Initial commit.

This commit is contained in:
Laur Ivan 2022-10-07 14:31:40 +02:00
commit ced3dedd0e
24 changed files with 546 additions and 0 deletions

7
.gitignore vendored Normal file
View File

@ -0,0 +1,7 @@
*.retry
*/__pycache__
*.pyc
.cache
.venv
.env.yml
docker-compose.yml

29
.travis.yml Normal file
View File

@ -0,0 +1,29 @@
---
language: python
python: "2.7"
# Use the new container infrastructure
sudo: false
# Install ansible
addons:
apt:
packages:
- python-pip
install:
# Install ansible
- pip install ansible
# Check ansible version
- ansible --version
# Create ansible.cfg with correct roles_path
- printf '[defaults]\nroles_path=../' >ansible.cfg
script:
# Basic role syntax check
- ansible-playbook tests/test.yml -i tests/inventory --syntax-check
notifications:
webhooks: https://galaxy.ansible.com/api/v1/notifications/

33
.yamllint Normal file
View File

@ -0,0 +1,33 @@
---
# Based on ansible-lint config
extends: default
rules:
braces:
max-spaces-inside: 1
level: error
brackets:
max-spaces-inside: 1
level: error
colons:
max-spaces-after: -1
level: error
commas:
max-spaces-after: -1
level: error
comments: disable
comments-indentation: disable
document-start: disable
empty-lines:
max: 3
level: error
hyphens:
level: error
indentation: disable
key-duplicates: enable
line-length: disable
new-line-at-end-of-file: disable
new-lines:
type: unix
trailing-spaces: disable
truthy: disable

20
LICENSE Normal file
View File

@ -0,0 +1,20 @@
The MIT License (MIT)
Copyright (c) 2022 Laur Ivan
Permission is hereby granted, free of charge, to any person obtaining a copy of
this software and associated documentation files (the "Software"), to deal in
the Software without restriction, including without limitation the rights to
use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
the Software, and to permit persons to whom the Software is furnished to do so,
subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

38
README.md Normal file
View File

@ -0,0 +1,38 @@
Role Name
=========
A brief description of the role goes here.
Requirements
------------
Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required.
Role Variables
--------------
A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well.
Dependencies
------------
A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles.
Example Playbook
----------------
Including an example of how to use your role (for instance, with variables passed in as parameters) is always nice for users too:
- hosts: servers
roles:
- { role: username.rolename, x: 42 }
License
-------
BSD
Author Information
------------------
An optional section for the role authors to include contact information, or a website (HTML is not allowed).

3
TODO.md Normal file
View File

@ -0,0 +1,3 @@
# Roadmap
- [ ] Allow external postgres instance

33
defaults/main.yml Normal file
View File

@ -0,0 +1,33 @@
---
# defaults file for paperless
paperless_admin_user: "admin"
paperless_admin_password: "changeme"
paperless_image_version_redis: "7"
paperless_image_version_gotenberg: "7.4"
paperless_image_version_tika: "latest"
paperless_image_version_paperless: "latest"
paperless_setup_path: "~/paperless"
paperless_consumer_path: "/mnt/documents-consume"
paperless_volume_consume: "{{ paperless_consumer_path }}/consume"
paperless_volume_export: "{{ paperless_consumer_path }}/export"
paperless_volume_base: "/mnt/documents"
paperless_volume_media: "{{ paperless_volume_base }}/media"
paperless_volume_metadata: "{{ paperless_volume_base }}/data"
paperless_volume_redis: "{{ paperless_volume_base }}/redis"
paperless_volume_db: "{{ paperless_volume_base }}/db"
paperless_uid:
paperless_gid:
paperless_port: 38000
paperless_image_version_db: "13-alpine"
paperless_db_host: "postgres"
paperless_db_port: 5432
paperless_db_user: "paperless"
paperless_db_password: "changeme"

2
handlers/main.yml Normal file
View File

@ -0,0 +1,2 @@
---
# handlers file for paperless

34
meta/main.yml Normal file
View File

@ -0,0 +1,34 @@
galaxy_info:
author: Laur Ivan
namespace: laurivan
role_name: paperless
description: Paperless NGX installation via docker
license: MIT
min_ansible_version: "2.4"
min_ansible_container_version: "2.4"
platforms:
- name: Debian
versions:
- buster
- bullseye
- name: Ubuntu
versions:
- bionic
- focal
- jammy
- name: Alpine
version:
- all
- name: ArchLinux
versions:
- all
galaxy_tags:
- docker
- authentik
- sso
- authentication
dependencies: []

View File

@ -0,0 +1,15 @@
***********************************
Delegated driver installation guide
***********************************
Requirements
============
This driver is delegated to the developer. Up to the developer to implement
requirements.
Install
=======
This driver is delegated to the developer. Up to the developer to implement
requirements.

