Merge branch 'main' into pat-s-patch-1

host_vars/ci_server.yaml

@@ -15,7 +15,7 @@ woodpecker_server_github_secret: '{{ vault_woodpecker_github_secret }}'
 woodpecker_agent_version: *woodpecker_version
 woodpecker_agent_server: woodpecker-server:9000
 woodpecker_agent_agent_secret: '{{ vault_woodpecker_agent1_secret }}'
-woodpecker_agent_max_processes: 2
+woodpecker_agent_max_workflows: 2
 
 ### Autoscaler
 woodpecker_autoscaler_version: next
@@ -40,7 +40,11 @@ weblate_email_use_tls: 1
 weblate_email_port: 587
 weblate_email_username: '{{ vault_weblate_email_username }}'
 weblate_email_password: '{{ vault_weblate_email_password }}'
+# renovate: datasource=docker depName=library/postgres
+weblate_postgres_version: 16-alpine
 weblate_postgres_password: '{{ vault_weblate_postgres_password }}'
 weblate_domain: 'translate.woodpecker-ci.org'
 weblate_admin_email: '{{ vault_weblate_admin_email }}'
 weblate_site_title: Woodpecker translate
+# renovate: datasource=docker depName=library/redis
+weblate_redis_version: 7-alpine

roles/caddy/tasks/main.yaml

@@ -21,32 +21,32 @@
   tags:
     - caddy
 
-- name: Install Caddy
-  community.docker.docker_compose:
-    project_name: caddy
-    pull: true
-    restarted: "{{ 'true' if output.changed else 'false' }}"
-    definition:
-      version: '3.7'
-      services:
-        caddy:
-          image: caddy:{{ caddy_version }}
-          restart: always
-          ports:
-            - 80:80
-            - 443:443
-          volumes:
-            - /opt/caddy/Caddyfile:/etc/caddy/Caddyfile
-            - caddy_data:/data
-            - caddy_config:/config
-          networks:
-            - web
-      volumes:
-        caddy_data:
-        caddy_config:
-      networks:
-        web:
-          external:
-            name: web
+- name: Create Caddy data volume
+  community.docker.docker_volume:
+    name: caddy_data
+  tags:
+    - caddy
+
+- name: Create Caddy config volume
+  community.docker.docker_volume:
+    name: caddy_config
+  tags:
+    - caddy
+
+- name: Create Caddy container
+  community.docker.docker_container:
+    name: caddy
+    hostname: caddy
+    image: caddy:{{ caddy_version }}
+    restart_policy: 'always'
+    ports:
+      - 80:80
+      - 443:443
+    volumes:
+      - /opt/caddy/Caddyfile:/etc/caddy/Caddyfile
+      - caddy_data:/data
+      - caddy_config:/config
+    networks:
+      - name: web
   tags:
     - caddy

