fix(build): Keep own files out of example repo

.gitignore

@@ -3,6 +3,8 @@
 ansible/hosts.yml
 ansible/group_vars/all/*
 ansible/roles/10-include-50-miniconda/defaults/*
+ansible/roles/10-include-50-miniconda/files/etc/systemd/system/*
+ansible/roles/10-include-50-miniconda/files/opt/python/update-firewall-source/master/config.ini
 ansible/roles/20-common-20-ssh/defaults/*
 ansible/roles/20-common-20-ssh/files/root/.ssh/*
 !*.example

ansible/group_vars/all/vars.yml.example

@@ -1,6 +1,21 @@
+# Most roles
 ansible_user: 'root'
 ansible_hashi_vault_auth_method: 'token'
 ansible_hashi_vault_token: 'hvs.xxxxxxxxxx'
 ansible_hashi_vault_engine_mount_point: 'kv'
 ansible_hashi_vault_token_validate: 'false'
 ansible_hashi_vault_url: 'http://localhost:8200/'
+
+# 10-include-50-miniconda
+python_git_packages:
+ - repo_url: 'https://f.q.d.n/repo/my-project.git'
+   path: '{{ python_git_install_path }}/my-project'
+   branch: 'master'
+   config_file: 'opt/python/my-project/master/config.ini'
+   systemd:
+      service: 'etc/systemd/system/my-project.service'
+      timer: 'etc/systemd/system/my-project.timer'
+python_pip_packages:
+ - { env_name: 'cookiecutter', packages: ['cookiecutter', 'pip-tools'] }
+python_pip_requirements:
+ - { env_name: 'my-project', requirements: '{{ python_git_install_path }}/my-project/master/requirements.txt' }

ansible/roles/10-include-50-miniconda/defaults/main.yml.example

@@ -1,7 +1,13 @@
 miniconda_install_dir: '/opt/miniconda3'
 miniconda_bin_dir: '{{ miniconda_install_dir }}/bin'
+miniconda_envs_dir: '{{ miniconda_install_dir }}/envs'
+miniconda_conda_binary: '{{ miniconda_bin_dir }}/conda'
 miniconda_installer_dl_dir: '{{ miniconda_install_dir }}/_downloaded-installer'
 miniconda_dl_uri_base: 'https://repo.anaconda.com/miniconda/'
 miniconda_dl_uri_file: 'Miniconda3-latest-Linux-x86_64.sh'
 miniconda_dl_uri: '{{ miniconda_dl_uri_base }}{{ miniconda_dl_uri_file }}'
 miniconda_dl_local_abs: '{{ miniconda_installer_dl_dir }}/{{ miniconda_dl_uri_file }}'
+conda_envs_template_dir: '_conda_envs_dir_'
+conda_python_version: '3'
+conda_package_spec: 'pip'
+python_git_install_path: '/opt/python'

ansible/roles/10-include-50-miniconda/tasks/40-install-miniconda.yml

@@ -71,17 +71,7 @@
 
 
 - name: 'Set ~/.condarc file'
-  tags:
-    - 'testing'
   ansible.builtin.copy:
     src: '_current_user_home_/.condarc'
     dest: '{{ ansible_env.HOME }}/.condarc'
     mode: '0644'
-
-
-
-- name: 'Debug vars'
-  tags:
-    - 'testing'
-  debug:
-    msg: '{{ ansible_env.HOME }}'

ansible/roles/10-include-50-miniconda/tasks/50-setup-miniconda-env.yml

@@ -1,30 +1,30 @@
+- name: 'Set conda env file basename'
+  set_fact:
+    conda_env_file_base: '{{ conda_env_file | basename }}'
 
 
 
-# conda deactivate && conda update -y --name base conda && conda update -y --all
+- name: 'Set conda env file absolute path'
+  set_fact:
+    conda_env_file_abs: '{{ miniconda_envs_dir }}/{{ conda_env_file_base | regex_search(''.*?\.yml'', ''\0'') | first }}'
 
