Enhancement: Better task structures

playbooks/02-xmpp-server.yaml

@@ -50,138 +50,29 @@
           - php-xml
           - postgresql
           - nginx
+          - certbot
           - ejabberd
           - git
           - python3-certbot-nginx
           - python3-psycopg2
         state: present
 
-    - name: Installing Movim App
-      block:
-        - name: Cloning
-          ansible.builtin.git:
-            repo: https://github.com/movim/movim.git
-            dest: "{{ movim.path }}"
-            version: "{{ movim.version }}"
-      rescue:
-        - name: Fetching
-          ansible.builtin.command:
-            argv:
-              - git
-              - fetch
-            chdir: "{{ movim.path }}"
-          become: true
-          become_user: "{{ www.user }}"
-        - name: Checking Out
-          ansible.builtin.command:
-            argv:
-              - git
-              - checkout
-              - "{{ movim.version }}"
-            chdir: "{{ movim.path }}"
-          become: true
-          become_user: "{{ www.user }}"
-      always:
-        - name: Setting Mode and Ownershp
-          ansible.builtin.file:
-            path: "{{ movim.path }}"
-            state: directory
-            owner: "{{ www.user }}"
-            group: "{{ www.group }}"
-            recurse: true
-            mode: "755"
+    - name: "Ensure movim database is present and accessible"
+      ansible.builtin.include_tasks:
+        file: tasks/chat/database.yml
 
-    - name: Installing Movim dependanciens
-      community.general.composer:
-        working_dir: "{{ movim.path }}"
-        command: install
-      become: true
-      become_user: "{{ www.user }}"
+    - name: "Ensure movim version is installed - v{{ movim.version }}"
+      ansible.builtin.include_tasks:
+        file: tasks/chat/movim.yml
 
-    - name: Create Database User
-      community.postgresql.postgresql_user:
-        user: movim
-        password: movim
-        state: present
-      become_user: "{{ postgres.user }}"
-      become: true
+    - name: "Ensure ejabberd is configured"
+      ansible.builtin.include_tasks:
+        file: tasks/chat/ejabberd.yml
 
-    - name: Create Database
-      community.postgresql.postgresql_db:
-        name: movim
-        owner: movim
-        state: present
-      become_user: "{{ postgres.user }}"
-      become: true
+    - name: "Ensure nginx is configured"
+      ansible.builtin.include_tasks:
+        file: tasks/chat/nginx.yml
 
-    - name: Setting-Up Movim execution environment
-      ansible.builtin.blockinfile:
-        path: "{{ movim.path }}/.env"
-        block: |
-          # Database configuration
-          DB_DRIVER=pgsql
-          DB_HOST=127.0.0.1
-          DB_PORT=5432
-          DB_DATABASE=movim
-          DB_USERNAME=movim
-          DB_PASSWORD=movim
-
-          # Daemon configuration
-          DAEMON_URL=https://chat.trans13nrv.eu.org/ # Public URL of your Movim instance
-          DAEMON_PORT=8080 # Port on which the daemon will listen
-          DAEMON_INTERFACE=127.0.0.1 # Interface on which the daemon will listen, must be an IP
-          DAEMON_DEBUG=false
-          DAEMON_VERBOSE=false
-
-        owner: "{{ www.user }}"
-        group: "{{ www.group }}"
-        create: true
-        mode: "600"
-
-    - name: Migrating Database
-      community.general.composer:
-        command: "movim:migrate"
-        working_dir: "{{ movim.path }}"
-      become: true
-      become_user: "{{ www.user }}"
-
-    - name: Setting-Up Movim demon service
-      ansible.builtin.blockinfile:
-        path: /etc/systemd/system/movim.service
-        block: |
-          [Unit]
-          Description=Movim daemon
-          After=nginx.service network.target local-fs.target
-
-          [Service]
-          User=www-data
-          Type=simple
-          Environment=PUBLIC_URL=https://chat.trans13nrv.eu.org/
-          Environment=WS_PORT=8080
-          EnvironmentFile=-/etc/default/movim
-          ExecStart=/usr/bin/php daemon.php start
-          WorkingDirectory={{ movim.path }}
-          StandardOutput=syslog
-          SyslogIdentifier=movim
-          PIDFile=/run/movim.pid
-          Restart=on-failure
-          RestartSec=10
-
-          [Install]
-          WantedBy=multi-user.target
-        owner: "{{ root.user }}"
-        group: "{{ root.group }}"
-        mode: "644"
-        create: true
-
-    - name: Reload SystemD daemon
-      ansible.builtin.command:
-        argv:
-          - systemctl
-          - daemon-reload
-
-    - name: Enable and start Movim Damon Service
-      ansible.builtin.systemd_service:
-        service: movim.service
-        enabled: true
-        state: started
+    - name: "Ensure X512 certs are presents"
+      ansible.builtin.include_tasks:
+        file: tasks/chat/tls.yml

playbooks/tasks/chat/database.yml

@@ -0,0 +1,16 @@
+---
+- name: Ensure database user Exists
+  community.postgresql.postgresql_user:
+    user: movim
+    password: movim
+    state: present
+  become_user: "{{ postgres.user }}"
+  become: true
+
+- name: Ensure database exists
+  community.postgresql.postgresql_db:
+    name: movim
+    owner: movim
+    state: present
+  become_user: "{{ postgres.user }}"
+  become: true

