From 718146cd8840aadb03ef488c094823d6b2fded86 Mon Sep 17 00:00:00 2001 From: Simon Cornet Date: Wed, 18 Feb 2026 16:50:13 +0100 Subject: [PATCH] feat: initial commit --- .ansible-lint | 23 +++++++++++++++ .gitignore | 9 ++++++ .gitlab-ci.yml | 26 +++++++++++++++++ .markdownlint-cli2.jsonc | 8 ++++++ .yamllint | 10 +++++++ AGENTS.md | 23 +++++++++++++++ defaults/main.yaml | 7 +++++ meta/main.yaml | 8 ++++++ playbook.yaml | 17 ++++++++++++ renovate.json | 12 ++++++++ roles/requirements.yml | 12 ++++++++ tasks/cleanup.yaml | 15 ++++++++++ tasks/main.yaml | 10 +++++++ tasks/mariadb.yaml | 53 +++++++++++++++++++++++++++++++++++ tasks/phpipam.yaml | 60 ++++++++++++++++++++++++++++++++++++++++ 15 files changed, 293 insertions(+) create mode 100644 .ansible-lint create mode 100644 .gitignore create mode 100644 .gitlab-ci.yml create mode 100644 .markdownlint-cli2.jsonc create mode 100644 .yamllint create mode 100644 AGENTS.md create mode 100644 defaults/main.yaml create mode 100644 meta/main.yaml create mode 100644 playbook.yaml create mode 100644 renovate.json create mode 100644 roles/requirements.yml create mode 100644 tasks/cleanup.yaml create mode 100644 tasks/main.yaml create mode 100644 tasks/mariadb.yaml create mode 100644 tasks/phpipam.yaml diff --git a/.ansible-lint b/.ansible-lint new file mode 100644 index 0000000..9b9b52a --- /dev/null +++ b/.ansible-lint @@ -0,0 +1,23 @@ +--- + +exclude_paths: + - ".gitlab/*" + - ".gitlab-ci.yml" + - "defaults/main.yaml" + - "meta/main.yaml" + - "vars/*" + +kinds: + - playbook: "**/*.{yml,yaml}" + +skip_list: + - "command-shell" + - "experimental" + - "git-latest" + - "no-changed-when" + - "no-handler" + - "name[casing]" + - "name[template]" + - "risky-file-permissions" + - "schema[playbook]" + - "var-naming[no-role-prefix]" diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..56a988f --- /dev/null +++ b/.gitignore @@ -0,0 +1,9 @@ +.ansible/ +.git/ +*.pyc +*.pyo +.molecule/ +.tox/ +*.log +.venv/ +venv/ diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml new file mode 100644 index 0000000..290c01e --- /dev/null +++ b/.gitlab-ci.yml @@ -0,0 +1,26 @@ +--- + +stages: + - lint + - test + +variables: + ANSIBLE_FORCE_COLOR: "true" + +ansible-lint: + stage: lint + image: "registry.gitlab.com/siempie/ansible-runner:latest" + script: + - "ansible-lint" + rules: + - if: "$CI_PIPELINE_SOURCE == 'merge_request_event'" + - if: "$CI_COMMIT_BRANCH == 'main'" + +molecule: + stage: test + image: "registry.gitlab.com/siempie/ansible-runner:latest" + script: + - "molecule test" + rules: + - if: "$CI_PIPELINE_SOURCE == 'merge_request_event'" + - if: "$CI_COMMIT_BRANCH == 'main'" diff --git a/.markdownlint-cli2.jsonc b/.markdownlint-cli2.jsonc new file mode 100644 index 0000000..621d874 --- /dev/null +++ b/.markdownlint-cli2.jsonc @@ -0,0 +1,8 @@ +{ + "config": { + "MD004": false, + "MD013": false, + "MD030": false, + "MD033": false + } +} diff --git a/.yamllint b/.yamllint new file mode 100644 index 0000000..e23a6f5 --- /dev/null +++ b/.yamllint @@ -0,0 +1,10 @@ +--- + +extends: "default" + +rules: + line-length: + max: 120 + level: "warning" + indentation: + spaces: 2 diff --git a/AGENTS.md b/AGENTS.md new file mode 100644 index 0000000..4c27b0c --- /dev/null +++ b/AGENTS.md @@ -0,0 +1,23 @@ +# Agents + +This role configures [phpIPAM](https://phpipam.net/) - an open-source IP address management tool. + +## Role Analysis + +- **Type**: Application server role (IPAM) +- **OS Support**: Debian 12, Debian 13 +- **Deployment Method**: Docker +- **Dependencies**: Docker must be installed + +## Tasks + +1. **install mariadb** - Deploys MariaDB via Docker +2. **install phpipam** - Deploys phpIPAM via Docker +3. **cleanup docker** - Cleans up Docker resources + +## Testing + +```bash +ansible-lint +molecule test +``` diff --git a/defaults/main.yaml b/defaults/main.yaml new file mode 100644 index 0000000..9a367e3 --- /dev/null +++ b/defaults/main.yaml @@ -0,0 +1,7 @@ +--- + +# phpipam +phpipam_db_root_password: "changeme" +phpipam_db_user: "phpipam" +phpipam_db_password: "changeme" +phpipam_db_name: "phpipam" diff --git a/meta/main.yaml b/meta/main.yaml new file mode 100644 index 0000000..8581622 --- /dev/null +++ b/meta/main.yaml @@ -0,0 +1,8 @@ +--- + +galaxy_info: + author: "siempie" + description: "install and configure phpipam" + license: "MIT" + role_name: "phpipam" +dependencies: [] diff --git a/playbook.yaml b/playbook.yaml new file mode 100644 index 0000000..35f8630 --- /dev/null +++ b/playbook.yaml @@ -0,0 +1,17 @@ +--- + +- name: "install phpipam" + hosts: "all" + become: true + tasks: + - name: "force-update requirements" + ansible.builtin.command: + cmd: "ansible-galaxy install -f -r roles/requirements.yml" + become: false + delegate_to: "localhost" + changed_when: false + failed_when: false + + - name: "execute role: phpipam" + ansible.builtin.include_role: + name: "phpipam" diff --git a/renovate.json b/renovate.json new file mode 100644 index 0000000..d02a70e --- /dev/null +++ b/renovate.json @@ -0,0 +1,12 @@ +{ + "extends": [ + "config:base" + ], + "packageRules": [ + { + "matchPackagePatterns": ["*"], + "matchUpdateTypes": ["patch", "minor", "major"], + "groupName": "all" + } + ] +} diff --git a/roles/requirements.yml b/roles/requirements.yml new file mode 100644 index 0000000..ef2f200 --- /dev/null +++ b/roles/requirements.yml @@ -0,0 +1,12 @@ +--- + +roles: + - name: "docker" + src: "https://gitlab.simoncor.net/ansible/ans-docker.git" + scm: "git" + - name: "phpipam" + src: "https://gitlab.simoncor.net/ansible/ans-ipam.git" + scm: "git" + - name: "traefik" + src: "https://gitlab.simoncor.net/ansible/ans-traefik.git" + scm: "git" diff --git a/tasks/cleanup.yaml b/tasks/cleanup.yaml new file mode 100644 index 0000000..9cb61d3 --- /dev/null +++ b/tasks/cleanup.yaml @@ -0,0 +1,15 @@ +--- + +# docker cleanup +- name: "docker - prune all" + community.docker.docker_prune: + containers: true + images: true + networks: true + volumes: true + builder_cache: true + +# docker cleanup - force prune +- name: "docker - force prune" + ansible.builtin.command: "docker system prune --all --force --volumes" + changed_when: false diff --git a/tasks/main.yaml b/tasks/main.yaml new file mode 100644 index 0000000..60662ad --- /dev/null +++ b/tasks/main.yaml @@ -0,0 +1,10 @@ +--- + +- name: "install mariadb" + ansible.builtin.import_tasks: "mariadb.yaml" + +- name: "install phpipam" + ansible.builtin.import_tasks: "phpipam.yaml" + +- name: "cleanup docker" + ansible.builtin.import_tasks: "cleanup.yaml" diff --git a/tasks/mariadb.yaml b/tasks/mariadb.yaml new file mode 100644 index 0000000..b007ee7 --- /dev/null +++ b/tasks/mariadb.yaml @@ -0,0 +1,53 @@ +--- + +# create mariadb data directory +- name: "db - create mariadb directory" + ansible.builtin.file: + path: "/mnt/ipam/mysql" + state: "directory" + owner: "root" + group: "root" + mode: "0775" + +# run mariadb container +- name: "db - run mariadb container" + community.docker.docker_container: + + # docker defaults + auto_remove: "no" + container_default_behavior: "no_defaults" + detach: "yes" + init: "no" + interactive: "no" + log_driver: "json-file" + log_options: + max-size: "10m" + max-file: "3" + memory: "0" + paused: "no" + privileged: "no" + pull: "always" + read_only: "no" + state: "started" + tty: "no" + + # run mariadb + name: "ipam-db" + image: "docker.io/mariadb:lts" + image_name_mismatch: "recreate" + restart_policy: "unless-stopped" + networks: + - name: "ipam-network" + volumes: + - "/mnt/ipam/mysql:/var/lib/mysql" + + env: + + # mariadb + MARIADB_ROOT_PASSWORD: "{{ phpipam_db_root_password }}" + MARIADB_DATABASE: "{{ phpipam_db_name }}" + MARIADB_USER: "{{ phpipam_db_user }}" + MARIADB_PASSWORD: "{{ phpipam_db_password }}" + + # global + TZ: "{{ timezone }}" diff --git a/tasks/phpipam.yaml b/tasks/phpipam.yaml new file mode 100644 index 0000000..bde7102 --- /dev/null +++ b/tasks/phpipam.yaml @@ -0,0 +1,60 @@ +--- + +- name: "create phpipam config directory" + ansible.builtin.file: + path: "/mnt/phpipam" + state: "directory" + owner: "root" + group: "root" + mode: "0775" + +- name: "create ipam network" + community.docker.docker_network: + name: "ipam-network" + driver: "bridge" + state: "present" + +- name: "run phpipam" + community.docker.docker_container: + + # docker defaults + auto_remove: "no" + container_default_behavior: "no_defaults" + detach: "yes" + init: "no" + interactive: "no" + log_driver: "json-file" + log_options: + max-size: "10m" + max-file: "3" + memory: "0" + paused: "no" + privileged: "no" + pull: "always" + read_only: "no" + state: "started" + tty: "no" + + # phpipam + name: "ipam-app" + image: "docker.io/phpipam/phpipam-www:v1.7.4" + image_name_mismatch: "recreate" + restart_policy: "unless-stopped" + networks: + - name: "ipam-network" + ports: + - "{{ phpipam_http_port }}:80" + volumes: + - "/mnt/phpipam:/phpipam" + + env: + + # phpipam + PHPIPAM_DB_HOST: "ipam-db" + PHPIPAM_DB_USER: "{{ phpipam_db_user }}" + PHPIPAM_DB_PASS: "{{ phpipam_db_password }}" + PHPIPAM_DB_NAME: "{{ phpipam_db_name }}" + PHPIPAM_DB_PRETTY_PRINT: "1" + + # global + TZ: "{{ timezone }}"