Add role for autobrr

ansible/roles/autobrr/tasks/main.yml

@@ -0,0 +1,46 @@
+- name: Create service user
+  user:
+    name: "{{ role_name }}"
+    system: true
+  register: service_user
+  become: true
+
+- name: Create install directory
+  file:
+    path: "{{ install_directory }}/{{ role_name }}"
+    state: directory
+    owner: "{{ docker_user }}"
+    mode: "{{ docker_compose_directory_mask }}"
+  become: true
+
+- name: Create config directory
+  file:
+    path: "{{ data_dir }}/{{ role_name }}"
+    state: directory
+    owner: "{{ service_user.uid }}"
+    group: "{{ docker_user }}"
+    mode: "{{ docker_compose_directory_mask }}"
+  become: true
+
+- name: Install config file
+  template:
+    src: "config.toml"
+    dest: "{{ data_dir }}/{{ role_name }}/config.toml"
+    owner: "{{ service_user.uid }}"
+    group: "{{ docker_user }}"
+  become: true
+
+- name: Copy docker-compose file to destination
+  template:
+    src: docker-compose.yml
+    dest: "{{ install_directory }}/{{ role_name }}/docker-compose.yml"
+    owner: "{{ docker_user }}"
+    mode: "{{ docker_compose_file_mask }}"
+    validate: docker compose -f %s config
+  become: true
+
+- name: Start docker container
+  community.docker.docker_compose_v2:
+    project_src: "{{ install_directory }}/{{ role_name }}"
+    pull: always
+    remove_orphans: yes

ansible/roles/autobrr/templates/config.toml

@@ -0,0 +1,8 @@
+# config.toml
+
+host = "0.0.0.0"
+
+# Default: 7474
+port = 7474
+
+sessionSecret = "7bae936f68b70a015b12b9b19a8a652a"

ansible/roles/autobrr/templates/docker-compose.yml

@@ -0,0 +1,23 @@
+version: "{{ docker_compose_version }}"
+
+networks:
+  traefik:
+    external: true
+
+services:
+  "{{ role_name }}":
+    container_name: "{{ role_name }}"
+    image: "ghcr.io/autobrr/autobrr:latest"
+    restart: unless-stopped
+    networks:
+      - traefik
+    user: "{{ service_user.uid }}:{{ service_user.uid }}"
+    environment:
+      - "TZ={{ timezone }}"
+    volumes:
+      - "{{ data_dir }}/{{ role_name }}:/config"
+    labels:
+      traefik.enable: true
+      traefik.http.routers.{{ role_name }}.rule: "Host(`{{ role_name }}.local.{{ personal_domain }}`)"
+      traefik.http.routers.{{ role_name }}.middlewares: lan-whitelist@file
+      traefik.http.services.{{ role_name }}.loadbalancer.server.port: {{ service_port }}

ansible/roles/autobrr/vars/main.yml

@@ -0,0 +1,10 @@
+service_port: 7474
+
+session_secret: !vault |
+  $ANSIBLE_VAULT;1.1;AES256
+  37633531366164363734323934653137636663393533356434323936393932383036666361373733
+  3430643961313935336130626431326564396534333262330a356165333437343462656533623366
+  66303066353135616665323230633133633434343638346461646339666330366561643166393133
+  3939636539393365660a386638393232646138313566323065376237643361383332336631396133
+  66336339343363356162303330363431346137613263626139663666623937336638303530656561
+  3236376239306261313232346537383264623461366565393839