From a906fe11bc7972795aec0ad7a086853facf804f5 Mon Sep 17 00:00:00 2001
From: cloudneutral <haitaopanhq@gmail.com>
Date: Mon, 12 Jan 2026 11:24:58 +0800
Subject: [PATCH] Add Next.js vhost role

---
 roles/vhosts/nextjs/defaults/main.yml         | 27 ++++++++++
 roles/vhosts/nextjs/handlers/main.yml         |  9 ++++
 roles/vhosts/nextjs/meta/main.yml             |  3 ++
 roles/vhosts/nextjs/tasks/main.yml            | 51 +++++++++++++++++++
 .../vhosts/nextjs/templates/nextjs.service.j2 | 25 +++++++++
 setup-nextjs.yml                              |  5 ++
 6 files changed, 120 insertions(+)
 create mode 100644 roles/vhosts/nextjs/defaults/main.yml
 create mode 100644 roles/vhosts/nextjs/handlers/main.yml
 create mode 100644 roles/vhosts/nextjs/meta/main.yml
 create mode 100644 roles/vhosts/nextjs/tasks/main.yml
 create mode 100644 roles/vhosts/nextjs/templates/nextjs.service.j2
 create mode 100644 setup-nextjs.yml

diff --git a/roles/vhosts/nextjs/defaults/main.yml b/roles/vhosts/nextjs/defaults/main.yml
new file mode 100644
index 0000000..e41a9dc
--- /dev/null
+++ b/roles/vhosts/nextjs/defaults/main.yml
@@ -0,0 +1,27 @@
+---
+nextjs_repo_url: "https://github.com/cloud-neutral/portal.onwalk.net.git"
+nextjs_repo_version: "main"
+nextjs_app_dir: "/var/www/dashboard"
+
+nextjs_run_mode: "dev" # dev or prod
+nextjs_node_env: "{{ 'production' if nextjs_run_mode == 'prod' else 'development' }}"
+nextjs_port: 3000
+
+nextjs_exec_start_dev: "yarn dev"
+nextjs_exec_start_prod: "yarn start"
+nextjs_exec_start: "{{ nextjs_exec_start_prod if nextjs_run_mode == 'prod' else nextjs_exec_start_dev }}"
+
+nextjs_service_name: "next"
+nextjs_service_description: "Next.js (XControl homepage - CN)"
+nextjs_service_user: "root"
+nextjs_service_group: "root"
+
+nextjs_restart_policy: "always"
+nextjs_restart_sec: 5
+nextjs_limit_nofile: 65535
+
+nextjs_no_new_privileges: true
+nextjs_private_tmp: true
+
+nextjs_install_deps: true
+nextjs_build: "{{ nextjs_run_mode == 'prod' }}"
diff --git a/roles/vhosts/nextjs/handlers/main.yml b/roles/vhosts/nextjs/handlers/main.yml
new file mode 100644
index 0000000..e288e2a
--- /dev/null
+++ b/roles/vhosts/nextjs/handlers/main.yml
@@ -0,0 +1,9 @@
+---
+- name: Reload systemd daemon
+  ansible.builtin.systemd:
+    daemon_reload: true
+
+- name: Restart nextjs service
+  ansible.builtin.systemd:
+    name: "{{ nextjs_service_name }}"
+    state: restarted
diff --git a/roles/vhosts/nextjs/meta/main.yml b/roles/vhosts/nextjs/meta/main.yml
new file mode 100644
index 0000000..b4338f0
--- /dev/null
+++ b/roles/vhosts/nextjs/meta/main.yml
@@ -0,0 +1,3 @@
+---
+dependencies:
+  - role: roles/vhosts/nodejs
diff --git a/roles/vhosts/nextjs/tasks/main.yml b/roles/vhosts/nextjs/tasks/main.yml
new file mode 100644
index 0000000..50bb0f8
--- /dev/null
+++ b/roles/vhosts/nextjs/tasks/main.yml
@@ -0,0 +1,51 @@
+---
+- name: Ensure git is installed
+  ansible.builtin.apt:
+    name: git
+    state: present
+    update_cache: true
+
+- name: Ensure application directory exists
+  ansible.builtin.file:
+    path: "{{ nextjs_app_dir }}"
+    state: directory
+    owner: "{{ nextjs_service_user }}"
+    group: "{{ nextjs_service_group }}"
+    mode: '0755'
+
+- name: Clone Next.js repository
+  ansible.builtin.git:
+    repo: "{{ nextjs_repo_url }}"
+    dest: "{{ nextjs_app_dir }}"
+    version: "{{ nextjs_repo_version }}"
+    update: true
+  notify: Restart nextjs service
+
+- name: Install Next.js dependencies
+  ansible.builtin.command: yarn install
+  args:
+    chdir: "{{ nextjs_app_dir }}"
+  when: nextjs_install_deps | bool
+  notify: Restart nextjs service
+
+- name: Build Next.js application
+  ansible.builtin.command: yarn build
+  args:
+    chdir: "{{ nextjs_app_dir }}"
+  when: nextjs_build | bool
+  notify: Restart nextjs service
+
+- name: Install Next.js systemd service
+  ansible.builtin.template:
+    src: nextjs.service.j2
+    dest: "/etc/systemd/system/{{ nextjs_service_name }}.service"
+    owner: root
+    group: root
+    mode: '0644'
+  notify: Reload systemd daemon
+
+- name: Enable and start Next.js service
+  ansible.builtin.systemd:
+    name: "{{ nextjs_service_name }}"
+    enabled: true
+    state: started
diff --git a/roles/vhosts/nextjs/templates/nextjs.service.j2 b/roles/vhosts/nextjs/templates/nextjs.service.j2
new file mode 100644
index 0000000..3897c00
--- /dev/null
+++ b/roles/vhosts/nextjs/templates/nextjs.service.j2
@@ -0,0 +1,25 @@
+[Unit]
+Description={{ nextjs_service_description }}
+After=network.target
+
+[Service]
+Type=simple
+WorkingDirectory={{ nextjs_app_dir }}
+
+Environment=NODE_ENV={{ nextjs_node_env }}
+Environment=PORT={{ nextjs_port }}
+
+ExecStart={{ nextjs_exec_start }}
+
+Restart={{ nextjs_restart_policy }}
+RestartSec={{ nextjs_restart_sec }}
+LimitNOFILE={{ nextjs_limit_nofile }}
+
+User={{ nextjs_service_user }}
+Group={{ nextjs_service_group }}
+
+NoNewPrivileges={{ nextjs_no_new_privileges | lower }}
+PrivateTmp={{ nextjs_private_tmp | lower }}
+
+[Install]
+WantedBy=multi-user.target
diff --git a/setup-nextjs.yml b/setup-nextjs.yml
new file mode 100644
index 0000000..ad940c3
--- /dev/null
+++ b/setup-nextjs.yml
@@ -0,0 +1,5 @@
+- name: Setup Next.js
+  hosts: all
+  become: true
+  roles:
+    - roles/vhosts/nextjs/