diff --git a/group_vars/all b/group_vars/all index d5868f64..c5d082cc 100644 --- a/group_vars/all +++ b/group_vars/all @@ -5,8 +5,8 @@ ip4_address: "127.0.0.1" # Change thie in inventory to the ip address backups_folder_path: "/Backups/" # Path to the backups folder # Administrator -administrator_username: "administrator" # Username of the administrator -administrator_email: "{{administrator_username}}@{{top_domain}}" # Email of the administrator +administrator_username: "administrator" # Username of the administrator +administrator_email: "{{administrator_username}}@{{top_domain}}" # Email of the administrator # Email Configuration system_email_local: no-reply @@ -148,6 +148,7 @@ domain_funkwhale: "music.{{top_domain}}" domain_gitea: "git.{{top_domain}}" domain_gitlab: "gitlab.{{top_domain}}" domain_portfolio: "{{top_domain}}" +domain_keycloak: "auth.{{top_domain}}" domain_listmonk: "newsletter.{{top_domain}}" domain_mailu: "{{system_email_host}}" domain_mastodon: "microblog.{{top_domain}}" @@ -174,6 +175,7 @@ redirect_domain_mappings: - { source: "discourse.{{top_domain}}", target: "{{domain_discourse}}" } - { source: "funkwhale.{{top_domain}}", target: "{{domain_funkwhale}}" } - { source: "gitea.{{top_domain}}", target: "{{domain_gitea}}" } +- { source: "keycloak.{{top_domain}}", target: "{{domain_keycloak}}" } - { source: "listmonk.{{top_domain}}", target: "{{domain_listmonk}}" } - { source: "moodle.{{top_domain}}", target: "{{domain_moodle}}" } - { source: "nextcloud.{{top_domain}}", target: "{{domain_nextcloud}}" } @@ -185,6 +187,7 @@ redirect_domain_mappings: - { source: "taiga.{{top_domain}}", target: "{{domain_taiga}}" } - { source: "videos.{{top_domain}}", target: "{{domain_peertube}}" } + ## Docker Applications ### Enable Central MariaDB @@ -194,9 +197,6 @@ enable_central_database_mailu: "{{enable_central_database}}" ### Enable Storage Optimizer for Docker Volumes enable_system_storage_optimizer: true -### Common Configurations -postgres_default_version: "16" - ### Docker Role Specific Parameters docker_restart_policy: "unless-stopped" @@ -206,22 +206,57 @@ akaunting_company_name: "{{top_domain}}" akaunting_company_email: "{{administrator_email}}" akaunting_setup_admin_email: "{{administrator_email}}" +#### Attendize +attendize_version: "latest" + +#### Baserow +baserow_version: "latest" + #### Big Blue Button bigbluebutton_enable_greenlight: "true" +#### Bluesky +bluesky_administrator_email: "{{administrator_email}}" +bluesky_pds_version: "latest" + +#### Friendica +friendica_version: "latest" + +#### Gitea +gitea_version: "latest" + +#### Gitlab +gitlab_version: "latest" + +#### Joomla +joomla_version: "latest" + +#### Keycloak +keycloak_version: "latest" +keycloak_administrator_username: "{{administrator_username}}" + #### Listmonk listmonk_admin_username: "admin" listmonk_public_api_activated: False # Security hole. Can be used for spaming +listmonk_version: "latest" + +#### MariaDB +mariadb_version: "latest" + +#### Matomo +matomo_version: "latest" #### Mastodon mastodon_version: "latest" mastodon_single_user_mode: false #### Matrix -matrix_admin_name: "{{administrator_username}}" # Accountname of the matrix admin -matrix_playbook_tags: "setup-all,start" # For the initial update use: install-all,ensure-matrix-users-created,start -matrix_role: "compose" # Role to setup Matrix. Valid values: ansible, compose -matrix_server_name: "{{top_domain}}" # Adress for the account names etc. +matrix_administrator_username: "{{administrator_username}}" # Accountname of the matrix admin +matrix_playbook_tags: "setup-all,start" # For the initial update use: install-all,ensure-matrix-users-created,start +matrix_role: "compose" # Role to setup Matrix. Valid values: ansible, compose +matrix_server_name: "{{top_domain}}" # Adress for the account names etc. +matrix_synapse_version: "latest" +matrix_element_version: "latest" #### Mailu mailu_version: "2024.06" @@ -229,9 +264,13 @@ mailu_domain: "{{top_domain}}" mailu_subnet: "192.168.203.0/24" #### Moodle -moodle_site_name: "Global Learning Academy on {{top_domain}}" -moodle_user_name: "{{administrator_username}}" -moodle_user_email: "{{administrator_email}}" +moodle_site_name: "Global Learning Academy on {{top_domain}}" +moodle_administrator_name: "{{administrator_username}}" +moodle_administrator_email: "{{administrator_email}}" +moodle_version: "latest" + +#### MyBB +mybb_version: "latest" #### Nextcloud nextcloud_version: "production" # @see https://nextcloud.com/blog/nextcloud-release-channels-and-how-to-track-them/ @@ -241,6 +280,15 @@ peertube_version: "bookworm" #### Pixelfed pixelfed_app_name: "Pictures on {{top_domain}}" +pixelfed_version: "latest" + +#### Postgres +# Please set an version in your inventory file - Rolling release for postgres isn't recommended +postgres_database_version: "latest" + +#### Taiga +taiga_version: "latest" #### YOURLS -yourls_user: "{{administrator_username}}" \ No newline at end of file +yourls_administrator_username: "{{administrator_username}}" +yourls_version: "latest" \ No newline at end of file diff --git a/inventory.example.yml b/inventory.example.yml index 35766f4c..cc8e6098 100644 --- a/inventory.example.yml +++ b/inventory.example.yml @@ -45,7 +45,7 @@ pixelfed_database_password: "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD" pixelfed_app_key: "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD" wordpress_database_password: "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD" yourls_database_password: "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD" -yourls_user_password: "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD" +yourls_administrator_username_password: "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD" path_mass_storage: "/mnt/hdd/" path_rapid_storage: "/mnt/ssd/" \ No newline at end of file diff --git a/playbook.servers.yml b/playbook.servers.yml index bfe9610d..a8b78fee 100644 --- a/playbook.servers.yml +++ b/playbook.servers.yml @@ -297,6 +297,15 @@ http_port_api: 8030 http_port_web: 8031 +- name: setup keycloak + hosts: keycloak + become: true + roles: + - role: docker-keycloak + vars: + domain: "{{domain_keycloak}}" + http_port: 8032 + # Native Webserver Roles - name: setup nginx-static-repositorys hosts: nginx-static-repositorys diff --git a/roles/docker-attendize/templates/docker-compose.yml.j2 b/roles/docker-attendize/templates/docker-compose.yml.j2 index 924af5f4..fe5b39e3 100644 --- a/roles/docker-attendize/templates/docker-compose.yml.j2 +++ b/roles/docker-attendize/templates/docker-compose.yml.j2 @@ -5,7 +5,7 @@ services: {% include 'templates/docker/services/' + database_type + '.yml.j2' %} web: - image: attendize_web:latest + image: "attendize_web:{{attendize_version}}" ports: - "{{http_port}}:80" volumes: @@ -19,7 +19,7 @@ services: {% include 'templates/docker/container/networks.yml.j2' %} worker: - image: attendize_worker:latest + image: "attendize_worker:{{attendize_version}}" {% include 'templates/docker/container/depends-on-database-redis.yml.j2' %} maildev: {% include 'templates/docker/container/networks.yml.j2' %} diff --git a/roles/docker-baserow/templates/docker-compose.yml.j2 b/roles/docker-baserow/templates/docker-compose.yml.j2 index 33208bb4..4c7f5dcd 100644 --- a/roles/docker-baserow/templates/docker-compose.yml.j2 +++ b/roles/docker-baserow/templates/docker-compose.yml.j2 @@ -5,7 +5,7 @@ services: {% include 'templates/docker/services/' + database_type + '.yml.j2' %} application: - image: baserow/baserow:1.19.1 + image: "baserow/baserow:{{baserow_version}}" container_name: baserow-application restart: {{docker_restart_policy}} logging: @@ -16,11 +16,6 @@ services: - data:/baserow/data ports: - "{{http_port}}:80" - healthcheck: - test: ["CMD", "curl", "-f", "http://localhost:80/"] - interval: 1m - timeout: 10s - retries: 3 {% include 'templates/docker/container/networks.yml.j2' %} {% include 'templates/docker/container/depends-on-database-redis.yml.j2' %} diff --git a/roles/docker-bluesky/templates/docker-compose.yml.j2 b/roles/docker-bluesky/templates/docker-compose.yml.j2 index 192b5fb9..366aeabd 100644 --- a/roles/docker-bluesky/templates/docker-compose.yml.j2 +++ b/roles/docker-bluesky/templates/docker-compose.yml.j2 @@ -1,6 +1,6 @@ services: pds: - image: ghcr.io/bluesky-social/pds:latest + image: "ghcr.io/bluesky-social/pds:{{bluesky_pds_version}}" restart: {{docker_restart_policy}} volumes: - pds_data:/pds @@ -8,7 +8,7 @@ services: environment: # Geben Sie hier Ihre Domain und Konfigurationsdetails an PDS_HOSTNAME: "{{domain_api}}" - PDS_ADMIN_EMAIL: "{{administrator_email}}" + PDS_ADMIN_EMAIL: "{{bluesky_administrator_email}}" PDS_SERVICE_DID: "did:web:{{domain_api}}" # See https://mattdyson.org/blog/2024/11/self-hosting-bluesky-pds/ PDS_SERVICE_HANDLE_DOMAINS: ".