feat: add PBinCLI installation and configuration tasks; update EchoIP service to check for updates and clean up files

config/ansible/tasks/global/global.yml

@@ -49,6 +49,28 @@
     state: present
   become: true
 
+# --- PBinCLI via pipx ---
+- name: Ensure pbincli is installed with pipx
+  ansible.builtin.command: pipx install pbincli
+  args:
+    creates: ~/.local/bin/pbincli
+  environment:
+    PIPX_DEFAULT_PYTHON: /usr/bin/python3
+  become: false
+
+- name: Ensure ~/.config/pbincli directory exists
+  ansible.builtin.file:
+    path: "{{ ansible_env.HOME }}/.config/pbincli"
+    state: directory
+    mode: "0755"
+
+- name: Configure pbincli to use custom server
+  ansible.builtin.copy:
+    dest: "{{ ansible_env.HOME }}/.config/pbincli/pbincli.conf"
+    content: |
+      server=https://bin.mvl.sh
+    mode: "0644"
+
 - name: Include WSL2 tasks
   ansible.builtin.import_tasks: tasks/global/wsl.yml
   when: "'microsoft-standard-WSL2' in ansible_kernel"

config/ansible/tasks/servers/server.yml

@@ -13,6 +13,9 @@
       tags:
         - juicefs
 
+    # Note: Per-service tags should be set in each service's task file (e.g., privatebin.yml).
+    # The tags here are static and allow selection by service name.
+    # To target a specific service, use '--tags services,privatebin' so the include is processed and the inner tag matches.
     - name: Include service tasks
       ansible.builtin.include_tasks: "services/{{ item.name }}/{{ item.name }}.yml"
       loop: "{{ services }}"
@@ -21,6 +24,7 @@
         label: "{{ item.name }}"
       tags:
         - services
+
   vars:
     services:
       - name: caddy

config/ansible/tasks/servers/services/echoip/echoip.yml

@@ -10,6 +10,16 @@
         maxmind_license_key: "{{ lookup('community.general.onepassword', 'MaxMind',
           vault='Dotfiles', field='license_key') | regex_replace('\\s+', '') }}"
 
+    # Requires: gather_facts: true in playbook
+    - name: Check last update marker file
+      ansible.builtin.stat:
+        path: "{{ echoip_data_dir }}/.last_update"
+      register: echoip_update_marker
+
+    - name: Determine if update is needed (older than 24h or missing)
+      ansible.builtin.set_fact:
+        update_needed: "{{ (not echoip_update_marker.stat.exists) or ((ansible_date_time.epoch | int) - (echoip_update_marker.stat.mtime | default(0) | int) > 86400) }}"
+
     - name: Create EchoIP directory
       ansible.builtin.file:
         path: "{{ echoip_service_dir }}"
@@ -22,109 +32,120 @@
         state: directory
         mode: "0755"
 
-    # Create directories for extracted databases
-    - name: Create directory for ASN database extraction
-      ansible.builtin.file:
-        path: "{{ echoip_data_dir }}/GeoLite2-ASN"
-        state: directory
-        mode: "0755"
+    # Only update databases if needed (max once per 24h)
+    - block:
+        # Touch the marker file BEFORE attempting download to prevent repeated attempts on failure
+        - name: Update last update marker file (pre-download)
+          ansible.builtin.file:
+            path: "{{ echoip_data_dir }}/.last_update"
+            state: touch
 
-    - name: Create directory for City database extraction
-      ansible.builtin.file:
-        path: "{{ echoip_data_dir }}/GeoLite2-City"
-        state: directory
-        mode: "0755"
+        # Create directories for extracted databases
+        - name: Create directory for ASN database extraction
+          ansible.builtin.file:
+            path: "{{ echoip_data_dir }}/GeoLite2-ASN"
+            state: directory
+            mode: "0755"
 
-    - name: Create directory for Country database extraction
-      ansible.builtin.file:
-        path: "{{ echoip_data_dir }}/GeoLite2-Country"
-        state: directory
-        mode: "0755"
+        - name: Create directory for City database extraction
+          ansible.builtin.file:
+            path: "{{ echoip_data_dir }}/GeoLite2-City"
+            state: directory
+            mode: "0755"
 
-    # Download all databases
-    - name: Download GeoLite2 ASN database
-      ansible.builtin.get_url:
-        url: "https://download.maxmind.com/app/geoip_download?edition_id=GeoLite2-ASN&license_key={{ maxmind_license_key }}&suffix=tar.gz"
-        dest: "{{ echoip_data_dir }}/GeoLite2-ASN.tar.gz"
-        mode: "0644"
+        - name: Create directory for Country database extraction
+          ansible.builtin.file:
+            path: "{{ echoip_data_dir }}/GeoLite2-Country"
+            state: directory
+            mode: "0755"
 
-    - name: Download GeoLite2 City database
-      ansible.builtin.get_url:
-        url: "https://download.maxmind.com/app/geoip_download?edition_id=GeoLite2-City&license_key={{ maxmind_license_key }}&suffix=tar.gz"
-        dest: "{{ echoip_data_dir }}/GeoLite2-City.tar.gz"
-        mode: "0644"
+        # Download all databases
+        - name: Download GeoLite2 ASN database
+          ansible.builtin.get_url:
+            url: "https://download.maxmind.com/app/geoip_download?edition_id=GeoLite2-ASN&license_key={{ maxmind_license_key }}&suffix=tar.gz"
+            dest: "{{ echoip_data_dir }}/GeoLite2-ASN.tar.gz"
+            mode: "0644"
 
-    - name: Download GeoLite2 Country database
-      ansible.builtin.get_url:
-        url: "https://download.maxmind.com/app/geoip_download?edition_id=GeoLite2-Country&license_key={{ maxmind_license_key }}&suffix=tar.gz"
-        dest: "{{ echoip_data_dir }}/GeoLite2-Country.tar.gz"
-        mode: "0644"
+        - name: Download GeoLite2 City database
+          ansible.builtin.get_url:
+            url: "https://download.maxmind.com/app/geoip_download?edition_id=GeoLite2-City&license_key={{ maxmind_license_key }}&suffix=tar.gz"
+            dest: "{{ echoip_data_dir }}/GeoLite2-City.tar.gz"
+            mode: "0644"
 
-    # Extract all databases
-    - name: Extract GeoLite2 ASN database
-      ansible.builtin.unarchive:
-        src: "{{ echoip_data_dir }}/GeoLite2-ASN.tar.gz"
-        dest: "{{ echoip_data_dir }}/GeoLite2-ASN"
-        remote_src: true
-      register: asn_extracted
+        - name: Download GeoLite2 Country database
+          ansible.builtin.get_url:
+            url: "https://download.maxmind.com/app/geoip_download?edition_id=GeoLite2-Country&license_key={{ maxmind_license_key }}&suffix=tar.gz"
+            dest: "{{ echoip_data_dir }}/GeoLite2-Country.tar.gz"
+            mode: "0644"
 
-    - name: Extract GeoLite2 City database
-      ansible.builtin.unarchive:
-        src: "{{ echoip_data_dir }}/GeoLite2-City.tar.gz"
-        dest: "{{ echoip_data_dir }}/GeoLite2-City"
-        remote_src: true
-      register: city_extracted
+        # Extract all databases
+        - name: Extract GeoLite2 ASN database
+          ansible.builtin.unarchive:
+            src: "{{ echoip_data_dir }}/GeoLite2-ASN.tar.gz"
+            dest: "{{ echoip_data_dir }}/GeoLite2-ASN"
+            remote_src: true
+          register: asn_extracted
 
-    - name: Extract GeoLite2 Country database
-      ansible.builtin.unarchive:
-        src: "{{ echoip_data_dir }}/GeoLite2-Country.tar.gz"
-        dest: "{{ echoip_data_dir }}/GeoLite2-Country"
-        remote_src: true
-      register: country_extracted
+        - name: Extract GeoLite2 City database
+          ansible.builtin.unarchive:
+            src: "{{ echoip_data_dir }}/GeoLite2-City.tar.gz"
+            dest: "{{ echoip_data_dir }}/GeoLite2-City"
+            remote_src: true
+          register: city_extracted
 
-    # Move all databases to the correct locations
-    - name: Move ASN database to correct location
-      ansible.builtin.command:
-        cmd: "find {{ echoip_data_dir }}/GeoLite2-ASN -name GeoLite2-ASN.mmdb -exec mv {} {{ echoip_data_dir }}/GeoLite2-ASN.mmdb \\;"
-      when: asn_extracted.changed
+        - name: Extract GeoLite2 Country database
+          ansible.builtin.unarchive:
+            src: "{{ echoip_data_dir }}/GeoLite2-Country.tar.gz"
+            dest: "{{ echoip_data_dir }}/GeoLite2-Country"
+            remote_src: true
+          register: country_extracted
 
