Рефакторинг: вынес запуск ролей в отдельный файл deploy.yml

- Создан файл roles/deploy.yml с блоком запуска роли nginx - Обновлен molecule/default/site.yml для импорта deploy.yml - Улучшена модульность структуры проекта - Автор: Сергей Антропов
2025-10-22 22:34:07 +03:00
parent 0b981ca61e
commit c99df83bad
23 changed files with 661 additions and 659 deletions
--- a/molecule/default/create.yml
+++ b/molecule/default/create.yml
@@ -0,0 +1,107 @@
+---
+- hosts: localhost
+  gather_facts: false
+  vars_files:
+    - ../presets/default.yml
+
+  tasks:
+    - name: Ensure network exists
+      community.docker.docker_network:
+        name: "{{ docker_network }}"
+        state: present
+
+    # SYSTEMD nodes
+    - name: Pull systemd images
+      community.docker.docker_image:
+        name: "{{ images[item.family] }}"
+        source: pull
+      loop: "{{ hosts | selectattr('type','undefined') | list }}"
+      loop_control: { label: "{{ item.name }}" }
+
+    - name: Start systemd nodes
+      community.docker.docker_container:
+        name: "{{ item.name }}"
+        image: "{{ images[item.family] }}"
+        networks: [ { name: "{{ docker_network }}" } ]
+        privileged: "{{ systemd_defaults.privileged }}"
+        command: "{{ systemd_defaults.command }}"
+        volumes: "{{ (systemd_defaults.volumes | default([])) + (item.volumes | default([])) }}"
+        tmpfs: "{{ (systemd_defaults.tmpfs | default([])) + (item.tmpfs | default([])) }}"
+        capabilities: "{{ (systemd_defaults.capabilities | default([])) + (item.capabilities | default([])) }}"
+        published_ports: "{{ item.publish | default([]) }}"
+        env: "{{ item.env | default({}) }}"
+        state: started
+        restart_policy: unless-stopped
+      loop: "{{ hosts | selectattr('type','undefined') | list }}"
+      loop_control: { label: "{{ item.name }}" }
+
+    # DinD nodes
+    - name: Start DinD nodes (docker:27-dind)
+      community.docker.docker_container:
+        name: "{{ item.name }}"
+        image: "docker:27-dind"
+        privileged: true
+        environment: { DOCKER_TLS_CERTDIR: "" }
+        networks: [ { name: "{{ docker_network }}" } ]
+        published_ports: "{{ item.publish | default([]) }}"
+        volumes: [ "{{ item.name }}-docker:/var/lib/docker" ]
+        state: started
+        restart_policy: unless-stopped
+      loop: "{{ hosts | selectattr('type','defined') | selectattr('type','equalto','dind') | list }}"
+      loop_control: { label: "{{ item.name }}" }
+
+    # DOoD nodes (mount docker.sock)
+    - name: Start DOoD nodes (systemd + docker.sock mount)
+      community.docker.docker_container:
+        name: "{{ item.name }}"
+        image: "{{ images[item.family] }}"
+        networks: [ { name: "{{ docker_network }}" } ]
+        privileged: "{{ systemd_defaults.privileged }}"
+        command: "{{ systemd_defaults.command }}"
+        volumes: "{{ (systemd_defaults.volumes | default([])) + ['/var/run/docker.sock:/var/run/docker.sock'] + (item.volumes | default([])) }}"
+        tmpfs: "{{ (systemd_defaults.tmpfs | default([])) + (item.tmpfs | default([])) }}"
+        capabilities: "{{ (systemd_defaults.capabilities | default([])) + (item.capabilities | default([])) }}"
+        published_ports: "{{ item.publish | default([]) }}"
+        env: "{{ item.env | default({}) }}"
+        state: started
+        restart_policy: unless-stopped
+      loop: "{{ hosts | selectattr('type','defined') | selectattr('type','equalto','dood') | list }}"
+      loop_control: { label: "{{ item.name }}" }
+
+    # Build groups map
+    - name: Build groups map
+      set_fact:
+        groups_map: "{{ groups_map | default({}) }}"
+    - name: Append hosts to groups
+      set_fact:
+        groups_map: "{{ groups_map | combine({ item_group: (groups_map[item_group] | default([])) + [item_name] }) }}"
+      loop: "{{ hosts | subelements('groups', skip_missing=True) }}"
+      loop_control:
+        label: "{{ item.0.name }}"
+      vars:
+        item_name: "{{ item.0.name }}"
+        item_group: "{{ item.1 }}"
+
+    # Render inventory
+    - name: Render inventory ini
+      set_fact:
+        inv_content: |
+          [all:vars]
+          ansible_connection=community.docker.docker
+          ansible_python_interpreter=/usr/bin/python3
+
+          {% for group, members in (groups_map | dictsort) %}
+          [{{ group }}]
+          {% for h in members %}{{ h }}
+          {% endfor %}
+
+          {% endfor %}
+          [all]
+          {% for h in hosts %}{{ h.name }}
+          {% endfor %}
+
+    - name: Write inventory file
+      copy:
+        dest: "{{ generated_inventory }}"
+        content: "{{ inv_content }}"
+        mode: "0644"