Compare commits
1 Commits
main
...
transcaffe
| Author | SHA1 | Date | |
|---|---|---|---|
0328a48e22
|
@ -1,14 +1,13 @@
|
||||
namespace: finallycoffee
|
||||
name: services
|
||||
version: "0.1.14"
|
||||
version: 0.1.10
|
||||
readme: README.md
|
||||
authors:
|
||||
- transcaffeine <transcaffeine@finally.coffee>
|
||||
description: Various ansible roles useful for automating infrastructure
|
||||
dependencies:
|
||||
"community.crypto": "^2.22.0"
|
||||
"community.docker": "^4.0.0"
|
||||
"containers.podman": "^1.16.0"
|
||||
"community.crypto": "^2.0.0"
|
||||
"community.docker": "^3.0.0"
|
||||
license_file: LICENSE.md
|
||||
build_ignore:
|
||||
- '*.tar.gz'
|
||||
|
||||
@ -1,8 +1,9 @@
|
||||
---
|
||||
authelia_version: "4.39.1"
|
||||
authelia_version: "4.38.18"
|
||||
authelia_user: authelia
|
||||
authelia_base_dir: /opt/authelia
|
||||
authelia_domain: authelia.example.org
|
||||
|
||||
authelia_state: present
|
||||
authelia_deployment_method: docker
|
||||
|
||||
@ -44,7 +45,8 @@ authelia_container_ports: ~
|
||||
authelia_container_networks: ~
|
||||
authelia_container_purge_networks: ~
|
||||
authelia_container_restart_policy: unless-stopped
|
||||
authelia_container_state: started
|
||||
authelia_container_state: >-2
|
||||
{{ (authelia_state == 'present' | ternary('started', 'absent') }}
|
||||
|
||||
authelia_container_listen_port: 9091
|
||||
authelia_tls_minimum_version: TLS1.2
|
||||
|
||||
@ -1,61 +0,0 @@
|
||||
---
|
||||
- name: Ensure container mounts are present
|
||||
when: authelia_state == 'present'
|
||||
block:
|
||||
- name: Ensure sqlite database file exists before mounting it
|
||||
ansible.builtin.file:
|
||||
path: "{{ authelia_sqlite_storage_file }}"
|
||||
state: touch
|
||||
owner: "{{ authelia_run_user }}"
|
||||
group: "{{ authelia_run_group }}"
|
||||
mode: "0640"
|
||||
access_time: preserve
|
||||
modification_time: preserve
|
||||
when: authelia_config_storage_local_path | default(false, true)
|
||||
|
||||
- name: Ensure user database exists before mounting it
|
||||
ansible.builtin.file:
|
||||
path: "{{ authelia_user_storage_file }}"
|
||||
state: touch
|
||||
owner: "{{ authelia_run_user }}"
|
||||
group: "{{ authelia_run_group }}"
|
||||
mode: "0640"
|
||||
access_time: preserve
|
||||
modification_time: preserve
|
||||
when: authelia_config_authentication_backend_file_path | default(false, true)
|
||||
|
||||
- name: Ensure notification reports file exists before mounting it
|
||||
ansible.builtin.file:
|
||||
path: "{{ authelia_notification_storage_file }}"
|
||||
state: touch
|
||||
owner: "{{ authelia_run_user }}"
|
||||
group: "{{ authelia_run_group }}"
|
||||
mode: "0640"
|
||||
access_time: preserve
|
||||
modification_time: preserve
|
||||
when: authelia_config_notifier_filesystem_filename | default(false, true)
|
||||
|
||||
- name: Ensure authelia container image is {{ authelia_state }}
|
||||
community.docker.docker_image:
|
||||
name: "{{ authelia_container_image_ref }}"
|
||||
state: "{{ authelia_state }}"
|
||||
source: pull
|
||||
force_source: "{{ authelia_container_image_force_pull }}"
|
||||
register: authelia_container_image_info
|
||||
|
||||
- name: Ensure authelia container is {{ authelia_container_state }}
|
||||
community.docker.docker_container:
|
||||
name: "{{ authelia_container_name }}"
|
||||
image: "{{ authelia_container_image_ref }}"
|
||||
env: "{{ authelia_container_env }}"
|
||||
user: "{{ authelia_run_user }}:{{ authelia_run_group }}"
|
||||
ports: "{{ authelia_container_ports | default(omit, true) }}"
|
||||
labels: "{{ authelia_container_labels }}"
|
||||
volumes: "{{ authelia_container_volumes }}"
|
||||
networks: "{{ authelia_container_networks | default(omit, true) }}"
|
||||
etc_hosts: "{{ authelia_container_etc_hosts | default(omit, true) }}"
|
||||
purge_networks: "{{ authelia_container_purge_networks | default(omit, true)}}"
|
||||
restart_policy: "{{ authelia_container_restart_policy }}"
|
||||
recreate: "{{ authelia_container_recreate | default(omit, true) }}"
|
||||
state: "{{ authelia_container_state }}"
|
||||
register: authelia_container_info
|
||||
@ -1,27 +1,17 @@
|
||||
---
|
||||
- name: Check for valid state
|
||||
- name: Ensure state is valid
|
||||
ansible.builtin.fail:
|
||||
msg: >-2
|
||||
Unsupported state '{{ authelia_state }}'.
