Christoph Schug
10ae69e17a
feat: add container health check
2024-03-06 21:33:39 +01:00
Christoph Schug
911fcc61eb
feat: interpolate name of user and database
...
Unless explicitely set, the database name is nevertheless derived from
the user by the image's entrypoint, but we can make this more obvious by
defining a interpolation here.
2024-03-06 21:33:39 +01:00
Christoph Schug
ce2caf7c8f
feat: allow custom timezone, defaulting to UTC
2024-03-06 21:33:39 +01:00
Christoph Schug
16a628e111
feat: allow custom host authentication method
2024-03-06 21:33:39 +01:00
Christoph Schug
89dd1f5a08
feat: default to use data checksums in PostgreSQL
...
There is little reason not to use PostgreSQL data checksums [1] and they
can greatly help to ensure data integrity.
[1] https://www.postgresql.org/docs/current/checksums.html
2024-03-06 21:33:39 +01:00
Christoph Schug
edf466c7c9
feat: use Docker secrets for password
...
Using environment variables for secret data like passwords is an
anti-pattern as they can easily leak. It's much safer to maintain the
data as a file. To prevent accidental commits of the password file, we
are adding a `.gitignore` file.
2024-03-06 21:33:39 +01:00
Christoph Schug
bb84e13b9a
feat: give additional information on custom networking
2024-03-06 21:33:39 +01:00
Christoph Schug
e2d527ec67
feat: use the latest PostgreSQL release as named version
...
Using the `latest` tag is bad practice.
Also reference the full path of the container image including its
container registry as for example Podman Compose doesn't default to
Docker Hub.
2024-03-06 21:33:39 +01:00
Christoph Schug
89f8ecb4a5
feat: use the local volume storage driver by default
2024-03-06 21:33:39 +01:00
Christoph Schug
591ec21010
fix: use version 3.8 of the Docker Compose specification
...
See also the Compose and Docker compatibility matrix [1].
While at it, reorder top-level configuration elements and
separate each by a blank line to enhance readability.
[1] https://docs.docker.com/compose/compose-file/compose-file-v3/#compose-and-docker-compatibility-matrix
2024-03-06 21:33:39 +01:00
Christoph Schug
989a080d16
Merge pull request #168 from cschug/pin_version_nextcloud
...
Pin version of Nextcloud and its MariaDB
2024-03-05 12:14:38 +01:00
Christoph Schug
0a095882ae
chore: pin version of Nextcloud's MariaDB to 10.6.17
2024-03-05 12:11:23 +01:00
Christoph Schug
9d609ca42b
chore: pin version of Nextcloud to 28.0.3-apache
...
The `apache` variant was taken because the `latest` tag, which was in
use so far, also matches the `apache` variant.
2024-03-05 12:00:50 +01:00
Christian Lempa
49b783ff1f
Merge pull request #166 from cschug/reduce_ansible_lint_issues
...
Reduce number of issues reported by Ansible Lint
2024-03-04 09:39:39 +01:00
Christian Lempa
a16775d91e
Merge pull request #167 from ChristianLempa:157-no-template-for-new-issues-hope-to-solve-this-issue-and-play-my-part-to-help-a-little
...
added templates for issues and prs
2024-03-04 09:34:26 +01:00
Christian Lempa
5601944fa4
added templates for issues and prs
2024-03-04 09:33:54 +01:00
Christoph Schug
aa786b1b1d
fix: tell Ansible about the idempotency of this task
...
This shell command doesn't change state on the system, therefore
it is safe to set `changed_when` to `false`, and we can also
set `check_mode` to `false` here to allow execution when run in
check mode.
2024-03-03 17:57:02 +01:00
Christoph Schug
7983a7c85f
fix: fix use of become
/become_user
...
If `become_user` is being defined on a task level, also `become` should
be set on that very task. As there aren't any other tasks, the `become`
on the top-level becomes obsolete.
2024-03-03 17:54:55 +01:00
Christoph Schug
7ceb755f35
fix: set pipefail
flag in shell commands using pipes
...
Without `pipefail` Ansible cannot detect if there is an error executing
the command before the pipe as the return code of the shell only
reflects the return code of the last command. As not all shells support
`pipefail` (e.g., `ash`, `dash`) we also enfore the use of `bash` in
this case.
2024-03-03 17:49:31 +01:00
Christoph Schug
11ece4a070
fix: remove bogus task which does nothing
...
The command doesn't change anything on the system, and the registered
variable `disk_usage` is never being used, moreover it gets overwritten
by the next task.
2024-03-03 17:38:41 +01:00
Christoph Schug
abe4bbcc85
fix: add exception to ignore Ansible Lint rule package-latest
2024-03-03 17:36:01 +01:00
Christoph Schug
d06aab167e
fix: replace shell commands by Ansible modules
2024-03-03 17:35:14 +01:00
Christoph Schug
b46f18d437
fix: fix insecure file permission and ownership
2024-03-03 17:17:19 +01:00
Christoph Schug
0621aca3af
fix: become methods should be fully-qualified
2024-03-03 17:03:06 +01:00
Christoph Schug
539b98d14b
fix: fix Jinja2 spacing issues
2024-03-03 17:01:00 +01:00
Christoph Schug
bde2063ec9
fix: fix names which did not start with an uppercase letter
2024-03-03 16:54:47 +01:00
Christoph Schug
24b0819e7f
fix: add missing names
...
Any play or task should have a name.
2024-03-03 16:43:55 +01:00
Christoph Schug
70a8bea0ed
fix: add and remove blank lines
...
