Dev/ansible-role-outline-wiki
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Initial commit.

Browse Source
This commit is contained in:
Laur Ivan 2022-10-05 12:53:35 +02:00
commit 08215df8b7
27 changed files with 742 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
.gitignore vendored Normal file
View File

@ -0,0 +1,7 @@
*.retry
*/__pycache__
*.pyc
.cache
.venv
.env.yml
docker-compose.yml

29
.travis.yml Normal file
View File

@ -0,0 +1,29 @@
---
language: python
python: "2.7"
# Use the new container infrastructure
sudo: false
# Install ansible
addons:
apt:
packages:
- python-pip
install:
# Install ansible
- pip install ansible
# Check ansible version
- ansible --version
# Create ansible.cfg with correct roles_path
- printf '[defaults]\nroles_path=../' >ansible.cfg
script:
# Basic role syntax check
- ansible-playbook tests/test.yml -i tests/inventory --syntax-check
notifications:
webhooks: https://galaxy.ansible.com/api/v1/notifications/

33
.yamllint Normal file
View File

@ -0,0 +1,33 @@
---
# Based on ansible-lint config
extends: default
rules:
braces:
max-spaces-inside: 1
level: error
brackets:
max-spaces-inside: 1
level: error
colons:
max-spaces-after: -1
level: error
commas:
max-spaces-after: -1
level: error
comments: disable
comments-indentation: disable
document-start: disable
empty-lines:
max: 3
level: error
hyphens:
level: error
indentation: disable
key-duplicates: enable
line-length: disable
new-line-at-end-of-file: disable
new-lines:
type: unix
trailing-spaces: disable
truthy: disable

20
LICENSE Normal file
View File

@ -0,0 +1,20 @@
The MIT License (MIT)
Copyright (c) 2022 Laur Ivan
Permission is hereby granted, free of charge, to any person obtaining a copy of
this software and associated documentation files (the "Software"), to deal in
the Software without restriction, including without limitation the rights to
use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
the Software, and to permit persons to whom the Software is furnished to do so,
subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

178
README.md Normal file
View File

@ -0,0 +1,178 @@
# laurivan.outline
This role installs Outline via Docker.
## Requirements
None
## Role Variables
All variables are listed below (see also `defaults/main.yml`).
### Common variables
You need to specify:
- The `timezone`
- The location where torrents will be downloaded
- The location where different configuration files are stored
- The place where `docker-compose.yml` and the environment files are stored
```yml
timezone: 'Europe/Brussels'
torrent_downloads_volume: '/mnt/download'
outline_configuration_volume: '/mnt/config'
outline_setup_path: '~/outline'
```
If you need to install the containers with a specific user/group ID, then define:
```yml
outline_uid:
outline_gid:
```
The role allows oyu to specify which components will be installed:
```yml
deluge_enabled: true
sonarr_enabled: true
lidarr_enabled: true
jackett_enabled: true
```
### Deluge torrent
You can specify the image version and the log level:
```yml
deluge_image_version: 'latest'
deluge_loglevel: 'warning'
```
Deluge works on ports 6881 and 8112. You can change these ports:
```yml
deluge_host_port: 6881
deluge_admin_port: 8112
```
You can also overwrite the location where deluge's configuration is stored (e.g. if you already have deluge installed and you want to use the Ansible role):
```yml
deluge_config_volume: '{{ outline_configuration_volume }}/deluge'
```
### Radarr
You can specify the image version and the port exposed:
```yml
radarr_image_version: 'latest'
radarr_host_port: 7878
```
You can also overwrite the location where radarr's configuration is stored (e.g. if you already have it installed and you want to use the Ansible role):
```yml
radarr_config_volume: '{{ outline_configuration_volume }}/radarr'
```
Radarr needs a place to copy the downloaded series:
```yml
radarr_series_volume: '/mnt/videos/Movies'
```
**Notes**:
- Depending on your settings, it will also rename your current series
- You need write access to that directory, so Sonarr can actually copy the files
### Sonarr
You can specify the image version and the port exposed:
```yml
sonarr_image_version: 'latest'
sonarr_host_port: 8989
```
You can also overwrite the location where sonarr's configuration is stored (e.g. if you already have it installed and you want to use the Ansible role):
```yml
sonarr_config_volume: '{{ outline_configuration_volume }}/sonarr'
```
Sonarr needs a place to copy the downloaded series:
```yml
sonarr_series_volume: '/mnt/videos/Series'
```
**Notes**:
- Depending on your settings, it will also rename your current series
- You need write access to that directory, so Sonarr can actually copy the files
# Lidarr
You can specify the image version and the port exposed:
```yml
lidarr_image_version: 'latest'
lidarr_host_port: 8686
```
You can also overwrite the location where lidarr's configuration is stored (e.g. if you already have it installed and you want to use the Ansible role):
```yml
lidarr_config_volume: '{{ outline_configuration_volume }}/lidarr'
```
Lidarr needs a place to copy the downloaded music:
```yml
lidarr_music_upload_volume: '/mnt/music/Reference'
```
You will need to add a reference to your music collection (so you don't download what you already have). The layout below allows for multiple collections:
```yml
lidarr_music_volumes:
- {path: '/mnt/music/Sonos', alias: 'sonos' }
- {path: '/mnt/music/Audiophile', alias: 'audiophile' }
- {path: '/mnt/music/Raw', alias: 'raw' }
```
The `path` is the actual directory where the collection is located and the `alias` is the internal mapping name in Docker.
# Jakett
You can specify the image version, the port exposed and to autoupdate:
```yml
jackett_image_version: 'latest'
jackett_auto_update: true
jackett_host_port: 9117
```
You can also overwrite the location where jackett's configuration is stored (e.g. if you already have it installed and you want to use the Ansible role):
```yml
jackett_config_volume: '{{ outline_configuration_volume }}/jackett'
```
## Dependencies
You need a machine with docker and docker-compose installed.
## Example Playbook
```yml
- hosts: servers
roles:
- 'laurivan.outline'
```
## License
MIT
## Author Information
This role was created in 2022 by [Laur Ivan](https://www.laurivan.com).

