wip - finalize

.devcontainer/devcontainer.json

@@ -32,6 +32,8 @@
     // Ansible settings
     "ANSIBLE_DIR": "/workspaces/forge/anvil/ansible",
     "ANSIBLE_INVENTORY": "${ANSIBLE_DIR}/inventory.yml",
+    "ANSIBLE_CACHE_PLUGIN": "community.general.yaml",
+    "ANSIBLE_CACHE_PLUGIN_CONNECTION": "${ANSIBLE_DIR}/fact_cache",
     "ANSIBLE_ROLES_PATH": "${ANSIBLE_DIR}/roles",
     "ANSIBLE_COLLECTIONS_PATH": "${ANSIBLE_DIR}/collections",
     "ANSIBLE_PRIVATE_KEY_FILE": "/certs/ssh/ublue-os_forge-id_ed25519",
@@ -73,7 +75,8 @@
           "**/playbooks/*.yml": "ansible",
           "**/roles/**/tasks/*.yml": "ansible",
           "**/inventory*.yml": "ansible",
-          "**/*.just": "just"
+          "**/*.just": "just",
+          "**/.containerignore": "ignore"
         },
         // Python configuration
         "[python]": {
@@ -88,7 +91,7 @@
         "ansible.lightspeed.suggestions.enabled": true,
         "ansible.lightspeed.URL": "https://c.ai.ansible.redhat.com",
         // Template configuration
-        "templates.folder": "./.vscode/templates",
+        "templates.folder": "${localWorkspaceFolder}/.vscode/templates",
         // Spell-Check configuration
         "cSpell.customDictionaries": {
           "project-words": {

.gitignore

@@ -4,6 +4,7 @@
 ## Ansible
 **/collections
 !**/collections/requirements.yml
+**/fact_cache
 
 ## Python 
 # Byte-compiled / optimized / DLL files

.vscode/cspell_custom.txt

@@ -1,6 +1,7 @@
 aggrid
 CHACHA
 configmap
+containerignore
 devcontainer
 devcontainers
 dotenv

anvil/.containerignore

@@ -1,8 +1,12 @@
 # Don't add the following files to the container
 
+## Ansible files
+**/collections/ansible_collections
+**/fact_cache
+
 ## Python cache
 **/__pycache__
 
 ## Podman build files
 .containerignore
-Containerfile
+Containerfile

anvil/Containerfile

@@ -13,6 +13,8 @@ ENV POETRY_VIRTUALENVS_IN_PROJECT="true"
 ENV PATH="${PATH}:${PIPX_BIN_DIR}:${PIPX_HOME}/venvs/poetry/bin:/${PROJECT_DIR}/.venv/bin"
 ## Ansible settings
 ENV ANSIBLE_INVENTORY="${ANSIBLE_DIR}/inventory.yml"
+ENV ANSIBLE_CACHE_PLUGIN="community.general.yaml"
+ENV ANSIBLE_CACHE_PLUGIN_CONNECTION="${ANSIBLE_DIR}/fact_cache"
 ENV ANSIBLE_ROLES_PATH="${ANSIBLE_DIR}/roles"
 ENV ANSIBLE_COLLECTIONS_PATH="${ANSIBLE_DIR}/collections"
 ENV ANSIBLE_PRIVATE_KEY_FILE="/certs/ssh/ublue-os_forge-id_ed25519"

anvil/ansible.cfg

@@ -1,23 +0,0 @@
-[defaults]
-# Inventory location
-inventory = ./ansible/inventory.yml
-# Location for roles
-roles_path = ./ansible/roles
-# Location for collections
-collection_paths = ./ansible/collections
-# Localtion for plugins & modules
-library = ./ansible/library
-# SSH
-private_key_file = /certs/ssh/ublue-os_forge-id_ed25519
-# Console log settings
-display_skipped_hosts = false
-# Use the YAML callback plugin.
-stdout_callback = yaml
-# Use the stdout_callback when running ad-hoc commands.
-bin_ansible_callbacks = True
-# Callback plugins
-callbacks_enabled=ansible.posix.profile_tasks
-# Skip SSH host key checking
-host_key_checking = False
-# Disable cowsay
-nocows = 1

