From 75990c9a6b6e8bfc3b2b2398d5ec80672b63088b Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Sat, 13 Sep 2025 13:52:53 -0400 Subject: [PATCH 01/46] ... --- .gitea/workflows/dag-config-check.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.gitea/workflows/dag-config-check.yml b/.gitea/workflows/dag-config-check.yml index 48980ae..01d6278 100644 --- a/.gitea/workflows/dag-config-check.yml +++ b/.gitea/workflows/dag-config-check.yml @@ -25,9 +25,9 @@ jobs: version: "11.4.0" - name: Set up Vault CLI - uses: hashicorp/setup-vault@v2 + uses: eLco/setup-vault@v1 with: - version: 1.18.0 + vault_version: 1.18.0 - name: Install hvac (Vault Python SDK) run: pip install hvac -- 2.52.0 From 48dfa6800d9f61631a7e1e4433aa2ed9c66a1b40 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Sat, 13 Sep 2025 17:50:19 -0400 Subject: [PATCH 02/46] Tweaking MariaDB backup DAG. --- app-configs/rinoa/dagu/dags/mariadb-backups.yaml.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app-configs/rinoa/dagu/dags/mariadb-backups.yaml.j2 b/app-configs/rinoa/dagu/dags/mariadb-backups.yaml.j2 index 87c5666..b937c8d 100644 --- a/app-configs/rinoa/dagu/dags/mariadb-backups.yaml.j2 +++ b/app-configs/rinoa/dagu/dags/mariadb-backups.yaml.j2 @@ -21,7 +21,7 @@ steps: script: | for mdatabase in $(echo ${RINOA_MADB_LIST}) ; do mkdir -p ${mdatabase} - mariadb_dump --user=root --password"${MARIADB_ROOT_PASSWORD}" --databases ${madb} > ${mdatabase}/${mdatabase}_$(date +%Y-%m-%dT%H-%M-%S).sql + mariadb_dump --user=root --password"${MARIADB_ROOT_PASSWORD}" --databases ${madb} > ${mdatabase}/dump-$(date +%Y%m%d)_$(cat /proc/sys/kernel/random/uuid).sql done - name: db-backup-cleanup -- 2.52.0 From ac1433de97e83fb4c2dfc213f9eed15fad851867 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Sat, 13 Sep 2025 13:52:53 -0400 Subject: [PATCH 03/46] ... --- .gitea/workflows/dag-config-check.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.gitea/workflows/dag-config-check.yml b/.gitea/workflows/dag-config-check.yml index 7c7f991..9e5abaa 100644 --- a/.gitea/workflows/dag-config-check.yml +++ b/.gitea/workflows/dag-config-check.yml @@ -24,9 +24,9 @@ jobs: version: "11.4.0" - name: Set up Vault CLI - uses: hashicorp/setup-vault@v2 + uses: eLco/setup-vault@v1 with: - version: 1.18.0 + vault_version: 1.18.0 - name: Install hvac (Vault Python SDK) run: pip install hvac -- 2.52.0 From bcc976ec709b3a1215eca488fcc0e90acd021bd9 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Sat, 13 Sep 2025 17:50:19 -0400 Subject: [PATCH 04/46] Tweaking MariaDB backup DAG. --- app-configs/rinoa/dagu/dags/mariadb-backups.yaml.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app-configs/rinoa/dagu/dags/mariadb-backups.yaml.j2 b/app-configs/rinoa/dagu/dags/mariadb-backups.yaml.j2 index 87c5666..b937c8d 100644 --- a/app-configs/rinoa/dagu/dags/mariadb-backups.yaml.j2 +++ b/app-configs/rinoa/dagu/dags/mariadb-backups.yaml.j2 @@ -21,7 +21,7 @@ steps: script: | for mdatabase in $(echo ${RINOA_MADB_LIST}) ; do mkdir -p ${mdatabase} - mariadb_dump --user=root --password"${MARIADB_ROOT_PASSWORD}" --databases ${madb} > ${mdatabase}/${mdatabase}_$(date +%Y-%m-%dT%H-%M-%S).sql + mariadb_dump --user=root --password"${MARIADB_ROOT_PASSWORD}" --databases ${madb} > ${mdatabase}/dump-$(date +%Y%m%d)_$(cat /proc/sys/kernel/random/uuid).sql done - name: db-backup-cleanup -- 2.52.0 From d91cc143266d54e8f585d45b844281df4124d7e2 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Sat, 13 Sep 2025 21:01:56 -0400 Subject: [PATCH 05/46] Tweaks for DAG-related items. --- .gitea/workflows/dag-config-check.yml | 4 ++-- app-configs/rinoa/dagu/dags/mariadb-backups.yaml.j2 | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.gitea/workflows/dag-config-check.yml b/.gitea/workflows/dag-config-check.yml index 9e5abaa..40acbf7 100644 --- a/.gitea/workflows/dag-config-check.yml +++ b/.gitea/workflows/dag-config-check.yml @@ -3,12 +3,12 @@ name: Validate DAGs on: workflow_dispatch: push: - paths: ['./app-configs/rinoa/dagu/dags/**'] + paths: ['app-configs/rinoa/dagu/dags/**'] branches-ignore: - main env: - DAGS_PATH: "./app-configs/rinoa/dagu/dags" + DAGS_PATH: "${GITHUB_WORKSPACE}/app-configs/rinoa/dagu/dags" VAULT_ADDR: ${{ secrets.VAULT_ADDR }} VAULT_TOKEN: ${{ secrets.VAULT_TOKEN }} diff --git a/app-configs/rinoa/dagu/dags/mariadb-backups.yaml.j2 b/app-configs/rinoa/dagu/dags/mariadb-backups.yaml.j2 index b937c8d..0515e57 100644 --- a/app-configs/rinoa/dagu/dags/mariadb-backups.yaml.j2 +++ b/app-configs/rinoa/dagu/dags/mariadb-backups.yaml.j2 @@ -21,7 +21,7 @@ steps: script: | for mdatabase in $(echo ${RINOA_MADB_LIST}) ; do mkdir -p ${mdatabase} - mariadb_dump --user=root --password"${MARIADB_ROOT_PASSWORD}" --databases ${madb} > ${mdatabase}/dump-$(date +%Y%m%d)_$(cat /proc/sys/kernel/random/uuid).sql + mariadb_dump --user=root --password"${MARIADB_ROOT_PASSWORD}" --databases ${madb} > ${mdatabase}/dump-$(date +%Y%m%d)-$(cat /proc/sys/kernel/random/uuid).sql done - name: db-backup-cleanup -- 2.52.0 From 4f257ce6bdd5cb1e8c80db94f25860abc8a56906 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Sat, 13 Sep 2025 21:08:34 -0400 Subject: [PATCH 06/46] Tweaks for DAG-related items. --- .gitea/workflows/gitea_tar-valon_ansible_deploy.yml | 2 +- app-configs/rinoa/dagu/dags/mariadb-backups.yaml.j2 | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.gitea/workflows/gitea_tar-valon_ansible_deploy.yml b/.gitea/workflows/gitea_tar-valon_ansible_deploy.yml index e574e12..93631f9 100644 --- a/.gitea/workflows/gitea_tar-valon_ansible_deploy.yml +++ b/.gitea/workflows/gitea_tar-valon_ansible_deploy.yml @@ -11,9 +11,9 @@ on: branches-ignore: - 'main' paths: + - 'app-configs/**' - '!app-configs/rikku/homeassistant/**' - '!app-configs/rinoa/dagu/dags/**' - - 'app-configs/**' env: VAULT_ADDR: ${{ secrets.VAULT_ADDR }} diff --git a/app-configs/rinoa/dagu/dags/mariadb-backups.yaml.j2 b/app-configs/rinoa/dagu/dags/mariadb-backups.yaml.j2 index 0515e57..7e6147e 100644 --- a/app-configs/rinoa/dagu/dags/mariadb-backups.yaml.j2 +++ b/app-configs/rinoa/dagu/dags/mariadb-backups.yaml.j2 @@ -21,7 +21,7 @@ steps: script: | for mdatabase in $(echo ${RINOA_MADB_LIST}) ; do mkdir -p ${mdatabase} - mariadb_dump --user=root --password"${MARIADB_ROOT_PASSWORD}" --databases ${madb} > ${mdatabase}/dump-$(date +%Y%m%d)-$(cat /proc/sys/kernel/random/uuid).sql + mariadb_dump --u root --p"${MARIADB_ROOT_PASSWORD}" --databases ${madb} > ${mdatabase}/dump-$(date +%Y%m%d)-$(cat /proc/sys/kernel/random/uuid).sql done - name: db-backup-cleanup -- 2.52.0 From 6da7cf0f564524d57941c8bcbad7adf95512bfe2 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Sat, 13 Sep 2025 21:20:32 -0400 Subject: [PATCH 07/46] Tweaks for DAG-related items. --- .gitea/workflows/dag-config-check.yml | 13 ++++++------- playbooks/rinoa-render-dags.yml | 2 +- 2 files changed, 7 insertions(+), 8 deletions(-) diff --git a/.gitea/workflows/dag-config-check.yml b/.gitea/workflows/dag-config-check.yml index 40acbf7..369bdcf 100644 --- a/.gitea/workflows/dag-config-check.yml +++ b/.gitea/workflows/dag-config-check.yml @@ -3,12 +3,14 @@ name: Validate DAGs on: workflow_dispatch: push: - paths: ['app-configs/rinoa/dagu/dags/**'] + paths: + - 'app-configs/rinoa/dagu/dags/**' + - '**/dag-config-check.yml' branches-ignore: - main env: - DAGS_PATH: "${GITHUB_WORKSPACE}/app-configs/rinoa/dagu/dags" + DAGS_PATH: "app-configs/rinoa/dagu/dags" VAULT_ADDR: ${{ secrets.VAULT_ADDR }} VAULT_TOKEN: ${{ secrets.VAULT_TOKEN }} @@ -40,11 +42,8 @@ jobs: playbook: playbooks/rinoa-render-dags.yml - name: Install dagu - uses: jaxxstorm/action-install-gh-release@v1 - with: - repo: dagu-org/dagu - platform: linux - arch: amd64 + run: | + curl -L https://raw.githubusercontent.com/dagu-org/dagu/main/scripts/installer.sh | bash - name: Validate DAGs run: | diff --git a/playbooks/rinoa-render-dags.yml b/playbooks/rinoa-render-dags.yml index 82fdb32..22b99bc 100644 --- a/playbooks/rinoa-render-dags.yml +++ b/playbooks/rinoa-render-dags.yml @@ -5,7 +5,7 @@ gather_facts: false vars: - dags_path: "{{ lookup('env', 'DAGS_PATH') }}" + dags_path: "{{ lookup('env', 'DAGS_PATH') | default(playbook_dir ~ '/../app-configs/rinoa/dagu/dags') }}" vault_addr: "{{ lookup('env', 'VAULT_ADDR') }}" vault_token: "{{ lookup('env', 'VAULT_TOKEN') }}" -- 2.52.0 From 06a1ee8f78d9051b0c166c2f3bc729e97a8d140a Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Sat, 13 Sep 2025 21:55:34 -0400 Subject: [PATCH 08/46] Tweaks for DAG-related items. --- .gitea/workflows/dag-config-check.yml | 4 ++-- playbooks/rinoa-render-dags.yml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.gitea/workflows/dag-config-check.yml b/.gitea/workflows/dag-config-check.yml index 369bdcf..f890989 100644 --- a/.gitea/workflows/dag-config-check.yml +++ b/.gitea/workflows/dag-config-check.yml @@ -48,6 +48,6 @@ jobs: - name: Validate DAGs run: | for dag in $(find ${DAGS_PATH} -type f -name "*.yaml" -a ! -name "*example*"); do - echo "Validating $dag" - dagu dry "$dag" + echo "Validating ${dag}..." + dagu dry "${dag}" done diff --git a/playbooks/rinoa-render-dags.yml b/playbooks/rinoa-render-dags.yml index 22b99bc..69c219b 100644 --- a/playbooks/rinoa-render-dags.yml +++ b/playbooks/rinoa-render-dags.yml @@ -5,7 +5,7 @@ gather_facts: false vars: - dags_path: "{{ lookup('env', 'DAGS_PATH') | default(playbook_dir ~ '/../app-configs/rinoa/dagu/dags') }}" + dags_path: "{{ playbook_dir ~ '/../app-configs/rinoa/dagu/dags' }}" vault_addr: "{{ lookup('env', 'VAULT_ADDR') }}" vault_token: "{{ lookup('env', 'VAULT_TOKEN') }}" -- 2.52.0 From 99cb109fb40d46d159b2261c0de653a9bc5ac70c Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Sat, 13 Sep 2025 22:02:24 -0400 Subject: [PATCH 09/46] Tweaks for DAG-related items. --- .gitea/workflows/dag-config-check.yml | 1 + playbooks/rinoa-render-dags.yml | 19 +++++++++++++------ 2 files changed, 14 insertions(+), 6 deletions(-) diff --git a/.gitea/workflows/dag-config-check.yml b/.gitea/workflows/dag-config-check.yml index f890989..aac785a 100644 --- a/.gitea/workflows/dag-config-check.yml +++ b/.gitea/workflows/dag-config-check.yml @@ -44,6 +44,7 @@ jobs: - name: Install dagu run: | curl -L https://raw.githubusercontent.com/dagu-org/dagu/main/scripts/installer.sh | bash + dagu version - name: Validate DAGs run: | diff --git a/playbooks/rinoa-render-dags.yml b/playbooks/rinoa-render-dags.yml index 69c219b..1443b06 100644 --- a/playbooks/rinoa-render-dags.yml +++ b/playbooks/rinoa-render-dags.yml @@ -5,6 +5,7 @@ gather_facts: false vars: + # Hardcoded fallback for DAGs path dags_path: "{{ playbook_dir ~ '/../app-configs/rinoa/dagu/dags' }}" vault_addr: "{{ lookup('env', 'VAULT_ADDR') }}" vault_token: "{{ lookup('env', 'VAULT_TOKEN') }}" @@ -12,7 +13,11 @@ tasks: - name: Build list of DAG template files ansible.builtin.set_fact: - dag_templates: "{{ lookup('fileglob', dags_path ~ '/*.yaml.j2', wantlist=True) }}" + dag_templates: >- + {{ + lookup('ansible.builtin.fileglob', dags_path ~ '/*.yaml.j2', wantlist=True) + | default([]) + }} - name: Pre-check Vault secrets in templates when: dag_templates | length > 0 @@ -21,11 +26,13 @@ ansible.builtin.set_fact: vault_keys: >- {{ - dag_templates - | map('lookup', 'file', wantlist=True) - | map('regex_findall', - "lookup\\('community.hashi_vault.vault_kv2_get',\\s*'[^']+',\\s*engine_mount_point='[^']+',\\s*url=[^,]+,\\s*token=[^\\)]+\\)\\['secret'\\]\\['([^']+)'\\]") - | sum(start=[]) + ( + dag_templates + | map('file', 'r') + | map('regex_findall', + "lookup\\('community.hashi_vault.vault_kv2_get',\\s*'[^']+',\\s*engine_mount_point='[^']+',\\s*url=[^,]+,\\s*token=[^\\)]+\\)\\['secret'\\]\\['([^']+)'\\]") + | list + ) | default([]) }} - name: Warn if any Vault keys might be missing -- 2.52.0 From 4fd323885713b9f8c440d761bb32a127057ba54e Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Sat, 13 Sep 2025 22:07:24 -0400 Subject: [PATCH 10/46] Tweaks for DAG-related items. --- .gitea/workflows/dag-config-check.yml | 2 +- playbooks/rinoa-render-dags.yml | 15 ++++++++------- 2 files changed, 9 insertions(+), 8 deletions(-) diff --git a/.gitea/workflows/dag-config-check.yml b/.gitea/workflows/dag-config-check.yml index aac785a..04d42f3 100644 --- a/.gitea/workflows/dag-config-check.yml +++ b/.gitea/workflows/dag-config-check.yml @@ -49,6 +49,6 @@ jobs: - name: Validate DAGs run: | for dag in $(find ${DAGS_PATH} -type f -name "*.yaml" -a ! -name "*example*"); do - echo "Validating ${dag}..." + echo "========Validating ${dag}========" dagu dry "${dag}" done diff --git a/playbooks/rinoa-render-dags.yml b/playbooks/rinoa-render-dags.yml index 1443b06..4391bce 100644 --- a/playbooks/rinoa-render-dags.yml +++ b/playbooks/rinoa-render-dags.yml @@ -26,14 +26,15 @@ ansible.builtin.set_fact: vault_keys: >- {{ - ( - dag_templates - | map('file', 'r') - | map('regex_findall', - "lookup\\('community.hashi_vault.vault_kv2_get',\\s*'[^']+',\\s*engine_mount_point='[^']+',\\s*url=[^,]+,\\s*token=[^\\)]+\\)\\['secret'\\]\\['([^']+)'\\]") - | list - ) | default([]) + dag_templates + | map('file', 'r') + | select('string') + | map('regex_findall', + "lookup\\('community.hashi_vault.vault_kv2_get',\\s*'[^']+',\\s*engine_mount_point='[^']+',\\s*url=[^,]+,\\s*token=[^\\)]+\\)\\['secret'\\]\\['([^']+)'\\]") + | sum(start=[]) }} + when: dag_templates | length > 0 + - name: Warn if any Vault keys might be missing loop: "{{ vault_keys }}" -- 2.52.0 From 49432e16d9619e07268d188378517cf92c3584fe Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Sat, 13 Sep 2025 22:10:05 -0400 Subject: [PATCH 11/46] Tweaks for DAG-related items. --- .gitea/workflows/dag-config-check.yml | 2 +- playbooks/rinoa-render-dags.yml | 20 +++++++++++++++----- 2 files changed, 16 insertions(+), 6 deletions(-) diff --git a/.gitea/workflows/dag-config-check.yml b/.gitea/workflows/dag-config-check.yml index 04d42f3..bb586cb 100644 --- a/.gitea/workflows/dag-config-check.yml +++ b/.gitea/workflows/dag-config-check.yml @@ -49,6 +49,6 @@ jobs: - name: Validate DAGs run: | for dag in $(find ${DAGS_PATH} -type f -name "*.yaml" -a ! -name "*example*"); do - echo "========Validating ${dag}========" + echo "=========Validating ${dag}=========" dagu dry "${dag}" done diff --git a/playbooks/rinoa-render-dags.yml b/playbooks/rinoa-render-dags.yml index 4391bce..e5fc224 100644 --- a/playbooks/rinoa-render-dags.yml +++ b/playbooks/rinoa-render-dags.yml @@ -22,18 +22,28 @@ - name: Pre-check Vault secrets in templates when: dag_templates | length > 0 block: - - name: Find all Vault lookup expressions in templates + - name: Read each DAG template safely + ansible.builtin.slurp: + src: "{{ item }}" + loop: "{{ dag_templates }}" + register: slurped_templates + + - name: Extract Vault keys from DAG templates ansible.builtin.set_fact: vault_keys: >- {{ - dag_templates - | map('file', 'r') - | select('string') + slurped_templates.results + | map(attribute='content') + | map('b64decode') | map('regex_findall', "lookup\\('community.hashi_vault.vault_kv2_get',\\s*'[^']+',\\s*engine_mount_point='[^']+',\\s*url=[^,]+,\\s*token=[^\\)]+\\)\\['secret'\\]\\['([^']+)'\\]") | sum(start=[]) }} - when: dag_templates | length > 0 + + - name: Warn if any Vault keys might be missing + loop: "{{ vault_keys }}" + ansible.builtin.debug: + msg: "Vault key '{{ item }}' will be required by templates" - name: Warn if any Vault keys might be missing -- 2.52.0 From 31f269b1f590664be2119eee659ad384f564ab07 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Sat, 13 Sep 2025 22:12:55 -0400 Subject: [PATCH 12/46] Tweaks for DAG-related items. --- .gitea/workflows/dag-config-check.yml | 2 +- playbooks/rinoa-render-dags.yml | 32 --------------------------- 2 files changed, 1 insertion(+), 33 deletions(-) diff --git a/.gitea/workflows/dag-config-check.yml b/.gitea/workflows/dag-config-check.yml index bb586cb..ce509c8 100644 --- a/.gitea/workflows/dag-config-check.yml +++ b/.gitea/workflows/dag-config-check.yml @@ -49,6 +49,6 @@ jobs: - name: Validate DAGs run: | for dag in $(find ${DAGS_PATH} -type f -name "*.yaml" -a ! -name "*example*"); do - echo "=========Validating ${dag}=========" + echo "==========Validating ${dag}==========" dagu dry "${dag}" done diff --git a/playbooks/rinoa-render-dags.yml b/playbooks/rinoa-render-dags.yml index e5fc224..1d12f4c 100644 --- a/playbooks/rinoa-render-dags.yml +++ b/playbooks/rinoa-render-dags.yml @@ -19,38 +19,6 @@ | default([]) }} - - name: Pre-check Vault secrets in templates - when: dag_templates | length > 0 - block: - - name: Read each DAG template safely - ansible.builtin.slurp: - src: "{{ item }}" - loop: "{{ dag_templates }}" - register: slurped_templates - - - name: Extract Vault keys from DAG templates - ansible.builtin.set_fact: - vault_keys: >- - {{ - slurped_templates.results - | map(attribute='content') - | map('b64decode') - | map('regex_findall', - "lookup\\('community.hashi_vault.vault_kv2_get',\\s*'[^']+',\\s*engine_mount_point='[^']+',\\s*url=[^,]+,\\s*token=[^\\)]+\\)\\['secret'\\]\\['([^']+)'\\]") - | sum(start=[]) - }} - - - name: Warn if any Vault keys might be missing - loop: "{{ vault_keys }}" - ansible.builtin.debug: - msg: "Vault key '{{ item }}' will be required by templates" - - - - name: Warn if any Vault keys might be missing - loop: "{{ vault_keys }}" - ansible.builtin.debug: - msg: "Vault key '{{ item }}' will be required by templates" - - name: Render DAG templates in-place (guarded) when: dag_templates | length > 0 ansible.builtin.template: -- 2.52.0 From c1bbf772bb8fcec72929045911e7130af1757260 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Sat, 13 Sep 2025 22:15:15 -0400 Subject: [PATCH 13/46] Tweaks for DAG-related items. --- .gitea/workflows/dag-config-check.