Initial addition.

Role functional.

.ansible-lint

@@ -0,0 +1,9 @@
+skip_list:
+  - 'yaml'
+  - 'risky-shell-pipe'
+  - 'role-name'
+
+kinds:
+  - meta: "**/meta/main.yml"
+  - tasks: "**/tasks/*.yml"
+  - vars: "**/vars/*.yml"

.gitignore

@@ -0,0 +1,7 @@
+*.retry
+*/__pycache__
+*.pyc
+.cache
+.venv
+.env.yml
+docker-compose.yml

.travis.yml

@@ -0,0 +1,29 @@
+---
+language: python
+python: "2.7"
+
+# Use the new container infrastructure
+sudo: false
+
+# Install ansible
+addons:
+  apt:
+    packages:
+    - python-pip
+
+install:
+  # Install ansible
+  - pip install ansible
+
+  # Check ansible version
+  - ansible --version
+
+  # Create ansible.cfg with correct roles_path
+  - printf '[defaults]\nroles_path=../' >ansible.cfg
+
+script:
+  # Basic role syntax check
+  - ansible-playbook tests/test.yml -i tests/inventory --syntax-check
+
+notifications:
+  webhooks: https://galaxy.ansible.com/api/v1/notifications/

.yamllint

@@ -0,0 +1,33 @@
+---
+# Based on ansible-lint config
+extends: default
+
+rules:
+  braces:
+    max-spaces-inside: 1
+    level: error
+  brackets:
+    max-spaces-inside: 1
+    level: error
+  colons:
+    max-spaces-after: -1
+    level: error
+  commas:
+    max-spaces-after: -1
+    level: error
+  comments: disable
+  comments-indentation: disable
+  document-start: disable
+  empty-lines:
+    max: 3
+    level: error
+  hyphens:
+    level: error
+  indentation: disable
+  key-duplicates: enable
+  line-length: disable
+  new-line-at-end-of-file: disable
+  new-lines:
+    type: unix
+  trailing-spaces: disable
+  truthy: disable

LICENSE

@@ -0,0 +1,20 @@
+The MIT License (MIT)
+
+Copyright (c) 2022 Laur Ivan
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of
+this software and associated documentation files (the "Software"), to deal in
+the Software without restriction, including without limitation the rights to
+use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
+the Software, and to permit persons to whom the Software is furnished to do so,
+subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
+FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
+COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
+IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

README.md

@@ -0,0 +1,59 @@
+# laurivan.geoip
+
+This role installs MaxMind GeoIP DB downloader on your system
+
+## Requirements
+
+N/A
+
+## Role Variables
+
+
+This role uses the variables listed below, along with default values (see defaults/main.yml).
+
+You need GeoIP credentials in order to use this image. Get them for free at [MaxMind](https://dev.maxmind.com/?lang=en). Once you have them, please set:
+
+```yaml
+geoip_account_id:
+geoip_license_key: 
+```
+
+If you don't have the credentials set, the role will skip most tasks.
+
+Second step is to decide the frequency of update and the type of data you want (country- or city-level). Once you have decided, please set:
+
+```yaml
+geoip_update_edition_ids: "GeoLite2-City"
+geoip_update_frequency: "168"
+```
+
+As you can see, there are already defaults: get the city-level data every 7 days (because, let's be honest, geoip data doesn't change massively that often).
+
+Now that all server-side parameters are set, we need a location where the data is downloaded. This is sete via `geoip_volume` which defaults to */var/local/geoip/*.
+
+Note: It is important to remember this location and set its rights properly because you'll need it for other software which uses GeoIP.
+
+## Dependencies
+
+None
+
+## Example Playbook
+
+Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
+
+    - hosts: servers
+      vars:
+        geoip_account_id: "123456"
+        geoip_license_key: "FakeLicenseKey"
+        geoip_update_edition_ids: "GeoLite2-City GeoLite2-Country"
+        geoip_update_frequency: "72"
+      roles:
+         - { role: username.rolename, x: 42 }
+
+## License
+
+MIT
+
+## Author Information
+
+An optional section for the role authors to include contact information, or a website (HTML is not allowed).

defaults/main.yml

@@ -0,0 +1,10 @@
+---
+# defaults file for geoip
+geoip_account_id:
+geoip_license_key: 
+geoip_update_edition_ids: "GeoLite2-City"
+geoip_update_frequency: "8"
+
+# Location of the geoip database
+#
+geoip_volume: "/var/local/geoip/"

handlers/main.yml

@@ -0,0 +1,2 @@
+---
+# handlers file for geoip

meta/main.yml

@@ -0,0 +1,33 @@
+galaxy_info:
+  author: Laur Ivan
+  namespace: laurivan
+  role_name: geoip
+  description: GeoIP installation via docker
+  license: MIT
+
+  min_ansible_version: "2.4"
+  min_ansible_container_version: "2.4"
+
+  platforms:
+    - name: Debian
+      versions:
+        - buster
+        - bullseye
+    - name: Ubuntu
+      versions:
+        - bionic
+        - focal
+        - jammy
+    - name: Alpine
+      version:
+        - all
+    - name: ArchLinux
+      versions:
+        - all
+
+  galaxy_tags: 
+    - docker
+    - plausible
+    - metrics
+
+dependencies: []

molecule/default/INSTALL.rst

@@ -0,0 +1,15 @@
+***********************************
+Delegated driver installation guide
+***********************************
+
+Requirements
+============
+
+This driver is delegated to the developer.  Up to the developer to implement
+requirements.
+
+Install
+=======
+
+This driver is delegated to the developer.  Up to the developer to implement
+requirements.

