updated

configuration/playbooks/applications/cloud-providers-update.yml

@@ -1,72 +0,0 @@
----
-- name: Cloud Providers System Update Playbook
-  hosts: huawei,google,ditigalocean,aws
-  become: yes
-  gather_facts: yes
-  
-  tasks:
-    # Ubuntu/Debian 系统更新 (apt)
-    - name: Update apt cache (Ubuntu/Debian)
-      apt:
-        update_cache: yes
-        cache_valid_time: 3600
-      when: ansible_os_family == "Debian"
-      
-    - name: Upgrade all packages (Ubuntu/Debian)
-      apt:
-        upgrade: yes
-        autoremove: yes
-        autoclean: yes
-      when: ansible_os_family == "Debian"
-      register: apt_upgrade_result
-      
-    # AWS Linux 系统更新 (dnf)
-    - name: Update dnf cache (AWS Linux/RHEL)
-      dnf:
-        update_cache: yes
-      when: ansible_os_family == "RedHat"
-      
-    - name: Upgrade all packages (AWS Linux/RHEL)
-      dnf:
-        name: "*"
-        state: latest
-        skip_broken: yes
-      when: ansible_os_family == "RedHat"
-      register: dnf_upgrade_result
-      
-    # 显示升级结果
-    - name: Display apt upgrade results
-      debug:
-        msg: "APT system upgrade completed. {{ apt_upgrade_result.changed }} packages were updated."
-      when: ansible_os_family == "Debian" and apt_upgrade_result is defined
-        
-    - name: Display dnf upgrade results
-      debug:
-        msg: "DNF system upgrade completed. {{ dnf_upgrade_result.changed }} packages were updated."
-      when: ansible_os_family == "RedHat" and dnf_upgrade_result is defined
-        
-    # 检查是否需要重启 (Ubuntu/Debian)
-    - name: Check if reboot is required (Ubuntu/Debian)
-      stat:
-        path: /var/run/reboot-required
-      register: debian_reboot_required
-      when: ansible_os_family == "Debian"
-      
-    # 检查是否需要重启 (AWS Linux/RHEL)
-    - name: Check if reboot is required (AWS Linux/RHEL)
-      command: needs-restarting -r
-      register: rhel_reboot_required
-      failed_when: false
-      changed_when: false
-      when: ansible_os_family == "RedHat"
-      
-    # 通知重启信息
-    - name: Notify if reboot is required (Ubuntu/Debian)
-      debug:
-        msg: "System reboot is required to complete the update."
-      when: ansible_os_family == "Debian" and debian_reboot_required.stat.exists is defined and debian_reboot_required.stat.exists
-      
-    - name: Notify if reboot is required (AWS Linux/RHEL)
-      debug:
-        msg: "System reboot is required to complete the update."
-      when: ansible_os_family == "RedHat" and rhel_reboot_required.rc == 1

configuration/playbooks/applications/docker-management.yml

@@ -1,128 +0,0 @@
----
-- name: Docker Container Management
-  hosts: all
-  become: yes
-  gather_facts: yes
-  
-  tasks:
-    # 检查 Docker 是否安装
-    - name: Check if Docker is installed
-      command: which docker
-      register: docker_installed
-      failed_when: false
-      changed_when: false
-      
-    - name: Skip Docker tasks if not installed
-      debug:
-        msg: "Docker not installed on {{ inventory_hostname }}, skipping Docker tasks"
-      when: docker_installed.rc != 0
-      
-    # Docker 系统信息
-    - name: Get Docker system info
-      shell: docker system df
-      register: docker_system_info
-      when: docker_installed.rc == 0
-      
-    - name: Display Docker system usage
-      debug:
-        msg: "🐳 Docker System Usage: {{ docker_system_info.stdout_lines }}"
-      when: docker_installed.rc == 0
-      
-    # 检查运行中的容器
-    - name: List running containers
-      shell: docker ps --format "table {{.Names}}\t{{.Status}}\t{{.Ports}}"
-      register: running_containers
-      when: docker_installed.rc == 0
-      
-    - name: Display running containers
-      debug:
-        msg: "📦 Running Containers: {{ running_containers.stdout_lines }}"
-      when: docker_installed.rc == 0
-      
-    # 检查停止的容器
-    - name: List stopped containers
-      shell: docker ps -a --filter "status=exited" --format "table {{.Names}}\t{{.Status}}"
-      register: stopped_containers
-      when: docker_installed.rc == 0
-      
-    - name: Display stopped containers
-      debug:
-        msg: "⏹️  Stopped Containers: {{ stopped_containers.stdout_lines }}"
-      when: docker_installed.rc == 0 and stopped_containers.stdout_lines | length > 1
-      
-    # 检查 Docker 镜像
-    - name: List Docker images
-      shell: docker images --format "table {{.Repository}}\t{{.Tag}}\t{{.Size}}"
-      register: docker_images
-      when: docker_installed.rc == 0
-      
-    - name: Display Docker images
-      debug:
-        msg: "🖼️  Docker Images: {{ docker_images.stdout_lines }}"
-      when: docker_installed.rc == 0
-      
-    # 检查悬空镜像
-    - name: Check for dangling images
-      shell: docker images -f "dangling=true" -q
-      register: dangling_images
-      when: docker_installed.rc == 0
-      
-    - name: Report dangling images
-      debug:
-        msg: "🗑️  Found {{ dangling_images.stdout_lines | length }} dangling images"
-      when: docker_installed.rc == 0
-      
-    # 检查 Docker 卷
-    - name: List Docker volumes
-      shell: docker volume ls
-      register: docker_volumes
-      when: docker_installed.rc == 0
-      
-    - name: Display Docker volumes
-      debug:
-        msg: "💾 Docker Volumes: {{ docker_volumes.stdout_lines }}"
-      when: docker_installed.rc == 0
-      
-    # 检查 Docker 网络
-    - name: List Docker networks
-      shell: docker network ls
-      register: docker_networks
-      when: docker_installed.rc == 0
-      
-    - name: Display Docker networks
-      debug:
-        msg: "🌐 Docker Networks: {{ docker_networks.stdout_lines }}"
-      when: docker_installed.rc == 0
-      
-    # 检查容器资源使用
-    - name: Check container resource usage
-      shell: docker stats --no-stream --format "table {{.Name}}\t{{.CPUPerc}}\t{{.MemUsage}}\t{{.NetIO}}"
-      register: container_stats
-      when: docker_installed.rc == 0
-      
-    - name: Display container resource usage
-      debug:
-        msg: "📊 Container Stats: {{ container_stats.stdout_lines }}"
-      when: docker_installed.rc == 0
-      
-    # 检查 Docker 服务状态
-    - name: Check Docker service status
-      systemd:
-        name: docker
-      register: docker_service_status
-      when: docker_installed.rc == 0
-      
-    - name: Display Docker service status
-      debug:
-        msg: "🔧 Docker Service: {{ docker_service_status.status.ActiveState }}"
-      when: docker_installed.rc == 0
-      
-    # 清理建议
-    - name: Suggest cleanup if needed
-      debug:
-        msg: |
-          💡 Cleanup suggestions:
-          - Run 'docker system prune -f' to remove unused data
-          - Run 'docker image prune -f' to remove dangling images
-          - Run 'docker volume prune -f' to remove unused volumes
-      when: docker_installed.rc == 0 and (dangling_images.stdout_lines | length > 0 or stopped_containers.stdout_lines | length > 1)

