meta: bump galaxy version to 0.1.3

galaxy.yml

@@ -1,11 +1,12 @@
 namespace: finallycoffee
 name: services
-version: 0.1.2
+version: 0.1.3
 readme: README.md
 authors:
 - transcaffeine <transcaffeine@finally.coffee>
 description: Various ansible roles useful for automating infrastructure
 dependencies:
+  "community.crypto": "^2.0.0"
   "community.docker": "^3.0.0"
 license_file: LICENSE.md
 build_ignore:

roles/authelia/defaults/main.yml

@@ -57,10 +57,18 @@ authelia_config_server_address: >-2
   {{ authelia_config_server_host }}:{{ authelia_config_server_port }}
 authelia_config_server_path: ""
 authelia_config_server_asset_path: "/config/assets/"
-authelia_config_server_read_buffer_size: 4096
+authelia_config_server_buffers_read: 4096
-authelia_config_server_write_buffer_size: 4096
+authelia_config_server_read_buffer_size: >-2
-authelia_config_server_enable_pprof: true
+  {{ authelia_config_server_buffers_read }}
-authelia_config_server_enable_expvars: true
+authelia_config_server_buffers_write: 4096
+authelia_config_server_write_buffer_size: >-2
+  {{ authelia_config_server_buffers_write }}
+authelia_config_server_endpoints_enable_pprof: true
+authelia_config_server_enable_pprof: >-2
+  {{ authelia_config_server_endpoints_enable_pprof }}
+authelia_config_server_endpoints_enable_expvars: true
+authelia_config_server_enable_expvars: >-2
+  {{ authelia_config_server_endpoints_enable_expvars }}
 authelia_config_server_disable_healthcheck:
 authelia_config_server_tls_key: ~
 authelia_config_server_tls_certificate: ~
@@ -107,10 +115,18 @@ authelia_config_authentication_backend_ldap_additional_users_dn: "ou=users"
 authelia_config_authentication_backend_ldap_users_filter: "(&(|({username_attribute}={input})({mail_attribute}={input}))(objectClass=inetOrgPerson))"
 authelia_config_authentication_backend_ldap_additional_groups_dn: "ou=groups"
 authelia_config_authentication_backend_ldap_groups_filter: "(member={dn})"
+authelia_config_authentication_backend_ldap_attributes_username: uid
+authelia_config_authentication_backend_ldap_username_attribute: >-2
+  {{ authelia_config_authentication_backend_ldap_attributes_username }}
+authelia_config_authentication_backend_ldap_attributes_mail: mail
+authelia_config_authentication_backend_ldap_mail_attribute: >-2
+  {{ authelia_config_authentication_backend_ldap_attributes_mail }}
+authelia_config_authentication_backend_ldap_attributes_display_name: displayName
+authelia_config_authentication_backend_ldap_display_name_attribute: >-2
+  {{ authelia_config_authentication_backend_ldap_attributes_display_name }}
 authelia_config_authentication_backend_ldap_group_name_attribute: cn
-authelia_config_authentication_backend_ldap_username_attribute: uid
+authelia_config_authentication_backend_ldap_attributes_group_name: >-2
-authelia_config_authentication_backend_ldap_mail_attribute: mail
+  {{ authelia_config_authentication_backend_ldap_group_name_attribute }}
-authelia_config_authentication_backend_ldap_display_name_attribute: displayName
 authelia_config_authentication_backend_ldap_user: ~
 authelia_config_authentication_backend_ldap_password: ~
 authelia_config_authentication_backend_file_path: ~
@@ -138,6 +154,8 @@ authelia_config_session_secret: ~
 authelia_config_session_expiration: 1h
 authelia_config_session_inactivity: 5m
 authelia_config_session_remember_me_duration: 1M
+authelia_config_session_remember_me: >-2
+  {{ authelia_config_session_remember_me_duration }}
 authelia_config_session_redis_host: "{{ authelia_redis_host }}"
 authelia_config_session_redis_port: "{{ authelia_redis_port }}"
 authelia_config_session_redis_username: "{{ authelia_redis_user }}"

roles/authelia/meta/main.yml

@@ -0,0 +1,9 @@
+---
+allow_duplicates: true
+dependencies: []
+galaxy_info:
+  role_name: authelia
+  description: Ansible role to deploy authelia using docker
+  galaxy_tags:
+    - authelia
+    - docker

roles/authelia/tasks/main.yml

@@ -1,14 +1,14 @@
 ---
 
 - name: Ensure user {{ authelia_user }} exists
-  user:
+  ansible.builtin.user:
     name: "{{ authelia_user }}"
     state: present
     system: true
   register: authelia_user_info
 
 - name: Ensure host directories are created with correct permissions
-  file:
+  ansible.builtin.file:
     path: "{{ item.path }}"
     state: directory
     owner: "{{ item.owner | default(authelia_user) }}"
@@ -26,7 +26,7 @@
       mode: "0750"
 
 - name: Ensure config file is generated
-  copy:
+  ansible.builtin.copy:
     content: "{{ authelia_config | to_nice_yaml(indent=2, width=10000) }}"
     dest: "{{ authelia_config_file }}"
     owner: "{{ authelia_run_user }}"
@@ -35,7 +35,7 @@
   notify: restart-authelia
 
