diff --git a/docs/guides/developer/Role_Creation.md b/docs/guides/developer/Role_Creation.md index c34c26d7..8f966249 100644 --- a/docs/guides/developer/Role_Creation.md +++ b/docs/guides/developer/Role_Creation.md @@ -111,11 +111,6 @@ Now that you have defined the application settings, domain, and application ID, dockerfile: {{ path_cymais_my_service_output.stdout }}/Dockerfile ports: - "127.0.0.1:{{ ports.localhost.http[application_id] }}:5000" - healthcheck: - test: ["CMD", "curl", "-f", "http://127.0.0.1:5000"] - interval: 1m - timeout: 10s - retries: 3 volumes: - {{ path_cymais_my_service_output.stdout }}:/app - {{ path_cymais_output.stdout }}:/source diff --git a/roles/docker-akaunting/templates/docker-compose.yml.j2 b/roles/docker-akaunting/templates/docker-compose.yml.j2 index 9853c0be..2c99cb90 100644 --- a/roles/docker-akaunting/templates/docker-compose.yml.j2 +++ b/roles/docker-akaunting/templates/docker-compose.yml.j2 @@ -1,10 +1,7 @@ -services: - -{% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %} - +{% include 'roles/docker-compose/templates/base.yml.j2' %} application: -{% include 'roles/docker-compose/templates/services/base.yml.j2' %} +{% include 'roles/docker-container/templates/base.yml.j2' %} image: "{{ applications[application_id].images[application_id] }}" build: @@ -16,7 +13,7 @@ services: environment: - AKAUNTING_SETUP {% include 'templates/docker/container/networks.yml.j2' %} -{% include 'templates/docker/container/depends-on-just-database.yml.j2' %} +{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %} {% include 'templates/docker/compose/volumes.yml.j2' %} data: diff --git a/roles/docker-akaunting/vars/configuration.yml b/roles/docker-akaunting/vars/configuration.yml index 6b9ef3b9..9290b760 100644 --- a/roles/docker-akaunting/vars/configuration.yml +++ b/roles/docker-akaunting/vars/configuration.yml @@ -12,4 +12,8 @@ credentials: domains: canonical: - "accounting.{{ primary_domain }}" +docker: + services: + database: + enabled: true diff --git a/roles/docker-attendize/templates/docker-compose.yml.j2 b/roles/docker-attendize/templates/docker-compose.yml.j2 index 7a649575..81ee0a18 100644 --- a/roles/docker-attendize/templates/docker-compose.yml.j2 +++ b/roles/docker-attendize/templates/docker-compose.yml.j2 @@ -1,8 +1,4 @@ -services: - -{% include 'templates/docker/services/redis.yml.j2' %} - -{% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %} +{% include 'roles/docker-compose/templates/base.yml.j2' %} web: image: "{{ applications[application_id].images.web }}" @@ -11,7 +7,7 @@ services: volumes: - .:/usr/share/nginx/html - .:/var/www -{% include 'templates/docker/container/depends-on-database-redis.yml.j2' %} +{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %} maildev: worker: env_file: @@ -20,7 +16,7 @@ services: worker: image: "{{ applications[application_id].images.worker }}" -{% include 'templates/docker/container/depends-on-database-redis.yml.j2' %} +{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %} maildev: {% include 'templates/docker/container/networks.yml.j2' %} volumes: diff --git a/roles/docker-attendize/vars/configuration.yml b/roles/docker-attendize/vars/configuration.yml index 79240767..84ce7fee 100644 --- a/roles/docker-attendize/vars/configuration.yml +++ b/roles/docker-attendize/vars/configuration.yml @@ -7,7 +7,12 @@ features: css: true portfolio_iframe: false central_database: true - +docker: + services: + redis: + enabled: true + database: + enabled: true domains: canonical: - "tickets.{{ primary_domain }}" \ No newline at end of file diff --git a/roles/docker-baserow/templates/docker-compose.yml.j2 b/roles/docker-baserow/templates/docker-compose.yml.j2 index 8273b471..09bd74db 100644 --- a/roles/docker-baserow/templates/docker-compose.yml.j2 +++ b/roles/docker-baserow/templates/docker-compose.yml.j2 @@ -1,11 +1,7 @@ -services: - -{% include 'templates/docker/services/redis.yml.j2' %} - -{% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %} +{% include 'roles/docker-compose/templates/base.yml.j2' %} application: -{% include 'roles/docker-compose/templates/services/base.yml.j2' %} +{% include 'roles/docker-container/templates/base.yml.j2' %} image: "{{ applications[application_id].images.baserow }}" container_name: baserow-application volumes: @@ -13,7 +9,7 @@ services: ports: - "{{ports.localhost.http[application_id]}}:80" {% include 'templates/docker/container/networks.yml.j2' %} -{% include 'templates/docker/container/depends-on-database-redis.yml.j2' %} +{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %} {% include 'templates/docker/compose/volumes.yml.j2' %} data: diff --git a/roles/docker-baserow/vars/configuration.yml b/roles/docker-baserow/vars/configuration.yml index 0c02290c..ed011044 100644 --- a/roles/docker-baserow/vars/configuration.yml +++ b/roles/docker-baserow/vars/configuration.yml @@ -1,7 +1,13 @@ images: - baserow: "baserow/baserow:latest" + baserow: "baserow/baserow:latest" features: matomo: true css: true portfolio_iframe: true - central_database: true \ No newline at end of file + central_database: true +docker: + services: + redis: + enabled: true + database: + enabled: true \ No newline at end of file diff --git a/roles/docker-bluesky/templates/docker-compose.yml.j2 b/roles/docker-bluesky/templates/docker-compose.yml.j2 index 078f24ea..27b59092 100644 --- a/roles/docker-bluesky/templates/docker-compose.yml.j2 +++ b/roles/docker-bluesky/templates/docker-compose.yml.j2 @@ -1,17 +1,17 @@ -services: +{% include 'roles/docker-compose/templates/base.yml.j2' %} + pds: +{% set container_port = 3000 %} +{% set container_healthcheck = 'xrpc/_health' %} image: "{{ applications[application_id].images.pds }}" -{% include 'roles/docker-compose/templates/services/base.yml.j2' %} +{% include 'roles/docker-container/templates/base.yml.j2' %} volumes: - pds_data:/opt/pds - {{pdsadmin_file_path}}:/usr/local/bin/pdsadmin:ro ports: - - "127.0.0.1:{{ports.localhost.http.bluesky_api}}:3000" - healthcheck: - test: ["CMD", "wget", "--spider", "http://127.0.0.1:3000/xrpc/_health"] - interval: 1m - timeout: 10s - retries: 3 + - "127.0.0.1:{{ports.localhost.http.bluesky_api}}:{{ container_port }}" + +{% include 'roles/docker-container/templates/healthcheck/wget.yml.j2' %} {% include 'templates/docker/container/networks.yml.j2' %} # Deactivated for the moment @see https://github.com/bluesky-social/social-app diff --git a/roles/docker-bluesky/vars/configuration.yml b/roles/docker-bluesky/vars/configuration.yml index 913bc228..0b4e55c3 100644 --- a/roles/docker-bluesky/vars/configuration.yml +++ b/roles/docker-bluesky/vars/configuration.yml @@ -11,4 +11,8 @@ features: domains: canonical: web: "bskyweb.