183 lines
5.5 KiB
YAML
183 lines
5.5 KiB
YAML
---
|
|
- name: Validate input and add host dynamically
|
|
hosts: localhost
|
|
gather_facts: no
|
|
tasks:
|
|
- name: Check if vm_ip is provided
|
|
fail:
|
|
msg: "ERROR: VM IP address is required!"
|
|
when: vm_ip is not defined or vm_ip == ""
|
|
|
|
- name: Check if ansible_user is provided
|
|
fail:
|
|
msg: "ERROR: ansible_user is required!"
|
|
when: ansible_user is not defined or ansible_user == ""
|
|
|
|
- name: Check authentication method
|
|
fail:
|
|
msg: |
|
|
ERROR: Neither password nor SSH key provided!
|
|
Please provide either:
|
|
- ansible_password variable for password auth
|
|
- ssh_key_path variable for key auth
|
|
when: ansible_password is not defined and ssh_key_path is not defined
|
|
|
|
- name: Display target information
|
|
debug:
|
|
msg: |
|
|
========================================
|
|
Target Configuration:
|
|
- IP Address: {{ vm_ip }}
|
|
- SSH User: {{ ansible_user }}
|
|
- Auth Method: {{ 'SSH Key' if ssh_key_path is defined else 'Password' }}
|
|
========================================
|
|
|
|
- name: Add host with password authentication
|
|
add_host:
|
|
name: "{{ vm_ip }}"
|
|
groups: npm_servers
|
|
ansible_user: "{{ ansible_user }}"
|
|
ansible_ssh_pass: "{{ ansible_password }}"
|
|
ansible_become_pass: "{{ ansible_password }}"
|
|
ansible_ssh_common_args: '-o StrictHostKeyChecking=no'
|
|
when: ansible_password is defined
|
|
|
|
- name: Add host with key authentication
|
|
add_host:
|
|
name: "{{ vm_ip }}"
|
|
groups: npm_servers
|
|
ansible_user: "{{ ansible_user }}"
|
|
ansible_ssh_private_key_file: "{{ ssh_key_path }}"
|
|
ansible_ssh_common_args: '-o StrictHostKeyChecking=no'
|
|
when: ssh_key_path is defined
|
|
|
|
- name: Setup Minimal Linux with Docker and Nginx Proxy Manager
|
|
hosts: npm_servers
|
|
become: yes
|
|
gather_facts: yes
|
|
tasks:
|
|
- name: Test connection
|
|
ping:
|
|
|
|
- name: Update apt cache and install prerequisites
|
|
apt:
|
|
name:
|
|
- apt-transport-https
|
|
- ca-certificates
|
|
- curl
|
|
- gnupg
|
|
- lsb-release
|
|
state: present
|
|
update_cache: yes
|
|
|
|
- name: Add Docker GPG key (modern method)
|
|
shell: |
|
|
curl -fsSL https://download.docker.com/linux/debian/gpg | gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
|
|
args:
|
|
creates: /usr/share/keyrings/docker-archive-keyring.gpg
|
|
|
|
- name: Add Docker repository
|
|
shell: |
|
|
echo "deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/debian $(lsb_release -cs) stable" | tee /etc/apt/sources.list.d/docker.list > /dev/null
|
|
args:
|
|
creates: /etc/apt/sources.list.d/docker.list
|
|
|
|
- name: Update apt cache with Docker repository
|
|
apt:
|
|
update_cache: yes
|
|
|
|
- name: Install Docker and Docker Compose Plugin
|
|
apt:
|
|
name:
|
|
- docker-ce
|
|
- docker-ce-cli
|
|
- containerd.io
|
|
- docker-compose-plugin
|
|
state: present
|
|
|
|
- name: Ensure Docker service is running and enabled
|
|
systemd:
|
|
name: docker
|
|
state: started
|
|
enabled: yes
|
|
|
|
- name: Add user to docker group
|
|
user:
|
|
name: "{{ ansible_user }}"
|
|
groups: docker
|
|
append: yes
|
|
when: ansible_user != 'root'
|
|
|
|
- name: Create directory for Nginx Proxy Manager
|
|
file:
|
|
path: /opt/npm
|
|
state: directory
|
|
mode: '0755'
|
|
|
|
- name: Create docker-compose.yml for NPM (without version)
|
|
copy:
|
|
dest: /opt/npm/docker-compose.yml
|
|
content: |
|
|
services:
|
|
app:
|
|
image: 'jc21/nginx-proxy-manager:latest'
|
|
restart: unless-stopped
|
|
ports:
|
|
- '80:80'
|
|
- '81:81'
|
|
- '443:443'
|
|
volumes:
|
|
- ./data:/data
|
|
- ./letsencrypt:/etc/letsencrypt
|
|
|
|
- name: Run Nginx Proxy Manager via Docker Compose
|
|
community.docker.docker_compose_v2:
|
|
project_src: /opt/npm
|
|
state: present
|
|
register: docker_compose_result
|
|
retries: 3
|
|
delay: 10
|
|
until: docker_compose_result is success
|
|
ignore_errors: yes
|
|
|
|
- name: Retry pulling image if failed
|
|
command: docker pull jc21/nginx-proxy-manager:latest
|
|
when: docker_compose_result is failed
|
|
register: docker_pull
|
|
retries: 5
|
|
delay: 30
|
|
until: docker_pull is success
|
|
|
|
- name: Run Docker Compose again
|
|
community.docker.docker_compose_v2:
|
|
project_src: /opt/npm
|
|
state: present
|
|
when: docker_compose_result is failed
|
|
|
|
- name: Check if containers are running
|
|
shell: docker ps --filter "name=app"
|
|
register: container_status
|
|
changed_when: false
|
|
|
|
- name: Display container status
|
|
debug:
|
|
msg: "Container status:\n{{ container_status.stdout }}"
|
|
|
|
- name: Display access information
|
|
debug:
|
|
msg: |
|
|
========================================
|
|
✅ Docker and Nginx Proxy Manager installed!
|
|
|
|
Container Status:
|
|
{{ container_status.stdout }}
|
|
|
|
Access URLs:
|
|
- Admin Panel: http://{{ vm_ip }}:81
|
|
- HTTP Proxy: http://{{ vm_ip }}
|
|
- HTTPS Proxy: https://{{ vm_ip }}
|
|
|
|
Default Admin Credentials:
|
|
- Email: admin@example.com
|
|
- Password: changeme
|
|
======================================== |