Add I hate money

[IUCCA]

This PR adds the ansible-role for i hate money.
I hope that this time I have thought of all the places where a new service needs to be added.

[spatterIight]

Does the container support read-only mode?

[IUCCA]

No, the container writes the environment variables in /etc/ihatemoney/ihatemoney.cfg and also requires a writable /tmp.

Unfortunately, the container does not work rootless either, as the container writes the gid to /etc/group at the first start if you want to use an alternative gid

[IUCCA]

I have now experimented a bit with read-only and that works when /mash/ihatemoney/data is mounted to /etc/ihatemoney/. However, this assumes that /mash/ihatemoney/data belongs to root:root. The owner mash:mash does not work, even if you pass the ids via env file.

I have implemented this in the tag v6.1.5-1.

Or tag v6.1.5-0 without read-only and without mount to /etc/ihatemoney, then there is no file with the owner root:root in /mash/ihatemoney.

[spantaleev]

It's a bit unclear what ihatemoney_environment_variable_public actually does.

Should it be set to true at some point later?

[IUCCA]

If your instance is meant to be open for everyone to freely create projects, you would set it to true.
If your instance is intended for private use, and you want to restrict project creation to users with the admin password, you would set it to false (or simply not set it, as false is the default).

I have adapted the documentation a little, now it should be clearer

[spatterIight]

There are several Ansible variables defined in the role that do not seem to be used:

1. ihatemoney_scheme
2. ihatemoney_systemd_wanted_services_list
3. ihatemoney_container_image_force_pull
4. ihatemoney_container_additional_mounts
5. ihatemoney_container_labels_traefik_http_middlewares

These are all defined in defaults/main.yml but not actually used anywhere in the role.

[spatterIight]

These lines in the role confuse me:

# Controls the ihatemoney environment debug variable
ihatemoney_environment_variable_ihatemoney_port: 8000

https://github.com/IUCCA/ansible-role-ihatemoney/blob/36f63e48c0983a2122487309fce08ebcfda5c948/defaults/main.yml#L131C1-L132C54

Is the comment a typo?

[spatterIight]

In the role two environment variables are commented out:

#PUID={{ ihatemoney_uid }}
#PGID={{ ihatemoney_gid }}

Are these supposed to be commented out? If they don't do anything it may be better to just remove them

https://github.com/IUCCA/ansible-role-ihatemoney/blob/36f63e48c0983a2122487309fce08ebcfda5c948/templates/env.j2#L9