roles/weblate/tasks/main.yaml

@@ -1,66 +1,83 @@
-- name: Install Weblate
-  community.docker.docker_compose:
-    project_name: weblate
-    pull: true
-    definition:
-      version: '3'
-      services:
-        weblate:
-          image: weblate/weblate:{{ weblate_version }}
-          tmpfs:
-            - /app/cache
-          volumes:
-            - weblate-data:/app/data
-          environment:
-            WEBLATE_EMAIL_HOST: '{{ weblate_email_host }}'
-            WEBLATE_EMAIL_PORT: '{{ weblate_email_port }}'
-            WEBLATE_EMAIL_USE_TLS: '{{ weblate_email_use_tls }}'
-            WEBLATE_EMAIL_USE_SSL: '{{ weblate_email_use_ssl }}'
-            WEBLATE_EMAIL_HOST_USER: '{{ weblate_email_username }}'
-            WEBLATE_EMAIL_HOST_PASSWORD: '{{ weblate_email_password }}'
-            WEBLATE_SERVER_EMAIL: '{{ weblate_email_username }}'
-            WEBLATE_DEFAULT_FROM_EMAIL: '{{ weblate_email_username }}'
-            WEBLATE_SITE_DOMAIN: '{{ weblate_domain }}'
-            WEBLATE_ADMIN_EMAIL: '{{ weblate_admin_email }}'
-            WEBLATE_SITE_TITLE: '{{ weblate_site_title }}'
-            POSTGRES_USER: weblate
-            POSTGRES_PASSWORD: '{{ weblate_postgres_password }}'
-            POSTGRES_DATABASE: weblate
-            POSTGRES_HOST: database
-            POSTGRES_PORT: 5432
-            REDIS_HOST: cache
-            REDIS_PORT: 6379
-          restart: always
-          depends_on:
-            - database
-            - cache
-          networks:
-            - web
-            - default
-        database:
-          image: postgres:16-alpine
-          environment:
-            POSTGRES_USER: weblate
-            POSTGRES_PASSWORD: '{{ weblate_postgres_password }}'
-            POSTGRES_DATABASE: weblate
-            POSTGRES_HOST: database
-            POSTGRES_PORT: 5432
-          volumes:
-            - postgres-data:/var/lib/postgresql/data
-          restart: always
-        cache:
-          image: redis:7-alpine
-          restart: always
-          command: [redis-server, --save, '60', '1']
-          volumes:
-            - redis-data:/data
-      networks:
-        web:
-          external:
-            name: web
-      volumes:
-        weblate-data: {}
-        postgres-data: {}
-        redis-data: {}
+- name: Create volumes for containers
+  community.docker.docker_volume:
+    name: '{{ item }}'
+  loop:
+    - weblate_postgres-data
+    - weblate_redis-data
+    - weblate_weblate-data
+  tags:
+    - weblate
+
+- name: Create Weblate network
+  community.docker.docker_network:
+    name: weblate
+  tags:
+    - weblate
+
+- name: Create Weblate cache container
+  community.docker.docker_container:
+    name: weblate_cache
+    hostname: weblate-cache
+    image: redis:{{ weblate_redis_version | string }}
+    restart_policy: 'always'
+    command: [redis-server, --save, '60', '1']
+    volumes:
+      - weblate_redis-data:/data
+    networks:
+      - name: weblate
+  tags:
+    - weblate
+
+- name: Create Weblate database container
+  community.docker.docker_container:
+    name: weblate_database
+    hostname: weblate-database
+    image: postgres:{{ weblate_postgres_version | string }}
+    volumes:
+      - weblate_postgres-data:/var/lib/postgresql/data
+    restart_policy: 'always'
+    networks:
+      - name: weblate
+    env:
+      POSTGRES_USER: weblate
+      POSTGRES_PASSWORD: '{{ weblate_postgres_password | string }}'
+      POSTGRES_DATABASE: 'weblate'
+      POSTGRES_HOST: 'database'
+      POSTGRES_PORT: '5432'
+  tags:
+    - weblate
+
+- name: Create Weblate container
+  community.docker.docker_container:
+    name: weblate
+    hostname: weblate
+    image: weblate/weblate:{{ weblate_version }}
+    restart_policy: 'always'
+    volumes:
+      - weblate_weblate-data:/app/data
+    tmpfs:
+      - /app/cache
+    networks:
+      - name: weblate
+      - name: web
+    env:
+      WEBLATE_EMAIL_HOST: '{{ weblate_email_host | string }}'
+      WEBLATE_EMAIL_PORT: '{{ weblate_email_port | string }}'
+      WEBLATE_EMAIL_USE_TLS: '{{ weblate_email_use_tls | string }}'
+      WEBLATE_EMAIL_USE_SSL: '{{ weblate_email_use_ssl | string }}'
+      WEBLATE_EMAIL_HOST_USER: '{{ weblate_email_username | string }}'
+      WEBLATE_EMAIL_HOST_PASSWORD: '{{ weblate_email_password | string }}'
+      WEBLATE_SERVER_EMAIL: '{{ weblate_email_username | string }}'
+      WEBLATE_DEFAULT_FROM_EMAIL: '{{ weblate_email_username | string }}'
+      WEBLATE_SITE_DOMAIN: '{{ weblate_domain | string }}'
+      WEBLATE_ADMIN_EMAIL: '{{ weblate_admin_email | string }}'
+      WEBLATE_SITE_TITLE: '{{ weblate_site_title | string }}'
+      POSTGRES_USER: 'weblate'
+      POSTGRES_PASSWORD: '{{ weblate_postgres_password | string }}'
+      POSTGRES_DATABASE: 'weblate'
+      POSTGRES_HOST: 'weblate-database'
+      POSTGRES_PORT: '5432'
+      REDIS_HOST: 'weblate-cache'
+      REDIS_PORT: '6379'
   tags:
     - weblate