View File

@ -0,0 +1,23 @@
---
- name: Clean up
hosts: all
gather_facts: true
tasks:
- name: Check if the docker-compose file exists.
ansible.builtin.stat:
path: "~/paperless/docker-compose.yml"
register: docker_compose_file
- name: Remove docker-compose.
community.docker.docker_compose:
project_src: ~/paperless/
build: false
state: absent
when: docker_compose_file.stat.exists
become: false
- name: Remove the docker-compose file
ansible.builtin.file:
path: "~/paperless/docker-compose.yml"
state: absent
when: docker_compose_file.stat.exists

View File

@ -0,0 +1,11 @@
---
- name: Converge
hosts: all
# gather_facts: false
pre_tasks:
- name: "Include necessary variables"
ansible.builtin.include_vars:
file: "../../.env.yml"
roles:
- role: laurivan.paperless

View File

@ -0,0 +1,28 @@
---
- name: Destroy
hosts: localhost
connection: local
gather_facts: false
no_log: "{{ molecule_no_log }}"
tasks:
# Developer must implement.
- name: Remove the docker image
community.docker.docker_container:
name: instance-paperless
state: absent
# Mandatory configuration for Molecule to function.
- name: Populate instance config
ansible.builtin.set_fact:
instance_conf: {}
- name: Dump instance config
ansible.builtin.copy:
content: |
# Molecule managed
{{ instance_conf | to_json | from_json | to_yaml }}
dest: "{{ molecule_instance_config }}"
mode: 0600
when: server.changed | default(false) | bool

View File

@ -0,0 +1,30 @@
---
role_name_check: 1
dependency:
name: galaxy
options:
ignore-certs: true
ignore-errors: true
role-file: molecule/requirements.yml
requirements-file: molecule/requirements.yml
driver:
name: docker
platforms:
- name: instance-paperless
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest"
command: ${MOLECULE_DOCKER_COMMAND:-""}
volumes:
- /sys/fs/cgroup:/sys/fs/cgroup:ro
- /var/run/docker.sock:/tmp/docker_mounted.sock
privileged: true
pre_build_image: true
provisioner:
name: ansible
playbooks:
converge: ${MOLECULE_PLAYBOOK:-converge.yml}
verifier:
name: ansible
lint: |
set -e
yamllint .
ansible-lint .

View File

@ -0,0 +1,35 @@
---
- name: Setup the test machine
hosts: instance-paperless
tasks:
- name: Check if /var/run/docker.sock already exists
ansible.builtin.stat:
path: "/var/run/docker.sock"
register: docker_sock_stat
- name: Create docker.sock
raw: touch /var/run/docker.sock
become: true
changed_when: false
when: not docker_sock_stat.stat.exists
- name: Move docker.sock from tmp
raw: mount --move /tmp/docker_mounted.sock /var/run/docker.sock
become: true
changed_when: false
when: not docker_sock_stat.stat.exists
- name: Update apt cache.
apt: update_cache=yes cache_valid_time=600
when: ansible_os_family == 'Debian'
- name: Install python requests
pip:
name:
- requests
- docker
- docker-compose
- name: Install docker
vars:
docker_service_manage: false
include_role:
name: geerlingguy.docker

View File

@ -0,0 +1,10 @@
---
# This is an example playbook to execute Ansible tests.
- name: Verify
hosts: all
gather_facts: false
tasks:
- name: Example assertion
ansible.builtin.assert:
that: true

View File

@ -0,0 +1,4 @@
---
roles:
- geerlingguy.docker
collections: []

49
tasks/main.yml Normal file
View File

@ -0,0 +1,49 @@
---
# tasks file for paperless
- name: Set up main directory
ansible.builtin.file:
state: directory
path: "{{ item }}"
owner: "{{ ansible_effective_user_id }}"
group: "{{ ansible_effective_group_id }}"
mode: "0750"
with_items:
- "{{ paperless_setup_path | expanduser }}"
tags:
- configuration
become: true
- name: Set up data directories
ansible.builtin.file:
state: directory
path: "{{ item }}"
owner: "{% if paperless_uid %}{{ paperless_uid }}{% else %}{{ ansible_effective_user_id }}{% endif %}"
group: "{% if paperless_gid %}{{ paperless_gid }}{% else %}{{ ansible_effective_group_id }}{% endif %}"
mode: "0750"
with_items:
- "{{ paperless_volume_db }}"
- "{{ paperless_volume_media }}"
- "{{ paperless_volume_metadata }}"
- "{{ paperless_volume_consume }}"
- "{{ paperless_volume_export }}"
tags:
- configuration
become: true
- name: Write configuration files
ansible.builtin.template:
src: "{{ item }}.j2"
dest: "{{ paperless_setup_path | expanduser }}/{{ item }}"
mode: '0640'
loop:
- "docker-compose.yml"
- "env.paperless.conf"
- "env.db.conf"
tags:
- configuration
- name: Ensure all requested components are running.
community.docker.docker_compose:
project_src: "{{ paperless_setup_path | expanduser }}"
build: false
become: false

