Merge branch 'master' of github.com:kevinveenbirkenbach/cymais

group_vars/all

@@ -148,6 +148,7 @@ domain_funkwhale:               "music.{{top_domain}}"
 domain_gitea:                   "git.{{top_domain}}"
 domain_gitlab:                  "gitlab.{{top_domain}}"
 domain_portfolio:               "{{top_domain}}"
+domain_keycloak:                "auth.{{top_domain}}"
 domain_listmonk:                "newsletter.{{top_domain}}"
 domain_mailu:                   "{{system_email_host}}"
 domain_mastodon:                "microblog.{{top_domain}}"
@@ -174,6 +175,7 @@ redirect_domain_mappings:
 - { source: "discourse.{{top_domain}}",   target: "{{domain_discourse}}" }
 - { source: "funkwhale.{{top_domain}}",   target: "{{domain_funkwhale}}" }
 - { source: "gitea.{{top_domain}}",       target: "{{domain_gitea}}" }
+- { source: "keycloak.{{top_domain}}",    target: "{{domain_keycloak}}" }
 - { source: "listmonk.{{top_domain}}",    target: "{{domain_listmonk}}" }
 - { source: "moodle.{{top_domain}}",      target: "{{domain_moodle}}" }
 - { source: "nextcloud.{{top_domain}}",   target: "{{domain_nextcloud}}" }
@@ -185,6 +187,7 @@ redirect_domain_mappings:
 - { source: "taiga.{{top_domain}}",       target: "{{domain_taiga}}" }
 - { source: "videos.{{top_domain}}",      target: "{{domain_peertube}}" }
 
+
 ## Docker Applications
 
 ### Enable Central MariaDB
@@ -194,9 +197,6 @@ enable_central_database_mailu: "{{enable_central_database}}"
 ### Enable Storage Optimizer for Docker Volumes
 enable_system_storage_optimizer: true
 
-### Common Configurations
-postgres_default_version:       "16"
-
 ### Docker Role Specific Parameters
 docker_restart_policy:        "unless-stopped"
 
@@ -206,22 +206,57 @@ akaunting_company_name:       "{{top_domain}}"
 akaunting_company_email:      "{{administrator_email}}"
 akaunting_setup_admin_email:  "{{administrator_email}}"
 
+#### Attendize 
+attendize_version:              "latest"
+
+#### Baserow 
+baserow_version:                "latest"
+
 #### Big Blue Button
 bigbluebutton_enable_greenlight:  "true"
 
+#### Bluesky
+bluesky_administrator_email:      "{{administrator_email}}"
+bluesky_pds_version:              "latest"
+
+#### Friendica
+friendica_version:                "latest"
+
+#### Gitea
+gitea_version:                    "latest"
+
+#### Gitlab
+gitlab_version:                   "latest"
+
+#### Joomla
+joomla_version:                   "latest"
+
+#### Keycloak
+keycloak_version:                   "latest"
+keycloak_administrator_username:    "{{administrator_username}}"
+
 #### Listmonk
 listmonk_admin_username:          "admin"
 listmonk_public_api_activated:    False # Security hole. Can be used for spaming
+listmonk_version:                  "latest"
+
+#### MariaDB
+mariadb_version:                  "latest"
+
+#### Matomo
+matomo_version:                   "latest"
 
 #### Mastodon
 mastodon_version:                 "latest"
 mastodon_single_user_mode:        false
 
 #### Matrix
-matrix_admin_name:      "{{administrator_username}}"  # Accountname of the matrix admin
+matrix_administrator_username:  "{{administrator_username}}"  # Accountname of the matrix admin
 matrix_playbook_tags:           "setup-all,start"             # For the initial update use: install-all,ensure-matrix-users-created,start
 matrix_role:                    "compose"                     # Role to setup Matrix. Valid values: ansible, compose
 matrix_server_name:             "{{top_domain}}"              # Adress for the account names etc.
+matrix_synapse_version:         "latest"
+matrix_element_version:         "latest"
 
