28 changed files with 14 additions and 589 deletions
--- a/README.md
+++ b/README.md
@ -23,15 +23,9 @@ concise area of concern.
 - [`jellyfin`](roles/jellyfin/README.md): Deploy [jellyfin.org](https://jellyfin.org),
  the free software media system for streaming stored media to any device.
 - [`keycloak`](roles/keycloak/README.md): Deploy [keycloak](https://www.keycloak.org/),
  the open source identity and access management solution.
 - [`openproject`](roles/openproject/README.md): Deploys an [openproject.org](https://www.openproject.org)
  installation using the upstream provided docker-compose setup.
 - [`snipe_it`](roles/snipe_it/README.md): Deploys [Snipe-IT](https://snipeitapp.com/),
  the free and open-source IT asset (and license) management with a powerful REST API
 - [`vaultwarden`](roles/vaultwarden/README.md): Deploy [vaultwarden](https://github.com/dani-garcia/vaultwarden/),
  an open-source implementation of the Bitwarden Server (formerly Bitwarden\_RS).
--- a/galaxy.yml
+++ b/galaxy.yml
@ -1,6 +1,6 @@
 namespace: finallycoffee
 name: services
-version: 0.1.10
+version: 0.1.5
 readme: README.md
 authors:
 - transcaffeine <transcaffeine@finally.coffee>
@ -19,5 +19,4 @@ tags:
  - hedgedoc
  - jellyfin
  - vaultwarden
  - snipeit
  - docker
--- a/playbooks/snipe_it.yml
+++ b/playbooks/snipe_it.yml
@ -1,6 +0,0 @@
 ---
 - name: Install and configure Snipe-IT
  hosts: "{{ snipe_it_hosts | default('snipe_it') }}"
  become: "{{ snipe_it_become | default(true, false) }}"
  roles:
    - role: finallycoffee.services.snipe_it
--- a/roles/authelia/defaults/main.yml
+++ b/roles/authelia/defaults/main.yml
@ -1,5 +1,5 @@
 ---
-authelia_version: "4.38.17"
+authelia_version: "4.38.16"
 authelia_user: authelia
 authelia_base_dir: /opt/authelia
 authelia_domain: authelia.example.org
--- a/roles/authelia/handlers/main.yml
+++ b/roles/authelia/handlers/main.yml
@ -4,7 +4,5 @@
  docker_container:
    name: "{{ authelia_container_name }}"
    state: started
-    restart: true
+    restart: yes
    comparisons:
      '*': ignore
  listen: restart-authelia
--- a/roles/authelia/vars/main.yml
+++ b/roles/authelia/vars/main.yml
@ -170,12 +170,7 @@ authelia_config_access_control:
  default_policy: "{{ authelia_config_access_control_default_policy }}"
  networks: "{{ authelia_config_access_control_networks }}"
  rules: "{{ authelia_config_access_control_rules }}"
-authelia_config_session: >-2
+authelia_config_session:
  {{ authelia_config_session_base
    | combine(({'redis': authelia_config_session_redis}
      if authelia_config_session_redis_host else {}), recursive=true)
  }}
 authelia_config_session_base:
  name: "{{ authelia_config_session_name }}"
  domain: "{{ authelia_config_session_domain }}"
  same_site: "{{ authelia_config_session_same_site }}"
--- a/roles/ghost/defaults/main.yml
+++ b/roles/ghost/defaults/main.yml
@ -1,6 +1,6 @@
 ---
 ghost_domain: ~
-ghost_version: "5.103.0"
+ghost_version: "5.96.0"
 ghost_user: ghost
 ghost_user_group: ghost
 ghost_base_path: /opt/ghost
--- a/roles/gitea/defaults/main.yml
+++ b/roles/gitea/defaults/main.yml
@ -1,5 +1,5 @@
 ---
-gitea_version: "1.22.4"
+gitea_version: "1.22.3"
 gitea_user: git
 gitea_run_user: "{{ gitea_user }}"
 gitea_base_path: "/opt/gitea"
--- a/roles/jellyfin/defaults/main.yml
+++ b/roles/jellyfin/defaults/main.yml
@ -1,6 +1,6 @@
 ---
 jellyfin_user: jellyfin
-jellyfin_version: "10.10.3"
+jellyfin_version: 10.9.11
 jellyfin_state: present
 jellyfin_base_path: /opt/jellyfin
--- a/roles/keycloak/README.md
+++ b/roles/keycloak/README.md
@ -1,16 +0,0 @@
 # `finallycoffee.services.keycloak` ansible role
 Ansible role for deploying keycloak, currently only supports docker.
