chore: add ansible collection metadata

galaxy.yml

@@ -3,13 +3,12 @@ name: services
 version: 0.0.1
 readme: README.md
 authors:
-- Johanna Dorothea Reichmann <transcaffeine@finallycoffee.eu>
+- transcaffeine <transcaffeine@finally.coffee>
 description: Various ansible roles useful for automating infrastructure
 dependencies:
   "community.docker": "^1.10.0"
-license:
-- CNPLv7+
+license_file: LICENSE.md
 build_ignore:
 - '*.tar.gz'
-repository: https://git.finallycoffee.eu/finallycoffee.eu/services
-issues: https://git.finallycoffee.eu/finallycoffee.eu/services/issues
+repository: https://git.finally.coffee/finallycoffee/services
+issues: https://git.finally.coffee/finallycoffee/services/issues

meta/runtime.yml

@@ -0,0 +1,3 @@
+---
+
+requires_ansible: ">=2.12"

roles/ghost/README.md

@@ -0,0 +1,18 @@
+# `finallycoffee.services.ghost` ansible role
+
+[Ghost](https://ghost.org/) is a self-hosted blog with rich media capabilities,
+which this role deploys in a docker container.
+
+## Requirements
+
+Ghost requires a MySQL-database (like mariadb) for storing it's data, which
+can be configured using the `ghost_database_(host|username|password|database)` variables.
+
+Setting `ghost_domain` to a fully-qualified domain on which ghost should be reachable
+is also required.
+
+Ghosts configuration can be changed using the `ghost_config` variable.
+
+Container arguments which are equivalent to `community.docker.docker_container` can be
+provided in the `ghost_container_[...]` syntax (e.g. `ghost_container_ports` to expose
+ghosts port to the host).

roles/jellyfin/README.md

@@ -0,0 +1,15 @@
+# `finallycoffee.services.jellyfin` ansible role
+
+This role runs [Jellyfin](https://jellyfin.org/), a free software media system,
+in a docker container.
+
+## Usage
+
+`jellyfin_domain` contains the FQDN which jellyfin should listen to. Most configuration
+is done in the software itself.
+
+Jellyfin runs in host networking mode by default, as that is needed for some features like
+network discovery with chromecasts and similar.
+
+Media can be mounted into jellyfin using `jellyfin_media_volumes`, taking a list of strings
+akin to `community.docker.docker_container`'s `volumes` key.

roles/jellyfin/defaults/main.yml

@@ -1,7 +1,7 @@
 ---
 
 jellyfin_user: jellyfin
-jellyfin_version: 10.8.6
+jellyfin_version: 10.8.10
 
 jellyfin_base_path: /opt/jellyfin
 jellyfin_config_path: "{{ jellyfin_base_path }}/config"

roles/nginx/README.md

@@ -0,0 +1,28 @@
+# `finallycoffee.services.nginx` ansible role
+
+## Description
+
+Runs `nginx`, a HTTP reverse proxy, in a docker container.
+
+## Usage
+
+For the role to do anything, `nginx_config` needs to be populated with the configuration for nginx.
+An example would be:
+
+```yaml
+nginx_config: |+
+  server {
+    listen 80 default_server;
+    server_name my.server.fqdn;
+    location / { return 200; }
+  }
+```
+
+The container is named `nginx` by default, this can be overridden in `nginx_container_name`.
+When running this role multiple times, `nginx_base_path` should also be changed for each run,
+otherwise the configuration files collide in the filesystem.
+
+For exposing this server to the host and/or internet, the `nginx_container_ports` (port forwarding host
+from host to container), `nginx_container_networks` (docker networking) or `nginx_container_labels`
+(for label-based routing discovery like traefik) can be used. The options correspond to the arguments
+of the `community.docker.docker_container` module.

roles/vouch_proxy/README.md

@@ -0,0 +1,16 @@
+# `finallycoffee.services.vouch-proxy`
+
+[Vouch-Proxy](https://github.com/vouch/vouch-proxy) can be used in combination with
+nginx' `auth_request` module to secure web services with OIDC/OAuth. This role runs
+vouch-proxys' official docker container.
+
+## Usage
+
+The `oauth` config section must be supplied in `vouch_proxy_oauth_config`, and the
+`vouch` config section can be overridden in `vouch_proxy_vouch_config`. For possible
+configuration values, see https://github.com/vouch/vouch-proxy/blob/master/config/config.yml_example.
+
+For an example nginx config, see https://github.com/vouch/vouch-proxy#installation-and-configuration.
+
+Passing container arguments in the same way as `community.docker.docker_container` is supported
+using the `vouch_proxy_container_[...]` prefix (e.g. `vouch_proxy_container_ports`).