119 lines
3.4 KiB
YAML
119 lines
3.4 KiB
YAML
---
|
|
|
|
- name: Install dependencies
|
|
ansible.builtin.package:
|
|
name:
|
|
- podman
|
|
- postgresql
|
|
- python3-psycopg2
|
|
|
|
- name: Create pretix group
|
|
ansible.builtin.group:
|
|
name: "{{ pretix_system_group }}"
|
|
|
|
- name: Create pretix user
|
|
ansible.builtin.user:
|
|
name: "{{ pretix_system_user }}"
|
|
group: "{{ pretix_system_group }}"
|
|
home: "{{ pretix_system_home }}"
|
|
password: '!'
|
|
shell: /usr/sbin/nologin
|
|
comment: Pretix
|
|
|
|
- name: Create subuid entry
|
|
ansible.builtin.lineinfile:
|
|
path: /etc/subuid
|
|
line: "{{ pretix_system_user }}:{{ pretix_subuid_begin }}:{{ pretix_subuid_count }}"
|
|
regexp: "^{{ pretix_system_user }}:"
|
|
create: true
|
|
owner: root
|
|
group: root
|
|
mode: "0644"
|
|
|
|
- name: Create subgid entry
|
|
ansible.builtin.lineinfile:
|
|
path: /etc/subgid
|
|
line: "{{ pretix_system_user }}:{{ pretix_subgid_begin }}:{{ pretix_subgid_count }}"
|
|
regexp: "^{{ pretix_system_user }}:"
|
|
create: true
|
|
owner: root
|
|
group: root
|
|
mode: "0644"
|
|
|
|
- name: Create pretix data directory
|
|
ansible.builtin.file:
|
|
path: "{{ pretix_system_home }}/data"
|
|
state: directory
|
|
owner: "{{ pretix_subuid_begin + pretix_container_uid }}"
|
|
group: "{{ pretix_subgid_begin + pretix_container_gid }}"
|
|
mode: "0700"
|
|
|
|
- name: Create PostgreSQL user
|
|
community.postgresql.postgresql_user:
|
|
name: "{{ pretix_postgresql_username }}"
|
|
#password: "{{ pretix_postgresql_password }}"
|
|
#no_password_changes: true
|
|
|
|
- name: Create PostgreSQL database
|
|
community.postgresql.postgresql_db:
|
|
name: "{{ pretix_postgresql_database }}"
|
|
owner: "{{ pretix_postgresql_username }}"
|
|
|
|
- name: Create Pretix configuration directory
|
|
ansible.builtin.file:
|
|
path: /etc/pretix
|
|
owner: "{{ pretix_system_user }}"
|
|
group: "{{ pretix_system_group }}"
|
|
mode: "0755"
|
|
state: directory
|
|
|
|
- name: Render Pretix configuration
|
|
ansible.builtin.template:
|
|
src: etc/pretix/pretix.cfg.j2
|
|
dest: /etc/pretix/pretix.cfg
|
|
owner: "{{ pretix_system_user }}"
|
|
group: "{{ pretix_system_group }}"
|
|
mode: "0700"
|
|
notify: Restart Pretix
|
|
|
|
- name: Create pretix-cache container
|
|
containers.podman.podman_container:
|
|
name: pretix-cache
|
|
image: "{{ pretix_cache_image }}:{{ pretix_cache_image_tag }}"
|
|
restart_policy: unless-stopped
|
|
labels:
|
|
com.centurylinklabs.watchtower.enable: "{{ pretix_watchtower_enabled | ternary('true', 'false') }}"
|
|
subuidname: "{{ pretix_system_user }}"
|
|
subgidname: "{{ pretix_system_user }}"
|
|
|
|
- name: Create pretix container
|
|
containers.podman.podman_container:
|
|
name: pretix
|
|
image: "{{ pretix_image }}:{{ pretix_image_tag }}"
|
|
command: "all"
|
|
restart_policy: unless-stopped
|
|
ports:
|
|
- "{{ pretix_http_hostaddr }}:{{ pretix_http_hostport }}:80"
|
|
volumes:
|
|
- "/etc/pretix:/etc/pretix:ro"
|
|
- "{{ pretix_system_home }}/data:/data"
|
|
- "/run/postgresql:/run/postgresql"
|
|
sysctl:
|
|
net.core.somaxconn: "4096"
|
|
subuidname: "{{ pretix_system_user }}"
|
|
subgidname: "{{ pretix_system_user }}"
|
|
labels:
|
|
com.centurylinklabs.watchtower.enable: "{{ pretix_watchtower_enabled | ternary('true', 'false') }}"
|
|
|
|
- name: Run Pretix upgrade
|
|
containers.podman.podman_container_exec:
|
|
container: pretix
|
|
command: pretix upgrade
|
|
|
|
- name: Render Pretix cronjob
|
|
ansible.builtin.template:
|
|
src: etc/cron.d/pretix.j2
|
|
dest: /etc/cron.d/pretix
|
|
owner: root
|
|
group: root
|
|
mode: "0644"
|