configuration/playbooks/applications/docker-status-check.yml

@@ -1,97 +0,0 @@
----
-- name: Docker Status Check for HCP Nodes
-  hosts: hcp
-  gather_facts: yes
-  become: yes
-  
-  tasks:
-    - name: Check if Docker is installed
-      command: docker --version
-      register: docker_version
-      ignore_errors: yes
-      
-    - name: Display Docker version
-      debug:
-        msg: "Docker version: {{ docker_version.stdout }}"
-      when: docker_version.rc == 0
-      
-    - name: Check Docker service status
-      systemd:
-        name: docker
-      register: docker_service_status
-      
-    - name: Display Docker service status
-      debug:
-        msg: "Docker service is {{ docker_service_status.status.ActiveState }}"
-        
-    - name: Check Docker daemon info
-      command: docker info --format "{{ '{{' }}.ServerVersion{{ '}}' }}"
-      register: docker_info
-      ignore_errors: yes
-      
-    - name: Display Docker daemon info
-      debug:
-        msg: "Docker daemon version: {{ docker_info.stdout }}"
-      when: docker_info.rc == 0
-      
-    - name: Check Docker Swarm status
-      command: docker info --format "{{ '{{' }}.Swarm.LocalNodeState{{ '}}' }}"
-      register: swarm_status
-      ignore_errors: yes
-      
-    - name: Display Swarm status
-      debug:
-        msg: "Swarm status: {{ swarm_status.stdout }}"
-      when: swarm_status.rc == 0
-      
-    - name: Get Docker Swarm node info (if in swarm)
-      command: docker node ls
-      register: swarm_nodes
-      ignore_errors: yes
-      when: swarm_status.stdout == "active"
-      
-    - name: Display Swarm nodes
-      debug:
-        msg: "{{ swarm_nodes.stdout_lines }}"
-      when: swarm_nodes is defined and swarm_nodes.rc == 0
-      
-    - name: List running containers
-      command: docker ps --format "table {{ '{{' }}.Names{{ '}}' }}\t{{ '{{' }}.Status{{ '}}' }}\t{{ '{{' }}.Ports{{ '}}' }}"
-      register: running_containers
-      ignore_errors: yes
-      
-    - name: Display running containers
-      debug:
-        msg: "{{ running_containers.stdout_lines }}"
-      when: running_containers.rc == 0
-      
-    - name: Check Docker network list
-      command: docker network ls
-      register: docker_networks
-      ignore_errors: yes
-      
-    - name: Display Docker networks
-      debug:
-        msg: "{{ docker_networks.stdout_lines }}"
-      when: docker_networks.rc == 0
-      
-    - name: Get Docker system info
-      command: docker system df
-      register: docker_system_info
-      ignore_errors: yes
-      
-    - name: Display Docker system usage
-      debug:
-        msg: "{{ docker_system_info.stdout_lines }}"
-      when: docker_system_info.rc == 0
-      
-    - name: Check if node is Swarm manager
-      command: docker node inspect self --format "{{ '{{' }}.ManagerStatus.Leader{{ '}}' }}"
-      register: is_manager
-      ignore_errors: yes
-      when: swarm_status.stdout == "active"
-      
-    - name: Display manager status
-      debug:
-        msg: "Is Swarm manager: {{ is_manager.stdout }}"
-      when: is_manager is defined and is_manager.rc == 0