 Migrated from `entropia.sso.keycloak`.
 ## Required variables
 - `keycloak_database_password` - password for the database user
 - `keycloak_config_hostname` - public domain of the keycloak server
 ## Database configuration
 - `keycloak_database_hostname` - hostname of the database server, defaults to `localhost`
 - `keycloak_database_username` - username to use when connecting to the database server, defaults to `keycloak`
 - `keycloak_database_database` - name of the database to use, defaults to `keycloak`
--- a/roles/keycloak/defaults/main.yml
+++ b/roles/keycloak/defaults/main.yml
@ -1,51 +0,0 @@
 ---
 keycloak_version: 26.0.7
 keycloak_container_name: keycloak
 keycloak_container_image_upstream_registry: quay.io
 keycloak_container_image_upstream_namespace: keycloak
 keycloak_container_image_upstream_name: keycloak
 keycloak_container_image_upstream: >-2
  {{
    ([
      keycloak_container_image_upstream_registry | default([]),
      keycloak_container_image_upstream_namespace | default([]),
      keycloak_container_image_upstream_name,
    ] | flatten | join('/'))
  }}
 keycloak_container_image_name: "keycloak:{{ keycloak_version }}-custom"
 keycloak_container_database_vendor: postgres
 keycloak_base_path: /opt/keycloak
 keycloak_container_build_directory: "{{ keycloak_base_path }}/build"
 keycloak_container_build_jar_directory: providers
 keycloak_container_build_flags: {}
 keycloak_provider_jars_directory: "{{ keycloak_base_path }}/providers"
 keycloak_build_provider_jars_directory: "{{ keycloak_container_build_directory }}/{{ keycloak_container_build_jar_directory }}"
 keycloak_database_hostname: localhost
 keycloak_database_port: 5432
 keycloak_database_username: keycloak
 keycloak_database_password: ~
 keycloak_database_database: keycloak
 keycloak_container_env: {}
 keycloak_container_labels: ~
 keycloak_container_volumes: ~
 keycloak_container_restart_policy: unless-stopped
 keycloak_container_command: >-2
  start
  --db-username {{ keycloak_database_username }}
  --db-password {{ keycloak_database_password }}
  --db-url jdbc:postgresql://{{ keycloak_database_hostname }}{{ keycloak_database_port | ternary(':' ~ keycloak_database_port, '') }}/{{ keycloak_database_database }}
  {{ keycloak_container_extra_start_flags | default([]) | join(' ') }}
  --proxy-headers=xforwarded
  --hostname {{ keycloak_config_hostname }}
  --optimized
 keycloak_config_health_enabled: true
 keycloak_config_metrics_enabled: true
 keycloak_config_hostname: localhost
 keycloak_config_admin_username: admin
 keycloak_config_admin_password: ~
--- a/roles/keycloak/meta/main.yml
+++ b/roles/keycloak/meta/main.yml
@ -1,13 +0,0 @@
 ---
 allow_duplicates: true
 dependencies: []
 galaxy_info:
  role_name: keycloak
  description: Deploy keycloak, the opensource identity and access management solution
  galaxy_tags:
    - keycloak
    - sso
    - oidc
    - oauth2
    - iam
    - docker
--- a/roles/keycloak/tasks/main.yml
+++ b/roles/keycloak/tasks/main.yml
@ -1,72 +0,0 @@
 ---
 - name: Ensure build directory exists
  ansible.builtin.file:
    name: "{{ keycloak_container_build_directory }}"
    state: directory
    recurse: yes
    mode: 0700
  tags:
    - keycloak-build-container
 - name: Ensure provider jars directory exists
  ansible.builtin.file:
    name: "{{ keycloak_provider_jars_directory }}"
    state: directory
    mode: 0775
  tags:
    - keycloak-build-container
 - name: Ensure Dockerfile is templated
  ansible.builtin.template:
    src: Dockerfile.j2
    dest: "{{ keycloak_container_build_directory }}/Dockerfile"
    mode: 0700
  register: keycloak_buildfile_info
  tags:
    - keycloak-container