 #### Mailu
 mailu_version:          "2024.06"
@@ -230,8 +265,12 @@ mailu_subnet:           "192.168.203.0/24"
 
 #### Moodle
 moodle_site_name:           "Global Learning Academy on {{top_domain}}"
-moodle_user_name:       "{{administrator_username}}"
+moodle_administrator_name:  "{{administrator_username}}"
-moodle_user_email:      "{{administrator_email}}"
+moodle_administrator_email: "{{administrator_email}}"
+moodle_version:             "latest"
+
+#### MyBB
+mybb_version:            "latest"
 
 #### Nextcloud
 nextcloud_version:      "production"  # @see https://nextcloud.com/blog/nextcloud-release-channels-and-how-to-track-them/
@@ -241,6 +280,15 @@ peertube_version:       "bookworm"
 
 #### Pixelfed
 pixelfed_app_name:      "Pictures on {{top_domain}}"
+pixelfed_version:       "latest"
+
+#### Postgres
+# Please set an version in your inventory file - Rolling release for postgres isn't recommended
+postgres_database_version:  "latest"
+
+#### Taiga
+taiga_version:              "latest"
 
 #### YOURLS
-yourls_user:            "{{administrator_username}}"
+yourls_administrator_username:  "{{administrator_username}}"
+yourls_version:                 "latest"

inventory.example.yml

@@ -45,7 +45,7 @@ pixelfed_database_password:         "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
 pixelfed_app_key:                   "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
 wordpress_database_password:        "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
 yourls_database_password:           "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
-yourls_user_password:               "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+yourls_administrator_username_password:               "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
 
 path_mass_storage:                  "/mnt/hdd/"
 path_rapid_storage:                 "/mnt/ssd/"

playbook.servers.yml

@@ -297,6 +297,15 @@
         http_port_api: 8030
         http_port_web: 8031
 
+- name: setup keycloak
+  hosts: keycloak
+  become: true
+  roles:
+   -  role: docker-keycloak
+      vars:
+        domain: "{{domain_keycloak}}"
+        http_port: 8032
+
 # Native Webserver Roles
 - name: setup nginx-static-repositorys
   hosts: nginx-static-repositorys

roles/docker-attendize/templates/docker-compose.yml.j2

@@ -5,7 +5,7 @@ services:
 {% include 'templates/docker/services/' + database_type + '.yml.j2' %}
 
   web:
-    image: attendize_web:latest
+    image: "attendize_web:{{attendize_version}}"
     ports:
     - "{{http_port}}:80"
     volumes:
@@ -19,7 +19,7 @@ services:
 {% include 'templates/docker/container/networks.yml.j2' %}
 
   worker:
-    image: attendize_worker:latest
+    image: "attendize_worker:{{attendize_version}}"
 {% include 'templates/docker/container/depends-on-database-redis.yml.j2' %}
       maildev:
 {% include 'templates/docker/container/networks.yml.j2' %}

roles/docker-baserow/templates/docker-compose.yml.j2

@@ -5,7 +5,7 @@ services:
 {% include 'templates/docker/services/' + database_type + '.yml.j2' %}
 
   application:
-    image: baserow/baserow:1.19.1
+    image: "baserow/baserow:{{baserow_version}}"
     container_name: baserow-application
     restart: {{docker_restart_policy}}
     logging:
@@ -16,11 +16,6 @@ services:
       - data:/baserow/data
     ports:
       - "{{http_port}}:80"
-    healthcheck:
-      test: ["CMD", "curl", "-f", "http://localhost:80/"]
-      interval: 1m
-      timeout: 10s
-      retries: 3
 {% include 'templates/docker/container/networks.yml.j2' %}
 {% include 'templates/docker/container/depends-on-database-redis.yml.j2' %}
 

