diff --git a/defaults/main.yml b/defaults/main.yml index d7a8b17..08691f6 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -1,6 +1,6 @@ --- # defaults file for docker_systemd_service -docker_systemd_service_container_name: "{{ name }}" +docker_systemd_service_container_name: "My-Service" docker_systemd_service_image: docker_systemd_service_container_env: {} docker_systemd_service_container_pull_image: true diff --git a/molecule/default/group_vars/all.yml b/molecule/default/group_vars/all.yml new file mode 100644 index 0000000..c719622 --- /dev/null +++ b/molecule/default/group_vars/all.yml @@ -0,0 +1,27 @@ +--- +docker_systemd_service_container_name: "nginx" +docker_systemd_service_image: "nginx" +docker_systemd_service_container_env: {} +docker_systemd_service_container_pull_image: false +docker_systemd_service_container_pull_force_source: false +docker_systemd_service_container_labels: [] +docker_systemd_service_container_cmd: [] +docker_systemd_service_container_host_network: false +docker_systemd_service_container_network: "" +docker_systemd_service_container_user: "" +docker_systemd_service_container_hostname: "" +docker_systemd_service_container_links: [] +docker_systemd_service_container_ports: [] +docker_systemd_service_container_hosts: [] +docker_systemd_service_container_volumes: [] +docker_systemd_service_container_cap_add: [] +docker_systemd_service_container_cap_drop: [] +docker_systemd_service_container_devices: [] +docker_systemd_service_container_privileged: false +docker_systemd_service_container_args: "" +docker_systemd_service_name: "{{ docker_systemd_service_container_name }}_container" +docker_systemd_service_systemd_options: [] +docker_systemd_service_enabled: true +docker_systemd_service_masked: false +docker_systemd_service_state: stopped +docker_systemd_service_restart: false diff --git a/molecule/default/verify.yml b/molecule/default/verify.yml index ec450ea..7f1e609 100644 --- a/molecule/default/verify.yml +++ b/molecule/default/verify.yml @@ -4,3 +4,87 @@ gather_facts: true become: true tasks: + - name: "Test: file /etc/default/nginx" + block: + - name: "Stat file /etc/default/nginx" + ansible.builtin.stat: + path: "/etc/default/nginx" + register: stat_etc_default_nginx + + - name: "Slurp file /etc/default/nginx" + ansible.builtin.slurp: + src: "/etc/default/nginx" + register: slurp_etc_default_nginx + + - name: "Verify file /etc/systemd/system/nginx_container.service" + vars: + ansible.builtin.assert: + that: + - stat_etc_default_nginx.stat.exists + - stat_etc_default_nginx.stat.isreg + - stat_etc_default_nginx.stat.pw_name == 'root' + - stat_etc_default_nginx.stat.gr_name == 'root' + - stat_etc_default_nginx.stat.mode == '0600' + - (slurp_etc_default_nginx.content|b64decode) == '' + + - name: "Test: service nginx_container" + block: + - name: "Get service nginx_container" + ansible.builtin.service_facts: + + - name: "Stat file /etc/systemd/system/nginx_container.service" + ansible.builtin.stat: + path: "/etc/systemd/system/nginx_container.service" + register: stat_etc_systemd_system_nginx_container_service + + - name: "Slurp file /etc/systemd/system/nginx_container.service" + ansible.builtin.slurp: + src: "/etc/systemd/system/nginx_container.service" + register: slurp_etc_systemd_system_nginx_container_service + + - name: "Verify service nginx_container" + vars: + nginx_expected_service_file: | + # Ansible managed: Do NOT edit this file manually! + [Unit] + After=docker.service + PartOf=docker.service + Requires=docker.service + + [Service] + EnvironmentFile=/etc/default/nginx + ExecStartPre=-/usr/bin/docker rm -f nginx + ExecStart=/usr/bin/docker run --name nginx --rm --env-file /etc/default/nginx \ + \ + \ + \ + \ + \ + \ + \ + \ + \ + \ + \ + \ + \ + nginx + ExecStop=/usr/bin/docker stop nginx + SyslogIdentifier=nginx + Restart=always + RestartSec=10s + + [Install] + WantedBy=docker.service + ansible.builtin.assert: + that: + - stat_etc_systemd_system_nginx_container_service.stat.exists + - stat_etc_systemd_system_nginx_container_service.stat.isreg + - stat_etc_systemd_system_nginx_container_service.stat.pw_name == 'root' + - stat_etc_systemd_system_nginx_container_service.stat.gr_name == 'root' + - stat_etc_systemd_system_nginx_container_service.stat.mode == '0644' + - (slurp_etc_systemd_system_nginx_container_service.content|b64decode) == nginx_expected_service_file + - ansible_facts.services['nginx_container.service'] is defined + - ansible_facts.services['nginx_container.service']['source'] == 'systemd' + - ansible_facts.services['nginx_container.service']['state'] == 'inactive' + - ansible_facts.services['nginx_container.service']['status'] == 'enabled' diff --git a/molecule/default_vagrant/verify.yml b/molecule/default_vagrant/verify.yml index ec450ea..432f8c7 100644 --- a/molecule/default_vagrant/verify.yml +++ b/molecule/default_vagrant/verify.yml @@ -4,3 +4,87 @@ gather_facts: true become: true tasks: + - name: "Test: file /etc/default/nginx" + block: + - name: "Stat file /etc/default/nginx" + ansible.builtin.stat: + path: "/etc/default/nginx" + register: stat_etc_default_nginx + + - name: "Slurp file /etc/default/nginx" + ansible.builtin.slurp: + src: "/etc/default/nginx" + register: slurp_etc_default_nginx + + - name: "Verify file /etc/systemd/system/nginx_container.service" + vars: + ansible.builtin.assert: + that: + - stat_etc_default_nginx.stat.exists + - stat_etc_default_nginx.stat.isreg + - stat_etc_default_nginx.stat.pw_name == 'root' + - stat_etc_default_nginx.stat.gr_name == 'root' + - stat_etc_default_nginx.stat.mode == '0600' + - (slurp_etc_default_nginx.content|b64decode) == '' + + - name: "Test: service nginx_container" + block: + - name: "Get service nginx_container" + ansible.builtin.service_facts: + + - name: "Stat file /etc/systemd/system/nginx_container.service" + ansible.builtin.stat: + path: "/etc/systemd/system/nginx_container.service" + register: stat_etc_systemd_system_nginx_container_service + + - name: "Slurp file /etc/systemd/system/nginx_container.service" + ansible.builtin.slurp: + src: "/etc/systemd/system/nginx_container.service" + register: slurp_etc_systemd_system_nginx_container_service + + - name: "Verify service nginx_container" + vars: + nginx_expected_service_file: | + # Ansible managed: Do NOT edit this file manually! + [Unit] + After=docker.service + PartOf=docker.service + Requires=docker.service + + [Service] + EnvironmentFile=/etc/default/nginx + ExecStartPre=-/usr/bin/docker rm -f nginx + ExecStart=/usr/bin/docker run --name nginx --rm --env-file /etc/default/nginx \ + \ + \ + \ + \ + \ + \ + \ + \ + \ + \ + \ + \ + \ + nginx + ExecStop=/usr/bin/docker stop nginx + SyslogIdentifier=nginx + Restart=always + RestartSec=10s + + [Install] + WantedBy=docker.service + ansible.builtin.assert: + that: + - stat_etc_systemd_system_nginx_container_service.stat.exists + - stat_etc_systemd_system_nginx_container_service.stat.isreg + - stat_etc_systemd_system_nginx_container_service.stat.pw_name == 'root' + - stat_etc_systemd_system_nginx_container_service.stat.gr_name == 'root' + - stat_etc_systemd_system_nginx_container_service.stat.mode == '0644' + - (slurp_etc_systemd_system_nginx_container_service.content|b64decode) == nginx_expected_service_file + - ansible_facts.services['nginx_container.service'] is defined + - ansible_facts.services['nginx_container.service']['source'] == 'systemd' + - ansible_facts.services['nginx_container.service']['state'] == 'running' + - ansible_facts.services['nginx_container.service']['status'] == 'enabled' diff --git a/templates/unit.j2 b/templates/unit.j2 index 4495efa..a20e2d2 100644 --- a/templates/unit.j2 +++ b/templates/unit.j2 @@ -35,16 +35,14 @@ ExecStartPre=-{{ docker_systemd_service_docker_path }} rm -f {{ docker_systemd_s {{ params('--device', docker_systemd_service_container_devices)~' \\'| trim }} {% if docker_systemd_service_container_privileged == true %}--privileged {% endif %}\ {{ docker_systemd_service_container_args~' \\'| trim}} -{{ docker_systemd_service_image }} {% if docker_systemd_service_container_cmd is string %}{{ docker_systemd_service_container_cmd | trim }}{% else %}{{ docker_systemd_service_container_cmd | join(' ') | trim }}{% endif %} -{% endif %} - +{{ docker_systemd_service_image -}}{{ ' ' if docker_systemd_service_container_cmd else '' }}{% if docker_systemd_service_container_cmd is string %}{{ docker_systemd_service_container_cmd | trim }}{% else %}{{ docker_systemd_service_container_cmd | join(' ') | trim }}{% endif %} +{% endif +%} {% if not 'ExecStop' in service_systemd_options_keys %} ExecStop={{ docker_systemd_service_docker_path }} stop {{ docker_systemd_service_container_name }} {% endif %} {% if container_start_post is defined %} ExecStartPost=-{{ container_start_post }} {% endif %} - {% if not 'SyslogIdentifier' in service_systemd_options_keys %} SyslogIdentifier={{ docker_systemd_service_container_name }} {% endif %}