anvil/ansible/group_vars/all/data.yml

@@ -1,4 +0,0 @@
----
-# data variables
-forge_data_path: "{{ lookup('ansible.builtin.env', 'FORGE_DATA_PATH', default=ansible_facts.env.HOME + '/ublue-os_forge') }}"
-forge_data_default_variables_file_path: "{{ forge_data_path }}/forge_default_vars.env"

anvil/ansible/group_vars/all/git.yml

@@ -1,5 +1,5 @@
 ---
 # git variables
-forge_git_repository_url: "{{ lookup('ansible.builtin.env', 'FORGE_GIT_REPOSITORY_URL', default='https://github.com/ublue-os/bluefin.git') }}"
-forge_git_repository_destination: "{{ lookup('ansible.builtin.env', 'FORGE_GIT_REPOSITORY_DESTINATION', default=forge_data_path + '/bluefin') }}"
-forge_git_repository_version: "{{ lookup('ansible.builtin.env', 'FORGE_GIT_REPOSITORY_VERSION', default='main') }}"
+forge_git_repository_url: "https://github.com/ublue-os/bluefin.git"
+forge_git_repository_destination: "{{ forge_data_volume_mountpoint }}/data/bluefin"
+forge_git_repository_version: "main"

anvil/ansible/group_vars/all/registry.yml

@@ -1,3 +1,3 @@
 ---
 # container registry variables
-forge_registry_url: "{{ lookup('ansible.builtin.env', 'FORGE_REGISTRY_URL', default='registry.ublue.local') }}"
+forge_registry_url: "registry.ublue.local"

anvil/ansible/playbooks/configure_host.yml

@@ -2,6 +2,17 @@
 - name: Configure host system
   hosts: host.ublue.local
   gather_facts: true
+  pre_tasks:
+    - name: Get information on podman volume ublue-os_forge_data
+      containers.podman.podman_volume_info:
+        name: ublue-os_forge-data
+      register: __podman_volume_info
+
+    - name: Persist podman ublue-os_forge_data mountpoint
+      ansible.builtin.set_fact:
+        forge_data_volume_mountpoint: "{{ __podman_volume_info.volumes[0].Mountpoint }}"
+        cacheable: true
+
   tasks:
     - name: Add ublue.local entries to /etc/hosts
       ansible.builtin.lineinfile:
@@ -25,25 +36,19 @@
       changed_when: false
       become: true
 
-    - name: Create default directory for forge content
-      ansible.builtin.file:
-        path: "{{ forge_data_path }}"
-        state: directory
-        mode: "0755"
-
-    - name: Create default configuration variable file
+    - name: Create example extra-vars configuration file
       ansible.builtin.copy:
-        dest: "{{ forge_data_default_variables_file_path }}"
+        dest: "{{ forge_data_volume_mountpoint }}/forge_example_vars.yml"
         content: |
-          ## ublue-os forge configuration variables defaults
+          ## ublue-os forge extra-vars example configuration
           ## For more details got to https://github.com/ublue-os/forge/blob/main/docs/variables.md
-
+          ---
           {% for item in __vars_used %}
-          #{{ item | upper }}={{ lookup('ansible.builtin.vars', item) }}
+          {{ item }}: {{ lookup('ansible.builtin.vars', item) }}
           {% endfor %}
         backup: true
         owner: "{{ ansible_facts.env.USER }}"
         mode: "0644"
       vars:
         __vars_used: "{{ lookup('ansible.builtin.varnames', __regex_search, wantlist=true) }}"
-        __regex_search: ^forge_.+
+        __regex_search: ^forge_(?!data).+

anvil/ansible/roles/debug_forge_vars/tasks/main.yml

@@ -4,7 +4,7 @@
 - name: DEBUG | forge variables
   ansible.builtin.debug:
     msg: "{{ item }}: {{ lookup('ansible.builtin.vars', item) }}"
-    # verbosity: 1
+    verbosity: 1
   loop: "{{ __forge_vars_used }}"
   loop_control:
     extended: true

anvil/nicegui/pages/ansible.py

@@ -27,13 +27,15 @@ async def load_configuration_file() -> None:
     ANSIBLE_EXTRA_VARS = f"@{file_path}"
 
