- hosts: all tasks: - name: Debug django_allowed_host debug: var: django_allowed_host - name: Install docker ansible.builtin.apt: name: docker.io state: latest update_cache: true become: true - name: Install nginx ansible.builtin.apt: name: nginx state: latest become: true - name: Deploy nginx config ansible.builtin.template: src: nginx.conf.j2 dest: /etc/nginx/sites-available/gamearray become: true notify: Restart nginx - name: Enable nginx site ansible.builtin.file: src: /etc/nginx/sites-available/gamearray dest: /etc/nginx/sites-enabled/gamearray state: link become: true notify: Restart nginx - name: Remove default nginx site ansible.builtin.file: path: /etc/nginx/sites-enabled/default state: absent become: true notify: Restart nginx - name: Add our user to the docker group, so we don't need sudo/become ansible.builtin.user: name: '{{ ansible_user }}' groups: docker append: true # don't remove any existing groups become: true - name: Reset ssh connection to allow the user/group change to take effect ansible.builtin.meta: reset_connection - name: Ensure .secret-key files exists # the intention is that this only happens once per server ansible.builtin.copy: dest: ~/.secret-key content: "{{ lookup('password', '/dev/null length=32 chars=ascii_letters') }}" mode: 0600 force: false # do not recreate file if it already exists - name: Read secret key back from file ansible.builtin.slurp: src: ~/.secret-key register: secret_key - name: Create /opt/gamearray/ directory ansible.builtin.file: path: /opt/gamearray state: directory become: true - name: Template gamearray.env to server ansible.builtin.template: src: gamearray.env.j2 dest: /opt/gamearray/gamearray.env owner: "{{ ansible_user }}" mode: "0600" become: true - name: Template deploy script to server ansible.builtin.template: src: deploy.sh.j2 dest: /opt/gamearray/deploy.sh mode: "0755" become: true - name: Login to Gitea container registry ansible.builtin.command: cmd: docker login gitea.earthmanrpg.me -u discoman -p {{ gitea_registry_token }} no_log: true - name: Create Docker network community.docker.docker_network: name: gamearray_net state: present - name: Create Postgres data volume community.docker.docker_volume: name: gamearray_postgres_data state: present - name: Start Postgres container community.docker.docker_container: name: gamearray_postgres image: postgres:16 state: started restart_policy: unless-stopped networks: - name: gamearray_net volumes: - gamearray_postgres_data:/var/lib/postgresql/data env: POSTGRES_DB: gamearray POSTGRES_USER: gamearray POSTGRES_PASSWORD: "{{ postgres_password }}" - name: Run container community.docker.docker_container: name: gamearray image: gitea.earthmanrpg.me/discoman/gamearray:latest state: started recreate: true env: DJANGO_DEBUG_FALSE: "1" DJANGO_SECRET_KEY: "{{ secret_key.content | b64decode }}" DJANGO_ALLOWED_HOST: "{{ django_allowed_host }}" DATABASE_URL: "postgresql://gamearray:{{ postgres_password }}@gamearray_postgres/gamearray" EMAIL_HOST_USER: "{{ email_host_user }}" EMAIL_HOST_PASSWORD: "{{ email_host_password }}" MAILGUN_API_KEY: "{{ mailgun_api_key }}" networks: - name: gamearray_net ports: 127.0.0.1:8888:8888 - name: Create static files directory ansible.builtin.file: path: /var/www/gamearray/static state: directory owner: www-data group: www-data become: true - name: Copy static files from container to host ansible.builtin.command: cmd: docker cp gamearray:/src/static/. /var/www/gamearray/static/ become: true - name: Run migration inside container community.docker.docker_container_exec: container: gamearray command: python manage.py migrate handlers: - name: Restart nginx ansible.builtin.service: name: nginx state: restarted become: true