From 064dd01508800b76002be5ca6075bfb1c29c985e Mon Sep 17 00:00:00 2001 From: Kevin Veen-Birkenbach Date: Sun, 11 May 2025 12:19:33 +0200 Subject: [PATCH] Refactored database_password and solved related bugs --- .../tasks/seed-database-to-backup.yml | 1 + roles/docker-central-database/tasks/main.yml | 4 ++++ roles/docker-central-database/vars/database.yml | 9 +++++---- roles/docker-espocrm/vars/main.yml | 2 -- roles/docker-funkwhale/vars/main.yml | 1 - roles/docker-gitea/vars/main.yml | 1 - roles/docker-gitlab/vars/main.yml | 1 - roles/docker-keycloak/vars/main.yml | 1 - roles/docker-listmonk/vars/main.yml | 1 - roles/docker-mastodon/vars/main.yml | 1 - roles/docker-matomo/vars/main.yml | 1 - roles/docker-matrix-ansible/templates/vars.yml.j2 | 2 +- roles/docker-matrix-compose/vars/main.yml | 1 - roles/docker-moodle/templates/env.j2 | 2 +- roles/docker-openproject/vars/main.yml | 1 - roles/docker-peertube/templates/env.j2 | 4 ++-- roles/docker-peertube/vars/main.yml | 3 +-- roles/docker-pgadmin/vars/main.yml | 1 - roles/docker-pixelfed/vars/main.yml | 1 - roles/docker-taiga/vars/main.yml | 1 - roles/docker-wordpress/vars/main.yml | 3 +-- roles/docker-yourls/vars/main.yml | 5 ++--- 22 files changed, 18 insertions(+), 29 deletions(-) diff --git a/roles/backup-docker-to-local/tasks/seed-database-to-backup.yml b/roles/backup-docker-to-local/tasks/seed-database-to-backup.yml index 3a917503..be060e60 100644 --- a/roles/backup-docker-to-local/tasks/seed-database-to-backup.yml +++ b/roles/backup-docker-to-local/tasks/seed-database-to-backup.yml @@ -3,6 +3,7 @@ - name: "Display all database variables" debug: msg: | + database_application_id: "{{ database_application_id | default('undefined') }}" database_instance: "{{ database_instance | default('undefined') }}" database_name: "{{ database_name | default('undefined') }}" database_type: "{{ database_type | default('undefined') }}" diff --git a/roles/docker-central-database/tasks/main.yml b/roles/docker-central-database/tasks/main.yml index dc13fbb9..7a14279d 100644 --- a/roles/docker-central-database/tasks/main.yml +++ b/roles/docker-central-database/tasks/main.yml @@ -1,3 +1,7 @@ +- name: "set _tmp_database_application_id (Needed due to lazzy loading issue)" + set_fact: + database_application_id: "{{ application_id }}" + - name: "Load database variables" include_vars: "{{ item }}" loop: diff --git a/roles/docker-central-database/vars/database.yml b/roles/docker-central-database/vars/database.yml index 0a6e163f..f848c959 100644 --- a/roles/docker-central-database/vars/database.yml +++ b/roles/docker-central-database/vars/database.yml @@ -1,7 +1,8 @@ -database_instance: "{{ 'central-' + database_type if applications | is_feature_enabled('central_database',application_id) else application_id }}" -database_host: "{{ 'central-' + database_type if applications | is_feature_enabled('central_database',application_id) else 'database' }}" -database_name: "{{ applications[application_id].database.name | default( application_id ) }}" # The overwritte configuration is needed by bigbluebutton -database_username: "{{ applications[application_id].database.username | default( application_id )}}" # The overwritte configuration is needed by bigbluebutton +database_instance: "{{ 'central-' + database_type if applications | is_feature_enabled('central_database',database_application_id) else database_application_id }}" +database_host: "{{ 'central-' + database_type if applications | is_feature_enabled('central_database',database_application_id) else 