    - keycloak-build-container
 - name: Ensure upstream Keycloak container image '{{ keycloak_container_image_upstream }}:{{ keycloak_version }}' is present
  community.docker.docker_image:
    name: "{{ keycloak_container_image_upstream }}:{{ keycloak_version }}"
    source: pull
    state: present
  register: keycloak_container_image_upstream_status
  tags:
    - keycloak-container
    - keycloak-build-container
 - name: Ensure custom keycloak container image '{{ keycloak_container_image_name }}' is built
  community.docker.docker_image:
    name: "{{ keycloak_container_image_name }}"
    build:
      args:
        DB_VENDOR: "{{ keycloak_container_database_vendor }}"
        KC_ADMIN_PASSWORD: "{{ keycloak_config_admin_password }}"
      dockerfile: "{{ keycloak_container_build_directory }}/Dockerfile"
      path: "{{ keycloak_container_build_directory }}"
    source: build
    state: present
    force_source: "{{ keycloak_buildfile_info.changed or keycloak_container_image_upstream_status.changed or (keycloak_force_rebuild_container | default(false))}}"
  register: keycloak_container_image_status
  tags:
    - keycloak-container
    - keycloak-build-container
 - name: Ensure keycloak container is running
  community.docker.docker_container:
    name: "{{ keycloak_container_name }}"
    image: "{{ keycloak_container_image_name }}"
    env: "{{ keycloak_container_env | default(omit, true) }}"
    ports: "{{ keycloak_container_ports | default(omit, true) }}"
    hostname: "{{ keycloak_container_hostname | default(omit) }}"
    labels: "{{ keycloak_container_labels | default(omit, true) }}"
    volumes: "{{ keycloak_container_volumes | default(omit, true) }}"
    restart_policy: "{{ keycloak_container_restart_policy }}"
    recreate: "{{ keycloak_container_force_recreate | default(false) or (keycloak_container_image_status.changed if keycloak_container_image_status is defined else false) }}"
    etc_hosts: "{{ keycloak_container_etc_hosts | default(omit) }}"
    state: started
    command: "{{ keycloak_container_command }}"
  tags:
    - keycloak-container
--- a/roles/keycloak/templates/Dockerfile.j2
+++ b/roles/keycloak/templates/Dockerfile.j2
@ -1,41 +0,0 @@
 FROM {{ keycloak_container_image_upstream }}:{{ keycloak_version }} as builder
 # Enable health and metrics support
 ENV KC_HEALTH_ENABLED={{ keycloak_config_health_enabled | ternary('true', 'false') }}
 ENV KC_METRICS_ENABLED={{ keycloak_config_metrics_enabled | ternary('true', 'false') }}
 # Configure a database vendor
 ARG DB_VENDOR
 ENV KC_DB=$DB_VENDOR
 WORKDIR {{ keycloak_container_working_directory }}
 ADD ./providers/* providers/
 # Workaround to set correct mode on jar files
 USER root
 RUN chmod -R 0770 providers/*
 USER keycloak
 RUN {{ keycloak_container_working_directory }}/bin/kc.sh --verbose \
 {% for argument in keycloak_container_build_flags | dict2items(key_name='flag', value_name='value') %}
  --{{- argument['flag'] -}}{{- argument['value'] | default(false, true) | ternary('=' + argument['value'], '') }} \
 {% endfor%}
  build{% if keycloak_container_build_features | default([]) | length > 0 %} \
 {% endif %}
 {% if keycloak_container_build_features | default([]) | length > 0 %}
  --features="{{ keycloak_container_build_features | join(',') }}"
 {% endif %}
 FROM {{ keycloak_container_image_upstream }}:{{ keycloak_version }}
 COPY --from=builder {{ keycloak_container_working_directory }}/ {{ keycloak_container_working_directory }}/
 ENV KC_HOSTNAME={{ keycloak_config_hostname }}
 ENV KEYCLOAK_ADMIN={{ keycloak_config_admin_username }}
 ARG KC_ADMIN_PASSWORD
 {% if keycloak_version | split('.') | first | int > 21 %}
