From 122eed02d6bba3f8d87774951bac8c17e0a6feeb Mon Sep 17 00:00:00 2001 From: b0xxer Date: Tue, 15 Apr 2025 11:45:31 -0500 Subject: [PATCH] Only set systemd service files if enabled Delete service files if disabled added proper mode to files --- hosts | 15 +++++++---- roles/apps/tasks/bitcoin.yml | 16 +++++++++++ roles/apps/tasks/caddy.yml | 12 ++++++++- roles/apps/tasks/clightning.yml | 14 ++++++++++ roles/apps/tasks/electrs.yml | 14 ++++++++++ roles/apps/tasks/lnbits.yml | 15 ++++++++++- roles/apps/tasks/main.yml | 2 +- roles/apps/tasks/rtl.yml | 27 ++++++++++++++----- .../templates/lnbits/lnbits-node.container.j2 | 1 + 9 files changed, 101 insertions(+), 15 deletions(-) diff --git a/hosts b/hosts index c0aaa65..f4117b1 100644 --- a/hosts +++ b/hosts @@ -22,7 +22,7 @@ zerotier_network= [n0xb0x:vars] hostname=n0xb0x -app_list=['caddy.yml','bitcoin.yml','electrs.yml','clightning.yml','lnbits.yml','rtl.yml', 'docs.yml'] +available_apps=['caddy.yml','bitcoin.yml','electrs.yml','clightning.yml','lnbits.yml','rtl.yml', 'docs.yml'] ansible_user=n0xb0x ansible_password=n0xb0x #registry_url=git.boxxy.net/b0xxer/ @@ -30,16 +30,21 @@ registry_url=localhost registry_user= registry_pass= bitcoin_version=26.0 -caddy_version=2.7.6 -clightning_version=23.11.2 -clightning_platform=Fedora-28-amd64 +bitcoin_enabled=true bitcoin_rpcuser=n0xb0x bitcoin_rpcpassword=8BaOf-luoLM-5zA8V0ozLOtqzZZch2knK9gWIBfafDw bitcoin_rpcauth=n0xb0x:413f1f82906117464e662853bce33577$80a039d800184a1cffd1de5468b5b2a7442ab1d368a13782e5283e575a9f57b2 +caddy_version=2.7.6 +caddy_enabled=true +clightning_enabled=true +clightning_version=23.11.2 +clightning_platform=Fedora-28-amd64 +electrs_enabled=true electrs_version=0.10.2 +rtl_enabled=true rtl_version=0.15.0 rtl_password=n0xb0x -lnbits_version=v1.0.0 +lnbits_version=v 1.0.0 tor_version=1.0 zerotier_network=74a75ebfb84ab0db #Update wariness - 1 = very reluctant to update, 0 = eager to update diff --git a/roles/apps/tasks/bitcoin.yml b/roles/apps/tasks/bitcoin.yml index a05142e..735f2fd 100644 --- a/roles/apps/tasks/bitcoin.yml +++ b/roles/apps/tasks/bitcoin.yml @@ -80,12 +80,14 @@ ansible.builtin.file: path: ~/.config/containers/systemd state: directory + mode: '0640' tags: [apps,bitcoin] - name: bitcoin - Copy bitcoin-node.container file ansible.builtin.template: src: bitcoin/bitcoin-node.container.j2 dest: ~/containers/bitcoin/bitcoin-node.container + mode: '0640' notify: - reload_systemctl - restart_bitcoin @@ -97,6 +99,15 @@ dest: ~/.config/containers/systemd/bitcoin-node.container state: link force: true + mode: '0640' + when: bitcoin_enabled | default(false) + tags: [apps,bitcoin] + +- name: bitcoin - Remove bitcoin-node.container if disabled + ansible.builtin.file: + path: ~/.config/containers/systemd/bitcoin-node.container + state: absent + when: not (bitcoin_enabled | default(false)) tags: [apps,bitcoin] - name: bitcoin - Create containers/bitcoin Dir @@ -104,6 +115,7 @@ path: ~/containers/bitcoin/bin recurse: true state: directory + mode: '0640' notify: rebuild_bitcoin tags: [apps,bitcoin] @@ -111,6 +123,7 @@ ansible.builtin.copy: src: bitcoin/Containerfile dest: ~/containers/bitcoin/Containerfile + mode: '0640' notify: rebuild_bitcoin tags: [apps,bitcoin] @@ -118,6 +131,7 @@ ansible.builtin.copy: src: bitcoin/entrypoint.sh dest: ~/containers/bitcoin/entrypoint.sh + mode: '0700' notify: rebuild_bitcoin tags: [apps,bitcoin] @@ -125,6 +139,7 @@ ansible.builtin.copy: src: bitcoin/bin/btc_init dest: ~/containers/bitcoin/bin/btc_init + mode: '0700' notify: rebuild_bitcoin tags: [apps,bitcoin] @@ -132,6 +147,7 @@ ansible.builtin.template: src: bitcoin/bin/btc_oneshot.j2 dest: ~/containers/bitcoin/bin/btc_oneshot + mode: '0700' notify: rebuild_bitcoin tags: [apps,bitcoin] diff --git