'database' }}" +database_name: "{{ applications[database_application_id].database.name | default( database_application_id ) }}" # The overwritte configuration is needed by bigbluebutton +database_username: "{{ applications[database_application_id].database.username | default( database_application_id )}}" # The overwritte configuration is needed by bigbluebutton +database_password: "{{ applications[database_application_id].credentials.database_password }}" database_port: "{{ 3306 if database_type == 'mariadb' else 5432 }}" database_env: "{{docker_compose.directories.env}}{{database_type}}.env" database_url_jdbc: "jdbc:{{ database_type if database_type == 'mariadb' else 'postgresql' }}://{{ database_host }}:{{ database_port }}/{{ database_name }}" diff --git a/roles/docker-espocrm/vars/main.yml b/roles/docker-espocrm/vars/main.yml index 2bdc9abb..fdf94800 100644 --- a/roles/docker-espocrm/vars/main.yml +++ b/roles/docker-espocrm/vars/main.yml @@ -1,5 +1,3 @@ application_id: "espocrm" -# Password for the espocrm DB user (taken from inventory applications dict) -database_password: "{{ applications[application_id].credentials.database_password }}" # EspoCRM uses MySQL/MariaDB database_type: "mariadb" \ No newline at end of file diff --git a/roles/docker-funkwhale/vars/main.yml b/roles/docker-funkwhale/vars/main.yml index a63a56a4..a6110b88 100644 --- a/roles/docker-funkwhale/vars/main.yml +++ b/roles/docker-funkwhale/vars/main.yml @@ -1,6 +1,5 @@ application_id: "funkwhale" nginx_docker_reverse_proxy_extra_configuration: "client_max_body_size 512M;" -database_password: "{{applications[application_id].credentials.database_password}}" database_type: "postgres" media_root: "/srv/funkwhale/data/" static_root: "{{media_root}}static" diff --git a/roles/docker-gitea/vars/main.yml b/roles/docker-gitea/vars/main.yml index ef2ba7c3..25d7dc20 100644 --- a/roles/docker-gitea/vars/main.yml +++ b/roles/docker-gitea/vars/main.yml @@ -1,3 +1,2 @@ application_id: "gitea" -database_password: "{{applications[application_id].credentials.database_password}}" database_type: "mariadb" \ No newline at end of file diff --git a/roles/docker-gitlab/vars/main.yml b/roles/docker-gitlab/vars/main.yml index e6820f5d..bc45f607 100644 --- a/roles/docker-gitlab/vars/main.yml +++ b/roles/docker-gitlab/vars/main.yml @@ -1,3 +1,2 @@ application_id: "gitlab" -database_password: "{{applications[application_id].credentials.database_password}}" database_type: "postgres" \ No newline at end of file diff --git a/roles/docker-keycloak/vars/main.yml b/roles/docker-keycloak/vars/main.yml index 1059f76e..580a8195 100644 --- a/roles/docker-keycloak/vars/main.yml +++ b/roles/docker-keycloak/vars/main.yml @@ -1,6 +1,5 @@ application_id: "keycloak" database_type: "postgres" -database_password: "{{applications[application_id].credentials.database_password}}" container_name: "{{application_id}}_application" realm: "{{primary_domain}}" # This is the name of the default realm which is used by the applications import_directory_host: "{{docker_compose.directories.volumes}}import/" # Directory in which keycloack import files are placed on the host diff --git a/roles/docker-listmonk/vars/main.yml b/roles/docker-listmonk/vars/main.yml index 8060ac0e..3aec8df7 100644 --- a/roles/docker-listmonk/vars/main.yml +++ b/roles/docker-listmonk/vars/main.yml @@ -1,5 +1,4 @@ application_id: "listmonk" -database_password: "{{applications[application_id].credentials.database_password}}" database_type: "postgres" listmonk_settings: diff --git a/roles/docker-mastodon/vars/main.yml