molecule/default/converge.yml

@@ -0,0 +1,27 @@
+---
+- name: Converge
+  hosts: all
+  #gather_facts: false
+
+  pre_tasks:
+    - name: Update apt cache.
+      apt: update_cache=yes cache_valid_time=600
+      when: ansible_os_family == 'Debian'
+    - name: Install python requests
+      pip:
+        name: 
+          - requests
+          - docker
+    - name: Install docker
+      vars:
+        docker_service_manage: false
+      include_role:
+        name: geerlingguy.docker
+
+  tasks:
+    - name: "Include necessary variables"
+      ansible.builtin.include_vars:
+        file: "../../.env.yml"
+    - name: "Include laurivan.geoip"
+      ansible.builtin.include_role:
+        name: "laurivan.geoip"

molecule/default/destroy.yml

@@ -0,0 +1,24 @@
+---
+- name: Destroy
+  hosts: localhost
+  connection: local
+  gather_facts: false
+  no_log: "{{ molecule_no_log }}"
+  tasks:
+    # Developer must implement.
+
+    # Mandatory configuration for Molecule to function.
+
+    - name: Populate instance config
+      ansible.builtin.set_fact:
+        instance_conf: {}
+
+    - name: Dump instance config
+      ansible.builtin.copy:
+        content: |
+          # Molecule managed
+
+          {{ instance_conf | to_json | from_json | to_yaml }}
+        dest: "{{ molecule_instance_config }}"
+        mode: 0600
+      when: server.changed | default(false) | bool

molecule/default/molecule.yml

@@ -0,0 +1,30 @@
+---
+role_name_check: 1
+dependency:
+  name: galaxy
+  options:
+    ignore-certs: true
+    ignore-errors: true
+    role-file: molecule/requirements.yml
+    requirements-file: molecule/requirements.yml
+driver:
+  name: docker
+platforms:
+  - name: instance-geoip
+    image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest"
+    command: ${MOLECULE_DOCKER_COMMAND:-""}
+    volumes:
+      - /sys/fs/cgroup:/sys/fs/cgroup:ro
+      - /var/run/docker.sock:/tmp/docker_mounted.sock
+    privileged: true
+    pre_build_image: true
+provisioner:
+  name: ansible
+  playbooks:
+    converge: ${MOLECULE_PLAYBOOK:-converge.yml}
+verifier:
+  name: ansible
+lint: |
+  set -e
+  yamllint .
+  ansible-lint .

molecule/default/prepare.yml

@@ -0,0 +1,12 @@
+---
+- name: Setup the test machine
+  hosts: instance-geoip
+  tasks:
+    - name: Create docker.sock
+      raw: touch /var/run/docker.sock
+      become: true
+      changed_when: false
+    - name: Move docker.sock from tmp
+      raw: mount --move /tmp/docker_mounted.sock /var/run/docker.sock
+      become: true
+      changed_when: false

molecule/default/verify.yml

@@ -0,0 +1,10 @@
+---
+# This is an example playbook to execute Ansible tests.
+
+- name: Verify
+  hosts: all
+  gather_facts: false
+  tasks:
+  - name: Example assertion
+    ansible.builtin.assert:
+      that: true

molecule/requirements.yml

@@ -0,0 +1,3 @@
+---
+roles:
+  - geerlingguy.docker

tasks/main.yml

@@ -0,0 +1,35 @@
+---
+# tasks file for geoip
+- name: Set up directories
+  ansible.builtin.file:
+    state: directory
+    path: "{{ item }}"
+    owner: "{{ ansible_user_id }}"
+    mode: '0755'
+  with_items:
+    - "{{ geoip_volume }}"
+
+  become: true
+  tags:
+    - configuration
+
+- name: Write GeoIP configuration
+  ansible.builtin.template:
+    src: geoip.conf.j2
+    dest: "{{ geoip_volume }}/env.conf"
+    mode: '0600'
+    owner: "{{ ansible_user_id }}"
+  when: geoip_account_id and geoip_license_key
+  tags:
+    - configuration
+
+- name: Install geoip
+  docker_container:
+    name: "geoip"
+    recreate: true
+    restart_policy: unless-stopped
+    image: "maxmindinc/geoipupdate"
+    env_file: "{{ geoip_volume }}/env.conf"
+    volumes:
+      - "{{ geoip_volume }}:/usr/share/GeoIP"
+  when: geoip_account_id and geoip_license_key

templates/geoip.conf.j2

@@ -0,0 +1,5 @@
+GEOIPUPDATE_ACCOUNT_ID={{ geoip_account_id }}
+GEOIPUPDATE_LICENSE_KEY={{ geoip_license_key }}
+
+GEOIPUPDATE_EDITION_IDS={{ geoip_update_edition_ids }}
+GEOIPUPDATE_FREQUENCY={{ geoip_update_frequency }}

tests/inventory

@@ -0,0 +1,2 @@
+localhost
+

tests/test.yml

@@ -0,0 +1,5 @@
+---
+- hosts: localhost
+  remote_user: root
+  roles:
+    - geoip

vars/main.yml

@@ -0,0 +1,2 @@
+---
+# vars file for geoip