From 427838c90330f9379d54cd6c254ef8aac60ba4f7 Mon Sep 17 00:00:00 2001
From: Florian RICHER <florian.richer@unova.fr>
Date: Sat, 20 May 2023 16:36:15 +0200
Subject: [PATCH] Add protonmail + cloud + fix prometheus

---
 group_vars/all.yml                            |  6 ++-
 playbook.yml                                  |  2 +
 {confs/cloud => roles/cloud/files}/cron.sh    |  0
 roles/cloud/tasks/base.yml                    | 39 ++++++++++++++++++
 roles/cloud/tasks/cron.yml                    |  7 ++++
 roles/cloud/tasks/main.yml                    |  7 ++++
 .../cloud/templates/docker-compose.yml.j2     |  2 +-
 .../protonmail/files}/docker-compose.yml      |  0
 .../protonmail/files}/init.sh                 |  0
 roles/protonmail/tasks/base.yml               | 41 +++++++++++++++++++
 roles/protonmail/tasks/main.yml               |  4 ++
 .../traefik/files}/prometheus/alert.rules     |  0
 .../traefik/files}/prometheus/prometheus.yml  |  0
 13 files changed, 106 insertions(+), 2 deletions(-)
 rename {confs/cloud => roles/cloud/files}/cron.sh (100%)
 create mode 100644 roles/cloud/tasks/base.yml
 create mode 100644 roles/cloud/tasks/cron.yml
 create mode 100644 roles/cloud/tasks/main.yml
 rename confs/cloud/docker-compose.yml => roles/cloud/templates/docker-compose.yml.j2 (99%)
 rename {confs/protonmail => roles/protonmail/files}/docker-compose.yml (100%)
 rename {confs/protonmail => roles/protonmail/files}/init.sh (100%)
 create mode 100644 roles/protonmail/tasks/base.yml
 create mode 100644 roles/protonmail/tasks/main.yml
 rename {confs => roles/traefik/files}/prometheus/alert.rules (100%)
 rename {confs => roles/traefik/files}/prometheus/prometheus.yml (100%)

diff --git a/group_vars/all.yml b/group_vars/all.yml
index a85f579..d59b22d 100644
--- a/group_vars/all.yml
+++ b/group_vars/all.yml
@@ -4,4 +4,8 @@ server:
   domain: mrdev023.fr
 acme:
   email: florian.richer.97@outlook.com
-  debug: true
\ No newline at end of file
+  debug: true
+
+# Other
+protonmail:
+  initialized: false
\ No newline at end of file
diff --git a/playbook.yml b/playbook.yml
index 0b1f9a6..721ec4e 100644
--- a/playbook.yml
+++ b/playbook.yml
@@ -6,3 +6,5 @@
     - { role: docker, tags: ["docker"] }
     - { role: traefik, tags: ["traefik"] }
     - { role: whoami, tags: ["whoami"] }
+    - { role: protonmail, tags: ["protonmail"] }
+    - { role: cloud, tags: ["cloud"] }
diff --git a/confs/cloud/cron.sh b/roles/cloud/files/cron.sh
similarity index 100%
rename from confs/cloud/cron.sh
rename to roles/cloud/files/cron.sh
diff --git a/roles/cloud/tasks/base.yml b/roles/cloud/tasks/base.yml
new file mode 100644
index 0000000..0fcf711
--- /dev/null
+++ b/roles/cloud/tasks/base.yml
@@ -0,0 +1,39 @@
+---
+
+- name: Check cloud directory exist
+  ansible.builtin.file:
+    path: cloud
+    state: directory
+
+- name: Copy cloud conf
+  ansible.builtin.copy:
+    backup: true
+    src: .
