✨: add koillection

roles/koillection/tasks/db.yml

@@ -0,0 +1,15 @@
+---
+
+- name: Create koillection db role
+  become_user: postgres
+  become: true
+  community.postgresql.postgresql_user:
+    name: "{{ koillection_pg_role }}"
+    password: "{{ koillection_pg_password }}"
+
+- name: Create koillection db
+  become_user: postgres
+  become: true
+  community.postgresql.postgresql_db:
+    name: "{{ koillection_pg_database }}"
+    owner: "{{ koillection_pg_role }}"

roles/koillection/tasks/main.yml

@@ -0,0 +1,55 @@
+---
+
+- name: Init db
+  ansible.builtin.include_tasks: db.yml
+
+- name: Create application directory
+  ansible.builtin.file:
+    state: directory
+    dest: "{{ koillection_home }}"
+    owner: root
+    group: www-data
+    mode: "0o750"
+
+- name: Install koillection application
+  ansible.builtin.unarchive:
+    remote_src: true
+    src: "{{ koillection_url }}"
+    dest: "{{ koillection_home }}"
+    owner: root
+    group: www-data
+    mode: "a-rwx,u+rwX,g+rX"
+    extra_opts: ['--strip-components=1']
+    exclude:
+      - .env
+      - config/jwt
+
+- name: Put config file
+  ansible.builtin.template:
+    src: "env.j2"
+    dest: "{{ koillection_home }}/.env"
+    owner: root
+    group: www-data
+    mode: "0o640"
+
+- name: Check writable dirs
+  ansible.builtin.file:
+    state: directory
+    dest: "{{ koillection_home }}/{{ item }}"
+    owner: root
+    group: www-data
+    mode: "g+w"
+    recurse: true
+  loop:
+    - "var"
+    - "config/jwt"
+    - "public/uploads"
+    - "public/tmp"
+
+- name: Run lexik jwt
+  become: true
+  become_user: www-data
+  ansible.builtin.command:
+    cmd: "php bin/console lexik:jwt:generate-keypair"
+    chdir: "{{ koillection_home }}"
+    creates: "{{ koillection_home }}/config/jwt/private.pem"