--- - name: Deploy Shadowsocks-Rust Proxy Configurations hosts: all gather_facts: yes pre_tasks: - name: Check if Docker is already installed ansible.builtin.stat: path: /usr/bin/docker register: docker_binary - name: Install Docker if not present block: - name: Add Docker's official GPG key ansible.builtin.apt_key: url: https://download.docker.com/linux/ubuntu/gpg state: present - name: Find and remove any existing Docker repository files to avoid conflicts block: - name: Find legacy docker repository files ansible.builtin.find: paths: /etc/apt/sources.list.d/ patterns: '*.list' contains: 'deb .*download.docker.com' register: legacy_docker_repo_files - name: Remove legacy docker repository files ansible.builtin.file: path: "{{ item.path }}" state: absent loop: "{{ legacy_docker_repo_files.files }}" - name: Set up the Docker repository ansible.builtin.apt_repository: repo: "deb [arch=amd64] https://download.docker.com/linux/ubuntu {{ ansible_lsb.codename }} stable" state: present - name: Install prerequisites for Docker ansible.builtin.apt: name: - apt-transport-https - ca-certificates - curl - software-properties-common - vim - python3-pip state: present update_cache: yes - name: Install Docker Engine and Docker Compose ansible.builtin.apt: name: - docker-ce - docker-ce-cli - containerd.io - docker-compose-plugin - python3-docker state: present update_cache: yes when: not docker_binary.stat.exists become: yes - name: Ensure Docker service is started and enabled ansible.builtin.service: name: docker state: started enabled: yes become: yes - name: Add deploy user to the docker group ansible.builtin.user: name: "{{ ansible_user }}" groups: docker append: yes become: yes - name: Reset SSH connection to apply group changes ansible.builtin.meta: reset_connection - name: Ensure shared Docker network exists community.docker.docker_network: name: "{{ docker_network_name }}" driver: bridge become: yes tasks: - name: Deploy Shadowsocks-Rust proxy services block: - name: Ensure base directory for shadowsocks exists ansible.builtin.file: path: "/srv/shadowsocks-rust" state: directory owner: "{{ ansible_user }}" group: "{{ deploy_group }}" mode: '0755' - name: Create individual proxy config directories ansible.builtin.file: path: "/srv/shadowsocks-rust/config_ssp_{{ item.value.local_port }}" state: directory owner: "{{ ansible_user }}" group: "{{ deploy_group }}" mode: '0755' loop: "{{ shadowsocks_proxies | dict2items }}" - name: Create Shadowsocks-Rust proxy configuration files ansible.builtin.copy: content: | { "server": "{{ item.value.server }}", "server_port": {{ item.value.server_port }}, "password": "{{ lookup('vars', item.value.vault_password_key) }}", "local_address": "{{ shadowsocks_local_address }}", "local_port": {{ item.value.local_port }}, "timeout": {{ shadowsocks_timeout }}, "method": "{{ shadowsocks_cipher_method }}", "fast_open": {{ shadowsocks_fast_open | to_json }}, "mode": "{{ shadowsocks_mode }}" } dest: "/srv/shadowsocks-rust/config_ssp_{{ item.value.local_port }}/config.json" owner: "{{ ansible_user }}" group: "{{ deploy_group }}" mode: '0644' loop: "{{ shadowsocks_proxies | dict2items }}" - name: Create docker-compose.yml for Shadowsocks-Rust proxies ansible.builtin.template: src: templates/shadowsocks-compose.yml.j2 dest: /srv/shadowsocks-rust/docker-compose.yml owner: "{{ ansible_user }}" group: "{{ deploy_group }}" mode: '0644' - name: Ensure old docker-compose.yaml file is removed to avoid conflicts ansible.builtin.file: path: /srv/shadowsocks-rust/docker-compose.yaml state: absent - name: Stop and remove any existing Shadowsocks-Rust proxy services community.docker.docker_compose_v2: project_src: "/srv/shadowsocks-rust" state: absent - name: Start Shadowsocks-Rust proxy services community.docker.docker_compose_v2: project_src: "/srv/shadowsocks-rust" state: present remove_orphans: true recreate: always pull: "{{ 'never' if fast_deploy | default(false) else 'missing' }}" when: shadowsocks_proxies is defined and shadowsocks_proxies | length > 0 become: yes