-#- name: '...'
-#  tags:
-#    - 'inTesting'
-#  delegate_to: '127.0.0.1'
-#  run_once: true
-#  async: 1
-#  poll: 0
-#  no_log: true
-#  when: '...'
-#  register: '...'
-#  become: 'yes'
-#  changed_when: '...'
-#  failed_when: '...'
-#  until: '(condition)'
-#  retries: 5
-#  delay: 10
-#  loop_control:
-#    loop_var: 'loopVar'
-#  loop:
-#    - { var1: '', var2: '' }
-#    - { ... }
-#  <command>:
-#    argument1: '{{ loopVar.var1 }}'
-#    argument2: '{{ loopVar.var2 }}'
-#
+
+
+- name: 'Set conda env name'
+  set_fact:
+    conda_env_name: '{{ conda_env_file_base | regex_search(''(.*?)(_conda_environment.yml)'', ''\1'') | first }}'
+
+
+
+- name: 'Store conda environment.yml file'
+  ansible.builtin.template:
+    src: '{{ conda_env_file }}'
+    dest: '{{ conda_env_file_abs }}'
+
+
+
+- name: 'Set up conda env ''{{ conda_env_name }}'''
+  register: 'rv_conda_env_install'
+  changed_when: 'not rv_conda_env_install.stderr'
+  failed_when: 'false'
+  ansible.builtin.shell: '{{ miniconda_conda_binary }} env create --quiet --file ''{{ conda_env_file_abs }}'''

ansible/roles/10-include-50-miniconda/tasks/55-setup-git-repo.yml

@@ -0,0 +1,45 @@
+- name: 'Clone Python package Git repo ''{{ git.repo_url }}'''
+  ansible.builtin.git:
+    repo: '{{ git.repo_url }}'
+    dest: '{{ git.path }}/{{ git.branch }}'
+
+
+
+- name: 'If Git repo has config: Add config'
+  when: 'git.config_file'
+  ansible.builtin.copy:
+    src: '{{ git.config_file }}'
+    dest: '/{{ git.config_file }}'
+    mode: '0644'
+
+
+
+- name: 'If Git repo wants systemd: Copy systemd unit file'
+  when: '(git.systemd.service) and (git.systemd.timer)'
+  register: 'rv_copy_systemd_unit_files'
+  loop_control:
+    loop_var: 'unit'
+    label: '{{ unit.destination }}'
+  loop:
+    - { source: '{{ git.systemd.service }}', destination: '/{{ git.systemd.service }}', mode: '0644' }
+    - { source: '{{ git.systemd.timer }}', destination: '/{{ git.systemd.timer }}', mode: '0644' }
+  ansible.builtin.copy:
+    src: '{{ unit.source }}'
+    dest: '{{ unit.destination }}'
+    mode: '{{ unit.mode }}'
+
+
+
+- name: 'If systemd copy changed: systemctl daemon-reload'
+  when: '(rv_copy_systemd_unit_files.changed)'
+  ansible.builtin.systemd:
+    daemon_reload: 'yes'
+
+
+
+- name: 'If systemd copy succeeded: systemctl enable --now timer unit'
+  when: '(rv_copy_systemd_unit_files is success)'
+  ansible.builtin.systemd:
+    enabled: 'yes'
+    state: 'started'
+    name: '{{ git.systemd.timer | basename }}'

ansible/roles/10-include-50-miniconda/tasks/60-install-packages.yml

@@ -0,0 +1,21 @@
+- name: 'When venv wants packages: Install packages'
+  when: 'python_pip_packages'
+  loop_control:
+    loop_var: 'pip'
+    label: 'Into ''{{ pip.env_name }}'' venv install {{ pip.packages }}'
+  loop: '{{ python_pip_packages }}'
+  ansible.builtin.pip:
+    name: '{{ pip.packages }}'
+    executable: '{{ miniconda_envs_dir }}/{{ pip.env_name }}/bin/pip'
+
+
+
+- name: 'When venv wants requirements: Install requirements'
+  when: 'python_pip_requirements'
+  loop_control:
+    loop_var: 'pip'
+    label: 'Into ''{{ pip.env_name }}'' venv install requirements text file'
+  loop: '{{ python_pip_requirements }}'
+  ansible.builtin.pip:
+    requirements: '{{ pip.requirements }}'
+    executable: '{{ miniconda_envs_dir }}/{{ pip.env_name }}/bin/pip'

