ansible/roles/stacks/templates/docker_compose.yml.j2

275 lines
7.6 KiB
Plaintext
Raw Permalink Normal View History

2023-09-25 08:40:20 +00:00
{# Updated: 2023-09-25 #}
version: "3.0"
{% if item.stack is defined %}
# stack: {{ item.stack }}
{% else %}
# stack: {{ item.name }}
{% endif %}
2023-09-26 09:29:37 +00:00
# master: {{ stacks_mastering | default('2023-09-25') }}
2023-09-25 08:40:20 +00:00
# edited: 2023-09-25
# updated: {{ ansible_date_time.date }}
{# >>> notice #}
{% if item.notice is defined %}
# Notice:
#
{{ item.notice }}
{% endif %}
{# <<< notice #}
{# >>> networks #}
networks:
{# >>> stack #}
{% if item.stack is defined %}
{{ item.stack }}:
name: {{ item.stack }}
{% else %}
{{ item.name }}:
name: {{ item.name }}
{% endif %}
driver: bridge
{% if item.ipv6 is defined %}
enable_ipv6: true
{% endif %}
{# <<< stack #}
{# >>> docker socket proxy #}
{% if item.dockerproxy is defined %}
{{ vm_docker_socketproxy_network }}:
external: true
{% endif %}
{# <<< docker socket proxy #}
{# >>> trafik #}
{% if item.traefik is defined %}
{{ vm_docker_traefik_network }}:
external: true
{% endif %}
{# <<< trafik #}
{# <<< networks #}
{# >>> secrets #}
{% if item.secrets is defined %}
secrets:
{% for service in item.services %}
{% if service.secrets is defined %}
{% for secret in service.secrets %}
{{ secret.name }}:
file: {{ secret.file }}
{% endfor %}
{% endif %}
{% endfor %}
{% endif %}
{# <<< secrets #}
{# >>> services #}
services:
{% for service in item.services %}
{# >>> service #}
{{ service.name }}:
extends:
2023-09-26 09:29:37 +00:00
{% if service.override is defined %}
file: ../{{ service.override.name }}/docker-compose.yml
service: {{ service.override.service }}
{% else %}
2023-09-25 08:40:20 +00:00
file: ../_vm/{{ service.extends | default('common') }}.yml
service: x-{{ service.extends | default('common') }}
2023-09-26 09:29:37 +00:00
{% endif %}
2023-09-25 08:40:20 +00:00
{# >>> user #}
{% if service.uid is defined or service.gid is defined %}
{% if service.uid is defined and service.gid is undefined %}
user: "{{ service.uid }}:"
{% endif %}
{% if service.uid is undefined and service.gid is defined %}
user: ":{{ service.gid }}"
{% endif %}
{% if service.uid is defined and service.gid is defined %}
user: "{{ service.uid }}:{{ service.gid }}"
{% endif %}
{% endif %}
{# <<< user #}
{# >>> privileged #}
{% if service.privileged is defined %}
privileged: true
{% endif %}
{# <<< privileged #}
{# >>> capabilities #}
{% if service.capabilities is defined %}
cap_add:
{% for capability in service.capabilities %}
- {{ capability }}
{% endfor %}
{% endif %}
{# <<< capabilities #}
2023-09-26 09:29:37 +00:00
{% if service.name is defined %}
2023-09-25 08:40:20 +00:00
container_name: "{{ service.name }}"
hostname: "{{ service.name }}"
2023-09-26 09:29:37 +00:00
{% endif %}
{% if service.image is defined %}
2023-09-25 08:40:20 +00:00
image: "{{ service.image }}"
2023-09-26 09:29:37 +00:00
{% endif %}
2023-09-25 08:40:20 +00:00
{# >>> restart #}
{% if service.restart is defined %}
restart: "{{ service.restart }}"
{% endif %}
{# <<< restart #}
{# >>> depends #}
{% if service.depends is defined %}
depends_on:
{% for depend in service.depends %}
{{ depend.name }}:
condition: {{ depend.condition }}
{% endfor %}
{% endif %}
{# <<< depends #}
{# >>> ports #}
{% if service.ports is defined %}
ports:
{% for port in service.ports %}
{% if port.disabled is defined %}
{% if port.mode is defined %}
#- "{{ port.exposed }}:{{ port.container }}/{{ port.mode }}"{{ port.comments if port.comments is defined }}
{% else %}
#- "{{ port.exposed }}:{{ port.container }}"{{ port.comments if port.comments is defined }}
{% endif %}
{% else %}
{% if port.mode is defined %}
- "{{ port.exposed }}:{{ port.container }}/{{ port.mode }}"{{ port.comments if port.comments is defined }}
