From cc2db9930bd14d2a743ac18a25e6c0f81c22c42c Mon Sep 17 00:00:00 2001
From: Julien Riou <julien@riou.xyz>
Date: Fri, 22 Aug 2025 19:31:43 +0200
Subject: [PATCH] feat: First release

Signed-off-by: Julien Riou <julien@riou.xyz>
---
 README.md                       | 42 +++++++++++++++++++++++++++++++-
 defaults/main.yml               |  5 ++++
 handlers/main.yml               |  4 +++
 meta/main.yml                   |  3 +++
 tasks/main.yml                  | 43 +++++++++++++++++++++++++++++++++
 tasks/manage-iptables.yml       | 16 ++++++++++++
 templates/docker-compose.yml.j2 | 13 ++++++++++
 7 files changed, 125 insertions(+), 1 deletion(-)
 create mode 100644 defaults/main.yml
 create mode 100644 handlers/main.yml
 create mode 100644 meta/main.yml
 create mode 100644 tasks/main.yml
 create mode 100644 tasks/manage-iptables.yml
 create mode 100644 templates/docker-compose.yml.j2

diff --git a/README.md b/README.md
index 1129d52..5a5b2e0 100644
--- a/README.md
+++ b/README.md
@@ -1,3 +1,43 @@
 # ansible-role-coller
 
-Ansible role to manage a coller instance
\ No newline at end of file
+Ansible role to manage a [coller](https://git.riou.xyz/jriou/coller) instance.
+
+## Installation
+
+Clone the repository in your local Ansible roles directory:
+
+```
+git clone https://git.riou.xyz/jriou/ansible-role-coller.git ~/.ansible/roles/coller
+```
+
+See [Storing and finding
+roles](https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_reuse_roles.html#storing-and-finding-roles).
+
+## Configuration
+
+See [Variable
+precedence](https://docs.ansible.com/ansible/latest/playbook_guide/playbooks_variables.html#ansible-variable-precedence)
+to find where you should put your own variables.
+
+Then define at least `coller_db_password` with a strong and secure password,
+encrypted using
+[ansible-vault](https://docs.ansible.com/ansible/latest/cli/ansible-vault.html).
+
+See list of [default variables](defaults/main.yml).
+
+
+## Usage
+
+Example of a basic coller.yml playbook:
+
+```yaml
+- hosts: coller
+  roles:
+    - coller
+```
+
+Then run the playbook:
+
+```
+ansible-playbook coller.yml
+```
diff --git a/defaults/main.yml b/defaults/main.yml
new file mode 100644
index 0000000..3ebcdba
--- /dev/null
+++ b/defaults/main.yml
@@ -0,0 +1,5 @@
+---
+coller_config_dir: /etc/coller
+coller_port: 8080
+coller_manage_iptables: false
+coller_allowed_sources: []
diff --git a/handlers/main.yml b/handlers/main.yml
new file mode 100644
index 0000000..aa0f296
--- /dev/null
+++ b/handlers/main.yml
@@ -0,0 +1,4 @@
+---
+- name: save iptables
+  ansible.builtin.shell:
+    cmd: netfilter-persistent save
diff --git a/meta/main.yml b/meta/main.yml
new file mode 100644
index 0000000..3f5647c
--- /dev/null
+++ b/meta/main.yml
@@ -0,0 +1,3 @@
+---
+dependencies:
+- role: geerlingguy.docker
diff --git a/tasks/main.yml b/tasks/main.yml
new file mode 100644
index 0000000..2681538
--- /dev/null
+++ b/tasks/main.yml
@@ -0,0 +1,43 @@
+---
+- name: download source code
+  ansible.builtin.git:
+    repo: https://git.riou.xyz/jriou/coller.git
+    dest: /opt/coller
+
+- name: create directories
+  ansible.builtin.file:
+    path: "{{ item }}"
+    state: directory
+    owner: root
+    group: root
+    mode: "0755"
+  loop:
+    - "{{ coller_config_dir }}"
+
+- name: create docker-compose file
+  ansible.builtin.template:
+    src: docker-compose.yml.j2
+    dest: "{{ coller_config_dir }}/docker-compose.yml"
+    owner: root
+    group: root
+    mode: "0644"
+
+- name: create configuration file
+  ansible.builtin.copy:
+    content:
+      listen_address: '0.0.0.0'
+    dest: "{{ coller_config_dir }}/collerd.json"
+    owner: root
+    group: root
+    mode: "0640"
+
+- name: start service
+  community.docker.docker_compose_v2:
+    project_src: "{{ coller_config_dir }}"
+    files:
+      - docker-compose.yml
+
+
+- name: manage iptables
+  when: coller_manage_iptables
+  ansible.builtin.include_tasks: manage-iptables.yml
diff --git a/tasks/manage-iptables.yml b/tasks/manage-iptables.yml
new file mode 100644
index 0000000..7626914
--- /dev/null
+++ b/tasks/manage-iptables.yml
@@ -0,0 +1,16 @@
+---
+- name: install packages
+  ansible.builtin.package:
+    name: netfilter-persistent
+
+- name: allow with iptables
+  ansible.builtin.iptables:
+    chain: INPUT
+    protocol: tcp
+    source: "{{ item }}"
+    destination_ports:
+      - "{{ coller_port }}"
+    jump: ACCEPT
+    comment: coller
+  loop: "{{ coller_allowed_sources }}"
+  notify: save iptables
diff --git a/templates/docker-compose.yml.j2 b/templates/docker-compose.yml.j2
new file mode 100644
index 0000000..4efdbaf
--- /dev/null
+++ b/templates/docker-compose.yml.j2
@@ -0,0 +1,13 @@
+---
+{{ ansible_managed | comment }}
+services:
+  server:
+    image: coller:latest
+    build: /opt/coller
+    container_name: collerd
+    restart: always
+    ports:
+      - "{{ coller_port }}:8080"
+    volumes:
+      - "{{ coller_config_dir }}/collerd.json:/etc/collerd.json:ro"
+    command: collerd -config /etc/collerd.json