 ENV KEYCLOAK_ADMIN_PASSWORD=$KC_ADMIN_PASSWORD
 {% else %}
 ENV KEYCLOAK_PASSWORD=$KC_ADMIN_PASSWORD
 {% endif %}
 ENTRYPOINT ["{{ keycloak_container_working_directory }}/bin/kc.sh"]
--- a/roles/keycloak/vars/main.yml
+++ b/roles/keycloak/vars/main.yml
@ -1,3 +0,0 @@
 ---
 keycloak_container_working_directory: /opt/keycloak
--- a/roles/openproject/defaults/main.yml
+++ b/roles/openproject/defaults/main.yml
@ -2,9 +2,9 @@
 openproject_base_path: "/opt/openproject"
 openproject_upstream_git_url: "https://github.com/opf/openproject-deploy.git"
-openproject_upstream_git_branch: "stable/14"
+openproject_upstream_git_branch: "stable/13"
-openproject_compose_project_path: "{{ openproject_base_path }}"
+openproject_compose_project_path: "{{ openproject_base_path }}/compose"
 openproject_compose_project_name: "openproject"
 openproject_compose_project_env_file: "{{ openproject_compose_project_path }}/.env"
 openproject_compose_project_override_file: "{{ openproject_compose_project_path }}/docker-compose.override.yml"
--- a/roles/openproject/tasks/main.yml
+++ b/roles/openproject/tasks/main.yml
@ -26,13 +26,14 @@
    content: "{{ openproject_compose_overrides | default({}) | to_nice_yaml }}"
 - name: Ensure containers are pulled
-  community.docker.docker_compose_v2:
+  community.docker.docker_compose:
    project_src: "{{ openproject_compose_project_path }}"
    project_name: "{{ openproject_compose_project_name }}"
-    pull: "missing"
+    pull: true
 - name: Ensure services are running
-  community.docker.docker_compose_v2:
+  community.docker.docker_compose:
    project_src: "{{ openproject_compose_project_path }}"
    project_name: "{{ openproject_compose_project_name }}"
    state: "present"
    build: false
--- a/roles/snipe_it/README.md
+++ b/roles/snipe_it/README.md
@ -1,46 +0,0 @@
 # `finallycoffee.services.snipe_it` ansible role
 [Snipe-IT](https://snipeitapp.com/) is an open-source asset management with
 a powerful JSON-REST API. This ansible role deploys and configures Snipe-IT.
 ## Requirements
 Snipe-IT requires a MySQL-Database like MariaDB and a working email service
 for sending email. For installing and configuring MariaDB, see
 [`finallycoffee.base.mariadb`](https://galaxy.ansible.com/ui/repo/published/finallycoffee/base/content/role/mariadb/).
 ## Configuration
 Required variables to set are:
 - `snipe_it_domain` - domain name of the snipe-it instance
 - `snipe_it_config_app_url` - URL where snipe-it will be reachable including protocol and port
 - `snipe_it_config_app_key` - Laravel application key
 ### Database configuration
 All (database) options from the upstream laravel `.env` file are available
 under the `snipe_it_config_db_*` prefix. Configure a database as follows:
 ```
 snipe_it_config_db_host: localhost # defaults to localhost
 snipe_it_config_db_port: "3306" # defaults to 3306
 snipe_it_config_db_database: my_snipe_db_name # defaults to 'snipeit'
 snipe_it_config_db_username: my_snipe_db_user # defaults to 'snipeit'
 snipe_it_config_db_password: my_snipe_db_password
 # Set this if the database is shared with
 # other applications. defaults to not set
 snipe_it_config_db_prefix: snipe_
 ```
 ### Email configuration
 Configuring an email server is mandatory. An example is provided below:
 ```yaml
 snipe_it_config_mail_host: smtp.example.com
 snipe_it_config_mail_username: snipe_user@snipe.example.com
 snipe_it_config_mail_password: i_want_to_be_strong_and_long
 snipe_it_config_mail_from_addr: "noreply@snipe.example.com"
 snipe_it_config_mail_from_name: "Example.com SnipeIT instance"
 ```
 The default smtp port is `587` and can be set in `snipe_it_config_mail_port`.
