_db_port }} - FRESHRSS_DB_PORT={{ freshrss_db_port }}
- FRESHRSS_DB_USER={{ freshrss_db_user }} - FRESHRSS_DB_USER={{ freshrss_db_user }}
- FRESHRSS_DB_PASSWORD={{ freshrss_db_password }} - FRESHRSS_DB_PASSWORD={{ freshrss_db_password }}
- FRESHRSS_DB_BASE={{ freshrss_db_name }} - FRESHRSS_DB_BASE={{ freshrss_db_name }}
- FRESHRSS_DB_PREFIX=freshrss_ - FRESHRSS_DB_PREFIX=freshrss_
{% endif %}
- FRESHRSS_EXTENSIONS_ENABLED={{ freshrss_extensions_enabled | join(',') }} - FRESHRSS_EXTENSIONS_ENABLED={{ freshrss_extensions_enabled | join(',') }}
{% if freshrss_memory_limit is defined %} {% if freshrss_memory_limit is defined %}
mem_limit: {{ freshrss_memory_limit }} mem_limit: {{ freshrss_memory_limit }}
@ -115,9 +130,18 @@ services:
{% if freshrss_pids_limit is defined %} {% if freshrss_pids_limit is defined %}
pids_limit: {{ freshrss_pids_limit }} pids_limit: {{ freshrss_pids_limit }}
{% endif %} {% endif %}
{% if freshrss_volumes | default([]) | rejectattr("bind") | list | length > 0 %}
volumes: volumes:
extensions: {% for volume in freshrss_volumes | rejectattr("bind") %}
driver: local {{ volume.name }}:
data: {% endfor %}
driver: local {% endif %}
{% if freshrss_networks | default([]) | length > 0 %}
networks:
{% for network in freshrss_networks %}
{{ network.name }}:
driver: {{ network.backend | default("bridge") }}
{% endfor %}
{% endif %}