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitea/workflows/dag-config-check.yml b/.gitea/workflows/dag-config-check.yml index ce509c8..a6a37be 100644 --- a/.gitea/workflows/dag-config-check.yml +++ b/.gitea/workflows/dag-config-check.yml @@ -12,7 +12,7 @@ on: env: DAGS_PATH: "app-configs/rinoa/dagu/dags" VAULT_ADDR: ${{ secrets.VAULT_ADDR }} - VAULT_TOKEN: ${{ secrets.VAULT_TOKEN }} + VAULT_TOKEN: ${{ secrets.VAULT_GITEA_TOKEN }} jobs: validate: -- 2.52.0 From 82aec87962488bd30c38232ae8d83bf13fc5041b Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Sun, 14 Sep 2025 06:46:30 -0400 Subject: [PATCH 14/46] Still tweaking DAG-related items. --- .gitea/workflows/dag-config-check.yml | 2 +- playbooks/rinoa-render-dags.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.gitea/workflows/dag-config-check.yml b/.gitea/workflows/dag-config-check.yml index a6a37be..ce48615 100644 --- a/.gitea/workflows/dag-config-check.yml +++ b/.gitea/workflows/dag-config-check.yml @@ -49,6 +49,6 @@ jobs: - name: Validate DAGs run: | for dag in $(find ${DAGS_PATH} -type f -name "*.yaml" -a ! -name "*example*"); do - echo "==========Validating ${dag}==========" + echo "==========Validating ${dag}"==========" dagu dry "${dag}" done diff --git a/playbooks/rinoa-render-dags.yml b/playbooks/rinoa-render-dags.yml index 1d12f4c..357f9bd 100644 --- a/playbooks/rinoa-render-dags.yml +++ b/playbooks/rinoa-render-dags.yml @@ -8,7 +8,7 @@ # Hardcoded fallback for DAGs path dags_path: "{{ playbook_dir ~ '/../app-configs/rinoa/dagu/dags' }}" vault_addr: "{{ lookup('env', 'VAULT_ADDR') }}" - vault_token: "{{ lookup('env', 'VAULT_TOKEN') }}" + vault_token: "{{ lookup('env', 'VAULT_GITEA_TOKEN') }}" tasks: - name: Build list of DAG template files -- 2.52.0 From 2b4c8c5a7d0b4d734815570281a353aca6ba119f Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Sun, 14 Sep 2025 07:00:23 -0400 Subject: [PATCH 15/46] Still tweaking DAG-related items. --- .../rinoa/dagu/dags/mariadb-backups.yaml.j2 | 3 +++ group_vars/all.yml | 18 +++++++++--------- 2 files changed, 12 insertions(+), 9 deletions(-) diff --git a/app-configs/rinoa/dagu/dags/mariadb-backups.yaml.j2 b/app-configs/rinoa/dagu/dags/mariadb-backups.yaml.j2 index 7e6147e..0437c46 100644 --- a/app-configs/rinoa/dagu/dags/mariadb-backups.yaml.j2 +++ b/app-configs/rinoa/dagu/dags/mariadb-backups.yaml.j2 @@ -1,3 +1,6 @@ +{% set vault_addr = 'https://vault.trez.wtf' %} +{% set secrets_path = 'rinoa-docker/env' %} + name: mariadb-backup description: "Backup of all databases from MariaDB container" schedule: "30 23 * * *" diff --git a/group_vars/all.yml b/group_vars/all.yml index 51355e7..0870118 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -5,12 +5,12 @@ template_base_path: "{{ playbook_dir }}/app-configs" vault_addr: "https://vault.trez.wtf" vault_token: !vault | $ANSIBLE_VAULT;1.1;AES256 - 37656166373362653966353330313633313864646236643832616134646335613737383561383433 - 6565666166326532396662646365663136393339666336300a346435363038303638333462356464 - 30643538643165643765366334383662666133376466323436306633623939383531363630383836 - 6239396633666636640a666363383662323562663639386436363937376435626332656161393662 - 37373434303365333261346537373062633437323062373139613633333336316537633930303965 - 37373832646530303734323939616562653431316534313164616132636337313565643230323862 - 32643834363666353038643261663932623331646462643765336566346461643566326533343631 - 32396235343534623132383962383765393063626536383631323138316432646636656563353035 - 6461 \ No newline at end of file + 65333865316461653235633230653362613830633362636662643632323430376135396333386138 + 3365623536336433653431326164376638633138396334610a326230373862626164373965373266 + 38306434346665323237336130316161346662313366643461666134366239323732653632653135 + 6230666338653038310a326239316132366530333461653364326133303432363364353162326438 + 39376665306133393631356561316433363035333134633232316535643434353763306638643965 + 35373638326531333461623766616530363366623137303535623366336539643331643934376332 + 35636435666438373936376366623566346536336638653635643431653336613138383239323564 + 36666332303661623133306133373965383731396566323834353133363363326133376134313534 + 6139 \ No newline at end of file -- 2.52.0 From d6edd6e5121624550a4511d450accf2cf9816f9a Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Sun, 14 Sep 2025 07:03:29 -0400 Subject: [PATCH 16/46] Still tweaking DAG-related items. --- .gitea/workflows/dag-config-check.yml | 2 +- playbooks/rinoa-render-dags.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.gitea/workflows/dag-config-check.yml b/.gitea/workflows/dag-config-check.yml index ce48615..1842fe5 100644 --- a/.gitea/workflows/dag-config-check.yml +++ b/.gitea/workflows/dag-config-check.yml @@ -49,6 +49,6 @@ jobs: - name: Validate DAGs run: | for dag in $(find ${DAGS_PATH} -type f -name "*.yaml" -a ! -name "*example*"); do - echo "==========Validating ${dag}"==========" + echo "===========Validating ${dag}"===========" dagu dry "${dag}" done diff --git a/playbooks/rinoa-render-dags.yml b/playbooks/rinoa-render-dags.yml index 357f9bd..1d12f4c 100644 --- a/playbooks/rinoa-render-dags.yml +++ b/playbooks/rinoa-render-dags.yml @@ -8,7 +8,7 @@ # Hardcoded fallback for DAGs path dags_path: "{{ playbook_dir ~ '/../app-configs/rinoa/dagu/dags' }}" vault_addr: "{{ lookup('env', 'VAULT_ADDR') }}" - vault_token: "{{ lookup('env', 'VAULT_GITEA_TOKEN') }}" + vault_token: "{{ lookup('env', 'VAULT_TOKEN') }}" tasks: - name: Build list of DAG template files -- 2.52.0 From 370f54241f1fb09acba714ee816da393ed361361 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Sun, 14 Sep 2025 07:05:42 -0400 Subject: [PATCH 17/46] Typo fix. --- .gitea/workflows/dag-config-check.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitea/workflows/dag-config-check.yml b/.gitea/workflows/dag-config-check.yml index 1842fe5..51baeba 100644 --- a/.gitea/workflows/dag-config-check.yml +++ b/.gitea/workflows/dag-config-check.yml @@ -49,6 +49,6 @@ jobs: - name: Validate DAGs run: | for dag in $(find ${DAGS_PATH} -type f -name "*.yaml" -a ! -name "*example*"); do - echo "===========Validating ${dag}"===========" + echo "===========Validating ${dag"===========" dagu dry "${dag}" done -- 2.52.0 From 660bc98322248df160a11496e92d6d4c2c73fbff Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Sun, 14 Sep 2025 07:07:31 -0400 Subject: [PATCH 18/46] Typo fix. --- .gitea/workflows/dag-config-check.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitea/workflows/dag-config-check.yml b/.gitea/workflows/dag-config-check.yml index 51baeba..0510272 100644 --- a/.gitea/workflows/dag-config-check.yml +++ b/.gitea/workflows/dag-config-check.yml @@ -49,6 +49,6 @@ jobs: - name: Validate DAGs run: | for dag in $(find ${DAGS_PATH} -type f -name "*.yaml" -a ! -name "*example*"); do - echo "===========Validating ${dag"===========" + echo "===========Validating ${dag}===========" dagu dry "${dag}" done -- 2.52.0 From 91ce55b6dfd3a5da2c7acba911c89fbc3724109f Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Sun, 14 Sep 2025 07:58:26 -0400 Subject: [PATCH 19/46] Notifications and workflow triggers. --- .gitea/workflows/dag-config-check.yml | 83 +++++++++++++++++-- .../gitea_tar-valon_ansible_deploy.yml | 68 ++++++++++----- 2 files changed, 121 insertions(+), 30 deletions(-) diff --git a/.gitea/workflows/dag-config-check.yml b/.gitea/workflows/dag-config-check.yml index 0510272..db6160a 100644 --- a/.gitea/workflows/dag-config-check.yml +++ b/.gitea/workflows/dag-config-check.yml @@ -15,25 +15,63 @@ env: VAULT_TOKEN: ${{ secrets.VAULT_GITEA_TOKEN }} jobs: - validate: + validate-dags: + name: DAGU DAG(s) Validation runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - name: Checkout Repo + uses: actions/checkout@v4 + + - name: Gotify Notification + uses: eikendev/gotify-action@master + with: + gotify_api_base: '${{ secrets.GOTIFY_URL }}' + gotify_app_token: '${{ secrets.RUNNER_GOTIFY_TOKEN }}' + notification_title: 'GITEA: Dagu Validation' + notification_message: 'Setting up Ansible and Vault... 🏗️' - name: Install Ansible uses: alex-oleshkevich/setup-ansible@v1.0.1 with: version: "11.4.0" + - name: Cache Ansible Galaxy Collections + uses: actions/cache@v3 + with: + path: collections + key: ${{ runner.os }}-ansible-${{ hashFiles('./collections/requirements.yml') }} + restore-keys: | + ${{ runner.os }}-ansible- + - name: Set up Vault CLI uses: eLco/setup-vault@v1 with: vault_version: 1.18.0 + - name: Cache pip + uses: actions/cache@v4 + with: + path: ~/.cache/pip + key: ${{ runner.os }}-pip-${{ hashFiles('**/requirements*.txt') }} + restore-keys: | + ${{ runner.os }}-pip- + - name: Install hvac (Vault Python SDK) run: pip install hvac - - name: Render .yaml.j2 templates + - name: Gotify Notification + uses: eikendev/gotify-action@master + with: + gotify_api_base: '${{ secrets.GOTIFY_URL }}' + gotify_app_token: '${{ secrets.RUNNER_GOTIFY_TOKEN }}' + notification_title: 'GITEA: Dagu Validation' + notification_message: 'Ansible and Vault setups completed, starting Dagu validation... 