--- a/roles/snipe_it/defaults/main/config.yml
+++ b/roles/snipe_it/defaults/main/config.yml
@ -1,131 +0,0 @@
 ---
 snipe_it_config_app_version: "v{{ snipe_it_version }}"
 snipe_it_config_app_port: 8000
 snipe_it_config_app_env: "production"
 snipe_it_config_app_debug: false
 snipe_it_config_app_key: ~
 snipe_it_config_app_url: "http://localhost:{{ snipe_it_config_app_port }}"
 snipe_it_config_app_timezone: UTC
 snipe_it_config_app_locale: en-US
 snipe_it_config_app_locked: false
 snipe_it_config_app_cipher: "AES-256-GCM"
 snipe_it_config_app_force_tls: false
 snipe_it_config_app_trusted_proxies:
  - '192.168.0.0/16'
  - '172.16.0.0/12'
  - '10.0.0.0/8'
 snipe_it_config_db_connection: mysql
 snipe_it_config_db_host: localhost
 snipe_it_config_db_port: "3306"
 snipe_it_config_db_database: snipeit
 snipe_it_config_db_username: snipeit
 snipe_it_config_db_password: ~
 snipe_it_config_db_prefix: ~
 snipe_it_config_db_dump_path: /usr/bin/
 snipe_it_config_db_charset: utf8mb4
 snipe_it_config_db_collation: utf8mb4_unicode_ci
 snipe_it_config_db_ssl: false
 snipe_it_config_db_ssl_is_paas: false
 snipe_it_config_db_ssl_key_path: ~
 snipe_it_config_db_ssl_cert_path: ~
 snipe_it_config_db_ssl_ca_path: ~
 snipe_it_config_db_ssl_cipher: ~
 snipe_it_config_db_ssl_verify_server: ~
 snipe_it_config_mail_mailer: smtp
 snipe_it_config_mail_host: ~
 snipe_it_config_mail_port: 587
 snipe_it_config_mail_username: ~
 snipe_it_config_mail_password: ~
 snipe_it_config_mail_tls_verify_peer: true
 snipe_it_config_mail_from_addr: ~
 snipe_it_config_mail_from_name: ~
 snipe_it_config_mail_replyto_addr: "{{ snipe_it_config_mail_from_addr }}"
 snipe_it_config_mail_replyto_name: "{{ snipe_it_config_mail_from_name }}"
 snipe_it_config_mail_auto_embed_method: attachment
 snipe_it_config_mail_backup_notification_driver: ~
 snipe_it_config_mail_backup_notification_address: ~
 snipe_it_config_private_filesystem_disk: "local"
 snipe_it_config_public_filesystem_disk: "local_public"
 snipe_it_config_allow_backup_delete: false
 snipe_it_config_allow_data_purge: false
 snipe_it_config_image_lib: 'gd'
 snipe_it_config_log_channel: 'stderr'
 snipe_it_config_log_max_days: 10
 snipe_it_config_cookie_name: "_snipe_session"
 snipe_it_config_cookie_domain: "{{ snipe_it_domain }}"
 snipe_it_config_secure_cookies: true
 snipe_it_config_session_driver: file
 snipe_it_config_session_lifetime: 12000
 snipe_it_config_cache_driver: file
 snipe_it_config_cache_prefix: snipeit
 snipe_it_config_queue_driver: file
 snipe_it_base_config:
  APP_VERSION: "{{ snipe_it_config_app_version }}"
  APP_PORT: "{{ snipe_it_config_app_port }}"
  APP_ENV: "{{ snipe_it_config_app_env }}"
  APP_DEBUG: "{{ snipe_it_config_app_debug }}"
  APP_KEY: "{{ snipe_it_config_app_key }}"
  APP_URL: "{{ snipe_it_config_app_url }}"
  APP_TIMEZONE: "{{ snipe_it_config_app_timezone }}"
  APP_LOCALE: "{{ snipe_it_config_app_locale }}"
  APP_LOCKED: "{{ snipe_it_config_app_locked }}"
  APP_CIPHER: "{{ snipe_it_config_app_cipher }}"
  APP_FORCE_TLS: "{{ snipe_it_config_app_force_tls }}"
  APP_TRUSTED_PROXIES: "{{ snipe_it_config_app_trusted_proxies | join(',') }}"