roles/docker-bluesky/templates/docker-compose.yml.j2

@@ -1,6 +1,6 @@
 services:
   pds:
-    image: ghcr.io/bluesky-social/pds:latest
+    image: "ghcr.io/bluesky-social/pds:{{bluesky_pds_version}}"
     restart: {{docker_restart_policy}}
     volumes:
         - pds_data:/pds
@@ -8,7 +8,7 @@ services:
     environment:
       # Geben Sie hier Ihre Domain und Konfigurationsdetails an
       PDS_HOSTNAME: "{{domain_api}}"
-      PDS_ADMIN_EMAIL: "{{administrator_email}}"
+      PDS_ADMIN_EMAIL: "{{bluesky_administrator_email}}"
       PDS_SERVICE_DID: "did:web:{{domain_api}}"
       # See https://mattdyson.org/blog/2024/11/self-hosting-bluesky-pds/
       PDS_SERVICE_HANDLE_DOMAINS: ".{{top_domain}}"

roles/docker-friendica/templates/docker-compose.yml.j2

@@ -3,7 +3,7 @@ services:
 {% include 'templates/docker/services/' + database_type + '.yml.j2' %}
 
   application:
-    image: friendica
+    image: "friendica:{{friendica_version}}"
     restart: {{docker_restart_policy}}
     volumes:
       - data:/var/www/html

roles/docker-gitea/templates/docker-compose.yml.j2

@@ -6,7 +6,7 @@ services:
     logging:
       driver: journald
     restart: {{docker_restart_policy}}
-    image: gitea/gitea:latest
+    image: "gitea/gitea:{{gitea_version}}"
     environment:
       - USER_UID=1000
       - USER_GID=1000

roles/docker-gitlab/templates/docker-compose.yml.j2

@@ -5,7 +5,7 @@ services:
 {% include 'templates/docker/services/' + database_type + '.yml.j2' %}
 
   web:
-    image: 'gitlab/gitlab-ee:latest'
+    image: "gitlab/gitlab-ee:{{gitlab_version}}"
     restart: {{docker_restart_policy}}
     hostname: '{{domain}}'
     environment:

roles/docker-joomla/templates/docker-compose.yml.j2

@@ -3,7 +3,7 @@ services:
 {% include 'templates/docker/services/' + database_type + '.yml.j2' %}
 
   application:
-    image: joomla
+    image: "joomla:{{joomla_version}}"
     logging:
       driver: journald
     environment:

