Initial commit

Signed-off-by: Julien Riou <julien@riou.xyz>

roles/firefly/tasks/main.yml

@@ -0,0 +1,47 @@
+---
+- name: Check requirements
+  ansible.builtin.assert:
+    that:
+      - firefly_static_cron_token is defined
+      - firefly_db_password is defined
+      - firefly_app_key is defined
+
+- name: Install dependencies
+  ansible.builtin.apt:
+    name:
+      - python3-docker
+      - python3-compose
+
+- name: Create directories
+  ansible.builtin.file:
+    path: /etc/firefly
+    state: directory
+
+- name: Create configuration files
+  ansible.builtin.template:
+    src: "{{ item }}.j2"
+    dest: "/etc/firefly/{{ item }}"
+    mode: "0600"
+  loop:
+    - docker-compose.yml
+    - db.env
+    - app.env
+
+- name: Start service
+  community.docker.docker_compose_v2:
+    project_src: /etc/firefly
+    files:
+      - docker-compose.yml
+
+- name: Allow with iptables
+  ansible.builtin.iptables:
+    chain: INPUT
+    protocol: tcp
+    source: "{{ item }}"
+    destination_ports:
+      - "{{ firefly_port }}"
+    jump: ACCEPT
+    comment: firefly
+  loop: "{{ firefly_allowed_sources }}"
+  notify: Save iptables
+  when: firefly_manage_iptables is truthy