Add beehive role
This commit is contained in:
parent
6f7fed1b02
commit
03db0c8236
18
roles/beehive/defaults/main.yml
Normal file
18
roles/beehive/defaults/main.yml
Normal file
|
@ -0,0 +1,18 @@
|
|||
---
|
||||
beehive_version: v0.4.0
|
||||
beehive_tarball_armv6: beehive_0.4.0_Linux_armv6.tar.gz
|
||||
beehive_tarball_armv6_sha256: c1fa8f5a1935ee12f09a2bd9579281d64552897c597534361aba90ed992676fb
|
||||
beehive_tarball_x86_64: beehive_0.4.0_Linux_x86_64.tar.gz
|
||||
beehive_tarball_x86_64_sha256: f1959bc2f7c19d4ec8eaabc7b78492836afcc3bcd75d034854e66607efa9efab
|
||||
|
||||
architecture: "{{ 'armv6' if ansible_architecture|lower == 'armv7l' else ansible_architecture|lower}}"
|
||||
beehive_tarball: "{{ lookup('vars', 'beehive_tarball_'+architecture, default=beehive_tarball_x86_64) }}"
|
||||
beehive_tarball_sha256: "{{ lookup('vars', 'beehive_tarball_'+architecture+'_sha256', default=beehive_tarball_x86_64_sha256) }}"
|
||||
|
||||
|
||||
beehive_download_url: "https://github.com/muesli/beehive/releases/download/{{ beehive_version }}/{{ beehive_tarball }}"
|
||||
|
||||
beehive_dir: /srv/beehive
|
||||
|
||||
beehive_bind: 127.0.0.1:8181
|
||||
beehive_canonical_url: "http://{{ beehive_bind }}"
|
9
roles/beehive/handlers/main.yml
Normal file
9
roles/beehive/handlers/main.yml
Normal file
|
@ -0,0 +1,9 @@
|
|||
---
|
||||
- name: systemctl daemon-reload
|
||||
systemd:
|
||||
daemon_reload: true
|
||||
|
||||
- name: systemctl restart beehive
|
||||
systemd:
|
||||
name: beehive.service
|
||||
state: restarted
|
71
roles/beehive/tasks/main.yml
Normal file
71
roles/beehive/tasks/main.yml
Normal file
|
@ -0,0 +1,71 @@
|
|||
---
|
||||
|
||||
- name: ensure beehive group exits
|
||||
group:
|
||||
name: beehive
|
||||
system: true
|
||||
|
||||
- name: ensure beehive user exists and has restrictive settings
|
||||
user:
|
||||
name: beehive
|
||||
groups: beehive
|
||||
password: "*"
|
||||
create_home: false
|
||||
system: true
|
||||
shell: /usr/sbin/nologin
|
||||
|
||||
- name: ensure that the directory where we deploy beehive exists
|
||||
file:
|
||||
path: "{{ beehive_dir }}"
|
||||
state: directory
|
||||
owner: beehive
|
||||
group: beehive
|
||||
mode: "0750"
|
||||
|
||||
# TODO: download only if not installed or a new version.
|
||||
|
||||
- name: download locally beehive in /tmp
|
||||
get_url:
|
||||
url: "{{ beehive_download_url }}"
|
||||
dest: /tmp
|
||||
checksum: "sha256:{{ beehive_tarball_sha256 }}"
|
||||
delegate_to: localhost
|
||||
become: false
|
||||
|
||||
- name: unarchive locally beehive
|
||||
unarchive:
|
||||
src: "/tmp/{{ beehive_tarball }}"
|
||||
dest: /tmp
|
||||
remote_src: true
|
||||
delegate_to: localhost
|
||||
become: false
|
||||
|
||||
- name: copy beehive binary
|
||||
copy:
|
||||
src: /tmp/beehive
|
||||
dest: "{{ beehive_dir }}"
|
||||
owner: beehive
|
||||
group: beehive
|
||||
mode: "0750"
|
||||
|
||||
- name: set cap_net_bind_service=+ep on beehive binary
|
||||
capabilities:
|
||||
path: "{{ beehive_dir }}/beehive"
|
||||
capability: cap_net_bind_service=+ep
|
||||
|
||||
- name: install beehive systemd unit file
|
||||
template:
|
||||
src: etc/systemd/system/beehive.service.j2
|
||||
dest: /etc/systemd/system/beehive.service
|
||||
notify:
|
||||
- systemctl daemon-reload
|
||||
|
||||
- name: systemctl enable beehive
|
||||
systemd:
|
||||
name: beehive
|
||||
enabled: true
|
||||
|
||||
- name: ensure beehive is running
|
||||
systemd:
|
||||
name: beehive
|
||||
state: started
|
|
@ -0,0 +1,15 @@
|
|||
# Managed by Ansible
|
||||
[Unit]
|
||||
Description=beehive
|
||||
After=network-online.target
|
||||
Wants=network-online.target
|
||||
|
||||
[Service]
|
||||
WorkingDirectory={{ beehive_dir }}
|
||||
ExecStart={{ beehive_dir }}/beehive -bind {{ beehive_bind }} --canonicalurl {{ beehive_canonical_url }}
|
||||
User=beehive
|
||||
Group=beehive
|
||||
Restart=on-failure
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
|
@ -22,4 +22,5 @@
|
|||
# have to download is more than 60MB.
|
||||
# - {role: ../roles/wikijs, become: true, wikijs_db_type: sqlite}
|
||||
- {role: ../roles/adguardhome}
|
||||
- {role: ../roles/n8n, become: true}
|
||||
# - {role: ../roles/n8n, become: true}
|
||||
- {role: ../roles/beehive, become: true, beehive_bind: 10.10.10.10:8181}
|
||||
|
|
Loading…
Reference in a new issue