  DB_CONNECTION: "{{ snipe_it_config_db_connection }}"
  DB_HOST: "{{ snipe_it_config_db_host }}"
  DB_PORT: "{{ snipe_it_config_db_port }}"
  DB_DATABASE: "{{ snipe_it_config_db_database }}"
  DB_USERNAME: "{{ snipe_it_config_db_username }}"
  DB_PASSWORD: "{{ snipe_it_config_db_password }}"
  DB_PREFIX: "{{ snipe_it_config_db_prefix | default('null', true) }}"
  DB_DUMP_PATH: "{{ snipe_it_config_db_dump_path }}"
  DB_CHARSET: "{{ snipe_it_config_db_charset }}"
  DB_COLLATION: "{{ snipe_it_config_db_collation }}"
  DB_SSL: "{{ snipe_it_config_db_ssl }}"
  DB_SSL_IS_PAAS: "{{ snipe_it_config_db_ssl_is_paas }}"
  DB_SSL_KEY_PATH: "{{ snipe_it_config_db_ssl_key_path | default('null', true) }}"
  DB_SSL_CERT_PATH: "{{ snipe_it_config_db_ssl_cert_path | default('null', true) }}"
  DB_SSL_CA_PATH: "{{ snipe_it_config_db_ssl_ca_path | default('null', true) }}"
  DB_SSL_CIPHER: "{{ snipe_it_config_db_ssl_cipher | default('null', true) }}"
  DB_SSL_VERIFY_SERVER: "{{ snipe_it_config_db_ssl_verify_server | default('null', true) }}"
  MAIL_MAILER: "{{ snipe_it_config_mail_mailer }}"
  MAIL_HOST: "{{ snipe_it_config_mail_host }}"
  MAIL_PORT: "{{ snipe_it_config_mail_port }}"
  MAIL_USERNAME: "{{ snipe_it_config_mail_username }}"
  MAIL_PASSWORD: "{{ snipe_it_config_mail_password }}"
  MAIL_TLS_VERIFY_PEER: "{{ snipe_it_config_mail_tls_verify_peer }}"
  MAIL_FROM_ADDR: "{{ snipe_it_config_mail_from_addr | default('null', true) }}"
  MAIL_FROM_NAME: "{{ snipe_it_config_mail_from_name | default('null', true) }}"
  MAIL_REPLYTO_ADDR: "{{ snipe_it_config_mail_replyto_addr | default('null', true) }}"
  MAIL_REPLYTO_NAME: "{{ snipe_it_config_mail_replyto_name | default('null', true) }}"
  MAIL_AUTO_EMBED_METHOD: "{{ snipe_it_config_mail_auto_embed_method }}"
  MAIL_BACKUP_NOTIFICATION_DRIVER: "{{ snipe_it_config_mail_backup_notification_driver }}"
  MAIL_BACKUP_NOTIFICATION_ADDRESS: "{{ snipe_it_config_mail_backup_notification_address }}"
  SESSION_DRIVER: "{{ snipe_it_config_session_driver }}"
  SESSION_LIFETIME: "{{ snipe_it_config_session_lifetime }}"
  CACHE_DRIVER: "{{ snipe_it_config_cache_driver }}"
  CACHE_PREFIX: "{{ snipe_it_config_cache_prefix }}"
  QUEUE_DRIVER: "{{ snipe_it_config_queue_driver }}"
  PRIVATE_FILESYSTEM_DISK: "{{ snipe_it_config_private_filesystem_disk }}"
  PUBLIC_FILESYSTEM_DISK: "{{ snipe_it_config_public_filesystem_disk }}"
  ALLOW_BACKUP_DELETE: "{{ snipe_it_config_allow_backup_delete }}"
  ALLOW_DATA_PURGE: "{{ snipe_it_config_allow_data_purge }}"
  IMAGE_LIB: "{{ snipe_it_config_image_lib }}"
  LOG_CHANNEL: "{{ snipe_it_config_log_channel }}"
  LOG_MAX_DAYS: "{{ snipe_it_config_log_max_days }}"
  COOKIE_NAME: "{{ snipe_it_config_cookie_name }}"
  COOKIE_DOMAIN: "{{ snipe_it_config_cookie_domain }}"
  SECURE_COOKIES: "{{ snipe_it_config_secure_cookies }}"
 snipe_it_config: ~
 snipe_it_merged_config: >-2
  {{ (snipe_it_base_config | default({}, true))
    | combine((snipe_it_config | default({}, true)), recursive=True) }}
--- a/roles/snipe_it/defaults/main/container.yml
+++ b/roles/snipe_it/defaults/main/container.yml
@ -1,48 +0,0 @@
 ---