-    - name: Move City database to correct location
-      ansible.builtin.command:
-        cmd: "find {{ echoip_data_dir }}/GeoLite2-City -name GeoLite2-City.mmdb -exec mv {} {{ echoip_data_dir }}/GeoLite2-City.mmdb \\;"
-      when: city_extracted.changed
+        # Move all databases to the correct locations
+        - name: Move ASN database to correct location
+          ansible.builtin.command:
+            cmd: "find {{ echoip_data_dir }}/GeoLite2-ASN -name GeoLite2-ASN.mmdb -exec mv {} {{ echoip_data_dir }}/GeoLite2-ASN.mmdb \\;"
+          when: asn_extracted.changed
 
-    - name: Move Country database to correct location
-      ansible.builtin.command:
-        cmd: "find {{ echoip_data_dir }}/GeoLite2-Country -name GeoLite2-Country.mmdb -exec mv {} {{ echoip_data_dir }}/GeoLite2-Country.mmdb \\;"
-      when: country_extracted.changed
+        - name: Move City database to correct location
+          ansible.builtin.command:
+            cmd: "find {{ echoip_data_dir }}/GeoLite2-City -name GeoLite2-City.mmdb -exec mv {} {{ echoip_data_dir }}/GeoLite2-City.mmdb \\;"
+          when: city_extracted.changed
 
-    # Clean up unnecessary files
-    - name: Remove downloaded tar.gz files
-      ansible.builtin.file:
-        path: "{{ echoip_data_dir }}/GeoLite2-ASN.tar.gz"
-        state: absent
+        - name: Move Country database to correct location
+          ansible.builtin.command:
+            cmd: "find {{ echoip_data_dir }}/GeoLite2-Country -name GeoLite2-Country.mmdb -exec mv {} {{ echoip_data_dir }}/GeoLite2-Country.mmdb \\;"
+          when: country_extracted.changed
 
-    - name: Remove extracted ASN folder
-      ansible.builtin.command:
-        cmd: "rm -rf {{ echoip_data_dir }}/GeoLite2-ASN"
+        # Clean up unnecessary files
+        - name: Remove downloaded tar.gz files
+          ansible.builtin.file:
+            path: "{{ echoip_data_dir }}/GeoLite2-ASN.tar.gz"
+            state: absent
 
-    - name: Remove downloaded City tar.gz file
-      ansible.builtin.file:
-        path: "{{ echoip_data_dir }}/GeoLite2-City.tar.gz"
-        state: absent
+        - name: Remove extracted ASN folder
+          ansible.builtin.command:
+            cmd: "rm -rf {{ echoip_data_dir }}/GeoLite2-ASN"
 
-    - name: Remove extracted City folder
-      ansible.builtin.command:
-        cmd: "rm -rf {{ echoip_data_dir }}/GeoLite2-City"
+        - name: Remove downloaded City tar.gz file
+          ansible.builtin.file:
+            path: "{{ echoip_data_dir }}/GeoLite2-City.tar.gz"
+            state: absent
 
-    - name: Remove downloaded Country tar.gz file
-      ansible.builtin.file:
-        path: "{{ echoip_data_dir }}/GeoLite2-Country.tar.gz"
-        state: absent
+        - name: Remove extracted City folder
+          ansible.builtin.command:
+            cmd: "rm -rf {{ echoip_data_dir }}/GeoLite2-City"
 
-    - name: Remove extracted Country folder
-      ansible.builtin.command:
-        cmd: "rm -rf {{ echoip_data_dir }}/GeoLite2-Country"
+        - name: Remove downloaded Country tar.gz file
+          ansible.builtin.file:
+            path: "{{ echoip_data_dir }}/GeoLite2-Country.tar.gz"
+            state: absent
+
+        - name: Remove extracted Country folder
+          ansible.builtin.command:
+            cmd: "rm -rf {{ echoip_data_dir }}/GeoLite2-Country"
+
+        # Update the marker file (no longer needed here, already touched before download)
+      when: update_needed
 
     # Deploy and restart the EchoIP service
     - name: Deploy EchoIP docker-compose.yml

config/ansible/tasks/servers/services/privatebin/docker-compose.yml.j2

@@ -5,6 +5,8 @@ services:
     restart: always
     read_only: true
     user: "1000:1000"
+    ports:
+      - "8585:8080"
     environment:
       - PUID=1000
       - PGID=1000