--- - name: docker hosts: all tasks: ### Docker ### - name: Create docker Group ansible.builtin.group: name: docker state: present gid: 1003 - name: Create docker User ansible.builtin.user: name: docker comment: docker User uid: 1003 group: docker - name: Create docker dir ansible.builtin.file: path: /home/docker owner: docker group: docker state: directory mode: '0750' - name: Create docker-data dir ansible.builtin.file: path: /home/docker/var-lib-docker owner: root group: root state: directory mode: '0710' - name: Create /var/lib/docker -> /home/docker/var-lib-docker symlink ansible.builtin.file: src: /home/docker/var-lib-docker dest: /var/lib/docker owner: root group: root state: link - name: Packages for docker apt: name: - docker.io - docker-compose - apache2-utils - bridge-utils update_cache: no install_recommends: no - name: /usr/local/sbin/autoupdate.d/docker.update blockinfile: path: /usr/local/sbin/autoupdate.d/docker.update mode: "0400" owner: root group: root create: yes marker: "# {mark} ANSIBLE MANAGED BLOCK" block: | # Docker g_echo_ok "check for updates" # Clean up docker images docker system prune -af find /home/docker -maxdepth 1 -mindepth 1 -type d | egrep -v "mailcow-dockerized$|.del$|.bak$|.old$|var-lib-docker$" | while read docker do [ -f "$docker/docker-compose.yml" ] || continue g_echo_ok "$docker" cd "${docker}" if docker-compose --log-level WARNING --no-ansi pull --include-deps 2>&1 | grep "download complete" then g_echo_warn "Installiere $docker Update" docker-compose --log-level WARNING --no-ansi down >$g_tmp/down 2>&1 || g_echo_error "$docker: docker-compose pull fehlgeschlagen: $(cat $g_tmp/down)" docker-compose --log-level WARNING --no-ansi up -d >$g_tmp/up 2>&1 || g_echo_error "$docker: docker-compose up fehlgeschlagen: $(cat $g_tmp/up)" fi if [ -f Dockerfile ] then if docker-compose --log-level WARNING --no-ansi build --pull --no-cache --force-rm >$g_tmp/build 2>&1 then docker-compose --log-level WARNING --no-ansi down >$g_tmp/down 2>&1 || g_echo_error "$docker: docker-compose pull fehlgeschlagen: $(cat $g_tmp/down)" docker-compose --log-level WARNING --no-ansi up -d >$g_tmp/up 2>&1 || g_echo_error "$docker: docker-compose up fehlgeschlagen: $(cat $g_tmp/up)" else g_echo_error "$docker: docker-compose build fehlgeschlagen: $(cat $g_tmp/build)" fi fi done backup: yes validate: /bin/bash -n %s - name: /usr/local/sbin/backup.d/docker.backup blockinfile: path: /usr/local/sbin/backup.d/docker.backup mode: "0400" owner: root group: root create: yes marker: "# {mark} ANSIBLE MANAGED BLOCK" block: | ### DB Backup g_echo_ok "Starte Backup von MySQL-Datenbanken (Docker)" DAYS=7 TIMESTAMP=$(date +"%Y%m%d%H%M") CONTAINER=$(docker ps --format \{\{.Names\}\}:\{\{.Image\}\}| grep 'mysql\|mariadb' | cut -d":" -f1 | grep -v mailcow) mkdir -p $BACKUPDIR for i in $CONTAINER do MARIADB_DATABASE=$(docker exec $i env | egrep "MARIADB_DATABASE|MYSQL_DATABASE" | tail -n1 |cut -d"=" -f2) MARIADB_PWD=$(docker exec $i env | egrep "MARIADB_PASSWORD|MYSQL_PASSWORD" | tail -n1 |cut -d"=" -f2) MARIADB_USR=$(docker exec $i env | egrep "MARIADB_USER|MYSQL_USER" | tail -n1 |cut -d"=" -f2) g_echo "Sichere Datenbank $MARIADB_DATABASE DB aus $i"; docker exec $i /usr/bin/mysqldump --no-tablespaces -u $MARIADB_USR -p$MARIADB_PWD $MARIADB_DATABASE 2>${g_tmp}/dberr | gzip > $BACKUPDIR/$i-$MARIADB_DATABASE-$TIMESTAMP.sql.gz || g_echo_error "DB-Backup von $MARIADB_DATABASE war nicht erfolgreich $(cat ${g_tmp}/dberr)" # dont delete last old backups! OLD_BACKUPS=$(ls -1 $BACKUPDIR/$i*.gz |wc -l) if [ $OLD_BACKUPS -gt $DAYS ]; then find $BACKUPDIR -name "$i*.gz" -daystart -mtime +$DAYS -delete fi done backup: yes validate: /bin/bash -n %s