 snipe_it_container_image_registry: docker.io
 snipe_it_container_image_namespace: snipe
 snipe_it_container_image_name: 'snipe-it'
 snipe_it_container_image_tag: ~
 snipe_it_container_image_flavour: alpine
 snipe_it_container_image_source: pull
 snipe_it_container_image_force_source: >-2
  {{ snipe_it_container_image_tag | default(false, true) | bool }}
 snipe_it_container_image: >-2
  {{
    ([
      snipe_it_container_image_registry | default([], true),
      snipe_it_container_image_namespace | default([], true),
      snipe_it_container_image_name,
    ] | flatten | join('/'))
    + ':'
    + (snipe_it_container_image_tag | default(
        'v' + snipe_it_version + (
          ((snipe_it_container_image_flavour is string)
            and (snipe_it_container_image_flavour | length > 0))
          | ternary(
            '-' + snipe_it_container_image_flavour | default('', true),
            ''
          )
        ),
        true
    ))
  }}
 snipe_it_container_env_file: "/var/www/html/.env"
 snipe_it_container_data_directory: "/var/lib/snipeit/"
 snipe_it_container_volumes:
  - "{{ snipe_it_data_directory }}:{{ snipe_it_container_data_directory }}:z"
 snipe_it_container_name: 'snipe-it'
 snipe_it_container_state: >-2
  {{ (snipe_it_state == 'present') | ternary('started', 'absent') }}
 snipe_it_container_env: ~
 snipe_it_container_user: ~
 snipe_it_container_ports: ~
 snipe_it_container_labels: ~
 snipe_it_container_recreate: ~
 snipe_it_container_networks: ~
 snipe_it_container_etc_hosts: ~
 snipe_it_container_dns_servers: ~
 snipe_it_container_network_mode: ~
 snipe_it_container_restart_policy: 'unless-stopped'
--- a/roles/snipe_it/defaults/main/main.yml
+++ b/roles/snipe_it/defaults/main/main.yml
@ -1,9 +0,0 @@
 ---
 snipe_it_user: snipeit
 snipe_it_version: "7.1.15"
 snipe_it_domain: ~
 snipe_it_state: present
 snipe_it_deployment_method: docker
 snipe_it_env_file: /etc/snipeit/env
 snipe_it_data_directory: /var/lib/snipeit
--- a/roles/snipe_it/defaults/main/user.yml
+++ b/roles/snipe_it/defaults/main/user.yml
@ -1,5 +0,0 @@
 ---
 snipe_it_run_user_id: >-2
  {{ snipe_it_user_info.uid | default(snipe_it_user) }}
 snipe_it_run_group_id: >-2
  {{ snipe_it_user_info.group | default(snipe_it_user) }}
--- a/roles/snipe_it/meta/main.yml
+++ b/roles/snipe_it/meta/main.yml
@ -1,12 +0,0 @@
 ---
 allow_duplicates: true
 dependencies: []
 galaxy_info:
  role_name: snipe_it
  description: >-2
    Deploy Snipe-IT, an open-source asset / license management system with
    powerful JSON REST API
  galaxy_tags:
    - snipeit
    - asset-management
    - docker
--- a/roles/snipe_it/tasks/check.yml
+++ b/roles/snipe_it/tasks/check.yml
@ -1,14 +0,0 @@
 ---
 - name: Ensure state is valid
  ansible.builtin.fail:
    msg: >-2
      Unsupported state '{{ snipe_it_state }}'!
      Supported states are {{ snipe_it_states | join(', ') }}.
  when: snipe_it_state is not in snipe_it_states
 - name: Ensure deployment method is valid
  ansible.builtin.fail:
    msg: >-2
      Unsupported deployment_method '{{ snipe_it_deployment_method }}'!
      Supported values are {{ snipe_it_deployment_methods | join(', ') }}.
