added nosql (redis) container with pass, update fulfillr

2023-09-19 18:55:38 -04:00
parent 10fef844d6
commit 8686b40525
5 changed files with 56 additions and 4 deletions
--- a/ansible/roles/podman/defaults/main.yml
+++ b/ansible/roles/podman/defaults/main.yml
@@ -8,6 +8,7 @@ fulfillr_path: "{{ podman_volumes }}/fulfillr"
 graylog_path: "{{ podman_volumes }}/graylog"
 hass_path: "{{ podman_volumes }}/hass"
 nginx_path: "{{ podman_volumes }}/nginx"
 nosql_path: "{{ podman_volumes }}/nosql"
 partkeepr_path: "{{ podman_volumes }}/partkeepr"
 photos_path: "{{ podman_volumes }}/photos"
 pihole_path: "{{ podman_volumes }}/pihole"
--- a/ansible/roles/podman/tasks/container-nosql.yml
+++ b/ansible/roles/podman/tasks/container-nosql.yml
@@ -0,0 +1,44 @@
 ---
 - name: create nosql host directory volumes
  become: true
  ansible.builtin.file:
    path: "{{ item }}"
    state: directory
    owner: "{{ podman_user }}"
    group: "{{ podman_user }}"
    mode: 0755
  notify: restorecon podman
  loop:
    - "{{ nosql_path }}/conf"
    - "{{ nosql_path }}/data"
 - name: flush handlers
  ansible.builtin.meta: flush_handlers
 - import_tasks: podman/podman-check.yml
  vars:
    container_name: nosql
    container_image: "{{ image }}"
 - name: create nosql container
  become: true
  become_user: "{{ podman_user }}"
  containers.podman.podman_container:
    name: nosql
    image: "{{ image }}"
    command: redis-server --requirepass {{ nosql_password }} 
    restart_policy: on-failure:3
    log_driver: journald
    volumes:
      - "{{ nosql_path }}/conf:/usr/local/etc/redis/"
      - "{{ nosql_path }}/data:/var/lib/redis"
    env:
      TZ: America/New_York
      REDIS_REPLICATION_MODE: master
    ports:
      - 6379:6379/tcp
 - name: create systemd startup job for nosql
  include_tasks: podman/systemd-generate.yml
  vars:
    container_name: nosql
--- a/ansible/roles/podman/tasks/firewall.yml
+++ b/ansible/roles/podman/tasks/firewall.yml
@@ -16,9 +16,8 @@
    # pihole (unused?)
    - 53/tcp
    - 53/udp
-    # pihole (iptables preroute)
+    # nosql/redis
-    - 1153/tcp
+    - 6379/tcp
    - 1153/udp
    # ???
    - 6875/tcp
    # Satisfactory
@@ -39,6 +38,9 @@
    immediate: true
    state: disabled
  loop:
    - 1153/tcp
    - 1153/udp
    - 2000/udp
    - 2456/udp
    - 2457/udp
    - 9093/tcp
--- a/ansible/roles/podman/tasks/main.yml
+++ b/ansible/roles/podman/tasks/main.yml
@@ -51,7 +51,7 @@
 - import_tasks: container-fulfillr.yml
  vars:
-    image: "{{ aws_ecr_endpoint }}/fulfillr:20230913.2009"
+    image: "{{ aws_ecr_endpoint }}/fulfillr:20230919.2233"
  tags: fulfillr
 - import_tasks: configuration-nginx.yml
@@ -60,6 +60,11 @@
    image: docker.io/owasp/modsecurity:nginx
  tags: nginx
 - import_tasks: container-nosql.yml
  vars:
    image: docker.io/redis:7.2.1-alpine
  tags: nosql
 - import_tasks: container-sshpass-cron.yml
  vars:
    image: docker.io/bdebyl/sshpass-cron:1.0.11
--- a/ansible/vars/vault.yml
+++ b/ansible/vars/vault.yml