Continued snipe-it implementation

2025-02-21 12:09:39 +01:00 · 2025-02-05 11:44:11 +01:00 · 2025-02-05 11:44:11 +01:00 · 26942a9265
commit 26942a9265
parent e98d18f369
18 changed files with 57 additions and 41 deletions
--- a/group_vars/all/02_system_email.yml
+++ b/group_vars/all/02_system_email.yml
@ -4,7 +4,7 @@ default_system_email:
  domain:    "{{primary_domain}}"
  username:  "no-reply@{{primary_domain}}"
  host:      "mail.{{primary_domain}}"
-  smtp_port: 465
+  port:      465
  tls:       true
  start_tls: false
  from:      "no-reply@{{primary_domain}}"
--- a/roles/docker-baserow/templates/env.j2
+++ b/roles/docker-baserow/templates/env.j2
@ -4,7 +4,7 @@ BASEROW_PUBLIC_URL=https://{{ domain }}
 # Email Server Configuration
 EMAIL_SMTP={{ system_email.smtp | upper }}
 EMAIL_SMTP_HOST={{ system_email.host }}
-EMAIL_SMTP_PORT={{ system_email.smtp_port }}
+EMAIL_SMTP_PORT={{ system_email.port }}
 EMAIL_SMTP_USER={{system_email.username}}
 EMAIL_SMTP_PASSWORD={{ system_email.password }}
 EMAIL_SMTP_USE_TLS={{ system_email.tls | upper }}
--- a/roles/docker-bigbluebutton/templates/env.j2
+++ b/roles/docker-bigbluebutton/templates/env.j2
@ -204,7 +204,7 @@ ALLOW_GREENLIGHT_ACCOUNTS=true

 SMTP_SERVER={{system_email.host}}
 SMTP_DOMAIN={{domain}}
-SMTP_PORT={{system_email.smtp_port}}
+SMTP_PORT={{system_email.port}}
 SMTP_USERNAME={{system_email.username}}
 SMTP_PASSWORD={{system_email.password}}
 SMTP_AUTH=plain
--- a/roles/docker-bluesky/templates/docker-compose.yml.j2
+++ b/roles/docker-bluesky/templates/docker-compose.yml.j2
@ -16,7 +16,7 @@ services:
      PDS_ADMIN_PASSWORD: "{{bluesky_pds_admin_password}}"
      PDS_PLC_ROTATION_KEY_K256_PRIVATE_KEY_HEX: "{{bluesky_pds_plc_rotation_key_k256_private_key_hex}}"
      PDS_CRAWLERS: https://bsky.network
-      PDS_EMAIL_SMTP_URL: smtps://{{system_email.username}}:{{system_email.password}}@{{system_email.host}}:{{system_email.smtp_port}}/
+      PDS_EMAIL_SMTP_URL: smtps://{{system_email.username}}:{{system_email.password}}@{{system_email.host}}:{{system_email.port}}/
      PDS_EMAIL_FROM_ADDRESS: {{system_email.from}}
      LOG_ENABLED: true
      PDS_BLOBSTORE_DISK_LOCATION: /opt/pds/blocks
--- a/roles/docker-central-database/tasks/main.yml
+++ b/roles/docker-central-database/tasks/main.yml
@ -7,11 +7,14 @@
 - name: "load variables from {{ role_path }}/vars/database.yml for whole play"
  include_vars: "{{ role_path }}/vars/database.yml"

+# The following env file will just be used from the dedicated mariadb container
+# and not the central-mariadb-database
 - name: "create {{database_env}}"
  template: 
    src: "env/{{database_type}}.env.j2"
    dest: "{{database_env}}"
  notify: docker compose project build and setup
+  when: not enable_central_database | bool

