From 0647cad07235b662282bea90648490e748141367 Mon Sep 17 00:00:00 2001 From: Kevin Veen-Birkenbach Date: Mon, 22 Jan 2024 18:53:35 +0100 Subject: [PATCH] Optimized variables, configuration and role moodle --- group_vars/all | 108 ++++++++++-------- playbook.servers.yml | 9 ++ roles/docker-akaunting/README.md | 2 +- .../templates/docker-compose.yml.j2 | 2 +- .../templates/docker-compose.yml.j2 | 22 ++-- .../templates/docker-compose.yml.j2 | 6 +- roles/docker-matrix-ansible/tasks/main.yml | 2 +- roles/docker-moodle/README.md | 4 + .../templates/docker-compose.yml.j2 | 11 +- roles/docker-nextcloud/README.md | 2 +- .../templates/docker-compose.yml.j2 | 4 +- roles/docker-pixelfed/tasks/main.yml | 2 +- tasks/seed-database-to-backup.yml | 2 +- 13 files changed, 104 insertions(+), 72 deletions(-) create mode 100644 roles/docker-moodle/README.md diff --git a/group_vars/all b/group_vars/all index 5c5cb4ef..ff8ed9fe 100644 --- a/group_vars/all +++ b/group_vars/all @@ -1,14 +1,18 @@ # General -pause_duration: "120" # Database delay to wait for the central database before continue tasks -top_domain: "localhost" # Change this in inventory to your domain -ip4_address: "127.0.0.1" # Change thie in inventory to the ip address of your server -backups_folder_path: "/Backups/" # Path to the backups folder +pause_duration: "120" # Database delay to wait for the central database before continue tasks +top_domain: "localhost" # Change this in inventory to your domain +ip4_address: "127.0.0.1" # Change thie in inventory to the ip address of your server +backups_folder_path: "/Backups/" # Path to the backups folder + +# Administrator +administrator_username: "administrator" # Username of the administrator +administrator_email: "{{administrator_username}}@{{top_domain}}" # Email of the administrator # Mode # The following modes can be combined with each other mode_reset: false # Cleans up all CyMaIS files. It's necessary to run to whole playbook and not particial roles when using this function. -mode_verbose: false # Prints well formated debug information +mode_debug: false # Prints well formated debug information mode_test: false # Executes test routines instead of productive routines mode_update: true # Executes updates mode_backup: true # Activates the backup before the update procedure @@ -111,17 +115,10 @@ nginx_upstreams_directory: "{{nginx_configuration_directory}}upstreams/" nginx_well_known_root: "/usr/share/nginx/well-known/" # Path where well-known files are stored nginx_homepage_root: "/usr/share/nginx/homepage/" # Path where the static homepage files are stored -## Docker Applications +## Domains -### Enable Central MariaDB -enable_central_database: true -enable_central_database_mailu: "{{enable_central_database}}" - -### Enable Storage Optimizer for Docker Volumes -enable_system_storage_optimizer: true - -### Domain Names for Various Services -domain_akaunting: "akaunting.{{top_domain}}" +### Service Domains +domain_akaunting: "accounting.{{top_domain}}" domain_baserow: "baserow.{{top_domain}}" domain_bigbluebutton: "meet.{{top_domain}}" domain_elk: "elk.{{top_domain}}" @@ -132,10 +129,11 @@ domain_gitlab: "gitlab.{{top_domain}}" domain_listmonk: "newsletter.{{top_domain}}" domain_mailu: "mail.{{top_domain}}" domain_mastodon: "microblog.{{top_domain}}" -domains_mastodon_alternates: [] +domains_mastodon_alternates: ["mastodon.{{top_domain}}"] domain_matomo: "matomo.{{top_domain}}" domain_matrix_synapse: "matrix.{{top_domain}}" domain_matrix_element: "element.{{top_domain}}" +domain_moodle: "academy.{{top_domain}}" domain_mediawiki: "wiki.{{top_domain}}" domain_nextcloud: "cloud.{{top_domain}}" domain_pixelfed: "picture.{{top_domain}}" @@ -147,6 +145,32 @@ domain_yourls: "s.{{top_domain}}" domain_openproject: "project.