configuration/playbooks/applications/docker-swarm-analysis-simple.yml

@@ -1,210 +0,0 @@
----
-- name: Simple Docker Swarm Analysis for ash3c
-  hosts: ash3c
-  become: yes
-  gather_facts: yes
-  
-  tasks:
-    # 基础检查
-    - name: Check if Docker is installed
-      command: which docker
-      register: docker_installed
-      failed_when: false
-      changed_when: false
-      
-    - name: Fail if Docker not installed
-      fail:
-        msg: "Docker is not installed on {{ inventory_hostname }}"
-      when: docker_installed.rc != 0
-      
-    # 检查当前 Swarm 状态
-    - name: Check Docker Swarm status
-      shell: docker info | grep "Swarm:" -A 1
-      register: swarm_status
-      
-    - name: Display current Swarm status
-      debug:
-        msg: "🔍 Current Swarm Status: {{ swarm_status.stdout_lines }}"
-        
-    # 获取运行中的容器
-    - name: Get running containers
-      shell: docker ps --format "table {{ '{{' }}.Names{{ '}}' }}\t{{ '{{' }}.Image{{ '}}' }}\t{{ '{{' }}.Status{{ '}}' }}\t{{ '{{' }}.Ports{{ '}}' }}"
-      register: running_containers
-      
-    - name: Display running containers
-      debug:
-        msg: "🏃 Running Containers: {{ running_containers.stdout_lines }}"
-        
-    # 获取所有容器（包括停止的）
-    - name: Get all containers
-      shell: docker ps -a --format "table {{ '{{' }}.Names{{ '}}' }}\t{{ '{{' }}.Image{{ '}}' }}\t{{ '{{' }}.Status{{ '}}' }}"
-      register: all_containers
-      
-    - name: Display all containers
-      debug:
-        msg: "📦 All Containers: {{ all_containers.stdout_lines }}"
-        
-    # 检查每个容器的详细信息
-    - name: Get container names only
-      shell: docker ps -a --format "{{ '{{' }}.Names{{ '}}' }}"
-      register: container_names
-      
-    - name: Inspect each container
-      shell: |
-        echo "=== Container: {{ item }} ==="
-        echo "Image: $(docker inspect {{ item }} --format '{{ '{{' }}.Config.Image{{ '}}' }}')"
-        echo "Status: $(docker inspect {{ item }} --format '{{ '{{' }}.State.Status{{ '}}' }}')"
-        echo "Restart Policy: $(docker inspect {{ item }} --format '{{ '{{' }}.HostConfig.RestartPolicy.Name{{ '}}' }}')"
-        echo "Network Mode: $(docker inspect {{ item }} --format '{{ '{{' }}.HostConfig.NetworkMode{{ '}}' }}')"
-        echo "Published Ports: $(docker port {{ item }} 2>/dev/null || echo 'None')"
-        echo "Volumes/Mounts:"
-        docker inspect {{ item }} --format '{{ '{{' }}range .Mounts{{ '}}' }}  {{ '{{' }}.Source{{ '}}' }}:{{ '{{' }}.Destination{{ '}}' }} ({{ '{{' }}.Mode{{ '}}' }}){{ '{{' }}"\n"{{ '}}' }}{{ '{{' }}end{{ '}}' }}' || echo "  None"
-        echo "Environment Variables:"
-        docker inspect {{ item }} --format '{{ '{{' }}range .Config.Env{{ '}}' }}  {{ '{{' }}.{{ '}}' }}{{ '{{' }}"\n"{{ '}}' }}{{ '{{' }}end{{ '}}' }}' | head -10
-        echo "Labels:"
-        docker inspect {{ item }} --format '{{ '{{' }}range $key, $value := .Config.Labels{{ '}}' }}  {{ '{{' }}$key{{ '}}' }}={{ '{{' }}$value{{ '}}' }}{{ '{{' }}"\n"{{ '}}' }}{{ '{{' }}end{{ '}}' }}' | head -5
-        echo "---"
-      register: container_inspect
-      loop: "{{ container_names.stdout_lines }}"
-      when: container_names.stdout_lines | length > 0
-      
-    - name: Display container inspection results
-      debug:
-        msg: "{{ item.stdout }}"
-      loop: "{{ container_inspect.results }}"
-      when: container_inspect is defined
-      
-    # 检查 Docker Compose 文件
-    - name: Find docker-compose files
-      find:
-        paths: 
-          - /root
-          - /home
-          - /opt
-        patterns: 
-          - "docker-compose.yml"
-          - "docker-compose.yaml"
-          - "compose.yml"
-          - "compose.yaml"
-        recurse: yes
-        depth: 3
-      register: compose_files
-      
-    - name: Display found compose files
-      debug:
-        msg: "📄 Found compose files: {{ item.path }}"
-      loop: "{{ compose_files.files }}"
-      when: compose_files.files | length > 0
-      
-    # 分析网络配置
-    - name: Get Docker networks
-      shell: docker network ls
-      register: docker_networks
-      
-    - name: Display Docker networks
-      debug:
-        msg: "🌐 Docker Networks: {{ docker_networks.stdout_lines }}"
-        
-    # 检查卷使用情况
-    - name: Get Docker volumes
-      shell: docker volume ls
-      register: docker_volumes
-      
-    - name: Display Docker volumes
-      debug:
-        msg: "💾 Docker Volumes: {{ docker_volumes.stdout_lines }}"
-        
-    # 检查容器资源使用
-    - name: Get container resource usage
-      shell: docker stats --no-stream
-      register: container_stats
-      when: container_names.stdout_lines | length > 0
-      
-    - name: Display container stats
-      debug:
-        msg: "📊 Container Resource Usage: {{ container_stats.stdout_lines }}"
-      when: container_stats is defined
-      
-    # 生成 Swarm 适用性分析
-    - name: Generate Swarm suitability analysis
-      debug:
-        msg: |
-          🔍 DOCKER SWARM MIGRATION ANALYSIS FOR {{ inventory_hostname }}
-          ================================================================
-          
-          📋 SUMMARY:
-          - Current Swarm Status: {{ 'Active' if 'active' in swarm_status.stdout else 'Inactive' }}
-          - Total Containers: {{ container_names.stdout_lines | length }}
-          - Running Containers: {{ (running_containers.stdout_lines | length) - 1 }}
-          - Compose Files Found: {{ compose_files.files | length }}
-          
-          💡 GENERAL RECOMMENDATIONS:
-          
-          ✅ SUITABLE FOR SWARM (typically):
-          - Web applications (nginx, apache, etc.)
-          - API services
-          - Databases (with proper volume management)
-          - Monitoring tools (prometheus, grafana, etc.)
-          - Load balancers
-          
-          ❌ NOT SUITABLE FOR SWARM:
-          - Containers using Docker socket (/var/run/docker.sock)
-          - Containers with --privileged flag
-          - Containers requiring specific host access
-          - Development/testing containers
-          
-          ⚠️  NEEDS MODIFICATION:
-          - Containers using bind mounts (convert to volumes)
-          - Containers without restart policies
-          - Containers using host networking
-          
-          🚀 NEXT STEPS:
-          1. Review each container's configuration above
-          2. Identify services that can benefit from scaling
-          3. Convert suitable containers to Docker services
-          4. Set up overlay networks
-          5. Configure secrets and configs management
-          
-          📝 MIGRATION CHECKLIST:
-          □ Initialize Swarm (already done: {{ 'Yes' if 'active' in swarm_status.stdout else 'No' }})
-          □ Create overlay networks
-          □ Convert containers to services
-          □ Set up service discovery
-          □ Configure load balancing
-          □ Test service scaling
-          □ Set up monitoring
-      when: container_names is defined
-      
-    # 保存分析结果
-    - name: Save analysis summary
-      copy:
-        content: |
-          Docker Swarm Analysis for {{ inventory_hostname }}
-          Generated: {{ ansible_date_time.iso8601 }}
-          
-          Current Swarm Status: {{ swarm_status.stdout }}
-          Total Containers: {{ container_names.stdout_lines | length }}
-          
-          Container List:
-          {{ container_names.stdout_lines | join('\n') }}
-          
-          Networks:
-          {{ docker_networks.stdout }}
-          
-          Volumes:
-          {{ docker_volumes.stdout }}
-          
-          Compose Files Found:
-          {% for file in compose_files.files %}
-          - {{ file.path }}
-          {% endfor %}
-        dest: "/tmp/swarm-analysis-{{ inventory_hostname }}-{{ ansible_date_time.epoch }}.txt"
-      
-    - name: Analysis complete
-      debug:
-        msg: |
-          🎉 Analysis complete! 
-          Results saved to: /tmp/swarm-analysis-{{ inventory_hostname }}-{{ ansible_date_time.epoch }}.txt
-          
-          Review the container details above to determine which services
-          are suitable for Swarm migration.

