init pocketid

ansible/roles/pocketid/tasks/templates/docker-compose.yaml.j2

@@ -0,0 +1,21 @@
+secrets:
+  pocket_id_encryption_key:
+    file: ./pocket_id_encryption_key
+services:
+  pocket-id:
+    image: ghcr.io/pocket-id/pocket-id:v{{ pocket_id_version }}
+    restart: unless-stopped
+    env_file: .env
+    ports:
+      - 1411:1411
+    volumes:
+      - "./data:/app/data"
+    # Optional healthcheck
+    healthcheck:
+      test: [ "CMD", "/app/pocket-id", "healthcheck" ]
+      interval: 1m30s
+      timeout: 5s
+      retries: 2
+      start_period: 10s
+    secrets:
+      - pocket_id_encryption_key

ansible/roles/pocketid/tasks/templates/pocket_id_encryption_key.j2

@@ -0,0 +1 @@
+{{ pocket_id_encryption_key }}

ansible/roles/pocketid/tasks/templates/pocketid.env.j2

@@ -0,0 +1,18 @@
+# See the documentation for more information: https://pocket-id.org/docs/configuration/environment-variables
+
+# These variables must be configured for your deployment:
+APP_URL=https://{{ inventory_hostname }}
+
+# Encryption key (choose one method):
+# Method 1: Direct key (simple but less secure)
+# Generate with: openssl rand -base64 32
+# ENCRYPTION_KEY=
+# Method 2: File-based key (recommended)
+# Put the base64 key in a file and point to it here.
+ENCRYPTION_KEY_FILE=/run/secrets/pocket_id_encryption_key
+
+# These variables are optional but recommended to review:
+TRUST_PROXY=false
+MAXMIND_LICENSE_KEY=
+PUID=1050
+PGID=1050