{{top_domain}}" domains_wordpress: ["wordpress.{{top_domain}}","blog.{{top_domain}}"] +### Domain Redirects +redirect_domain_mappings: +- { source: "akaunting.{{top_domain}}", target: "{{domain_akaunting}}" } +- { source: "bbb.{{top_domain}}", target: "{{domain_bigbluebutton}}" } +- { source: "discourse.{{top_domain}}", target: "{{domain_discourse}}" } +- { source: "funkwhale.{{top_domain}}", target: "{{domain_funkwhale}}" } +- { source: "gitea.{{top_domain}}", target: "{{domain_gitea}}" } +- { source: "listmonk.{{top_domain}}", target: "{{domain_listmonk}}" } +- { source: "moodle.{{top_domain}}", target: "{{domain_moodle}}" } +- { source: "nextcloud.{{top_domain}}", target: "{{domain_nextcloud}}" } +- { source: "openproject.{{top_domain}}", target: "{{domain_openproject}}" } +- { source: "peertube.{{top_domain}}", target: "{{domain_peertube}}" } +- { source: "pictures.{{top_domain}}", target: "{{domain_pixelfed}}" } +- { source: "pixelfed.{{top_domain}}", target: "{{domain_pixelfed}}" } +- { source: "short.{{top_domain}}", target: "{{domain_yourls}}" } +- { source: "videos.{{top_domain}}", target: "{{domain_peertube}}" } + +## Docker Applications + +### Enable Central MariaDB +enable_central_database: true +enable_central_database_mailu: "{{enable_central_database}}" + +### Enable Storage Optimizer for Docker Volumes +enable_system_storage_optimizer: true + ### Common Configurations postgres_default_version: "16" @@ -154,10 +178,10 @@ postgres_default_version: "16" docker_restart_policy: "unless-stopped" #### Akaunting -version_akaunting: "latest" -akaunting_company_name: "DUMMY_VALUE_NEEDS_TO_BE_CHANGED" -akaunting_company_email: "DUMMY_VALUE_NEEDS_TO_BE_CHANGED" -akaunting_setup_admin_email: "DUMMY_VALUE_NEEDS_TO_BE_CHANGED" +akaunting_version: "latest" +akaunting_company_name: "{{top_domain}}" +akaunting_company_email: "{{administrator_email}}" +akaunting_setup_admin_email: "{{administrator_email}}" #### Big Blue Button bigbluebutton_enable_greenlight: "true" @@ -166,42 +190,30 @@ bigbluebutton_enable_greenlight: "true" listmonk_admin_username: "admin" #### Mastodon -version_mastodon: "latest" +mastodon_version: "latest" mastodon_single_user_mode: false #### Matrix -matrix_admin_name: "admin" # Accountname of the matrix admin -matrix_playbook_tags: "setup-all,start" # For the initial update use: install-all,ensure-matrix-users-created,start -matrix_role: "compose" # Role to setup Matrix. Valid values: ansible, compose -matrix_server_name: "{{top_domain}}" # Adress for the account names etc. +matrix_admin_name: "{{administrator_username}}" # Accountname of the matrix admin +matrix_playbook_tags: "setup-all,start" # For the initial update use: install-all,ensure-matrix-users-created,start +matrix_role: "compose" # Role to setup Matrix. Valid values: ansible, compose +matrix_server_name: "{{top_domain}}" # Adress for the account names etc. #### Mailu -version_mailu: "2.0" -mailu_domain: "{{top_domain}}" -mailu_subnet: "192.168.203.0/24" +mailu_version: "2.0" +mailu_domain: "{{top_domain}}" +mailu_subnet: "192.168.203.0/24" + +#### Moodle +moodle_site_name: "Global Learning Academy on {{top_domain}}" +moodle_user_name: "{{administrator_username}}" +moodle_user_email: "{{administrator_email}}" #### Nextcloud -version_nextcloud: "production" # Danger: Nextcloud can't skipp major version updates. +nextcloud_version: "production" # Danger: Nextcloud can't skipp major version updates. #### Pixelfed -pixelfed_app_name: "Pictures" +pixelfed_app_name: "Pictures on {{top_domain}}" #### YOURLS -yourls_user: "admin" - - -# Routing Configurations for Domain Redirections -redirect_domain_mappings: -- { source: "bbb.{{top_domain}}", target: "{{domain_bigbluebutton}}" } -- { source: "discourse.