roles/docker-keycloak/README.md

@@ -1,6 +1,94 @@
 # docker-keycloak
 
-## More Information
+## Description 🌟
-- https://www.keycloak.org/
+
-- https://github.com/keycloak/keycloak
+This role automates the setup and configuration of Keycloak in a Docker environment. 
-- https://en.wikipedia.org/wiki/Keycloak
+Keycloak is an open-source identity and access management solution. 
+The role integrates Keycloak with PostgreSQL as a database and supports operation behind a reverse proxy like NGINX.
+
+## Features ✨
+- Set up Keycloak as a Docker container.
+- Use PostgreSQL as the database.
+- Customizable configuration of Keycloak environment variables.
+- Support for running behind a reverse proxy (e.g., NGINX).
+- Automatic creation and management of Docker Compose files.
+
+## Requirements 📋
+- Docker and Docker Compose must be installed on the target system.
+- A working NGINX proxy for forwarding requests to Keycloak (optional).
+
+## Variables ⚙️
+
+### Main Variables
+
+Defined in `vars/main.yml`:
+
+| Variable                        | Description                                                      |
+|---------------------------------|------------------------------------------------------------------|
+| `docker_compose_project_name`   | Name of the Docker Compose project. Default: `keycloak`.         |
+| `database_type`                 | Type of the database. Default: `postgres`.                      |
+| `database_password`             | Password for the PostgreSQL database user.                      |
+
+### Additional Variables (Templates)
+
+| Variable                        | Description                                                      |
+|---------------------------------|------------------------------------------------------------------|
+| `keycloak_version`              | Version of the Keycloak image.                                  |
+| `domain`                        | Domain where Keycloak will be accessible.                       |
+| `keycloak_administrator_username` | Admin username for Keycloak.                                   |
+| `keycloak_administrator_password` | Admin password for Keycloak.                                   |
+| `database_host`                 | Host of the PostgreSQL database.                                |
+| `database_name`                 | Name of the PostgreSQL database.                                |
+| `database_username`             | Username for the PostgreSQL database.                          |
+| `http_port`                     | Port where Keycloak will be accessible (default: `8080`).       |
+| `docker_restart_policy`         | Docker restart policy (e.g., `always`, `unless-stopped`).       |
+
+## Tasks 🛠️
+
+The role performs the following main tasks:
+
+1. **Include database and proxy configuration files:**
+   - Integration of a PostgreSQL database.
+   - Setup of a reverse proxy for the domain.
+
+2. **Generate `docker-compose.yml`:**
+   - Automatically generate the Docker Compose file based on templates and variables.
+
+3. **Start Docker containers:**
+   - The role launches the Keycloak project using Docker Compose.
+
+## Example: Usage 🚀
+
+Here is an example of how to use this role in a playbook:
+
+```yaml
+- name: Setup Keycloak with Docker
+  hosts: all
+  vars:
+    domain: "auth.example.com"
+    keycloak_version: "21.1.0"
+    keycloak_administrator_username: "admin"
+    keycloak_administrator_password: "securepassword"
+    database_host: "db.example.com"
+    database_name: "keycloak_db"
+    database_username: "keycloak_user"
+    database_password: "securedbpassword"
+    http_port: 8080
+    docker_restart_policy: "unless-stopped"
+  roles:
+    - docker-keycloak
+```
+
+## More Information 📚
+
+For more details about Keycloak, check out:
+- [Official Keycloak Documentation](https://www.keycloak.org/)
+- [GitHub Repository](https://github.com/keycloak/keycloak)
+- [Setting up Keycloak behind a Reverse Proxy](https://www.keycloak.org/server/reverseproxy)
+- [Wikipedia](https://en.wikipedia.org/wiki/Keycloak)
+- [Youtube Tutorial](https://www.youtube.com/watch?v=fvxQ8bW0vO8)
+---
+
+### Author ✍️
+**Kevin Veen-Birkenbach**  
+[veen.world](https://www.veen.world/)

roles/docker-keycloak/tasks/main.yml

@@ -0,0 +1,10 @@
+---
+- name: "include docker/compose/database.yml"
+  include_tasks: docker/compose/database.yml
+
+- name: "include tasks nginx-docker-proxy-domain.yml"
+  include_tasks: nginx-docker-proxy-domain.yml
+
+- name: add docker-compose.yml
+  template: src=docker-compose.yml.j2 dest={{docker_compose_instance_directory}}docker-compose.yml
+  notify: docker compose project setup

roles/docker-keycloak/templates/docker-compose.yml.j2

@@ -1,32 +1,24 @@
-version: '3.7'
-
 services:
 
-# include database container
 {% include 'templates/docker/services/' + database_type + '.yml.j2' %}
 
