chore(keycloak): allow disabling mapping of local providers into the container image

update(vaultwarden): bump version to 1.33.1
meta: bump version to 0.1.12, require community.docker@^4.0.0, community.crypto@^2.22.0
2025-02-04 12:04:15 +01:00 · 2025-02-03 20:23:50 +01:00 · 2025-02-03 09:44:09 +01:00 · 2025-02-03 09:40:21 +01:00 · 2025-02-02 19:50:54 +01:00 · 2025-01-31 13:11:54 +01:00
12 changed files with 73 additions and 30 deletions
--- a/galaxy.yml
+++ b/galaxy.yml
@ -1,13 +1,13 @@
 namespace: finallycoffee
 name: services
-version: 0.1.10
+version: "0.1.12"
 readme: README.md
 authors:
 - transcaffeine <transcaffeine@finally.coffee>
 description: Various ansible roles useful for automating infrastructure
 dependencies:
-  "community.crypto": "^2.0.0"
+  "community.crypto": "^2.22.0"
-  "community.docker": "^3.0.0"
+  "community.docker": "^4.0.0"
 license_file: LICENSE.md
 build_ignore:
 - '*.tar.gz'
--- a/roles/authelia/defaults/main.yml
+++ b/roles/authelia/defaults/main.yml
@ -4,9 +4,6 @@ authelia_user: authelia
 authelia_base_dir: /opt/authelia
 authelia_domain: authelia.example.org
 authelia_state: present
 authelia_deployment_method: docker
 authelia_config_dir: "{{ authelia_base_dir }}/config"
 authelia_config_file: "{{ authelia_config_dir }}/config.yaml"
 authelia_data_dir: "{{ authelia_base_dir }}/data"
@ -45,8 +42,7 @@ authelia_container_ports: ~
 authelia_container_networks: ~
 authelia_container_purge_networks: ~
 authelia_container_restart_policy: unless-stopped
-authelia_container_state: >-2
+authelia_container_state: started
  {{ (authelia_state == 'present' | ternary('started', 'absent') }}
 authelia_container_listen_port: 9091
 authelia_tls_minimum_version: TLS1.2
--- a/roles/authelia/tasks/main.yml
+++ b/roles/authelia/tasks/main.yml
@ -1,20 +1,16 @@
 ---
 - name: Ensure state is valid
  ansible.builtin.fail:
    msg: "Invalid state '{{ authelia_state }}'! Valid states are {{ authelia_states | join(', ') }}"
  when: authelia_state not in authelia_states
- name: Ensure user {{ authelia_user }} is {{ authelia_state }}
+- name: Ensure user {{ authelia_user }} exists
  ansible.builtin.user:
    name: "{{ authelia_user }}"
-    state: "{{ authelia_state }}"
+    state: present
    system: true
  register: authelia_user_info
 - name: Ensure host directories are created with correct permissions
  ansible.builtin.file:
    path: "{{ item.path }}"
-    state: "{{ (authelia_state == 'present') | ternary('directory', 'absent') }}"
+    state: directory
    owner: "{{ item.owner | default(authelia_user) }}"
    group: "{{ item.group | default(authelia_user) }}"
    mode: "{{ item.mode | default('0750') }}"
@ -36,9 +32,62 @@
    owner: "{{ authelia_run_user }}"
    group: "{{ authelia_run_group }}"
    mode: "0640"
  when: authelia_state == 'present'
  notify: restart-authelia
- name: Deploy using {{ authelia_deployment_method }}
+- name: Ensure sqlite database file exists before mounting it
-  ansible.builtin.include_tasks:
+  ansible.builtin.file:
-    file: "deploy-{{ authelia_deployment_method }}.yml"
+    path: "{{ authelia_sqlite_storage_file }}"
    state: touch
    owner: "{{ authelia_run_user }}"
    group: "{{ authelia_run_group }}"