{% else %}
- "{{ port.exposed }}:{{ port.container }}"{{ port.comments if port.comments is defined }}
{% endif %}
{% endif %}
{% endfor %}
{% endif %}
{% if service.ports is defined %}
{% set exposed_ports = [] %}
{% for port in service.ports %}
{% do exposed_ports.append(port.container|int) %}
{% endfor %}
expose:
{% for port in exposed_ports|unique|sort %}
- "{{ port }}"
{% endfor %}
{% endif %}
{# <<< ports #}
{# >>> networks #}
networks:
{% if item.stack is defined %}
- {{ item.stack }}
{% else %}
- {{ item.name }}
{% endif %}
{% if item.dockerproxy is defined %}
- {{ vm_docker_socketproxy_network }}
{% endif %}
{% if item.traefik is defined and service.traefik is defined %}
- {{ vm_docker_traefik_network }}
{% endif %}
{# <<< networks #}
{# >>> command #}
{% if service.command is defined %}
command: "{{ service.command }}"
{% else %}
{% if service.commands is defined %}
command:
{% for command in service.commands %}
- "{{ command }}"
{% endfor %}
{% endif %}
{% endif %}
{# <<< command #}
{# >>> healthcheck #}
{% if service.healthcheck is defined %}
healthcheck:
test: {{ service.healthcheck }}
{% endif %}
{# <<< healthcheck #}
{# >>> secrets #}
{% if service.secrets is defined %}
secrets:
{% for secret in service.secrets %}
- {{ secret.name }}
{% endfor %}
{% endif %}
{# <<< secrets #}
{# >>> environments #}
{% if service.environment is defined %}
environment:
{% for environment in service.environment %}
{{ environment.name }}: "{{ environment.value }}"
{% endfor %}
{% endif %}
{# <<< environments #}
{# >>> labels #}
labels:
{% if item.stack is defined %}
com.stack.name: "{{ item.stack }}"
{% else %}
com.stack.name: "{{ item.name }}"
{% endif %}
com.stack.service.name: "{{ service.name }}"
{% if item.traefik is defined and service.traefik is defined %}
traefik.enable: true
{% for router in service.traefik.routers %}
traefik.http.routers.{{ router.name }}.rule: {{ router.rule }}
traefik.http.routers.{{ router.name }}.entrypoints: {{ router.entrypoints | default('https') }}
traefik.http.routers.{{ router.name }}.tls: true
traefik.http.routers.{{ router.name }}.middlewares: "{{ router.middlewares | default('default@file') }}"
{% if router.service is defined %}
traefik.http.routers.{{ router.name }}.service: {{ router.service }}
{% endif %}
{% endfor %}
{% for service in service.traefik.services %}
{% if service.port is defined %}
traefik.http.services.{{ service.name }}.loadbalancer.server.port: {{ service.port }}
{% endif %}
{% if service.scheme is defined %}
traefik.http.services.{{ service.name }}.loadbalancer.server.scheme: {{ service.scheme }}
{% endif %}
{% endfor %}
{% if service.traefik.middlewares is defined %}
{% for middleware in service.traefik.middlewares %}
{% if middleware.content is defined %}
traefik.http.middlewares.{{ middleware.name }}.{{ middleware.content }}
{% endif %}
{% endfor %}
{% endif %}
{% endif %}
{# <<< labels #}
{# >>> tmpfs #}
{% if service.tmpfs is defined %}
tmpfs:
- /tmp:rw,exec,nosuid,size={{ service.tmpfs }}
{% endif %}
{# <<< tmpfs #}
{# >>> ressources #}
{% if service.ressources is defined %}
deploy:
resources:
limits:
{% if service.ressources.cpu is defined %}
cpus: "{{ service.ressources.cpu }}"
{% endif %}
{% if service.ressources.memory is defined %}
memory: "{{ service.ressources.memory }}"
{% endif %}
{% if service.ressources.pid is defined %}
pids: {{ service.ressources.pid }}
{% endif %}
{% endif %}
{# <<< ressources #}
{# >>> volumes #}
{% if service.volumes is defined %}
volumes:
{% for entry in service.volumes %}
{% if entry.mode is defined %}
- {{ entry.local }}:{{ entry.container }}:{{ entry.mode }}
{% else %}
- {{ entry.local }}:{{ entry.container }}
{% endif %}
{% endfor %}
{% endif %}
{# <<< volumes #}
{% endfor %}
{# >>> service #}
{# <<< services #}