playbook.yml

- hosts: all
  become: true
  remote_user: hibo

  tasks:
    - name: Check if Docker is installed
      shell: docker --version
      register: docker_installed
      ignore_errors: true

    - block:
        - name: Run the equivalent of "apt-get update" as a separate step
          apt:
            update_cache: true
            cache_valid_time: 3600
        - name: Update all packages to the latest version
          apt:
            upgrade: dist
        - name: Install Docker dependencies
          apt:
            name: "{{ item }}"
            state: latest
          loop:
            - apt-transport-https
            - ca-certificates
            - curl
            - gnupg
            - lsb-release
        - name: Add Docker's official GPG key
          shell: sudo rm -f /usr/share/keyrings/docker-archive-keyring.gpg && curl -fsSL https://download.docker.com/linux/debian/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
        - name: Set up the Docker stable repository
          apt_repository:
            repo: deb [arch=arm64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/debian {{ ansible_distribution_release }} stable
        - name: Update apt packages
          apt:
            update_cache: yes
        - name: Install Docker
          apt:
            name: docker-ce
            state: latest
      when: docker_installed.rc != 0

    - name: Check if Python pip is installed
      shell: pip3 --version
      register: pip_installed
      ignore_errors: true

    - name: Install Python pip
      apt:
        name: python3-pip
        state: latest
      when: pip_installed.rc != 0

    - name: Check if hibo is in Docker group
      shell: id -nG hibo | grep -qw docker && echo true || echo false
      register: hibo_in_docker_group
      changed_when: false

    - name: Add hibo to Docker group
      user:
        name: hibo
        groups: docker
        append: yes
      when: hibo_in_docker_group.stdout == "false"

    - name: Check if Docker service is running
      shell: systemctl is-active docker
      register: docker_service
      changed_when: false

    - name: Start Docker service
      service:
        name: docker
        state: started
      when: docker_service.stdout != "active"

    - name: Archive files
      archive:
        path: ./
        dest: /var/deployment.tar.gz
      delegate_to: localhost

    - name: Copy archive
      copy:
        src: /var/deployment.tar.gz
        dest: /var/deployment.tar.gz

    - name: Create directory /var/deployment/
      file:
        path: /var/deployment/
        state: directory

    - name: Unarchive files
      unarchive:
        src: /var/deployment.tar.gz
        dest: /var/deployment/
        remote_src: yes

    - name: Remove archive
      file:
        path: /var/deployment.tar.gz
        state: absent

    - name: Check if Docker Compose is installed
      shell: docker-compose --version
      register: docker_compose_installed
      ignore_errors: true

    - name: Install Docker Compose
      apt:
        name: docker-compose
        state: latest
        update_cache: yes
      when: docker_compose_installed.rc != 0

    - name: Create .env file with SITE_ADDRESS
      copy:
        dest: /var/deployment/.env
        content: |
          MONGO_INITDB_ROOT_USERNAME={{ MONGO_INITDB_ROOT_USERNAME }}
          MONGO_INITDB_ROOT_PASSWORD={{ MONGO_INITDB_ROOT_PASSWORD }}
          MONGO_INITDB_DATABASE={{ MONGO_INITDB_DATABASE }}
          MONGODB_USER={{ MONGODB_USER }}
          MONGODB_USER_PASSWORD={{ MONGODB_USER_PASSWORD }}
          SITE_ADDRESS={{ SITE_ADDRESS }}
          NEXT_PUBLIC_BASE_URL={{ NEXT_PUBLIC_BASE_URL }}
          PORT={{ PORT }}
          DEBUG={{ DEBUG }}
          ORIGIN_URL={{ ORIGIN_URL }}
          JWT_SECRET={{ JWT_SECRET }}

    - name: Check if network web exists
      command: docker network ls --filter name=^web$ --format={{'.Name'}}
      register: web_network

    - name: Create network web
      shell: docker network create web
      when: web_network.stdout == ""

    - name: kuramacert
      copy:
        dest: /var/deployment/backend/src/cert/kuramacert.pem
        content: "{{ kuramacert }}"

    - name: kuramakey
      copy:
        dest: /var/deployment/backend/src/cert/kurama.key
        content: "{{ kuramakey }}"

    - name: Set correct permissions for acme.json
      file:
        path: /var/deployment/volumes/traefik/acme/acme.json
        mode: "0600"

    - name: Execute docker-compose for Deployment
      docker_compose:
        project_src: /var/deployment/