configuration/playbooks/applications/docker-swarm-analysis.yml

@@ -1,246 +0,0 @@
----
-- name: Docker Swarm Migration Analysis for ash3c
-  hosts: ash3c
-  become: yes
-  gather_facts: yes
-  
-  vars:
-    analysis_results: []
-    
-  tasks:
-    # 基础检查
-    - name: Check if Docker is installed
-      command: which docker
-      register: docker_installed
-      failed_when: false
-      changed_when: false
-      
-    - name: Fail if Docker not installed
-      fail:
-        msg: "Docker is not installed on {{ inventory_hostname }}"
-      when: docker_installed.rc != 0
-      
-    # 检查当前 Swarm 状态
-    - name: Check Docker Swarm status
-      shell: docker info --format "{{ '{{' }}.Swarm.LocalNodeState{{ '}}' }}"
-      register: swarm_status
-      
-    - name: Display current Swarm status
-      debug:
-        msg: "🔍 Current Swarm Status: {{ swarm_status.stdout }}"
-        
-    # 获取所有容器的详细信息
-    - name: Get all containers (running and stopped)
-      shell: docker ps -a --format "{{ '{{' }}.Names{{ '}}' }}"
-      register: all_containers
-      
-    - name: Get basic container information
-      shell: |
-        echo "=== Container: {{ item }} ==="
-        docker inspect {{ item }} | jq -r '
-        .[0] | 
-        "Image: " + .Config.Image,
-        "Status: " + .State.Status,
-        "RestartPolicy: " + .HostConfig.RestartPolicy.Name,
-        "NetworkMode: " + .HostConfig.NetworkMode,
-        "Ports: " + (.NetworkSettings.Ports | keys | join(", ")),
-        "Volumes: " + ([.Mounts[]? | .Source + ":" + .Destination + ":" + .Mode] | join(" ")),
-        "Memory: " + (.HostConfig.Memory | tostring),
-        "CPUs: " + (.HostConfig.NanoCpus | tostring)
-        '
-        echo "---"
-      register: container_details
-      loop: "{{ all_containers.stdout_lines }}"
-      when: all_containers.stdout_lines | length > 0
-      
-    - name: Display container details
-      debug:
-        msg: "{{ item.stdout }}"
-      loop: "{{ container_details.results }}"
-      when: container_details is defined
-      
-    # 检查 Docker Compose 文件
-    - name: Find docker-compose files
-      find:
-        paths: 
-          - /root
-          - /home
-          - /opt
-        patterns: 
-          - "docker-compose.yml"
-          - "docker-compose.yaml"
-          - "compose.yml"
-          - "compose.yaml"
-        recurse: yes
-      register: compose_files
-      
-    - name: Display found compose files
-      debug:
-        msg: "📄 Found compose files: {{ item.path }}"
-      loop: "{{ compose_files.files }}"
-      when: compose_files.files | length > 0
-      
-    # 分析网络配置
-    - name: Get Docker networks
-      shell: docker network ls --format "{{ '{{' }}.Name{{ '}}' }}\t{{ '{{' }}.Driver{{ '}}' }}\t{{ '{{' }}.Scope{{ '}}' }}"
-      register: docker_networks
-      
-    - name: Display Docker networks
-      debug:
-        msg: "🌐 Docker Networks: {{ docker_networks.stdout_lines }}"
-        
-    # 检查卷使用情况
-    - name: Get Docker volumes
-      shell: docker volume ls --format "{{ '{{' }}.Name{{ '}}' }}\t{{ '{{' }}.Driver{{ '}}' }}"
-      register: docker_volumes
-      
-    - name: Display Docker volumes
-      debug:
-        msg: "💾 Docker Volumes: {{ docker_volumes.stdout_lines }}"
-        
-    # 检查容器资源使用
-    - name: Get container resource usage
-      shell: docker stats --no-stream --format "{{ '{{' }}.Name{{ '}}' }}\t{{ '{{' }}.CPUPerc{{ '}}' }}\t{{ '{{' }}.MemUsage{{ '}}' }}\t{{ '{{' }}.NetIO{{ '}}' }}\t{{ '{{' }}.BlockIO{{ '}}' }}"
-      register: container_stats
-      when: all_containers.stdout_lines | length > 0
-      
-    - name: Display container stats
-      debug:
-        msg: "📊 Container Resource Usage: {{ container_stats.stdout_lines }}"
-      when: container_stats is defined
-      
-    # 分析服务类型和 Swarm 适用性
-    - name: Analyze containers for Swarm suitability
-      set_fact:
-        swarm_analysis: |
-          🔍 SWARM MIGRATION ANALYSIS FOR {{ inventory_hostname }}
-          ================================================
-          
-          Current Swarm Status: {{ swarm_status.stdout }}
-          Total Containers: {{ all_containers.stdout_lines | length }}
-          
-          📋 CONTAINER ANALYSIS:
-          {% for container in container_details.results %}
-          
-          Container: {{ container.item }}
-          {% set details = container.stdout.split('\n') %}
-          {% for line in details %}
-          {{ line }}
-          {% endfor %}
-          
-          SWARM SUITABILITY ASSESSMENT:
-          {% if 'restart=always' in container.stdout or 'restart=unless-stopped' in container.stdout %}
-          ✅ Good restart policy for Swarm
-          {% else %}
-          ⚠️  Consider adding restart policy
-          {% endif %}
-          
-          {% if 'NetworkMode: bridge' in container.stdout or 'NetworkMode: host' in container.stdout %}
-          ⚠️  May need network configuration for Swarm
-          {% else %}
-          ✅ Custom network - good for Swarm
-          {% endif %}
-          
-          {% if '/var/run/docker.sock' in container.stdout %}
-          ❌ Uses Docker socket - NOT suitable for Swarm
-          {% elif 'bind' in container.stdout %}
-          ⚠️  Uses bind mounts - consider using volumes
-          {% else %}
-          ✅ Good volume configuration
-          {% endif %}
-          
-          {% endfor %}
-          
-          💡 RECOMMENDATIONS:
-          
-          SUITABLE FOR SWARM:
-          {% for container in container_details.results %}
-          {% if '/var/run/docker.sock' not in container.stdout %}
-          - {{ container.item }}: Ready for Swarm migration
-          {% endif %}
-          {% endfor %}
-          
-          NEEDS MODIFICATION:
-          {% for container in container_details.results %}
-          {% if '/var/run/docker.sock' in container.stdout %}
-          - {{ container.item }}: Uses Docker socket - keep as standalone
-          {% elif 'bind' in container.stdout %}
-          - {{ container.item }}: Convert bind mounts to volumes
-          {% endif %}
-          {% endfor %}
-          
-          NEXT STEPS:
-          1. Initialize Swarm: docker swarm init
-          2. Create overlay networks for services
-          3. Convert suitable containers to services
-          4. Set up service discovery and load balancing
-          5. Configure secrets and configs management
-      when: container_details is defined
-      
-    - name: Display Swarm analysis
-      debug:
-        msg: "{{ swarm_analysis }}"
-      when: swarm_analysis is defined
-      
-    # 生成迁移脚本建议
-    - name: Generate migration script suggestions
-      set_fact:
-        migration_script: |
-          #!/bin/bash
-          # Docker Swarm Migration Script for {{ inventory_hostname }}
-          # Generated on {{ ansible_date_time.iso8601 }}
-          
-          echo "🚀 Starting Docker Swarm migration..."
-          
-          # Initialize Swarm (if not already done)
-          if [ "{{ swarm_status.stdout }}" != "active" ]; then
-              echo "Initializing Docker Swarm..."
-              docker swarm init
-          fi
-          
-          # Create overlay networks
-          echo "Creating overlay networks..."
-          docker network create -d overlay --attachable app-network
-          
-          # Example service creation (modify as needed)
-          {% for container in container_details.results if container_details is defined %}
-          {% if '/var/run/docker.sock' not in container.stdout %}
-          echo "Converting {{ container.item }} to Swarm service..."
-          # docker service create --name {{ container.item }}-svc \
-          #   --network app-network \
-          #   --replicas 1 \
-          #   [ADD_YOUR_SPECIFIC_OPTIONS] \
-          #   [IMAGE_NAME]
-          {% endif %}
-          {% endfor %}
-          
-          echo "✅ Migration script template generated!"
-          echo "Please review and customize before running."
-      when: container_details is defined
-      
-    - name: Display migration script
-      debug:
-        msg: "{{ migration_script }}"
-      when: migration_script is defined
-      
-    # 保存分析结果到文件
-    - name: Save analysis results to file
-      copy:
-        content: |
-          {{ swarm_analysis }}
-          
-          MIGRATION SCRIPT:
-          {{ migration_script }}
-        dest: "/tmp/swarm-analysis-{{ inventory_hostname }}-{{ ansible_date_time.epoch }}.txt"
-      when: swarm_analysis is defined and migration_script is defined
-      
-    - name: Analysis complete
-      debug:
-        msg: |
-          🎉 Analysis complete! 
-          Results saved to: /tmp/swarm-analysis-{{ inventory_hostname }}-{{ ansible_date_time.epoch }}.txt
-          
-          Summary:
-          - Total containers analyzed: {{ all_containers.stdout_lines | length }}
-          - Compose files found: {{ compose_files.files | length }}
-          - Current Swarm status: {{ swarm_status.stdout }}