 - name: Ensure sqlite database file exists before mounting it
-  file:
+  ansible.builtin.file:
     path: "{{ authelia_sqlite_storage_file }}"
     state: touch
     owner: "{{ authelia_run_user }}"
@@ -46,7 +46,7 @@
   when: authelia_config_storage_local_path | default(false, true)
 
 - name: Ensure user database exists before mounting it
-  file:
+  ansible.builtin.file:
     path: "{{ authelia_user_storage_file }}"
     state: touch
     owner: "{{ authelia_run_user }}"
@@ -57,7 +57,7 @@
   when: authelia_config_authentication_backend_file_path | default(false, true)
 
 - name: Ensure notification reports file exists before mounting it
-  file:
+  ansible.builtin.file:
     path: "{{ authelia_notification_storage_file }}"
     state: touch
     owner: "{{ authelia_run_user }}"
@@ -76,7 +76,7 @@
   register: authelia_container_image_info
 
 - name: Ensure authelia container is running
-  docker_container:
+  community.docker.docker_container:
     name: "{{ authelia_container_name }}"
     image: "{{ authelia_container_image_ref }}"
     env: "{{ authelia_container_env }}"
@@ -85,7 +85,9 @@
     labels: "{{ authelia_container_labels }}"
     volumes: "{{ authelia_container_volumes }}"
     networks: "{{ authelia_container_networks | default(omit, true) }}"
+    etc_hosts: "{{ authelia_container_etc_hosts | default(omit, true) }}"
     purge_networks: "{{ authelia_container_purge_networks | default(omit, true)}}"
     restart_policy: "{{ authelia_container_restart_policy }}"
+    recreate: "{{ authelia_container_recreate | default(omit, true) }}"
     state: "{{ authelia_container_state }}"
   register: authelia_container_info

roles/authelia/vars/main.yml

@@ -50,14 +50,18 @@ authelia_config_server: >-2
     {
       "address": authelia_config_server_address,
       "asset_path": authelia_config_server_asset_path,
-      "read_buffer_size": authelia_config_server_read_buffer_size,
-      "write_buffer_size": authelia_config_server_write_buffer_size,
-      "enable_pprof": authelia_config_server_enable_pprof,
-      "enable_expvars": authelia_config_server_enable_expvars,
       "disable_healthcheck": authelia_config_server_disable_healthcheck,
+      "endpoints": authelia_config_server_endpoints,
+      "buffers": authelia_config_server_buffers,
     } | combine({"headers": {"csp_template": authelia_config_server_headers_csp_template}}
         if authelia_config_server_headers_csp_template | default(false, true) else {})
   }}
+authelia_config_server_endpoints:
+  enable_expvars: "{{ authelia_config_server_endpoints_enable_expvars }}"
+  enable_pprof: "{{ authelia_config_server_endpoints_enable_pprof }}"
+authelia_config_server_buffers:
+  read: "{{ authelia_config_server_buffers_read }}"
+  write: "{{ authelia_config_server_buffers_write }}"
 authelia_config_server_tls:
   key: "{{ authelia_config_server_tls_key }}"
   certificate: "{{ authelia_config_server_tls_certificate }}"
@@ -130,10 +134,11 @@ authelia_config_authentication_backend_ldap:
   additional_groups_dn: "{{ authelia_config_authentication_backend_ldap_additional_groups_dn }}" 
   users_filter: "{{ authelia_config_authentication_backend_ldap_users_filter }}" 
   groups_filter: "{{ authelia_config_authentication_backend_ldap_groups_filter }}"
-  group_name_attribute: "{{ authelia_config_authentication_backend_ldap_group_name_attribute }}"
+  attributes:
-  username_attribute: "{{ authelia_config_authentication_backend_ldap_username_attribute }}"
+    username: "{{ authelia_config_authentication_backend_ldap_attributes_username }}"
-  mail_attribute: "{{ authelia_config_authentication_backend_ldap_mail_attribute }}"
+    mail: "{{ authelia_config_authentication_backend_ldap_attributes_mail }}"
-  display_name_attribute: "{{ authelia_config_authentication_backend_ldap_display_name_attribute }}"
+    display_name: "{{ authelia_config_authentication_backend_ldap_attributes_display_name }}"
+    group_name: "{{ authelia_config_authentication_backend_ldap_attributes_group_name }}"
   user: "{{ authelia_config_authentication_backend_ldap_user }}"
   password: "{{ authelia_config_authentication_backend_ldap_password }}"
 authelia_config_authentication_backend_file:
@@ -172,7 +177,7 @@ authelia_config_session:
   secret: "{{ authelia_config_session_secret }}"
   expiration: "{{ authelia_config_session_expiration }}" 
   inactivity: "{{ authelia_config_session_inactivity }}"
-  remember_me_duration: "{{ authelia_config_session_remember_me_duration }}"
+  remember_me: "{{ authelia_config_session_remember_me }}"
 authelia_config_session_redis: >-2
   {{
     {