ansible/roles/10-include-50-miniconda/tasks/main.yml

@@ -1 +1,18 @@
-- import_tasks: '50-setup-miniconda-env.yml'
+- import_tasks: '40-install-miniconda.yml'
+- name: 'Set up conda environment'
+  loop_control:
+    loop_var: 'conda_env'
+    label: '{{ conda_env | regex_search(''(.*?)/(.*?)(_conda_environment.yml)'', ''\2'') | first }}'
+  loop: '{{ lookup(''ansible.builtin.fileglob'', ''{{ role_path }}/templates/{{ conda_envs_template_dir }}/*'', wantlist=True) | map(''regex_search'', conda_envs_template_dir + ''/.*?_conda_environment.yml.j2'') }}'
+  vars:
+    conda_env_file: '{{ conda_env }}'
+  include_tasks: '50-setup-miniconda-env.yml'
+- name: 'Set up Git repos'
+  loop_control:
+    loop_var: 'git_package'
+    label: 'From ''{{ git_package.repo_url }}'' clone ''{{ git_package.branch }}'' branch'
+  loop: '{{ python_git_packages }}'
+  vars:
+    git: '{{ git_package }}'
+  include_tasks: '55-setup-git-repo.yml'
+- import_tasks: '60-install-packages.yml'

ansible/roles/10-include-50-miniconda/templates/_conda_envs_dir_/cookiecutter_conda_environment.yml.j2

@@ -0,0 +1,7 @@
+name: cookiecutter
+channels:
+  - defaults
+dependencies:
+  - python=3
+  - pip
+prefix: {{ miniconda_envs_dir }}/cookiecutter

ansible/roles/10-include-50-miniconda/templates/_conda_envs_dir_/update-firewall-source_conda_environment.yml.j2

@@ -0,0 +1,7 @@
+name: update-firewall-source
+channels:
+  - defaults
+dependencies:
+  - python=3
+  - pip
+prefix: {{ miniconda_envs_dir }}/update-firewall-source

ansible/roles/50-service-mailcow/tasks/40-install-mailcow.yml

@@ -26,27 +26,28 @@
 
 - name: 'Install Miniconda'
   tags:
-    'testing'
+    - 'testing'
   ansible.builtin.include_role:
     name: '10-include-50-miniconda'
-    tasks_from: '40-install-miniconda'
+    # tasks_from: '40-install-miniconda'
 
 
 
-- name: 'Install Miniconda'
-  loop_control:
-    loop_var: 'conda'
-  loop:
-    - { task: 'setup', data: 'alter' }
-    - { task: 'setup', data: 'wasn' }
-    - { task: 'setup', data: 'digger' }
-  vars:
-    task: '{{ conda.task }}'
-    data: '{{ conda.data }}'
-  ansible.builtin.include_role:
-    name: '10-include-50-miniconda'
-    tasks_from: '40-install-miniconda'
-
+#- name: 'Set up Miniconda env'
+#  tags:
+#    - 'testing'
+#  loop_control:
+#    loop_var: 'conda'
+#  loop:
+#    - { env_name: 'cookiecutter', python_version: '3', package_spec: 'pip' }
+#    - { env_name: 'update-firewall-source', python_version: '3', package_spec: 'pip' }
+#  vars:
+#    env_name: '{{ conda.env_name }}'
+#    python_version: '{{ conda.python_version }}'
+#    package_spec: '{{ conda.package_spec }}'
+#  ansible.builtin.include_role:
+#    name: '10-include-50-miniconda'
+#
 
 
 - name: 'Populate service facts'