configuration/playbooks/applications/docker-swarm-check.yml

@@ -1,236 +0,0 @@
----
-- name: Docker Swarm Check for ash3c
-  hosts: ash3c
-  become: yes
-  gather_facts: yes
-  
-  tasks:
-    # 基础检查
-    - name: Check if Docker is installed
-      command: which docker
-      register: docker_installed
-      failed_when: false
-      changed_when: false
-      
-    - name: Fail if Docker not installed
-      fail:
-        msg: "Docker is not installed on {{ inventory_hostname }}"
-      when: docker_installed.rc != 0
-      
-    # 检查当前 Swarm 状态
-    - name: Check Docker Swarm status
-      shell: docker info | grep "Swarm:" -A 1
-      register: swarm_status
-      
-    - name: Display current Swarm status
-      debug:
-        msg: "🔍 Current Swarm Status: {{ swarm_status.stdout_lines }}"
-        
-    # 获取运行中的容器 - 使用简单格式
-    - name: Get running containers
-      shell: docker ps
-      register: running_containers
-      
-    - name: Display running containers
-      debug:
-        msg: "🏃 Running Containers:\n{{ running_containers.stdout }}"
-        
-    # 获取所有容器（包括停止的）
-    - name: Get all containers
-      shell: docker ps -a
-      register: all_containers
-      
-    - name: Display all containers
-      debug:
-        msg: "📦 All Containers:\n{{ all_containers.stdout }}"
-        
-    # 获取容器名称列表
-    - name: Get container names
-      shell: docker ps -a | awk 'NR>1 {print $NF}' | head -20
-      register: container_names
-      
-    - name: Display container names
-      debug:
-        msg: "Container names: {{ container_names.stdout_lines }}"
-        
-    # 检查每个容器的基本信息
-    - name: Get basic container info
-      shell: |
-        echo "=== Container: {{ item }} ==="
-        docker inspect {{ item }} | jq -r '.[0] | {
-          "Image": .Config.Image,
-          "Status": .State.Status,
-          "RestartPolicy": .HostConfig.RestartPolicy.Name,
-          "NetworkMode": .HostConfig.NetworkMode
-        }'
-        echo "Ports:"
-        docker port {{ item }} 2>/dev/null || echo "No published ports"
-        echo "Mounts:"
-        docker inspect {{ item }} | jq -r '.[0].Mounts[]? | "  \(.Source):\(.Destination) (\(.Mode))"'
-        echo "---"
-      register: container_info
-      loop: "{{ container_names.stdout_lines[:10] }}"  # 限制前10个容器
-      when: container_names.stdout_lines | length > 0
-      
-    - name: Display container info
-      debug:
-        msg: "{{ item.stdout }}"
-      loop: "{{ container_info.results }}"
-      when: container_info is defined
-      
-    # 检查 Docker Compose 文件
-    - name: Find docker-compose files in common locations
-      find:
-        paths: 
-          - /root
-          - /home
-          - /opt
-          - /var/lib/docker
-        patterns: 
-          - "docker-compose.yml"
-          - "docker-compose.yaml"
-          - "compose.yml"
-          - "compose.yaml"
-        recurse: yes
-        depth: 3
-      register: compose_files
-      ignore_errors: yes
-      
-    - name: Display found compose files
-      debug:
-        msg: "📄 Found compose files: {{ compose_files.files | map(attribute='path') | list }}"
-      when: compose_files.files | length > 0
-      
-    # 分析网络配置
-    - name: Get Docker networks
-      shell: docker network ls
-      register: docker_networks
-      
-    - name: Display Docker networks
-      debug:
-        msg: "🌐 Docker Networks:\n{{ docker_networks.stdout }}"
-        
-    # 检查卷使用情况
-    - name: Get Docker volumes
-      shell: docker volume ls
-      register: docker_volumes
-      
-    - name: Display Docker volumes
-      debug:
-        msg: "💾 Docker Volumes:\n{{ docker_volumes.stdout }}"
-        
-    # 检查容器资源使用
-    - name: Get container resource usage
-      shell: docker stats --no-stream
-      register: container_stats
-      when: container_names.stdout_lines | length > 0
-      
-    - name: Display container stats
-      debug:
-        msg: "📊 Container Resource Usage:\n{{ container_stats.stdout }}"
-      when: container_stats is defined
-      
-    # 检查 Docker 镜像
-    - name: Get Docker images
-      shell: docker images
-      register: docker_images
-      
-    - name: Display Docker images
-      debug:
-        msg: "🖼️ Docker Images:\n{{ docker_images.stdout }}"
-        
-    # 生成 Swarm 适用性分析
-    - name: Generate Swarm suitability analysis
-      debug:
-        msg: |
-          
-          🔍 DOCKER SWARM MIGRATION ANALYSIS FOR {{ inventory_hostname }}
-          ================================================================
-          
-          📋 SUMMARY:
-          - Current Swarm Status: {{ 'Active' if 'active' in swarm_status.stdout else 'Inactive' }}
-          - Total Containers: {{ container_names.stdout_lines | length }}
-          - Running Containers: {{ running_containers.stdout_lines | length - 1 }}
-          - Compose Files Found: {{ compose_files.files | length if compose_files.files is defined else 0 }}
-          
-          💡 SWARM MIGRATION RECOMMENDATIONS:
-          
-          ✅ TYPICALLY SUITABLE FOR SWARM:
-          - Web servers (nginx, apache, caddy)
-          - API services and microservices
-          - Application servers
-          - Load balancers (traefik, haproxy)
-          - Monitoring tools (prometheus, grafana)
-          - Databases (with proper volume strategy)
-          
-          ❌ NOT SUITABLE FOR SWARM:
-          - Containers using Docker socket (/var/run/docker.sock)
-          - Containers with --privileged flag
-          - Development/testing containers
-          - Containers requiring specific host hardware access
-          
-          ⚠️  NEEDS MODIFICATION FOR SWARM:
-          - Containers using bind mounts → convert to volumes
-          - Containers without restart policies → add restart policies
-          - Containers using host networking → use overlay networks
-          - Containers with hardcoded IPs → use service discovery
-          
-          🚀 MIGRATION STEPS:
-          1. ✅ Swarm is already initialized
-          2. Create overlay networks for service communication
-          3. Convert suitable containers to Docker services
-          4. Set up service discovery and load balancing
-          5. Configure secrets and configs management
-          6. Test service scaling and failover
-          
-          📝 NEXT ACTIONS:
-          - Review each container above for Swarm suitability
-          - Identify services that would benefit from scaling
-          - Plan network topology for services
-          - Prepare volume migration strategy
-      when: container_names is defined
-      
-    # 保存分析结果
-    - name: Save analysis summary to file
-      copy:
-        content: |
-          Docker Swarm Analysis for {{ inventory_hostname }}
-          Generated: {{ ansible_date_time.iso8601 }}
-          
-          SWARM STATUS:
-          {{ swarm_status.stdout }}
-          
-          CONTAINERS ({{ container_names.stdout_lines | length }} total):
-          {{ container_names.stdout_lines | join('\n') }}
-          
-          NETWORKS:
-          {{ docker_networks.stdout }}
-          
-          VOLUMES:
-          {{ docker_volumes.stdout }}
-          
-          IMAGES:
-          {{ docker_images.stdout }}
-          
-          {% if compose_files.files is defined and compose_files.files | length > 0 %}
-          COMPOSE FILES FOUND:
-          {% for file in compose_files.files %}
-          - {{ file.path }}
-          {% endfor %}
-          {% endif %}
-        dest: "/tmp/swarm-analysis-{{ inventory_hostname }}-{{ ansible_date_time.epoch }}.txt"
-      
-    - name: Analysis complete
-      debug:
-        msg: |
-          
-          🎉 ANALYSIS COMPLETE!
-          
-          📄 Results saved to: /tmp/swarm-analysis-{{ inventory_hostname }}-{{ ansible_date_time.epoch }}.txt
-          
-          🔍 Review the container details above to identify:
-          - Which services are suitable for Swarm
-          - Which containers need modification
-          - Migration priority and strategy
-          
-          💡 TIP: Focus on stateless services first for easier migration!