roles/ghost/defaults/main.yml

@@ -1,7 +1,7 @@
 ---
 
 ghost_domain: ~
-ghost_version: "5.94.1"
+ghost_version: "5.95.0"
 ghost_user: ghost
 ghost_user_group: ghost
 ghost_base_path: /opt/ghost

roles/ghost/meta/main.yml

@@ -0,0 +1,10 @@
+---
+allow_duplicates: true
+dependencies: []
+galaxy_info:
+  role_name: ghost
+  description: Ansible role to deploy ghost (https://ghost.org) using docker
+  galaxy_tags:
+    - ghost
+    - blog
+    - docker

roles/gitea/meta/main.yml

@@ -0,0 +1,10 @@
+---
+allow_duplicates: true
+dependencies: []
+galaxy_info:
+  role_name: gitea
+  description: Ansible role to deploy gitea using docker
+  galaxy_tags:
+    - gitea
+    - git
+    - docker

roles/gitea/tasks/main.yml

@@ -1,7 +1,7 @@
 ---
 
 - name: Ensure gitea user '{{ gitea_user }}' is present
-  user:
+  ansible.builtin.user:
     name: "{{ gitea_user }}"
     state: "present"
     system: false
@@ -9,7 +9,7 @@
   register: gitea_user_res
 
 - name: Ensure host directories exist
-  file:
+  ansible.builtin.file:
     path: "{{ item }}"
     owner: "{{ gitea_user_res.uid }}"
     group: "{{ gitea_user_res.group }}"
@@ -19,7 +19,7 @@
     - "{{ gitea_data_path }}"
 
 - name: Ensure .ssh folder for gitea user exists
-  file:
+  ansible.builtin.file:
     path: "/home/{{ gitea_user }}/.ssh"
     state: directory
     owner: "{{ gitea_user_res.uid }}"
@@ -38,7 +38,7 @@
   register: gitea_user_ssh_key
 
 - name: Create forwarding script
-  copy:
+  ansible.builtin.copy:
     dest: "/usr/local/bin/gitea"
     owner: "{{ gitea_user_res.uid }}"
     group: "{{ gitea_user_res.group }}"
@@ -47,7 +47,7 @@
       ssh -p {{ gitea_public_ssh_server_port }} -o StrictHostKeyChecking=no {{ gitea_run_user }}@127.0.0.1 -i /home/{{ gitea_user }}/.ssh/id_ssh_ed25519 "SSH_ORIGINAL_COMMAND=\"$SSH_ORIGINAL_COMMAND\" $0 $@"
 
 - name: Add host pubkey to git users authorized_keys file
-  lineinfile:
+  ansible.builtin.lineinfile:
     path: "/home/{{ gitea_user }}/.ssh/authorized_keys"
     line: "{{ gitea_user_ssh_key.public_key }} Gitea:Host2Container"
     state: present
@@ -77,7 +77,7 @@
     state: "{{ gitea_container_state }}"
 
 - name: Ensure given configuration is set in the config file
-  ini_file:
+  ansible.builtin.ini_file:
     path: "{{ gitea_data_path }}/gitea/conf/app.ini"
     section: "{{ section }}"
     option: "{{ option }}"

roles/jellyfin/meta/main.yml

@@ -0,0 +1,10 @@
+---
+allow_duplicates: true
+dependencies: []
+galaxy_info:
+  role_name: jellyfin
+  description: Ansible role to deploy jellyfin using docker
+  galaxy_tags:
+    - jellyfin
+    - streaming
+    - docker

roles/jellyfin/tasks/main.yml

@@ -1,14 +1,14 @@
 ---
 
 - name: Ensure user '{{ jellyfin_user }}' for jellyfin is created
-  user:
+  ansible.builtin.user:
     name: "{{ jellyfin_user }}"
     state: present
     system: yes
   register: jellyfin_user_info
 
 - name: Ensure host directories for jellyfin exist
-  file:
+  ansible.builtinfile:
     path: "{{ item.path }}"
     state: directory
     owner: "{{ item.owner  | default(jellyfin_uid) }}"
@@ -17,7 +17,7 @@
   loop: "{{ jellyfin_host_directories }}"
 
 - name: Ensure container image for jellyfin is available
-  docker_image:
+  community.docker.docker_image:
     name: "{{ jellyfin_container_image_ref }}"
     state: present
     source: pull
@@ -28,7 +28,7 @@
   delay: 3
 
 - name: Ensure container '{{ jellyfin_container_name }}' is running
-  docker_container:
+  community.docker.docker_container:
     name: "{{ jellyfin_container_name }}"
     image: "{{ jellyfin_container_image_ref }}"
     user: "{{ jellyfin_uid }}:{{ jellyfin_gid }}"

roles/vouch_proxy/meta/main.yml

@@ -0,0 +1,12 @@
+---
+allow_duplicates: true
+dependencies: []
+galaxy_info:
+  role_name: vouch_proxy
+  description: Ansible role to deploy vouch_proxy using docker
+  galaxy_tags:
+    - vouch_proxy
+    - oidc
+    - authentication
+    - authorization
+    - docker