5
TODO.md Normal file
View File

@ -0,0 +1,5 @@
# TODOs
- [ ] Add logo
- [ ] Optional S3 (allow for e.g. external minio install)

26
defaults/main.yml Normal file
View File

@ -0,0 +1,26 @@
---
# defaults file for outline
outline_setup_path: '~/outline'
outline_port: 3000
outline_url: "http://localhost:{{ outline_port }}"
outline_cdn_url:
outline_volume_base: "/mnt/outline"
outline_volume_redis: "{{ outline_volume_base }}/redis"
outline_volume_db: "{{ outline_volume_base }}/db"
outline_volume_s3: "{{ outline_volume_base }}/s3"
oidc_client_id:
oidc_client_secret:
oidc_auth_uri:
oidc_token_uri:
oidc_userinfo_uri:
outline_db_user: "postgres"
outline_db_password: "changeme"
outline_db: "outline"

2
handlers/main.yml Normal file
View File

@ -0,0 +1,2 @@
---
# handlers file for outline

37
meta/main.yml Normal file
View File

@ -0,0 +1,37 @@
galaxy_info:
author: Laur Ivan
namespace: laurivan
role_name: outline
description: Sonarr, Lidarr, Deluge and Jackett via Docker
license: MIT
min_ansible_version: "2.4"
min_ansible_container_version: "2.4"
platforms:
- name: Debian
versions:
- buster
- bullseye
- name: Ubuntu
versions:
- bionic
- focal
- jammy
- name: Alpine
version:
- all
- name: ArchLinux
versions:
- all
galaxy_tags:
- sonarr
- lidarr
- deluge
- jackett
- media
- grabber
- docker
dependencies: []

15
molecule/default/INSTALL.rst Normal file
View File

@ -0,0 +1,15 @@
***********************************
Delegated driver installation guide
***********************************
Requirements
============
This driver is delegated to the developer. Up to the developer to implement
requirements.
Install
=======
This driver is delegated to the developer. Up to the developer to implement
requirements.