{{top_domain}}" diff --git a/roles/docker-friendica/templates/docker-compose.yml.j2 b/roles/docker-friendica/templates/docker-compose.yml.j2 index 4d8c3e6e..5010576b 100644 --- a/roles/docker-friendica/templates/docker-compose.yml.j2 +++ b/roles/docker-friendica/templates/docker-compose.yml.j2 @@ -3,7 +3,7 @@ services: {% include 'templates/docker/services/' + database_type + '.yml.j2' %} application: - image: friendica + image: "friendica:{{friendica_version}}" restart: {{docker_restart_policy}} volumes: - data:/var/www/html diff --git a/roles/docker-gitea/templates/docker-compose.yml.j2 b/roles/docker-gitea/templates/docker-compose.yml.j2 index b200a283..fb9a73fc 100644 --- a/roles/docker-gitea/templates/docker-compose.yml.j2 +++ b/roles/docker-gitea/templates/docker-compose.yml.j2 @@ -6,7 +6,7 @@ services: logging: driver: journald restart: {{docker_restart_policy}} - image: gitea/gitea:latest + image: "gitea/gitea:{{gitea_version}}" environment: - USER_UID=1000 - USER_GID=1000 diff --git a/roles/docker-gitlab/templates/docker-compose.yml.j2 b/roles/docker-gitlab/templates/docker-compose.yml.j2 index 2a8a4b85..99a0c8bb 100644 --- a/roles/docker-gitlab/templates/docker-compose.yml.j2 +++ b/roles/docker-gitlab/templates/docker-compose.yml.j2 @@ -5,7 +5,7 @@ services: {% include 'templates/docker/services/' + database_type + '.yml.j2' %} web: - image: 'gitlab/gitlab-ee:latest' + image: "gitlab/gitlab-ee:{{gitlab_version}}" restart: {{docker_restart_policy}} hostname: '{{domain}}' environment: diff --git a/roles/docker-joomla/templates/docker-compose.yml.j2 b/roles/docker-joomla/templates/docker-compose.yml.j2 index 8b108d3f..44a0b8c3 100644 --- a/roles/docker-joomla/templates/docker-compose.yml.j2 +++ b/roles/docker-joomla/templates/docker-compose.yml.j2 @@ -3,7 +3,7 @@ services: {% include 'templates/docker/services/' + database_type + '.yml.j2' %} application: - image: joomla + image: "joomla:{{joomla_version}}" logging: driver: journald environment: diff --git a/roles/docker-keycloak/README.md b/roles/docker-keycloak/README.md index 2dbafc10..c17c1fc8 100644 --- a/roles/docker-keycloak/README.md +++ b/roles/docker-keycloak/README.md @@ -1,6 +1,94 @@ # docker-keycloak -## More Information -- https://www.keycloak.org/ -- https://github.com/keycloak/keycloak -- https://en.wikipedia.org/wiki/Keycloak \ No newline at end of file +## Description 🌟 + +This role automates the setup and configuration of Keycloak in a Docker environment. +Keycloak is an open-source identity and access management solution. +The role integrates Keycloak with PostgreSQL as a database and supports operation behind a reverse proxy like NGINX. + +## Features ✨ +- Set up Keycloak as a Docker container. +- Use PostgreSQL as the database. +- Customizable configuration of Keycloak environment variables. +- Support for running behind a reverse proxy (e.g., NGINX). +- Automatic creation and management of Docker Compose files. + +## Requirements 📋 +- Docker and Docker Compose must be installed on the target system. +- A working NGINX proxy for forwarding requests to Keycloak (optional). + +## Variables ⚙️ + +### Main Variables + +Defined in `vars/main.yml`: + +| Variable | Description | +|---------------------------------|------------------------------------------------------------------| +| `docker_compose_project_name` | Name of the Docker Compose project. Default: `keycloak`. | +| `database_type` | Type of the database. Default: `postgres`. | +| `database_password` | Password for the PostgreSQL database user. | + +### Additional Variables (Templates) + +| Variable | Description | +|---------------------------------|------------------------------------------------------------------| +| `keycloak_version` | Version