Runs before setting up any new stacks or pursue other modifications to
docker deployments.
Brings down any stack which is not currently defined in a role. This
makes the whole installation more idempotent since we take care to not
only bring _up_ any necessary docker containers, but also bring _down_
those that have become unnecessary.
Deprecates diun as it provides a simpler implementation for docker
swarm. Mark any containers you want auto updated with
`shepherd.autoupdate=true` and the rest with
`shepherd.autoupdate=false`. Everything untagged will not be watched (by
default), though this can be changed by setting the ansible default
variable `shepherd_filter_services: `.
Sets up regular backup maintenance for a restic (S3) backend, and
enables global variables for other roles to use for their individual
backup. Example found in nextcloud role.
Sets s3 storage for all available subsystems, more information here:
https://forgejo.org/docs/latest/admin/storage/
Does *not* set repositories to be hosted on s3 since forgejo does not
support it.
Docker should only be updated when run explicitly as it currently
requires a re-run of the complete playbook afterwards (does not work for
single-tag deployments e.g.) since it will recreate caddy container and
lose all reverse proxy information.
Stay on the exact version unless it is specifically told to upgrade.
This is a first-step workaround for the (non-)idempodency issue of the
caddy container's json config injection.
Previously every deployment (even just for a single tag, such as
`ansible-playbook site.yml --tags landingpage`) would have the caddy
deployment in its dependency.
That meant in effect whenever there was an updated caddy image, the role
would update it and we would lose all previous caddy configuration -
which in turn would necessitate a complete redeploymnet of all steps.
This is now not the case anymore.
Moved all variables over; moved git passthrough script to new location
and naming scheme; moved settings and mentions of gitea name; switched
ci woodpecker instance to use forgejo instead of gitea.
Shaarli images moved a while ago and received a different tag naming scheme.
So we changed to the new repository and renamed the version from latest
to release.
We waited for 60 seconds previously which is exactly when the
supplied ssh key would disappear in my setup. So instead we
wait for slightly shorter (55 seconds) to ease this for me.
For a reason, current wget versions error out when using localhost instead
of 127.0.0.1 as the healthcheck for docker services. Probably has something
to do with dns resolution - either on docker or wget end, but have not
looked to deep into it.