{{top_domain}}", target: "{{domain_discourse}}" } -- { source: "funkwhale.{{top_domain}}", target: "{{domain_funkwhale}}" } -- { source: "gitea.{{top_domain}}", target: "{{domain_gitea}}" } -- { source: "listmonk.{{top_domain}}", target: "{{domain_listmonk}}" } -- { source: "mastodon.{{top_domain}}", target: "{{domain_mastodon}}" } -- { source: "nextcloud.{{top_domain}}", target: "{{domain_nextcloud}}" } -- { source: "openproject.{{top_domain}}", target: "{{domain_openproject}}" } -- { source: "peertube.{{top_domain}}", target: "{{domain_peertube}}" } -- { source: "pictures.{{top_domain}}", target: "{{domain_pixelfed}}" } -- { source: "pixelfed.{{top_domain}}", target: "{{domain_pixelfed}}" } -- { source: "short.{{top_domain}}", target: "{{domain_yourls}}" } -- { source: "videos.{{top_domain}}", target: "{{domain_peertube}}" } \ No newline at end of file +yourls_user: "{{administrator_username}}" \ No newline at end of file diff --git a/playbook.servers.yml b/playbook.servers.yml index 542ebb03..a2936dcc 100644 --- a/playbook.servers.yml +++ b/playbook.servers.yml @@ -248,6 +248,15 @@ domain: "{{domain_akaunting}}" http_port: 8025 +- name: setup moodle instance + hosts: moodle + become: true + roles: + - role: docker-moodle + vars: + domain: "{{domain_moodle}}" + http_port: 8026 + # Native Webserver Roles - name: setup nginx-homepages hosts: homepage diff --git a/roles/docker-akaunting/README.md b/roles/docker-akaunting/README.md index 0946f5b2..1cba3d80 100644 --- a/roles/docker-akaunting/README.md +++ b/roles/docker-akaunting/README.md @@ -87,7 +87,7 @@ Detailed steps for backing up your Akaunting instance, including setting manual Variables are crucial in configuring your Akaunting setup. Ensure you set the following variables correctly in your environment: - `docker_compose_instance_directory`: Set this variable to the path where your Docker Compose files for Akaunting are located. -- `akaunting_db_password`, `version_akaunting`, `akaunting_company_name`, `akaunting_company_email`, `akaunting_setup_admin_email`, and `akaunting_setup_admin_password`: These should be set in your `.env` files as per your requirements. +- `akaunting_db_password`, `akaunting_version`, `akaunting_company_name`, `akaunting_company_email`, `akaunting_setup_admin_email`, and `akaunting_setup_admin_password`: These should be set in your `.env` files as per your requirements. ### Additional Configuration - **SSL Certificate**: The guide includes steps to receive a certificate for your domain. diff --git a/roles/docker-akaunting/templates/docker-compose.yml.j2 b/roles/docker-akaunting/templates/docker-compose.yml.j2 index 780c8148..6a0dd0d7 100644 --- a/roles/docker-akaunting/templates/docker-compose.yml.j2 +++ b/roles/docker-akaunting/templates/docker-compose.yml.j2 @@ -5,7 +5,7 @@ services: {% include 'templates/docker/services/' + database_type + '.yml.j2' %} application: - image: docker.io/akaunting/akaunting:{{version_akaunting}} + image: docker.io/akaunting/akaunting:{{akaunting_version}} build: context: . ports: diff --git a/roles/docker-mailu/templates/docker-compose.yml.j2 b/roles/docker-mailu/templates/docker-compose.yml.j2 index ceace30a..18cb5ddf 100644 --- a/roles/docker-mailu/templates/docker-compose.yml.j2 +++ b/roles/docker-mailu/templates/docker-compose.yml.j2 @@ -8,7 +8,7 @@ services: # Core services resolver: - image: ghcr.io/mailu/unbound:{{version_mailu}} + image: ghcr.io/mailu/unbound:{{mailu_version}} env_file: mailu.env restart: {{docker_restart_policy}} {% include 'templates/docker/container/networks.yml.j2' %} @@ -17,7 +17,7 @@ services: driver: journald front: - image: ghcr.io/mailu/nginx:{{version_mailu}} + image: ghcr.io/mailu/nginx:{{mailu_version}} restart: {{docker_restart_policy}} env_file: mailu.env logging: @@ -44,7 +44,7 @@ services: - 192.168.203.254 admin: - image: ghcr.io/mailu/admin:{{version_mailu}} + image: ghcr.io/mailu/admin:{{mailu_version}} restart: {{docker_restart_policy}} env_file: mailu.env volumes: @@ -62,7 +62,7 @@ services: {% include 'templates/docker/container/networks.yml.j2' %} imap: - image: ghcr.io/mailu/dovecot:{{version_mailu}} + image: ghcr.io/mailu/dovecot:{{mailu_version}} restart: {{docker_restart_policy}} env_file: mailu.env volumes: @@ -78,7 +78,7 @@ services: {% include 'templates/docker/container/networks.yml.j2' %} smtp: - image: ghcr.io/mailu/postfix:{{version_mailu}} + image: ghcr.io/mailu/postfix:{{mailu_version}} restart: {{docker_restart_policy}} env_file: mailu.env volumes: @@ -94,7 +94,7 @@ services: {% include 'templates/docker/container/networks.yml.j2' %} oletools: - image: ghcr.io/mailu/oletools:{{version_mailu}} + image: ghcr.io/mailu/oletools:{{mailu_version}} hostname: oletools restart: {{docker_restart_policy}} depends_on: @@ -105,7 +105,7 @@ services: noinet: antispam: - image: ghcr.io/mailu/rspamd:{{version_mailu}} + image: ghcr.io/mailu/rspamd:{{mailu_version}} restart: {{docker_restart_policy}} env_file: mailu.env volumes: @@ -127,7 +127,7 @@ services: # Optional services antivirus: - image: ghcr.io/mailu/clamav:{{version_mailu}} + image: ghcr.io/mailu/clamav:{{mailu_version}} restart: {{docker_restart_policy}} env_file: mailu.env volumes: @@ -141,7 +141,7 @@ services: {% include 'templates/docker/container/networks.yml.j2' %} webdav: - image: ghcr.io/mailu/radicale:{{version_mailu}} + image: ghcr.io/mailu/radicale:{{mailu_version}} restart: {{docker_restart_policy}} env_file: mailu.env volumes: @@ -156,7 +156,7 @@ services: radicale: fetchmail: - image: ghcr.io/mailu/fetchmail:{{version_mailu}} + image: ghcr.io/mailu/fetchmail:{{mailu_version}} volumes: - "admin_data:/data" restart: {{docker_restart_policy}} @@ -173,7 +173,7 @@ services: {% include 'templates/docker/container/networks.yml.j2' %} webmail: - image: ghcr.io/mailu/webmail:{{version_mailu}} + image: ghcr.io/mailu/webmail:{{mailu_version}} restart: {{docker_restart_policy}} env_file: mailu.env volumes: diff --git a/roles/docker-mastodon/templates/docker-compose.yml.j2 b/roles/docker-mastodon/templates/docker-compose.yml.j2 index ae34b5df..58aef252 100644 --- a/roles/docker-mastodon/templates/docker-compose.yml.j2 +++ b/roles/docker-mastodon/templates/docker-compose.yml.j2 @@ -6,7 +6,7 @@ services: {% include 'templates/docker/services/' + database_type + '.yml.j2' %} web: - image: ghcr.io/mastodon/mastodon:{{version_mastodon}} + image: ghcr.io/mastodon/mastodon:{{mastodon_version}} restart: {{docker_restart_policy}} env_file: .env.production command: bash -c "rm -f /mastodon/tmp/pids/server.pid; bundle exec rails s -p 3000" @@ -22,7 +22,7 @@ services: {% include 'templates/docker/container/networks.yml.j2' %} streaming: - image: ghcr.io/mastodon/mastodon:{{version_mastodon}} + image: ghcr.io/mastodon/mastodon:{{mastodon_version}} restart: {{docker_restart_policy}} env_file: .env.production command: node ./streaming @@ -36,7 +36,7 @@ services: {% include 'templates/docker/container/networks.yml.j2' %} sidekiq: - image: ghcr.io/mastodon/mastodon:{{version_mastodon}} + image: ghcr.io/mastodon/mastodon:{{mastodon_version}} restart: {{docker_restart_policy}} env_file: .env.production command: bundle exec sidekiq diff --git a/roles/docker-matrix-ansible/tasks/main.yml b/roles/docker-matrix-ansible/tasks/main.yml index c8196e59..db177a1d 100644 --- a/roles/docker-matrix-ansible/tasks/main.yml +++ b/roles/docker-matrix-ansible/tasks/main.yml @@ -68,7 +68,7 @@ - name: show variable information debug: msg: "hosts_path: {{hosts_path}}\nmatrix_inventory_tmp_dir:{{ matrix_inventory_tmp_dir }}" - when: mode_verbose | bool + when: mode_debug | bool - name: install requirements local_action: command just roles diff --git a/roles/docker-moodle/README.md b/roles/docker-moodle/README.md new file mode 100644 index 00000000..795147fb --- /dev/null +++ b/roles/docker-moodle/README.md @@ -0,0 +1,4 @@ +# role docker-moodle + +## further information +- https://github.com/bitnami/containers/tree/main/bitnami/moodle \ No newline at end of file diff --git a/roles/docker-moodle/templates/docker-compose.yml.j2 b/roles/docker-moodle/templates/docker-compose.yml.j2 index ba82a2c5..88cfcc49 100644 --- a/roles/docker-moodle/templates/docker-compose.yml.j2 +++ b/roles/docker-moodle/templates/docker-compose.yml.j2 @@ -4,14 +4,21 @@ services: moodle: image: docker.io/bitnami/moodle:latest ports: - - '80:8080' - - '443:8443' + - 127.0.0.1:{{http_port}}:80 environment: - MOODLE_DATABASE_HOST={{database_host}} - MOODLE_DATABASE_PORT_NUMBER=3306 - MOODLE_DATABASE_USER={{database_username}} - MOODLE_DATABASE_NAME={{database_name}} + - MOODLE_DATABASE_PASSWORD={{database_password}} - ALLOW_EMPTY_PASSWORD=no + - MOODLE_SITE_NAME="{{moodle_site_name}}" + - MOODLE_SSLPROXY=yes + - MOODLE_REVERSE_PROXY=yes + - MOODLE_USERNAME={{moodle_user_name}} + - MOODLE_PASSWORD={{moodle_user_password}} + - MOODLE_EMAIL={{moodle_user_email}} + - BITNAMI_DEBUG={% if mode_debug | bool %}true{% else %}false{% endif %} volumes: - 'moodle:/bitnami/moodle' - 'data:/bitnami/moodledata' diff --git a/roles/docker-nextcloud/README.md b/roles/docker-nextcloud/README.md index f5d8b3c7..24c7ede7 100644 --- a/roles/docker-nextcloud/README.md +++ b/roles/docker-nextcloud/README.md @@ -21,7 +21,7 @@ To update the nextcloud container execute the following commands on the server: docker-compose down ``` -Afterwards update the ***version_nextcloud*** variable to the next version and run the this repository with this ansible role. +Afterwards update the ***nextcloud_version*** variable to the next version and run the this repository with this ansible role. It is only possible to update from one to the next major version at a time diff --git a/roles/docker-nextcloud/templates/docker-compose.yml.j2 b/roles/docker-nextcloud/templates/docker-compose.yml.j2 index a56700ba..80c659d2 100644 --- a/roles/docker-nextcloud/templates/docker-compose.yml.j2 +++ b/roles/docker-nextcloud/templates/docker-compose.yml.j2 @@ -7,7 +7,7 @@ services: {% include 'templates/docker/services/' + database_type + '.yml.j2' %} application: - image: "nextcloud:{{version_nextcloud}}-fpm-alpine" + image: "nextcloud:{{nextcloud_version}}-fpm-alpine" container_name: nextcloud-application restart: {{docker_restart_policy}} logging: @@ -43,7 +43,7 @@ services: cron: container_name: nextcloud-cron - image: "nextcloud:{{version_nextcloud}}-fpm-alpine" + image: "nextcloud:{{nextcloud_version}}-fpm-alpine" restart: {{docker_restart_policy}} logging: driver: journald diff --git a/roles/docker-pixelfed/tasks/main.yml b/roles/docker-pixelfed/tasks/main.yml index 3507b873..22e0125b 100644 --- a/roles/docker-pixelfed/tasks/main.yml +++ b/roles/docker-pixelfed/tasks/main.yml @@ -11,7 +11,7 @@ - name: add env template: - src: env.j2 + src: env.j2 dest: "{{docker_compose_instance_directory}}env" mode: '770' force: yes diff --git a/tasks/seed-database-to-backup.yml b/tasks/seed-database-to-backup.yml index 736d7ec7..f348f307 100644 --- a/tasks/seed-database-to-backup.yml +++ b/tasks/seed-database-to-backup.yml @@ -5,7 +5,7 @@ database_name: "{{ database_name | default('undefined') }}" database_username: "{{ database_username | default('undefined') }}" database_password: "{{ database_password | default('undefined') }}" - when: mode_verbose | bool + when: mode_debug | bool - name: seed database values command: