no-secrets-athq-ansible/roles/docker-deployments/tasks/main.yaml

- include_vars: services.yaml

- name: Deploy Docker daemon.json
  template:
    src: daemon.json
    dest: /etc/docker/daemon.json

- name: Create data-dir
  file:
    name: /data/
    state: directory

- name: Create opt-dir
  file:
    name: /opt/
    state: directory

- name: Async Icinga mount directory
  file:
    name: /data/async-icinga
    state: directory

- name: Async Icinga database mount directory
  file:
    name: /data/async-icinga
    state: directory

- name: Async Icinga Service (static)
  template:
    src: async-config.json.j2
    dest: /data/async-icinga/config.json
  notify:
    - reload async icinga settings

- name: Async Icinga Service (static)
  template:
    src: async-icinga-config.json.j2
    dest: /data/async-icinga/async-icinga-config.json
  notify:
    - reload async icinga settings

- name: Create Event Dispatch Substitutions config dir
  file:
    name: /data/event-dispatcher/substitutions/
    state: directory

- name: Copy Event Dispatcher Substitutions Map
  template:
    src: event-message-subsitution-map.yaml
    dest: /data/event-dispatcher/substitutions/substitutions.yaml

- name: Async Icinga Service (dynamic from backup file)
  copy:
    src: async-icinga-config-dynamic.json
    dest: /data/async-icinga/
  notify:
    - reload async icinga settings
    
- name: Create data directories
  file:
    name: "/data/{{ item }}/"
    state: directory
  with_items:
    - tmnf-replay-server
    - atlantis-hub
    - grafana
    - event-dispatcher
    - reactive-resume
    - hedgedoc
    - atlantis-verify
    - soundlib-interface
    - python-flask-picture-factory
    - money-balancer
    - ntfy
    - code-server
    - nginx-media-cdn
    - immich
    - gitea
    - gitea-runner
    - atlantis-status
    - logstash

- name: Copy AtlantisHub config
  copy:
    src: "atlantis-hub-content/config.yaml"
    dest: "/data/atlantis-hub/config.yaml"
  notify: restart hub

- name: Create AtlantisHubDirectories
  file:
    name: "/data/atlantis-hub/{{ item }}"
    state: directory
  with_items:
    - static-icons
    - instance
    - static-cache

- name: Copy AtlantisHub static icons
  copy:
    src: "atlantis-hub-content/static-icons/"
    dest: "/data/atlantis-hub/static-icons/"

- name: Copy AtlantisHub static icons
  template:
    src: "grafana.ini"
    dest: "/data/grafana/grafana.ini"

- name: create_logstash_data_dirs
  file:
    name: "/data/logstash/{{ item }}"
    state: directory
  with_items:
    - "config"
    - "pipeline"

- name: copy_logstash_config
  template:
    src: "{{ item }}"
    dest: "/data/logstash/config/"
  with_items:
    - "logstash.yml"
    - "pipelines.yml"

- name: copy_logstash_pipeline_config
  template:
    src: "{{ item }}"
    dest: "/data/logstash/pipeline/"
  with_items:
    - "logstash.conf"

- name: copy_atlantis_status_services
  template:
    src: "{{ item }}.yaml"
    dest: "/data/atlantis-status/services/"
  with_items:
    - "atlantis-array"
    - "service-dispatcher-config"

- name: Create compose directories
  file:
    name: "/opt/{{ item }}"
    state: directory
  with_items:
    - athq-landing
    - grafana
    - potaris
    - sector32
    - async-icinga
    - tmnf-replay-server
    - atlantis-hub
    - grafana
    - event-dispatcher
    #- tor
    - reactive-resume
    - hedgedoc
    - atlantis-verify
    - soundlib-interface
    - python-flask-picture-factory
    - money-balancer
    - ntfy
    - code-server
    - serienampel
    - nginx-media-cdn
    - immich
    - gitea
    - gitea-runner
    - atlantis-status
    - logstash

- name: Copy compose templates
  template:
    src: "{{ item }}.yaml"
    dest: "/opt/{{ item }}/"
  with_items:
    - athq-landing
    - grafana
    - potaris
    - sector32
    - async-icinga
    - tmnf-replay-server
    - atlantis-hub
    - grafana
    - event-dispatcher
    #- tor
    - hedgedoc
    - atlantis-verify
    - soundlib-interface
    - python-flask-picture-factory
    - money-balancer
    - ntfy
    - code-server
    - serienampel
    - nginx-media-cdn
    - immich
    - gitea
    - gitea-runner
    - atlantis-status
    - logstash

- name: create sites-enabled dir
  file:
    path: "/opt/nginx-media-cdn/sites-enabled/"
    state: directory

- name: Deploy nginx-media-cdn config files
  copy:
    src: "{{ item }}"
    dest: "/opt/nginx-media-cdn/sites-enabled/"
  with_items:
    - media.conf
    - cdn.conf
    - ipcheck.conf

- name: Deploy nginx auth
  copy:
    src: "{{ item }}"
    dest: "/opt/nginx-media-cdn/"
    owner: 101
    group: 101
  with_items:
    - htpasswd

- name: Log into private registry
  docker_login:
    registry: registry.atlantishq.de
    username: docker
    password: HISTORY_PURGED_SECRET

- name: Deploy compose templates
  community.docker.docker_compose_v2:
    remove_orphans: true
    project_src: "/opt/{{ item }}/"
    pull: "missing"
    files:
      - "{{ item }}.yaml"
  with_items:
    - athq-landing
    - grafana
    - potaris
    - sector32
    - async-icinga
    - tmnf-replay-server
    - atlantis-hub
    - grafana
    - event-dispatcher
    #- tor
    - reactive-resume
    - hedgedoc
    - atlantis-verify
    - soundlib-interface
    - python-flask-picture-factory
    #- money-balancer
    - ntfy
    - code-server
    - serienampel
    - nginx-media-cdn
    - immich
    - gitea
    - gitea-runner
    - atlantis-status
    - logstash

- name: OAuth2Proxy directories
  file:
    path: "/opt/oauth2proxy/{{ item }}/"
    state: directory
    recurse: yes
  with_items:
    - tmnf-replay-server
    - atlantis-hub
    - grafana
    - async-icinga
    - atlantis-verify
    - soundlib-interface
    - python-flask-picture-factory
    #- reactive-resume
    - money-balancer
    - olive-tin
    - atlantis-status

- name: include services ports
  include_vars: services.yaml

- name: Deploy OAuth2Proxy compose files
  template:
    src: oauth-standalone-docker-compose.yaml
    dest: "/opt/oauth2proxy/{{ item }}/docker-compose.yaml"
    #remove_orphans: true
  with_items:
    - tmnf-replay-server
    - atlantis-hub
    - grafana
    - async-icinga
    - atlantis-verify
    - soundlib-interface
    - python-flask-picture-factory
    - reactive-resume
    - money-balancer
    - olive-tin
    - atlantis-status

- name: Deploy OAuth2Proxy
  community.docker.docker_compose_v2:
    project_src: /opt/oauth2proxy/{{ item }}/
    pull: always
  with_items:
    - tmnf-replay-server
    - atlantis-hub
    - grafana
    - async-icinga
    - atlantis-verify
    - soundlib-interface
    - python-flask-picture-factory
    #- reactive-resume
    #- money-balancer
    - olive-tin
    - atlantis-status