From 6a1abf34c3da310e9e93f5167c4ffa394f32e47d Mon Sep 17 00:00:00 2001
From: olli <olli@gabosh.net>
Date: Sun, 10 Jul 2022 10:50:57 +0200
Subject: [PATCH] first commit

---
 README.md  |   0
 docker.yml | 127 +++++++++++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 127 insertions(+)
 create mode 100644 README.md
 create mode 100644 docker.yml

diff --git a/README.md b/README.md
new file mode 100644
index 0000000..e69de29
diff --git a/docker.yml b/docker.yml
new file mode 100644
index 0000000..607afe0
--- /dev/null
+++ b/docker.yml
@@ -0,0 +1,127 @@
+---
+
+- name: docker
+  hosts: all
+  tasks:
+
+### Docker ###
+
+    - name: Create docker Group
+      ansible.builtin.group:
+        name: docker
+        state: present
+        gid: 1003
+
+    - name: Create docker User
+      ansible.builtin.user:
+        name: docker
+        comment: docker User
+        uid: 1003
+        group: docker
+
+    - name: Create docker dir
+      ansible.builtin.file:
+        path: /home/docker
+        owner: docker
+        group: docker
+        state: directory
+        mode: '0750'
+
+    - name: Create docker-data dir
+      ansible.builtin.file:
+        path: /home/docker/var-lib-docker
+        owner: root
+        group: root
+        state: directory
+        mode: '0710'
+
+    - name: Create /var/lib/docker -> /home/docker/var-lib-docker symlink
+      ansible.builtin.file:
+        src: /home/docker/var-lib-docker
+        dest: /var/lib/docker
+        owner: root
+        group: root
+        state: link
+
+    - name: Packages for docker
+      apt:
+        name: 
+          - docker.io
+          - docker-compose
+          - apache2-utils
+          - bridge-utils
+        update_cache: no
+        install_recommends: no
+
+    - name: /usr/local/sbin/autoupdate.d/docker.update
+      blockinfile:
+        path: /usr/local/sbin/autoupdate.d/docker.update
+        mode: "0400"
+        owner: root
+        group: root
+        create: yes
+        marker: "# {mark} ANSIBLE MANAGED BLOCK"
+        block: |
+          # Docker
+          g_echo_ok "check for updates"
+          # Clean up docker images
+          docker system prune -af
+          find /home/docker -maxdepth 1 -mindepth 1 -type d | grep -v "mailcow-dockerized" | while read docker
+          do
+            [ -f "$docker/docker-compose.yml" ] || continue
+            g_echo_ok "$docker"
+            cd "${docker}"
+            if docker-compose --log-level WARNING --no-ansi pull --include-deps 2>&1 | grep "download complete"
+            then
+              g_echo_warn "Installiere $docker Update"
+              docker-compose --log-level WARNING --no-ansi down 2>&1 || g_echo_error "$docker: docker-compose pull fehlgeschlagen"
+              docker-compose --log-level WARNING --no-ansi up -d 2>&1 || g_echo_error "$docker: docker-compose up fehlgeschlagen"
+            fi
+            if [ -f Dockerfile ]
+            then
+              if docker-compose --log-level WARNING --no-ansi build --pull --no-cache --force-rm 
+              then
+                docker-compose --log-level WARNING --no-ansi down || g_echo_error "$docker: docker-compose pull fehlgeschlagen"
+                docker-compose --log-level WARNING --no-ansi up -d || g_echo_error "$docker: docker-compose up fehlgeschlagen"
+              else
+                g_echo_error "$docker: docker-compose build fehlgeschlagen"
+              fi
+            fi
+          done
+        backup: yes
+        validate: /bin/bash -n %s
+
+    - name: /usr/local/sbin/backup.d/docker.backup
+      blockinfile:
+        path: /usr/local/sbin/backup.d/docker.backup
+        mode: "0400"
+        owner: root
+        group: root
+        create: yes
+        marker: "# {mark} ANSIBLE MANAGED BLOCK"
+        block: |
+          ### DB Backup
+          g_echo_ok "Starte Backup von MySQL-Datenbanken (Docker)"
+           
+          DAYS=7
+           
+          TIMESTAMP=$(date +"%Y%m%d%H%M")
+          CONTAINER=$(docker ps --format \{\{.Names\}\}:\{\{.Image\}\}| grep 'mysql\|mariadb' | cut -d":" -f1 | grep -v mailcow)
+           
+          mkdir -p $BACKUPDIR
+          for i in $CONTAINER
+          do
+              MARIADB_DATABASE=$(docker exec $i env | egrep "MARIADB_DATABASE|MYSQL_DATABASE" | tail -n1 |cut -d"=" -f2)
+              MARIADB_PWD=$(docker exec $i env | egrep "MARIADB_PASSWORD|MYSQL_PASSWORD" | tail -n1 |cut -d"=" -f2)
+              MARIADB_USR=$(docker exec $i env | egrep "MARIADB_USER|MYSQL_USER" | tail -n1 |cut -d"=" -f2)
+            g_echo "Sichere Datenbank $MARIADB_DATABASE DB aus $i";
+            docker exec $i /usr/bin/mysqldump --no-tablespaces -u $MARIADB_USR -p$MARIADB_PWD $MARIADB_DATABASE | gzip > $BACKUPDIR/$i-$MARIADB_DATABASE-$TIMESTAMP.sql.gz >${g_tmp}/dberr 2>&1 || g_echo_error "DB-Backup von $MARIADB_DATABASE war nicht erfolgreich $(cat ${g_tmp}/dberr)"
+            # dont delete last old backups!
+            OLD_BACKUPS=$(ls -1 $BACKUPDIR/$i*.gz |wc -l)
+            if [ $OLD_BACKUPS -gt $DAYS ]; then
+              find $BACKUPDIR -name "$i*.gz" -daystart -mtime +$DAYS -delete
+            fi
+          done
+        backup: yes
+        validate: /bin/bash -n %s
+