🔬' + + - name: Install dagu + run: | + curl -L https://raw.githubusercontent.com/dagu-org/dagu/main/scripts/installer.sh | bash + + - name: Render DAG Jinja templates uses: dawidd6/action-ansible-playbook@v2 with: directory: . @@ -41,14 +79,41 @@ jobs: requirements: collections/requirements.yml playbook: playbooks/rinoa-render-dags.yml - - name: Install dagu - run: | - curl -L https://raw.githubusercontent.com/dagu-org/dagu/main/scripts/installer.sh | bash - dagu version - - name: Validate DAGs run: | for dag in $(find ${DAGS_PATH} -type f -name "*.yaml" -a ! -name "*example*"); do - echo "===========Validating ${dag}===========" + echo -e "\n\n===========Validating ${dag}===========" dagu dry "${dag}" done + echo "exit_code=$status" >> $GITHUB_OUTPUT + + - name: Gotify Notification + if: steps.validate-dags.outputs.exit_code == '0' + uses: eikendev/gotify-action@master + with: + gotify_api_base: '${{ secrets.GOTIFY_URL }}' + gotify_app_token: '${{ secrets.RUNNER_GOTIFY_TOKEN }}' + notification_title: 'GITEA: Dagu Validation' + notification_message: 'Dagu DAG validation passed! 🏁' + + - name: Gotify Notification + if: steps.validate-dags.outputs.exit_code != '0' + uses: eikendev/gotify-action@master + with: + gotify_api_base: '${{ secrets.GOTIFY_URL }}' + gotify_app_token: '${{ secrets.RUNNER_GOTIFY_TOKEN }}' + notification_title: 'GITEA: Dagu Validation' + notification_message: 'Dagu DAG validation failed! 🚫' + + - name: Write downstream trigger marker + if: steps.validate-dags.outputs.exit_code == '0' + run: | + echo "DAG validation completed at $(date -u)" > .dag-validation-complete + + - name: Add/Commit Validation Trigger File + id: commit-readme + uses: EndBug/add-and-commit@v9 + with: + add: ".dag-validation-complete" + default_author: ${{ github.actor }} + message: "chore: mark DAG validation complete" \ No newline at end of file diff --git a/.gitea/workflows/gitea_tar-valon_ansible_deploy.yml b/.gitea/workflows/gitea_tar-valon_ansible_deploy.yml index 93631f9..9d0dab5 100644 --- a/.gitea/workflows/gitea_tar-valon_ansible_deploy.yml +++ b/.gitea/workflows/gitea_tar-valon_ansible_deploy.yml @@ -2,11 +2,12 @@ name: Gitea Branch PR & Ansible Deployment on: workflow_dispatch: - workflow_run: - workflows: [Home Assistant Config Check, Validate DAGs] - types: - - completed - branches: main + # workflow_run will be supported in Gitea 1.25.x + # workflow_run: + # workflows: [Home Assistant Config Check, Validate DAGs] + # types: + # - completed + # branches: main push: branches-ignore: - 'main' @@ -16,6 +17,7 @@ on: - '!app-configs/rinoa/dagu/dags/**' env: + TEA_VERSION: '0.10.1' VAULT_ADDR: ${{ secrets.VAULT_ADDR }} VAULT_TOKEN: ${{ secrets.VAULT_GITEA_TOKEN }} @@ -33,9 +35,9 @@ jobs: - name: Install tea CLI uses: supplypike/setup-bin@v4 with: - uri: 'https://gitea.com/gitea/tea/releases/download/v0.9.2/tea-0.9.2-linux-amd64' + uri: 'https://gitea.com/gitea/tea/releases/download/v${{ env.TEA_VERSION }}/tea-${{ env.TEA_VERSION }}-linux-amd64' name: 'tea' - version: '0.9.2' + version: ${{ env.TEA_VERSION }} - name: Gotify Notification uses: eikendev/gotify-action@master @@ -96,13 +98,21 @@ jobs: with: version: "11.4.0" + - name: Set up Vault CLI + uses: eLco/setup-vault@v1 + with: + vault_version: 1.18.0 + + - name: Cache pip + uses: actions/cache@v4 + with: + path: ~/.cache/pip + key: ${{ runner.os }}-pip-${{ hashFiles('**/requirements*.txt') }} + restore-keys: | + ${{ runner.os }}-pip- + - name: Install Vault & hvac - run: | - sudo apt-get update && sudo apt-get install -y unzip - curl -fsSL https://releases.hashicorp.com/vault/1.18.0/vault_1.18.0_linux_amd64.zip -o vault.zip - unzip vault.zip - sudo mv vault /usr/local/bin/ - pip install hvac + run: pip install hvac - name: Gotify Notification uses: eikendev/gotify-action@master @@ -144,9 +154,9 @@ jobs: - name: Install tea uses: supplypike/setup-bin@v4 with: - uri: 'https://gitea.com/gitea/tea/releases/download/v0.9.2/tea-0.9.2-linux-amd64' + uri: 'https://gitea.com/gitea/tea/releases/download/v${{ env.TEA_VERSION }}/tea-${{ env.TEA_VERSION }}-linux-amd64' name: 'tea' - version: '0.9.2' + version: ${{ env.TEA_VERSION }} - name: PR Merge id: pr_merge @@ -181,18 +191,34 @@ jobs: with: ref: main + - name: Cache Ansible Galaxy Collections + uses: actions/cache@v3 + with: + path: collections + key: ${{ runner.os }}-ansible-${{ hashFiles('./collections/requirements.yml') }} + restore-keys: | + ${{ runner.os }}-ansible- + - name: Install Ansible uses: alex-oleshkevich/setup-ansible@v1.0.1 with: version: "11.4.0" + - name: Set up Vault CLI + uses: eLco/setup-vault@v1 + with: + vault_version: 1.18.0 + + - name: Cache pip + uses: actions/cache@v4 + with: + path: ~/.cache/pip + key: ${{ runner.os }}-pip-${{ hashFiles('**/requirements*.txt') }} + restore-keys: | + ${{ runner.os }}-pip- + - name: Install Vault & hvac - run: | - sudo apt-get update && sudo apt-get install -y unzip - curl -fsSL https://releases.hashicorp.com/vault/1.18.0/vault_1.18.0_linux_amd64.zip -o vault.zip - unzip vault.zip - sudo mv vault /usr/local/bin/ - pip install hvac + run: pip install hvac - name: Gotify Notification uses: eikendev/gotify-action@master -- 2.52.0 From c9cff006b5a038af8c7a734fcd7ec6923b2161ac Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Sun, 14 Sep 2025 07:59:59 -0400 Subject: [PATCH 20/46] Notifications and workflow triggers. --- .gitea/workflows/dag-config-check.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitea/workflows/dag-config-check.yml b/.gitea/workflows/dag-config-check.yml index db6160a..be1b1cf 100644 --- a/.gitea/workflows/dag-config-check.yml +++ b/.gitea/workflows/dag-config-check.yml @@ -115,5 +115,5 @@ jobs: uses: EndBug/add-and-commit@v9 with: add: ".dag-validation-complete" - default_author: ${{ github.actor }} + default_author: "${{ github.actor }}" message: "chore: mark DAG validation complete" \ No newline at end of file -- 2.52.0 From d3f0b9e681ef4a3b6bb4415973c4fec31bfa5b63 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Sun, 14 Sep 2025 08:02:14 -0400 Subject: [PATCH 21/46] Notifications and workflow triggers - typo fix. --- .gitea/workflows/dag-config-check.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitea/workflows/dag-config-check.yml b/.gitea/workflows/dag-config-check.yml index be1b1cf..8701baf 100644 --- a/.gitea/workflows/dag-config-check.yml +++ b/.gitea/workflows/dag-config-check.yml @@ -115,5 +115,5 @@ jobs: uses: EndBug/add-and-commit@v9 with: add: ".dag-validation-complete" - default_author: "${{ github.actor }}" + default_author: "${{ github_actor }}" message: "chore: mark DAG validation complete" \ No newline at end of file -- 2.52.0 From dfe3aaf17f392da260c1485b60746c223e2129ed Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Sun, 14 Sep 2025 08:08:12 -0400 Subject: [PATCH 22/46] Notifications and workflow triggers - typo fix. --- .gitea/workflows/dag-config-check.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitea/workflows/dag-config-check.yml b/.gitea/workflows/dag-config-check.yml index 8701baf..8078dd2 100644 --- a/.gitea/workflows/dag-config-check.yml +++ b/.gitea/workflows/dag-config-check.yml @@ -115,5 +115,5 @@ jobs: uses: EndBug/add-and-commit@v9 with: add: ".dag-validation-complete" - default_author: "${{ github_actor }}" + default_author: github_actor message: "chore: mark DAG validation complete" \ No newline at end of file -- 2.52.0 From 44352f8522323f2c23db25168507ab4a637493f2 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Sun, 14 Sep 2025 12:08:59 +0000 Subject: [PATCH 23/46] chore: mark DAG validation complete --- .dag-validation-complete | 1 + 1 file changed, 1 insertion(+) create mode 100644 .dag-validation-complete diff --git a/.dag-validation-complete b/.dag-validation-complete new file mode 100644 index 0000000..f5c7d1b --- /dev/null +++ b/.dag-validation-complete @@ -0,0 +1 @@ +DAG validation completed at Sun Sep 14 12:08:55 UTC 2025 -- 2.52.0 From 857c58d39572512c61da298b882c7744df1f0d95 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Sun, 14 Sep 2025 09:26:07 -0400 Subject: [PATCH 24/46] Testing workflow trigger. --- .gitea/workflows/dag-config-check.yml | 3 ++- .gitea/workflows/gitea_tar-valon_ansible_deploy.yml | 1 + 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/.gitea/workflows/dag-config-check.yml b/.gitea/workflows/dag-config-check.yml index 8078dd2..e70f1be 100644 --- a/.gitea/workflows/dag-config-check.yml +++ b/.gitea/workflows/dag-config-check.yml @@ -116,4 +116,5 @@ jobs: with: add: ".dag-validation-complete" default_author: github_actor - message: "chore: mark DAG validation complete" \ No newline at end of file + message: "chore: mark DAG validation complete" + push: true \ No newline at end of file diff --git a/.gitea/workflows/gitea_tar-valon_ansible_deploy.yml b/.gitea/workflows/gitea_tar-valon_ansible_deploy.yml index 9d0dab5..e894826 100644 --- a/.gitea/workflows/gitea_tar-valon_ansible_deploy.yml +++ b/.gitea/workflows/gitea_tar-valon_ansible_deploy.yml @@ -12,6 +12,7 @@ on: branches-ignore: - 'main' paths: + - '.dagu-validation-complete' - 'app-configs/**' - '!app-configs/rikku/homeassistant/**' - '!app-configs/rinoa/dagu/dags/**' -- 2.52.0 From 3608c4aeb9ea9fd0c72ff4000c8c2e589c7d2162 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Sun, 14 Sep 2025 13:27:31 +0000 Subject: [PATCH 25/46] chore: mark DAG validation complete --- .dag-validation-complete | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.dag-validation-complete b/.dag-validation-complete index f5c7d1b..c1aa44c 100644 --- a/.dag-validation-complete +++ b/.dag-validation-complete @@ -1 +1 @@ -DAG validation completed at Sun Sep 14 12:08:55 UTC 2025 +DAG validation completed at Sun Sep 14 13:27:28 UTC 2025 -- 2.52.0 From 097da18b5d82a987cd4fe339d70654781e696055 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Sun, 14 Sep 2025 09:32:17 -0400 Subject: [PATCH 26/46] Testing workflow trigger. --- .dag-validation-complete | 1 - .gitea/workflows/gitea_tar-valon_ansible_deploy.yml | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) delete mode 100644 .dag-validation-complete diff --git a/.dag-validation-complete b/.dag-validation-complete deleted file mode 100644 index c1aa44c..0000000 --- a/.dag-validation-complete +++ /dev/null @@ -1 +0,0 @@ -DAG validation completed at Sun Sep 14 13:27:28 UTC 2025 diff --git a/.gitea/workflows/gitea_tar-valon_ansible_deploy.yml b/.gitea/workflows/gitea_tar-valon_ansible_deploy.yml index e894826..161ffae 100644 --- a/.gitea/workflows/gitea_tar-valon_ansible_deploy.yml +++ b/.gitea/workflows/gitea_tar-valon_ansible_deploy.yml @@ -12,7 +12,7 @@ on: branches-ignore: - 'main' paths: - - '.dagu-validation-complete' + - '**/.dagu-validation-complete' - 'app-configs/**' - '!app-configs/rikku/homeassistant/**' - '!app-configs/rinoa/dagu/dags/**' -- 2.52.0 From 88109a715b93b0f7bb684ac62afabdd8ec4ba7f4 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Sun, 14 Sep 2025 09:34:00 -0400 Subject: [PATCH 27/46] Testing workflow trigger. --- .gitea/workflows/dag-config-check.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitea/workflows/dag-config-check.yml b/.gitea/workflows/dag-config-check.yml index e70f1be..6242cf4 100644 --- a/.gitea/workflows/dag-config-check.yml +++ b/.gitea/workflows/dag-config-check.yml @@ -82,7 +82,7 @@ jobs: - name: Validate DAGs run: | for dag in $(find ${DAGS_PATH} -type f -name "*.yaml" -a ! -name "*example*"); do - echo -e "\n\n===========Validating ${dag}===========" + echo -e "\n\n===========Validating ${dag}===========\n" dagu dry "${dag}" done echo "exit_code=$status" >> $GITHUB_OUTPUT -- 2.52.0 From 5d3210ce69f5d5e3418caf573ae5462238f9ce96 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Sun, 14 Sep 2025 13:35:12 +0000 Subject: [PATCH 28/46] chore: mark DAG validation complete --- .dag-validation-complete | 1 + 1 file changed, 1 insertion(+) create mode 100644 .dag-validation-complete diff --git a/.dag-validation-complete b/.dag-validation-complete new file mode 100644 index 0000000..14e13ab --- /dev/null +++ b/.dag-validation-complete @@ -0,0 +1 @@ +DAG validation completed at Sun Sep 14 13:35:08 UTC 2025 -- 2.52.0 From 8e7f85b8fc0aec28ad5ad7b5294c95e2bd719872 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Sun, 14 Sep 2025 09:44:57 -0400 Subject: [PATCH 29/46] Testing workflow trigger. --- .gitea/workflows/dag-config-check.yml | 19 +++++++------------ .../gitea_tar-valon_ansible_deploy.yml | 1 - 2 files changed, 7 insertions(+), 13 deletions(-) diff --git a/.gitea/workflows/dag-config-check.yml b/.gitea/workflows/dag-config-check.yml index 6242cf4..c4a4c1c 100644 --- a/.gitea/workflows/dag-config-check.yml +++ b/.gitea/workflows/dag-config-check.yml @@ -105,16 +105,11 @@ jobs: notification_title: 'GITEA: Dagu Validation' notification_message: 'Dagu DAG validation failed! 🚫' - - name: Write downstream trigger marker - if: steps.validate-dags.outputs.exit_code == '0' + - name: Trigger downstream workflow run: | - echo "DAG validation completed at $(date -u)" > .dag-validation-complete - - - name: Add/Commit Validation Trigger File - id: commit-readme - uses: EndBug/add-and-commit@v9 - with: - add: ".dag-validation-complete" - default_author: github_actor - message: "chore: mark DAG validation complete" - push: true \ No newline at end of file + BRANCH="${GITHUB_REF_NAME}" + curl -X POST \ + -H "Authorization: token ${{ secrets.BOT_GITEA_TOKEN }}" \ + -H "Content-Type: application/json" \ + "https://git.trez.wtf/api/v1/repos/Trez/tar-valon-ansible/actions/workflows/gitea_tar-valon_ansible_deploy.yml/dispatches" \ + -d "{\"ref\":\"${BRANCH}\"}" \ No newline at end of file diff --git a/.gitea/workflows/gitea_tar-valon_ansible_deploy.yml b/.gitea/workflows/gitea_tar-valon_ansible_deploy.yml index 161ffae..9d0dab5 100644 --- a/.gitea/workflows/gitea_tar-valon_ansible_deploy.yml +++ b/.gitea/workflows/gitea_tar-valon_ansible_deploy.yml @@ -12,7 +12,6 @@ on: branches-ignore: - 'main' paths: - - '**/.dagu-validation-complete' - 'app-configs/**' - '!app-configs/rikku/homeassistant/**' - '!app-configs/rinoa/dagu/dags/**' -- 2.52.0 From 988f7fdbc62e503def2447d19308041799f00131 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Sun, 14 Sep 2025 09:57:54 -0400 Subject: [PATCH 30/46] Fix for template_base_path. --- group_vars/all.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/group_vars/all.yml b/group_vars/all.yml index 0870118..d6db020 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -1,6 +1,6 @@ --- # Base path for all templates -template_base_path: "{{ playbook_dir }}/app-configs" +template_base_path: "{{ playbook_dir }} ~ '../app-configs'" # Vault server address vault_addr: "https://vault.trez.wtf" vault_token: !vault | -- 2.52.0 From dff7ab1486bfae9405c6376b96097ed8ec6779d4 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Sun, 14 Sep 2025 10:10:09 -0400 Subject: [PATCH 31/46] Ansible base_path tweak. --- .dag-validation-complete | 1 - .gitea/workflows/gitea_tar-valon_ansible_deploy.yml | 3 +++ group_vars/all.yml | 4 ++-- 3 files changed, 5 insertions(+), 3 deletions(-) delete mode 100644 .dag-validation-complete diff --git a/.dag-validation-complete b/.dag-validation-complete deleted file mode 100644 index 14e13ab..0000000 --- a/.dag-validation-complete +++ /dev/null @@ -1 +0,0 @@ -DAG validation completed at Sun Sep 14 13:35:08 UTC 2025 diff --git a/.gitea/workflows/gitea_tar-valon_ansible_deploy.yml b/.gitea/workflows/gitea_tar-valon_ansible_deploy.yml index 9d0dab5..8d8f9e4 100644 --- a/.gitea/workflows/gitea_tar-valon_ansible_deploy.yml +++ b/.gitea/workflows/gitea_tar-valon_ansible_deploy.yml @@ -13,6 +13,9 @@ on: - 'main' paths: - 'app-configs/**' + - 'collections/**' + - 'group_vars/**' + - 'inventory/**' - '!app-configs/rikku/homeassistant/**' - '!app-configs/rinoa/dagu/dags/**' diff --git a/group_vars/all.yml b/group_vars/all.yml index d6db020..9e8b281 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -1,6 +1,6 @@ --- # Base path for all templates -template_base_path: "{{ playbook_dir }} ~ '../app-configs'" +template_base_path: "./app-configs" # Vault server address vault_addr: "https://vault.trez.wtf" vault_token: !vault | @@ -13,4 +13,4 @@ vault_token: !vault | 35373638326531333461623766616530363366623137303535623366336539643331643934376332 35636435666438373936376366623566346536336638653635643431653336613138383239323564 36666332303661623133306133373965383731396566323834353133363363326133376134313534 - 6139 \ No newline at end of file + 6139 -- 2.52.0 From bf7371e5f31d2a0472ae6353cf615fc4c31d9335 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Sun, 14 Sep 2025 10:20:10 -0400 Subject: [PATCH 32/46] ... --- .gitea/workflows/gitea_tar-valon_ansible_deploy.yml | 1 + playbooks/tar-valon_config_deploy.yml | 3 +++ 2 files changed, 4 insertions(+) diff --git a/.gitea/workflows/gitea_tar-valon_ansible_deploy.yml b/.gitea/workflows/gitea_tar-valon_ansible_deploy.yml index 8d8f9e4..1c3270f 100644 --- a/.gitea/workflows/gitea_tar-valon_ansible_deploy.yml +++ b/.gitea/workflows/gitea_tar-valon_ansible_deploy.yml @@ -16,6 +16,7 @@ on: - 'collections/**' - 'group_vars/**' - 'inventory/**' + - 'playbooks/**' - '!app-configs/rikku/homeassistant/**' - '!app-configs/rinoa/dagu/dags/**' diff --git a/playbooks/tar-valon_config_deploy.yml b/playbooks/tar-valon_config_deploy.yml index b7eb516..ab390e0 100644 --- a/playbooks/tar-valon_config_deploy.yml +++ b/playbooks/tar-valon_config_deploy.yml @@ -6,6 +6,9 @@ - benedikta gather_facts: false + vars: + template_base_path: "{{ playbook_dir }}/../app-configs" + pre_tasks: - name: Find all files for this host ansible.builtin.find: -- 2.52.0 From 7a5f7fe5ebd86c9f556e3a259d8d63b92f5dd42b Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Sun, 14 Sep 2025 10:23:40 -0400 Subject: [PATCH 33/46] ... --- playbooks/tar-valon_config_deploy.