roles/woodpecker_agent/tasks/main.yaml

@@ -1,27 +1,28 @@
-- name: Install Woodpecker agent
-  community.docker.docker_compose:
-    project_name: woodpecker_agent
-    pull: true
-    definition:
-      version: '3'
-      services:
-        woodpecker-agent:
-          image: woodpeckerci/woodpecker-agent:{{ woodpecker_agent_version }}
-          restart: always
-          volumes:
-            - /var/run/docker.sock:/var/run/docker.sock
-            - /opt/woodpecker:/etc/woodpecker/
-          environment:
-            - WOODPECKER_SERVER={{ woodpecker_agent_server }}
-            - WOODPECKER_AGENT_SECRET={{ woodpecker_agent_agent_secret }}
-            - WOODPECKER_MAX_PROCS={{ woodpecker_agent_max_processes }}
-          networks:
-            - web
-            - default
-      networks:
-        web:
-          external:
-            name: web
+- name: Create Woodpecker agent directory
+  ansible.builtin.file:
+    path: /opt/woodpecker-agent
+    state: directory
+    mode: '0o700'
+  tags:
+    - woodpecker
+    - woodpecker-agent
+
+- name: Create Woodpecker agent container
+  community.docker.docker_container:
+    name: woodpecker_agent
+    hostname: woodpecker_agent
+    pull: 'always'
+    image: woodpeckerci/woodpecker-agent:{{ woodpecker_agent_version }}
+    restart_policy: 'always'
+    networks:
+      - name: web
+    volumes:
+      - /var/run/docker.sock:/var/run/docker.sock
+      - /opt/woodpecker-agent:/etc/woodpecker/
+    env:
+      WOODPECKER_SERVER: '{{ woodpecker_agent_server | string }}'
+      WOODPECKER_AGENT_SECRET: '{{ woodpecker_agent_agent_secret | string }}'
+      WOODPECKER_MAX_WORKFLOWS: '{{ woodpecker_agent_max_workflows | string }}'
   tags:
     - woodpecker
     - woodpecker-agent

roles/woodpecker_autoscaler/tasks/main.yaml

@@ -1,33 +1,25 @@
-- name: Install Woodpecker autoscaler
-  community.docker.docker_compose:
-    project_name: woodpecker_autoscaler
-    pull: true
-    definition:
-      version: '3'
-      services:
-        woodpecker-autoscaler:
-          image: woodpeckerci/autoscaler:{{ woodpecker_autoscaler_version }}
-          restart: always
-          environment:
-            - WOODPECKER_SERVER={{ woodpecker_autoscaler_server_url }}
-            - WOODPECKER_TOKEN={{ woodpecker_autoscaler_server_token }}
-            - WOODPECKER_MIN_AGENTS={{ woodpecker_autoscaler_min_agents }}
-            - WOODPECKER_MAX_AGENTS={{ woodpecker_autoscaler_max_agents }}
-            - WOODPECKER_WORKFLOWS_PER_AGENT={{ woodpecker_autoscaler_workflows_per_agent }}
-            - WOODPECKER_GRPC_ADDR={{ woodpecker_autoscaler_grpc_addr }}
-            - WOODPECKER_GRPC_SECURE={{ woodpecker_autoscaler_grpc_secure }}
-            - WOODPECKER_PROVIDER={{ woodpecker_autoscaler_provider }}
-            - WOODPECKER_HETZNERCLOUD_API_TOKEN={{ woodpecker_autoscaler_hetzner_api_token }}
-            - WOODPECKER_HETZNERCLOUD_SERVER_TYPE={{ woodpecker_autoscaler_hetzner_server_type }}
-            - WOODPECKER_HETZNERCLOUD_SSH_KEYS={{ woodpecker_autoscaler_hetzner_ssh_keys }}
-            - WOODPECKER_RECONCILIATION_INTERVAL=5s
-          networks:
-            - web
-            - default
-      networks:
-        web:
-          external:
-            name: web
+- name: Create Woodpecker autoscaler container
+  community.docker.docker_container:
+    name: woodpecker_autoscaler
+    hostname: woodpecker-autoscaler
+    pull: 'always'
+    image: woodpeckerci/autoscaler:{{ woodpecker_autoscaler_version }}
+    restart_policy: 'always'
+    networks:
+      - name: web
+    env:
+      WOODPECKER_SERVER: '{{ woodpecker_autoscaler_server_url | string }}'
+      WOODPECKER_TOKEN: '{{ woodpecker_autoscaler_server_token | string }}'
+      WOODPECKER_MIN_AGENTS: '{{ woodpecker_autoscaler_min_agents | string }}'
+      WOODPECKER_MAX_AGENTS: '{{ woodpecker_autoscaler_max_agents | string }}'
+      WOODPECKER_WORKFLOWS_PER_AGENT: '{{ woodpecker_autoscaler_workflows_per_agent | string }}'
+      WOODPECKER_GRPC_ADDR: '{{ woodpecker_autoscaler_grpc_addr | string }}'
+      WOODPECKER_GRPC_SECURE: '{{ woodpecker_autoscaler_grpc_secure | string }}'
+      WOODPECKER_PROVIDER: '{{ woodpecker_autoscaler_provider | string }}'
+      WOODPECKER_HETZNERCLOUD_API_TOKEN: '{{ woodpecker_autoscaler_hetzner_api_token | string }}'
+      WOODPECKER_HETZNERCLOUD_SERVER_TYPE: '{{ woodpecker_autoscaler_hetzner_server_type | string }}'
+      WOODPECKER_HETZNERCLOUD_SSH_KEYS: '{{ woodpecker_autoscaler_hetzner_ssh_keys | string }}'
+      WOODPECKER_RECONCILIATION_INTERVAL: 5s
   tags:
     - woodpecker
     - woodpecker-autoscaler