    mode: "0640"
    access_time: preserve
    modification_time: preserve
  when: authelia_config_storage_local_path | default(false, true)
 - name: Ensure user database exists before mounting it
  ansible.builtin.file:
    path: "{{ authelia_user_storage_file }}"
    state: touch
    owner: "{{ authelia_run_user }}"
    group: "{{ authelia_run_group }}"
    mode: "0640"
    access_time: preserve
    modification_time: preserve
  when: authelia_config_authentication_backend_file_path | default(false, true)
 - name: Ensure notification reports file exists before mounting it
  ansible.builtin.file:
    path: "{{ authelia_notification_storage_file }}"
    state: touch
    owner: "{{ authelia_run_user }}"
    group: "{{ authelia_run_group }}"
    mode: "0640"
    access_time: preserve
    modification_time: preserve
  when: authelia_config_notifier_filesystem_filename | default(false, true)
 - name: Ensure authelia container image is present
  community.docker.docker_image:
    name: "{{ authelia_container_image_ref }}"
    state: present
    source: pull
    force_source: "{{ authelia_container_image_force_pull }}"
  register: authelia_container_image_info
 - name: Ensure authelia container is running
  community.docker.docker_container:
    name: "{{ authelia_container_name }}"
    image: "{{ authelia_container_image_ref }}"
    env: "{{ authelia_container_env }}"
    user: "{{ authelia_run_user }}:{{ authelia_run_group }}"
    ports: "{{ authelia_container_ports | default(omit, true) }}"
    labels: "{{ authelia_container_labels }}"
    volumes: "{{ authelia_container_volumes }}"
    networks: "{{ authelia_container_networks | default(omit, true) }}"
    etc_hosts: "{{ authelia_container_etc_hosts | default(omit, true) }}"
    purge_networks: "{{ authelia_container_purge_networks | default(omit, true)}}"
    restart_policy: "{{ authelia_container_restart_policy }}"
    recreate: "{{ authelia_container_recreate | default(omit, true) }}"
    state: "{{ authelia_container_state }}"
  register: authelia_container_info
--- a/roles/authelia/vars/main.yml
+++ b/roles/authelia/vars/main.yml
@ -1,9 +1,4 @@
 ---
 authelia_states:
  - present
  - absent
 authelia_deployment_methods:
  - docker
 authelia_run_user: "{{ (authelia_user_info.uid) if authelia_user_info is defined else authelia_user }}"
 authelia_run_group: "{{ (authelia_user_info.group) if authelia_user_info is defined else authelia_user }}"
--- a/roles/ghost/defaults/main.yml
+++ b/roles/ghost/defaults/main.yml
@ -1,6 +1,6 @@
 ---
 ghost_domain: ~
-ghost_version: "5.105.0"
+ghost_version: "5.109.0"
 ghost_user: ghost
 ghost_user_group: ghost
 ghost_base_path: /opt/ghost
--- a/roles/gitea/defaults/main.yml
+++ b/roles/gitea/defaults/main.yml
@ -32,6 +32,7 @@ gitea_container_extra_labels: {}
 gitea_container_extra_ports: []
 gitea_container_extra_volumes: []
 gitea_container_state: started
 gitea_container_user: ~
 # container defaults
 gitea_container_base_volumes:
--- a/roles/gitea/tasks/main.yml
+++ b/roles/gitea/tasks/main.yml
@ -1,5 +1,4 @@
 ---
 - name: Ensure gitea user '{{ gitea_user }}' is present
  ansible.builtin.user:
    name: "{{ gitea_user }}"
@ -75,6 +74,7 @@
