110 lines
4.6 KiB
YAML
110 lines
4.6 KiB
YAML
---
|
|
- name: Deploy Shadowsocks-Rust Proxy Configurations
|
|
hosts: workers
|
|
gather_facts: yes
|
|
vars_files:
|
|
- "group_vars/all/vault.yml"
|
|
pre_tasks:
|
|
- name: Set inventory_env fact
|
|
ansible.builtin.set_fact:
|
|
inventory_env: "{{ inventory_file | basename | splitext | first | replace('inventory.', '') }}"
|
|
- name: Load environment-specific variables
|
|
ansible.builtin.include_vars: "{{ item }}"
|
|
with_fileglob:
|
|
- "group_vars/all/generated_vars{{ '.' + inventory_env if inventory_env else '' }}.yml"
|
|
tasks:
|
|
- name: Deploy Shadowsocks-Rust proxy services
|
|
block:
|
|
- name: Ensure base directory for shadowsocks exists
|
|
ansible.builtin.file:
|
|
path: "/srv/shadowsocks-rust"
|
|
state: directory
|
|
owner: "{{ ansible_user }}"
|
|
group: "{{ deploy_group }}"
|
|
mode: '0755'
|
|
|
|
- name: Filter proxy configurations for this worker
|
|
ansible.builtin.set_fact:
|
|
worker_specific_proxies: >-
|
|
{% set result = {} -%}
|
|
{% for proxy_name in worker_proxies -%}
|
|
{% if proxy_name in shadowsocks_proxies -%}
|
|
{%- set _ = result.update({proxy_name: shadowsocks_proxies[proxy_name]}) -%}
|
|
{% endif -%}
|
|
{% endfor -%}
|
|
{{ result }}
|
|
|
|
- name: Create individual proxy config directories
|
|
ansible.builtin.file:
|
|
path: "/srv/shadowsocks-rust/config_ssp_{{ item.value.local_port }}"
|
|
state: directory
|
|
owner: "{{ ansible_user }}"
|
|
group: "{{ deploy_group }}"
|
|
mode: '0755'
|
|
loop: "{{ worker_specific_proxies | dict2items }}"
|
|
|
|
- name: Create Shadowsocks-Rust proxy configuration files
|
|
ansible.builtin.copy:
|
|
content: |
|
|
{
|
|
"server": "{{ item.value.server }}",
|
|
"server_port": {{ item.value.server_port }},
|
|
"password": "{{ lookup('vars', item.value.vault_password_key) }}",
|
|
"local_address": "{{ shadowsocks_local_address }}",
|
|
"local_port": {{ item.value.local_port }},
|
|
"timeout": {{ shadowsocks_timeout }},
|
|
"method": "{{ shadowsocks_cipher_method }}",
|
|
"fast_open": {{ shadowsocks_fast_open | to_json }},
|
|
"mode": "{{ shadowsocks_mode }}"
|
|
}
|
|
dest: "/srv/shadowsocks-rust/config_ssp_{{ item.value.local_port }}/config.json"
|
|
owner: "{{ ansible_user }}"
|
|
group: "{{ deploy_group }}"
|
|
mode: '0644'
|
|
loop: "{{ worker_specific_proxies | dict2items }}"
|
|
|
|
- name: Create docker-compose.yml for Shadowsocks-Rust proxies
|
|
ansible.builtin.template:
|
|
src: templates/shadowsocks-compose.yml.j2
|
|
dest: /srv/shadowsocks-rust/docker-compose.yml
|
|
owner: "{{ ansible_user }}"
|
|
group: "{{ deploy_group }}"
|
|
mode: '0644'
|
|
vars:
|
|
shadowsocks_proxies: "{{ worker_specific_proxies }}"
|
|
|
|
- name: Ensure old docker-compose.yaml file is removed to avoid conflicts
|
|
ansible.builtin.file:
|
|
path: /srv/shadowsocks-rust/docker-compose.yaml
|
|
state: absent
|
|
|
|
- name: Find and stop any container using the target proxy ports
|
|
ansible.builtin.shell:
|
|
cmd: |
|
|
container_id=$(docker ps -aq --filter "publish={{ item.value.local_port }}")
|
|
if [ -n "$container_id" ]; then
|
|
echo "Found container ${container_id} using port {{ item.value.local_port }}. Stopping and removing it."
|
|
docker stop "${container_id}" >/dev/null 2>&1 || true
|
|
docker rm -f "${container_id}" >/dev/null 2>&1 || true
|
|
fi
|
|
loop: "{{ worker_specific_proxies | dict2items }}"
|
|
register: stop_conflicting_containers
|
|
changed_when: "'Stopping and removing it' in stop_conflicting_containers.stdout"
|
|
loop_control:
|
|
label: "{{ item.key }}"
|
|
|
|
- name: Stop and remove any existing Shadowsocks-Rust proxy services
|
|
community.docker.docker_compose_v2:
|
|
project_src: "/srv/shadowsocks-rust"
|
|
state: absent
|
|
|
|
- name: Start Shadowsocks-Rust proxy services
|
|
community.docker.docker_compose_v2:
|
|
project_src: "/srv/shadowsocks-rust"
|
|
state: present
|
|
remove_orphans: true
|
|
recreate: always
|
|
pull: "{{ 'never' if fast_deploy | default(false) else 'missing' }}"
|
|
when: worker_proxies is defined and worker_proxies | length > 0
|
|
become: yes
|