|
||||
Supported states are {{ authelia_states | join(', ') }}.
|
||||
msg: "Invalid state '{{ authelia_state }}'! Valid states are {{ authelia_states | join(', ') }}"
|
||||
when: authelia_state not in authelia_states
|
||||
|
||||
- name: Check for valid authelia deployment method
|
||||
ansible.builtin.fail:
|
||||
msg: >-2
|
||||
Unsupported deployment method '{{ authelia_deployment_method }}'.
|
||||
Supported states are {{ authelia_deployment_methods | join(', ') }}.
|
||||
when: authelia_deployment_method not in authelia_deployment_methods
|
||||
|
||||
- name: Ensure user {{ authelia_user }} is {{ authelia_state }}
|
||||
ansible.builtin.user:
|
||||
name: "{{ authelia_user }}"
|
||||
state: "{{ authelia_state }}"
|
||||
system: true
|
||||
create_home: false
|
||||
register: authelia_user_info
|
||||
|
||||
- name: Ensure host directories are {{ authelia_state }}
|
||||
- name: Ensure host directories are created with correct permissions
|
||||
ansible.builtin.file:
|
||||
path: "{{ item.path }}"
|
||||
state: "{{ (authelia_state == 'present') | ternary('directory', 'absent') }}"
|
||||
@ -39,16 +29,16 @@
|
||||
- path: "{{ authelia_asset_dir }}"
|
||||
mode: "0750"
|
||||
|
||||
- name: Ensure config file is {{ authelia_state }}
|
||||
- name: Ensure config file is generated
|
||||
ansible.builtin.copy:
|
||||
content: "{{ authelia_config | to_nice_yaml(indent=2, width=10000) }}"
|
||||
dest: "{{ authelia_config_file }}"
|
||||
owner: "{{ authelia_run_user }}"
|
||||
group: "{{ authelia_run_group }}"
|
||||
mode: "0640"
|
||||
notify: restart-authelia
|
||||
when: authelia_state == 'present'
|
||||
notify: restart-authelia
|
||||
|
||||
- name: Deploy authelia using {{ authelia_deployment_method }}
|
||||
- name: Deploy using {{ authelia_deployment_method }}
|
||||
ansible.builtin.include_tasks:
|
||||
file: "deploy-{{ authelia_deployment_method }}.yml"
|
||||
|
||||
@ -1,9 +1,9 @@
|
||||
---
|
||||
authelia_states:
|
||||
- "present"
|
||||
- "absent"
|
||||
- present
|
||||
- absent
|
||||
authelia_deployment_methods:
|
||||
- "docker"
|
||||
- docker
|
||||
|
||||
authelia_run_user: "{{ (authelia_user_info.uid) if authelia_user_info is defined else authelia_user }}"
|
||||
authelia_run_group: "{{ (authelia_user_info.group) if authelia_user_info is defined else authelia_user }}"
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
---
|
||||
ghost_domain: ~
|
||||
ghost_version: "5.117.0"
|
||||
ghost_version: "5.105.0"
|
||||
ghost_user: ghost
|
||||
ghost_user_group: ghost
|
||||
ghost_base_path: /opt/ghost
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
---
|
||||
gitea_version: "1.23.7"
|
||||
gitea_version: "1.23.1"
|
||||
gitea_user: git
|
||||
gitea_run_user: "{{ gitea_user }}"
|
||||
gitea_base_path: "/opt/gitea"
|
||||
@ -32,7 +32,6 @@ gitea_container_extra_labels: {}
|
||||
gitea_container_extra_ports: []
|
||||
gitea_container_extra_volumes: []
|
||||
gitea_container_state: started
|
||||
gitea_container_user: ~
|
||||
|
||||
# container defaults
|
||||
gitea_container_base_volumes:
|
||||
|
||||
@ -1,4 +1,5 @@
|
||||
---
|
||||
|
||||
- name: Ensure gitea user '{{ gitea_user }}' is present
|
||||
ansible.builtin.user:
|
||||
name: "{{ gitea_user }}"
|
||||
@ -74,7 +75,6 @@
|
||||
published_ports: "{{ gitea_container_ports }}"
|
||||
restart_policy: "{{ gitea_container_restart_policy }}"
|
||||
state: "{{ gitea_container_state }}"
|
