--- - name: create zfs datasets when: pigallery2_zfs is defined block: - name: create zfs base dataset zfs: name: "{{ pigallery2_zfs.pool }}/{{ pigallery2_zfs.name }}" state: present extra_zfs_properties: "{{ pigallery2_zfs.properties | dehumanize_zfs_properties | default(omit) }}" - name: create zfs volumes for instances loop: "{{ pigallery2_instances | dict2items }}" loop_control: label: "{{ item.key }} ({{ (item.value.zfs_properties | default({})).items() | map('join', '=') | join(', ') }})" zfs: name: "{{ pigallery2_zfs.pool }}/{{ pigallery2_zfs.name }}/{{ item.key }}" state: present extra_zfs_properties: "{{ item.value.zfs_properties | dehumanize_zfs_properties | default(omit) }}" - name: configure pigallery2 base bath set_fact: pigallery2_base_path: "{{ (zfs_pools[pigallery2_zfs.pool].mountpoint, pigallery2_zfs.name) | path_join }}" - name: add group for pigallery2 app group: name: pigallery2 gid: "{{ pigallery2_app_gid }}" - name: add user for pigallery2 app user: name: pigallery2 uid: "{{ pigallery2_app_uid }}" group: pigallery2 password: "!" - name: create instance subdirectories loop: "{{ pigallery2_instances | product(['config', 'db', 'tmp']) | list }}" loop_control: label: "{{ item[0] }}/{{ item[1] }}" file: path: "{{ pigallery2_base_path }}/{{ item[0] }}/{{ item[1] }}" state: directory owner: pigallery2 group: pigallery2 mode: "700" - name: install pod manifest loop: "{{ pigallery2_instances | dict2items }}" loop_control: label: "{{ item.key }}" vars: kubernetes_standalone_pod: name: "pigallery2-{{ item.key }}" spec: "{{ lookup('template', 'pod-spec.yml.j2') }}" mode: "0600" include_role: name: kubernetes/standalone/pod - name: configure nginx vhost loop: "{{ pigallery2_instances | dict2items }}" loop_control: label: "{{ item.key }}" vars: nginx_vhost: name: "pigallery2-{{ item.key }}" template: generic tls: certificate_provider: "{{ acme_client }}" hostnames: - "{{ item.value.hostname }}" locations: '/': proxy_pass: "http://127.0.0.1:{{ item.value.port }}" extra_directives: |- client_max_body_size 0; include_role: name: nginx/vhost