-  keycloak:
+  application:
-    image: quay.io/keycloak/keycloak:23.0.6
+    image: quay.io/keycloak/keycloak:{{keycloak_version}}
     command: start
     environment:
-      KC_HOSTNAME: {{domain}}
+      KC_HOSTNAME:                    https://{{domain}}
-      KC_HOSTNAME_PORT: {{http_port}}
-      KC_HOSTNAME_STRICT_BACKCHANNEL: false
       KC_HTTP_ENABLED:                true
-      KC_HOSTNAME_STRICT_HTTPS: false
       KC_HEALTH_ENABLED:              true
-      KEYCLOAK_ADMIN: ${KEYCLOAK_ADMIN}
+      KEYCLOAK_ADMIN:                 "{{keycloak_administrator_username}}"
-      KEYCLOAK_ADMIN_PASSWORD: ${KEYCLOAK_ADMIN_PASSWORD}
+      KEYCLOAK_ADMIN_PASSWORD:        "{{keycloak_administrator_password}}"
       KC_DB:                          postgres
-      KC_DB_URL: jdbc:postgresql://postgres/${POSTGRES_DB}
+      KC_DB_URL:                      jdbc:postgresql://{{database_host}}/{{database_name}}
-      KC_DB_USERNAME: ${POSTGRES_USER}
+      KC_DB_USERNAME:                 {{database_username}}
-      KC_DB_PASSWORD: ${POSTGRES_PASSWORD}
+      KC_DB_PASSWORD:                 {{database_password}}
     ports:
       - "127.0.0.1:{{http_port}}:8080"
-    restart: always
+    restart: {{docker_restart_policy}}
 {% include 'templates/docker/container/depends-on-just-database.yml.j2' %}
 {% include 'templates/docker/container/networks.yml.j2' %}
 
-{% include 'templates/docker/compose/volumes.yml.j2' %}
-
 {% include 'templates/docker/compose/networks.yml.j2' %}

roles/docker-keycloak/vars/main.yml

@@ -0,0 +1,3 @@
+docker_compose_project_name:  	    "keycloak"
+database_type:                      "postgres"
+database_password:  	              "{{keycloak_database_password}}"

roles/docker-ldap/README.md

@@ -4,3 +4,4 @@ Draft role for an LDAP implementation with sso.
 - [ChatGPT Conversation](https://chat.openai.com/share/77919994-5d44-4a64-877d-b572d67483d4)
 - [Discouse Documentation](https://forum.veen.world/t/cymais-ldap-implementierung-documentation/49)
 - [Setup Guide](https://goneuland.de/ldap-nextcloud-und-mailserver-in-docker/)
+- https://hub.docker.com/r/bitnami/openldap 

roles/docker-ldap/templates/docker-compose.yml.j2

@@ -1,24 +1,36 @@
+version: '2'
+
+networks:
+  my-network:
+    driver: bridge
 services:
   openldap:
-    image: osixia/openldap:1.2.4
+    image: bitnami/openldap:2
-    environment:
-      - LDAP_ORGANISATION=MeineFirma
-      - LDAP_DOMAIN=meinefirma.de
-      - LDAP_ADMIN_PASSWORD=admin
     ports:
-      - "389:389"
+      - '389:1389'
-      - "636:636"
+      - '636:1636'
-    volumes:
+    environment:
-      - ./ldap:/var/lib/ldap
+      - LDAP_ADMIN_USERNAME=admin
-      - ./ldap-slapd:/etc/ldap/slapd.d
+      - LDAP_ADMIN_PASSWORD=adminpassword
+      - LDAP_USERS=user01,user02 # Comma separated list of LDAP users to create in the default LDAP tree. Default: user01,user02
+      - LDAP_PASSWORDS=password1,password2 #Comma separated list of passwords to use for LDAP users. Default: bitnami1,bitnami2
   
-  keycloak:
+      - LDAP_ROOT=dc=example,dc=org
-    image: jboss/keycloak:latest
+      - LDAP_ADMIN_DN=cn=admin,dc=example,dc=org
-    environment:
+
-      - KEYCLOAK_USER=admin
+      - MARIADB_ROOT_PASSWORD=root-password
-      - KEYCLOAK_PASSWORD=admin
+      - MARIADB_GALERA_MARIABACKUP_PASSWORD=backup-password
-      - DB_VENDOR=h2
+      - MARIADB_USER=customuser
-    ports:
+      - MARIADB_DATABASE=customdatabase
-      - "8080:8080"
+      - MARIADB_ENABLE_LDAP=yes
-    depends_on:
+    networks:
-      - openldap
+      - my-network
+    volumes:
+      - 'openldap_data:/bitnami/openldap'
+  myapp:
+    image: 'YOUR_APPLICATION_IMAGE'
+    networks:
+      - my-network
+volumes:
+  openldap_data:
+    driver: local

