feat: initial commit

.ansible-lint

@@ -0,0 +1,23 @@
+---
+
+exclude_paths:
+  - ".gitlab/*"
+  - ".gitlab-ci.yml"
+  - "defaults/main.yaml"
+  - "meta/main.yaml"
+  - "vars/*"
+
+kinds:
+  - playbook: "**/*.{yml,yaml}"
+
+skip_list:
+  - "command-shell"
+  - "experimental"
+  - "git-latest"
+  - "no-changed-when"
+  - "no-handler"
+  - "name[casing]"
+  - "name[template]"
+  - "risky-file-permissions"
+  - "schema[playbook]"
+  - "var-naming[no-role-prefix]"

.gitignore

@@ -0,0 +1,9 @@
+.ansible/
+.git/
+*.pyc
+*.pyo
+.molecule/
+.tox/
+*.log
+.venv/
+venv/

.gitlab-ci.yml

@@ -0,0 +1,26 @@
+---
+
+stages:
+  - lint
+  - test
+
+variables:
+  ANSIBLE_FORCE_COLOR: "true"
+
+ansible-lint:
+  stage: lint
+  image: "registry.gitlab.com/siempie/ansible-runner:latest"
+  script:
+    - "ansible-lint"
+  rules:
+    - if: "$CI_PIPELINE_SOURCE == 'merge_request_event'"
+    - if: "$CI_COMMIT_BRANCH == 'main'"
+
+molecule:
+  stage: test
+  image: "registry.gitlab.com/siempie/ansible-runner:latest"
+  script:
+    - "molecule test"
+  rules:
+    - if: "$CI_PIPELINE_SOURCE == 'merge_request_event'"
+    - if: "$CI_COMMIT_BRANCH == 'main'"

.markdownlint-cli2.jsonc

@@ -0,0 +1,8 @@
+{
+  "config": {
+    "MD004": false,
+    "MD013": false,
+    "MD030": false,
+    "MD033": false
+  }
+}

.yamllint

@@ -0,0 +1,10 @@
+---
+
+extends: "default"
+
+rules:
+  line-length:
+    max: 120
+    level: "warning"
+  indentation:
+    spaces: 2

AGENTS.md

@@ -0,0 +1,23 @@
+# Agents
+
+This role configures [phpIPAM](https://phpipam.net/) - an open-source IP address management tool.
+
+## Role Analysis
+
+- **Type**: Application server role (IPAM)
+- **OS Support**: Debian 12, Debian 13
+- **Deployment Method**: Docker
+- **Dependencies**: Docker must be installed
+
+## Tasks
+
+1. **install mariadb** - Deploys MariaDB via Docker
+2. **install phpipam** - Deploys phpIPAM via Docker
+3. **cleanup docker** - Cleans up Docker resources
+
+## Testing
+
+```bash
+ansible-lint
+molecule test
+```

defaults/main.yaml

@@ -0,0 +1,7 @@
+---
+
+# phpipam
+phpipam_db_root_password: "changeme"
+phpipam_db_user: "phpipam"
+phpipam_db_password: "changeme"
+phpipam_db_name: "phpipam"

meta/main.yaml

@@ -0,0 +1,8 @@
+---
+
+galaxy_info:
+  author: "siempie"
+  description: "install and configure phpipam"
+  license: "MIT"
+  role_name: "phpipam"
+dependencies: []

playbook.yaml

@@ -0,0 +1,17 @@
+---
+
+- name: "install phpipam"
+  hosts: "all"
+  become: true
+  tasks:
+    - name: "force-update requirements"
+      ansible.builtin.command:
+        cmd: "ansible-galaxy install -f -r roles/requirements.yml"
+      become: false
+      delegate_to: "localhost"
+      changed_when: false
+      failed_when: false
+
+    - name: "execute role: phpipam"
+      ansible.builtin.include_role:
+        name: "phpipam"

renovate.json

@@ -0,0 +1,12 @@
+{
+  "extends": [
+    "config:base"
+  ],
+  "packageRules": [
+    {
+      "matchPackagePatterns": ["*"],
+      "matchUpdateTypes": ["patch", "minor", "major"],
+      "groupName": "all"
+    }
+  ]
+}

roles/requirements.yml

@@ -0,0 +1,12 @@
+---
+
+roles:
+  - name: "docker"
+    src: "https://gitlab.simoncor.net/ansible/ans-docker.git"
+    scm: "git"
+  - name: "phpipam"
+    src: "https://gitlab.simoncor.net/ansible/ans-ipam.git"
+    scm: "git"
+  - name: "traefik"
+    src: "https://gitlab.simoncor.net/ansible/ans-traefik.git"
+    scm: "git"