Add blank lines where it helps with readability (e.g., between each
task) but also remove needless one.
2024-03-03 16:34:29 +01:00
Christoph Schug
6e52db9cf6
fix: consistently use true
/false
as truthy values
2024-03-03 16:26:12 +01:00
Christoph Schug
706ac210f7
fix: fix YAML indentation issues
2024-03-03 16:10:27 +01:00
Christoph Schug
6943bf8fef
fix: remove trailing whitespace
2024-03-03 15:59:49 +01:00
Christoph Schug
ba3bb6be85
fix: fix YAML document markers
2024-03-03 15:58:23 +01:00
Christoph Schug
4111c147f3
Merge pull request #154 from cschug/fix_undefined_hosts
...
fix: ensure `hosts` definition is always defined
2024-03-03 15:45:10 +01:00
Christoph Schug
746aa1d06a
fix: ensure the hosts
definition is always defined
...
Ensure that the `hosts` definition is always defined, defaulting to an
empty set. Due to the lack of an Ansible inventory file this is most
likely meant to be set as an Ansible extra variable [1].
We also rename the variable named `hosts` to `my_hosts` because `hosts`
is a reserved name in Ansible. Reserved names in Ansible are for example
all class variable names of plays, roles, blocks, and tasks [2], and
`hosts` for example is used by plays [3].
[1] https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_variables.html#defining-variables-at-runtime
[2] https://github.com/ansible/ansible/blob/v2.16.4/lib/ansible/vars/reserved.py#L39
[3] https://github.com/ansible/ansible/blob/v2.16.4/lib/ansible/playbook/play.py#L58
2024-03-03 15:36:11 +01:00
Christoph Schug
4c4e302c15
Merge pull request #164 from cschug/pin_version_duplicati
...
chore: pin version of Duplicati to 2.0.7
2024-03-01 17:55:20 +01:00
Christoph Schug
a520e0625f
chore: pin version of Duplicati to 2.0.7
...
As this is based on a `linuxserver.io` [1] container image it makes
sense to use their `lscr.io` registry gateway service instead.
[1] https://www.linuxserver.io/
2024-03-01 17:53:08 +01:00
Christoph Schug
e7a78979b5
Merge pull request #161 from cschug/feat_improve_discord_notification
...
feat: use the `community.general.discord` Ansible module
2024-02-27 13:53:10 +01:00
Christoph Schug
d0fed19232
Merge branch 'main' into feat_improve_discord_notification
2024-02-27 13:52:32 +01:00
Christoph Schug
6f42478864
Merge pull request #163 from cschug/upgrade_heimdall
...
chore: upgrade Heimdall 2.5.6 -> 2.6.1
2024-02-27 13:50:02 +01:00
Christoph Schug
f826351b07
Merge pull request #162 from cschug/upg_prometheus_2_50_1
...
chore: upgrade Prometheus 2.50.0 -> 2.50.1
2024-02-27 13:49:33 +01:00
Christoph Schug
e38701bf22
Merge pull request #156 from cschug/fix_pihole_volumes
...
fix: add missing Pihole volume definition
2024-02-27 13:48:59 +01:00
Christoph Schug
e1bbb27d2e
Merge pull request #160 from cschug/fix_ansible_fqcn
...
chore: consistently use Ansible FQCN in module calls
2024-02-27 13:46:59 +01:00
Christoph Schug
0b18f93f2a
Merge pull request #155 from cschug/pin_version_uptime_kuma
...
chore: pin version of Uptime Kuma to 1.23.11
2024-02-27 13:45:45 +01:00
Christoph Schug
ff6085ece3
chore: upgrade Heimdall 2.5.6 -> 2.6.1
2024-02-26 23:27:53 +01:00
Christoph Schug
c5941e2151
chore: upgrade Prometheus 2.50.0 -> 2.50.1
2024-02-26 13:29:49 +01:00
Christoph Schug
17601ec532
feat: use the community.general.discord
Ansible module
...
This should provide a more robust solution for sending notifications to
Discord rather than using plain `ansible.builtin.uri` for that task.
Additionally add some comments which should hopefully give better
guidance what to do.
Fixes #82 .
2024-02-25 19:25:03 +01:00
Christian Lempa
e0f744b6b1
Merge pull request #159 from cschug/fix_contrib_urls
...
fix: update URLs in contributing document
2024-02-24 15:46:34 +01:00
Christoph Schug
49d4256a58
chore: consistently use Ansible FQCN in module calls
...
In order to adhere to Ansible best practices, always use Fully Qualified
Collection Names (FQCN) [1] when calling modules.
Other than that, this commit doesn't apply any further changes
except where needed as a module name has been updated.
The module `ansible.builtin.systemd` has been renamed to
`ansible.builtin.systemd_service` with `ansible.builtin.systemd` just
being an alias [2] for reasons of backward compatibility.
[1] https://docs.ansible.com/ansible/latest/tips_tricks/ansible_tips_tricks.html#use-fully-qualified-collection-names
[2] https://docs.ansible.com/ansible/latest/collections/ansible/builtin/systemd_service_module.html#synopsis
2024-02-24 11:56:25 +01:00
Christoph Schug
2f56d1cd53
fix: update URLs in contributing document
2024-02-24 00:58:12 +01:00
Christoph Schug
4eacd7dad6
fix: add missing Pihole volume definition
...
While at it, also sort list of volumes in lexical order and at the
missing YAML document marker.
2024-02-23 12:49:00 +01:00