Add diun user to docker group only if specified
This commit is contained in:
parent
52a6992f7d
commit
db99324b62
|
@ -11,6 +11,7 @@ Install and configure [Diun](https://crazymax.dev/diun/).
|
|||
* `diun_version` - Default: `v4.22.0`.
|
||||
* `diun_dir` - Default: `/srv/diun`.
|
||||
* `diun_tz` - Default: `Europe/Rome`.
|
||||
* `diun_is_docker_used` - Default: `true`. Add the diun user to docker group.
|
||||
|
||||
Variable `diun_config` is mandatory and it doesn't have a default.
|
||||
|
||||
|
|
|
@ -26,4 +26,5 @@ diun_download_url: "https://github.com/crazy-max/diun/releases/download/{{ diun_
|
|||
|
||||
diun_dir: /srv/diun
|
||||
diun_tz: Europe/Rome
|
||||
diun_is_docker_used: true
|
||||
diun_config: "{{ undef(hint='You must specify your diun configuration.') }}"
|
||||
|
|
|
@ -9,12 +9,19 @@
|
|||
- name: ensure diun user exists and has restrictive settings
|
||||
ansible.builtin.user:
|
||||
name: diun
|
||||
groups: diun, docker
|
||||
groups: diun
|
||||
password: "*"
|
||||
create_home: false
|
||||
system: true
|
||||
shell: /usr/sbin/nologin
|
||||
|
||||
- name: add 'diun' user to docker group
|
||||
ansible.builtin.user:
|
||||
name: diun
|
||||
groups: docker
|
||||
append: true
|
||||
when: diun_is_docker_used
|
||||
|
||||
- name: ensure that the directory where we deploy diun exists
|
||||
ansible.builtin.file:
|
||||
path: "{{ diun_dir }}"
|
||||
|
|
|
@ -68,6 +68,18 @@
|
|||
radicale_ssl_trusted_certificate: /var/lib/snakeoil/certs/radicale.example.org/fullchain.pem
|
||||
mailserver_tls_cert_file: "/var/lib/snakeoil/certs/{{ mailserver_mailname }}/fullchain.pem"
|
||||
mailserver_tls_key_file: "/var/lib/snakeoil/certs/{{ mailserver_mailname }}/privkey.pem"
|
||||
diun_config: |
|
||||
db:
|
||||
path: {{ diun_dir }}/diun.db
|
||||
|
||||
watch:
|
||||
workers: 10
|
||||
schedule: "0 */6 * * *"
|
||||
firstCheckNotif: false
|
||||
|
||||
providers:
|
||||
docker:
|
||||
watchStopped: true
|
||||
roles:
|
||||
# - ../roles/apt_dist_upgrade
|
||||
# - ../roles/common
|
||||
|
@ -82,7 +94,7 @@
|
|||
# - ../roles/nginx
|
||||
# - ../roles/headscale
|
||||
# - ../roles/admin
|
||||
# - ../roles/docker
|
||||
- ../roles/docker
|
||||
- ../roles/diun
|
||||
# - ../roles/mailserver
|
||||
# - {role: ../roles/weechat}
|
||||
|
|
Loading…
Reference in New Issue