tasks/cleanup.yaml

@@ -0,0 +1,15 @@
+---
+
+# docker cleanup
+- name: "docker - prune all"
+  community.docker.docker_prune:
+    containers: true
+    images: true
+    networks: true
+    volumes: true
+    builder_cache: true
+
+# docker cleanup - force prune
+- name: "docker - force prune"
+  ansible.builtin.command: "docker system prune --all --force --volumes"
+  changed_when: false

tasks/main.yaml

@@ -0,0 +1,10 @@
+---
+
+- name: "install mariadb"
+  ansible.builtin.import_tasks: "mariadb.yaml"
+
+- name: "install phpipam"
+  ansible.builtin.import_tasks: "phpipam.yaml"
+
+- name: "cleanup docker"
+  ansible.builtin.import_tasks: "cleanup.yaml"

tasks/mariadb.yaml

@@ -0,0 +1,53 @@
+---
+
+# create mariadb data directory
+- name: "db - create mariadb directory"
+  ansible.builtin.file:
+    path: "/mnt/ipam/mysql"
+    state: "directory"
+    owner: "root"
+    group: "root"
+    mode: "0775"
+
+# run mariadb container
+- name: "db - run mariadb container"
+  community.docker.docker_container:
+
+    # docker defaults
+    auto_remove: "no"
+    container_default_behavior: "no_defaults"
+    detach: "yes"
+    init: "no"
+    interactive: "no"
+    log_driver: "json-file"
+    log_options:
+      max-size: "10m"
+      max-file: "3"
+    memory: "0"
+    paused: "no"
+    privileged: "no"
+    pull: "always"
+    read_only: "no"
+    state: "started"
+    tty: "no"
+
+    # run mariadb
+    name: "ipam-db"
+    image: "docker.io/mariadb:lts"
+    image_name_mismatch: "recreate"
+    restart_policy: "unless-stopped"
+    networks:
+      - name: "ipam-network"
+    volumes:
+      - "/mnt/ipam/mysql:/var/lib/mysql"
+
+    env:
+      
+      # mariadb
+      MARIADB_ROOT_PASSWORD: "{{ phpipam_db_root_password }}"
+      MARIADB_DATABASE: "{{ phpipam_db_name }}"
+      MARIADB_USER: "{{ phpipam_db_user }}"
+      MARIADB_PASSWORD: "{{ phpipam_db_password }}"
+
+      # global
+      TZ: "{{ timezone }}"

tasks/phpipam.yaml

@@ -0,0 +1,60 @@
+---
+
+- name: "create phpipam config directory"
+  ansible.builtin.file:
+    path: "/mnt/phpipam"
+    state: "directory"
+    owner: "root"
+    group: "root"
+    mode: "0775"
+
+- name: "create ipam network"
+  community.docker.docker_network:
+    name: "ipam-network"
+    driver: "bridge"
+    state: "present"
+
+- name: "run phpipam"
+  community.docker.docker_container:
+
+    # docker defaults
+    auto_remove: "no"
+    container_default_behavior: "no_defaults"
+    detach: "yes"
+    init: "no"
+    interactive: "no"
+    log_driver: "json-file"
+    log_options:
+      max-size: "10m"
+      max-file: "3"
+    memory: "0"
+    paused: "no"
+    privileged: "no"
+    pull: "always"
+    read_only: "no"
+    state: "started"
+    tty: "no"
+
+    # phpipam
+    name: "ipam-app"
+    image: "docker.io/phpipam/phpipam-www:v1.7.4"
+    image_name_mismatch: "recreate"
+    restart_policy: "unless-stopped"
+    networks:
+      - name: "ipam-network"
+    ports:
+      - "{{ phpipam_http_port }}:80"
+    volumes:
+      - "/mnt/phpipam:/phpipam"
+
+    env:
+
+      # phpipam
+      PHPIPAM_DB_HOST: "ipam-db"
+      PHPIPAM_DB_USER: "{{ phpipam_db_user }}"
+      PHPIPAM_DB_PASS: "{{ phpipam_db_password }}"
+      PHPIPAM_DB_NAME: "{{ phpipam_db_name }}"
+      PHPIPAM_DB_PRETTY_PRINT: "1"
+
+      # global
+      TZ: "{{ timezone }}"