✨ Add Glpi

README.md

@@ -81,6 +81,7 @@ If you have a spare domain name you can configure applications to be accessible
 * [Gitea](https://gitea.io/en-us/) - Simple self-hosted GitHub clone
 * [GitLab](https://about.gitlab.com/features/) - Self-hosted GitHub clone of the highest order
 * [Glances](https://nicolargo.github.io/glances/) - for seeing the state of your system via a web browser
+* [Glpi](https://github.com/glpi-project/glpi) - Free Asset and IT Management Software package
 * [Gotify](https://gotify.net/) - Self-hosted server for sending push notifications
 * [Grafana](https://grafana.com/) - Query, visualize, alert on, and understand your data no matter where it’s stored (via stats role).
 * [Graylog](https://www.graylog.org/) - Free and open source log management

nas.yml

@@ -313,6 +313,10 @@
       tags:
         - glances
 
+    - role: glpi
+      tags:
+        - glpi
+
     - role: gotify
       tags:
         - gotify

roles/glpi/defaults/main.yml

@@ -0,0 +1,47 @@
+---
+glpi_enabled: false
+
+# Networking
+glpi_available_externally: false
+glpi_port: "8177"
+glpi_hostname: "glpi"
+glpi_network_name: "glpi"
+
+# Directories
+glpi_data_directory: "{{ docker_home }}/glpi"
+
+# Security
+glpi_basic_auth_user: "glpi_user"
+glpi_basic_auth_password: "glpi_change_me"
+
+# docker
+glpi_container_name: "glpi"
+glpi_image_name: "elestio/glpi"
+glpi_image_version: "latest"
+glpi_mysql_container_name: "glpi-mysql"
+glpi_mysql_image_name: "elestio/mysql"
+glpi_mysql_image_version: "8.0"
+
+# specs
+glpi_memory: 1g
+glpi_mysql_memory: 1g
+
+# glpi
+glpi_timezone: "{{ ansible_nas_timezone }}"
+glpi_admin_email: "[email protected]"
+glpi_admin_password: "change_me"
+glpi_domain: "{{ ansible_nas_domain }}"
+glpi_mysql_root_password: "super_secure"
+glpi_mysql_database: "glpidb"
+glpi_mysql_user: "glpi"
+glpi_mysql_password: "change_me"
+
+glpi_env:
+  TIMEZONE: "{{ glpi_timezone }}"
+  ADMIN_EMAIL: "{{ glpi_admin_email }}"
+  ADMIN_PASSWORD: "{{ glpi_admin_password }}"
+  DOMAIN: "{{ glpi_domain }}"
+  MYSQL_ROOT_PASSWORD: "{{ glpi_mysql_root_password }}"
+  MYSQL_DATABASE: "{{ glpi_mysql_database }}"
+  MYSQL_USER: "{{ glpi_mysql_user }}"
+  MYSQL_PASSWORD: "{{ glpi_mysql_password }}"

roles/glpi/molecule/default/molecule.yml

@@ -0,0 +1,17 @@
+---
+platforms:
+  - name: instance
+    image: geerlingguy/docker-ubuntu2204-ansible:latest
+    volumes:
+      - /sys/fs/cgroup:/sys/fs/cgroup:ro
+      - /var/run/docker.sock:/var/run/docker.sock
+      - /tmp:/tmp:rw
+    privileged: true
+    pre_build_image: true
+
+provisioner:
+  inventory:
+    group_vars:
+      all:
+        glpi_enabled: true
+        glpi_data_directory: "/tmp/glpi"

roles/glpi/molecule/default/side_effect.yml

@@ -0,0 +1,10 @@
+---
+- name: Stop
+  hosts: all
+  become: true
+  tasks:
+    - name: "Include {{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }} role"
+      ansible.builtin.include_role:
+        name: "{{ lookup('env', 'MOLECULE_PROJECT_DIRECTORY') | basename }}"
+      vars:
+        glpi_enabled: false

roles/glpi/molecule/default/verify.yml

@@ -0,0 +1,26 @@
+---
+- name: Verify
+  hosts: all
+  gather_facts: false
+  tasks:
+    - name: Include vars
+      ansible.builtin.include_vars:
+        file: ../../defaults/main.yml
+
+    - name: Get glpi mysql container state
+      community.docker.docker_container:
+        name: "{{ glpi_mysql_container_name }}"
+      register: result_mysql
+
+    - name: Get glpi container state
+      community.docker.docker_container:
+        name: "{{ glpi_container_name }}"
+      register: result
+
+    - name: Check if glpi containers are running
+      ansible.builtin.assert:
+        that:
+          - result_mysql.container['State']['Status'] == "running"
+          - result_mysql.container['State']['Restarting'] == false
+          - result.container['State']['Status'] == "running"
+          - result.container['State']['Restarting'] == false

