diff --git a/inventories/chaosknoten/hosts.yaml b/inventories/chaosknoten/hosts.yaml index d40de96..9c7ab6f 100644 --- a/inventories/chaosknoten/hosts.yaml +++ b/inventories/chaosknoten/hosts.yaml @@ -195,3 +195,5 @@ ansible_pull_hosts: wiki: msmtp_hosts: hosts: +renovate_hosts: + hosts: diff --git a/playbooks/deploy.yaml b/playbooks/deploy.yaml index dc3a22d..d7bacac 100644 --- a/playbooks/deploy.yaml +++ b/playbooks/deploy.yaml @@ -88,5 +88,10 @@ roles: - msmtp +- name: Ensure Renovate is setup on renovate_hosts + hosts: renovate_hosts + roles: + - renovate + - name: Run ensure_eh22_styleguide_dir Playbook ansible.builtin.import_playbook: ensure_eh22_styleguide_dir.yaml diff --git a/roles/renovate/README.md b/roles/renovate/README.md new file mode 100644 index 0000000..f19a458 --- /dev/null +++ b/roles/renovate/README.md @@ -0,0 +1,11 @@ +# Role `renovate` + +A role for setting up [Renovate](https://docs.renovatebot.com/). + +## Supported Distributions + +Should work on Debian-based distributions. + +## Required Arguments + +- `renovate__config`: The Renovate config to deploy. diff --git a/roles/renovate/files/renovate.service b/roles/renovate/files/renovate.service new file mode 100644 index 0000000..ca9f7ed --- /dev/null +++ b/roles/renovate/files/renovate.service @@ -0,0 +1,10 @@ +[Unit] +Description=renovate +After=network-online.target +Wants=network-online.target + +[Service] +Type=oneshot +ExecStart=/usr/bin/docker run --rm \ + -v "/etc/renovate/config.js:/usr/src/app/config.js" \ + renovate/renovate diff --git a/roles/renovate/files/renovate.timer b/roles/renovate/files/renovate.timer new file mode 100644 index 0000000..f7a3a63 --- /dev/null +++ b/roles/renovate/files/renovate.timer @@ -0,0 +1,8 @@ +[Unit] +Description=renovate running every 15 minutes + +[Timer] +OnCalendar=*-*-* *:00,15,30,45:00 + +[Install] +WantedBy=timers.target diff --git a/roles/renovate/handlers/main.yaml b/roles/renovate/handlers/main.yaml new file mode 100644 index 0000000..ada2426 --- /dev/null +++ b/roles/renovate/handlers/main.yaml @@ -0,0 +1,4 @@ +- name: systemd daemon reload + ansible.builtin.systemd_service: + daemon_reload: true + become: true diff --git a/roles/renovate/meta/argument_specs.yaml b/roles/renovate/meta/argument_specs.yaml new file mode 100644 index 0000000..8be0fb1 --- /dev/null +++ b/roles/renovate/meta/argument_specs.yaml @@ -0,0 +1,6 @@ +argument_specs: + main: + options: + renovate__config: + type: str + required: true diff --git a/roles/renovate/meta/main.yaml b/roles/renovate/meta/main.yaml new file mode 100644 index 0000000..cb7d8e0 --- /dev/null +++ b/roles/renovate/meta/main.yaml @@ -0,0 +1,3 @@ +--- +dependencies: + - role: docker diff --git a/roles/renovate/tasks/main.yaml b/roles/renovate/tasks/main.yaml new file mode 100644 index 0000000..f6988ab --- /dev/null +++ b/roles/renovate/tasks/main.yaml @@ -0,0 +1,46 @@ +- name: ensure renovate config directory exists + ansible.builtin.file: + path: /etc/renovate + state: directory + owner: root + group: root + mode: "0755" + become: true + +- name: ensure renovate config + ansible.builtin.copy: + content: "{{ renovate__config }}" + dest: /etc/renovate/config.js + owner: root + group: root + mode: "0640" + become: true + +- name: ensure systemd service exists + ansible.builtin.copy: + src: renovate.service + dest: /etc/systemd/system/renovate.service + owner: root + group: root + mode: "0644" + become: true + notify: + - systemd daemon reload + +- name: ensure systemd timer exists + ansible.builtin.copy: + src: renovate.timer + dest: /etc/systemd/system/renovate.timer + owner: root + group: root + mode: "0644" + become: true + notify: + - systemd daemon reload + +- name: ensure systemd timer is started and enabled + ansible.builtin.systemd_service: + name: renovate.timer + state: started + enabled: true + become: true