 - name: create central database
  include_role:
--- a/roles/docker-discourse/templates/discourse_application.yml.j2
+++ b/roles/docker-discourse/templates/discourse_application.yml.j2
@ -53,7 +53,7 @@ env:
  # SMTP ADDRESS, username, and password are required
  # WARNING the char '#' in SMTP password can cause problems!
  DISCOURSE_SMTP_ADDRESS:           {{ system_email.host }}
-  DISCOURSE_SMTP_PORT:              {{ system_email.smtp_port }}
+  DISCOURSE_SMTP_PORT:              {{ system_email.port }}
  DISCOURSE_SMTP_USER_NAME:         {{system_email.username}}
  DISCOURSE_SMTP_PASSWORD:          {{ system_email.password }}
  DISCOURSE_SMTP_ENABLE_START_TLS:  {{ system_email.start_tls | upper }}
--- a/roles/docker-friendica/templates/env.j2
+++ b/roles/docker-friendica/templates/env.j2
@ -17,7 +17,7 @@ MYSQL_PASSWORD= {{database_password}}
 # Email Configuration
 SMTP=           {{system_email.host}}
 SMTP_DOMAIN=    {{system_email.domain}}
-SMTP_PORT=      {{system_email.smtp_port}}
+SMTP_PORT=      {{system_email.port}}
 SMTP_AUTH_USER= {{system_email.username}}
 SMTP_AUTH_PASS= {{system_email.password}}
 SMTP_TLS=       {{ 'on' if system_email.tls else 'off' }}
--- a/roles/docker-funkwhale/templates/env.j2
+++ b/roles/docker-funkwhale/templates/env.j2
@ -59,7 +59,7 @@ LOGLEVEL=error
 # (returns `noreply%40youremail.host`)
 # EMAIL_CONFIG=smtp://user:password@youremail.host:25
 # EMAIL_CONFIG=smtp+ssl://user:password@youremail.host:465
-EMAIL_CONFIG=smtp+tls://{{system_email.local}}:{{system_email.password}}@{{system_email.host}}:{{system_email.smtp_port}}
+EMAIL_CONFIG=smtp+tls://{{system_email.local}}:{{system_email.password}}@{{system_email.host}}:{{system_email.port}}

 # Make e-mail verification mandatory before using the service
 # Doesn't apply to admins.
--- a/roles/docker-mastodon/templates/env.j2
+++ b/roles/docker-mastodon/templates/env.j2
@ -17,7 +17,7 @@ REDIS_PORT=6379
 REDIS_PASSWORD=

 SMTP_SERVER={{system_email.host}}
-SMTP_PORT={{system_email.smtp_port}}
+SMTP_PORT={{system_email.port}}
 SMTP_LOGIN={{system_email.username}}
 SMTP_PASSWORD={{system_email.password}}
 SMTP_AUTH_METHOD=plain
--- a/roles/docker-matrix-compose/templates/synapse/homeserver.yaml.j2
+++ b/roles/docker-matrix-compose/templates/synapse/homeserver.yaml.j2
@ -32,7 +32,7 @@ admin_contact: 'mailto:{{administrator_email}}'

 email:
  smtp_host:                    "{{system_email.host}}"
-  smtp_port:                    "{{system_email.smtp_port}}"
+  smtp_port:                    "{{system_email.port}}"
  smtp_user:                    "{{system_email.from}}"
  smtp_pass:                    "{{system_email.password}}"
  #force_tls:                    true
--- a/roles/docker-nextcloud/templates/env.j2
+++ b/roles/docker-nextcloud/templates/env.j2
@ -12,7 +12,7 @@ PHP_MEMORY_LIMIT= 1G # Required for plugin duplicate finder
 # Email Configuration
 SMTP_HOST=      {{system_email.host}}
 SMTP_SECURE=    {{ 'ssl' if system_email.tls else '' }}
-SMTP_PORT=      {{system_email.smtp_port}}
+SMTP_PORT=      {{system_email.port}}
 SMTP_NAME=      {{system_email.username}}
 SMTP_PASSWORD=  {{system_email.password}}

