Update Gitea role for docker_compose_deploy

- Add MariaDB to dev playbook - Set Git user in "users:" - Define Gitea external compose project - Forward SSH port in forwarding script - Create user groups with system users - Install python3-pymysql for Ansible - Strip old Gitea deployment methods - Bind MariaDB to docker0 for Docker access
2023-10-20 15:41:44 -04:00
parent c3b4321667
commit 7adb5f10e9
9 changed files with 68 additions and 63 deletions
--- a/roles/mariadb/defaults/main.yml
+++ b/roles/mariadb/defaults/main.yml
@@ -1,3 +0,0 @@
-mariadb_trust:
-  - "172.16.0.0/12"
-  - "192.168.0.0/16"
--- a/roles/mariadb/handlers/main.yml
+++ b/roles/mariadb/handlers/main.yml
@@ -0,0 +1,5 @@
+- name: Restart MariaDB
+  ansible.builtin.service:
+    name: mariadb
+    state: restarted
+  listen: restart_mariadb
--- a/roles/mariadb/tasks/main.yml
+++ b/roles/mariadb/tasks/main.yml
@@ -3,23 +3,20 @@
    name: mariadb-server
    state: present

- name: Change the bind-address to allow Docker
+- name: Regather facts for the potentially new docker0 interface
+  ansible.builtin.setup:
+
+- name: Change the bind-address to allow from docker0
  ansible.builtin.lineinfile:
    path: /etc/mysql/mariadb.conf.d/50-server.cnf
    regex: "^bind-address"
-    line: "bind-address            = 0.0.0.0"
-  register: mariadb_conf
+    line: "bind-address            = {{ ansible_facts.docker0.ipv4.address }}"
+  notify: restart_mariadb

- name: Restart MariaDB
-  ansible.builtin.service:
-    name: mariadb
-    state: restarted
-  when: mariadb_conf.changed
-
- name: Allow database connections
+- name: Allow database connections from Docker
  community.general.ufw:
    rule: allow
    port: "3306"
    proto: tcp
    src: "{{ item }}"
-  loop: "{{ mariadb_trust }}"
+  loop: "{{ mariadb_trust | default(['172.16.0.0/12']) }}"