From b6b4978e6829035eaac9c811a8a8be21879c63f3 Mon Sep 17 00:00:00 2001 From: Max Date: Mon, 22 Dec 2025 10:14:58 -0500 Subject: [PATCH] feat: stuff --- Taskfile.yml | 2 +- playbooks/slow.yml | 133 ++++++++++++++++----------------------------- 2 files changed, 49 insertions(+), 86 deletions(-) diff --git a/Taskfile.yml b/Taskfile.yml index 8edd0f5..17b59ec 100644 --- a/Taskfile.yml +++ b/Taskfile.yml @@ -6,7 +6,7 @@ tasks: - docker compose -f compose.dev.yml up --build --force-recreate --no-deps deploy:fast: ansible-playbook playbooks/fast.yml - deploy:slow: ansible-playbook playbooks/slow.yml + deploy:slow: ansible-playbook playbooks/slow.yml {{.CLI_ARGS}} deploy:restore: ansible-playbook playbooks/restore.yml -e "restore_bucket={{.BUCKET}} restore_key={{.KEY}}" vault: ansible-vault edit vault.yml diff --git a/playbooks/slow.yml b/playbooks/slow.yml index f851fb0..ea48394 100644 --- a/playbooks/slow.yml +++ b/playbooks/slow.yml @@ -2,6 +2,8 @@ hosts: localhost vars_files: ../config/ansible.secret.json gather_facts: false + vars: + image_name: "service/gitea" tasks: - name: Build image. community.docker.docker_image_build: @@ -11,6 +13,12 @@ rebuild: always pull: true + - name: Create build directory. + ansible.builtin.file: + path: ../dist + state: directory + mode: '0777' + - name: Push image to archive. community.docker.docker_image: name: "{{ image_name }}" @@ -21,101 +29,56 @@ register: compress_image community.general.archive: path: ../dist/image.tar - dest: ../dist/image.tar.xz - format: xz + dest: ../dist/image.tar.gz + format: gz mode: "0644" - - name: Push artifact to S3. - amazon.aws.s3_object: - bucket: "{{ image_bucket }}" - object: "{{ image_key }}" - src: ../dist/image.tar.xz - mode: put - - region: "{{ aws_region }}" - access_key: "{{ aws_access_key }}" - secret_key: "{{ aws_secret_key }}" - - name: Deploy artifact to instance. - hosts: localhost - become: true + hosts: compute gather_facts: false - vars_files: - - ../config/ansible.secret.json - - ../config/infrastructure.secret.json - vars: - ansible_connection: aws_ssm - ansible_python_interpreter: /usr/bin/python3 - ansible_aws_ssm_plugin: "{{ ssm_plugin }}" - ansible_aws_ssm_bucket_name: "{{ image_bucket }}" - ansible_aws_ssm_instance_id: "{{ instance_id.value }}" - ansible_aws_ssm_region: "{{ aws_region }}" - ansible_aws_ssm_access_key_id: "{{ aws_access_key }}" - ansible_aws_ssm_secret_access_key: "{{ aws_secret_key }}" tasks: - - name: Fetch image. - amazon.aws.s3_object: - mode: get - bucket: "{{ image_bucket }}" - object: "{{ image_key }}" - dest: /root/image.tar.gz - - region: "{{ aws_region }}" - access_key: "{{ aws_access_key }}" - secret_key: "{{ aws_secret_key }}" - - name: Create data directory. ansible.builtin.file: - path: /home/ssm-user/data + path: "{{ item }}" state: directory mode: '0777' + loop: + - ~/app + - ~/app/gitea + + - name: Pull image to remote. + ansible.posix.synchronize: + src: ../dist/image.tar.gz + dest: ~/app/gitea/image.tar.gz - name: Load image. - community.docker.docker_image_load: - path: /root/image.tar.gz + containers.podman.podman_load: + path: ~/app/gitea/image.tar.gz register: image - - name: Run image. - community.docker.docker_container: - name: server - image: "{{ image.image_names[0] }}" - state: started - recreate: true - restart_policy: unless-stopped - memory: 425m - memory_swap: 900m - ports: [80:80, 2222:2222, 443:443, "22:22"] - env: - GITEA__security__INTERNAL_TOKEN: "{{ internal_secret }}" - GITEA__server__LFS_JWT_SECRET: "{{ lfs_secret }}" - GITEA__oauth2__JWT_SECRET: "{{ jwt_secret }}" - GITEA__server__ACME_EMAIL: "{{ email }}" - GITEA__server__SSH_DOMAIN: "{{ full_domain.value }}" - GITEA__server__DOMAIN: "{{ full_domain.value }}" - GITEA__server__ROOT_URL: "https://{{ full_domain.value }}/" - GITEA__storage__MINIO_ACCESS_KEY_ID: "{{ minio_access_key }}" - GITEA__storage__MINIO_SECRET_ACCESS_KEY: "{{ minio_secret_key }}" - labels: - docker-volume-backup.stop-during-backup: "true" - volumes: - - /home/ssm-user/data:/var/lib/gitea - - /etc/timezone:/etc/timezone:ro - - /etc/localtime:/etc/localtime:ro - - - name: Run backup. - community.docker.docker_container: - name: backup - image: offen/docker-volume-backup:v2 - state: started - recreate: true - restart_policy: unless-stopped - volumes: - - /home/ssm-user/data:/backup/my-app-backup:ro - - /var/run/docker.sock:/var/run/docker.sock:ro - env: - AWS_S3_BUCKET_NAME: "{{ boot_bucket }}" - AWS_S3_PATH: "{{ boot_key }}" - AWS_REGION: "{{ boot_region.value }}" - AWS_ACCESS_KEY_ID: "{{ boot_id.value }}" - AWS_SECRET_ACCESS_KEY: "{{ boot_secret.value }}" - BACKUP_CRON_EXPRESSION: "0 0 * * *" + # - name: Run image. + # community.docker.docker_container: + # name: server + # image: "{{ image.image_names[0] }}" + # state: started + # recreate: true + # restart_policy: unless-stopped + # memory: 425m + # memory_swap: 900m + # ports: [80:80, 2222:2222, 443:443, "22:22"] + # env: + # GITEA__security__INTERNAL_TOKEN: "{{ internal_secret }}" + # GITEA__server__LFS_JWT_SECRET: "{{ lfs_secret }}" + # GITEA__oauth2__JWT_SECRET: "{{ jwt_secret }}" + # GITEA__server__ACME_EMAIL: "{{ email }}" + # GITEA__server__SSH_DOMAIN: "{{ full_domain.value }}" + # GITEA__server__DOMAIN: "{{ full_domain.value }}" + # GITEA__server__ROOT_URL: "https://{{ full_domain.value }}/" + # GITEA__storage__MINIO_ACCESS_KEY_ID: "{{ minio_access_key }}" + # GITEA__storage__MINIO_SECRET_ACCESS_KEY: "{{ minio_secret_key }}" + # labels: + # docker-volume-backup.stop-during-backup: "true" + # volumes: + # - /home/ssm-user/data:/var/lib/gitea + # - /etc/timezone:/etc/timezone:ro + # - /etc/localtime:/etc/localtime:ro