--- a/roles/docker-peertube/templates/env.j2
+++ b/roles/docker-peertube/templates/env.j2
@ -17,7 +17,7 @@ PEERTUBE_SECRET={{peertube_secret}}
 PEERTUBE_SMTP_USERNAME={{system_email.username}}
 PEERTUBE_SMTP_PASSWORD={{system_email.password}}
 PEERTUBE_SMTP_HOSTNAME={{system_email.host}}
-PEERTUBE_SMTP_PORT={{system_email.smtp_port}}
+PEERTUBE_SMTP_PORT={{system_email.port}}
 PEERTUBE_SMTP_FROM={{system_email.from}}
 PEERTUBE_SMTP_TLS={{ system_email.tls | lower }}
 PEERTUBE_SMTP_DISABLE_STARTTLS={{ 'false' if system_email.start_tls else 'true' }}
--- a/roles/docker-pixelfed/templates/env.j2
+++ b/roles/docker-pixelfed/templates/env.j2
@ -4,7 +4,7 @@ APP_KEY={{pixelfed_app_key}}
 ## General Settings
 APP_NAME="{{applications.pixelfed.titel}}"
 APP_ENV=production
-APP_DEBUG=false
+APP_DEBUG={{mode_debug | string | lower }}
 APP_URL=https://{{domain}}
 APP_DOMAIN="{{domain}}"
 ADMIN_DOMAIN="{{domain}}"
@ -47,7 +47,7 @@ RESTRICTED_INSTANCE=false
 ## Mail
 MAIL_DRIVER=log
 MAIL_HOST={{system_email.host}}
-MAIL_PORT={{system_email.smtp_port}}
+MAIL_PORT={{system_email.port}}
 MAIL_FROM_ADDRESS="{{system_email.from}}"
 MAIL_FROM_NAME="Pixelfed"
 MAIL_USERNAME={{system_email.username}}
@ -60,7 +60,7 @@ MAIL_ENCRYPTION={{ 'ssl' if system_email.start_tls else 'tls' }}
 DB_CONNECTION=mysql
 DB_DATABASE={{database_name}}
 DB_HOST={{database_host}}
-DB_PASSWORD="{{pixelfed_database_password}}"
+DB_PASSWORD="{{database_password}}"
 DB_PORT="{{database_port}}"
 DB_USERNAME={{database_username}}

--- a/roles/docker-snipe_it/tasks/main.yml
+++ b/roles/docker-snipe_it/tasks/main.yml
@ -6,10 +6,16 @@
 - name: "include tasks nginx-docker-proxy-domain.yml"
  include_tasks: nginx-docker-proxy-domain.yml

- name: create .env
-  template: src=env.j2 dest={{docker_compose.directories.instance}}/.env
+- name: "create {{docker_compose.files.docker_compose}}"
+  template:
+    src:	"docker-compose.yml.j2"
+    dest:	"{{docker_compose.files.docker_compose}}"
  notify: docker compose project setup

- name: add docker-compose.yml
-  template: src=docker-compose.yml.j2 dest={{docker_compose.directories.instance}}docker-compose.yml
+- name: "create {{docker_compose.files.env}}"
+  template: 
+    src:  "env.j2" 
+    dest: "{{docker_compose.files.env}}"
+    mode: '770'
+    force: yes
  notify: docker compose project setup
--- a/roles/docker-snipe_it/templates/env.j2
+++ b/roles/docker-snipe_it/templates/env.j2
@ -2,10 +2,10 @@
 # REQUIRED: BASIC APP SETTINGS
 # --------------------------------------------
 APP_ENV=production
-APP_DEBUG=false
+APP_DEBUG={{mode_debug | string | lower }}
 # Please regenerate the APP_KEY value by calling `docker compose run --rm app php artisan key:generate --show`. Copy paste the value here
-APP_KEY=base64:3ilviXqB9u6DX1NRcyWGJ+sjySF+H18CPDGb3+IVwMQ=
-APP_URL=https://{{domain}}
+APP_KEY={{applications.snipe_it.app_key}}
+APP_URL=http://{{domain}}
 # https://en.wikipedia.org/wiki/List_of_tz_database_time_zones - TZ identifier
 APP_TIMEZONE='{{timezone}}'
 APP_LOCALE={{locale}}
@ -25,13 +25,15 @@ DB_HOST={{database_host}}
 DB_PORT={{database_port}}
 DB_DATABASE={{database_name}}
 DB_USERNAME={{database_username}}
-DB_PASSWORD={{pixelfed_database_password}}
-#MYSQL_ROOT_PASSWORD=
-#DB_PREFIX=null
-#DB_DUMP_PATH='/usr/bin'
-#DB_CHARSET=utf8mb4
-#DB_COLLATION=utf8mb4_unicode_ci
+DB_PASSWORD={{database_password}}

+{% if not enable_central_database | bool %}
+MYSQL_ROOT_PASSWORD={{database_password}}
+DB_PREFIX=null
+DB_DUMP_PATH='/usr/bin'
+DB_CHARSET=utf8mb4
+DB_COLLATION=utf8mb4_unicode_ci
+{% endif %}
 # --------------------------------------------
 # OPTIONAL: SSL DATABASE SETTINGS
 # --------------------------------------------
@ -47,14 +49,14 @@ DB_SSL_VERIFY_SERVER=null
 # REQUIRED: OUTGOING MAIL SERVER SETTINGS
 # --------------------------------------------
 MAIL_MAILER             =   smtp
-MAIL_HOST               =   {{system_email.host}}                                       # SMTP server address
-MAIL_PORT               =   {{system_email.host}}                                       # SMTP server address
-MAIL_USERNAME           =   {{system_email.username}}                                   # user to connect the SMTP server
-MAIL_PASSWORD           =   {{system_email.password}}                                   # SMTP user's password
-MAIL_TLS_VERIFY_PEER    =   EMAIL_USE_TLS={{ system_email.tls | lower | capitalize }}   # use TLS (secure) connection with the SMTP server
-MAIL_FROM_ADDR          =   {{system_email.from}}                                       # default email address for the automated emails
+MAIL_HOST               =   {{system_email.host}}                       # SMTP server address
+MAIL_PORT               =   {{system_email.port}}                       # SMTP server address
+MAIL_USERNAME           =   {{system_email.username}}                   # user to connect the SMTP server
+MAIL_PASSWORD           =   {{system_email.password}}                   # SMTP user's password
+MAIL_TLS_VERIFY_PEER    =   {{ system_email.tls | lower | capitalize }} # use TLS (secure) connection with the SMTP server
+MAIL_FROM_ADDR          =   {{system_email.from}}                       # default email address for the automated emails
 MAIL_FROM_NAME          =   'Snipe-IT'
-MAIL_REPLYTO_ADDR       =   {{system_email.from}}                                       # default email address for the automated emails
+MAIL_REPLYTO_ADDR       =   {{system_email.from}}                       # default email address for the automated emails
 MAIL_REPLYTO_NAME       =   'Snipe-IT'
 MAIL_AUTO_EMBED_METHOD  =   'attachment'

@ -94,7 +96,7 @@ API_TOKEN_EXPIRATION_YEARS=40
 APP_TRUSTED_PROXIES=172.17.0.1  # Docker Gateway
 ALLOW_IFRAMING=false
 REFERRER_POLICY=same-origin
-ENABLE_CSP=true
+ENABLE_CSP=false
 CORS_ALLOWED_ORIGINS=null
 ENABLE_HSTS=false               # Certificates managed by nginx

@ -160,7 +162,7 @@ LOG_CHANNEL=stderr
 LOG_MAX_DAYS=10
 APP_LOCKED=false
 APP_CIPHER=AES-256-CBC
-APP_FORCE_TLS=false
+APP_FORCE_TLS=true
 GOOGLE_MAPS_API=
 LDAP_MEM_LIM=500M
 LDAP_TIME_LIM=600
--- a/roles/docker-snipe_it/vars/main.yml
+++ b/roles/docker-snipe_it/vars/main.yml
@ -1,3 +1,8 @@
-application_id:     "snipe_it"
-database_password:  "{{applications.snipe_it.database_password}}"
-database_type:      "mariadb"
+application_id:           "snipe_it"
+database_password:        "{{applications.snipe_it.database_password}}"
+database_type:            "mariadb"
+
+# deactivated due to error
+# SQLSTATE[42000]: Syntax error or access violation: 1067 Invalid default value for 'locale'
+# alter table `users` add `locale` varchar(5) null default 'locale'
+enable_central_database:  false
--- a/roles/docker-taiga/templates/env.j2
+++ b/roles/docker-taiga/templates/env.j2
@ -18,7 +18,7 @@ POSTGRES_HOST       =   "{{database_host}}"
 # Taiga's SMTP settings - Variables to send Taiga's emails to the users
 EMAIL_BACKEND       =   "{{email_backend}}"          # use an SMTP server or display the emails in the console (either "smtp" or "console")
 EMAIL_HOST          =   "{{system_email.host}}"      # SMTP server address
-EMAIL_PORT          =   "{{system_email.smtp_port}}" # default SMTP port
+EMAIL_PORT          =   "{{system_email.port}}" # default SMTP port
 EMAIL_HOST_USER     =   "{{system_email.username}}"  # user to connect the SMTP server
 EMAIL_HOST_PASSWORD =   "{{system_email.password}}"  # SMTP user's password
 EMAIL_DEFAULT_FROM  =   "{{system_email.from}}"      # default email address for the automated emails
--- a/roles/systemd-notifier-email/templates/msmtprc.conf.j2
+++ b/roles/systemd-notifier-email/templates/msmtprc.conf.j2
@ -12,7 +12,7 @@ tls            off

 account        system_email
 host           {{system_email.host}}
-port           {{system_email.smtp_port}}
+port           {{system_email.port}}
 from           {{system_email.from}}
 user           {{system_email.username}}
 password       {{system_email.password}}