configuration/playbooks/applications/gitea-runner-management.yml

@@ -1,95 +0,0 @@
----
-- name: Gitea Runner Management
-  hosts: hcp
-  become: yes
-  vars:
-    gitea_runner_user: "gitea-runner"
-    gitea_runner_data_dir: "/var/lib/gitea-runner"
-    gitea_runner_log_dir: "/var/log/gitea-runner"
-
-  tasks:
-    - name: Check gitea-runner service status
-      systemd:
-        name: gitea-runner
-      register: service_status
-
-    - name: Display service status
-      debug:
-        msg: |
-          Service: {{ service_status.status.ActiveState }}
-          Enabled: {{ service_status.status.UnitFileState }}
-          Main PID: {{ service_status.status.MainPID | default('N/A') }}
-
-    - name: Show recent logs
-      command: journalctl -u gitea-runner --no-pager -n 20
-      register: recent_logs
-      changed_when: false
-
-    - name: Display recent logs
-      debug:
-        var: recent_logs.stdout_lines
-
-    - name: Check runner registration
-      stat:
-        path: "{{ gitea_runner_data_dir }}/.runner"
-      register: runner_registered
-
-    - name: Display registration status
-      debug:
-        msg: "Runner registered: {{ runner_registered.stat.exists }}"
-
-    - name: Show runner configuration (if registered)
-      command: cat {{ gitea_runner_data_dir }}/.runner
-      register: runner_config
-      become_user: "{{ gitea_runner_user }}"
-      when: runner_registered.stat.exists
-      changed_when: false
-
-    - name: Display runner configuration
-      debug:
-        var: runner_config.stdout_lines
-      when: runner_registered.stat.exists
-
-    - name: Check Docker access for runner user
-      command: docker ps
-      become_user: "{{ gitea_runner_user }}"
-      register: docker_access
-      changed_when: false
-      failed_when: false
-
-    - name: Display Docker access status
-      debug:
-        msg: |
-          Docker access: {{ 'OK' if docker_access.rc == 0 else 'FAILED' }}
-          {% if docker_access.rc != 0 %}
-          Error: {{ docker_access.stderr }}
-          {% endif %}
-
-# 单独的任务用于管理服务
-- name: Service Management Tasks
-  hosts: hcp
-  become: yes
-  tasks:
-    - name: Start gitea-runner service
-      systemd:
-        name: gitea-runner
-        state: started
-      when: ansible_run_tags is defined and 'start' in ansible_run_tags
-
-    - name: Stop gitea-runner service
-      systemd:
-        name: gitea-runner
-        state: stopped
-      when: ansible_run_tags is defined and 'stop' in ansible_run_tags
-
-    - name: Restart gitea-runner service
-      systemd:
-        name: gitea-runner
-        state: restarted
-      when: ansible_run_tags is defined and 'restart' in ansible_run_tags
-
-    - name: Reload gitea-runner service
-      systemd:
-        name: gitea-runner
-        state: reloaded
-      when: ansible_run_tags is defined and 'reload' in ansible_run_tags

configuration/playbooks/applications/gitea-runner-setup.yml

@@ -1,157 +0,0 @@
----
-- name: Setup Gitea Runner on HCP nodes
-  hosts: hcp
-  become: yes
-  vars:
-    gitea_runner_token: "vOrrQda6Qiet9YOj4waZVU5QgLig2J3rKp2RfoN7"
-    gitea_server_url: "http://gitea:3000"
-    gitea_runner_user: "gitea-runner"
-    gitea_runner_home: "/home/{{ gitea_runner_user }}"
-    gitea_runner_config_dir: "/etc/gitea-runner"
-    gitea_runner_data_dir: "/var/lib/gitea-runner"
-    gitea_runner_log_dir: "/var/log/gitea-runner"
-    gitea_runner_binary: "/usr/bin/act_runner"
-
-  tasks:
-    - name: Check if gitea-runner binary exists
-      stat:
-        path: "{{ gitea_runner_binary }}"
-      register: runner_binary
-
-    - name: Fail if act_runner binary not found
-      fail:
-        msg: "Act runner binary not found at {{ gitea_runner_binary }}. Please install it first."
-      when: not runner_binary.stat.exists
-
-    - name: Create gitea-runner user
-      user:
-        name: "{{ gitea_runner_user }}"
-        system: yes
-        shell: /bin/bash
-        home: "{{ gitea_runner_home }}"
-        create_home: yes
-        comment: "Gitea Runner Service User"
-
-    - name: Create gitea-runner directories
-      file:
-        path: "{{ item }}"
-        state: directory
-        owner: "{{ gitea_runner_user }}"
-        group: "{{ gitea_runner_user }}"
-        mode: '0755'
-      loop:
-        - "{{ gitea_runner_config_dir }}"
-        - "{{ gitea_runner_data_dir }}"
-        - "{{ gitea_runner_log_dir }}"
-
-    - name: Create gitea-runner configuration file
-      template:
-        src: gitea-runner-config.yml.j2
-        dest: "{{ gitea_runner_config_dir }}/config.yml"
-        owner: "{{ gitea_runner_user }}"
-        group: "{{ gitea_runner_user }}"
-        mode: '0600'
-      notify: restart gitea-runner
-
-    - name: Create gitea-runner systemd service file
-      template:
-        src: gitea-runner.service.j2
-        dest: /etc/systemd/system/gitea-runner.service
-        owner: root
-        group: root
-        mode: '0644'
-      notify:
-        - reload systemd
-        - restart gitea-runner
-
-    - name: Create gitea-runner environment file
-      template:
-        src: gitea-runner.env.j2
-        dest: /etc/default/gitea-runner
-        owner: root
-        group: root
-        mode: '0600'
-      notify: restart gitea-runner
-
-    - name: Create runner registration script
-      template:
-        src: register-runner.sh.j2
-        dest: "{{ gitea_runner_home }}/register-runner.sh"
-        owner: "{{ gitea_runner_user }}"
-        group: "{{ gitea_runner_user }}"
-        mode: '0755'
-
-    - name: Check if runner is already registered
-      stat:
-        path: "{{ gitea_runner_data_dir }}/.runner"
-      register: runner_registered
-
-    - name: Register gitea runner
-      command: "{{ gitea_runner_home }}/register-runner.sh"
-      become_user: "{{ gitea_runner_user }}"
-      when: not runner_registered.stat.exists
-      register: registration_result
-
-    - name: Display registration result
-      debug:
-        var: registration_result.stdout_lines
-      when: registration_result is defined and registration_result.stdout_lines is defined
-
-    - name: Create runner startup script
-      template:
-        src: start-runner.sh.j2
-        dest: "{{ gitea_runner_home }}/start-runner.sh"
-        owner: "{{ gitea_runner_user }}"
-        group: "{{ gitea_runner_user }}"
-        mode: '0755'
-
-    - name: Create logrotate configuration for gitea-runner
-      template:
-        src: gitea-runner.logrotate.j2
-        dest: /etc/logrotate.d/gitea-runner
-        owner: root
-        group: root
-        mode: '0644'
-
-    - name: Install Docker (required for runner)
-      package:
-        name: docker.io
-        state: present
-
-    - name: Add gitea-runner user to docker group
-      user:
-        name: "{{ gitea_runner_user }}"
-        groups: docker
-        append: yes
-
-    - name: Start and enable Docker service
-      systemd:
-        name: docker
-        state: started
-        enabled: yes
-
-    - name: Start and enable gitea-runner service
-      systemd:
-        name: gitea-runner
-        state: started
-        enabled: yes
-        daemon_reload: yes
-
-    - name: Check gitea-runner service status
-      systemd:
-        name: gitea-runner
-      register: service_status
-
-    - name: Display service status
-      debug:
-        msg: "Gitea Runner service is {{ service_status.status.ActiveState }}"
-
-  handlers:
-    - name: reload systemd
-      systemd:
-        daemon_reload: yes
-
-    - name: restart gitea-runner
-      systemd:
-        name: gitea-runner
-        state: restarted