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/playbooks/tar-valon_config_deploy.yml b/playbooks/tar-valon_config_deploy.yml index ab390e0..4df97ad 100644 --- a/playbooks/tar-valon_config_deploy.yml +++ b/playbooks/tar-valon_config_deploy.yml @@ -27,12 +27,13 @@ | map(attribute='path') | map('relpath', template_base_path ~ '/' ~ inventory_hostname) | map('dirname') - | map('regex_replace', '^(.*)$', appdata_base_path ~ '/\1') + | map('regex_replace', '^(.*)$', hostvars[inventory_hostname]['appdata_base_path'] ~ '/\1') | unique | list }} changed_when: false + tasks: - name: Ensure destination directories exist (unique set) ansible.builtin.file: -- 2.52.0 From 608bc4cc1efe4430577a5609c5c44da25ef730d0 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Sun, 14 Sep 2025 10:28:01 -0400 Subject: [PATCH 34/46] ... --- playbooks/tar-valon_config_deploy.yml | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/playbooks/tar-valon_config_deploy.yml b/playbooks/tar-valon_config_deploy.yml index 4df97ad..39a09fe 100644 --- a/playbooks/tar-valon_config_deploy.yml +++ b/playbooks/tar-valon_config_deploy.yml @@ -27,11 +27,18 @@ | map(attribute='path') | map('relpath', template_base_path ~ '/' ~ inventory_hostname) | map('dirname') - | map('regex_replace', '^(.*)$', hostvars[inventory_hostname]['appdata_base_path'] ~ '/\1') + | map('regex_replace', '^(.*)$', appdata_base_path_map[inventory_hostname] ~ '/\1') | unique | list }} + vars: + appdata_base_path_map: + rinoa: "{{ hostvars['rinoa']['appdata_base_path'] }}" + rikku: "{{ hostvars['rikku']['appdata_base_path'] }}" + benedikta: "{{ hostvars['benedikta']['appdata_base_path'] }}" changed_when: false + delegate_to: localhost + run_once: true tasks: -- 2.52.0 From ec73c393eacfdb4c63ddd4a41c7d19a9eb86fb0d Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Sun, 14 Sep 2025 10:34:08 -0400 Subject: [PATCH 35/46] ... --- playbooks/tar-valon_config_deploy.yml | 15 ++++----------- 1 file changed, 4 insertions(+), 11 deletions(-) diff --git a/playbooks/tar-valon_config_deploy.yml b/playbooks/tar-valon_config_deploy.yml index 39a09fe..27eb010 100644 --- a/playbooks/tar-valon_config_deploy.yml +++ b/playbooks/tar-valon_config_deploy.yml @@ -15,8 +15,6 @@ paths: "{{ template_base_path }}/{{ inventory_hostname }}" recurse: true register: host_files - delegate_to: localhost - run_once: true changed_when: false - name: Build list of unique destination directories @@ -27,19 +25,11 @@ | map(attribute='path') | map('relpath', template_base_path ~ '/' ~ inventory_hostname) | map('dirname') - | map('regex_replace', '^(.*)$', appdata_base_path_map[inventory_hostname] ~ '/\1') + | map('regex_replace', '^(.*)$', appdata_base_path ~ '/\1') | unique | list }} - vars: - appdata_base_path_map: - rinoa: "{{ hostvars['rinoa']['appdata_base_path'] }}" - rikku: "{{ hostvars['rikku']['appdata_base_path'] }}" - benedikta: "{{ hostvars['benedikta']['appdata_base_path'] }}" changed_when: false - delegate_to: localhost - run_once: true - tasks: - name: Ensure destination directories exist (unique set) @@ -50,6 +40,7 @@ loop: "{{ dest_dirs }}" loop_control: label: "{{ item }}" + changed_when: false # mark pre-existing directories as unchanged - name: Deploy Jinja2 templates (skip unchanged) ansible.builtin.template: @@ -59,6 +50,7 @@ | relpath(template_base_path ~ '/' ~ inventory_hostname) | regex_replace('\.j2$', '') }} mode: '0644' + force: no # skip unchanged templates loop: "{{ host_files.files }}" loop_control: label: "{{ item.path }}" @@ -72,6 +64,7 @@ | relpath(template_base_path ~ '/' ~ inventory_hostname) }} mode: '0644' remote_src: false + force: no # skip unchanged files loop: "{{ host_files.files }}" loop_control: label: "{{ item.path }}" -- 2.52.0 From 16a392bb414a47aa1d0f52fb95121dbfd3d63110 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Sun, 14 Sep 2025 11:01:54 -0400 Subject: [PATCH 36/46] ... --- playbooks/tar-valon_config_deploy.yml | 31 +++++++++++++++------------ 1 file changed, 17 insertions(+), 14 deletions(-) diff --git a/playbooks/tar-valon_config_deploy.yml b/playbooks/tar-valon_config_deploy.yml index 27eb010..0b4918a 100644 --- a/playbooks/tar-valon_config_deploy.yml +++ b/playbooks/tar-valon_config_deploy.yml @@ -10,29 +10,32 @@ template_base_path: "{{ playbook_dir }}/../app-configs" pre_tasks: - - name: Find all files for this host + - name: Find all files for all hosts ansible.builtin.find: - paths: "{{ template_base_path }}/{{ inventory_hostname }}" + paths: "{{ template_base_path }}" recurse: true - register: host_files + register: all_files + delegate_to: localhost + run_once: true changed_when: false - - name: Build list of unique destination directories + - name: Filter files for this host and build unique destination directories ansible.builtin.set_fact: + host_files: "{{ all_files.files | selectattr('path', 'match', '^' + template_base_path + '/' + inventory_hostname) | list }}" dest_dirs: >- {{ - host_files.files + host_files | map(attribute='path') | map('relpath', template_base_path ~ '/' ~ inventory_hostname) | map('dirname') - | map('regex_replace', '^(.*)$', appdata_base_path ~ '/\1') + | map('regex_replace', '^(.*)$', hostvars[inventory_hostname]['appdata_base_path'] ~ '/\1') | unique | list }} changed_when: false tasks: - - name: Ensure destination directories exist (unique set) + - name: Ensure destination directories exist ansible.builtin.file: path: "{{ item }}" state: directory @@ -40,18 +43,18 @@ loop: "{{ dest_dirs }}" loop_control: label: "{{ item }}" - changed_when: false # mark pre-existing directories as unchanged + changed_when: false - name: Deploy Jinja2 templates (skip unchanged) ansible.builtin.template: src: "{{ item.path }}" dest: >- - {{ appdata_base_path }}/{{ item.path + {{ hostvars[inventory_hostname]['appdata_base_path'] }}/{{ item.path | relpath(template_base_path ~ '/' ~ inventory_hostname) | regex_replace('\.j2$', '') }} mode: '0644' - force: no # skip unchanged templates - loop: "{{ host_files.files }}" + force: no + loop: "{{ host_files }}" loop_control: label: "{{ item.path }}" when: item.path.endswith('.j2') @@ -60,12 +63,12 @@ ansible.builtin.copy: src: "{{ item.path }}" dest: >- - {{ appdata_base_path }}/{{ item.path + {{ hostvars[inventory_hostname]['appdata_base_path'] }}/{{ item.path | relpath(template_base_path ~ '/' ~ inventory_hostname) }} mode: '0644' remote_src: false - force: no # skip unchanged files - loop: "{{ host_files.files }}" + force: no + loop: "{{ host_files }}" loop_control: label: "{{ item.path }}" when: not item.path.endswith('.j2') -- 2.52.0 From 2e9d8c321e9ba1d6ab73d0896fbf50d1ec1cf145 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Sun, 14 Sep 2025 11:10:25 -0400 Subject: [PATCH 37/46] ... --- group_vars/all.yml | 2 +- playbooks/tar-valon_config_deploy.yml | 29 ++++++++++----------------- 2 files changed, 12 insertions(+), 19 deletions(-) diff --git a/group_vars/all.yml b/group_vars/all.yml index 9e8b281..3ed7a49 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -1,6 +1,6 @@ --- # Base path for all templates -template_base_path: "./app-configs" +template_base_path: "{{ playbook_dir }}/../app-configs" # Vault server address vault_addr: "https://vault.trez.wtf" vault_token: !vault | diff --git a/playbooks/tar-valon_config_deploy.yml b/playbooks/tar-valon_config_deploy.yml index 0b4918a..b7eb516 100644 --- a/playbooks/tar-valon_config_deploy.yml +++ b/playbooks/tar-valon_config_deploy.yml @@ -6,36 +6,32 @@ - benedikta gather_facts: false - vars: - template_base_path: "{{ playbook_dir }}/../app-configs" - pre_tasks: - - name: Find all files for all hosts + - name: Find all files for this host ansible.builtin.find: - paths: "{{ template_base_path }}" + paths: "{{ template_base_path }}/{{ inventory_hostname }}" recurse: true - register: all_files + register: host_files delegate_to: localhost run_once: true changed_when: false - - name: Filter files for this host and build unique destination directories + - name: Build list of unique destination directories ansible.builtin.set_fact: - host_files: "{{ all_files.files | selectattr('path', 'match', '^' + template_base_path + '/' + inventory_hostname) | list }}" dest_dirs: >- {{ - host_files + host_files.files | map(attribute='path') | map('relpath', template_base_path ~ '/' ~ inventory_hostname) | map('dirname') - | map('regex_replace', '^(.