yt-dlp-dags/ansible/playbook-proxies.yml

---
- name: Deploy Shadowsocks-Rust Proxy Configurations
  hosts: all
  gather_facts: yes
  pre_tasks:
    - name: Check if Docker is already installed
      ansible.builtin.stat:
        path: /usr/bin/docker
      register: docker_binary

    - name: Install Docker if not present
      block:
        - name: Add Docker's official GPG key
          ansible.builtin.apt_key:
            url: https://download.docker.com/linux/ubuntu/gpg
            state: present

        - name: Find and remove any existing Docker repository files to avoid conflicts
          block:
            - name: Find legacy docker repository files
              ansible.builtin.find:
                paths: /etc/apt/sources.list.d/
                patterns: '*.list'
                contains: 'deb .*download.docker.com'
              register: legacy_docker_repo_files

            - name: Remove legacy docker repository files
              ansible.builtin.file:
                path: "{{ item.path }}"
                state: absent
              loop: "{{ legacy_docker_repo_files.files }}"

        - name: Set up the Docker repository
          ansible.builtin.apt_repository:
            repo: "deb [arch=amd64] https://download.docker.com/linux/ubuntu {{ ansible_lsb.codename }} stable"
            state: present

        - name: Install prerequisites for Docker
          ansible.builtin.apt:
            name:
              - apt-transport-https
              - ca-certificates
              - curl
              - software-properties-common
              - vim
              - python3-pip
            state: present
            update_cache: yes

        - name: Install Docker Engine and Docker Compose
          ansible.builtin.apt:
            name:
              - docker-ce
              - docker-ce-cli
              - containerd.io
              - docker-compose-plugin
              - python3-docker
            state: present
            update_cache: yes
      when: not docker_binary.stat.exists
      become: yes

    - name: Ensure Docker service is started and enabled
      ansible.builtin.service:
        name: docker
        state: started
        enabled: yes
      become: yes

    - name: Add deploy user to the docker group
      ansible.builtin.user:
        name: "{{ ansible_user }}"
        groups: docker
        append: yes
      become: yes

    - name: Reset SSH connection to apply group changes
      ansible.builtin.meta: reset_connection

    - name: Ensure shared Docker network exists
      community.docker.docker_network:
        name: "{{ docker_network_name }}"
        driver: bridge
      become: yes
  tasks:
    - name: Deploy Shadowsocks-Rust proxy services
      block:
        - name: Ensure base directory for shadowsocks exists
          ansible.builtin.file:
            path: "/srv/shadowsocks-rust"
            state: directory
            owner: "{{ ansible_user }}"
            group: "{{ deploy_group }}"
            mode: '0755'

        - name: Create individual proxy config directories
          ansible.builtin.file:
            path: "/srv/shadowsocks-rust/config_ssp_{{ item.value.local_port }}"
            state: directory
            owner: "{{ ansible_user }}"
            group: "{{ deploy_group }}"
            mode: '0755'
          loop: "{{ shadowsocks_proxies | dict2items }}"

        - name: Create Shadowsocks-Rust proxy configuration files
          ansible.builtin.copy:
            content: |
              {
                  "server": "{{ item.value.server }}",
                  "server_port": {{ item.value.server_port }},
                  "password": "{{ lookup('vars', item.value.vault_password_key) }}",
                  "local_address": "{{ shadowsocks_local_address }}",
                  "local_port": {{ item.value.local_port }},
                  "timeout": {{ shadowsocks_timeout }},
                  "method": "{{ shadowsocks_cipher_method }}",
                  "fast_open": {{ shadowsocks_fast_open | to_json }},
                  "mode": "{{ shadowsocks_mode }}"
              }
            dest: "/srv/shadowsocks-rust/config_ssp_{{ item.value.local_port }}/config.json"
            owner: "{{ ansible_user }}"
            group: "{{ deploy_group }}"
            mode: '0644'
          loop: "{{ shadowsocks_proxies | dict2items }}"

        - name: Create docker-compose.yml for Shadowsocks-Rust proxies
          ansible.builtin.template:
            src: templates/shadowsocks-compose.yml.j2
            dest: /srv/shadowsocks-rust/docker-compose.yml
            owner: "{{ ansible_user }}"
            group: "{{ deploy_group }}"
            mode: '0644'

        - name: Ensure old docker-compose.yaml file is removed to avoid conflicts
          ansible.builtin.file:
            path: /srv/shadowsocks-rust/docker-compose.yaml
            state: absent

        - name: Stop and remove any existing Shadowsocks-Rust proxy services
          community.docker.docker_compose_v2:
            project_src: "/srv/shadowsocks-rust"
            state: absent

        - name: Start Shadowsocks-Rust proxy services
          community.docker.docker_compose_v2:
            project_src: "/srv/shadowsocks-rust"
            state: present
            remove_orphans: true
            recreate: always
            pull: "{{ 'never' if fast_deploy | default(false) else 'missing' }}"
      when: shadowsocks_proxies is defined and shadowsocks_proxies | length > 0
      become: yes