Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/voidquark/privatebin
Ansible Role - PrivateBin
https://github.com/voidquark/privatebin
ansible ansible-galaxy ansible-playbook ansible-role podman podman-systemd privatebin redhat rhel rootless-container
Last synced: 20 days ago
JSON representation
Ansible Role - PrivateBin
- Host: GitHub
- URL: https://github.com/voidquark/privatebin
- Owner: voidquark
- License: mit
- Created: 2023-09-03T10:49:54.000Z (about 1 year ago)
- Default Branch: main
- Last Pushed: 2024-08-14T13:26:20.000Z (3 months ago)
- Last Synced: 2024-10-14T07:34:01.511Z (about 1 month ago)
- Topics: ansible, ansible-galaxy, ansible-playbook, ansible-role, podman, podman-systemd, privatebin, redhat, rhel, rootless-container
- Homepage: https://galaxy.ansible.com/ui/standalone/roles/voidquark/privatebin/
- Size: 32.2 KB
- Stars: 7
- Watchers: 1
- Forks: 3
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# PrivateBin - Ansible Role
[](LICENSE)
The Ansible PrivateBin Role empowers you to effortlessly deploy and manage a secure [PrivateBin](https://github.com/PrivateBin/PrivateBin) service using a rootless Podman container.
**🔑 Key Features**
- **🛡️ Root-less deployment**: PrivateBin is securely containerized and operates in a root-less mode within a user namespace. The container is managed through a systemd unit.
- **🔄 Idempotent deployment**: Role embraces idempotent deployment, ensuring that the state of your deployment always matches your desired inventory.
- **📦 Out-of-the-box Deployment**: Get Privatebin up and running quickly with default configurations that work seamlessly with Red Hat family systems. See [Quick Start](#quick-start) for easy setup.
- **🧩 Flexible Configuration**: Easily customize Privatebin configuration to match your specific requirements.
📢 **[Check the blog post](https://voidquark.com/blog/privatebin-deployment-with-rootless-podman-using-ansible-role/)** 📝 **Understand the rationale behind constructing this role in a specific manner.**
## Table of Content
- [Requirements](#requirements)
- [Role Variables](#role-variables)
- [Playbook](#playbook)
- [Quick Start](#quick-start)
## Requirements
- Ansible 2.10+
- Tested on `RHEL`/`RockyLinux` 9, but should work with compatible distributions.
- If the following Ansible collections are not already available in your environment, please install them: `ansible-galaxy collection install ansible.posix` and `ansible-galaxy collection install containers.podman`.
- Ensure that the `podman` and `loginctl` binaries are present on the target system.
## Role Variables
```yaml
privatebin_user: "privatebin"
```
OS user under which the PrivateBin container runs.
```yaml
privatebin_group: "privatebin"
```
OS group for the PrivateBin user.
```yaml
privatebin_dir: "/home/{{ privatebin_user }}/privatebin"
```
Default PrivateBin directory where all templates and configuration files are stored by Ansible.
```yaml
privatebin_data_dir: "{{ privatebin_dir }}/data"
```
Default PrivateBin data directory.
```yaml
privatebin_container_name: "privatebin"
```
Default name of the PrivateBin container.
```yaml
privatebin_container_image: "docker.io/privatebin/nginx-fpm-alpine:stable"
```
Default container image.
```yaml
privatebin_container_volumes:
- "{{ privatebin_data_dir }}:/srv/data:rw,Z"
- "{{ privatebin_dir }}/conf.php:/srv/cfg/conf.php:ro,Z"
```
By default, only the data directory and PrivateBin configuration file are mounted as container volumes. If you need to modify the `php.ini` or `nginx` configuration, you will need to append additional volumes.
```yaml
privatebin_container_publish: "8080:8080"
```
Default container port configuration is set to `8080` for both the host and container.
```yaml
privatebin_conf_raw: |
;