Solved Matomo, Peertube, Nextcloud Bugs

2025-02-22 04:29:38 +01:00 · 2025-02-21 08:59:07 +01:00 · 2025-02-21 08:59:07 +01:00 · 0805929d41
commit 0805929d41
parent 10b2ead705
11 changed files with 33 additions and 25 deletions
--- a/group_vars/all/00_general.yml
+++ b/group_vars/all/00_general.yml
@ -10,9 +10,9 @@ primary_domain_sld:     "cymais"                                        # Second
 primary_domain:         "{{primary_domain_sld}}.{{primary_domain_tld}}" # Primary Domain of the server

 # Administrator
-administrator_username: "administrator"                                 # Username of the administrator
-administrator_email:    "{{administrator_username}}@{{primary_domain}}" # Email of the administrator
-#user_administrator_initial_password: EXAMPLE_PASSWORD_123456           # Example initialisation password needs to be set in inventory file
+administrator_username:           "administrator"                                 # Username of the administrator
+administrator_email:              "{{administrator_username}}@{{primary_domain}}" # Email of the administrator
+# administrator_initial_password: Null                                            # Example initialisation password needs to be set in inventory file

 # Test Email
 test_email:             "test@{{primary_domain}}"
--- a/group_vars/all/07_applications.yml
+++ b/group_vars/all/07_applications.yml
@ -109,7 +109,7 @@ defaults_applications:
  ldap:
    lam:
      version:                        "latest"
-      administrator_password:         "{{user_administrator_initial_password}}" # CHANGE for security reasons
+      administrator_password:         "{{administrator_initial_password}}" # CHANGE for security reasons
    openldap:
      version:                        "latest"
      network:
@ -226,12 +226,16 @@ defaults_applications:
  nextcloud:
    version:              "production"  # @see https://nextcloud.com/blog/nextcloud-release-channels-and-how-to-track-them/
    ldap_enabled:         True          # Enables LDAP by default, missing ansible setup tasks @todo setup
-#   database_password:    Null          # Needs to be set in inventory file
    oidc:
      enabled:            true          # Activate OIDC for Nextcloud
    force_import:         False         # Forces the import of the LDIF files
    database:
-      central_storage:                True
+      central_storage:    True
+    credentials:
+#     database_password:  Null          # Needs to be set in inventory file
+      administrator_username:           "{{administrator_username}}"
+      administrator_initial_passwords:  "{{administrator_initial_password}}"
+

  ## OAuth2 Proxy
  oauth2_proxy:
--- a/roles/docker-mastodon/tasks/create-domains.yml
+++ b/roles/docker-mastodon/tasks/create-domains.yml
@ -1,11 +1,9 @@
 - name: "include role receive certbot certificate"
  include_role: 
    name: nginx-https-recieve-certificate
-  vars:
-    domain: "{{domains[application_id]}}"
    
- name: configure {{domains[application_id]}}.conf
+- name: configure {{domain}}.conf
  template: 
    src:  "mastodon.conf.j2" 
-    dest: "{{nginx.directories.http.servers}}{{domains[application_id]}}.conf"
+    dest: "{{nginx.directories.http.servers}}{{domain}}.conf"
  notify: restart nginx
--- a/roles/docker-mastodon/tasks/main.yml
+++ b/roles/docker-mastodon/tasks/main.yml
@ -3,11 +3,13 @@
  include_role: 
    name: docker-central-database

- name: "include create-domains.yml"
+- name: "include create-domains.yml for mastodon"
  include_tasks: create-domains.yml
-  loop: "{{ [domain] + domains.mastodon_alternates }}"
+  loop: "{{ [domains.mastodon] + domains.mastodon_alternates }}"
  loop_control:
    loop_var: domain
+  vars:
+    http: "{{ ports.localhost.http[application_id] }}"