of the Keycloak image. | +| `domain` | Domain where Keycloak will be accessible. | +| `keycloak_administrator_username` | Admin username for Keycloak. | +| `keycloak_administrator_password` | Admin password for Keycloak. | +| `database_host` | Host of the PostgreSQL database. | +| `database_name` | Name of the PostgreSQL database. | +| `database_username` | Username for the PostgreSQL database. | +| `http_port` | Port where Keycloak will be accessible (default: `8080`). | +| `docker_restart_policy` | Docker restart policy (e.g., `always`, `unless-stopped`). | + +## Tasks 🛠️ + +The role performs the following main tasks: + +1. **Include database and proxy configuration files:** + - Integration of a PostgreSQL database. + - Setup of a reverse proxy for the domain. + +2. **Generate `docker-compose.yml`:** + - Automatically generate the Docker Compose file based on templates and variables. + +3. **Start Docker containers:** + - The role launches the Keycloak project using Docker Compose. + +## Example: Usage 🚀 + +Here is an example of how to use this role in a playbook: + +```yaml +- name: Setup Keycloak with Docker + hosts: all + vars: + domain: "auth.example.com" + keycloak_version: "21.1.0" + keycloak_administrator_username: "admin" + keycloak_administrator_password: "securepassword" + database_host: "db.example.com" + database_name: "keycloak_db" + database_username: "keycloak_user" + database_password: "securedbpassword" + http_port: 8080 + docker_restart_policy: "unless-stopped" + roles: + - docker-keycloak +``` + +## More Information 📚 + +For more details about Keycloak, check out: +- [Official Keycloak Documentation](https://www.keycloak.org/) +- [GitHub Repository](https://github.com/keycloak/keycloak) +- [Setting up Keycloak behind a Reverse Proxy](https://www.keycloak.org/server/reverseproxy) +- [Wikipedia](https://en.wikipedia.org/wiki/Keycloak) +- [Youtube Tutorial](https://www.youtube.com/watch?v=fvxQ8bW0vO8) +--- + +### Author ✍️ +**Kevin Veen-Birkenbach** +[veen.world](https://www.veen.world/) \ No newline at end of file diff --git a/roles/docker-keycloak/tasks/main.yml b/roles/docker-keycloak/tasks/main.yml new file mode 100644 index 00000000..452e6d50 --- /dev/null +++ b/roles/docker-keycloak/tasks/main.yml @@ -0,0 +1,10 @@ +--- +- name: "include docker/compose/database.yml" + include_tasks: docker/compose/database.yml + +- name: "include tasks nginx-docker-proxy-domain.yml" + include_tasks: nginx-docker-proxy-domain.yml + +- name: add docker-compose.yml + template: src=docker-compose.yml.j2 dest={{docker_compose_instance_directory}}docker-compose.yml + notify: docker compose project setup diff --git a/roles/docker-keycloak/templates/docker-compose.yml.j2 b/roles/docker-keycloak/templates/docker-compose.yml.j2 index 3437c7b2..5fb74dea 100644 --- a/roles/docker-keycloak/templates/docker-compose.yml.j2 +++ b/roles/docker-keycloak/templates/docker-compose.yml.j2 @@ -1,32 +1,24 @@ -version: '3.7' - services: -# include database container {% include 'templates/docker/services/' + database_type + '.yml.j2' %} - keycloak: - image: quay.io/keycloak/keycloak:23.0.6 + application: + image: quay.io/keycloak/keycloak:{{keycloak_version}} command: start environment: - KC_HOSTNAME: {{domain}} - KC_HOSTNAME_PORT: {{http_port}} - KC_HOSTNAME_STRICT_BACKCHANNEL: false - KC_HTTP_ENABLED: true - KC_HOSTNAME_STRICT_HTTPS: false - KC_HEALTH_ENABLED: true - KEYCLOAK_ADMIN: ${KEYCLOAK_ADMIN} - KEYCLOAK_ADMIN_PASSWORD: ${KEYCLOAK_ADMIN_PASSWORD} - KC_DB: postgres - KC_DB_URL: jdbc:postgresql://postgres/${POSTGRES_DB} - KC_DB_USERNAME: ${POSTGRES_USER} - KC_DB_PASSWORD: ${POSTGRES_PASSWORD} + KC_HOSTNAME: https://{{domain}} + KC_HTTP_ENABLED: true + KC_HEALTH_ENABLED: true + KEYCLOAK_ADMIN: "{{keycloak_administrator_username}}" + KEYCLOAK_ADMIN_PASSWORD: "{{keycloak_administrator_password}}" + KC_DB: postgres + KC_DB_URL: jdbc:postgresql://{{database_host}}/{{database_name}} + KC_DB_USERNAME: {{database_username}} + KC_DB_PASSWORD: {{database_password}} ports: - "127.0.0.1:{{http_port}}:8080" - restart: always + restart: {{docker_restart_policy}} {% include 'templates/docker/container/depends-on-just-database.yml.j2' %} {% include 