23
molecule/default/cleanup.yml Normal file
View File

@ -0,0 +1,23 @@
---
- name: Clean up
hosts: all
gather_facts: true
tasks:
- name: Check if the docker-compose file exists.
ansible.builtin.stat:
path: "~/outline/docker-compose.yml"
register: docker_compose_file
- name: Remove docker-compose.
community.docker.docker_compose:
project_src: ~/outline/
build: false
state: absent
when: docker_compose_file.stat.exists
become: false
- name: Remove the docker-compose file
ansible.builtin.file:
path: "~/outline/docker-compose.yml"
state: absent
when: docker_compose_file.stat.exists

11
molecule/default/converge.yml Normal file
View File

@ -0,0 +1,11 @@
---
- name: Converge
hosts: all
# gather_facts: false
pre_tasks:
- name: "Include necessary variables"
ansible.builtin.include_vars:
file: "../../.env.yml"
roles:
- role: laurivan.outline

28
molecule/default/destroy.yml Normal file
View File

@ -0,0 +1,28 @@
---
- name: Destroy
hosts: localhost
connection: local
gather_facts: false
no_log: "{{ molecule_no_log }}"
tasks:
# Developer must implement.
- name: Remove the docker image
community.docker.docker_container:
name: instance-outline
state: absent
# Mandatory configuration for Molecule to function.
- name: Populate instance config
ansible.builtin.set_fact:
instance_conf: {}
- name: Dump instance config
ansible.builtin.copy:
content: |
# Molecule managed
{{ instance_conf | to_json | from_json | to_yaml }}
dest: "{{ molecule_instance_config }}"
mode: 0600
when: server.changed | default(false) | bool

30
molecule/default/molecule.yml Normal file
View File

@ -0,0 +1,30 @@
---
role_name_check: 1
dependency:
name: galaxy
options:
ignore-certs: true
ignore-errors: true
role-file: molecule/requirements.yml
requirements-file: molecule/requirements.yml
driver:
name: docker
platforms:
- name: instance-outline
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest"
command: ${MOLECULE_DOCKER_COMMAND:-""}
volumes:
- /sys/fs/cgroup:/sys/fs/cgroup:ro
- /var/run/docker.sock:/tmp/docker_mounted.sock
privileged: true
pre_build_image: true
provisioner:
name: ansible
playbooks:
converge: ${MOLECULE_PLAYBOOK:-converge.yml}
verifier:
name: ansible
lint: |
set -e
yamllint .
ansible-lint .

35
molecule/default/prepare.yml Normal file
View File

@ -0,0 +1,35 @@
---
- name: Setup the test machine
hosts: instance-outline
tasks:
- name: Check if /var/run/docker.sock already exists
ansible.builtin.stat:
path: "/var/run/docker.sock"
register: docker_sock_stat
- name: Create docker.sock
raw: touch /var/run/docker.sock
become: true
changed_when: false
when: not docker_sock_stat.stat.exists
- name: Move docker.sock from tmp
raw: mount --move /tmp/docker_mounted.sock /var/run/docker.sock
become: true
changed_when: false
when: not docker_sock_stat.stat.exists
- name: Update apt cache.
apt: update_cache=yes cache_valid_time=600
when: ansible_os_family == 'Debian'
- name: Install python requests
pip:
name:
- requests
- docker
- docker-compose
- name: Install docker
vars:
docker_service_manage: false
include_role:
name: geerlingguy.docker

10
molecule/default/verify.yml Normal file
View File

@ -0,0 +1,10 @@
---
# This is an example playbook to execute Ansible tests.
- name: Verify
hosts: all
gather_facts: false
tasks:
- name: Example assertion
ansible.builtin.assert:
that: true

4
molecule/requirements.yml Normal file
View File

@ -0,0 +1,4 @@
---
roles:
- geerlingguy.docker
collections: []

