--- - name: Deploy Shadowsocks-Rust Proxy Configurations hosts: workers gather_facts: yes vars_files: - "group_vars/all/vault.yml" pre_tasks: - name: Set inventory_env fact ansible.builtin.set_fact: inventory_env: "{{ inventory_file | basename | splitext | first | replace('inventory.', '') }}" - name: Load environment-specific variables ansible.builtin.include_vars: "{{ item }}" with_fileglob: - "group_vars/all/generated_vars{{ '.' + inventory_env if inventory_env else '' }}.yml" tasks: - name: Deploy Shadowsocks-Rust proxy services block: - name: Ensure base directory for shadowsocks exists ansible.builtin.file: path: "/srv/shadowsocks-rust" state: directory owner: "{{ ansible_user }}" group: "{{ deploy_group }}" mode: '0755' - name: Filter proxy configurations for this worker ansible.builtin.set_fact: worker_specific_proxies: >- {% set result = {} -%} {% for proxy_name in worker_proxies -%} {% if proxy_name in shadowsocks_proxies -%} {%- set _ = result.update({proxy_name: shadowsocks_proxies[proxy_name]}) -%} {% endif -%} {% endfor -%} {{ result }} - name: Create individual proxy config directories ansible.builtin.file: path: "/srv/shadowsocks-rust/config_ssp_{{ item.value.local_port }}" state: directory owner: "{{ ansible_user }}" group: "{{ deploy_group }}" mode: '0755' loop: "{{ worker_specific_proxies | dict2items }}" - name: Create Shadowsocks-Rust proxy configuration files ansible.builtin.copy: content: | { "server": "{{ item.value.server }}", "server_port": {{ item.value.server_port }}, "password": "{{ lookup('vars', item.value.vault_password_key) }}", "local_address": "{{ shadowsocks_local_address }}", "local_port": {{ item.value.local_port }}, "timeout": {{ shadowsocks_timeout }}, "method": "{{ shadowsocks_cipher_method }}", "fast_open": {{ shadowsocks_fast_open | to_json }}, "mode": "{{ shadowsocks_mode }}" } dest: "/srv/shadowsocks-rust/config_ssp_{{ item.value.local_port }}/config.json" owner: "{{ ansible_user }}" group: "{{ deploy_group }}" mode: '0644' loop: "{{ worker_specific_proxies | dict2items }}" - name: Create docker-compose.yml for Shadowsocks-Rust proxies ansible.builtin.template: src: templates/shadowsocks-compose.yml.j2 dest: /srv/shadowsocks-rust/docker-compose.yml owner: "{{ ansible_user }}" group: "{{ deploy_group }}" mode: '0644' vars: shadowsocks_proxies: "{{ worker_specific_proxies }}" - name: Ensure old docker-compose.yaml file is removed to avoid conflicts ansible.builtin.file: path: /srv/shadowsocks-rust/docker-compose.yaml state: absent - name: Find and stop any container using the target proxy ports ansible.builtin.shell: cmd: | container_id=$(docker ps -aq --filter "publish={{ item.value.local_port }}") if [ -n "$container_id" ]; then echo "Found container ${container_id} using port {{ item.value.local_port }}. Stopping and removing it." docker stop "${container_id}" >/dev/null 2>&1 || true docker rm -f "${container_id}" >/dev/null 2>&1 || true fi loop: "{{ worker_specific_proxies | dict2items }}" register: stop_conflicting_containers changed_when: "'Stopping and removing it' in stop_conflicting_containers.stdout" loop_control: label: "{{ item.key }}" - name: Stop and remove any existing Shadowsocks-Rust proxy services community.docker.docker_compose_v2: project_src: "/srv/shadowsocks-rust" state: absent - name: Start Shadowsocks-Rust proxy services community.docker.docker_compose_v2: project_src: "/srv/shadowsocks-rust" state: present remove_orphans: true recreate: always pull: "{{ 'never' if fast_deploy | default(false) else 'missing' }}" when: worker_proxies is defined and worker_proxies | length > 0 become: yes