'templates/docker/container/networks.yml.j2' %} -{% include 'templates/docker/compose/volumes.yml.j2' %} - {% include 'templates/docker/compose/networks.yml.j2' %} \ No newline at end of file diff --git a/roles/docker-keycloak/vars/main.yml b/roles/docker-keycloak/vars/main.yml new file mode 100644 index 00000000..476b12d8 --- /dev/null +++ b/roles/docker-keycloak/vars/main.yml @@ -0,0 +1,3 @@ +docker_compose_project_name: "keycloak" +database_type: "postgres" +database_password: "{{keycloak_database_password}}" \ No newline at end of file diff --git a/roles/docker-ldap/README.md b/roles/docker-ldap/README.md index be03a08d..be992170 100644 --- a/roles/docker-ldap/README.md +++ b/roles/docker-ldap/README.md @@ -4,3 +4,4 @@ Draft role for an LDAP implementation with sso. - [ChatGPT Conversation](https://chat.openai.com/share/77919994-5d44-4a64-877d-b572d67483d4) - [Discouse Documentation](https://forum.veen.world/t/cymais-ldap-implementierung-documentation/49) - [Setup Guide](https://goneuland.de/ldap-nextcloud-und-mailserver-in-docker/) +- https://hub.docker.com/r/bitnami/openldap \ No newline at end of file diff --git a/roles/docker-ldap/templates/docker-compose.yml.j2 b/roles/docker-ldap/templates/docker-compose.yml.j2 index 3002b3e4..0f4bb8ef 100644 --- a/roles/docker-ldap/templates/docker-compose.yml.j2 +++ b/roles/docker-ldap/templates/docker-compose.yml.j2 @@ -1,24 +1,36 @@ +version: '2' + +networks: + my-network: + driver: bridge services: openldap: - image: osixia/openldap:1.2.4 - environment: - - LDAP_ORGANISATION=MeineFirma - - LDAP_DOMAIN=meinefirma.de - - LDAP_ADMIN_PASSWORD=admin + image: bitnami/openldap:2 ports: - - "389:389" - - "636:636" - volumes: - - ./ldap:/var/lib/ldap - - ./ldap-slapd:/etc/ldap/slapd.d + - '389:1389' + - '636:1636' + environment: + - LDAP_ADMIN_USERNAME=admin + - LDAP_ADMIN_PASSWORD=adminpassword + - LDAP_USERS=user01,user02 # Comma separated list of LDAP users to create in the default LDAP tree. Default: user01,user02 + - LDAP_PASSWORDS=password1,password2 #Comma separated list of passwords to use for LDAP users. Default: bitnami1,bitnami2 + + - LDAP_ROOT=dc=example,dc=org + - LDAP_ADMIN_DN=cn=admin,dc=example,dc=org - keycloak: - image: jboss/keycloak:latest - environment: - - KEYCLOAK_USER=admin - - KEYCLOAK_PASSWORD=admin - - DB_VENDOR=h2 - ports: - - "8080:8080" - depends_on: - - openldap + - MARIADB_ROOT_PASSWORD=root-password + - MARIADB_GALERA_MARIABACKUP_PASSWORD=backup-password + - MARIADB_USER=customuser + - MARIADB_DATABASE=customdatabase + - MARIADB_ENABLE_LDAP=yes + networks: + - my-network + volumes: + - 'openldap_data:/bitnami/openldap' + myapp: + image: 'YOUR_APPLICATION_IMAGE' + networks: + - my-network +volumes: + openldap_data: + driver: local diff --git a/roles/docker-listmonk/templates/docker-compose.yml.j2 b/roles/docker-listmonk/templates/docker-compose.yml.j2 index 251cac99..f35c1404 100644 --- a/roles/docker-listmonk/templates/docker-compose.yml.j2 +++ b/roles/docker-listmonk/templates/docker-compose.yml.j2 @@ -4,7 +4,7 @@ services: application: restart: {{docker_restart_policy}} - image: listmonk/listmonk:latest + image: listmonk/listmonk:{{listmonk_version}} ports: - "127.0.0.1:{{http_port}}:9000" environment: diff --git a/roles/docker-mariadb/tasks/main.yml b/roles/docker-mariadb/tasks/main.yml index d5de0e07..e6d5f371 100644 --- a/roles/docker-mariadb/tasks/main.yml +++ b/roles/docker-mariadb/tasks/main.yml @@ -7,7 +7,7 @@ - name: install MariaDB docker_container: name: central-mariadb - image: mariadb:latest #could lead to problems with nextcloud + image: "mariadb:{{mariadb_version}}" #could lead to problems with nextcloud detach: yes env: MARIADB_ROOT_PASSWORD: "{{central_mariadb_root_password}}" diff --git a/roles/docker-matomo/templates/docker-compose.yml.j2 b/roles/docker-matomo/templates/docker-compose.yml.j2 index ab0c0bbe..153aa0d8 100644 --- a/roles/docker-matomo/templates/docker-compose.yml.j2 +++ b/roles/docker-matomo/templates/docker-compose.yml.j2 @@ -5,7 +5,7 @@ services: application: logging: driver: journald - image: matomo + image: matomo:{{matomo_version}} restart: {{docker_restart_policy}} ports: - "127.0.0.1:{{http_port}}:80" diff --git a/roles/docker-matrix-compose/tasks/main.yml b/roles/docker-matrix-compose/tasks/main.yml index 807eafa8..100255ef 100644 --- a/roles/docker-matrix-compose/tasks/main.yml +++ b/roles/docker-matrix-compose/tasks/main.yml @@ -131,7 +131,7 @@ - name: create admin account command: - cmd: docker compose exec -it synapse register_new_matrix_user -u {{matrix_admin_name}} -p {{matrix_admin_password}} -a -c /data/homeserver.yaml http://localhost:8008 + cmd: docker compose exec -it synapse register_new_matrix_user -u {{matrix_administrator_username}} -p {{matrix_admin_password}} -a -c /data/homeserver.yaml http://localhost:8008 chdir: "{{ docker_compose_instance_directory }}" ignore_errors: true when: mode_setup | bool diff --git a/roles/docker-matrix-compose/templates/docker-compose.yml.j2 b/roles/docker-matrix-compose/templates/docker-compose.yml.j2 index 36294b48..09200a67 100644 --- a/roles/docker-matrix-compose/templates/docker-compose.yml.j2 +++ b/roles/docker-matrix-compose/templates/docker-compose.yml.j2 @@ -3,7 +3,7 @@ services: {% include 'templates/docker/services/' + database_type + '.yml.j2' %} synapse: - image: matrixdotorg/synapse:latest + image: matrixdotorg/synapse:{{matrix_synapse_version}} container_name: matrix-synapse restart: {{docker_restart_policy}} logging: @@ -33,7 +33,7 @@ services: {% include 'templates/docker/container/networks.yml.j2' %} element: - image: vectorim/element-web:latest + image: vectorim/element-web:{{matrix_element_version}} container_name: matrix-element restart: {{docker_restart_policy}} volumes: diff --git a/roles/docker-matrix-compose/templates/mautrix/facebook.config.yml.j2 b/roles/docker-matrix-compose/templates/mautrix/facebook.config.yml.j2 index 3b3756dc..ace7fbca 100644 --- a/roles/docker-matrix-compose/templates/mautrix/facebook.config.yml.j2 +++ b/roles/docker-matrix-compose/templates/mautrix/facebook.config.yml.j2 @@ -381,7 +381,7 @@ bridge: permissions: "*": relay "{{matrix_server_name}}": user - "@{{matrix_admin_name}}:{{matrix_server_name}}": admin + "@{{matrix_administrator_username}}:{{matrix_server_name}}": admin relay: # Whether relay mode should be allowed. If allowed, `!fb set-relay` can be used to turn any diff --git a/roles/docker-matrix-compose/templates/mautrix/instagram.config.yml.j2 b/roles/docker-matrix-compose/templates/mautrix/instagram.config.yml.j2 index 26cd5f60..912f3491 100644 --- a/roles/docker-matrix-compose/templates/mautrix/instagram.config.yml.j2 +++ b/roles/docker-matrix-compose/templates/mautrix/instagram.config.yml.j2 @@ -360,7 +360,7 @@ bridge: permissions: "*": relay "{{matrix_server_name}}": user - "@{{matrix_admin_name}}:{{matrix_server_name}}": admin + "@{{matrix_administrator_username}}:{{matrix_server_name}}": admin relay: # Whether relay mode should be allowed. If allowed, `!ig set-relay` can be used to turn any diff --git a/roles/docker-matrix-compose/templates/mautrix/signal.config.yml.j2 b/roles/docker-matrix-compose/templates/mautrix/signal.config.yml.j2 index cef87dcb..35f98059 100644 --- a/roles/docker-matrix-compose/templates/mautrix/signal.config.yml.j2 +++ b/roles/docker-matrix-compose/templates/mautrix/signal.config.yml.j2 @@ -275,7 +275,7 @@ bridge: permissions: "*": relay "{{matrix_server_name}}": user - "@{{matrix_admin_name}}:{{matrix_server_name}}": admin + "@{{matrix_administrator_username}}:{{matrix_server_name}}": admin # Settings for relay mode relay: diff --git a/roles/docker-matrix-compose/templates/mautrix/slack.config.yml.j2 b/roles/docker-matrix-compose/templates/mautrix/slack.config.yml.j2 index 8463eb7c..d4f6e9fd 100644 --- a/roles/docker-matrix-compose/templates/mautrix/slack.config.yml.j2 +++ b/roles/docker-matrix-compose/templates/mautrix/slack.config.yml.j2 @@ -279,7 +279,7 @@ bridge: permissions: "*": relay "{{matrix_server_name}}": user - "@{{matrix_admin_name}}:{{matrix_server_name}}": admin + "@{{matrix_administrator_username}}:{{matrix_server_name}}": admin # Logging config. See https://github.com/tulir/zeroconfig for details. logging: diff --git a/roles/docker-matrix-compose/templates/mautrix/telegram.config.yml.j2 b/roles/docker-matrix-compose/templates/mautrix/telegram.config.yml.j2 index 74ff307a..9b970304 100644 --- a/roles/docker-matrix-compose/templates/mautrix/telegram.config.yml.j2 +++ b/roles/docker-matrix-compose/templates/mautrix/telegram.config.yml.j2 @@ -532,7 +532,7 @@ bridge: "*": "relaybot" "public.