configuration/playbooks/applications/swarm-migration-plan.yml

@@ -1,194 +0,0 @@
----
-- name: Docker Swarm Migration Plan for ash3c
-  hosts: ash3c
-  become: yes
-  gather_facts: yes
-  
-  vars:
-    # 定义服务迁移计划
-    swarm_services:
-      high_priority:
-        - name: ghproxy
-          image: wjqserver/ghproxy:latest
-          ports: "8046:8080"
-          replicas: 2
-          networks: ["app-network"]
-          
-        - name: redis
-          image: redis:latest
-          ports: "63789:6379"
-          replicas: 1
-          networks: ["app-network"]
-          volumes: ["redis-data:/data"]
-          
-      medium_priority:
-        - name: consul
-          image: bitnami/consul:latest
-          ports: 
-            - "8310:8300"
-            - "8311:8301"
-            - "8312:8302"
-            - "8501:8500"
-            - "8601:8600/udp"
-          replicas: 1
-          networks: ["consul-network"]
-          
-        - name: discourse-app
-          image: bitnami/discourse:3.4.1
-          ports: "31080:3000"
-          replicas: 1
-          networks: ["app-network"]
-          depends_on: ["postgres", "redis"]
-          
-        - name: discourse-sidekiq
-          image: bitnami/discourse:3.4.1
-          replicas: 1
-          networks: ["app-network"]
-          depends_on: ["postgres", "redis"]
-          
-      low_priority:
-        - name: elasticsearch
-          image: bitnami/elasticsearch:8.17.2
-          ports: "59200:9200"
-          replicas: 1
-          networks: ["elastic-network"]
-          volumes: ["elastic-data:/bitnami/elasticsearch/data"]
-          constraints: ["node.role==manager"]
-          
-        - name: postgres
-          image: postgres:17.2
-          ports: "54322:5432"
-          replicas: 1
-          networks: ["db-network"]
-          volumes: ["postgres-data:/var/lib/postgresql/data"]
-          constraints: ["node.role==manager"]
-          secrets: ["postgres_password"]
-  
-  tasks:
-    - name: Display migration plan
-      debug:
-        msg: |
-          🚀 DOCKER SWARM MIGRATION PLAN FOR {{ inventory_hostname }}
-          =========================================================
-          
-          📋 PHASE 1 - HIGH PRIORITY (Low Risk)
-          {% for service in swarm_services.high_priority %}
-          ✅ {{ service.name }}:
-             - Image: {{ service.image }}
-             - Replicas: {{ service.replicas }}
-             - Networks: {{ service.networks | join(', ') }}
-             - Migration: Safe, stateless service
-          {% endfor %}
-          
-          📋 PHASE 2 - MEDIUM PRIORITY (Medium Risk)
-          {% for service in swarm_services.medium_priority %}
-          ⚠️  {{ service.name }}:
-             - Image: {{ service.image }}
-             - Replicas: {{ service.replicas }}
-             - Networks: {{ service.networks | join(', ') }}
-             - Migration: Requires coordination
-          {% endfor %}
-          
-          📋 PHASE 3 - LOW PRIORITY (High Risk)
-          {% for service in swarm_services.low_priority %}
-          🔴 {{ service.name }}:
-             - Image: {{ service.image }}
-             - Replicas: {{ service.replicas }}
-             - Networks: {{ service.networks | join(', ') }}
-             - Migration: Requires careful planning
-          {% endfor %}
-    
-    - name: Create migration script
-      copy:
-        content: |
-          #!/bin/bash
-          # Docker Swarm Migration Script for {{ inventory_hostname }}
-          # Generated: {{ ansible_date_time.iso8601 }}
-          
-          set -e
-          
-          echo "🚀 Starting Docker Swarm Migration..."
-          
-          # Create networks
-          echo "📡 Creating overlay networks..."
-          docker network create -d overlay --attachable app-network || true
-          docker network create -d overlay --attachable db-network || true
-          docker network create -d overlay --attachable consul-network || true
-          docker network create -d overlay --attachable elastic-network || true
-          
-          # Create volumes
-          echo "💾 Creating volumes..."
-          docker volume create redis-data || true
-          docker volume create postgres-data || true
-          docker volume create elastic-data || true
-          
-          # Create secrets (example)
-          echo "🔐 Creating secrets..."
-          echo "your_postgres_password" | docker secret create postgres_password - || true
-          
-          echo "✅ Infrastructure setup complete!"
-          echo ""
-          echo "🔄 PHASE 1 - Migrate high priority services:"
-          echo "docker service create --name ghproxy-svc --replicas 2 --network app-network -p 8046:8080 wjqserver/ghproxy:latest"
-          echo "docker service create --name redis-svc --replicas 1 --network app-network -p 63789:6379 --mount type=volume,source=redis-data,target=/data redis:latest"
-          echo ""
-          echo "🔄 PHASE 2 - Migrate medium priority services:"
-          echo "docker service create --name consul-svc --replicas 1 --network consul-network -p 8310:8300 -p 8311:8301 -p 8312:8302 -p 8501:8500 -p 8601:8600/udp bitnami/consul:latest"
-          echo "docker service create --name discourse-app-svc --replicas 1 --network app-network -p 31080:3000 bitnami/discourse:3.4.1"
-          echo "docker service create --name discourse-sidekiq-svc --replicas 1 --network app-network bitnami/discourse:3.4.1"
-          echo ""
-          echo "🔄 PHASE 3 - Migrate low priority services (CAREFUL!):"
-          echo "docker service create --name postgres-svc --replicas 1 --network db-network -p 54322:5432 --mount type=volume,source=postgres-data,target=/var/lib/postgresql/data --secret postgres_password --constraint 'node.role==manager' postgres:17.2"
-          echo "docker service create --name elasticsearch-svc --replicas 1 --network elastic-network -p 59200:9200 --mount type=volume,source=elastic-data,target=/bitnami/elasticsearch/data --constraint 'node.role==manager' bitnami/elasticsearch:8.17.2"
-          echo ""
-          echo "📊 Monitor services:"
-          echo "docker service ls"
-          echo "docker service ps <service-name>"
-          echo ""
-          echo "⚠️  IMPORTANT NOTES:"
-          echo "1. Stop original containers before creating services"
-          echo "2. Backup data before migrating databases"
-          echo "3. Test each phase before proceeding"
-          echo "4. Monitor logs: docker service logs <service-name>"
-        dest: "/tmp/swarm-migration-{{ inventory_hostname }}.sh"
-        mode: '0755'
-    
-    - name: Create rollback script
-      copy:
-        content: |
-          #!/bin/bash
-          # Docker Swarm Rollback Script for {{ inventory_hostname }}
-          
-          echo "🔄 Rolling back Swarm services..."
-          
-          # Remove services
-          docker service rm ghproxy-svc redis-svc consul-svc discourse-app-svc discourse-sidekiq-svc postgres-svc elasticsearch-svc 2>/dev/null || true
-          
-          # Remove networks (optional)
-          # docker network rm app-network db-network consul-network elastic-network 2>/dev/null || true
-          
-          echo "✅ Rollback complete. Original containers should be restarted manually."
-        dest: "/tmp/swarm-rollback-{{ inventory_hostname }}.sh"
-        mode: '0755'
-    
-    - name: Migration plan complete
-      debug:
-        msg: |
-          🎉 MIGRATION PLAN GENERATED!
-          
-          📄 Files created:
-          - /tmp/swarm-migration-{{ inventory_hostname }}.sh (Migration script)
-          - /tmp/swarm-rollback-{{ inventory_hostname }}.sh (Rollback script)
-          
-          🚀 RECOMMENDED APPROACH:
-          1. Backup all data first
-          2. Test migration in phases
-          3. Start with Phase 1 (low risk services)
-          4. Monitor each service before proceeding
-          5. Keep rollback script ready
-          
-          💡 NEXT STEPS:
-          1. Review and customize the migration script
-          2. Plan maintenance window
-          3. Execute phase by phase
-          4. Monitor and validate each service