    published_ports: "{{ gitea_container_ports }}"
    restart_policy: "{{ gitea_container_restart_policy }}"
    state: "{{ gitea_container_state }}"
    user: "{{ gitea_container_user | default(omit, true) }}"
 - name: Ensure given configuration is set in the config file
  ansible.builtin.ini_file:
--- a/roles/hedgedoc/defaults/main/main.yml
+++ b/roles/hedgedoc/defaults/main/main.yml
@ -1,6 +1,6 @@
 ---
 hedgedoc_user: hedgedoc
-hedgedoc_version: "1.10.0"
+hedgedoc_version: "1.10.1"
 hedgedoc_state: present
 hedgedoc_deployment_method: docker
--- a/roles/jellyfin/defaults/main.yml
+++ b/roles/jellyfin/defaults/main.yml
@ -1,6 +1,6 @@
 ---
 jellyfin_user: jellyfin
-jellyfin_version: "10.10.3"
+jellyfin_version: "10.10.5"
 jellyfin_state: present
 jellyfin_base_path: /opt/jellyfin
--- a/roles/keycloak/defaults/main.yml
+++ b/roles/keycloak/defaults/main.yml
@ -1,5 +1,5 @@
 ---
-keycloak_version: 26.0.7
+keycloak_version: "26.1.0"
 keycloak_container_name: keycloak
 keycloak_container_image_upstream_registry: quay.io
--- a/roles/keycloak/templates/Dockerfile.j2
+++ b/roles/keycloak/templates/Dockerfile.j2
@ -10,7 +10,9 @@ ENV KC_DB=$DB_VENDOR
 WORKDIR {{ keycloak_container_working_directory }}
 {% if keycloak_container_image_add_local_providers | default(true) %}
 ADD ./providers/* providers/
 {% endif %}
 # Workaround to set correct mode on jar files
 USER root
 RUN chmod -R 0770 providers/*
--- a/roles/vaultwarden/defaults/main/main.yml
+++ b/roles/vaultwarden/defaults/main/main.yml
@ -1,6 +1,6 @@
 ---
 vaultwarden_user: vaultwarden
-vaultwarden_version: "1.32.7"
+vaultwarden_version: "1.33.1"
 vaultwarden_config_file: "/etc/vaultwarden/config.json"
 vaultwarden_config_directory: "{{ vaultwarden_config_file | dirname }}"
Author	SHA1	Message	Date
transcaffeine	94ddaf98f0	chore(keycloak): allow disabling mapping of local providers into the container image	2025-02-04 12:04:15 +01:00
transcaffeine	23f5f560b6	update(vaultwarden): bump version to 1.33.1	2025-02-03 20:23:50 +01:00
transcaffeine	a8f74baa53	meta: bump version to 0.1.12, require community.docker@^4.0.0, community.crypto@^2.22.0	2025-02-03 09:44:09 +01:00
transcaffeine	836183ad55	update(hedgedoc): bump version to 1.10.1	2025-02-03 09:40:21 +01:00
transcaffeine	0deea90113	update(ghost): bump version to 5.109.0	2025-02-02 19:50:54 +01:00
transcaffeine	a5108c1bb6	feat(gitea): allow specifying container user for rootless mode	2025-01-31 13:11:54 +01:00
transcaffeine	a278d5a438	meta: bump collection version to 0.1.11	2025-01-30 15:47:46 +01:00
transcaffeine	6ff3590514	update(jellyfin): bump version to 10.10.5	2025-01-26 09:01:10 +01:00
transcaffeine	801b4b2cbf	update(vaultwarden): bump version to 1.33.0	2025-01-25 22:06:06 +01:00
transcaffeine	5ea018e04c	update(ghost): bump version to 5.107.2	2025-01-23 21:40:20 +01:00
transcaffeine	842492c30d	update(jellyfin): bump version to 10.10.4	2025-01-22 20:37:58 +01:00
transcaffeine	249f2e8926	update(ghost): bump version to 5.107.0	2025-01-19 14:07:00 +01:00
transcaffeine	0f75b2a4aa	update(keycloak): bump version to 26.1.0	2025-01-18 12:36:11 +01:00
transcaffeine	d934993817	update(keycloak): bump version to 26.0.8	2025-01-17 16:01:52 +01:00