{{matrix_server_name}}": "user" "{{matrix_server_name}}": "full" - "@{{matrix_admin_name}}:{{matrix_server_name}}": "admin" + "@{{matrix_administrator_username}}:{{matrix_server_name}}": "admin" # Options related to the message relay Telegram bot. relaybot: diff --git a/roles/docker-matrix-compose/templates/mautrix/whatsapp.config.yml.j2 b/roles/docker-matrix-compose/templates/mautrix/whatsapp.config.yml.j2 index 0d2d815b..29d4fe75 100644 --- a/roles/docker-matrix-compose/templates/mautrix/whatsapp.config.yml.j2 +++ b/roles/docker-matrix-compose/templates/mautrix/whatsapp.config.yml.j2 @@ -435,7 +435,7 @@ bridge: permissions: "*": relay "{{matrix_server_name}}": user - "@{{matrix_admin_name}}:{{matrix_server_name}}": admin + "@{{matrix_administrator_username}}:{{matrix_server_name}}": admin # Settings for relay mode relay: diff --git a/roles/docker-matrix-compose/templates/nginx.conf.j2 b/roles/docker-matrix-compose/templates/nginx.conf.j2 index 8edb428b..08331b79 100644 --- a/roles/docker-matrix-compose/templates/nginx.conf.j2 +++ b/roles/docker-matrix-compose/templates/nginx.conf.j2 @@ -5,7 +5,6 @@ server { # For the federation port listen 8448 ssl default_server; listen [::]:8448 ssl default_server; - http2 on; {% if nginx_matomo_tracking | bool %} {% include 'roles/nginx-matomo-tracking/templates/matomo-tracking.conf.j2' %} diff --git a/roles/docker-mediawiki/templates/docker-compose.yml.j2 b/roles/docker-mediawiki/templates/docker-compose.yml.j2 index 7cef1078..8af44097 100644 --- a/roles/docker-mediawiki/templates/docker-compose.yml.j2 +++ b/roles/docker-mediawiki/templates/docker-compose.yml.j2 @@ -2,6 +2,7 @@ services: {% include 'templates/docker/services/' + database_type + '.yml.j2' %} application: + # Seems like image tag got lost. @todo Check and implement if necessary log_driver: journald restart: "{{docker_restart_policy}}" depends_on: diff --git a/roles/docker-moodle/templates/docker-compose.yml.j2 b/roles/docker-moodle/templates/docker-compose.yml.j2 index 9edc84ea..d57c9079 100644 --- a/roles/docker-moodle/templates/docker-compose.yml.j2 +++ b/roles/docker-moodle/templates/docker-compose.yml.j2 @@ -2,7 +2,7 @@ services: {% include 'templates/docker/services/' + database_type + '.yml.j2' %} moodle: - image: docker.io/bitnami/moodle:latest + image: docker.io/bitnami/moodle:{{moodle_version}} ports: - 127.0.0.1:{{http_port}}:8080 restart: {{docker_restart_policy}} @@ -18,9 +18,9 @@ services: - MOODLE_SITE_NAME="{{moodle_site_name}}" - MOODLE_SSLPROXY=yes - MOODLE_REVERSE_PROXY=yes - - MOODLE_USERNAME={{moodle_user_name}} + - MOODLE_USERNAME={{moodle_administrator_name}} - MOODLE_PASSWORD={{moodle_user_password}} - - MOODLE_EMAIL={{moodle_user_email}} + - MOODLE_EMAIL={{moodle_administrator_email}} - BITNAMI_DEBUG={% if mode_debug | bool %}true{% else %}false{% endif %} volumes: - 'moodle:/bitnami/moodle' diff --git a/roles/docker-mybb/templates/docker-compose.yml.j2 b/roles/docker-mybb/templates/docker-compose.yml.j2 index 88befd4e..2a106dbe 100644 --- a/roles/docker-mybb/templates/docker-compose.yml.j2 +++ b/roles/docker-mybb/templates/docker-compose.yml.j2 @@ -7,7 +7,7 @@ services: driver: journald options: tag: "mybb_application" - image: mybb/mybb:latest + image: mybb/mybb:{{mybb_version}} restart: {{docker_restart_policy}} volumes: - data:/var/www/html diff --git a/roles/docker-pixelfed/templates/docker-compose.yml.j2 b/roles/docker-pixelfed/templates/docker-compose.yml.j2 index 547412ad..49c945a0 100644 --- a/roles/docker-pixelfed/templates/docker-compose.yml.j2 +++ b/roles/docker-pixelfed/templates/docker-compose.yml.j2 @@ -5,7 +5,7 @@ services: {% include 'templates/docker/services/redis.yml.j2' %} application: - image: zknt/pixelfed + image: zknt/pixelfed:{{pixelfed_version}} restart: {{docker_restart_policy}} logging: driver: journald @@ -19,7 +19,7 @@ services: {% include 