a/roles/apps/tasks/caddy.yml b/roles/apps/tasks/caddy.yml index ed569b6..98c3b3b 100644 --- a/roles/apps/tasks/caddy.yml +++ b/roles/apps/tasks/caddy.yml @@ -12,11 +12,13 @@ ansible.builtin.template: src: caddy/Containerfile.j2 dest: ~/containers/caddy/Containerfile + mode: '0640' - name: caddy - Copy caddy-node.container ansible.builtin.template: src: caddy/caddy-node.container.j2 dest: ~/containers/caddy/caddy-node.container + mode: '0640' - name: caddy - Copy build.sh ansible.builtin.template: @@ -30,10 +32,18 @@ dest: ~/.config/containers/systemd/caddy-node.container state: link force: true + mode: '0640' + when: caddy_enabled | default(false) + +- name: caddy - Remove caddy-node.container if disabled + ansible.builtin.file: + path: ~/.config/containers/systemd/caddy-node.container + state: absent + when: not (caddy_enabled | default(false)) - name: caddy - Copy Caddyfile to ~/vol/caddy ansible.builtin.template: src: caddy/Caddyfile.j2 dest: ~/vol/caddy/Caddyfile - + mode: '0640' diff --git a/roles/apps/tasks/clightning.yml b/roles/apps/tasks/clightning.yml index f2e932c..285558f 100644 --- a/roles/apps/tasks/clightning.yml +++ b/roles/apps/tasks/clightning.yml @@ -5,12 +5,14 @@ ansible.builtin.file: path: ~/vol/clightning/.clightning state: directory + mode: '0640' tags: [apps,clightning] - name: clightning - Copy clightning-node.container file ansible.builtin.template: src: clightning/clightning-node.container.j2 dest: ~/containers/clightning/clightning-node.container + mode: '0640' notify: reload_systemctl tags: [apps,clightning] @@ -20,6 +22,15 @@ dest: ~/.config/containers/systemd/clightning-node.container state: link force: true + mode: '0640' + when: clightning_enabled | default(false) + tags: [apps,clightning] + +- name: clightning - Remove clightning-node.container if disabled + ansible.builtin.file: + path: ~/.config/containers/systemd/clightning-node.container + state: absent + when: not (clightning_enabled | default(false)) tags: [apps,clightning] - name: clightning - Create Containers/bitcoin Dir @@ -27,6 +38,7 @@ path: ~/containers/clightning recurse: true state: directory + mode: '0640' notify: rebuild_clightning tags: [apps,clightning] @@ -34,6 +46,7 @@ ansible.builtin.template: src: clightning/Containerfile.j2 dest: ~/containers/clightning/Containerfile + mode: '0640' notify: rebuild_clightning tags: [apps,clightning] @@ -41,6 +54,7 @@ ansible.builtin.copy: src: clightning/entrypoint.sh dest: ~/containers/clightning/entrypoint.sh + mode: '0700' tags: [apps,clightning] - name: clightning - Copy build script diff --git a/roles/apps/tasks/electrs.yml b/roles/apps/tasks/electrs.yml index 67e47be..eadd6c3 100644 --- a/roles/apps/tasks/electrs.yml +++ b/roles/apps/tasks/electrs.yml @@ -5,12 +5,14 @@ ansible.builtin.file: path: ~/vol/.electrs state: directory + mode: '0640' tags: [apps,electrs] - name: electrs - Copy electrs-node.container file ansible.builtin.template: src: electrs/electrs-node.container.j2 dest: ~/containers/electrs/electrs-node.container + mode: '0640' notify: reload_systemctl tags: [apps,electrs] @@ -20,6 +22,15 @@ dest: ~/.config/containers/systemd/electrs-node.container state: link force: true + mode: '0640' + when: electrs_enabled | default(false) + tags: [apps,electrs] + +- name: electrs - Remove electrs-node.container if disabled + ansible.builtin.file: + path: ~/.config/containers/systemd/electrs-node.container + state: absent + when: not (electrs_enabled | default(false)) tags: [apps,electrs] - name: electrs - Create Containers/bitcoin Dir @@ -27,6 +38,7 @@ path: ~/containers/electrs recurse: true state: directory + mode: '0640' notify: rebuild_electrs tags: [apps,electrs] @@ -34,6 +46,7 @@ ansible.builtin.template: src: electrs/Containerfile.j2 dest: ~/containers/electrs/Containerfile + mode: '0640' notify: rebuild_electrs tags: [apps,electrs] @@ -41,6 +54,7 @@ ansible.builtin.template: src: electrs/electrs-init.sh.j2 dest: ~/containers/electrs/electrs-init.sh + mode: '0700' tags: [apps,electrs] - name: electrs - Copy build script diff --git a/roles/apps/tasks/lnbits.yml b/roles/apps/tasks/lnbits.yml index 6daeb24..4530a43 100644 --- a/roles/apps/tasks/lnbits.yml +++ b/roles/apps/tasks/lnbits.yml @@ -6,24 +6,36 @@ ansible.builtin.file: path: ~/containers/lnbits state: directory + mode: '0640' tags: [apps,lnbits] - name: lnbits - Create lnbits vol directory ansible.builtin.file: path: ~/vol/lnbits state: directory + mode: '0640' tags: [apps,lnbits] - name: lnbits - Copy Containerfile ansible.builtin.template: src: lnbits/Containerfile.j2 dest: ~/containers/lnbits/Containerfile + mode: '0640' tags: [apps,lnbits] - name: lnbits - Copy lnbits-node.container ansible.builtin.template: src: lnbits/lnbits-node.container.j2 dest: ~/containers/lnbits/lnbits-node.container + mode: '0640' + when: lnbits_enabled | default(false) + tags: [apps,lnbits] + +- name: lnbits - Remove lnbits-node.container if disabled + ansible.builtin.file: + path: ~/.config/containers/systemd/lnbits-node.container + state: absent + when: not (lnbits_enabled | default(false)) tags: [apps,lnbits] - name: lnbits - Copy build.sh @@ -36,7 +48,8 @@ - name: lnbits - Copy .env file ansible.builtin.template: src: lnbits/.env.j2 - dest: ~/containers/lnbits/.env + dest: ~/vol/lnbits/env + mode: '0640' tags: [apps,lnbits] diff --git a/roles/apps/tasks/main.yml b/roles/apps/tasks/main.yml index e577237..02b1be1 100644 --- a/roles/apps/tasks/main.yml +++ b/roles/apps/tasks/main.yml @@ -7,7 +7,7 @@ ansible.builtin.include_tasks: file: "{{ item }}" with_items: - - "{{ app_list }}" + - "{{ available_apps }}" tags: - apps diff --git a/roles/apps/tasks/rtl.yml b/roles/apps/tasks/rtl.yml index a0ff71e..43a096f 100644 --- a/roles/apps/tasks/rtl.yml +++ b/roles/apps/tasks/rtl.yml @@ -12,6 +12,7 @@ path: ~/containers/rtl recurse: true state: directory + mode: '0640' notify: rebuild_rtl tags: [apps,rtl] @@ -19,6 +20,7 @@ ansible.builtin.template: src: rtl/Containerfile.j2 dest: ~/containers/rtl/Containerfile + mode: '0640' notify: rebuild_rtl tags: [apps,rtl] @@ -46,6 +48,7 @@ ansible.builtin.template: src: rtl/rtl-node.container.j2 dest: ~/containers/rtl/rtl-node.container + mode: '0640' notify: reload_systemctl tags: [apps,rtl] @@ -55,13 +58,23 @@ dest: ~/.config/containers/systemd/rtl-node.container state: link force: true - notify: reload_systemctl - tags: [apps,rtl] - -- name: rtl - Copy RTL-Config file - ansible.builtin.template: - src: rtl/RTL-Config.json.j2 - dest: ~/vol/rtl/RTL-Config.json + mode: '0640' + when: rtl_enabled | default(false) + notify: reload_systemctl + tags: [apps,rtl] + +- name: rtl - Remove rtl-node.container if disabled + ansible.builtin.file: + path: ~/.config/containers/systemd/rtl-node.container + state: absent + when: not (rtl_enabled | default(false)) + tags: [apps,rtl] + +- name: rtl - Copy RTL-Config file + ansible.builtin.template: + src: rtl/RTL-Config.json.j2 + dest: ~/vol/rtl/RTL-Config.json + mode: '0640' notify: reload_systemctl tags: [apps,rtl] diff --git a/roles/apps/templates/lnbits/lnbits-node.container.j2 b/roles/apps/templates/lnbits/lnbits-node.container.j2 index 9dda763..2c08c87 100644 --- a/roles/apps/templates/lnbits/lnbits-node.container.j2 +++ b/roles/apps/templates/lnbits/lnbits-node.container.j2 @@ -10,6 +10,7 @@ PodmanArgs=--pod bitcoin-pod # Use volume Volume=/home/n0xb0x/vol/clightning/.lightning:/.lightning:Z Volume=/home/n0xb0x/vol/lnbits/:/app/data:Z +Volume=/home/n0xb0x/vol/lnbits/env:/app/.env:Z [Service] # Restart service when sleep finishes