playbooks/tasks/chat/movim.yml

@@ -0,0 +1,152 @@
+---
+- name: Check Whether movim is present
+  ansible.builtin.stat:
+    path: "{{ movim.path }}"
+  register: "movim_dir"
+
+- name: Check whether movim is installed
+  ansible.builtin.set_fact:
+    movim_is_installed: "{{ movim_dir.stat is defined and movim_dir.stat.isdir }}"
+
+- name: Guess current version
+  block:
+    - name: Check movim installed tag
+      when: movim_is_installed
+      register: "movim_installed_tag"
+      ansible.builtin.shell:
+        argv:
+          - git
+          - describe
+          - --tags
+        chdir: "{{ movim.path }}"
+      become: true
+      become_user: "{{ www.user }}"
+
+    - name: Register current movim version
+      ansible.builtin.set_fact:
+        movim_installed_version: "{{ movim_installed_tag.stdout | regex_replace('^v(\\d+)\\.(\\d+)\\.(\\d+)$', '\\1.\\2.\\3') }}"
+
+- name: Installing
+  when: not movim_is_installed
+  block:
+    - name: Cloning
+      ansible.builtin.git:
+        repo: https://github.com/movim/movim.git
+        dest: "{{ movim.path }}"
+        version: "v{{ movim.version }}"
+
+    - name: Setting Mode and Ownershp
+      ansible.builtin.file:
+        path: "{{ movim.path }}"
+        state: directory
+        owner: "{{ www.user }}"
+        group: "{{ www.group }}"
+        recurse: true
+        mode: "755"
+
+- name: Updating
+  when: movim_is_installed and movim.version is version(movim_installed_version, ">", "semver")
+  block:
+    - name: Fetching
+      ansible.builtin.shell:
+        argv:
+          - git
+          - fetch
+        chdir: "{{ movim.path }}"
+      become: true
+      become_user: "{{ www.user }}"
+    - name: Checking Out
+      ansible.builtin.shell:
+        argv:
+          - git
+          - checkout
+          - "v{{ movim.version }}"
+        chdir: "{{ movim.path }}"
+      become: true
+      become_user: "{{ www.user }}"
+
+- name: Installing or updating Movim dependanciens
+  community.general.composer:
+    working_dir: "{{ movim.path }}"
+    command: install
+  become: true
+  become_user: "{{ www.user }}"
+
+- name: Setting-Up Movim execution environment
+  ansible.builtin.blockinfile:
+    path: "{{ movim.path }}/.env"
+    block: |
+      # Database configuration
+      DB_DRIVER=pgsql
+      DB_HOST=127.0.0.1
+      DB_PORT=5432
+      DB_DATABASE=movim
+      DB_USERNAME=movim
+      DB_PASSWORD=movim
+
+      # Daemon configuration
+      DAEMON_URL=https://chat.trans13nrv.eu.org/ # Public URL of your Movim instance
+      DAEMON_PORT=8080 # Port on which the daemon will listen
+      DAEMON_INTERFACE=127.0.0.1 # Interface on which the daemon will listen, must be an IP
+      DAEMON_DEBUG=false
+      DAEMON_VERBOSE=false
+
+    owner: "{{ www.user }}"
+    group: "{{ www.group }}"
+    create: true
+    mode: "600"
+
+- name: Migrating Database
+  community.general.composer:
+    command: "movim:migrate"
+    working_dir: "{{ movim.path }}"
+  become: true
+  become_user: "{{ www.user }}"
+
+- name: Setting-Up Movim demon service
+  ansible.builtin.blockinfile:
+    path: /etc/systemd/system/movim.service
+    block: |
+      [Unit]
+      Description=Movim daemon
+      After=nginx.service network.target local-fs.target
+
+      [Service]
+      User=www-data
+      Type=simple
+      Environment=PUBLIC_URL=https://chat.trans13nrv.eu.org/
+      Environment=WS_PORT=8080
+      EnvironmentFile=-/etc/default/movim
+      ExecStart=/usr/bin/php daemon.php start
+      WorkingDirectory={{ movim.path }}
+      StandardOutput=syslog
+      SyslogIdentifier=movim
+      PIDFile=/run/movim.pid
+      Restart=on-failure
+      RestartSec=10
+
+      [Install]
+      WantedBy=multi-user.target
+    owner: "{{ root.user }}"
+    group: "{{ root.group }}"
+    mode: "644"
+    create: true
+
+- name: Reload SystemD daemon
+  ansible.builtin.shell:
+    argv:
+      - systemctl
+      - daemon-reload
+
+- name: Enable and start Movim Damon Service
+  when: not movim_is_installed
+  ansible.builtin.systemd_service:
+    service: movim.service
+    enabled: true
+    state: started
+
+- name: Enable and start Movim Damon Service
+  ansible.builtin.systemd_service:
+    service: movim.service
+    state: restarted
+  when: movim_is_installed

playbooks/vars.yml

@@ -15,7 +15,7 @@ www:
   user: www-data
   group: www-data
 movim:
-  version: v0.24.1
+  version: "0.24.1"
   path: /var/www/chat.trans13nrv.eu.org
 postgres:
   user: postgres