roles/docker-listmonk/templates/docker-compose.yml.j2

@@ -4,7 +4,7 @@ services:
 
   application:
     restart: {{docker_restart_policy}}
-    image: listmonk/listmonk:latest
+    image: listmonk/listmonk:{{listmonk_version}}
     ports:
       - "127.0.0.1:{{http_port}}:9000"
     environment:

roles/docker-mariadb/tasks/main.yml

@@ -7,7 +7,7 @@
 - name: install MariaDB
   docker_container:
     name: central-mariadb
-    image: mariadb:latest #could lead to problems with nextcloud
+    image: "mariadb:{{mariadb_version}}" #could lead to problems with nextcloud
     detach: yes
     env:
       MARIADB_ROOT_PASSWORD:  "{{central_mariadb_root_password}}"

roles/docker-matomo/templates/docker-compose.yml.j2

@@ -5,7 +5,7 @@ services:
   application:
     logging:
       driver: journald
-    image: matomo
+    image: matomo:{{matomo_version}}
     restart: {{docker_restart_policy}}
     ports:
       - "127.0.0.1:{{http_port}}:80"

roles/docker-matrix-compose/tasks/main.yml

@@ -131,7 +131,7 @@
 
 - name: create admin account
   command:
-    cmd: docker compose exec -it synapse register_new_matrix_user -u {{matrix_admin_name}} -p {{matrix_admin_password}} -a -c /data/homeserver.yaml http://localhost:8008
+    cmd: docker compose exec -it synapse register_new_matrix_user -u {{matrix_administrator_username}} -p {{matrix_admin_password}} -a -c /data/homeserver.yaml http://localhost:8008
     chdir: "{{ docker_compose_instance_directory }}"
   ignore_errors: true
   when: mode_setup | bool

roles/docker-matrix-compose/templates/docker-compose.yml.j2

@@ -3,7 +3,7 @@ services:
 {% include 'templates/docker/services/' + database_type + '.yml.j2' %}
 
   synapse:
-    image: matrixdotorg/synapse:latest
+    image: matrixdotorg/synapse:{{matrix_synapse_version}}
     container_name: matrix-synapse
     restart: {{docker_restart_policy}}
     logging:
@@ -33,7 +33,7 @@ services:
 {% include 'templates/docker/container/networks.yml.j2' %}
     
   element:
-    image: vectorim/element-web:latest
+    image: vectorim/element-web:{{matrix_element_version}}
     container_name: matrix-element
     restart: {{docker_restart_policy}}
     volumes:

roles/docker-matrix-compose/templates/mautrix/facebook.config.yml.j2

@@ -381,7 +381,7 @@ bridge:
     permissions:
         "*": relay
         "{{matrix_server_name}}": user
-        "@{{matrix_admin_name}}:{{matrix_server_name}}": admin
+        "@{{matrix_administrator_username}}:{{matrix_server_name}}": admin
 
     relay:
         # Whether relay mode should be allowed. If allowed, `!fb set-relay` can be used to turn any

roles/docker-matrix-compose/templates/mautrix/instagram.config.yml.j2

@@ -360,7 +360,7 @@ bridge:
     permissions:
         "*": relay
         "{{matrix_server_name}}": user
-        "@{{matrix_admin_name}}:{{matrix_server_name}}": admin
+        "@{{matrix_administrator_username}}:{{matrix_server_name}}": admin
 
     relay:
         # Whether relay mode should be allowed. If allowed, `!ig set-relay` can be used to turn any

roles/docker-matrix-compose/templates/mautrix/signal.config.yml.j2

@@ -275,7 +275,7 @@ bridge:
     permissions:
         "*": relay
         "{{matrix_server_name}}": user
-        "@{{matrix_admin_name}}:{{matrix_server_name}}": admin
+        "@{{matrix_administrator_username}}:{{matrix_server_name}}": admin
 