roles/glpi/molecule/default/verify_stopped.yml

@@ -0,0 +1,26 @@
+---
+- name: Verify
+  hosts: all
+  gather_facts: false
+  tasks:
+    - name: Include vars
+      ansible.builtin.include_vars:
+        file: ../../defaults/main.yml
+
+    - name: Try and stop and remove glpi
+      community.docker.docker_container:
+        name: "{{ glpi_container_name }}"
+        state: absent
+      register: result
+
+    - name: Try and stop and remove glpi mysql
+      community.docker.docker_container:
+        name: "{{ glpi_mysql_container_name }}"
+        state: absent
+      register: result_mysql
+
+    - name: Check if glpi is stopped
+      ansible.builtin.assert:
+        that:
+          - not result.changed
+          - not result_mysql.changed

roles/glpi/requirements.yml

@@ -0,0 +1 @@
+../../requirements.yml

roles/glpi/tasks/main.yml

@@ -0,0 +1,74 @@
+---
+- name: Start Glpi
+  block:
+    - name: Create Glpi Directory
+      ansible.builtin.file:
+        path: "{{ item }}"
+        state: directory
+      with_items:
+        - "{{ glpi_data_directory }}"
+        - "{{ glpi_data_directory }}/storage"
+        - "{{ glpi_data_directory }}/apache"
+
+    - name: Create Glpi network
+      community.docker.docker_network:
+        name: "{{ glpi_network_name }}"
+
+    - name: Create Glpi Mysql Docker Container
+      community.docker.docker_container:
+        name: "{{ glpi_mysql_container_name }}"
+        image: "{{ glpi_mysql_image_name }}:{{ glpi_mysql_image_version }}"
+        pull: true
+        env: "{{ glpi_env }}"
+        volumes:
+          - "{{ glpi_data_directory }}/mysql:/var/lib/mysql:rw"
+        networks:
+          - name: "{{ glpi_network_name }}"
+        network_mode: "{{ glpi_network_name }}"
+        restart_policy: unless-stopped
+        memory: "{{ glpi_mysql_memory }}"
+        labels:
+          traefik.enable: "false"
+
+
+    - name: Pause for 70 seconds to wait for DB to get up
+      ansible.builtin.pause:
+        seconds: 70
+
+    - name: Create Glpi Docker Container
+      community.docker.docker_container:
+        name: "{{ glpi_container_name }}"
+        image: "{{ glpi_image_name }}:{{ glpi_image_version }}"
+        pull: true
+        ports:
+          - "{{ glpi_port }}:80"
+        volumes:
+            - "/etc/timezone:/etc/timezone:ro"
+            - "/etc/localtime:/etc/localtime:ro"
+            - "{{ glpi_data_directory }}/storage/var/www/html/glpi/:/var/www/html/glpi"
+        networks:
+          - name: "{{ glpi_network_name }}"
+        network_mode: "{{ glpi_network_name }}"
+        restart_policy: unless-stopped
+        memory: "{{ glpi_memory }}"
+        env: "{{ glpi_env }}"
+        labels:
+          traefik.enable: "{{ glpi_available_externally | string }}"
+          traefik.http.routers.glpi.rule: "Host(`{{ glpi_hostname }}.{{ ansible_nas_domain }}`)"
+          traefik.http.routers.glpi.tls.certresolver: "letsencrypt"
+          traefik.http.routers.glpi.tls.domains[0].main: "{{ ansible_nas_domain }}"
+          traefik.http.routers.glpi.tls.domains[0].sans: "*.{{ ansible_nas_domain }}"
+          traefik.http.services.glpi.loadbalancer.server.port: "80"
+  when: glpi_enabled is true
+
+- name: Stop Glpi
+  block:
+    - name: Stop Glpi
+      community.docker.docker_container:
+        name: "{{ glpi_container_name }}"
+        state: absent
+    - name: Stop Glpi Mysql
+      community.docker.docker_container:
+        name: "{{ glpi_mysql_container_name }}"
+        state: absent
+  when: glpi_enabled is false

website/docs/applications/system-tools/glpi.md

@@ -0,0 +1,14 @@
+---
+title: "Glpi"
+description: "An open-source UI-first Identity and Access Management (IAM) / Single-Sign-On (SSO) platform"
+---
+
+Homepage: [https://github.com/glpi-project/glpi](https://github.com/glpi-project/glpi)
+
+GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing.
+
+## Usage
+
+Set `glpi_enabled: true` in your `inventories/<your_inventory>/group_vars/nas.yml`. Run the playbook.
+
+Glpi web interface can be found at [http://ansible_nas_host_or_ip:8177](http://ansible_nas_host_or_ip:8177). Go to that page and perform initial setup - provide the db docker container name and MySQL credentials. Then wait a loooong time for the DB to be initialized.