'templates/docker/container/depends-on-database-redis.yml.j2' %} {% include 'templates/docker/container/networks.yml.j2' %} worker: - image: zknt/pixelfed + image: zknt/pixelfed:{{pixelfed_version}} restart: {{docker_restart_policy}} logging: driver: journald diff --git a/roles/docker-postgres/tasks/main.yml b/roles/docker-postgres/tasks/main.yml index de87c832..ce65f8ae 100644 --- a/roles/docker-postgres/tasks/main.yml +++ b/roles/docker-postgres/tasks/main.yml @@ -7,7 +7,7 @@ - name: Install PostgreSQL docker_container: name: central-postgres - image: "postgres:{{database_version}}" + image: "postgres:{{postgres_database_version}}" detach: yes env: POSTGRES_PASSWORD: "{{ central_postgres_password }}" diff --git a/roles/docker-taiga/templates/docker-compose.yml.j2 b/roles/docker-taiga/templates/docker-compose.yml.j2 index b4d0b84c..4a69f797 100644 --- a/roles/docker-taiga/templates/docker-compose.yml.j2 +++ b/roles/docker-taiga/templates/docker-compose.yml.j2 @@ -41,7 +41,7 @@ services: restart: {{docker_restart_policy}} logging: driver: journald - image: taigaio/taiga-back:latest + image: taigaio/taiga-back:{{taiga_version}} environment: *default-back-environment volumes: *default-back-volumes diff --git a/roles/docker-yourls/templates/docker-compose.yml.j2 b/roles/docker-yourls/templates/docker-compose.yml.j2 index cbb44e79..734538e2 100644 --- a/roles/docker-yourls/templates/docker-compose.yml.j2 +++ b/roles/docker-yourls/templates/docker-compose.yml.j2 @@ -5,18 +5,18 @@ services: application: logging: driver: journald - image: yourls + image: yourls:{{yourls_version}} restart: {{docker_restart_policy}} ports: - "127.0.0.1:{{http_port}}:80" environment: - YOURLS_DB_HOST: "{{database_host}}" - YOURLS_DB_USER: "{{database_username}}" - YOURLS_DB_PASS: "{{database_password}}" - YOURLS_DB_NAME: "{{database_name}}" - YOURLS_SITE: "https://{{domain}}" - YOURLS_USER: "{{yourls_user}}" - YOURLS_PASS: "{{yourls_user_password}}" + YOURLS_DB_HOST: "{{database_host}}" + YOURLS_DB_USER: "{{database_username}}" + YOURLS_DB_PASS: "{{database_password}}" + YOURLS_DB_NAME: "{{database_name}}" + YOURLS_SITE: "https://{{domain}}" + yourls_administrator_username: "{{yourls_administrator_username}}" + YOURLS_PASS: "{{yourls_administrator_username_password}}" healthcheck: test: ["CMD", "curl", "-f", "http://127.0.0.1/admin/"] interval: 1m diff --git a/roles/update-docker/files/update-docker.py b/roles/update-docker/files/update-docker.py index 0dacdc95..d29086a8 100644 --- a/roles/update-docker/files/update-docker.py +++ b/roles/update-docker/files/update-docker.py @@ -111,7 +111,7 @@ def upgrade_listmonk(): Runs the upgrade for Listmonk """ print("Starting Listmonk upgrade.") - run_command("docker compose run application ./listmonk --upgrade") + run_command('echo "y" | docker compose run -T application ./listmonk --upgrade') print("Upgrade complete.") def update_nextcloud(): diff --git a/templates/docker/services/postgres.yml.j2 b/templates/docker/services/postgres.yml.j2 index b0bf7260..a20e0078 100644 --- a/templates/docker/services/postgres.yml.j2 +++ b/templates/docker/services/postgres.yml.j2 @@ -1,7 +1,7 @@ # This template needs to be included in docker-compose.yml, which depend on a postgres database {% if not enable_central_database | bool %} database: - image: postgres:{{database_version}}-alpine + image: postgres:{{postgres_database_version}}-alpine container_name: {{docker_compose_project_name}}-database environment: - POSTGRES_PASSWORD={{database_password}} diff --git a/vars/docker-database.yml.j2 b/vars/docker-database.yml.j2 index ace823c5..f71aabca 100644 --- a/vars/docker-database.yml.j2 +++ b/vars/docker-database.yml.j2 @@ -1,5 +1,4 @@ database_instance: "{{ 'central-' + database_type if enable_central_database | bool else docker_compose_project_name }}" database_host: "{{ 'central-' + database_type if enable_central_database | bool else 'database' }}" database_name: "{{ docker_compose_project_name }}" -database_username: "{{ docker_compose_project_name }}" -database_version: "{{ postgres_default_version }}" \ No newline at end of file +database_username: "{{ docker_compose_project_name }}" \ No newline at end of file