     # Settings for relay mode
     relay:

roles/docker-matrix-compose/templates/mautrix/slack.config.yml.j2

@@ -279,7 +279,7 @@ bridge:
     permissions:
         "*": relay
         "{{matrix_server_name}}": user
-        "@{{matrix_admin_name}}:{{matrix_server_name}}": admin
+        "@{{matrix_administrator_username}}:{{matrix_server_name}}": admin
 
 # Logging config. See https://github.com/tulir/zeroconfig for details.
 logging:

roles/docker-matrix-compose/templates/mautrix/telegram.config.yml.j2

@@ -532,7 +532,7 @@ bridge:
         "*": "relaybot"
         "public.{{matrix_server_name}}": "user"
         "{{matrix_server_name}}": "full"
-        "@{{matrix_admin_name}}:{{matrix_server_name}}": "admin"
+        "@{{matrix_administrator_username}}:{{matrix_server_name}}": "admin"
 
     # Options related to the message relay Telegram bot.
     relaybot:

roles/docker-matrix-compose/templates/mautrix/whatsapp.config.yml.j2

@@ -435,7 +435,7 @@ bridge:
     permissions:
         "*": relay
         "{{matrix_server_name}}": user
-        "@{{matrix_admin_name}}:{{matrix_server_name}}": admin
+        "@{{matrix_administrator_username}}:{{matrix_server_name}}": admin
     
     # Settings for relay mode
     relay:

roles/docker-matrix-compose/templates/nginx.conf.j2

@@ -5,7 +5,6 @@ server {
     # For the federation port
     listen 8448 ssl default_server;
     listen [::]:8448 ssl default_server;
-    http2 on;
 
     {% if nginx_matomo_tracking | bool %}
         {% include 'roles/nginx-matomo-tracking/templates/matomo-tracking.conf.j2' %}

roles/docker-mediawiki/templates/docker-compose.yml.j2

@@ -2,6 +2,7 @@ services:
 
 {% include 'templates/docker/services/' + database_type + '.yml.j2' %}
       application:
+      # Seems like image tag got lost. @todo Check and implement if necessary
         log_driver: journald
         restart: "{{docker_restart_policy}}"
         depends_on:

roles/docker-moodle/templates/docker-compose.yml.j2

@@ -2,7 +2,7 @@ services:
 
 {% include 'templates/docker/services/' + database_type + '.yml.j2' %}
   moodle:
-    image: docker.io/bitnami/moodle:latest
+    image: docker.io/bitnami/moodle:{{moodle_version}}
     ports:
       - 127.0.0.1:{{http_port}}:8080
     restart: {{docker_restart_policy}}
@@ -18,9 +18,9 @@ services:
       - MOODLE_SITE_NAME="{{moodle_site_name}}"
       - MOODLE_SSLPROXY=yes
       - MOODLE_REVERSE_PROXY=yes
-      - MOODLE_USERNAME={{moodle_user_name}}
+      - MOODLE_USERNAME={{moodle_administrator_name}}
       - MOODLE_PASSWORD={{moodle_user_password}}
-      - MOODLE_EMAIL={{moodle_user_email}}
+      - MOODLE_EMAIL={{moodle_administrator_email}}
       - BITNAMI_DEBUG={% if mode_debug | bool %}true{% else %}false{% endif %} 
     volumes:
       - 'moodle:/bitnami/moodle'

roles/docker-mybb/templates/docker-compose.yml.j2

@@ -7,7 +7,7 @@ services:
       driver: journald
       options:
         tag: "mybb_application"
-    image: mybb/mybb:latest
+    image: mybb/mybb:{{mybb_version}}
     restart: {{docker_restart_policy}}
     volumes:
       - data:/var/www/html