View File

@ -0,0 +1,101 @@
version: "3.3"
services:
# Redis
#
broker:
image: docker.io/library/redis:{{ paperless_image_version_redis }}
restart: unless-stopped
healthcheck:
test: ["CMD-SHELL", "redis-cli ping | grep PONG"]
start_period: 20s
interval: 30s
retries: 5
timeout: 3s
networks:
- paperless
volumes:
- {{ paperless_volume_redis }}:/data
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
{% if paperless_db_host == 'postgres' %}
# Postgres
#
postgres:
image: docker.io/library/postgres:{{ paperless_image_version_db }}
env_file:
- "{{ paperless_setup_path | expanduser }}/env.db.conf"
restart: unless-stopped
healthcheck:
test: ["CMD-SHELL", "pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}"]
start_period: 20s
interval: 30s
retries: 5
timeout: 5s
networks:
- paperless
{% if paperless_db_port %}
ports:
- {{ paperless_db_port }}:5432
{% endif %}
volumes:
- {{ paperless_volume_db }}:/var/lib/postgresql/data
{% else %}
#
# External database at "{{ paperless_db_schema }}:{{ paperless_db_host }}: {{ paperless_db_port }}"
#
{% endif %}
# Gotenberg
#
gotenberg:
image: "gotenberg/gotenberg:{{ paperless_image_version_gotenberg }}"
command:
- "gotenberg"
- "--chromium-disable-routes=true"
restart: unless-stopped
networks:
- paperless
# Apache TIKA
#
tika:
image: "ghcr.io/paperless-ngx/tika:{{ paperless_image_version_tika }}"
command:
- "gotenberg"
# - "--chromium-disable-routes=true"
restart: unless-stopped
networks:
- paperless
# The paperless image
#
paperless:
image: "ghcr.io/paperless-ngx/paperless-ngx:{{ paperless_image_version_paperless }}"
env_file:
- "{{ paperless_setup_path | expanduser }}/env.paperless.conf"
restart: unless-stopped
healthcheck:
test: ["CMD", "curl", "-fs", "-S", "--max-time", "2", "http://localhost:{{ paperless_port }}"]
interval: 30s
timeout: 10s
retries: 5
depends_on:
- broker
- gotenberg
- tika
{% if paperless_db_host == 'postgres' %}
- postgres
{% endif %}
ports:
- "{{ paperless_port }}:8000"
volumes:
- "{{ paperless_volume_media }}:/usr/src/paperless/media"
- "{{ paperless_volume_metadata }}:/usr/src/paperless/data"
- "{{ paperless_volume_consume }}:/usr/src/paperless/consume"
- "{{ paperless_volume_export }}:/usr/src/paperless/export"
networks:
- paperless
networks:
paperless: {}

3
templates/env.db.conf.j2 Normal file
View File

@ -0,0 +1,3 @@
POSTGRES_DB=paperless
POSTGRES_USER={{ paperless_db_user }}
POSTGRES_PASSWORD={{ paperless_db_password }}

View File

@ -0,0 +1,29 @@
PAPERLESS_DBHOST={{ paperless_db_host }}
PAPERLESS_DBSCHEMA={{ paperless_db_host }}
PAPERLESS_DBPORT={{ paperless_db_port }}
PAPERLESS_DBUSER={{ paperless_db_user }}
PAPERLESS_DBPASS={{ paperless_db_password }}
PAPERLESS_TIKA_ENABLED=1
PAPERLESS_TIKA_GOTENBERG_ENDPOINT=http://gotenberg:3000
PAPERLESS_TIKA_ENDPOINT=http://tika:9998
PAPERLESS_REDIS=redis://broker:6379
{% if paperless_uid %}
USERMAP_UID={{ paperless_uid }}
PUID={{ paperless_uid }}
{% else %}
USERMAP_UID={{ ansible_effective_user_id }}
PUID={{ ansible_effective_user_id }}
{% endif %}
{% if paperless_gid %}
USERMAP_GID={{ paperless_gid }}
PGID={{ paperless_gid }}
{% else %}
USERMAP_GID={{ ansible_effective_group_id }}
PGID={{ ansible_effective_group_id }}
{% endif %}
PAPERLESS_ADMIN_USER={{ paperless_admin_user }}
PAPERLESS_ADMIN_PASSWORD={{ paperless_admin_password }}

2
tests/inventory Normal file
View File

@ -0,0 +1,2 @@
localhost

5
tests/test.yml Normal file
View File

@ -0,0 +1,5 @@
---
- hosts: localhost
remote_user: root
roles:
- paperless

2
vars/main.yml Normal file
View File

@ -0,0 +1,2 @@
---
# vars file for paperless