From ebd995b8c4da1e9ed4e8e6dd07eb4795b92b3328 Mon Sep 17 00:00:00 2001
From: Marty Oehme <marty.oehme@gmail.com>
Date: Fri, 8 Oct 2021 10:05:23 +0200
Subject: [PATCH] Add wallabag docker deployment role

Added role of wallabag. Can take a subdomain alias to be presented on a
different uri than its stack name.

All services contain a healthcheck for docker swarm to be informed of
their status.

Copy whoami template to wallabag role

Change non-domain domain name to localhost

Fix correct handler notify naming

Allow setting different subdomain alias than name

Add meta information
---
 roles/wallabag/README.md                     | 42 ++++++++++++++++
 roles/wallabag/defaults/main.yml             | 10 ++++
 roles/wallabag/handlers/main.yml             | 53 ++++++++++++++++++++
 roles/wallabag/meta/main.yml                 | 14 ++++++
 roles/wallabag/tasks/main.yml                | 25 +++++++++
 roles/wallabag/templates/docker-stack.yml.j2 | 36 +++++++++++++
 roles/wallabag/templates/upstream.json.j2    | 38 ++++++++++++++
 roles/wallabag/vars/main.yml                 |  7 +++
 site.yml                                     |  1 +
 9 files changed, 226 insertions(+)
 create mode 100644 roles/wallabag/README.md
 create mode 100644 roles/wallabag/defaults/main.yml
 create mode 100644 roles/wallabag/handlers/main.yml
 create mode 100644 roles/wallabag/meta/main.yml
 create mode 100644 roles/wallabag/tasks/main.yml
 create mode 100644 roles/wallabag/templates/docker-stack.yml.j2
 create mode 100644 roles/wallabag/templates/upstream.json.j2
 create mode 100644 roles/wallabag/vars/main.yml