b/roles/docker-mastodon/vars/main.yml index 0f50f302..9d7d2c5a 100644 --- a/roles/docker-mastodon/vars/main.yml +++ b/roles/docker-mastodon/vars/main.yml @@ -1,3 +1,2 @@ application_id: "mastodon" -database_password: "{{applications[application_id].credentials.database_password}}" database_type: "postgres" \ No newline at end of file diff --git a/roles/docker-matomo/vars/main.yml b/roles/docker-matomo/vars/main.yml index 107e478f..0f22401c 100644 --- a/roles/docker-matomo/vars/main.yml +++ b/roles/docker-matomo/vars/main.yml @@ -1,7 +1,6 @@ --- application_id: "matomo" database_type: "mariadb" -database_password: "{{ applications[application_id].credentials.database_password }}" # I don't know if this is still necessary domain: "{{ domains[application_id] }}" \ No newline at end of file diff --git a/roles/docker-matrix-ansible/templates/vars.yml.j2 b/roles/docker-matrix-ansible/templates/vars.yml.j2 index 63e8f74d..259fa5f1 100644 --- a/roles/docker-matrix-ansible/templates/vars.yml.j2 +++ b/roles/docker-matrix-ansible/templates/vars.yml.j2 @@ -52,7 +52,7 @@ devture_traefik_config_certificatesResolvers_acme_email: "{{users.administrator. # # The playbook creates additional Postgres users and databases (one for each enabled service) # using this superuser account. -devture_postgres_connection_password: "{{applications[application_id].credentials.database_password}}" +devture_postgres_connection_password: "{{database_password}}" # By default, we configure Coturn's external IP address using the value specified for `ansible_host` in your `inventory/hosts` file. # If this value is an external IP address, you can skip this section. diff --git a/roles/docker-matrix-compose/vars/main.yml b/roles/docker-matrix-compose/vars/main.yml index 9ad9840a..012963a4 100644 --- a/roles/docker-matrix-compose/vars/main.yml +++ b/roles/docker-matrix-compose/vars/main.yml @@ -1,6 +1,5 @@ --- application_id: "matrix" -database_password: "{{applications[application_id].credentials.database_password}}" database_type: "postgres" registration_file_folder: "/data/" well_known_directory: "{{nginx.directories.data.well_known}}/matrix/" diff --git a/roles/docker-moodle/templates/env.j2 b/roles/docker-moodle/templates/env.j2 index b2f46d56..0fec8ee6 100644 --- a/roles/docker-moodle/templates/env.j2 +++ b/roles/docker-moodle/templates/env.j2 @@ -2,7 +2,7 @@ MOODLE_DATABASE_HOST={{database_host}} MOODLE_DATABASE_PORT_NUMBER={{database_port}} MOODLE_DATABASE_USER={{database_username}} MOODLE_DATABASE_NAME={{database_name}} -applications[application_id].credentials.database_password={{database_password}} +MOODLE_DATABASE_PASSWORD={{database_password}} ALLOW_EMPTY_PASSWORD=no MOODLE_SITE_NAME="{{applications.moodle.site_titel}}" MOODLE_SSLPROXY=yes diff --git a/roles/docker-openproject/vars/main.yml b/roles/docker-openproject/vars/main.yml index c449b338..fd4ecbac 100644 --- a/roles/docker-openproject/vars/main.yml +++ b/roles/docker-openproject/vars/main.yml @@ -1,6 +1,5 @@ application_id: "openproject" docker_repository_address: "https://github.com/opf/openproject-deploy" -database_password: "{{ applications[application_id].credentials.database_password }}" database_type: "postgres" openproject_plugins_service: "{{docker_compose.directories.services}}plugins/" diff --git a/roles/docker-peertube/templates/env.j2 b/roles/docker-peertube/templates/env.j2 index a2d07e5f..69f1963f 100644 --- a/roles/docker-peertube/templates/env.j2 +++ b/roles/docker-peertube/templates/env.j2 @@ -1,9 +1,9 @@ # Database / Postgres