initial push

roles/pallxk.code_server/.gitignore

@@ -0,0 +1,7 @@
+# Created by https://www.gitignore.io/api/ansible
+# Edit at https://www.gitignore.io/?templates=ansible
+
+### Ansible ###
+*.retry
+
+# End of https://www.gitignore.io/api/ansible

roles/pallxk.code_server/.travis.yml

@@ -0,0 +1,12 @@
+dist: bionic
+
+addons:
+  apt:
+    packages:
+    - ansible-lint
+
+script:
+- ansible-lint **/*.yml
+
+notifications:
+  webhooks: https://galaxy.ansible.com/api/v1/notifications/

roles/pallxk.code_server/LICENSE

@@ -0,0 +1,20 @@
+The MIT License (MIT)
+
+Copyright (c) 2020 test.cab <git@test.cab>
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of
+this software and associated documentation files (the "Software"), to deal in
+the Software without restriction, including without limitation the rights to
+use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
+the Software, and to permit persons to whom the Software is furnished to do so,
+subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
+FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
+COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
+IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

roles/pallxk.code_server/defaults/main.yml

@@ -0,0 +1,15 @@
+---
+#code_server_ver: ""
+code_server_install_prefix: /usr/local
+code_server_data_dir: "{{ ansible_user_dir }}/.local/share/code-server"
+#code_server_work_dir: "{{ ansible_user_dir }}"
+code_server_auth: password
+#code_server_password: ""
+code_server_user: "{{ ansible_user_id }}"
+code_server_host: 0.0.0.0
+code_server_port: 8080
+code_server_env: {}
+#code_server_tls_cert: ""
+code_server_tls_cert_remote: no
+#code_server_tls_key: ""
+code_server_tls_key_remote: no

roles/pallxk.code_server/handlers/main.yml

@@ -0,0 +1,11 @@
+---
+- name: Restart code-server
+  become: yes
+  systemd:
+    daemon-reload: yes
+    name: code-server
+    state: restarted
+    # We mark the service as Type=notify to auto restart it routinely,
+    # but it's actually Type=simple, so "no_block: yes" here to avoid stuck.
+    no_block: yes
+  when: code_server_configure_service

roles/pallxk.code_server/meta/.galaxy_install_info

@@ -0,0 +1,2 @@
+install_date: Thu Mar 16 20:50:57 2023
+version: v4.0.0

roles/pallxk.code_server/meta/main.yml

@@ -0,0 +1,59 @@
+galaxy_info:
+  role_name: code_server
+  author: pallxk
+  description: Install and configure the latest or specified version of code-server (v4, v3, v2 & v1).
+  company: test.cab
+
+  # If the issue tracker for your role is not on github, uncomment the
+  # next line and provide a value
+  # issue_tracker_url: http://example.com/issue/tracker
+
+  # Choose a valid license ID from https://spdx.org - some suggested licenses:
+  # - BSD-3-Clause (default)
+  # - MIT
+  # - GPL-2.0-or-later
+  # - GPL-3.0-only
+  # - Apache-2.0
+  # - CC-BY-4.0
+  license: MIT
+
+  min_ansible_version: 2.8
+
+  # If this a Container Enabled role, provide the minimum Ansible Container version.
+  # min_ansible_container_version:
+
+  #
+  # Provide a list of supported platforms, and for each platform a list of versions.
+  # If you don't wish to enumerate all versions for a particular platform, use 'all'.
+  # To view available platforms and versions (or releases), visit:
+  # https://galaxy.ansible.com/api/v1/platforms/
+  #
+  platforms:
+  - name: ArchLinux
+    versions:
+    - all
+  - name: Debian
+    versions:
+    - buster
+  - name: EL
+    versions:
+    - 7
+  - name: Fedora
+    versions:
+    - 31
+  - name: SLES
+    versions:
+    - 15
+  - name: Ubuntu
+    versions:
+    - bionic
+
+  galaxy_tags:
+  - development
+  - code
+  - codeserver
+  - vscode
+
+dependencies: []
+  # List your role dependencies here, one per line. Be sure to remove the '[]' above,
+  # if you add dependencies to this list.

roles/pallxk.code_server/tasks/check-code-server.yml

@@ -0,0 +1,50 @@
+- name: Check code-server binary exists
+  stat:
+    path: "{{ code_server_bin_dir }}/code-server"
+    follow: yes
+  register: code_server_exists
+
+# This check is compatible with code-server v1, v2 and v3
+#
+# v3.6.0:
+# 3.6.0 a4a03c14922ccaec2a9ff8d1b7b2af8522a4214d
+#
+# v3.5.0:
+# [2020-09-01T06:20:36.864Z] info  Using config file ~/.config/code-server/config.yaml
+# 3.5.0 de41646fc402b968ca6d555fdf2da7de9554d28a
+#
+# v3.4.1:
+# info  Using config file ~/.config/code-server/config.yaml
+# 3.4.1 48f7c2724827e526eeaa6c2c151c520f48a61259
+#
+# v3.0.2:
+# 3.0.2 e480f6527e11344a7c69b7cd024bce9379cea7f0
+#
+# v3:
+# 3.0.0
+#
+# v2:
+# info  2.1698-vsc1.41.1
+# info  f51e045cd5483561afc07694f39307fb673b6d1d
+# info  x64
+#
+# v1:
+# 1.1156-vsc1.33.1
+- name: Check installed code-server version
+  shell: 'set -o pipefail; code-server --version | grep -P -o "(?<=^|info  )\d+(\.\d+)+(-[^ ]+)?"'
+  args:
+    executable: /bin/bash
+  register: code_server_version
+  when: code_server_exists.stat.exists
+  changed_when: no
+
+- name: Check latest code-server version
+  uri:
+    url: https://api.github.com/repos/cdr/code-server/releases
+  register: code_server_releases
+  when: code_server_ver is undefined
+
+- name: Set code-server latest version
+  set_fact:
+    code_server_ver: "{{ code_server_releases.json[0].tag_name }}"
+  when: code_server_ver is undefined

roles/pallxk.code_server/tasks/configure-code-server.yml

@@ -0,0 +1,19 @@
+- name: Create code-server data dir
+  file:
+    path: "{{ code_server_data_dir }}"
+    state: directory
+
+- name: Copy code-server env file
+  template:
+    src: env
+    dest: "{{ code_server_data_dir }}"
+    mode: 0600
+  notify: Restart code-server
+  when: code_server_password is defined or
+        code_server_env|length > 0
+
+- block:
+  - import_tasks: copy-certs.yml
+  rescue:
+  - import_tasks: copy-certs.yml
+    become: yes

roles/pallxk.code_server/tasks/copy-certs.yml

@@ -0,0 +1,21 @@
+- name: Copy TLS certificate
+  copy:
+    remote_src: "{{ code_server_tls_cert_remote }}"
+    src: "{{ code_server_tls_cert }}"
+    dest: "{{ code_server_data_dir }}/tls.cert"
+    owner: "{{ code_server_user }}"
+    group: "{{ ansible_user_gid|string }}"
+    mode: 0440
+  notify: Restart code-server
+  when: code_server_tls_cert is defined
+
+- name: Copy TLS key
+  copy:
+    remote_src: "{{ code_server_tls_key_remote }}"
+    src: "{{ code_server_tls_key }}"
+    dest: "{{ code_server_data_dir }}/tls.key"
+    owner: "{{ code_server_user }}"
+    group: "{{ ansible_user_gid|string }}"
+    mode: 0440
+  notify: Restart code-server
+  when: code_server_tls_key is defined

roles/pallxk.code_server/tasks/deprecate.yml

@@ -0,0 +1,18 @@
+- name: Check usage of deprecated variables
+  debug:
+    msg: "'{{ item }}' is deprecated, please use 'code_server_{{ item }}'"
+  when: "{{ item }} is defined"
+  with_items:
+  - tls_cert
+  - tls_key
+  - tls_cert_remote
+  - tls_key_remote
+
+- name: Set corresponding code_server_ variables
+  set_fact: code_server_{{ item }}={{ lookup('vars', item) }}
+  when: "{{ item }} is defined"
+  with_items:
+  - tls_cert
+  - tls_key
+  - tls_cert_remote
+  - tls_key_remote

roles/pallxk.code_server/tasks/install-code-server-legacy.yml

@@ -0,0 +1,12 @@
+- name: Download code-server legacy
+  become: yes
+  unarchive:
+    remote_src: yes
+    src: "{{ code_server_tar_url }}"
+    dest: "{{ code_server_bin_dir }}"
+    extra_opts:
+      - --strip-components=1
+      - --wildcards
+      - "*/code-server"
+  notify: Restart code-server
+  when: code_server_download_needed

roles/pallxk.code_server/tasks/install-code-server-service.yml

@@ -0,0 +1,13 @@
+- name: Copy code-server systemd unit file
+  become: yes
+  template:
+    src: code-server.service
+    dest: "{{ code_server_service_dir }}"
+  notify: Restart code-server
+
+- name: Copy code-server systemd override file
+  become: yes
+  template:
+    src: code-server.service.d/restart.conf
+    dest: "{{ code_server_service_dir }}/code-server.service.d/"
+  notify: Restart code-server

roles/pallxk.code_server/tasks/install-code-server.yml

@@ -0,0 +1,34 @@
+- name: Clean up {{ code_server_dir }}
+  become: yes
+  file:
+    state: absent
+    path: "{{ code_server_dir }}"
+  when: code_server_download_needed
+
+- name: Create {{ code_server_dir }}
+  become: yes
+  file:
+    state: directory
+    path: "{{ code_server_dir }}"
+
+- name: Download code-server
+  become: yes
+  unarchive:
+    remote_src: yes
+    src: "{{ code_server_tar_url }}"
+    dest: "{{ code_server_dir }}"
+    extra_opts:
+      - --strip-components=1
+  notify: Restart code-server
+  when: code_server_download_needed
+
+- name: Add {{ code_server_bin_dir }}/code-server
+  become: yes
+  file:
+    state: link
+    src: "{{ code_server_dir }}{{ '/bin' if code_server_cleaned_ver is version('3.3.0', '>=') else '' }}/code-server"
+    dest: "{{ code_server_bin_dir }}/code-server"
+    # force is required if upgrade from v1 or v2,
+    # in which case dest exists and is a file.
+    force: yes
+  notify: Restart code-server

roles/pallxk.code_server/tasks/main.yml

@@ -0,0 +1,64 @@
+---
+- name: Check usage of deprecated role variables
+  include_tasks: deprecate.yml
+  when: >
+    tls_cert is defined
+    or tls_key is defined
+    or tls_cert_remote is defined
+    or tls_key_remote is defined
+
+# Always gather facts as we use ansible_user_id and ansible_user_dir
+- name: Gather Facts
+  setup:
+    gather_subset: '!all'
+
+- name: Check systemd version
+  shell: "set -o pipefail; systemctl --version | head -1 | cut -d' ' -f2"
+  args:
+    executable: /bin/bash
+  register: systemctl_version
+  changed_when: no
+
+- name: Create {{ code_server_service_dir }}
+  become: yes
+  file:
+    state: directory
+    path: "{{ code_server_service_dir }}"
+
+- name: Check code-server
+  include_tasks: check-code-server.yml
+
+- import_tasks: install-code-server-legacy.yml
+  when: code_server_major|int < 3
+
+- import_tasks: install-code-server.yml
+  when: code_server_major|int >= 3
+
+- import_tasks: install-code-server-service.yml
+
+- name: Configure code-server
+  include_tasks: configure-code-server.yml
+
+- name: Configure service
+  set_fact:
+    code_server_configure_service: yes
+  tags:
+    - service
+
+- meta: flush_handlers
+
+- name: Enable code-server service
+  become: yes
+  systemd:
+    name: code-server
+    enabled: yes
+  tags:
+    - service
+
+- name: Report
+  include_tasks: report.yml
+
+- name: Sanity Test
+  include_tasks: tests.yml
+  tags:
+    - tests

roles/pallxk.code_server/tasks/report.yml

@@ -0,0 +1,10 @@
+- name: List installed files
+  debug:
+    msg:
+    - "{{ code_server_dir }}"
+    - "{{ code_server_bin_dir }}/code-server"
+    - "{{ code_server_service_dir }}/code-server.service"
+    - "{{ code_server_service_dir }}/code-server.service.d/restart.conf"
+    - "{% if code_server_password is defined %}{{ code_server_data_dir }}/env{% endif %}"
+    - "{% if code_server_tls_cert is defined %}{{ code_server_data_dir }}/tls.cert{% endif %}"
+    - "{% if code_server_tls_key is defined %}{{ code_server_data_dir }}/tls.key{% endif %}"

roles/pallxk.code_server/tasks/tests.yml

@@ -0,0 +1,13 @@
+---
+- name: Test connectivity locally
+  wait_for:
+    port: "{{ code_server_port }}"
+    timeout: 15
+
+- name: Test connectivity remotely
+  wait_for:
+    host: "{{ inventory_hostname }}"
+    port: "{{ code_server_port }}"
+    timeout: 15
+  delegate_to: localhost
+  ignore_errors: yes

roles/pallxk.code_server/templates/code-server.service

@@ -0,0 +1,21 @@
+[Unit]
+Description=Run VS Code on a remote server.
+Documentation=https://github.com/cdr/code-server
+After=network.target network-online.target
+
+[Service]
+Type=simple
+User={{ code_server_user }}
+{% if code_server_password is defined %}
+EnvironmentFile={{ code_server_data_dir_abs }}/env
+{% endif %}
+ExecStart={{ code_server_bin_dir }}/code-server
+ {%- if code_server_major != '1' %} --auth {{ code_server_auth }}{% endif %}
+ {%- if code_server_tls_cert is defined %} --cert {{ code_server_data_dir_abs }}/tls.cert{% endif %}
+ {%- if code_server_tls_key is defined %} --cert-key {{ code_server_data_dir_abs }}/tls.key{% endif %}
+ {%- if code_server_work_dir is defined %} {{ code_server_work_dir }}{% endif %}
+ --host {{ code_server_host }} --port {{ code_server_port }}
+WorkingDirectory=~
+
+[Install]
+WantedBy=multi-user.target

roles/pallxk.code_server/templates/code-server.service.d/restart.conf

@@ -0,0 +1,11 @@
+# Restart every week to fix memory leak
+# https://stackoverflow.com/questions/31055194/how-can-i-configure-a-systemd-service-to-restart-periodically
+[Service]
+Restart=always
+{% if (systemctl_version.stdout|int) < 229 %}
+Type=notify
+# 1 week
+TimeoutStartSec=604800
+{% else %}
+RuntimeMaxSec=604800
+{% endif %}

roles/pallxk.code_server/templates/env

@@ -0,0 +1,6 @@
+{% if code_server_password is defined %}
+PASSWORD={{ code_server_password | quote }}
+{% endif %}
+{% for env in code_server_env %}
+{{ env }}={{ code_server_env[env] | quote }}
+{% endfor %}

roles/pallxk.code_server/tests/defaults-test.yml

@@ -0,0 +1,6 @@
+#!/usr/bin/env ansible-playbook
+---
+- hosts: localhost
+  gather_facts: no
+  roles:
+    - name: ../..

roles/pallxk.code_server/tests/test.yml

@@ -0,0 +1,19 @@
+#!/usr/bin/env ansible-playbook
+---
+- hosts: localhost
+  gather_facts: no
+  roles:
+    - name: ../..
+      #code_server_ver: ""
+      #code_server_data_dir: "{{ ansible_user_dir }}/.local/share/code-server"
+      #code_server_work_dir: "{{ ansible_user_dir }}"
+      #code_server_auth: password # password or none
+      #code_server_password: "" # Leave empty to use auto-generated password
+      #code_server_user: "{{ ansible_user_id }}"
+      #code_server_host: 0.0.0.0
+      #code_server_port: 8080
+      #code_server_env: {}
+      #code_server_tls_cert: /etc/letsencrypt/live/example.com/fullchain.pem
+      #code_server_tls_cert_remote: no
+      #code_server_tls_key: /etc/letsencrypt/live/example.com/privkey.pem
+      #code_server_tls_key_remote: no

roles/pallxk.code_server/vars/main.yml

@@ -0,0 +1,47 @@
+---
+# The directory to install the executable for code-server
+code_server_bin_dir: "{{ code_server_install_prefix }}/bin"
+
+# code-server before v3 is a single file binary, code-server since v3 is a directory of files.
+# code_server_dir is only used for v3+
+code_server_dir: "{{ '/opt/code-server' if code_server_major|int >= 3 else '' }}"
+
+# The directory to install code-server systemd service file
+code_server_service_dir: "{{ code_server_install_prefix }}/lib/systemd/system"
+
+# URL prefix for downloading code-server
+code_server_url_prefix: https://github.com/cdr/code-server/releases/download
+
+# code_server_ver without v prefix
+code_server_cleaned_ver: "{{ code_server_ver | regex_replace('^v', '') }}"
+
+# code_server_short_ver removes vscode version
+# 2.1692-vsc1.39.2 -> 2.1692
+# 3.0.0 -> 3.0.0
+code_server_short_ver: "{{ code_server_cleaned_ver | regex_replace('-.+', '') }}"
+
+# Whether we need to download code-server for fresh install or upgrade.
+# Note that code-server release tag has a 'v' prefix since v3.3.0,
+# while `code-server --version` never outputs the 'v' prefix.
+code_server_download_needed: >-
+  {{ not code_server_exists.stat.exists
+  or code_server_version.stdout != code_server_cleaned_ver }}
+
+# The subdirectory under URL prefix containing code-server artifacts
+code_server_download_dir: "{{ 'v' if code_server_cleaned_ver is version('3.3.0', '>=') else '' }}{{ code_server_short_ver if code_server_short_ver is version('2.1698', '>=') else code_server_cleaned_ver }}"
+
+# The major version of code-server in string
+code_server_major: "{{ code_server_cleaned_ver.split('.')[0] }}"
+
+# The architecture of code-server as used in download URL
+code_server_arch: "{% if code_server_cleaned_ver is version('3.3.0', '>=') %}amd64{% elif code_server_major != '1' %}x86_64{% else %}x64{% endif %}"
+
+# The build-up final .tar.gz url for code-server
+code_server_tar_url: "{{ code_server_url_prefix }}/{{ code_server_download_dir }}/code-server{{ '-' if code_server_major|int >= 3 else '' }}{{ code_server_cleaned_ver }}-linux-{{ code_server_arch }}.tar.gz"
+
+# The data directory of code-server
+code_server_data_dir_abs: "{{ code_server_data_dir | expanduser }}"
+
+# Whether to configure service.
+# This will be set to yes in tasks unless `--skip-tags service` specified.
+code_server_configure_service: no