67
tasks/main.yml Normal file
View File

@ -0,0 +1,67 @@
---
# tasks file for outline
- name: Set up main directory
ansible.builtin.file:
state: directory
path: "{{ item }}"
owner: "{{ ansible_effective_user_id }}"
group: "{{ ansible_effective_group_id }}"
mode: "0750"
with_items:
- "{{ outline_setup_path }}"
tags:
- configuration
become: true
- name: Set up config directories
ansible.builtin.file:
state: directory
path: "{{ item }}"
owner: "{% if outline_uid %}{{ outline_uid }}{% else %}{{ ansible_effective_user_id }}{% endif %}"
group: "{% if outline_gid %}{{ outline_gid }}{% else %}{{ ansible_effective_group_id }}{% endif %}"
mode: "0750"
with_items:
- "{{ deluge_config_volume }}"
- "{{ radarr_config_volume }}"
- "{{ sonarr_config_volume }}"
- "{{ lidarr_config_volume }}"
- "{{ jackett_config_volume }}"
tags:
- configuration
become: true
- name: Set up upload directories
ansible.builtin.file:
state: directory
path: "{{ item }}"
owner: "{% if outline_uid %}{{ outline_uid }}{% else %}{{ ansible_effective_user_id }}{% endif %}"
group: "{% if outline_gid %}{{ outline_gid }}{% else %}{{ ansible_effective_group_id }}{% endif %}"
mode: "0750"
with_items:
- "{{ radarr_upload_volume }}"
- "{{ sonarr_upload_volume }}"
- "{{ lidarr_upload_volume }}"
tags:
- configuration
become: true
- name: Write configuration files
ansible.builtin.template:
src: "{{ item }}.j2"
dest: "{{ outline_setup_path }}/{{ item }}"
mode: '0640'
loop:
- "docker-compose.yml"
- "env.deluge.conf"
- "env.radarr.conf"
- "env.sonarr.conf"
- "env.lidarr.conf"
- "env.jackett.conf"
tags:
- configuration
- name: Ensure all requested components are running.
community.docker.docker_compose:
project_src: "{{ outline_setup_path }}"
build: false
become: false

72
templates/docker-compose.yml.j2 Normal file
View File

@ -0,0 +1,72 @@
version: "3.3"
services:
redis:
image: docker.io/library/redis:alpine
command: --save 60 1 --loglevel warning
restart: unless-stopped
healthcheck:
test: ["CMD-SHELL", "redis-cli ping | grep PONG"]
start_period: 20s
interval: 30s
retries: 5
timeout: 3s
networks:
- outline
volumes:
- {{ outline_volume_redis }}:/data
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
postgres:
image: docker.io/library/postgres:12-alpine
env_file:
- "{{ outline_setup_path }}/env.db.conf"
restart: unless-stopped
healthcheck:
test: ["CMD-SHELL", "pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}"]
start_period: 20s
interval: 30s
retries: 5
timeout: 5s
networks:
- outline
{% if outline_db_port %}
ports:
- {{ outline_db_port }}:5432
{% endif %}
volumes:
- {{ outline_volume_db }}:/var/lib/postgresql/data
s3:
image: lphoward/fake-s3
env_file:
- "{{ outline_setup_path }}/env.s3.conf"
{% if outline_s3_port %}
ports:
- {{ outline_fake_s3_port }}:4569
{% endif %}
volumes:
- {{ outline_volume_s3 }}:/fakes3_root
networks:
- outline
outline:
image: outlinewiki/outline:latest
command: sh -c "yarn sequelize:migrate --env production-ssl-disabled && yarn start"
env_file:
- ./env.outline.conf
- ./env.oidc.conf
restart: always
ports:
- {{ outline_port }}:3000
depends_on:
- postgres
- redis
- s3
networks:
- outline
networks:
outline: {}

4
templates/env.db.conf.j2 Normal file
View File

@ -0,0 +1,4 @@
POSTGRES_USER={{ outline_db_user }}
POSTGRES_PASSWORD={{ outline_db_password }}
POSTGRES_DB={{ outline_db }}

18
templates/env.oidc.conf.j2 Normal file
View File

@ -0,0 +1,18 @@
# To configure generic OIDC auth, you'll need some kind of identity provider.
# See documentation for whichever IdP you use to acquire the following info:
# Redirect URI is https://<URL>/auth/oidc.callback
OIDC_CLIENT_ID={{ oidc_client_id }}
OIDC_CLIENT_SECRET={{ oidc_client_secret }}
OIDC_AUTH_URI= {{ oidc_auth_uri }}
OIDC_TOKEN_URI={{ oidc_token_uri }}
OIDC_USERINFO_URI={{ oidc_userinfo_uri }}
# Specify which claims to derive user information from
# Supports any valid JSON path with the JWT payload
OIDC_USERNAME_CLAIM=preferred_username
# Display name for OIDC authentication
OIDC_DISPLAY_NAME=OpenID
# Space separated auth scopes.
OIDC_SCOPES=openid profile email