  when: snipe_it_deployment_method is not in snipe_it_deployment_methods
--- a/roles/snipe_it/tasks/deploy-docker.yml
+++ b/roles/snipe_it/tasks/deploy-docker.yml
@ -1,30 +0,0 @@
 ---
 - name: Ensure container image '{{ snipe_it_container_image }}' is {{ snipe_it_state }}
  community.docker.docker_image:
    name: "{{ snipe_it_container_image }}"
    state: "{{ snipe_it_state }}"
    source: "{{ snipe_it_container_image_source }}"
    force_source: "{{ snipe_it_container_image_force_source }}"
  register: snipe_it_container_image_info
  until: snipe_it_container_image_info is success
  retries: 5
  delay: 3
 - name: Ensure container '{{ snipe_it_container_name }}' is {{ snipe_it_container_state }}
  community.docker.docker_container:
    name: "{{ snipe_it_container_name }}"
    image: "{{ snipe_it_container_image }}"
    env_file: "{{ snipe_it_env_file }}"
    env: "{{ snipe_it_container_env | default(omit, true) }}"
    user: "{{ snipe_it_container_user | default(omit, true) }}"
    ports: "{{ snipe_it_container_ports | default(omit, true) }}"
    labels: "{{ snipe_it_container_labels | default(omit, true) }}"
    volumes: "{{ snipe_it_container_volumes | default(omit, true) }}"
    networks: "{{ snipe_it_container_networks | default(omit, true) }}"
    etc_hosts: "{{ snipe_it_container_etc_hosts | default(omit, true) }}"
    dns_servers: "{{ snipe_it_container_dns_servers | default(omit, true) }}"
    network_mode: "{{ snipe_it_container_network_mode | default(omit, true) }}"
    restart_policy: >-2
      {{ snipe_it_container_restart_policy | default(omit, true) }}
    recreate: "{{ snipe_it_container_recreate | default(omit, true) }}"
    state: "{{ snipe_it_container_state }}"
--- a/roles/snipe_it/tasks/main.yml
+++ b/roles/snipe_it/tasks/main.yml
@ -1,59 +0,0 @@
 ---
 - name: Check preconditions
  ansible.builtin.include_tasks:
    file: "check.yml"
 - name: Ensure snipe-it user '{{ snipe_it_user }}' is {{ snipe_it_state }}
  ansible.builtin.user:
    name: "{{ snipe_it_user }}"
    state: "{{ snipe_it_state }}"
    system: "{{ snipe_it_user_system | default(true, true) }}"
    create_home: "{{ snipe_it_user_create_home | default(false, true) }}"
    groups: "{{ snipe_it_user_groups | default(omit, true) }}"
    append: >-2
      {{
        snipe_it_user_groups_append | default(
            snipe_it_user_groups | default([], true) | length > 0,
            true,
        )
      }}
  register: snipe_it_user_info
 - name: Ensure snipe-it environment file is {{ snipe_it_state }}
  ansible.builtin.file:
    path: "{{ snipe_it_env_file }}"
    state: "{{ snipe_it_state }}"
  when: snipe_it_state == 'absent'
 - name: Ensure snipe-it config directory is {{ snipe_it_state }}
  ansible.builtin.file:
    path: "{{ snipe_it_env_file | dirname }}"
    state: "{{ (snipe_it_state == 'present') | ternary('directory', 'absent') }}"
    owner: "{{ snipe_it_run_user_id }}"
    group: "{{ snipe_it_run_group_id }}"
    mode: "0755"
  when: snipe_it_state == 'present'
 - name: Ensure snipe-it data directory '{{ snipe_it_data_directory }}' is {{ snipe_it_state }}
  ansible.builtin.file:
    path: "{{ snipe_it_data_directory }}"
    state: "{{ (snipe_it_state == 'present') | ternary('directory', 'absent') }}"
    owner: "{{ snipe_it_run_user_id }}"
    group: "{{ snipe_it_run_group_id }}"
    mode: "0755"
 - name: Ensure snipe-it environment file is templated
  ansible.builtin.copy:
    content: |+2
      {% for entry in snipe_it_merged_config | dict2items %}
      {{ entry.key }}={{ entry.value }}
      {% endfor %}
    dest: "{{ snipe_it_env_file }}"
    owner: "{{ snipe_it_run_user_id }}"
    group: "{{ snipe_it_run_group_id }}"
    mode: "0640"
  when: snipe_it_state == 'present'
 - name: Deploy using {{ snipe_it_deployment_method }}
  ansible.builtin.include_tasks:
    file: "deploy-{{ snipe_it_deployment_method }}.yml"
--- a/roles/snipe_it/vars/main.yml
+++ b/roles/snipe_it/vars/main.yml
@ -1,6 +0,0 @@
 ---
 snipe_it_states:
  - present
  - absent
 snipe_it_deployment_methods:
  - docker
--- a/roles/vaultwarden/defaults/main/main.yml
+++ b/roles/vaultwarden/defaults/main/main.yml
@ -1,6 +1,6 @@
 ---
 vaultwarden_user: vaultwarden
-vaultwarden_version: "1.32.7"
+vaultwarden_version: "1.32.2"
 vaultwarden_config_file: "/etc/vaultwarden/config.json"
 vaultwarden_config_directory: "{{ vaultwarden_config_file | dirname }}"
		`@ -1,3 +0,0 @@`
			`---`

			`keycloak_container_working_directory: /opt/keycloak`