configuration/playbooks/applications/templates/gitea-runner-config.yml.j2

@@ -1,50 +0,0 @@
-# Gitea Runner Configuration
-log:
-  level: info
-  file: {{ gitea_runner_log_dir }}/runner.log
-
-runner:
-  # Runner name (will be auto-generated if not specified)
-  name: "{{ inventory_hostname }}-runner"
-  
-  # Runner capacity (number of concurrent jobs)
-  capacity: 2
-  
-  # Runner timeout
-  timeout: 3600
-  
-  # Runner labels (for job targeting)
-  labels:
-    - "ubuntu-latest:docker://ubuntu:22.04"
-    - "ubuntu-20.04:docker://ubuntu:20.04"
-    - "ubuntu-18.04:docker://ubuntu:18.04"
-    - "node:docker://node:18"
-    - "python:docker://python:3.11"
-    - "ansible:docker://quay.io/ansible/ansible-runner:latest"
-    - "opentofu:docker://opentofu/opentofu:latest"
-
-cache:
-  enabled: true
-  dir: {{ gitea_runner_data_dir }}/cache
-  host: ""
-  port: 0
-
-container:
-  # Docker network for runner containers
-  network: "gitea-runner"
-  
-  # Enable privileged containers (needed for Docker-in-Docker)
-  privileged: false
-  
-  # Container options
-  options: "--rm --pull=always"
-  
-  # Valid platforms
-  valid_volumes:
-    - "/tmp"
-    - "{{ gitea_runner_data_dir }}"
-  
-  docker_host: "unix:///var/run/docker.sock"
-
-host:
-  workdir_parent: {{ gitea_runner_data_dir }}/work

configuration/playbooks/applications/templates/gitea-runner.env.j2

@@ -1,18 +0,0 @@
-# Gitea Runner Environment Variables
-
-# Gitea server configuration
-GITEA_INSTANCE_URL={{ gitea_server_url }}
-GITEA_RUNNER_REGISTRATION_TOKEN={{ gitea_runner_token }}
-
-# Runner configuration
-GITEA_RUNNER_NAME={{ inventory_hostname }}-runner
-GITEA_RUNNER_LABELS=ubuntu-latest,ubuntu-20.04,ubuntu-18.04,node,python,ansible,opentofu
-
-# Docker configuration
-DOCKER_HOST=unix:///var/run/docker.sock
-
-# Logging
-GITEA_RUNNER_LOG_LEVEL=info
-
-# Security
-GITEA_RUNNER_SECURITY_PRIVILEGED=false

configuration/playbooks/applications/templates/gitea-runner.logrotate.j2

@@ -1,12 +0,0 @@
-{{ gitea_runner_log_dir }}/*.log {
-    daily
-    missingok
-    rotate 30
-    compress
-    delaycompress
-    notifempty
-    create 644 {{ gitea_runner_user }} {{ gitea_runner_user }}
-    postrotate
-        systemctl reload gitea-runner || true
-    endscript
-}

configuration/playbooks/applications/templates/gitea-runner.service.j2

@@ -1,39 +0,0 @@
-[Unit]
-Description=Gitea Actions Runner
-Documentation=https://docs.gitea.io/en-us/actions/
-After=network.target docker.service
-Wants=docker.service
-
-[Service]
-Type=simple
-User={{ gitea_runner_user }}
-Group={{ gitea_runner_user }}
-WorkingDirectory={{ gitea_runner_data_dir }}
-ExecStart={{ gitea_runner_binary }} daemon --config {{ gitea_runner_config_dir }}/config.yml
-ExecReload=/bin/kill -HUP $MAINPID
-KillMode=mixed
-KillSignal=SIGINT
-TimeoutStopSec=5
-Restart=always
-RestartSec=10
-StartLimitInterval=0
-
-# Security settings
-NoNewPrivileges=yes
-PrivateTmp=yes
-ProtectSystem=strict
-ProtectHome=yes
-ReadWritePaths={{ gitea_runner_data_dir }} {{ gitea_runner_log_dir }} /var/run/docker.sock
-ProtectKernelTunables=yes
-ProtectKernelModules=yes
-ProtectControlGroups=yes
-
-# Environment
-EnvironmentFile=-/etc/default/gitea-runner
-
-# Logging
-StandardOutput=append:{{ gitea_runner_log_dir }}/gitea-runner.log
-StandardError=append:{{ gitea_runner_log_dir }}/gitea-runner-error.log
-
-[Install]
-WantedBy=multi-user.target

configuration/playbooks/applications/templates/register-runner.sh.j2

@@ -1,46 +0,0 @@
-#!/bin/bash
-# Gitea Runner Registration Script
-
-set -e
-
-echo "🚀 注册 Gitea Runner..."
-
-# 配置变量
-GITEA_URL="{{ gitea_server_url }}"
-REGISTRATION_TOKEN="{{ gitea_runner_token }}"
-RUNNER_NAME="{{ inventory_hostname }}-runner"
-RUNNER_LABELS="ubuntu-latest,ubuntu-20.04,ubuntu-18.04,node,python,ansible,opentofu"
-
-# 切换到数据目录
-cd {{ gitea_runner_data_dir }}
-
-# 检查是否已经注册
-if [ -f ".runner" ]; then
-    echo "✅ Runner 已经注册"
-    exit 0
-fi
-
-echo "📝 注册 Runner: $RUNNER_NAME"
-echo "🔗 Gitea URL: $GITEA_URL"
-echo "🏷️  Labels: $RUNNER_LABELS"
-
-# 注册 Runner
-{{ gitea_runner_binary }} register \
-    --instance "$GITEA_URL" \
-    --token "$REGISTRATION_TOKEN" \
-    --name "$RUNNER_NAME" \
-    --labels "$RUNNER_LABELS"
-
-if [ $? -eq 0 ]; then
-    echo "✅ Runner 注册成功！"
-    
-    # 设置文件权限
-    chown {{ gitea_runner_user }}:{{ gitea_runner_user }} .runner .credentials
-    chmod 600 .runner .credentials
-    
-    echo "📋 Runner 信息:"
-    cat .runner
-else
-    echo "❌ Runner 注册失败"
-    exit 1
-fi

configuration/playbooks/applications/templates/start-runner.sh.j2

@@ -1,20 +0,0 @@
-#!/bin/bash
-# Gitea Runner Startup Script
-
-set -e
-
-echo "🚀 启动 Gitea Runner..."
-
-# 切换到数据目录
-cd {{ gitea_runner_data_dir }}
-
-# 检查注册状态
-if [ ! -f ".runner" ]; then
-    echo "❌ Runner 未注册，请先运行注册脚本"
-    exit 1
-fi
-
-echo "✅ Runner 已注册，启动守护进程..."
-
-# 启动 Runner
-exec {{ gitea_runner_binary }} daemon --config {{ gitea_runner_config_dir }}/config.yml