||||
user: "{{ gitea_container_user | default(omit, true) }}"
|
||||
|
||||
- name: Ensure given configuration is set in the config file
|
||||
ansible.builtin.ini_file:
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
---
|
||||
hedgedoc_user: hedgedoc
|
||||
hedgedoc_version: "1.10.3"
|
||||
hedgedoc_version: "1.10.0"
|
||||
|
||||
hedgedoc_state: present
|
||||
hedgedoc_deployment_method: docker
|
||||
|
||||
@ -1,31 +0,0 @@
|
||||
---
|
||||
- name: Ensure container image '{{ hedgedoc_container_image }}' is {{ hedgedoc_state }}
|
||||
containers.podman.podman_image:
|
||||
name: "{{ hedgedoc_container_image }}"
|
||||
state: "{{ hedgedoc_state }}"
|
||||
pull: "{{ (hedgedoc_container_image_source == 'pull') | bool }}"
|
||||
force: >-2
|
||||
{{ hedgedoc_container_force_source | default(
|
||||
hedgedoc_container_image_tag | default(false, true), true) }}
|
||||
register: hedgedoc_container_image_info
|
||||
until: hedgedoc_container_image_info is success
|
||||
retries: 5
|
||||
delay: 3
|
||||
|
||||
- name: Ensure container '{{ hedgedoc_container_name }}' is {{ hedgedoc_container_state }}
|
||||
containers.podman.podman_container:
|
||||
name: "{{ hedgedoc_container_name }}"
|
||||
image: "{{ hedgedoc_container_image }}"
|
||||
env: "{{ hedgedoc_container_env | default(omit, true) }}"
|
||||
user: "{{ hedgedoc_container_user | default(omit, true) }}"
|
||||
ports: "{{ hedgedoc_container_ports | default(omit, true) }}"
|
||||
labels: "{{ hedgedoc_container_all_labels }}"
|
||||
volumes: "{{ hedgedoc_container_all_volumes }}"
|
||||
etc_hosts: "{{ hedgedoc_container_etc_hosts | default(omit, true) }}"
|
||||
dns_servers: >-2
|
||||
{{ hedgedoc_container_dns_servers | default(omit, true) }}
|
||||
network_mode: >-2
|
||||
{{ hedgedoc_container_network_mode | default(omit, true) }}
|
||||
restart_policy: >-2
|
||||
{{ hedgedoc_container_restart_policy | default(omit, true) }}
|
||||
state: "{{ hedgedoc_container_state }}"
|
||||
@ -1,8 +1,7 @@
|
||||
---
|
||||
jellyfin_user: jellyfin
|
||||
jellyfin_version: "10.10.7"
|
||||
jellyfin_version: "10.10.3"
|
||||
jellyfin_state: present
|
||||
jellyfin_deployment_method: docker
|
||||
|
||||
jellyfin_base_path: /opt/jellyfin
|
||||
jellyfin_config_path: "{{ jellyfin_base_path }}/config"
|
||||
|
||||
@ -1,25 +0,0 @@
|
||||
---
|
||||
- name: Ensure container image '{{ jellyfin_container_image_ref }}' is {{ jellyfin_state }}
|
||||
community.docker.docker_image:
|
||||
name: "{{ jellyfin_container_image_ref }}"
|
||||
state: "{{ jellyfin_state }}"
|
||||
source: "{{ jellyfin_container_image_source }}"
|
||||
force_source: "{{ jellyfin_container_image_tag | default(false, true) }}"
|
||||
register: jellyfin_container_image_pull_result
|
||||
until: jellyfin_container_image_pull_result is succeeded
|
||||
retries: 5
|
||||
delay: 3
|
||||
|
||||
- name: Ensure container '{{ jellyfin_container_name }}' is {{ jellyfin_container_state }}
|
||||
community.docker.docker_container:
|
||||
name: "{{ jellyfin_container_name }}"
|
||||
image: "{{ jellyfin_container_image_ref }}"
|
||||
user: "{{ jellyfin_uid }}:{{ jellyfin_gid }}"
|
||||
labels: "{{ jellyfin_container_labels }}"
|
||||
volumes: "{{ jellyfin_container_volumes }}"
|
||||
ports: "{{ jellyfin_container_ports | default(omit, true) }}"
|
||||
networks: "{{ jellyfin_container_networks | default(omit, true) }}"
|
||||
network_mode: "{{ jellyfin_container_network_mode }}"