 - name: "copy docker-compose.yml and env file"
  include_tasks: copy-docker-compose-and-env.yml
--- a/roles/docker-nextcloud/templates/env.j2
+++ b/roles/docker-nextcloud/templates/env.j2
@ -18,5 +18,11 @@ SMTP_NAME=      {{system_email.username}}
 SMTP_PASSWORD=  {{system_email.password}}

 # Email from configuration
-MAIL_FROM_ADDRESS=no-reply
-MAIL_DOMAIN= {{system_email.domain}}
+MAIL_FROM_ADDRESS=          {{system_email.local}}
+MAIL_DOMAIN=                {{system_email.domain}}
+
+# Initial Admin Data
+NEXTCLOUD_ADMIN_USER=       {{applications.[application_id].credentials.administrator_username}}
+NEXTCLOUD_ADMIN_PASSWORD=   {{applications.[application_id].credentials.administrator_initial_password}}
+
+NEXTCLOUD_TRUSTED_DOMAINS=  {{domains[application_id]}}
--- a/roles/docker-nextcloud/vars/main.yml
+++ b/roles/docker-nextcloud/vars/main.yml
@ -1,6 +1,6 @@
 ---
 application_id:                       "nextcloud"
-database_password:  	                "{{applications.nextcloud.database_password}}"
+database_password:  	                "{{applications.nextcloud.credentials.database_password}}"
 database_type:                        "mariadb"
 nextcloud_application_container_name: "nextcloud-application"
 nextcloud_nginx_container_name:       "nextcloud-web"
--- a/roles/docker-peertube/tasks/create-domains.yml
+++ b/roles/docker-peertube/tasks/create-domains.yml
@ -1,11 +1,9 @@
 - name: "include role receive certbot certificate"
  include_role: 
    name: nginx-https-recieve-certificate
-  vars:
-    domain: "{{domains[application_id]}}"

- name: configure {{domains[application_id]}}.conf
+- name: configure {{domain}}.conf
  template: 
    src:  "templates/peertube.conf.j2"
-    dest: "{{nginx.directories.http.servers}}{{domains[application_id]}}.conf"
+    dest: "{{nginx.directories.http.servers}}{{domain}}.conf"
  notify: restart nginx
--- a/roles/docker-peertube/tasks/main.yml
+++ b/roles/docker-peertube/tasks/main.yml
@ -3,11 +3,13 @@
  include_role: 
    name: docker-central-database
  
- name: "include create-domains.yml"
+- name: "include create-domains.yml for peertube"
  include_tasks: create-domains.yml
-  loop: "{{ [domain] + domains.peertube_alternates }}"
+  loop: "{{ [domains.peertube] + domains.peertube_alternates }}"
  loop_control:
    loop_var: domain
+  vars:
+    http: "{{ ports.localhost.http[application_id] }}"

 - name: "copy docker-compose.yml and env file"
  include_tasks: copy-docker-compose-and-env.yml
--- a/roles/nginx-domain-setup/tasks/main.yml
+++ b/roles/nginx-domain-setup/tasks/main.yml
@ -13,8 +13,6 @@
 - name: "include role nginx-https-recieve-certificate for {{domain}}"
  include_role: 
    name: nginx-https-recieve-certificate
-  vars:
-    domain: "{{domain}}"

 - name: "copy nginx domain configuration to {{configuration_destination}}"
  template: 
--- a/roles/nginx-modifier-matomo/meta/main.yml
+++ b/roles/nginx-modifier-matomo/meta/main.yml
@ -1,3 +1,3 @@
 dependencies:
-  - docker-matomo
+  # - docker-matomo Don't activate this otherwise the plays take super long
  - nginx
--- a/roles/user-administrator/tasks/main.yml
+++ b/roles/user-administrator/tasks/main.yml
@ -2,7 +2,7 @@
  user:
    name: administrator
    update_password: on_create
-    password: "{{ user_administrator_initial_password | password_hash('sha512') }}"
+    password: "{{ administrator_initial_password | password_hash('sha512') }}"
    create_home: yes
    generate_ssh_key: yes
    ssh_key_type: rsa