Horacio Duran
c09bf58ea7
Per file detail:
backup.yml
- Added role defaults loading with proper precedence (inventory > vars > defaults)
- Fixed pg_dump permissions: now dumps to /tmp first, then moves to backup directory
update.yml
- Added role defaults loading with proper precedence
- Fixed docker exec commands to use --user {{ forgejo_user }}
- Added monitoring compose file detection and handling
restore.yml
- Added role defaults loading with proper precedence
- Added monitoring compose file detection and handling
- Fixed docker exec for doctor command to use --user {{ forgejo_user }}
Makefile
- Updated .PHONY with new targets
- Replaced auto-generated help with structured categorized help
- Added backup-cron and backup-cron-s3 targets for non-interactive backups
- Added cron job example in help output
152 lines
5.1 KiB
YAML
152 lines
5.1 KiB
YAML
---
|
|
# Update Forgejo to latest version
|
|
# This playbook safely updates Forgejo with automatic backup
|
|
|
|
- name: Update Forgejo
|
|
hosts: forgejo
|
|
become: yes
|
|
gather_facts: yes
|
|
|
|
vars_files:
|
|
- vars/main.yml
|
|
- vars/secrets.yml
|
|
|
|
vars:
|
|
backup_before_update: true
|
|
skip_backup: false # Override with --extra-vars "skip_backup=true"
|
|
|
|
pre_tasks:
|
|
- name: Load role defaults as fallback
|
|
ansible.builtin.include_vars:
|
|
file: ../roles/forgejo/defaults/main.yml
|
|
name: role_defaults
|
|
|
|
- name: Apply all role defaults for undefined variables
|
|
ansible.builtin.set_fact:
|
|
"{{ item.key }}": "{{ vars[item.key] | default(item.value) }}"
|
|
loop: "{{ role_defaults | dict2items }}"
|
|
loop_control:
|
|
label: "{{ item.key }}"
|
|
|
|
- name: Display update information
|
|
ansible.builtin.debug:
|
|
msg: |
|
|
Updating Forgejo from {{ forgejo_version }}
|
|
Backup will be created: {{ backup_before_update and not skip_backup }}
|
|
|
|
- name: Check current Forgejo version
|
|
ansible.builtin.command:
|
|
cmd: docker exec --user {{ forgejo_user }} forgejo forgejo --version
|
|
register: current_version
|
|
changed_when: false
|
|
failed_when: false
|
|
|
|
- name: Display current version
|
|
ansible.builtin.debug:
|
|
msg: "Current version: {{ current_version.stdout if current_version.rc == 0 else 'Unable to determine' }}"
|
|
|
|
tasks:
|
|
- name: Create pre-update backup
|
|
when: backup_before_update and not skip_backup
|
|
block:
|
|
- name: Run backup script
|
|
ansible.builtin.command:
|
|
cmd: /usr/local/bin/forgejo_backup.sh
|
|
register: backup_result
|
|
|
|
- name: Display backup result
|
|
ansible.builtin.debug:
|
|
msg: "Backup completed: {{ backup_result.stdout_lines[-1] if backup_result.stdout_lines else 'No output' }}"
|
|
|
|
- name: Check if monitoring compose file exists
|
|
ansible.builtin.stat:
|
|
path: "{{ forgejo_base_path }}/docker-compose.monitoring.yml"
|
|
register: monitoring_compose
|
|
|
|
- name: Stop Forgejo service
|
|
community.docker.docker_compose_v2:
|
|
project_src: "{{ forgejo_base_path }}"
|
|
files: "{{ ['docker-compose.yml', 'docker-compose.monitoring.yml'] if monitoring_compose.stat.exists else ['docker-compose.yml'] }}"
|
|
state: stopped
|
|
|
|
- name: Pull latest Forgejo image
|
|
community.docker.docker_image:
|
|
name: "{{ forgejo_docker_image }}:{{ forgejo_version }}"
|
|
source: pull
|
|
force_source: yes
|
|
|
|
- name: Update Docker Compose file if needed
|
|
ansible.builtin.template:
|
|
src: ../roles/forgejo/templates/docker-compose.yml.j2
|
|
dest: "{{ forgejo_base_path }}/docker-compose.yml"
|
|
owner: "{{ forgejo_user }}"
|
|
group: "{{ forgejo_group }}"
|
|
mode: '0640'
|
|
|
|
- name: Start Forgejo service
|
|
community.docker.docker_compose_v2:
|
|
project_src: "{{ forgejo_base_path }}"
|
|
files: "{{ ['docker-compose.yml', 'docker-compose.monitoring.yml'] if monitoring_compose.stat.exists else ['docker-compose.yml'] }}"
|
|
state: present
|
|
pull: always
|
|
|
|
- name: Wait for Forgejo to be ready
|
|
ansible.builtin.uri:
|
|
url: "http://localhost:{{ forgejo_http_port }}"
|
|
status_code: 200
|
|
register: health_check
|
|
until: health_check.status == 200
|
|
retries: 30
|
|
delay: 2
|
|
|
|
- name: Check updated version
|
|
ansible.builtin.command:
|
|
cmd: docker exec --user {{ forgejo_user }} forgejo forgejo --version
|
|
register: updated_version
|
|
changed_when: false
|
|
|
|
- name: Display updated version
|
|
ansible.builtin.debug:
|
|
msg: "Updated version: {{ updated_version.stdout }}"
|
|
|
|
- name: Run database migrations
|
|
ansible.builtin.command:
|
|
cmd: docker exec --user {{ forgejo_user }} forgejo forgejo migrate
|
|
register: migrate_result
|
|
changed_when: "'No migration needed' not in migrate_result.stdout"
|
|
|
|
- name: Display migration result
|
|
ansible.builtin.debug:
|
|
msg: "{{ migrate_result.stdout_lines }}"
|
|
|
|
post_tasks:
|
|
- name: Verify Forgejo health
|
|
ansible.builtin.uri:
|
|
url: "http://localhost:{{ forgejo_http_port }}/api/healthz"
|
|
status_code: 200
|
|
return_content: yes
|
|
register: health
|
|
|
|
- name: Display health status
|
|
ansible.builtin.debug:
|
|
msg: "Forgejo health check: {{ health.content }}"
|
|
|
|
- name: Update deployment info
|
|
ansible.builtin.lineinfile:
|
|
path: "{{ forgejo_base_path }}/DEPLOYMENT_INFO.txt"
|
|
regexp: '^Last Update:'
|
|
line: "Last Update: {{ ansible_date_time.iso8601 }} - {{ forgejo_version }}"
|
|
insertafter: '^Deployment Date:'
|
|
|
|
- name: Display completion message
|
|
ansible.builtin.debug:
|
|
msg: |
|
|
========================================
|
|
Forgejo Update Complete!
|
|
========================================
|
|
|
|
Previous version: {{ current_version.stdout if current_version.rc == 0 else 'Unknown' }}
|
|
Current version: {{ updated_version.stdout }}
|
|
|
|
The service is running and healthy.
|
|
========================================
|