 
-async def run_ansible_playbook(playbook_name: str, gui_log: ui.log, gui_spinner: GuiProgressSpinner) -> None:
+async def run_ansible_playbook(
+    playbook_name: str, gui_log: ui.log, gui_spinner: GuiProgressSpinner
+) -> None:
     # Clear log console
     gui_log.clear()
     # Enable spinner
     gui_spinner.enable()
     # Run ansible playbook
-    project_root = os.environ['ANSIBLE_DIR']
+    project_root = os.environ["ANSIBLE_DIR"]
     playbook_path = f"{project_root}/playbooks/"
     extra_vars_file = ANSIBLE_EXTRA_VARS
     thread, runner = ansible_runner.interface.run_command_async(
@@ -55,7 +57,7 @@ async def run_ansible_playbook(playbook_name: str, gui_log: ui.log, gui_spinner:
             # Make sure log is displayed during playbook run
             await asyncio.sleep(0.1)
             # Check if event has been processed already
-            event_key = (event['uuid'], event['counter'])
+            event_key = (event["uuid"], event["counter"])
             if event_key not in processed_events:
                 # Add event to processed set
                 processed_events.add(event_key)

forge.sh

@@ -3,6 +3,8 @@
 export FORGE_DOMAIN_NAME="ublue.local"
 export FORGE_NETWORK_NAME="ublue-os_forge"
 export FORGE_POD_CONFIGURATION="forge-pod.yml"
+export FORGE_POD_CERTS_DIR="$(podman volume inspect ublue-os_forge-certs | jq -r '.[0].Mountpoint')"
+export FORGE_POD_DATA_DIR="$(podman volume inspect ublue-os_forge-data | jq -r '.[0].Mountpoint')"
 export FORGE_POD_NAME_PRE_AMBLE="ublue-os_forge-"
 export FORGE_POD_NAME_REVERSE_PROXY=${FORGE_POD_NAME_PRE_AMBLE}rvproxy
 export FORGE_POD_NAME_REGISTRY=${FORGE_POD_NAME_PRE_AMBLE}registry
@@ -56,13 +58,12 @@ function configure_host_prerequisites {
     if [ ! -f ~/.config/.ublue-os_forge-host-setup-done ];
     then
         echo "adding ssh public key to ~/.ssh/authorized_keys"
-        VOLUME_DIR="$(podman volume inspect ublue-os_forge-certs | jq -r '.[0].Mountpoint')"
-        SSH_PUBLIC_KEY_FILE="${VOLUME_DIR}/ssh/ublue-os_forge-id_ed25519.pub"
+        SSH_PUBLIC_KEY_FILE="${FORGE_POD_CERTS_DIR}/ssh/ublue-os_forge-id_ed25519.pub"
         SSH_PUBLIC_KEY="$(cat ${SSH_PUBLIC_KEY_FILE})"
         echo "#uBlue forge ssh key" >> ~/.ssh/authorized_keys
         echo "$SSH_PUBLIC_KEY" >> ~/.ssh/authorized_keys
-        cp -f ${VOLUME_DIR}/tls/ublue-os_forge-root.pem ~/Downloads
-        touch ~/.config/.ublue-os_forge-host-setup-done
+        cp -f ${FORGE_POD_CERTS_DIR}/tls/ublue-os_forge-root.pem ${FORGE_POD_DATA_DIR}
+        touch ${FORGE_POD_DATA_DIR}/.ublue-os_forge-host-setup-done
         echo ""
     else
         echo "Host system pre-requisites already configured. Nothing to do..."
@@ -166,10 +167,10 @@ function show_containter_info (
 function show_forge_info {
     echo -e "${GREEN}The following containers are now running...${ENDCOLOR}"
     show_containter_info
-    echo -e "${GREEN}uBlue forge reverse-proxy is available at: https://traefik.${FORGE_DOMAIN_NAME}${ENDCOLOR}"
+    echo -e "${GREEN}uBlue forge is available at: https://forge.${FORGE_DOMAIN_NAME}${ENDCOLOR}"
     echo -e "${GREEN}uBlue forge docker registry is available at: registry.${FORGE_DOMAIN_NAME}${ENDCOLOR}"
     echo -e "${GREEN}To trust the certificate in your Browser of choice, make sure to import the root certificate from:${ENDCOLOR}"
-    echo -e "${GREEN}$HOME/Downloads/tls/ublue-os_forge-root.pem${ENDCOLOR}"
+    echo -e "${GREEN}${FORGE_POD_DATA_DIR}/ublue-os_forge-root.pem${ENDCOLOR}"
     echo ""
 }