+    dest: cloud/
+  register: cloud_copy_files_results
+
+- name: Copy template conf
+  ansible.builtin.template:
+    backup: true
+    src: "{{ item.src }}"
+    dest: "cloud/{{ item.dest }}"
+  loop:
+    - { src: 'docker-compose.yml.j2', dest: 'docker-compose.yml' }
+  register: cloud_copy_templates_results
+
+- name: Force update and restart container
+  community.docker.docker_compose:
+    project_src: cloud
+    state: present
+    pull: true
+    restarted: true
+  when: cloud_copy_files_results.changed or cloud_copy_templates_results.changed
+  become: true
+
+- name: Update or start container
+  community.docker.docker_compose:
+    project_src: cloud
+    state: present
+    pull: true
+  when: not cloud_copy_files_results.changed and not cloud_copy_templates_results.changed
+  become: true
\ No newline at end of file
diff --git a/roles/cloud/tasks/cron.yml b/roles/cloud/tasks/cron.yml
new file mode 100644
index 0000000..be91468
--- /dev/null
+++ b/roles/cloud/tasks/cron.yml
@@ -0,0 +1,7 @@
+---
+
+- name: Ensure a job that run all 5 minutes for nextcloud cron
+  ansible.builtin.cron:
+    name: "check dirs"
+    minute: "*/5"
+    job: "cd {{ ansible_env.HOME }}/cloud && ./cron.sh"
\ No newline at end of file
diff --git a/roles/cloud/tasks/main.yml b/roles/cloud/tasks/main.yml
new file mode 100644
index 0000000..5282607
--- /dev/null
+++ b/roles/cloud/tasks/main.yml
@@ -0,0 +1,7 @@
+---
+
+- ansible.builtin.import_tasks: base.yml
+  name: base
+
+- ansible.builtin.import_tasks: cron.yml
+  name: cron
\ No newline at end of file
diff --git a/confs/cloud/docker-compose.yml b/roles/cloud/templates/docker-compose.yml.j2
similarity index 99%
rename from confs/cloud/docker-compose.yml
rename to roles/cloud/templates/docker-compose.yml.j2
index 52fa22c..5446e08 100644
--- a/confs/cloud/docker-compose.yml
+++ b/roles/cloud/templates/docker-compose.yml.j2
@@ -44,7 +44,7 @@ services:
       - "traefik.http.middlewares.nextcloud-headers.headers.customRequestHeaders.X-Robots-Tag=none"
       - "traefik.http.middlewares.nextcloud-headers.headers.customFrameOptionsValue=SAMEORIGIN"
       - "traefik.http.routers.nextcloud-secure.entrypoints=https"
-      - "traefik.http.routers.nextcloud-secure.rule=Host(`mycld.mrdev023.fr`)"
+      - "traefik.http.routers.nextcloud-secure.rule=Host(`mycld.{{ server.domain }}`)"
       - "traefik.http.routers.nextcloud-secure.tls=true"
       - "traefik.http.routers.nextcloud-secure.tls.certresolver=sslResolver"
       - "traefik.http.routers.nextcloud-secure.middlewares=nextcloud-compress,nextcloud-regex-redirect,nextcloud-headers"
diff --git a/confs/protonmail/docker-compose.yml b/roles/protonmail/files/docker-compose.yml
similarity index 100%
rename from confs/protonmail/docker-compose.yml
rename to roles/protonmail/files/docker-compose.yml
diff --git a/confs/protonmail/init.sh b/roles/protonmail/files/init.sh
similarity index 100%
rename from confs/protonmail/init.sh
rename to roles/protonmail/files/init.sh
diff --git a/roles/protonmail/tasks/base.yml b/roles/protonmail/tasks/base.yml
new file mode 100644
index 0000000..148b379
--- /dev/null
+++ b/roles/protonmail/tasks/base.yml
@@ -0,0 +1,41 @@
+---
+
+- name: Check protonmail directory exist
+  ansible.builtin.file:
+    path: protonmail
+    state: directory
+
+- name: Copy protonmail conf
+  ansible.builtin.copy:
+    backup: true
+    src: .
+    dest: protonmail/
+  register: protonmail_copy_files_results
+
+- name: Create protonmail network
+  community.docker.docker_network:
+    name: protonmail
+    state: present
+  become: true
+
+- name: Show message if not initialized
+  ansible.builtin.debug:
+    msg: Please run init.sh in protonmail folder and set variable protonmail.initialized to true and restart tasks
+  when: not protonmail.initialized
+
+- name: Force update and restart container
+  community.docker.docker_compose:
+    project_src: protonmail
+    state: present
+    pull: true
+    restarted: true
+  when: protonmail.initialized and protonmail_copy_files_results.changed
+  become: true
+
+- name: Update or start container
+  community.docker.docker_compose:
+    project_src: protonmail
+    state: present
+    pull: true
+  when: protonmail.initialized and not protonmail_copy_files_results.changed
+  become: true
\ No newline at end of file
diff --git a/roles/protonmail/tasks/main.yml b/roles/protonmail/tasks/main.yml
new file mode 100644
index 0000000..3f670ac
--- /dev/null
+++ b/roles/protonmail/tasks/main.yml
@@ -0,0 +1,4 @@
+---
+
+- ansible.builtin.import_tasks: base.yml
+  name: base
\ No newline at end of file
diff --git a/confs/prometheus/alert.rules b/roles/traefik/files/prometheus/alert.rules
similarity index 100%
rename from confs/prometheus/alert.rules
rename to roles/traefik/files/prometheus/alert.rules
diff --git a/confs/prometheus/prometheus.yml b/roles/traefik/files/prometheus/prometheus.yml
similarity index 100%
rename from confs/prometheus/prometheus.yml
rename to roles/traefik/files/prometheus/prometheus.yml