diff --git a/handlers/main.yml b/handlers/main.yml index 41aa90f..d155d79 100644 --- a/handlers/main.yml +++ b/handlers/main.yml @@ -18,3 +18,10 @@ listen: "systemctl-restart-adguard" throttle: 1 when: deploy_adguard_start_service + +- name: "Enable adguard-connect-proxy service" + ansible.builtin.service: + name: adguard-connect-proxy + enabled: true + state: restarted + listen: "systemctl-enable-restart-adguard-connect-proxy" diff --git a/tasks/consul_service.yml b/tasks/consul_service.yml new file mode 100644 index 0000000..bd205c1 --- /dev/null +++ b/tasks/consul_service.yml @@ -0,0 +1,41 @@ +--- +# task/consul_service file for deploy_adguard +- name: "Copy adguard.consul.json file" + ansible.builtin.template: + src: "adguard.consul.json.j2" + dest: "{{ deploy_adguard_directory }}/adguard.consul.json" + owner: root + group: root + mode: '0644' + register: _copy_service_template + +- name: "Register/Update consul service" + ansible.builtin.command: "consul services register {{ deploy_adguard_directory }}/adguard.consul.json" + environment: + CONSUL_HTTP_ADDR: "{{ deploy_adguard_consul['consul_addr'] }}" + CONSUL_HTTP_TOKEN: "{{ deploy_adguard_consul['consul_token'] }}" + when: _copy_service_template.changed + +- name: "Configure service mesh proxy" + when: deploy_adguard_consul['configuration']['service']['connect'] is defined + block: + - name: "Copy adguard-connect-proxy.env file" + ansible.builtin.template: + src: "adguard-connect-proxy.env.j2" + dest: "{{ deploy_adguard_directory }}/adguard-connect-proxy.env" + owner: root + group: root + mode: '0644' + notify: + - "systemctl-enable-restart-adguard-connect-proxy" + + - name: "Copy adguard-connect-proxy.service file" + ansible.builtin.template: + src: "adguard-connect-proxy.service.j2" + dest: "/etc/systemd/system/adguard-connect-proxy.service" + owner: root + group: root + mode: '0644' + notify: + - "systemctl-daemon-reload" + - "systemctl-enable-restart-adguard-connect-proxy" diff --git a/tasks/main.yml b/tasks/main.yml index d410a2c..3163d96 100644 --- a/tasks/main.yml +++ b/tasks/main.yml @@ -5,3 +5,7 @@ - name: "Import configure.yml" ansible.builtin.include_tasks: configure.yml + +- name: "Import consul_service.yml" + ansible.builtin.include_tasks: consul_service.yml + when: deploy_adguard_consul['enable'] diff --git a/templates/adguard-connect-proxy.env.j2 b/templates/adguard-connect-proxy.env.j2 new file mode 100644 index 0000000..bf6d44a --- /dev/null +++ b/templates/adguard-connect-proxy.env.j2 @@ -0,0 +1,3 @@ +# {{ ansible_managed }} +CONSUL_HTTP_ADDR="{{ deploy_adguard_consul['consul_addr'] }}" +CONSUL_HTTP_TOKEN="{{ deploy_adguard_consul['consul_token'] }}" \ No newline at end of file diff --git a/templates/adguard-connect-proxy.service.j2 b/templates/adguard-connect-proxy.service.j2 index 8f64d51..81ac19f 100644 --- a/templates/adguard-connect-proxy.service.j2 +++ b/templates/adguard-connect-proxy.service.j2 @@ -3,7 +3,8 @@ Description=Consul Envoy Proxy for Adguard. After=adguard.service,consul.service [Service] -ExecStart=/usr/local/bin/consul connect envoy -sidecar-for {{ deploy_adguard_consul['configuration']['service']['name'] }} +EnvironmentFile=-{{ deploy_adguard_directory }}/adguard-connect-proxy.env +ExecStart=/usr/bin/consul connect envoy -sidecar-for {{ deploy_adguard_consul['configuration']['service']['name'] }} Restart=always RestartSec=3 diff --git a/templates/docker-compose.yml.j2 b/templates/docker-compose.yml.j2 index f9d5307..10ce645 100644 --- a/templates/docker-compose.yml.j2 +++ b/templates/docker-compose.yml.j2 @@ -16,6 +16,10 @@ services: {% endif %} adguard: image: adguard/adguardhome:latest +{% if deploy_adguard_virtual_ip['enable']%} + depends_on: + - keepalived +{% endif %} ports: - "{% if deploy_adguard_virtual_ip['enable'] %}{{ deploy_adguard_virtual_ip['vip_addr'] }}:{% endif %}53:53/tcp" - "{% if deploy_adguard_virtual_ip['enable'] %}{{ deploy_adguard_virtual_ip['vip_addr'] }}:{% endif %}53:53/udp" @@ -53,6 +57,8 @@ services: node_exporter: image: ebrianne/adguard-exporter:latest + depends_on: + - adguard secrets: - adguard_passw environment: