From 0328a48e22fbd0e8136a1648f86073e289b049cd Mon Sep 17 00:00:00 2001 From: transcaffeine Date: Sat, 11 Jan 2025 20:49:16 +0100 Subject: [PATCH] refactor(authelia): add state and deployment_method role parameters --- roles/authelia/defaults/main.yml | 6 ++- roles/authelia/tasks/main.yml | 71 +++++--------------------------- roles/authelia/vars/main.yml | 5 +++ 3 files changed, 21 insertions(+), 61 deletions(-) diff --git a/roles/authelia/defaults/main.yml b/roles/authelia/defaults/main.yml index 3046559..5743236 100644 --- a/roles/authelia/defaults/main.yml +++ b/roles/authelia/defaults/main.yml @@ -4,6 +4,9 @@ authelia_user: authelia authelia_base_dir: /opt/authelia authelia_domain: authelia.example.org +authelia_state: present +authelia_deployment_method: docker + authelia_config_dir: "{{ authelia_base_dir }}/config" authelia_config_file: "{{ authelia_config_dir }}/config.yaml" authelia_data_dir: "{{ authelia_base_dir }}/data" @@ -42,7 +45,8 @@ authelia_container_ports: ~ authelia_container_networks: ~ authelia_container_purge_networks: ~ authelia_container_restart_policy: unless-stopped -authelia_container_state: started +authelia_container_state: >-2 + {{ (authelia_state == 'present' | ternary('started', 'absent') }} authelia_container_listen_port: 9091 authelia_tls_minimum_version: TLS1.2 diff --git a/roles/authelia/tasks/main.yml b/roles/authelia/tasks/main.yml index 9163dcf..8ee5b39 100644 --- a/roles/authelia/tasks/main.yml +++ b/roles/authelia/tasks/main.yml @@ -1,16 +1,20 @@ --- +- name: Ensure state is valid + ansible.builtin.fail: + msg: "Invalid state '{{ authelia_state }}'! Valid states are {{ authelia_states | join(', ') }}" + when: authelia_state not in authelia_states -- name: Ensure user {{ authelia_user }} exists +- name: Ensure user {{ authelia_user }} is {{ authelia_state }} ansible.builtin.user: name: "{{ authelia_user }}" - state: present + state: "{{ authelia_state }}" system: true register: authelia_user_info - name: Ensure host directories are created with correct permissions ansible.builtin.file: path: "{{ item.path }}" - state: directory + state: "{{ (authelia_state == 'present') | ternary('directory', 'absent') }}" owner: "{{ item.owner | default(authelia_user) }}" group: "{{ item.group | default(authelia_user) }}" mode: "{{ item.mode | default('0750') }}" @@ -32,62 +36,9 @@ owner: "{{ authelia_run_user }}" group: "{{ authelia_run_group }}" mode: "0640" + when: authelia_state == 'present' notify: restart-authelia -- name: Ensure sqlite database file exists before mounting it - ansible.builtin.file: - path: "{{ authelia_sqlite_storage_file }}" - state: touch - owner: "{{ authelia_run_user }}" - group: "{{ authelia_run_group }}" - mode: "0640" - access_time: preserve - modification_time: preserve - when: authelia_config_storage_local_path | default(false, true) - -- name: Ensure user database exists before mounting it - ansible.builtin.file: - path: "{{ authelia_user_storage_file }}" - state: touch - owner: "{{ authelia_run_user }}" - group: "{{ authelia_run_group }}" - mode: "0640" - access_time: preserve - modification_time: preserve - when: authelia_config_authentication_backend_file_path | default(false, true) - -- name: Ensure notification reports file exists before mounting it - ansible.builtin.file: - path: "{{ authelia_notification_storage_file }}" - state: touch - owner: "{{ authelia_run_user }}" - group: "{{ authelia_run_group }}" - mode: "0640" - access_time: preserve - modification_time: preserve - when: authelia_config_notifier_filesystem_filename | default(false, true) - -- name: Ensure authelia container image is present - community.docker.docker_image: - name: "{{ authelia_container_image_ref }}" - state: present - source: pull - force_source: "{{ authelia_container_image_force_pull }}" - register: authelia_container_image_info - -- name: Ensure authelia container is running - community.docker.docker_container: - name: "{{ authelia_container_name }}" - image: "{{ authelia_container_image_ref }}" - env: "{{ authelia_container_env }}" - user: "{{ authelia_run_user }}:{{ authelia_run_group }}" - ports: "{{ authelia_container_ports | default(omit, true) }}" - labels: "{{ authelia_container_labels }}" - volumes: "{{ authelia_container_volumes }}" - networks: "{{ authelia_container_networks | default(omit, true) }}" - etc_hosts: "{{ authelia_container_etc_hosts | default(omit, true) }}" - purge_networks: "{{ authelia_container_purge_networks | default(omit, true)}}" - restart_policy: "{{ authelia_container_restart_policy }}" - recreate: "{{ authelia_container_recreate | default(omit, true) }}" - state: "{{ authelia_container_state }}" - register: authelia_container_info +- name: Deploy using {{ authelia_deployment_method }} + ansible.builtin.include_tasks: + file: "deploy-{{ authelia_deployment_method }}.yml" diff --git a/roles/authelia/vars/main.yml b/roles/authelia/vars/main.yml index b5791de..974a875 100644 --- a/roles/authelia/vars/main.yml +++ b/roles/authelia/vars/main.yml @@ -1,4 +1,9 @@ --- +authelia_states: + - present + - absent +authelia_deployment_methods: + - docker authelia_run_user: "{{ (authelia_user_info.uid) if authelia_user_info is defined else authelia_user }}" authelia_run_group: "{{ (authelia_user_info.group) if authelia_user_info is defined else authelia_user }}"