*)$', hostvars[inventory_hostname]['appdata_base_path'] ~ '/\1') + | map('regex_replace', '^(.*)$', appdata_base_path ~ '/\1') | unique | list }} changed_when: false tasks: - - name: Ensure destination directories exist + - name: Ensure destination directories exist (unique set) ansible.builtin.file: path: "{{ item }}" state: directory @@ -43,18 +39,16 @@ loop: "{{ dest_dirs }}" loop_control: label: "{{ item }}" - changed_when: false - name: Deploy Jinja2 templates (skip unchanged) ansible.builtin.template: src: "{{ item.path }}" dest: >- - {{ hostvars[inventory_hostname]['appdata_base_path'] }}/{{ item.path + {{ appdata_base_path }}/{{ item.path | relpath(template_base_path ~ '/' ~ inventory_hostname) | regex_replace('\.j2$', '') }} mode: '0644' - force: no - loop: "{{ host_files }}" + loop: "{{ host_files.files }}" loop_control: label: "{{ item.path }}" when: item.path.endswith('.j2') @@ -63,12 +57,11 @@ ansible.builtin.copy: src: "{{ item.path }}" dest: >- - {{ hostvars[inventory_hostname]['appdata_base_path'] }}/{{ item.path + {{ appdata_base_path }}/{{ item.path | relpath(template_base_path ~ '/' ~ inventory_hostname) }} mode: '0644' remote_src: false - force: no - loop: "{{ host_files }}" + loop: "{{ host_files.files }}" loop_control: label: "{{ item.path }}" when: not item.path.endswith('.j2') -- 2.52.0 From 2e5bd27be5c3fe2703b3035decc15086dc5b54aa Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Sun, 14 Sep 2025 11:18:07 -0400 Subject: [PATCH 38/46] ... --- group_vars/all.yml | 2 +- playbooks/tar-valon_config_deploy.yml | 3 +++ 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/group_vars/all.yml b/group_vars/all.yml index 3ed7a49..f67073a 100644 --- a/group_vars/all.yml +++ b/group_vars/all.yml @@ -1,6 +1,6 @@ --- # Base path for all templates -template_base_path: "{{ playbook_dir }}/../app-configs" +# template_base_path: "{{ playbook_dir }}/../app-configs" # Vault server address vault_addr: "https://vault.trez.wtf" vault_token: !vault | diff --git a/playbooks/tar-valon_config_deploy.yml b/playbooks/tar-valon_config_deploy.yml index b7eb516..ab390e0 100644 --- a/playbooks/tar-valon_config_deploy.yml +++ b/playbooks/tar-valon_config_deploy.yml @@ -6,6 +6,9 @@ - benedikta gather_facts: false + vars: + template_base_path: "{{ playbook_dir }}/../app-configs" + pre_tasks: - name: Find all files for this host ansible.builtin.find: -- 2.52.0 From 9012bddc51234ac67d005aa42f65cf32524b822d Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Sun, 14 Sep 2025 11:22:11 -0400 Subject: [PATCH 39/46] ... --- playbooks/tar-valon_config_deploy.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/playbooks/tar-valon_config_deploy.yml b/playbooks/tar-valon_config_deploy.yml index ab390e0..4a5a5cc 100644 --- a/playbooks/tar-valon_config_deploy.yml +++ b/playbooks/tar-valon_config_deploy.yml @@ -27,11 +27,13 @@ | map(attribute='path') | map('relpath', template_base_path ~ '/' ~ inventory_hostname) | map('dirname') - | map('regex_replace', '^(.*)$', appdata_base_path ~ '/\1') + | map('regex_replace', '^(.*)$', hostvars[inventory_hostname]['appdata_base_path'] ~ '/\\1') | unique | list }} changed_when: false + delegate_to: localhost + run_once: true tasks: - name: Ensure destination directories exist (unique set) -- 2.52.0 From 4e992ace0f3423ec56cbeeb1a40cd298f91cb94f Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Sun, 14 Sep 2025 11:26:05 -0400 Subject: [PATCH 40/46] ... --- playbooks/tar-valon_config_deploy.yml | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/playbooks/tar-valon_config_deploy.yml b/playbooks/tar-valon_config_deploy.yml index 4a5a5cc..a51f1a3 100644 --- a/playbooks/tar-valon_config_deploy.yml +++ b/playbooks/tar-valon_config_deploy.yml @@ -15,9 +15,8 @@ paths: "{{ template_base_path }}/{{ inventory_hostname }}" recurse: true register: host_files + run_once: true # can remain run_once, finds files once for all hosts delegate_to: localhost - run_once: true - changed_when: false - name: Build list of unique destination directories ansible.builtin.set_fact: @@ -27,13 +26,12 @@ | map(attribute='path') | map('relpath', template_base_path ~ '/' ~ inventory_hostname) | map('dirname') - | map('regex_replace', '^(.*)$', hostvars[inventory_hostname]['appdata_base_path'] ~ '/\\1') + | map('regex_replace', '^(.*)$', appdata_base_path ~ '/\\1') | unique | list }} changed_when: false - delegate_to: localhost - run_once: true + run_once: false tasks: - name: Ensure destination directories exist (unique set) -- 2.52.0 From eff0d92488e3660fb05581c3a86ed0111e04b5a6 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Sun, 14 Sep 2025 11:28:59 -0400 Subject: [PATCH 41/46] ... --- playbooks/tar-valon_config_deploy.yml | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/playbooks/tar-valon_config_deploy.yml b/playbooks/tar-valon_config_deploy.yml index a51f1a3..4783cdf 100644 --- a/playbooks/tar-valon_config_deploy.yml +++ b/playbooks/tar-valon_config_deploy.yml @@ -10,15 +10,16 @@ template_base_path: "{{ playbook_dir }}/../app-configs" pre_tasks: - - name: Find all files for this host + - name: Find all files for all hosts (run once on localhost) ansible.builtin.find: paths: "{{ template_base_path }}/{{ inventory_hostname }}" recurse: true register: host_files - run_once: true # can remain run_once, finds files once for all hosts delegate_to: localhost + run_once: true + changed_when: false - - name: Build list of unique destination directories + - name: Build list of unique destination directories per host ansible.builtin.set_fact: dest_dirs: >- {{ @@ -31,7 +32,7 @@ | list }} changed_when: false - run_once: false + run_once: false # run per host, so host_vars are available tasks: - name: Ensure destination directories exist (unique set) @@ -59,9 +60,7 @@ - name: Deploy static files (skip unchanged) ansible.builtin.copy: src: "{{ item.path }}" - dest: >- - {{ appdata_base_path }}/{{ item.path - | relpath(template_base_path ~ '/' ~ inventory_hostname) }} + dest: "{{ appdata_base_path }}/{{ item.path | relpath(template_base_path ~ '/' ~ inventory_hostname) }}" mode: '0644' remote_src: false loop: "{{ host_files.files }}" -- 2.52.0 From d9d8ca784db884b7a99c48ffc63a3daca2921d99 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Sun, 14 Sep 2025 11:41:23 -0400 Subject: [PATCH 42/46] ... --- playbooks/tar-valon_config_deploy.yml | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/playbooks/tar-valon_config_deploy.yml b/playbooks/tar-valon_config_deploy.yml index 4783cdf..f7c58da 100644 --- a/playbooks/tar-valon_config_deploy.yml +++ b/playbooks/tar-valon_config_deploy.yml @@ -10,13 +10,12 @@ template_base_path: "{{ playbook_dir }}/../app-configs" pre_tasks: - - name: Find all files for all hosts (run once on localhost) + - name: Find all files for this host ansible.builtin.find: paths: "{{ template_base_path }}/{{ inventory_hostname }}" recurse: true register: host_files - delegate_to: localhost - run_once: true + run_once: false # per host changed_when: false - name: Build list of unique destination directories per host @@ -32,7 +31,6 @@ | list }} changed_when: false - run_once: false # run per host, so host_vars are available tasks: - name: Ensure destination directories exist (unique set) -- 2.52.0 From a31945a61617e2403a27128931f3d894d2481c14 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Sun, 14 Sep 2025 11:47:55 -0400 Subject: [PATCH 43/46] ... --- playbooks/tar-valon_config_deploy.yml | 29 ++++++++++++++++++++------- 1 file changed, 22 insertions(+), 7 deletions(-) diff --git a/playbooks/tar-valon_config_deploy.yml b/playbooks/tar-valon_config_deploy.yml index f7c58da..181de52 100644 --- a/playbooks/tar-valon_config_deploy.yml +++ b/playbooks/tar-valon_config_deploy.yml @@ -10,19 +10,33 @@ template_base_path: "{{ playbook_dir }}/../app-configs" pre_tasks: - - name: Find all files for this host + - name: Find all files for each host (on localhost) ansible.builtin.find: - paths: "{{ template_base_path }}/{{ inventory_hostname }}" + paths: "{{ template_base_path }}/{{ item }}" recurse: true - register: host_files - run_once: false # per host + loop: "{{ ansible_play_hosts }}" + loop_control: + loop_var: item + register: host_files_results + delegate_to: localhost changed_when: false + - name: Set host_files fact for this host + set_fact: + host_files: >- + {{ + host_files_results.results + | selectattr('item','equalto',inventory_hostname) + | map(attribute='files') + | first + }} + run_once: false + - name: Build list of unique destination directories per host ansible.builtin.set_fact: dest_dirs: >- {{ - host_files.files + host_files | map(attribute='path') | map('relpath', template_base_path ~ '/' ~ inventory_hostname) | map('dirname') @@ -31,6 +45,7 @@ | list }} changed_when: false + run_once: false tasks: - name: Ensure destination directories exist (unique set) @@ -50,7 +65,7 @@ | relpath(template_base_path ~ '/' ~ inventory_hostname) | regex_replace('\.j2$', '') }} mode: '0644' - loop: "{{ host_files.files }}" + loop: "{{ host_files }}" loop_control: label: "{{ item.path }}" when: item.path.endswith('.j2') @@ -61,7 +76,7 @@ dest: "{{ appdata_base_path }}/{{ item.path | relpath(template_base_path ~ '/' ~ inventory_hostname) }}" mode: '0644' remote_src: false - loop: "{{ host_files.files }}" + loop: "{{ host_files }}" loop_control: label: "{{ item.path }}" when: not item.path.endswith('.j2') -- 2.52.0 From 5159da062087eddc9a09e5ef9e04d2bb39a47092 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Sun, 14 Sep 2025 11:54:26 -0400 Subject: [PATCH 44/46] ... --- playbooks/tar-valon_config_deploy.yml | 79 ++++++++++----------------- 1 file changed, 29 insertions(+), 50 deletions(-) diff --git a/playbooks/tar-valon_config_deploy.yml b/playbooks/tar-valon_config_deploy.yml index 181de52..98ffa3f 100644 --- a/playbooks/tar-valon_config_deploy.yml +++ b/playbooks/tar-valon_config_deploy.yml @@ -10,30 +10,21 @@ template_base_path: "{{ playbook_dir }}/../app-configs" pre_tasks: - - name: Find all files for each host (on localhost) - ansible.builtin.find: + - name: Gather files for all hosts (on localhost) + find: paths: "{{ template_base_path }}/{{ item }}" recurse: true loop: "{{ ansible_play_hosts }}" loop_control: loop_var: item - register: host_files_results + register: files_per_host delegate_to: localhost changed_when: false - - name: Set host_files fact for this host - set_fact: - host_files: >- - {{ - host_files_results.results - | selectattr('item','equalto',inventory_hostname) - | map(attribute='files') - | first - }} - run_once: false - - - name: Build list of unique destination directories per host - ansible.builtin.set_fact: + tasks: + - name: Deploy files to each host + vars: + host_files: "{{ files_per_host.results | selectattr('item','equalto',inventory_hostname) | map(attribute='files') | first }}" dest_dirs: >- {{ host_files @@ -44,39 +35,27 @@ | unique | list }} - changed_when: false - run_once: false + block: + - name: Ensure destination directories exist + file: + path: "{{ item }}" + state: directory + mode: '0755' + loop: "{{ dest_dirs }}" - tasks: - - name: Ensure destination directories exist (unique set) - ansible.builtin.file: - path: "{{ item }}" - state: directory - mode: '0755' - loop: "{{ dest_dirs }}" - loop_control: - label: "{{ item }}" + - name: Deploy Jinja2 templates + template: + src: "{{ item.path }}" + dest: "{{ appdata_base_path }}/{{ item.path | relpath(template_base_path ~ '/' ~ inventory_hostname) | regex_replace('\.j2$', '') }}" + mode: '0644' + loop: "{{ host_files }}" + when: item.path.endswith('.j2') - - name: Deploy Jinja2 templates (skip unchanged) - ansible.builtin.template: - src: "{{ item.path }}" - dest: >- - {{ appdata_base_path }}/{{ item.path - | relpath(template_base_path ~ '/' ~ inventory_hostname) - | regex_replace('\.j2$', '') }} - mode: '0644' - loop: "{{ host_files }}" - loop_control: - label: "{{ item.path }}" - when: item.path.endswith('.j2') - - - name: Deploy static files (skip unchanged) - ansible.builtin.copy: - src: "{{ item.path }}" - dest: "{{ appdata_base_path }}/{{ item.path | relpath(template_base_path ~ '/' ~ inventory_hostname) }}" - mode: '0644' - remote_src: false - loop: "{{ host_files }}" - loop_control: - label: "{{ item.path }}" - when: not item.path.endswith('.j2') + - name: Deploy static files + copy: + src: "{{ item.path }}" + dest: "{{ appdata_base_path }}/{{ item.path | relpath(template_base_path ~ '/' ~ inventory_hostname) }}" + mode: '0644' + remote_src: false + loop: "{{ host_files }}" + when: not item.path.endswith('.j2') -- 2.52.0 From 480ea26964c1f4492b635a716b9564d463921fba Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Sun, 14 Sep 2025 11:56:58 -0400 Subject: [PATCH 45/46] ... --- playbooks/tar-valon_config_deploy.yml | 31 ++++++++++++++++++++------- 1 file changed, 23 insertions(+), 8 deletions(-) diff --git a/playbooks/tar-valon_config_deploy.yml b/playbooks/tar-valon_config_deploy.yml index 98ffa3f..db1d13c 100644 --- a/playbooks/tar-valon_config_deploy.yml +++ b/playbooks/tar-valon_config_deploy.yml @@ -10,8 +10,8 @@ template_base_path: "{{ playbook_dir }}/../app-configs" pre_tasks: - - name: Gather files for all hosts (on localhost) - find: + - name: Gather all files for each host (on localhost) + ansible.builtin.find: paths: "{{ template_base_path }}/{{ item }}" recurse: true loop: "{{ ansible_play_hosts }}" @@ -22,9 +22,15 @@ changed_when: false tasks: - - name: Deploy files to each host + - name: Deploy files for this host vars: - host_files: "{{ files_per_host.results | selectattr('item','equalto',inventory_hostname) | map(attribute='files') | first }}" + host_files: >- + {{ + files_per_host.results + | selectattr('item','equalto',inventory_hostname) + | map(attribute='files') + | first + }} dest_dirs: >- {{ host_files @@ -37,25 +43,34 @@ }} block: - name: Ensure destination directories exist - file: + ansible.builtin.file: path: "{{ item }}" state: directory mode: '0755' loop: "{{ dest_dirs }}" + loop_control: + label: "{{ item }}" - name: Deploy Jinja2 templates - template: + ansible.builtin.template: src: "{{ item.path }}" - dest: "{{ appdata_base_path }}/{{ item.path | relpath(template_base_path ~ '/' ~ inventory_hostname) | regex_replace('\.j2$', '') }}" + dest: >- + {{ appdata_base_path }}/{{ item.path + | relpath(template_base_path ~ '/' ~ inventory_hostname) + | regex_replace('\.j2$', '') }} mode: '0644' loop: "{{ host_files }}" + loop_control: + label: "{{ item.path }}" when: item.path.endswith('.j2') - name: Deploy static files - copy: + ansible.builtin.copy: src: "{{ item.path }}" dest: "{{ appdata_base_path }}/{{ item.path | relpath(template_base_path ~ '/' ~ inventory_hostname) }}" mode: '0644' remote_src: false loop: "{{ host_files }}" + loop_control: + label: "{{ item.path }}" when: not item.path.endswith('.j2') -- 2.52.0 From 5bf0123aa3041f5cd2358e80e25ba798f93297d2 Mon Sep 17 00:00:00 2001 From: "Trez.One" Date: Sun, 14 Sep 2025 11:59:47 -0400 Subject: [PATCH 46/46] ... --- playbooks/tar-valon_config_deploy.yml | 69 ++++++++++++++------------- 1 file changed, 36 insertions(+), 33 deletions(-) diff --git a/playbooks/tar-valon_config_deploy.yml b/playbooks/tar-valon_config_deploy.yml index db1d13c..d709bff 100644 --- a/playbooks/tar-valon_config_deploy.yml +++ b/playbooks/tar-valon_config_deploy.yml @@ -22,8 +22,8 @@ changed_when: false tasks: - - name: Deploy files for this host - vars: + - name: Set host_files for this host + set_fact: host_files: >- {{ files_per_host.results @@ -31,6 +31,9 @@ | map(attribute='files') | first }} + + - name: Build list of unique destination directories for this host + set_fact: dest_dirs: >- {{ host_files @@ -41,36 +44,36 @@ | unique | list }} - block: - - name: Ensure destination directories exist - ansible.builtin.file: - path: "{{ item }}" - state: directory - mode: '0755' - loop: "{{ dest_dirs }}" - loop_control: - label: "{{ item }}" - - name: Deploy Jinja2 templates - ansible.builtin.template: - src: "{{ item.path }}" - dest: >- - {{ appdata_base_path }}/{{ item.path - | relpath(template_base_path ~ '/' ~ inventory_hostname) - | regex_replace('\.j2$', '') }} - mode: '0644' - loop: "{{ host_files }}" - loop_control: - label: "{{ item.path }}" - when: item.path.endswith('.j2') + - name: Ensure destination directories exist + ansible.builtin.file: + path: "{{ item }}" + state: directory + mode: '0755' + loop: "{{ dest_dirs }}" + loop_control: + label: "{{ item }}" - - name: Deploy static files - ansible.builtin.copy: - src: "{{ item.path }}" - dest: "{{ appdata_base_path }}/{{ item.path | relpath(template_base_path ~ '/' ~ inventory_hostname) }}" - mode: '0644' - remote_src: false - loop: "{{ host_files }}" - loop_control: - label: "{{ item.path }}" - when: not item.path.endswith('.j2') + - name: Deploy Jinja2 templates + ansible.builtin.template: + src: "{{ item.path }}" + dest: >- + {{ appdata_base_path }}/{{ item.path + | relpath(template_base_path ~ '/' ~ inventory_hostname) + | regex_replace('\.j2$', '') }} + mode: '0644' + loop: "{{ host_files }}" + loop_control: + label: "{{ item.path }}" + when: item.path.endswith('.j2') + + - name: Deploy static files + ansible.builtin.copy: + src: "{{ item.path }}" + dest: "{{ appdata_base_path }}/{{ item.path | relpath(template_base_path ~ '/' ~ inventory_hostname) }}" + mode: '0644' + remote_src: false + loop: "{{ host_files }}" + loop_control: + label: "{{ item.path }}" + when: not item.path.endswith('.j2') -- 2.52.0