79
templates/env.outline.conf.j2 Normal file
View File

@ -0,0 +1,79 @@
# Copy this file to .env, remove this comment and change the keys. For development
# with docker this should mostly work out of the box other than setting the Slack
# keys (for auth) and the SECRET_KEY.
#
# Please use `openssl rand -hex 32` to create SECRET_KEY
SECRET_KEY=generate_a_new_key
UTILS_SECRET=generate_a_new_key
DATABASE_URL=postgres://{{ outline_db_user }}:{{ outline_db_password }}@postgres:5432/{{ outline_db }}
DATABASE_URL_TEST=postgres://{{ outline_db_user }}:{{ outline_db_password }}@wk-postgres:5432/{{ outline_db }}_test
REDIS_URL=redis://redis:6379
# Must point to the publicly accessible URL for the installation
URL={{ outline_url }}
PORT=3000
# Optional. If using a Cloudfront distribution or similar the origin server
# should be set to the same as URL.
CDN_URL={{ outline_cdn_url }}
# enforce (auto redirect to) https in production, (optional) default is true.
# set to false if your SSL is terminated at a loadbalancer, for example
FORCE_HTTPS=true
ENABLE_UPDATES=true
DEBUG=cache,presenters,events,emails,mailer,utils,multiplayer,server,services
# Third party signin credentials (at least one is required)
SLACK_KEY=get_a_key_from_slack
SLACK_SECRET=get_the_secret_of_above_key
# To configure Google auth, you'll need to create an OAuth Client ID at
# => https://console.cloud.google.com/apis/credentials
#
# When configuring the Client ID, add an Authorized redirect URI:
# https://<your Outline URL>/auth/google.callback
GOOGLE_CLIENT_ID=
GOOGLE_CLIENT_SECRET=
# Comma separated list of domains to be allowed (optional)
# If not set, all Google apps domains are allowed by default
GOOGLE_ALLOWED_DOMAINS=
# Third party credentials (optional)
SLACK_VERIFICATION_TOKEN=
SLACK_APP_ID=A0XXXXXXX
SLACK_MESSAGE_ACTIONS=true
GOOGLE_ANALYTICS_ID=
SENTRY_DSN=
# AWS credentials (optional in development)
AWS_ACCESS_KEY_ID=get_a_key_from_aws
AWS_SECRET_ACCESS_KEY=get_the_secret_of_above_key
AWS_REGION=xx-xxxx-x
AWS_S3_UPLOAD_BUCKET_URL=http://s3:4569
AWS_S3_UPLOAD_BUCKET_NAME=outline-bucket
AWS_S3_UPLOAD_MAX_SIZE=26214400
AWS_S3_FORCE_PATH_STYLE=true
# uploaded s3 objects permission level, default is private
# set to "public-read" to allow public access
AWS_S3_ACL=private
# Emails configuration (optional)
SMTP_HOST=
SMTP_PORT=
SMTP_USERNAME=
SMTP_PASSWORD=
SMTP_FROM_EMAIL=
SMTP_REPLY_EMAIL=
# Custom logo that displays on the authentication screen, scaled to height: 60px
# TEAM_LOGO=https://example.com/images/logo.png
# See translate.getoutline.com for a list of available language codes and their
# percentage translated.
DEFAULT_LANGUAGE=en_US

0
templates/env.redis.conf.j2 Normal file
View File

0
templates/env.s3.conf.j2 Normal file
View File

2
tests/inventory Normal file
View File

@ -0,0 +1,2 @@
localhost

5
tests/test.yml Normal file
View File

@ -0,0 +1,5 @@
---
- hosts: localhost
remote_user: root
roles:
- outline

2
vars/main.yml Normal file
View File

@ -0,0 +1,2 @@
---
# vars file for outline