Relocate Traefik (to matrix-traefik.service && /matrix/traefik base path)
The migration is automatic. Existing users should experience a bit of
downtime until the playbook runs to completion, but don't need to do
anything manually.
This change is provoked by https://github.com/spantaleev/matrix-docker-ansible-deploy/pull/2535
While my statements there ("Traefik is a shared component among
sibling/related playbooks and should retain its global
non-matrix-prefixed name and path") do make sense, there's another point
of view as well.
With the addition of docker-socket-proxy support in bf2b540807
,
we potentially introduced another non-`matrix-`-prefixed systemd service
and global path (`/devture-container-socket-proxy`). It would have
started to become messy.
Traefik always being called `devture-traefik.service` and using the `/devture-traefik` path
has the following downsides:
- different playbooks may write to the same place, unintentionally,
before you disable the Traefik role in some of them.
If each playbook manages its own installation, no such conflicts
arise and you'll learn about the conflict when one of them starts its
Traefik service and fails because the ports are already in use
- the data is scattered - backing up `/matrix` is no longer enough when
some stuff lives in `/devture-traefik` or `/devture-container-socket-proxy` as well;
similarly, deleting `/matrix` is no longer enough to clean up
For this reason, the Traefik instance managed by this playbook
will now be called `matrix-traefik` and live under `/matrix/traefik`.
This also makes it obvious to users running multiple playbooks, which
Traefik instance (powered by which playbook) is the active one.
Previously, you'd look at `devture-traefik.service` and wonder which
role was managing it.
This commit is contained in:
parent
bf2b540807
commit
adcc6d9723
|
@ -3858,6 +3858,10 @@ devture_container_socket_proxy_api_containers_enabled: true
|
||||||
# See the comment there for more details about why we have both `devture_traefik_enabled` and `matrix_playbook_traefik_role_enabled`.
|
# See the comment there for more details about why we have both `devture_traefik_enabled` and `matrix_playbook_traefik_role_enabled`.
|
||||||
devture_traefik_enabled: "{{ matrix_playbook_reverse_proxy_type == 'playbook-managed-traefik' }}"
|
devture_traefik_enabled: "{{ matrix_playbook_reverse_proxy_type == 'playbook-managed-traefik' }}"
|
||||||
|
|
||||||
|
devture_traefik_identifier: matrix-traefik
|
||||||
|
|
||||||
|
devture_traefik_base_path: "{{ matrix_base_data_path }}/traefik"
|
||||||
|
|
||||||
devture_traefik_uid: "{{ matrix_user_uid }}"
|
devture_traefik_uid: "{{ matrix_user_uid }}"
|
||||||
devture_traefik_gid: "{{ matrix_user_gid }}"
|
devture_traefik_gid: "{{ matrix_user_gid }}"
|
||||||
|
|
||||||
|
|
|
@ -21,19 +21,16 @@ else
|
||||||
rm -f {{ devture_systemd_docker_base_systemd_path }}/$s
|
rm -f {{ devture_systemd_docker_base_systemd_path }}/$s
|
||||||
done
|
done
|
||||||
|
|
||||||
echo "Stop and remove devture services"
|
|
||||||
|
|
||||||
for s in $(find {{ devture_systemd_docker_base_systemd_path }}/ -type f -name "devture-*" -printf "%f\n"); do
|
|
||||||
systemctl disable --now $s
|
|
||||||
rm -f {{ devture_systemd_docker_base_systemd_path }}/$s
|
|
||||||
done
|
|
||||||
|
|
||||||
systemctl daemon-reload
|
systemctl daemon-reload
|
||||||
|
|
||||||
echo "Remove unused Docker images and resources"
|
echo "Remove unused Docker images and resources"
|
||||||
docker system prune -af
|
docker system prune -af
|
||||||
|
|
||||||
echo "Remove Docker matrix network (should be gone already, but ..)"
|
echo "Remove Docker matrix network (should be gone already, but ..)"
|
||||||
docker network rm {{ matrix_docker_network }}
|
docker network rm {{ matrix_docker_network }}
|
||||||
|
|
||||||
|
echo "This playbook creates a lot of matrix-* networks. Consider removing them manually ('docker network ls', followed by 'docker network rm NETWORK_NAME')"
|
||||||
|
|
||||||
echo "Remove {{ matrix_base_data_path }} directory"
|
echo "Remove {{ matrix_base_data_path }} directory"
|
||||||
rm -fr "{{ matrix_base_data_path }}"
|
rm -fr "{{ matrix_base_data_path }}"
|
||||||
exit 0
|
exit 0
|
||||||
|
|
|
@ -0,0 +1,35 @@
|
||||||
|
---
|
||||||
|
|
||||||
|
# This migrates Traefik from the old path (`/devture-traefik`) to the new path (`/matrix/traefik`, controlled by `devture_traefik_base_path`),
|
||||||
|
# and from the old hardcoded systemd service name (`devture-traefik.service`) to the new one (`matrix-traefik.service`, controlled by `devture_traefik_identifier`).
|
||||||
|
#
|
||||||
|
# Here, we merely disable (and stop) the old systemd service and relocate the data (`/devture-traefik` directory).
|
||||||
|
# The Traefik role itself (running later) will then ensure this data is up-to-date and will set up the new systemd service.
|
||||||
|
|
||||||
|
# It only makes sense to migrate if the identifier or path are different than the default (what we were using before).
|
||||||
|
- when: "devture_traefik_identifier != 'devture-postgres' or devture_traefik_base_path != '/devture-traefik'"
|
||||||
|
block:
|
||||||
|
- name: Check existence of devture-traefik.service systemd service
|
||||||
|
ansible.builtin.stat:
|
||||||
|
path: "{{ devture_systemd_docker_base_systemd_path }}/devture-traefik.service"
|
||||||
|
register: devture_traefik_service_stat
|
||||||
|
|
||||||
|
- when: devture_traefik_service_stat.stat.exists | bool
|
||||||
|
block:
|
||||||
|
- name: Ensure devture-traefik.service systemd service is stopped
|
||||||
|
ansible.builtin.systemd:
|
||||||
|
name: devture-traefik
|
||||||
|
state: stopped
|
||||||
|
enabled: false
|
||||||
|
daemon_reload: true
|
||||||
|
|
||||||
|
- name: Ensure Traefik systemd service doesn't exist
|
||||||
|
ansible.builtin.file:
|
||||||
|
path: "{{ devture_systemd_docker_base_systemd_path }}/devture-traefik.service"
|
||||||
|
state: absent
|
||||||
|
|
||||||
|
- name: Ensure Traefik directory relocated
|
||||||
|
ansible.builtin.command:
|
||||||
|
cmd: "mv /devture-traefik {{ devture_traefik_base_path }}"
|
||||||
|
creates: "{{ devture_traefik_base_path }}"
|
||||||
|
removes: "/devture-traefik"
|
|
@ -11,3 +11,12 @@
|
||||||
tags:
|
tags:
|
||||||
- setup-all
|
- setup-all
|
||||||
- install-all
|
- install-all
|
||||||
|
|
||||||
|
- when: matrix_playbook_traefik_role_enabled | bool
|
||||||
|
block:
|
||||||
|
- ansible.builtin.include_tasks: "{{ role_path }}/tasks/devture_traefik_to_matrix_traefik.yml"
|
||||||
|
tags:
|
||||||
|
- setup-all
|
||||||
|
- install-all
|
||||||
|
- setup-traefik
|
||||||
|
- install-traefik
|
||||||
|
|
Loading…
Reference in a new issue