diff --git a/roles/wallabag/README.md b/roles/wallabag/README.md
new file mode 100644
index 0000000..44eefa9
--- /dev/null
+++ b/roles/wallabag/README.md
@@ -0,0 +1,42 @@
+# wallabag
+
+A very simple service application stack role which can be used to base other roles off of.
+Contains only a single deployed image and a couple of simple variables to set.
+
+## Variables
+
+```
+wallabag_upstream_file_dir: "{{ docker_stack_files_dir }}/{{ stack.name }}"
+```
+
+The on-target directory where the proxy configuration file should be stashed.
+
+```
+wallabag_use_https: true
+```
+
+Whether the service should be reachable through http (port 80) or through https (port 443) and provision an https certificate. Usually you will want this to stay `true`.
+
+```
+wallabag_version: latest
+```
+
+The docker image version to be used in stack creation.
+
+## Internal variables
+
+```
+stack:
+  name: wallabag
+  compose: "{{ lookup('template', 'docker-stack.yml.j2') | from_yaml }}"
+```
+
+The name of the stack to be provisioned and the compose file to be used.
+See caddy ReadMe for configuration.
+
+```
+stack_image: "wallabag/wallabag"
+```
+
+The docker hub image to be use in provisioning.
+
diff --git a/roles/wallabag/defaults/main.yml b/roles/wallabag/defaults/main.yml
new file mode 100644
index 0000000..a1b8116
--- /dev/null
+++ b/roles/wallabag/defaults/main.yml
@@ -0,0 +1,10 @@
+---
+
+wallabag_version: latest
+
+wallabag_upstream_file_dir: "{{ docker_stack_files_dir }}/{{ stack.name }}"
+
+wallabag_use_https: true
+
+# the subdomain link wallabag will be reachable under
+subdomain_alias: read
diff --git a/roles/wallabag/handlers/main.yml b/roles/wallabag/handlers/main.yml
new file mode 100644
index 0000000..8695ea0
--- /dev/null
+++ b/roles/wallabag/handlers/main.yml
@@ -0,0 +1,53 @@
+## Register reverse proxy
+- name: Ensure upstream directory exists
+  ansible.builtin.file:
+    path: "{{ wallabag_upstream_file_dir }}"
+    state: directory
+    mode: '0755'
+  become: yes
+  listen: "update wallabag upstream"
+
+- name: Update upstream template
+  ansible.builtin.template:
+    src: upstream.json.j2
+    dest: "{{ wallabag_upstream_file_dir }}/upstream.json"
+  become: yes
+  listen: "update wallabag upstream"
+
+# figure out if upstream id exists
+- name: check {{ stack.name }} upstream
+  community.docker.docker_container_exec:
+    container: "{{ caddy_container_id }}"
+    command: >
+      curl localhost:2019/id/{{ stack.name }}_upstream/
+  changed_when: False
+  register: result
+  become: yes
+  listen: "update wallabag upstream"
+
+# upstream already exists, patch it
+- name: remove old {{ stack.name }} upstream
+  community.docker.docker_container_exec:
+    container: "{{ caddy_container_id }}"
+    command: >
+      curl -X DELETE localhost:2019/id/{{ stack.name }}_upstream/
+  become: yes
+  when: (result.stdout | from_json)['error'] is not defined
+  listen: "update wallabag upstream"
+
+# upstream has to be created
+- name: add {{ stack.name }} upstream
+  community.docker.docker_container_exec:
+    container: "{{ caddy_container_id }}"
+    command: >
+      curl -X POST -H "Content-Type: application/json" -d @{{ wallabag_upstream_file_dir }}/upstream.json localhost:2019/config/apps/http/servers/{{ (wallabag_use_https == True) | ternary(caddy_https_server_name, caddy_http_server_name) }}/routes/0/ 
+  become: yes
+  listen: "update wallabag upstream"
+
+- name: Ensure upstream directory is gone again
+  ansible.builtin.file:
+    path: "{{ wallabag_upstream_file_dir }}"
+    state: absent
+  become: yes
+  listen: "update wallabag upstream"
+
diff --git a/roles/wallabag/meta/main.yml b/roles/wallabag/meta/main.yml
new file mode 100644
index 0000000..ed54c0d
--- /dev/null
+++ b/roles/wallabag/meta/main.yml
@@ -0,0 +1,14 @@
+---
+
+galaxy_info:
+  author: Marty Oehme
+  description: Installs wallabag as a docker stack service
+  license: GPL-3.0-only
+  min_ansible_version: 2.9
+  galaxy_tags: []
+
+
+dependencies:
+  - docker
+  - docker-swarm
+  - caddy
diff --git a/roles/wallabag/tasks/main.yml b/roles/wallabag/tasks/main.yml
new file mode 100644
index 0000000..f62d8b7
--- /dev/null
+++ b/roles/wallabag/tasks/main.yml
@@ -0,0 +1,25 @@
+---
+## install wallabag container
+- name: Check upstream status
+  community.docker.docker_container_exec:
+    container: "{{ caddy_container_id }}"
+    command: >
+      curl localhost:2019/id/{{ stack.name }}_upstream/
+  register: result
+  changed_when: (result.stdout | from_json) != (lookup('template', 'upstream.json.j2') | from_yaml)
+  become: yes
+  notify: "update wallabag upstream"
+
+- name: Deploy wallabag to swarm
+  community.general.docker_stack:
+    name: "{{ stack.name }}"
+    state: present
+    prune: yes
+    compose:
+      - "{{ stack.compose }}"
+  when: stack is defined
+  become: yes
+  tags:
+    - docker-swarm
+  notify: "update wallabag upstream"
+
diff --git a/roles/wallabag/templates/docker-stack.yml.j2 b/roles/wallabag/templates/docker-stack.yml.j2
new file mode 100644
index 0000000..df3a73f
--- /dev/null
+++ b/roles/wallabag/templates/docker-stack.yml.j2
@@ -0,0 +1,36 @@
+version: "3.7"
+
+services:
+  app:
+    image: {{ stack_image }}:{{ wallabag_version }}
+    networks:
+      - "{{ docker_swarm_public_network_name }}"
+    healthcheck:
+        test: ["CMD", "curl", "-f", "http://localhost"]
+        interval: 1m
+        timeout: 10s
+        retries: 3
+        start_period: 1m
+    volumes:
+      - data:/var/www/wallabag/data
+    environment:
+      - SYMFONY__ENV__FOSUSER_REGISTRATION=false
+{% if server_domain is not undefined and not none %}   
+      - SYMFONY__ENV__DOMAIN_NAME={{ (wallabag_use_https == True) | ternary('https', 'http') }}://wallabag.{{ server_domain }}
+{% else %}
+      - SYMFONY__ENV__DOMAIN_NAME={{ (wallabag_use_https == True) | ternary('https', 'http') }}://localhost
+{% endif %}
+
+  redis:
+    image: redis:alpine
+    healthcheck:
+      test: ["CMD", "redis-cli", "ping"]
+      interval: 20s
+      timeout: 3s
+
+volumes:
+  data:
+
+networks:
+  "{{ docker_swarm_public_network_name }}":
+    external: true
diff --git a/roles/wallabag/templates/upstream.json.j2 b/roles/wallabag/templates/upstream.json.j2
new file mode 100644
index 0000000..6db9d1a
--- /dev/null
+++ b/roles/wallabag/templates/upstream.json.j2
@@ -0,0 +1,38 @@
+{
+    "@id": "{{ stack.name }}_upstream",
+{% if server_domain is not undefined and not none %}   
+    "match": [
+        {
+            "host": [
+{% if subdomain_alias is not undefined and not none %}
+                "{{ subdomain_alias }}.{{ server_domain }}"
+{% else %}
+                "{{ stack.name }}.{{ server_domain }}"
+{% endif %}
+            ]
+        }
+    ],
+{% else %}
+    "match": [
+        {
+            "path": [
+{% if subdomain_alias is not undefined and not none %}
+                "/{{ subdomain_alias }}*"
+{% else %}
+                "/{{ stack.name }}*"
+{% endif %}
+            ]
+        }
+    ],
+{% endif %}
+    "handle": [
+        {
+            "handler": "reverse_proxy",
+            "upstreams": [
+                {
+                    "dial": "{{ stack.name }}_app:80"
+                }
+            ]
+        }
+    ]
+}
diff --git a/roles/wallabag/vars/main.yml b/roles/wallabag/vars/main.yml
new file mode 100644
index 0000000..7e281a4
--- /dev/null
+++ b/roles/wallabag/vars/main.yml
@@ -0,0 +1,7 @@
+---
+
+stack:
+  name: wallabag
+  compose: "{{ lookup('template', 'docker-stack.yml.j2') | from_yaml }}"
+
+stack_image: "wallabag/wallabag"
diff --git a/site.yml b/site.yml
index 44e5c3c..9b87ec4 100644
--- a/site.yml
+++ b/site.yml
@@ -10,3 +10,4 @@
   roles:
     - caddy
     - whoami
+    - wallabag