roles/docker-pixelfed/templates/docker-compose.yml.j2

@@ -5,7 +5,7 @@ services:
 {% include 'templates/docker/services/redis.yml.j2' %}
 
   application:
-    image: zknt/pixelfed
+    image: zknt/pixelfed:{{pixelfed_version}}
     restart: {{docker_restart_policy}}
     logging:
       driver: journald
@@ -19,7 +19,7 @@ services:
 {% include 'templates/docker/container/depends-on-database-redis.yml.j2' %}
 {% include 'templates/docker/container/networks.yml.j2' %}
   worker:
-    image: zknt/pixelfed
+    image: zknt/pixelfed:{{pixelfed_version}}
     restart: {{docker_restart_policy}}
     logging:
       driver: journald

roles/docker-postgres/tasks/main.yml

@@ -7,7 +7,7 @@
 - name: Install PostgreSQL
   docker_container:
     name: central-postgres
-    image: "postgres:{{database_version}}"
+    image: "postgres:{{postgres_database_version}}"
     detach: yes
     env:
       POSTGRES_PASSWORD: "{{ central_postgres_password }}"

roles/docker-taiga/templates/docker-compose.yml.j2

@@ -41,7 +41,7 @@ services:
     restart: {{docker_restart_policy}}
     logging:
       driver: journald
-    image: taigaio/taiga-back:latest
+    image: taigaio/taiga-back:{{taiga_version}}
     environment: *default-back-environment
     volumes: *default-back-volumes
 

roles/docker-yourls/templates/docker-compose.yml.j2

@@ -5,7 +5,7 @@ services:
   application:
     logging:
       driver: journald
-    image: yourls
+    image: yourls:{{yourls_version}}
     restart: {{docker_restart_policy}}
     ports:
       - "127.0.0.1:{{http_port}}:80"
@@ -15,8 +15,8 @@ services:
       YOURLS_DB_PASS:                 "{{database_password}}"
       YOURLS_DB_NAME:                 "{{database_name}}"
       YOURLS_SITE:                    "https://{{domain}}"
-      YOURLS_USER: "{{yourls_user}}"
+      yourls_administrator_username:  "{{yourls_administrator_username}}"
-      YOURLS_PASS: "{{yourls_user_password}}"
+      YOURLS_PASS:                    "{{yourls_administrator_username_password}}"
     healthcheck:
       test: ["CMD", "curl", "-f", "http://127.0.0.1/admin/"]
       interval: 1m

roles/update-docker/files/update-docker.py

@@ -111,7 +111,7 @@ def upgrade_listmonk():
     Runs the upgrade for Listmonk
     """
     print("Starting Listmonk upgrade.")
-    run_command("docker compose run application ./listmonk --upgrade")
+    run_command('echo "y" | docker compose run -T application ./listmonk --upgrade')
     print("Upgrade complete.")
 
 def update_nextcloud():

templates/docker/services/postgres.yml.j2

@@ -1,7 +1,7 @@
 # This template needs to be included in docker-compose.yml, which depend on a postgres database
 {% if not enable_central_database | bool %}  
   database:
-    image: postgres:{{database_version}}-alpine
+    image: postgres:{{postgres_database_version}}-alpine
     container_name: {{docker_compose_project_name}}-database
     environment:
       - POSTGRES_PASSWORD={{database_password}}

vars/docker-database.yml.j2

@@ -2,4 +2,3 @@ database_instance:                  "{{ 'central-' + database_type if enable_cen
 database_host:                      "{{ 'central-' + database_type if enable_central_database | bool else 'database' }}"
 database_name:                      "{{ docker_compose_project_name }}"
 database_username:                  "{{ docker_compose_project_name }}"
-database_version:                   "{{ postgres_default_version }}"