|
||||
etc_hosts: "{{ jellyfin_container_etc_hosts | default(omit, true) }}"
|
||||
restart_policy: "{{ jellyfin_container_restart_policy }}"
|
||||
state: "{{ jellyfin_container_state }}"
|
||||
@ -1,22 +0,0 @@
|
||||
---
|
||||
- name: Ensure container image '{{ jellyfin_container_image_ref }}' is {{ jellyfin_state }}
|
||||
containers.podman.podman_image:
|
||||
name: "{{ jellyfin_container_image_ref }}"
|
||||
state: "{{ jellyfin_state }}"
|
||||
pull: "{{ (jellyfin_container_image_source == 'pull') | bool }}"
|
||||
force: "{{ jellyfin_container_image_tag | default(false, true) }}"
|
||||
register: jellyfin_container_image_pull_result
|
||||
until: jellyfin_container_image_pull_result is succeeded
|
||||
retries: 5
|
||||
delay: 3
|
||||
|
||||
- name: Ensure container '{{ jellyfin_container_name }}' is {{ jellyfin_container_state }}
|
||||
containers.podman.podman_container:
|
||||
name: "{{ jellyfin_container_name }}"
|
||||
image: "{{ jellyfin_container_image_ref }}"
|
||||
user: "{{ jellyfin_uid }}:{{ jellyfin_gid }}"
|
||||
labels: "{{ jellyfin_container_labels }}"
|
||||
volumes: "{{ jellyfin_container_volumes }}"
|
||||
network: "{{ jellyfin_container_networks | default(omit, True) }}"
|
||||
restart_policy: "{{ jellyfin_container_restart_policy }}"
|
||||
state: "{{ jellyfin_container_state }}"
|
||||
@ -6,13 +6,6 @@
|
||||
states are {{ jellyfin_states | join(', ') }}.
|
||||
when: jellyfin_state not in jellyfin_states
|
||||
|
||||
- name: Check if deployment method is valid
|
||||
ansible.builtin.fail:
|
||||
msg: >-2
|
||||
Unsupported state '{{ jellyfin_deployment_method }}'. Supported
|
||||
states are {{ jellyfin_deployment_methods | join(', ') }}.
|
||||
when: jellyfin_deployment_method not in jellyfin_deployment_methods
|
||||
|
||||
- name: Ensure jellyfin user '{{ jellyfin_user }}' is {{ jellyfin_state }}
|
||||
ansible.builtin.user:
|
||||
name: "{{ jellyfin_user }}"
|
||||
@ -30,6 +23,25 @@
|
||||
mode: "{{ item.mode }}"
|
||||
loop: "{{ jellyfin_host_directories }}"
|
||||
|
||||
- name: Ensure jellyfin is deployed using {{ jellyfin_deployment_method }}
|
||||
ansible.builtin.include_tasks:
|
||||
file: "deploy-{{ jellyfin_deployment_method }}.yml"
|
||||
- name: Ensure container image '{{ jellyfin_container_image_ref }}' is {{ jellyfin_state }}
|
||||
community.docker.docker_image:
|
||||
name: "{{ jellyfin_container_image_ref }}"
|
||||
state: "{{ jellyfin_state }}"
|
||||
source: "{{ jellyfin_container_image_source }}"
|
||||
force_source: "{{ jellyfin_container_image_tag | default(false, true) }}"
|
||||
register: jellyfin_container_image_pull_result
|
||||
until: jellyfin_container_image_pull_result is succeeded
|
||||
retries: 5
|
||||
delay: 3
|
||||
|
||||
- name: Ensure container '{{ jellyfin_container_name }}' is {{ jellyfin_container_state }}
|
||||
community.docker.docker_container:
|
||||
name: "{{ jellyfin_container_name }}"
|
||||
image: "{{ jellyfin_container_image_ref }}"
|
||||
user: "{{ jellyfin_uid }}:{{ jellyfin_gid }}"
|
||||
labels: "{{ jellyfin_container_labels }}"
|
||||
volumes: "{{ jellyfin_container_volumes }}"
|
||||
networks: "{{ jellyfin_container_networks | default(omit, True) }}"
|
||||
network_mode: "{{ jellyfin_container_network_mode }}"
|
||||
restart_policy: "{{ jellyfin_container_restart_policy }}"
|
||||
state: "{{ jellyfin_container_state }}"
|
||||
|
||||
@ -2,9 +2,6 @@
|
||||
jellyfin_states:
|
||||
- present
|
||||
- absent
|
||||
jellyfin_deployment_methods:
|
||||
- docker
|
||||
- podman
|
||||
|
||||
jellyfin_container_base_volumes:
|
||||
- "{{ jellyfin_config_path }}:/config:z"
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
---
|
||||
keycloak_version: "26.2.1"
|
||||
keycloak_version: 26.0.7
|
||||
keycloak_container_name: keycloak
|
||||
|
||||
keycloak_container_image_upstream_registry: quay.io
|
||||
|
||||
@ -10,9 +10,7 @@ ENV KC_DB=$DB_VENDOR
|
||||
|
||||
WORKDIR {{ keycloak_container_working_directory }}
|
||||
|
||||
{% if keycloak_container_image_add_local_providers | default(true) %}
|
||||
ADD ./providers/* providers/
|
||||
{% endif %}
|
||||
# Workaround to set correct mode on jar files
|
||||
USER root
|
||||
RUN chmod -R 0770 providers/*
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
---
|
||||
snipe_it_user: snipeit
|
||||
snipe_it_version: "8.0.4"
|
||||
snipe_it_version: "7.1.15"
|
||||
snipe_it_domain: ~
|
||||
snipe_it_state: present
|
||||
snipe_it_deployment_method: docker
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
---
|
||||
vaultwarden_user: vaultwarden
|
||||
vaultwarden_version: "1.33.2"
|
||||
vaultwarden_version: "1.32.7"
|
||||
|
||||
vaultwarden_config_file: "/etc/vaultwarden/config.json"
|
||||
vaultwarden_config_directory: "{{ vaultwarden_config_file | dirname }}"
|
||||
|
||||
@ -1,22 +0,0 @@
|
||||
---
|
||||
- name: Ensure container image '{{ vaultwarden_container_image }}' is {{ vaultwarden_state }}
|
||||
containers.podman.podman_image:
|
||||
name: "{{ vaultwarden_container_image }}"
|
||||
state: "{{ vaultwarden_state }}"
|
||||
pull: "{{ (vaultwarden_container_image_source == 'pull') | bool }}"
|
||||
force: "{{ vaultwarden_container_image_force_source }}"
|
||||
|
||||
- name: Ensure container '{{ vaultwarden_container_name }}' is {{ vaultwarden_container_state }}
|
||||
containers.podman.podman_container:
|
||||
name: "{{ vaultwarden_container_name }}"
|
||||
image: "{{ vaultwarden_container_image }}"
|
||||
env: "{{ vaultwarden_container_env | default(omit, true) }}"
|
||||
user: "{{ vaultwarden_container_user | default(omit, true) }}"
|
||||
ports: "{{ vaultwarden_container_ports | default(omit, true) }}"
|
||||
labels: "{{ vaultwarden_container_labels | default(omit, true) }}"
|
||||
volumes: "{{ vaultwarden_container_volumes }}"
|
||||
network: "{{ vaultwarden_container_networks | default(omit, true) }}"
|
||||
etc_hosts: "{{ vaultwarden_container_etc_hosts | default(omit, true) }}"
|
||||
dns_servers: "{{ vaultwarden_container_dns_servers | default(omit, true) }}"
|
||||
restart_policy: "{{ vaultwarden_container_restart_policy | default(omit, true) }}"
|
||||
state: "{{ vaultwarden_container_state | default(omit, true) }}"
|
||||
@ -4,7 +4,6 @@ vaultwarden_states:
|
||||
- absent
|
||||
vaultwarden_deployment_methods:
|
||||
- docker
|
||||
- podman
|
||||
vaultwarden_required_variables:
|
||||
- vaultwarden_config_domain
|
||||
vaultwarden_conditionally_required_variables:
|
||||
|
||||
@ -1,6 +1,7 @@
|
||||
---
|
||||
|
||||
vouch_proxy_user: vouch-proxy
|
||||
vouch_proxy_version: "0.41.0"
|
||||
vouch_proxy_version: 0.40.0
|
||||
vouch_proxy_base_path: /opt/vouch-proxy
|
||||
vouch_proxy_config_path: "{{ vouch_proxy_base_path }}/config"
|
||||
vouch_proxy_config_file: "{{ vouch_proxy_config_path }}/config.yaml"
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user