From 2db5f758881cc541e6f1b0870f37dacb4b60bf4f Mon Sep 17 00:00:00 2001 From: Kevin Veen-Birkenbach Date: Sun, 20 Jul 2025 10:26:09 +0200 Subject: [PATCH] Changed snipe-it to web-app-snipe-it and additional optimations --- group_vars/all/09_ports.yml | 4 ++-- group_vars/all/10_networks.yml | 2 +- roles/web-app-snipe-it/config/main.yml | 12 +++++++--- roles/web-app-snipe-it/tasks/ldap.yml | 22 +++++++++---------- roles/web-app-snipe-it/tasks/main.yml | 1 - .../templates/docker-compose.yml.j2 | 9 +++++++- roles/web-app-snipe-it/vars/main.yml | 9 ++++++-- 7 files changed, 38 insertions(+), 21 deletions(-) diff --git a/group_vars/all/09_ports.yml b/group_vars/all/09_ports.yml index e106317d..f199391a 100644 --- a/group_vars/all/09_ports.yml +++ b/group_vars/all/09_ports.yml @@ -17,7 +17,7 @@ ports: phpldapadmin: 4186 fusiondirectory: 4187 web-app-gitea: 4188 - snipe-it: 4189 + web-app-snipe-it: 4189 ldap: svc-db-openldap: 389 http: @@ -56,7 +56,7 @@ ports: web-app-keycloak: 8032 web-app-lam: 8033 web-app-phpmyadmin: 8034 - snipe-it: 8035 + web-app-snipe-it: 8035 sphinx: 8036 phpldapadmin: 8037 fusiondirectory: 8038 diff --git a/group_vars/all/10_networks.yml b/group_vars/all/10_networks.yml index 1670f593..22f70d11 100644 --- a/group_vars/all/10_networks.yml +++ b/group_vars/all/10_networks.yml @@ -62,7 +62,7 @@ defaults_networks: subnet: 192.168.102.128/28 pgadmin: subnet: 192.168.102.144/28 - snipe-it: + web-app-snipe-it: subnet: 192.168.102.160/28 taiga: subnet: 192.168.102.176/28 diff --git a/roles/web-app-snipe-it/config/main.yml b/roles/web-app-snipe-it/config/main.yml index 21d99c0f..957a17c9 100644 --- a/roles/web-app-snipe-it/config/main.yml +++ b/roles/web-app-snipe-it/config/main.yml @@ -1,8 +1,7 @@ -version: "latest" features: matomo: true css: false - port-ui-desktop: true + port-ui-desktop: true central_database: true ldap: true oauth2: true @@ -32,4 +31,11 @@ docker: redis: enabled: true database: - enabled: true \ No newline at end of file + enabled: true + snipe-it: + version: "latest" + name: "snipe-it" + image: "grokability/snipe-it" + volumes: + data: "snipe-it_data" + \ No newline at end of file diff --git a/roles/web-app-snipe-it/tasks/ldap.yml b/roles/web-app-snipe-it/tasks/ldap.yml index 03603c63..ff20b822 100644 --- a/roles/web-app-snipe-it/tasks/ldap.yml +++ b/roles/web-app-snipe-it/tasks/ldap.yml @@ -15,30 +15,30 @@ - name: "Debug: show APP_KEY in container shell" shell: | docker-compose exec -T \ - -u www-data \ + -u {{ snipe_it_user }} \ -e XDG_CONFIG_HOME=/tmp \ -e APP_KEY='{{ applications | get_app_conf(application_id, 'credentials.app_key', True) }}' \ application \ sh -c 'echo "SHELL sees APP_KEY=$APP_KEY"' args: - chdir: "/opt/docker/snipe-it/" + chdir: "{{ docker_compose.directories.instance }}" - name: "Debug: show APP_KEY in container shell" shell: | - docker-compose exec -T -u www-data \ + docker-compose exec -T -u {{ snipe_it_user }} \ -e XDG_CONFIG_HOME=/tmp \ -e APP_KEY="{{ applications | get_app_conf(application_id, 'credentials.app_key', True) }}" \ application \ php artisan tinker --execute="echo 'CONFIG app.key: ' . config('app.key') . PHP_EOL;" args: - chdir: "/opt/docker/snipe-it/" + chdir: "{{ docker_compose.directories.instance }}" -- name: "Set all LDAP settings via Laravel Setting model (inside container as www-data)" +- name: "Set all LDAP settings via Laravel Setting model (inside container as {{ snipe_it_user }})" shell: | docker-compose exec -T \ -e APP_KEY='{{ applications | get_app_conf(application_id, 'credentials.app_key', True) }}' \ -e XDG_CONFIG_HOME=/tmp \ - -u www-data application \ + -u {{ snipe_it_user }} application \ sh -c 'php artisan tinker << "EOF" $s = \App\Models\Setting::getSettings(); $s->ldap_enabled = 1; @@ -74,7 +74,7 @@ - name: Encrypt & save LDAP bind password via Crypt + DB façade shell: | docker-compose exec -T \ - -u www-data \ + -u {{ snipe_it_user }} \ -e APP_KEY="{{ applications | get_app_conf(application_id, 'credentials.app_key', True) }}" \ -e XDG_CONFIG_HOME=/tmp \ application \ @@ -93,14 +93,14 @@ echo 'Stored: ' . \$encrypted . PHP_EOL; " args: - chdir: "/opt/docker/snipe-it/" + chdir: "{{ docker_compose.directories.instance }}" register: ldap_encrypt failed_when: ldap_encrypt.rc != 0 -- name: "Clear Laravel config & cache (inside container as www-data)" +- name: "Clear Laravel config & cache (inside container as {{ snipe_it_user }})" shell: | - docker-compose exec -T -u www-data application php artisan config:clear - docker-compose exec -T -u www-data application php artisan cache:clear + docker-compose exec -T -u {{ snipe_it_user }} application php artisan config:clear + docker-compose exec -T -u {{ snipe_it_user }} application php artisan cache:clear args: chdir: "{{ docker_compose.directories.instance }}" notify: docker compose up \ No newline at end of file diff --git a/roles/web-app-snipe-it/tasks/main.yml b/roles/web-app-snipe-it/tasks/main.yml index dbb5cf5c..9e10a6e9 100644 --- a/roles/web-app-snipe-it/tasks/main.yml +++ b/roles/web-app-snipe-it/tasks/main.yml @@ -3,7 +3,6 @@ include_role: name: cmp-db-docker-proxy - - name: "Configure Snipe-IT LDAP settings" import_tasks: ldap.yml when: applications | get_app_conf(application_id, 'features.ldap', False) diff --git a/roles/web-app-snipe-it/templates/docker-compose.yml.j2 b/roles/web-app-snipe-it/templates/docker-compose.yml.j2 index 417983b0..fd5fd681 100644 --- a/roles/web-app-snipe-it/templates/docker-compose.yml.j2 +++ b/roles/web-app-snipe-it/templates/docker-compose.yml.j2 @@ -1,8 +1,11 @@ {% include 'roles/docker-compose/templates/base.yml.j2' %} +# Container Configuration + application: {% set container_port = 80 %} - image: grokability/snipe-it:{{applications | get_app_conf(application_id, 'version', True)}} + image: "{{ snipe_it_image }}:{{ snipe_it_version }}" + container_name: "{{ snipe_it_container }}" {% include 'roles/docker-container/templates/base.yml.j2' %} volumes: - data:/var/lib/snipeit @@ -11,8 +14,12 @@ {% include 'roles/docker-container/templates/depends_on/dmbs_excl.yml.j2' %} {% include 'roles/docker-container/templates/networks.yml.j2' %} {% include 'roles/docker-container/templates/healthcheck/tcp.yml.j2' %} + +# Compose Configuration + {% include 'roles/docker-compose/templates/volumes.yml.j2' %} redis: data: + name: "{{ snipe_it_volume }}" {% include 'roles/docker-compose/templates/networks.yml.j2' %} diff --git a/roles/web-app-snipe-it/vars/main.yml b/roles/web-app-snipe-it/vars/main.yml index 685eaae1..a87e305c 100644 --- a/roles/web-app-snipe-it/vars/main.yml +++ b/roles/web-app-snipe-it/vars/main.yml @@ -1,4 +1,9 @@ -application_id: "snipe-it" +application_id: "web-app-snipe-it" database_password: "{{ applications | get_app_conf(application_id, 'credentials.database_password', True) }}" database_type: "mariadb" -snipe_it_url: "{{ domains | get_url(application_id, web_protocol) }}" \ No newline at end of file +snipe_it_url: "{{ domains | get_url(application_id, web_protocol) }}" +snipe_it_version: "{{ applications | get_app_conf(application_id, 'docker.services.snipe-it.version', True) }}" +snipe_it_image: "{{ applications | get_app_conf(application_id, 'docker.services.snipe-it.image', True) }}" +snipe_it_name: "{{ applications | get_app_conf(application_id, 'docker.services.snipe-it.name', True) }}" +snipe_it_volume: "{{ applications | get_app_conf(application_id, 'docker.volumes.data', True) }}" +snipe_it_user: "www-data" \ No newline at end of file