Add support for etcd

docs/services/etcd.md

@@ -0,0 +1,44 @@
+# etcd
+
+[etcd](https://etcd.io/) is a strongly consistent, distributed key-value store that provides a reliable way to store data that needs to be accessed by a distributed system or cluster of machines. It gracefully handles leader elections during network partitions and can tolerate machine failure, even in the leader node.
+
+Our current setup and documentation are **aiming at running etcd for internal purposes** (as a dependency for other [services](../supported-services.md)).
+
+If you need a production deployment, you will need to install multiple etcd instances (on multiple machines) and connect them in a cluster.
+This is beyond the scope of our documentation here.
+
+## Configuration
+
+To enable this service, add the following configuration to your `vars.yml` file and re-run the [installation](../installing.md) process:
+
+```yaml
+########################################################################
+#                                                                      #
+# etcd                                                                 #
+#                                                                      #
+########################################################################
+
+etcd_enabled: true
+
+# By default, the playbook will set a root password by itself.
+# If you'd like to set your own, uncomment and explicitly set this.
+# etcd_environment_variable_etcd_root_password: ''
+
+# Uncomment this if you'd like to run etcd without password-protection.
+# etcd_environment_variable_allow_none_authentication: true
+
+########################################################################
+#                                                                      #
+# /etcd                                                                #
+#                                                                      #
+########################################################################
+```
+
+If you'd like to do something more advanced, the [`ansible-role-etcd` Ansible role](https://github.com/mother-of-all-self-hosting/ansible-role-etcd) is very configurable and should not get in your way of exposing ports or configuring arbitrary settings.
+
+Take a look at [its `default/main.yml` file](https://github.com/mother-of-all-self-hosting/ansible-role-etcd/blob/main/defaults/main.yml) for available Ansible variables you can use in your own `vars.yml` configuration file.
+
+
+## Usage
+
+As mentioned above, the purpose of the etcd component in this Ansible playbook is to serve as a dependency for other [services](../supported-services.md). For this use-case, you don't need to do anything special beyond enabling the component.

docs/supported-services.md

@@ -16,6 +16,7 @@
 | [Docker Registry Browser](https://github.com/klausmeyer/docker-registry-browser) | Web Interface for the Docker Registry HTTP API V2 written in Ruby on Rails | [Link](services/docker-registry-browser.md) |
 | [Docker Registry Purger](https://github.com/devture/docker-registry-purger) | A small tool used for purging a private Docker Registry's old tags | [Link](services/docker-registry-purger.md) |
 | [Echo IP](https://github.com/mpolden/echoip) | A simple service for looking up your IP address | [Link](services/echoip.md) |
+| [etcd](https://etcd.io/) | A distributed, reliable key-value store for the most critical data of a distributed system | [Link](services/etcd.md) |
 | [exim-relay](https://github.com/devture/exim-relay) | A lightweight [Exim](https://www.exim.org/) SMTP mail relay server | [Link](services/exim-relay.md) |
 | [Focalboard](https://www.focalboard.com/) | An open source, self-hosted alternative to [Trello](https://trello.com/), [Notion](https://www.notion.so/), and [Asana](https://asana.com/). | [Link](services/focalboard.md) |
 | [FreshRSS](https://freshrss.org/) | RSS and Atom feed aggregator. | [Link](services/freshrss.md) |

templates/group_vars_mash_servers

@@ -245,6 +245,11 @@ mash_playbook_devture_systemd_service_manager_services_list_auto_itemized:
     {{ ({'name': (echoip_identifier + '.service'), 'priority': 2000, 'groups': ['mash', 'echoip']} if echoip_enabled else omit) }}
   # /role-specific:echoip
 
+  # role-specific:etcd
+  - |-
+    {{ ({'name': (etcd_identifier + '.service'), 'priority': 500, 'groups': ['mash', 'etcd']} if etcd_enabled else omit) }}
+  # /role-specific:etcd
+
   # role-specific:exim_relay
   - |-
     {{ ({'name': (exim_relay_identifier + '.service'), 'priority': 2000, 'groups': ['mash', 'exim-relay']} if exim_relay_enabled else omit) }}
@@ -1490,6 +1495,32 @@ echoip_container_labels_traefik_tls_certResolver: "{{ devture_traefik_certResolv
 # /role-specific:echoip
 
 
+# role-specific:etcd
+########################################################################
+#                                                                      #
+# etcd                                                                 #
+#                                                                      #
+########################################################################
+
+etcd_enabled: false
+
+etcd_identifier: "{{ mash_playbook_service_identifier_prefix }}etcd"
+
+etcd_base_path: "{{ mash_playbook_base_path }}/{{ mash_playbook_service_base_directory_name_prefix }}etcd"
+
+etcd_uid: "{{ mash_playbook_uid }}"
+etcd_gid: "{{ mash_playbook_gid }}"
+
+etcd_environment_variable_etcd_root_password: "{{ '' if etcd_environment_variable_allow_none_authentication else ('%s' | format(mash_playbook_generic_secret_key) | password_hash('sha512', 'etcd', rounds=655555) | to_uuid) }}"
+
+########################################################################
+#                                                                      #
+# /etcd                                                                #
+#                                                                      #
+########################################################################
+# /role-specific:etcd
+
+
 # role-specific:exim_relay
 ########################################################################
 #                                                                      #

templates/requirements.yml

@@ -68,6 +68,10 @@
   version: v0.0.0-0
   name: echoip
   activation_prefix: echoip_
+- src: git+https://github.com/mother-of-all-self-hosting/ansible-role-etcd.git
+  version: v3.5.11-0
+  name: etcd
+  activation_prefix: etcd_
 - src: git+https://github.com/mother-of-all-self-hosting/ansible-role-exim-relay.git
   version: v4.97-r0-0-1
   name: exim_relay

templates/setup.yml

@@ -138,6 +138,10 @@
     - role: galaxy/echoip
     # /role-specific:echoip
 
+    # role-specific:etcd
+    - role: galaxy/etcd
+    # /role-specific:etcd
+
     # role-specific:exim_relay
     - role: galaxy/exim_relay
     # /role-specific:exim_relay