From 4a318c22e7be2a58865b42d8a4bca00739ac7668 Mon Sep 17 00:00:00 2001
From: Menno van Leeuwen <menno@vleeuwen.me>
Date: Tue, 11 Mar 2025 18:32:54 +0100
Subject: [PATCH] feat: add Duplicati service deployment tasks and restructure
 service inclusion in Ansible playbook

---
 config/ansible/tasks/servers/server.yml       |  6 ++
 .../ansible/tasks/servers/services-repo.yml   | 58 -------------------
 .../services/duplicati/docker-compose.yml.j2  | 18 ++++++
 .../servers/services/duplicati/duplicati.yml  | 16 +++++
 .../tasks/servers/services/services.yml       |  5 ++
 5 files changed, 45 insertions(+), 58 deletions(-)
 delete mode 100644 config/ansible/tasks/servers/services-repo.yml
 create mode 100644 config/ansible/tasks/servers/services/duplicati/docker-compose.yml.j2
 create mode 100644 config/ansible/tasks/servers/services/duplicati/duplicati.yml
 create mode 100644 config/ansible/tasks/servers/services/services.yml

diff --git a/config/ansible/tasks/servers/server.yml b/config/ansible/tasks/servers/server.yml
index 88c17ed..b4e2b69 100644
--- a/config/ansible/tasks/servers/server.yml
+++ b/config/ansible/tasks/servers/server.yml
@@ -12,3 +12,9 @@
 - name: Include services-repo tasks
   ansible.builtin.include_tasks: services-repo.yml
   when: ansible_hostname == "mennos-cloud-server"
+
+- name: Include services tasks
+  ansible.builtin.include_tasks: services/services.yml
+  vars:
+    duplicati_enabled: true
+  when: ansible_hostname == "mennos-cloud-server"
diff --git a/config/ansible/tasks/servers/services-repo.yml b/config/ansible/tasks/servers/services-repo.yml
deleted file mode 100644
index af90949..0000000
--- a/config/ansible/tasks/servers/services-repo.yml
+++ /dev/null
@@ -1,58 +0,0 @@
-
-
-- name: Check if /mnt/storage-box/services is a mount point
-  ansible.builtin.shell: mountpoint -q /mnt/storage-box/services || echo "not_mounted"
-  register: mnt_services_check
-  changed_when: false
-  ignore_errors: true
-  become: true
-
-- name: Check if services git repo already exists
-  ansible.builtin.stat:
-    path: "/mnt/storage-box/services/.git"
-  register: git_dir_check
-  become: true
-  when: mnt_services_check.rc == 0
-
-- name: Check if /mnt/storage-box/services directory exists
-  ansible.builtin.stat:
-    path: "/mnt/storage-box/services"
-  register: mnt_services_dir
-  changed_when: false
-  become: true
-
-- name: Clean /mnt/storage-box/services directory
-  ansible.builtin.shell: find /mnt/storage-box/services -mindepth 1 -maxdepth 1 -exec rm -rf {} \;
-  become: true
-  when: mnt_services_check.rc == 0 and not git_dir_check.stat.exists|default(false) and mnt_services_dir.stat.exists
-
-- name: Clone /mnt/storage-box/services repository (initial clone)
-  ansible.builtin.git:
-    repo: "https://git.mvl.sh/vleeuwenmenno/services.git"
-    dest: "/mnt/storage-box/services"
-    version: "main"
-  become: true
-  register: git_result
-  changed_when: git_result.changed
-  when: mnt_services_check.rc == 0 and not git_dir_check.stat.exists|default(false)
-
-- name: Update /mnt/storage-box/services repository (if already exists)
-  ansible.builtin.git:
-    repo: "https://git.mvl.sh/vleeuwenmenno/services.git"
-    dest: "/mnt/storage-box/services"
-    update: true
-    version: "main"
-    force: true
-  become: true
-  register: git_result
-  changed_when: git_result.changed
-  when: mnt_services_check.rc == 0 and git_dir_check.stat.exists|default(false)
-
-- name: Ensure /mnt/storage-box/services ownership to users
-  ansible.builtin.file:
-    path: "/mnt/storage-box/services"
-    group: "users"
-    recurse: true
-    state: directory
-  become: true
-  when: mnt_services_check.rc == 0
diff --git a/config/ansible/tasks/servers/services/duplicati/docker-compose.yml.j2 b/config/ansible/tasks/servers/services/duplicati/docker-compose.yml.j2
new file mode 100644
index 0000000..a99730f
--- /dev/null
+++ b/config/ansible/tasks/servers/services/duplicati/docker-compose.yml.j2
@@ -0,0 +1,18 @@
+name: duplicati
+services:
+  app:
+    image: lscr.io/linuxserver/duplicati:latest
+    user: root
+    environment:
+      - PUID=0
+      - PGID=0
+      - TZ=Europe/Amsterdam
+      - CLI_ARGS=
+      - SETTINGS_ENCRYPTION_KEY={{ lookup('onepassword', 'ifpbi3n3zduwhoihrc3lflmoey', field='encryption_key', vault='j7nmhqlsjmp2r6umly5t75hzb4') }}
+    volumes:
+      - /mnt/services/duplicati/data:/config
+    ports:
+      - 8200:8200
+    extra_hosts:
+      - host.docker.internal:host-gateway
+    restart: unless-stopped
diff --git a/config/ansible/tasks/servers/services/duplicati/duplicati.yml b/config/ansible/tasks/servers/services/duplicati/duplicati.yml
new file mode 100644
index 0000000..5202f59
--- /dev/null
+++ b/config/ansible/tasks/servers/services/duplicati/duplicati.yml
@@ -0,0 +1,16 @@
+- name: Deploy Duplicati service
+  block:
+    - name: Create Duplicati directories
+      ansible.builtin.file:
+        path: "{{ item }}"
+        state: directory
+        mode: "0755"
+      loop:
+        - /mnt/storage-box/services/duplicati
+
+    - name: Deploy Duplicati docker-compose.yml
+      ansible.builtin.template:
+        src: duplicati/docker-compose.yml.j2
+        dest: /mnt/storage-box/services/duplicati/docker-compose.yml
+        mode: "0644"
+      register: duplicati_compose
diff --git a/config/ansible/tasks/servers/services/services.yml b/config/ansible/tasks/servers/services/services.yml
new file mode 100644
index 0000000..3a27efe
--- /dev/null
+++ b/config/ansible/tasks/servers/services/services.yml
@@ -0,0 +1,5 @@
+- name: Deploy services
+  block:
+    - name: Include duplicati tasks
+      ansible.builtin.include_tasks: duplicati/duplicati.yml
+      when: duplicati_enabled|bool