service configuration POSTGRES_USER={{database_username}} -POSTGRES_PASSWORD={{applications[application_id].credentials.database_password}} +POSTGRES_PASSWORD={{database_password}} POSTGRES_DB={{database_name}} PEERTUBE_DB_USERNAME={{database_username}} -PEERTUBE_DB_PASSWORD={{applications[application_id].credentials.database_password}} +PEERTUBE_DB_PASSWORD={{database_password}} PEERTUBE_DB_SSL=false PEERTUBE_DB_HOSTNAME={{database_host}} diff --git a/roles/docker-peertube/vars/main.yml b/roles/docker-peertube/vars/main.yml index 3da08d18..cb5ec7b5 100644 --- a/roles/docker-peertube/vars/main.yml +++ b/roles/docker-peertube/vars/main.yml @@ -1,3 +1,2 @@ application_id: "peertube" -database_type: "postgres" -database_password: "{{applications[application_id].credentials.database_password}}" \ No newline at end of file +database_type: "postgres" \ No newline at end of file diff --git a/roles/docker-pgadmin/vars/main.yml b/roles/docker-pgadmin/vars/main.yml index 714bfed0..527b9421 100644 --- a/roles/docker-pgadmin/vars/main.yml +++ b/roles/docker-pgadmin/vars/main.yml @@ -1,6 +1,5 @@ application_id: "pgadmin" database_type: "postgres" database_host: "{{ 'central-' + database_type if applications | is_feature_enabled('central_database',application_id)" -database_var_file: "{{playbook_dir}}/roles/docker-central-database/vars/database.yml" pgadmin_user: 5050 pgadmin_group: "{{pgadmin_user}}" \ No newline at end of file diff --git a/roles/docker-pixelfed/vars/main.yml b/roles/docker-pixelfed/vars/main.yml index a5020ddf..f1427937 100644 --- a/roles/docker-pixelfed/vars/main.yml +++ b/roles/docker-pixelfed/vars/main.yml @@ -1,4 +1,3 @@ application_id: "pixelfed" nginx_docker_reverse_proxy_extra_configuration: "client_max_body_size 512M;" database_type: "mariadb" -database_password: "{{applications[application_id].credentials.database_password}}" diff --git a/roles/docker-taiga/vars/main.yml b/roles/docker-taiga/vars/main.yml index a9788297..248bd759 100644 --- a/roles/docker-taiga/vars/main.yml +++ b/roles/docker-taiga/vars/main.yml @@ -1,6 +1,5 @@ application_id: "taiga" database_type: "postgres" -database_password: "{{applications[application_id].credentials.database_password}}" docker_repository_address: "https://github.com/taigaio/taiga-docker" email_backend: "smtp" ## use an SMTP server or display the emails in the console (either "smtp" or "console") docker_compose_init: "{{docker_compose.directories.instance}}docker-compose-inits.yml.j2" diff --git a/roles/docker-wordpress/vars/main.yml b/roles/docker-wordpress/vars/main.yml index 39b898e9..497e9b8f 100644 --- a/roles/docker-wordpress/vars/main.yml +++ b/roles/docker-wordpress/vars/main.yml @@ -1,7 +1,6 @@ -application_id: "wordpress" +application_id: "wordpress" wordpress_max_upload_size: "64M" database_type: "mariadb" -database_password: "{{applications[application_id].credentials.database_password}}" wordpress_custom_image: "wordpress_custom" wordpress_docker_html_path: "/var/www/html" host_msmtp_conf: "{{docker_compose.directories.config}}msmtprc.conf" \ No newline at end of file diff --git a/roles/docker-yourls/vars/main.yml b/roles/docker-yourls/vars/main.yml index e5de24b7..f97d046b 100644 --- a/roles/docker-yourls/vars/main.yml +++ b/roles/docker-yourls/vars/main.yml @@ -1,3 +1,2 @@ -application_id: "yourls" -database_type: "mariadb" -database_password: "{{applications[application_id].credentials.database_password}}" \ No newline at end of file +application_id: "yourls" +database_type: "mariadb" \ No newline at end of file