{{ primary_domain }}" - api: "bluesky.{{ primary_domain }}" \ No newline at end of file + api: "bluesky.{{ primary_domain }}" +docker: + services: + database: + enabled: true \ No newline at end of file diff --git a/roles/docker-central-database/templates/services/main.yml.j2 b/roles/docker-central-database/templates/services/main.yml.j2 new file mode 100644 index 00000000..42e191cf --- /dev/null +++ b/roles/docker-central-database/templates/services/main.yml.j2 @@ -0,0 +1 @@ +{% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %} \ No newline at end of file diff --git a/roles/docker-collabora/templates/docker-compose.yml.j2 b/roles/docker-collabora/templates/docker-compose.yml.j2 index d4d903d8..a7b11ca7 100644 --- a/roles/docker-collabora/templates/docker-compose.yml.j2 +++ b/roles/docker-collabora/templates/docker-compose.yml.j2 @@ -1,6 +1,4 @@ -services: - -{% include 'templates/docker/services/redis.yml.j2' %} +{% include 'roles/docker-compose/templates/base.yml.j2' %} collabora: image: collabora/code @@ -8,8 +6,8 @@ services: ports: - "127.0.0.1:{{ports.localhost.http[application_id]}}:80" -{% include 'roles/docker-compose/templates/services/base.yml.j2' %} -{% include 'templates/docker/container/depends-on-database-redis.yml.j2' %} +{% include 'roles/docker-container/templates/base.yml.j2' %} +{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %} {% include 'templates/docker/container/networks.yml.j2' %} {% include 'templates/docker/compose/networks.yml.j2' %} diff --git a/roles/docker-collabora/vars/configuration.yml b/roles/docker-collabora/vars/configuration.yml index b2b52744..85970cfa 100644 --- a/roles/docker-collabora/vars/configuration.yml +++ b/roles/docker-collabora/vars/configuration.yml @@ -1,3 +1,9 @@ domains: canonical: - - "collabora.{{ primary_domain }}" \ No newline at end of file + - "collabora.{{ primary_domain }}" +docker: + services: + redis: + enabled: true + database: + enabled: false # May this is wrong. Just set during refactoring \ No newline at end of file diff --git a/roles/docker-compose/templates/base.yml.j2 b/roles/docker-compose/templates/base.yml.j2 new file mode 100644 index 00000000..2a7c776a --- /dev/null +++ b/roles/docker-compose/templates/base.yml.j2 @@ -0,0 +1,15 @@ +{# Base template for all docker-compose.yml.j2 #} +services: +{# Load Database #} +{% if applications[application_id].docker.database.enabled | default(false) | bool %} +{% include 'roles/docker-central-database/templates/services/main.yml.j2' %} +{% endif %} +{# Load Redis #} +{% if applications[application_id].docker.redis.enabled | default(false) | bool %} +{% include 'templates/docker/services/redis.yml.j2' %} +{% endif %} +{# Load OAuth2 Proxy #} +{% if not applications | is_feature_enabled('oauth2',application_id) %} +{% include 'roles/docker-oauth2-proxy/templates/container.yml.j2' %} +{% endif %} +{{ "\n" }} diff --git a/roles/docker-compose/templates/services/base.yml.j2 b/roles/docker-container/templates/base.yml.j2 similarity index 100% rename from roles/docker-compose/templates/services/base.yml.j2 rename to roles/docker-container/templates/base.yml.j2 diff --git a/roles/docker-container/templates/depends_on_dmbs.j2 b/roles/docker-container/templates/depends_on_dmbs.j2 new file mode 100644 index 00000000..ede2652f --- /dev/null +++ b/roles/docker-container/templates/depends_on_dmbs.j2 @@ -0,0 +1,17 @@ +{# This template needs to be included in docker-compose.yml containers, which depend on a database, redis and optional additional volumes #} +{% if applications | is_feature_enabled('central_database', application_id) + and not (applications[application_id].docker.redis.enabled + | default(false) + | bool) %} + depends_on: [] +{% else %} + depends_on: + {% if not applications | is_feature_enabled('central_database', application_id) %} + database: + condition: service_healthy + {% endif %} + {% if applications[application_id].docker.redis.enabled | default(false) | bool %} + redis: + condition: service_healthy + {% endif %} +{% endif %} diff --git a/roles/docker-container/templates/healthcheck/curl.yml.j2 b/roles/docker-container/templates/healthcheck/curl.yml.j2 new file mode 100644 index 00000000..3a775d5c --- /dev/null +++ b/roles/docker-container/templates/healthcheck/curl.yml.j2 @@ -0,0 +1,9 @@ + healthcheck: + test: + - "CMD" + - "curl" + - "-f" + - "http://127.0.0.1{{ (":" ~ container_port) if container_port is defined else '' }}/{{ container_healthcheck | default('') }}" + interval: 1m + timeout: 10s + retries: 3 \ No newline at end of file diff --git a/roles/docker-compose/templates/services/msmtp_curl_test.yml.j2 b/roles/docker-container/templates/healthcheck/msmtp_curl.yml.j2 similarity index 100% rename from roles/docker-compose/templates/services/msmtp_curl_test.yml.j2 rename to roles/docker-container/templates/healthcheck/msmtp_curl.yml.j2 diff --git a/roles/docker-container/templates/healthcheck/tcp.yml.j2 b/roles/docker-container/templates/healthcheck/tcp.yml.j2 new file mode 100644 index 00000000..b5d54679 --- /dev/null +++ b/roles/docker-container/templates/healthcheck/tcp.yml.j2 @@ -0,0 +1,6 @@ + healthcheck: + test: + - "CMD" + - "bash" + - "-c" + - "exec 3<>/dev/tcp/localhost/{{ container_port }} && echo -e 'GET /{{ container_healthcheck | default('') }} HTTP/1.1\\r\\nHost: localhost\\r\\nConnection: close\\r\\n\\r\\n' >&3 && cat <&3 | grep -q 'HTTP/1.1'" \ No newline at end of file diff --git a/roles/docker-container/templates/healthcheck/wget.yml.j2 b/roles/docker-container/templates/healthcheck/wget.yml.j2 new file mode 100644 index 00000000..75a024d0 --- /dev/null +++ b/roles/docker-container/templates/healthcheck/wget.yml.j2 @@ -0,0 +1,10 @@ + healthcheck: + test: + - "CMD" + - "wget" + - "--spider" + - "--proxy=off" + - "http://127.0.0.1{{ (":" ~ container_port) if container_port is defined else '' }}/{{ container_healthcheck | default('') }}" + interval: 1m + timeout: 10s + retries: 3 \ No newline at end of file diff --git a/roles/docker-coturn/templates/docker-compose.yml.j2 b/roles/docker-coturn/templates/docker-compose.yml.j2 index c8ea6f40..26c7e209 100644 --- a/roles/docker-coturn/templates/docker-compose.yml.j2 +++ b/roles/docker-coturn/templates/docker-compose.yml.j2 @@ -1,24 +1,18 @@ -services: - -{% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %} - +{% include 'roles/docker-compose/templates/base.yml.j2' %} application: -{% include 'roles/docker-compose/templates/services/base.yml.j2' %} +{% include 'roles/docker-container/templates/base.yml.j2' %} image: "gitea/gitea:{{applications.gitea.version}}" ports: - - "127.0.0.1:{{ports.localhost.http[application_id]}}:3000" + - "127.0.0.1:{{ports.localhost.http[application_id]}}:{{ container_port }}" - "{{ports.public.ssh[application_id]}}:22" volumes: - data:/data - /etc/timezone:/etc/timezone:ro - /etc/localtime:/etc/localtime:ro - healthcheck: - test: ["CMD", "curl", "-f", "http://127.0.0.1:3000"] - interval: 1m - timeout: 10s - retries: 3 +{% include 'roles/docker-container/templates/healthcheck/curl.yml.j2' %} + {% include 'templates/docker/container/networks.yml.j2' %} -{% include 'templates/docker/container/depends-on-just-database.yml.j2' %} +{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %} {% include 'templates/docker/compose/volumes.yml.j2' %} data: diff --git a/roles/docker-coturn/vars/main.yml b/roles/docker-coturn/vars/main.yml index da2f976c..db92a11d 100644 --- a/roles/docker-coturn/vars/main.yml +++ b/roles/docker-coturn/vars/main.yml @@ -1,2 +1,3 @@ application_id: "coturn" +container_port: 3000 #database_type: "mariadb" \ No newline at end of file diff --git a/roles/docker-discourse/templates/docker-compose.yml.j2 b/roles/docker-discourse/templates/docker-compose.yml.j2 index 079a187e..34973e60 100644 --- a/roles/docker-discourse/templates/docker-compose.yml.j2 +++ b/roles/docker-discourse/templates/docker-compose.yml.j2 @@ -1,8 +1,4 @@ -services: - -{% include 'templates/docker/services/redis.yml.j2' %} - -{% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %} +{% include 'roles/docker-compose/templates/base.yml.j2' %} {% include 'templates/docker/compose/volumes.yml.j2' %} redis: diff --git a/roles/docker-discourse/vars/configuration.yml b/roles/docker-discourse/vars/configuration.yml index d41f6a1a..1675f9b1 100644 --- a/roles/docker-discourse/vars/configuration.yml +++ b/roles/docker-discourse/vars/configuration.yml @@ -21,3 +21,9 @@ csp: domains: canonical: - "forum.{{ primary_domain }}" +docker: + services: + database: + enabled: true + redis: + enabled: true \ No newline at end of file diff --git a/roles/docker-elk/templates/docker-compose.yml.j2 b/roles/docker-elk/templates/docker-compose.yml.j2 index 9c5090d3..6dcacd2e 100644 --- a/roles/docker-elk/templates/docker-compose.yml.j2 +++ b/roles/docker-elk/templates/docker-compose.yml.j2 @@ -1,4 +1,4 @@ -services: +{% include 'roles/docker-compose/templates/base.yml.j2' %} elasticsearch: build: context: elasticsearch/ @@ -61,5 +61,7 @@ services: depends_on: - elasticsearch -volumes: +{% include 'templates/docker/compose/volumes.yml.j2' %} elasticsearch: + +{% include 'templates/docker/compose/networks.yml.j2' %} diff --git a/roles/docker-espocrm/templates/docker-compose.yml.j2 b/roles/docker-espocrm/templates/docker-compose.yml.j2 index a8429ec6..58a99846 100644 --- a/roles/docker-espocrm/templates/docker-compose.yml.j2 +++ b/roles/docker-espocrm/templates/docker-compose.yml.j2 @@ -1,15 +1,11 @@ -services: - -{% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %} - +{% include 'roles/docker-compose/templates/base.yml.j2' %} web: image: "{{ applications[application_id].images.espocrm }}" -{% include 'roles/docker-compose/templates/services/base.yml.j2' %} - healthcheck: - test: ["CMD", "curl", "-f", "http://localhost/"] +{% include 'roles/docker-container/templates/base.yml.j2' %} +{% include 'roles/docker-container/templates/healthcheck/curl.yml.j2' %} ports: - "127.0.0.1:{{ ports.localhost.http[application_id] }}:80" -{% include 'templates/docker/container/depends-on-just-database.yml.j2' %} +{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %} {% include 'templates/docker/container/networks.yml.j2' %} volumes: - data:/var/www/html @@ -35,7 +31,7 @@ services: - ESPOCRM_CONFIG_WEB_SOCKET_ZERO_M_Q_SUBSCRIBER_DSN=tcp://*:7777 - ESPOCRM_CONFIG_WEB_SOCKET_ZERO_M_Q_SUBMISSION_DSN=tcp://websocket:7777 entrypoint: docker-websocket.sh -{% include 'templates/docker/container/depends-on-just-database.yml.j2' %} +{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %} {% include 'templates/docker/container/networks.yml.j2' %} volumes: - data:/var/www/html diff --git a/roles/docker-espocrm/vars/configuration.yml b/roles/docker-espocrm/vars/configuration.yml index 620275b7..717c543d 100644 --- a/roles/docker-espocrm/vars/configuration.yml +++ b/roles/docker-espocrm/vars/configuration.yml @@ -26,4 +26,8 @@ domains: aliases: - "crm.{{ primary_domain }}" email: - from_name: "Customer Relationship Management ({{ primary_domain }})" \ No newline at end of file + from_name: "Customer Relationship Management ({{ primary_domain }})" +docker: + services: + database: + enabled: true \ No newline at end of file diff --git a/roles/docker-friendica/templates/docker-compose.yml.j2 b/roles/docker-friendica/templates/docker-compose.yml.j2 index 5621531b..4cd10cb5 100644 --- a/roles/docker-friendica/templates/docker-compose.yml.j2 +++ b/roles/docker-friendica/templates/docker-compose.yml.j2 @@ -1,10 +1,7 @@ -services: - -{% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %} - +{% include 'roles/docker-compose/templates/base.yml.j2' %} application: image: "{{ applications[application_id].images.friendica }}" - {% include 'roles/docker-compose/templates/services/base.yml.j2' %} + {% include 'roles/docker-container/templates/base.yml.j2' %} volumes: - html:{{ friendica_application_base }} - data:/var/www/data # I assume that this one is unnessecarry @@ -12,10 +9,9 @@ services: ports: - "127.0.0.1:{{ports.localhost.http[application_id]}}:80" -{% include 'roles/docker-compose/templates/services/msmtp_curl_test.yml.j2' %} - +{% include 'roles/docker-container/templates/healthcheck/msmtp_curl.yml.j2' %} {% include 'templates/docker/container/networks.yml.j2' %} -{% include 'templates/docker/container/depends-on-just-database.yml.j2' %} +{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %} {% include 'templates/docker/compose/volumes.yml.j2' %} data: diff --git a/roles/docker-friendica/vars/configuration.yml b/roles/docker-friendica/vars/configuration.yml index 54d7e0e3..b57ed4f8 100644 --- a/roles/docker-friendica/vars/configuration.yml +++ b/roles/docker-friendica/vars/configuration.yml @@ -25,4 +25,8 @@ oauth2_proxy: port: "80" addons: keycloakpassword: - ldapauth: \ No newline at end of file + ldapauth: +docker: + services: + database: + enabled: true \ No newline at end of file diff --git a/roles/docker-funkwhale/templates/docker-compose.yml.j2 b/roles/docker-funkwhale/templates/docker-compose.yml.j2 index d7bed0ab..07c37747 100644 --- a/roles/docker-funkwhale/templates/docker-compose.yml.j2 +++ b/roles/docker-funkwhale/templates/docker-compose.yml.j2 @@ -1,8 +1,4 @@ -services: -{% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %} - -{% include 'templates/docker/services/redis.yml.j2' %} - +{% include 'roles/docker-compose/templates/base.yml.j2' %} celeryworker: # Celery workers handle background tasks (such file imports or federation # messaging). The more processes a worker gets, the more tasks @@ -12,7 +8,7 @@ services: # of CPUs. You can adjust this, by explicitly setting the --concurrency # flag: # celery -A funkwhale_api.taskapp worker -l INFO --concurrency=4 -{% include 'roles/docker-compose/templates/services/base.yml.j2' %} +{% include 'roles/docker-container/templates/base.yml.j2' %} image: "{{ applications | get_docker_image(application_id,'api') }}" command: celery -A funkwhale_api.taskapp worker -l INFO --concurrency={{celeryd_concurrency}} environment: @@ -20,18 +16,18 @@ services: volumes: - "data:{{funkwhale_media_root}}" - "music:{{funkwhale_music_directory_path}}:ro" -{% include 'templates/docker/container/depends-on-database-redis.yml.j2' %} +{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %} {% include 'templates/docker/container/networks.yml.j2' %} celerybeat: -{% include 'roles/docker-compose/templates/services/base.yml.j2' %} +{% include 'roles/docker-container/templates/base.yml.j2' %} image: "{{ applications | get_docker_image(application_id,'api') }}" command: celery -A funkwhale_api.taskapp beat --pidfile= -l INFO -{% include 'templates/docker/container/depends-on-database-redis.yml.j2' %} +{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %} {% include 'templates/docker/container/networks.yml.j2' %} api: -{% include 'roles/docker-compose/templates/services/base.yml.j2' %} +{% include 'roles/docker-container/templates/base.yml.j2' %} image: "{{ applications | get_docker_image(application_id,'api') }}" volumes: - "music:{{funkwhale_music_directory_path}}:ro" @@ -39,11 +35,11 @@ services: - "funkwhale_static_root:{{funkwhale_static_root}}" ports: - "{{ funkwhale_docker_api_port }}" -{% include 'templates/docker/container/depends-on-database-redis.yml.j2' %} +{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %} {% include 'templates/docker/container/networks.yml.j2' %} front: -{% include 'roles/docker-compose/templates/services/base.yml.j2' %} +{% include 'roles/docker-container/templates/base.yml.j2' %} image: "{{ applications | get_docker_image(application_id,'front') }}" depends_on: - api @@ -56,7 +52,7 @@ services: - "127.0.0.1:{{ports.localhost.http[application_id]}}:80" typesense: -{% include 'roles/docker-compose/templates/services/base.yml.j2' %} +{% include 'roles/docker-container/templates/base.yml.j2' %} image: "{{ applications[application_id].docker.images.typesense }}" volumes: - ./typesense/data:/data diff --git a/roles/docker-funkwhale/vars/configuration.yml b/roles/docker-funkwhale/vars/configuration.yml index 9deac1a3..5e24541d 100644 --- a/roles/docker-funkwhale/vars/configuration.yml +++ b/roles/docker-funkwhale/vars/configuration.yml @@ -7,6 +7,11 @@ docker: api: "funkwhale/api" front: "funkwhale/front" typesense: "typesense/typesense" + services: + redis: + enabled: true + database: + enabled: true features: matomo: true css: false diff --git a/roles/docker-fusiondirectory/templates/docker-compose.yml.j2 b/roles/docker-fusiondirectory/templates/docker-compose.yml.j2 index 2e5588d9..b6142b37 100644 --- a/roles/docker-fusiondirectory/templates/docker-compose.yml.j2 +++ b/roles/docker-fusiondirectory/templates/docker-compose.yml.j2 @@ -1,20 +1,4 @@ -services: - -{% include 'roles/docker-oauth2-proxy/templates/container.yml.j2' %} - - application: - container_name: {{ application_id }} - image: ghcr.io/ldapaccountmanager/lam:{{applications[application_id].version}} - ports: - - 127.0.0.1:{{ports.localhost.http[application_id]}}:80 -{% include 'roles/docker-compose/templates/services/base.yml.j2' %} -{% include 'templates/docker/container/networks.yml.j2' %} - -{# include 'templates/docker/compose/volumes.yml.j2' #} - -{% include 'templates/docker/compose/networks.yml.j2' %} - -services: +{% include 'roles/docker-compose/templates/base.yml.j2' %} fusiondirectory: image: tiredofit/fusiondirectory:latest container_name: fusiondirectory @@ -39,5 +23,7 @@ services: - fusiondirectory_data:/assets/fusiondirectory restart: always -volumes: +{% include 'templates/docker/compose/volumes.yml.j2' %} fusiondirectory_data: + +{% include 'templates/docker/compose/networks.yml.j2' %} \ No newline at end of file diff --git a/roles/docker-gitea/templates/docker-compose.yml.j2 b/roles/docker-gitea/templates/docker-compose.yml.j2 index a8487144..c310f6b0 100644 --- a/roles/docker-gitea/templates/docker-compose.yml.j2 +++ b/roles/docker-gitea/templates/docker-compose.yml.j2 @@ -1,26 +1,18 @@ -services: - -{% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %} - -{% include 'roles/docker-oauth2-proxy/templates/container.yml.j2' %} +{% include 'roles/docker-compose/templates/base.yml.j2' %} application: -{% include 'roles/docker-compose/templates/services/base.yml.j2' %} +{% include 'roles/docker-container/templates/base.yml.j2' %} image: "{{ applications[application_id].images.gitea }}" ports: - - "127.0.0.1:{{ports.localhost.http[application_id]}}:3000" + - "127.0.0.1:{{ports.localhost.http[application_id]}}:{{ container_port }}" - "{{ports.public.ssh[application_id]}}:22" volumes: - data:/data - /etc/timezone:/etc/timezone:ro - /etc/localtime:/etc/localtime:ro - healthcheck: - test: ["CMD", "curl", "-f", "http://127.0.0.1:3000"] - interval: 1m - timeout: 10s - retries: 3 +{% include 'roles/docker-container/templates/healthcheck/curl.yml.j2' %} {% include 'templates/docker/container/networks.yml.j2' %} -{% include 'templates/docker/container/depends-on-just-database.yml.j2' %} +{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %} {% include 'templates/docker/compose/volumes.yml.j2' %} data: diff --git a/roles/docker-gitea/vars/configuration.yml b/roles/docker-gitea/vars/configuration.yml index 40e62e42..b4e108a7 100644 --- a/roles/docker-gitea/vars/configuration.yml +++ b/roles/docker-gitea/vars/configuration.yml @@ -36,4 +36,8 @@ csp: - "data:" domains: aliases: - - "git.{{ primary_domain }}" \ No newline at end of file + - "git.{{ primary_domain }}" +docker: + services: + database: + enabled: true \ No newline at end of file diff --git a/roles/docker-gitea/vars/main.yml b/roles/docker-gitea/vars/main.yml index c254479d..2bf502e8 100644 --- a/roles/docker-gitea/vars/main.yml +++ b/roles/docker-gitea/vars/main.yml @@ -1,4 +1,5 @@ application_id: "gitea" +container_port: 3000 database_type: "mariadb" gitea_ldap_auth_args: - '--name "LDAP ({{ primary_domain }})"' diff --git a/roles/docker-gitlab/templates/docker-compose.yml.j2 b/roles/docker-gitlab/templates/docker-compose.yml.j2 index 688a7795..de8f80e2 100644 --- a/roles/docker-gitlab/templates/docker-compose.yml.j2 +++ b/roles/docker-gitlab/templates/docker-compose.yml.j2 @@ -1,13 +1,9 @@ -services: - -{% include 'templates/docker/services/redis.yml.j2' %} - -{% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %} +{% include 'roles/docker-compose/templates/base.yml.j2' %} web: image: "{{ applications[application_id].images.gitlab }}" hostname: '{{domains | get_domain(application_id)}}' -{% include 'roles/docker-compose/templates/services/base.yml.j2' %} +{% include 'roles/docker-container/templates/base.yml.j2' %} ports: - "127.0.0.1:{{ports.localhost.http[application_id]}}:80" - "{{ports.public.ssh[application_id]}}:22" @@ -16,13 +12,13 @@ services: - 'logs:/var/log/gitlab' - 'data:/var/opt/gitlab' shm_size: '256m' -{% include 'templates/docker/container/depends-on-database-redis.yml.j2' %} +{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %} {% include 'templates/docker/container/networks.yml.j2' %} -{% include 'templates/docker/compose/networks.yml.j2' %} - {% include 'templates/docker/compose/volumes.yml.j2' %} redis: config: logs: data: + +{% include 'templates/docker/compose/networks.yml.j2' %} diff --git a/roles/docker-gitlab/vars/configuration.yml b/roles/docker-gitlab/vars/configuration.yml index b1b18e01..897bbf79 100644 --- a/roles/docker-gitlab/vars/configuration.yml +++ b/roles/docker-gitlab/vars/configuration.yml @@ -4,4 +4,10 @@ features: matomo: true css: true portfolio_iframe: true - central_database: true \ No newline at end of file + central_database: true +docker: + services: + redis: + enabled: true + database: + enabled: true \ No newline at end of file diff --git a/roles/docker-joomla/templates/docker-compose.yml.j2 b/roles/docker-joomla/templates/docker-compose.yml.j2 index 157ec344..a96a01cd 100644 --- a/roles/docker-joomla/templates/docker-compose.yml.j2 +++ b/roles/docker-joomla/templates/docker-compose.yml.j2 @@ -1,16 +1,13 @@ -services: - -{% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %} - +{% include 'roles/docker-compose/templates/base.yml.j2' %} application: image: "{{ applications[application_id].images.joomla }}" -{% include 'roles/docker-compose/templates/services/base.yml.j2' %} +{% include 'roles/docker-container/templates/base.yml.j2' %} volumes: - data:/var/www/html ports: - "127.0.0.1:{{ports.localhost.http[application_id]}}:80" {% include 'templates/docker/container/networks.yml.j2' %} -{% include 'templates/docker/container/depends-on-just-database.yml.j2' %} +{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %} {% include 'templates/docker/compose/volumes.yml.j2' %} data: diff --git a/roles/docker-joomla/vars/configuration.yml b/roles/docker-joomla/vars/configuration.yml index 6f628fae..a7c636b4 100644 --- a/roles/docker-joomla/vars/configuration.yml +++ b/roles/docker-joomla/vars/configuration.yml @@ -4,6 +4,11 @@ features: matomo: true css: true portfolio_iframe: true + central_database: true domains: canonical: - - "cms.{{ primary_domain }}" \ No newline at end of file + - "cms.{{ primary_domain }}" +docker: + services: + database: + enabled: true \ No newline at end of file diff --git a/roles/docker-keycloak/templates/docker-compose.yml.j2 b/roles/docker-keycloak/templates/docker-compose.yml.j2 index 1882e40e..c6f1b87c 100644 --- a/roles/docker-keycloak/templates/docker-compose.yml.j2 +++ b/roles/docker-keycloak/templates/docker-compose.yml.j2 @@ -1,22 +1,18 @@ -services: - -{% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %} +{% include 'roles/docker-compose/templates/base.yml.j2' %} application: image: "{{ applications[application_id].images.keycloak }}" container_name: {{container_name}} command: start {% if applications[application_id].import_realm | bool %}--import-realm{% endif %} - {% include 'roles/docker-compose/templates/services/base.yml.j2' %} + {% include 'roles/docker-container/templates/base.yml.j2' %} ports: - "{{ keycloak_server_host }}:8080" volumes: - "{{import_directory_host}}:{{import_directory_docker}}" -{% include 'templates/docker/container/depends-on-just-database.yml.j2' %} +{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %} {% include 'templates/docker/container/networks.yml.j2' %} - healthcheck: - test: ["CMD", "sh", "-c", "exec 3<>/dev/tcp/localhost/9000 && echo -e 'GET /health/live HTTP/1.1\\r\\nHost: {{domains | get_domain('keycloak')}}\\r\\nConnection: close\\r\\n\\r\\n' >&3 && cat <&3"] - interval: 30s - timeout: 10s - retries: 3 +{% set container_port = 9000 %} +{% set container_healthcheck = 'health/live' %} +{% include 'roles/docker-container/templates/healthcheck/tcp.yml.j2' %} {% include 'templates/docker/compose/networks.yml.j2' %} \ No newline at end of file diff --git a/roles/docker-keycloak/vars/configuration.yml b/roles/docker-keycloak/vars/configuration.yml index 5df3b4ac..a3263dde 100644 --- a/roles/docker-keycloak/vars/configuration.yml +++ b/roles/docker-keycloak/vars/configuration.yml @@ -25,3 +25,7 @@ scopes: nextcloud: nextcloud rbac_groups: "/rbac" +docker: + services: + database: + enabled: true \ No newline at end of file diff --git a/roles/docker-lam/templates/docker-compose.yml.j2 b/roles/docker-lam/templates/docker-compose.yml.j2 index 189b822b..b6b79126 100644 --- a/roles/docker-lam/templates/docker-compose.yml.j2 +++ b/roles/docker-lam/templates/docker-compose.yml.j2 @@ -1,15 +1,11 @@ -services: - -{% include 'roles/docker-oauth2-proxy/templates/container.yml.j2' %} +{% include 'roles/docker-compose/templates/base.yml.j2' %} application: container_name: {{ application_id }} image: "{{ applications[application_id].images.lam }}" ports: - 127.0.0.1:{{ports.localhost.http[application_id]}}:80 -{% include 'roles/docker-compose/templates/services/base.yml.j2' %} +{% include 'roles/docker-container/templates/base.yml.j2' %} {% include 'templates/docker/container/networks.yml.j2' %} -{# include 'templates/docker/compose/volumes.yml.j2' #} - -{% include 'templates/docker/compose/networks.yml.j2' %} +{% include 'templates/docker/compose/networks.yml.j2' %} \ No newline at end of file diff --git a/roles/docker-ldap/templates/docker-compose.yml.j2 b/roles/docker-ldap/templates/docker-compose.yml.j2 index 87add91c..22eb8b37 100644 --- a/roles/docker-ldap/templates/docker-compose.yml.j2 +++ b/roles/docker-ldap/templates/docker-compose.yml.j2 @@ -1,11 +1,9 @@ -services: - -{% include 'roles/docker-oauth2-proxy/templates/container.yml.j2' %} +{% include 'roles/docker-compose/templates/base.yml.j2' %} application: image: "{{ applications[application_id].images.openldap }}" container_name: {{ applications[application_id].hostname }} -{% include 'roles/docker-compose/templates/services/base.yml.j2' %} +{% include 'roles/docker-container/templates/base.yml.j2' %} {% if applications[application_id].network.public | bool or applications[application_id].network.local | bool %} ports: - 127.0.0.1:{{ports.localhost.ldap.ldap}}:{{ldap_docker_port}} # Expose just on localhost so that nginx stream proxy can use it @@ -27,4 +25,4 @@ services: {% include 'templates/docker/compose/volumes.yml.j2' %} data: -{% include 'templates/docker/compose/networks.yml.j2' %} +{% include 'templates/docker/compose/networks.yml.j2' %} \ No newline at end of file diff --git a/roles/docker-listmonk/templates/config.toml.j2 b/roles/docker-listmonk/templates/config.toml.j2 index 3599bf57..7ca6539b 100644 --- a/roles/docker-listmonk/templates/config.toml.j2 +++ b/roles/docker-listmonk/templates/config.toml.j2 @@ -3,7 +3,7 @@ # of localhost will only listen to connections from the current machine. To # listen on all interfaces use '0.0.0.0'. To listen on the default web address # port, use port 80 (this will require running with elevated permissions). -address = "0.0.0.0:9000" +address = "0.0.0.0:{{ container_port }}" # Database. [db] diff --git a/roles/docker-listmonk/templates/docker-compose.yml.j2 b/roles/docker-listmonk/templates/docker-compose.yml.j2 index 5ff140e1..098b71eb 100644 --- a/roles/docker-listmonk/templates/docker-compose.yml.j2 +++ b/roles/docker-listmonk/templates/docker-compose.yml.j2 @@ -1,18 +1,15 @@ -services: - -{% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %} - +{% include 'roles/docker-compose/templates/base.yml.j2' %} application: -{% include 'roles/docker-compose/templates/services/base.yml.j2' %} +{% set container_healthcheck = 'health' %} +{% include 'roles/docker-container/templates/base.yml.j2' %} image: "{{ applications[application_id].images.listmonk }}" ports: - - "127.0.0.1:{{ports.localhost.http[application_id]}}:9000" + - "127.0.0.1:{{ports.localhost.http[application_id]}}:{{ container_port }}" volumes: - {{docker_compose.directories.config}}config.toml:/listmonk/config.toml {% include 'templates/docker/container/networks.yml.j2' %} -{% include 'templates/docker/container/depends-on-just-database.yml.j2' %} - healthcheck: - test: ['CMD-SHELL', 'wget -q --spider --proxy=off localhost:9000/health || exit 1'] +{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %} +{% include 'roles/docker-container/templates/healthcheck/wget.yml.j2' %} {% include 'templates/docker/compose/volumes-just-database.yml.j2' %} diff --git a/roles/docker-listmonk/vars/configuration.yml b/roles/docker-listmonk/vars/configuration.yml index d1dbf75d..3745318b 100644 --- a/roles/docker-listmonk/vars/configuration.yml +++ b/roles/docker-listmonk/vars/configuration.yml @@ -10,4 +10,8 @@ features: oidc: true domains: canonical: - - "newsletter.{{ primary_domain }}" \ No newline at end of file + - "newsletter.{{ primary_domain }}" +docker: + services: + database: + enabled: true \ No newline at end of file diff --git a/roles/docker-listmonk/vars/main.yml b/roles/docker-listmonk/vars/main.yml index 7e87e355..fce94aec 100644 --- a/roles/docker-listmonk/vars/main.yml +++ b/roles/docker-listmonk/vars/main.yml @@ -1,5 +1,6 @@ -application_id: "listmonk" -database_type: "postgres" +application_id: "listmonk" +database_type: "postgres" +container_port: "9000" listmonk_settings: - key: "app.root_url" diff --git a/roles/docker-mailu/templates/docker-compose.yml.j2 b/roles/docker-mailu/templates/docker-compose.yml.j2 index 5e498a02..42126bcc 100644 --- a/roles/docker-mailu/templates/docker-compose.yml.j2 +++ b/roles/docker-mailu/templates/docker-compose.yml.j2 @@ -1,19 +1,15 @@ -services: - -{% include 'templates/docker/services/redis.yml.j2' %} - -{% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %} +{% include 'roles/docker-compose/templates/base.yml.j2' %} # Core services resolver: image: {{docker_source}}/unbound:{{applications.mailu.version}} -{% include 'roles/docker-compose/templates/services/base.yml.j2' %} +{% include 'roles/docker-container/templates/base.yml.j2' %} {% include 'templates/docker/container/networks.yml.j2' %} ipv4_address: {{networks.local.mailu.dns}} front: image: {{docker_source}}/nginx:{{applications.mailu.version}} -{% include 'roles/docker-compose/templates/services/base.yml.j2' %} +{% include 'roles/docker-container/templates/base.yml.j2' %} ports: - "127.0.0.1:{{ports.localhost.http[application_id]}}:80" - "{{networks.internet.ip4}}:25:25" @@ -27,7 +23,7 @@ services: volumes: - "{{docker_compose.directories.volumes}}overrides/nginx:/overrides:ro" - "{{cert_mount_directory}}:/certs:ro" -{% include 'templates/docker/container/depends-on-also-database.yml.j2' %} +{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %} resolver: condition: service_started {% include 'templates/docker/container/networks.yml.j2' %} @@ -38,11 +34,11 @@ services: admin: image: {{docker_source}}/admin:{{applications.mailu.version}} -{% include 'roles/docker-compose/templates/services/base.yml.j2' %} +{% include 'roles/docker-container/templates/base.yml.j2' %} volumes: - "admin_data:/data" - "dkim:/dkim" -{% include 'templates/docker/container/depends-on-database-redis.yml.j2' %} +{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %} resolver: condition: service_started front: @@ -53,7 +49,7 @@ services: imap: image: {{docker_source}}/dovecot:{{applications.mailu.version}} -{% include 'roles/docker-compose/templates/services/base.yml.j2' %} +{% include 'roles/docker-container/templates/base.yml.j2' %} volumes: - "dovecot_mail:/mail" - "{{docker_compose.directories.volumes}}overrides:/overrides:ro" @@ -66,7 +62,7 @@ services: smtp: image: {{docker_source}}/postfix:{{applications.mailu.version}} -{% include 'roles/docker-compose/templates/services/base.yml.j2' %} +{% include 'roles/docker-container/templates/base.yml.j2' %} volumes: - "{{docker_compose.directories.volumes}}overrides:/overrides:ro" - "smtp_queue:/queue" @@ -90,7 +86,7 @@ services: antispam: image: {{docker_source}}/rspamd:{{applications.mailu.version}} -{% include 'roles/docker-compose/templates/services/base.yml.j2' %} +{% include 'roles/docker-container/templates/base.yml.j2' %} volumes: - "filter:/var/lib/rspamd" - "dkim:/dkim" @@ -109,7 +105,7 @@ services: # Optional services antivirus: image: clamav/clamav-debian:latest -{% include 'roles/docker-compose/templates/services/base.yml.j2' %} +{% include 'roles/docker-container/templates/base.yml.j2' %} volumes: - "filter:/data" depends_on: @@ -120,7 +116,7 @@ services: webdav: image: {{docker_source}}/radicale:{{applications.mailu.version}} -{% include 'roles/docker-compose/templates/services/base.yml.j2' %} +{% include 'roles/docker-container/templates/base.yml.j2' %} volumes: - "webdav_data:/data" depends_on: @@ -134,7 +130,7 @@ services: image: {{docker_source}}/fetchmail:{{applications.mailu.version}} volumes: - "admin_data:/data" -{% include 'roles/docker-compose/templates/services/base.yml.j2' %} +{% include 'roles/docker-container/templates/base.yml.j2' %} depends_on: - admin - smtp @@ -146,7 +142,7 @@ services: webmail: image: {{docker_source}}/webmail:{{applications.mailu.version}} -{% include 'roles/docker-compose/templates/services/base.yml.j2' %} +{% include 'roles/docker-container/templates/base.yml.j2' %} volumes: - "webmail_data:/data" - "{{docker_compose.directories.volumes}}overrides:/overrides:ro" diff --git a/roles/docker-mailu/vars/configuration.yml b/roles/docker-mailu/vars/configuration.yml index 5ac9088d..dc750ed1 100644 --- a/roles/docker-mailu/vars/configuration.yml +++ b/roles/docker-mailu/vars/configuration.yml @@ -26,4 +26,9 @@ rbac: roles: mail-bot: description: "Has an token to send and recieve emails" - \ No newline at end of file +docker: + services: + redis: + enabled: true + database: + enabled: true \ No newline at end of file diff --git a/roles/docker-mastodon/templates/docker-compose.yml.j2 b/roles/docker-mastodon/templates/docker-compose.yml.j2 index a1eb720e..71025891 100644 --- a/roles/docker-mastodon/templates/docker-compose.yml.j2 +++ b/roles/docker-mastodon/templates/docker-compose.yml.j2 @@ -1,38 +1,36 @@ -services: - -{% include 'templates/docker/services/redis.yml.j2' %} - -{% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %} +{% include 'roles/docker-compose/templates/base.yml.j2' %} web: +{% set container_port = 3000 %} +{% set container_healthcheck = 'health' %} image: "{{ applications[application_id].images[application_id] }}" -{% include 'roles/docker-compose/templates/services/base.yml.j2' %} - command: bash -c "rm -f /mastodon/tmp/pids/server.pid; bundle exec rails s -p 3000" - healthcheck: - test: ['CMD-SHELL', 'wget -q --spider --proxy=off localhost:3000/health || exit 1'] +{% include 'roles/docker-container/templates/base.yml.j2' %} + command: bash -c "rm -f /mastodon/tmp/pids/server.pid; bundle exec rails s -p {{ container_port }}" +{% include 'roles/docker-container/templates/healthcheck/wget.yml.j2' %} ports: - - "127.0.0.1:{{ports.localhost.http[application_id]}}:3000" -{% include 'templates/docker/container/depends-on-database-redis.yml.j2' %} + - "127.0.0.1:{{ports.localhost.http[application_id]}}:{{ container_port }}" +{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %} volumes: - data:/mastodon/public/system {% include 'templates/docker/container/networks.yml.j2' %} streaming: +{% set container_port = 4000 %} +{% set container_healthcheck = 'api/v1/streaming/health' %} image: "{{ applications[application_id].images.streaming }}" -{% include 'roles/docker-compose/templates/services/base.yml.j2' %} +{% include 'roles/docker-container/templates/base.yml.j2' %} command: node ./streaming - healthcheck: - test: ['CMD-SHELL', 'wget -q --spider --proxy=off localhost:4000/api/v1/streaming/health || exit 1'] +{% include 'roles/docker-container/templates/healthcheck/wget.yml.j2' %} ports: - - "127.0.0.1:{{ports.localhost.websocket[application_id]}}:4000" -{% include 'templates/docker/container/depends-on-database-redis.yml.j2' %} + - "127.0.0.1:{{ports.localhost.websocket[application_id]}}:{{ container_port }}" +{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %} {% include 'templates/docker/container/networks.yml.j2' %} sidekiq: image: "{{ applications[application_id].images.mastodon }}" -{% include 'roles/docker-compose/templates/services/base.yml.j2' %} +{% include 'roles/docker-container/templates/base.yml.j2' %} command: bundle exec sidekiq -{% include 'templates/docker/container/depends-on-database-redis.yml.j2' %} +{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %} volumes: - data:/mastodon/public/system healthcheck: diff --git a/roles/docker-mastodon/vars/configuration.yml b/roles/docker-mastodon/vars/configuration.yml index d90a91cf..93ca83fc 100644 --- a/roles/docker-mastodon/vars/configuration.yml +++ b/roles/docker-mastodon/vars/configuration.yml @@ -16,4 +16,10 @@ domains: csp: whitelist: frame-src: - - "*" \ No newline at end of file + - "*" +docker: + services: + redis: + enabled: true + database: + enabled: true \ No newline at end of file diff --git a/roles/docker-matomo/templates/docker-compose.yml.j2 b/roles/docker-matomo/templates/docker-compose.yml.j2 index c7f858eb..6c41078f 100644 --- a/roles/docker-matomo/templates/docker-compose.yml.j2 +++ b/roles/docker-matomo/templates/docker-compose.yml.j2 @@ -1,22 +1,15 @@ -services: - -{% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %} - +{% include 'roles/docker-compose/templates/base.yml.j2' %} application: -{% include 'roles/docker-compose/templates/services/base.yml.j2' %} +{% set container_port = 80 %} +{% include 'roles/docker-container/templates/base.yml.j2' %} image: "{{ applications[application_id].images[application_id] }}" ports: - - "127.0.0.1:{{ports.localhost.http[application_id]}}:80" + - "127.0.0.1:{{ports.localhost.http[application_id]}}:{{ container_port }}" volumes: - data:/var/www/html -{% include 'templates/docker/container/depends-on-just-database.yml.j2' %} +{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %} {% include 'templates/docker/container/networks.yml.j2' %} - healthcheck: - test: ["CMD", "bash", "-c", "exec 3<>/dev/tcp/localhost/80 && echo -e 'GET / HTTP/1.1\\r\\nHost: localhost\\r\\nConnection: close\\r\\n\\r\\n' >&3 && cat <&3 | grep -q 'HTTP/1.1'"] - interval: 30s - timeout: 10s - retries: 3 - +{% include 'roles/docker-container/templates/healthcheck/tcp.yml.j2' %} {% include 'templates/docker/compose/volumes.yml.j2' %} data: diff --git a/roles/docker-matomo/vars/configuration.yml b/roles/docker-matomo/vars/configuration.yml index 19e364b9..37d41941 100644 --- a/roles/docker-matomo/vars/configuration.yml +++ b/roles/docker-matomo/vars/configuration.yml @@ -24,4 +24,9 @@ csp: domains: aliases: - "analytics.{{ primary_domain }}" -excluded_ips: "{{ networks.internet.values() | list }}" \ No newline at end of file +excluded_ips: "{{ networks.internet.values() | list }}" + +docker: + services: + database: + enabled: true \ No newline at end of file diff --git a/roles/docker-matrix/templates/docker-compose.yml.j2 b/roles/docker-matrix/templates/docker-compose.yml.j2 index 5f22047d..827ffd4d 100644 --- a/roles/docker-matrix/templates/docker-compose.yml.j2 +++ b/roles/docker-matrix/templates/docker-compose.yml.j2 @@ -1,8 +1,6 @@ -services: - -{% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %} - +{% include 'roles/docker-compose/templates/base.yml.j2' %} synapse: +{% set container_port = 8008 %} image: "{{ applications[application_id].images.synapse }}" container_name: matrix-synapse restart: {{docker_restart_policy}} @@ -19,35 +17,27 @@ services: - SYNAPSE_SERVER_NAME={{domains.matrix.synapse}} - SYNAPSE_REPORT_STATS=no ports: - - "127.0.0.1:{{ports.localhost.http.synapse}}:8008" - healthcheck: - test: ["CMD", "curl", "-f", "http://localhost:8008/"] - interval: 1m - timeout: 10s - retries: 3 + - "127.0.0.1:{{ports.localhost.http.synapse}}:{{ container_port }}" +{% include 'roles/docker-container/templates/healthcheck/curl.yml.j2' %} {% if bridges | length > 0 %} -{% include 'templates/docker/container/depends-on-also-database.yml.j2' %} {% for item in bridges %} mautrix-{{item.bridge_name}}: condition: service_healthy {% endfor %} {% else %} -{% include 'templates/docker/container/depends-on-just-database.yml.j2' %} {% endif %} +{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %} {% include 'templates/docker/container/networks.yml.j2' %} element: +{% set container_port = 80 %} image: "{{ applications[application_id].images.element }}" container_name: matrix-element restart: {{docker_restart_policy}} volumes: - ./element-config.json:/app/config.json ports: - - "127.0.0.1:{{ports.localhost.http.element}}:80" - healthcheck: - test: ["CMD", "wget", "--spider", "-q", "http://localhost:80/"] - interval: 1m - timeout: 10s - retries: 3 + - "127.0.0.1:{{ports.localhost.http.element}}:{{ container_port }}" +{% include 'roles/docker-container/templates/healthcheck/wget.yml.j2' %} {% include 'templates/docker/container/networks.yml.j2' %} {% for item in bridges %} diff --git a/roles/docker-matrix/vars/configuration.yml b/roles/docker-matrix/vars/configuration.yml index 8fa487e7..fb04c2e1 100644 --- a/roles/docker-matrix/vars/configuration.yml +++ b/roles/docker-matrix/vars/configuration.yml @@ -1,3 +1,7 @@ +docker: + services: + database: + enabled: true images: synapse: "matrixdotorg/synapse:latest" element: "vectorim/element-web:latest" diff --git a/roles/docker-mediawiki/templates/docker-compose.yml.j2 b/roles/docker-mediawiki/templates/docker-compose.yml.j2 index 9e8b372d..3386b092 100644 --- a/roles/docker-mediawiki/templates/docker-compose.yml.j2 +++ b/roles/docker-mediawiki/templates/docker-compose.yml.j2 @@ -1,18 +1,16 @@ -services: - -{% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %} - application: - # Seems like image tag got lost. @todo Check and implement if necessary - log_driver: journald - restart: "{{docker_restart_policy}}" - depends_on: - - database - volumes: - - "mediawiki-data:/var/www/html/" - ports: - - "127.0.0.1:{{ports.localhost.http[application_id]}}:80" +{% include 'roles/docker-compose/templates/base.yml.j2' %} + application: + # Seems like image tag got lost. @todo Check and implement if necessary + log_driver: journald + restart: "{{docker_restart_policy}}" + depends_on: + - database + volumes: + - "mediawiki-data:/var/www/html/" + ports: + - "127.0.0.1:{{ports.localhost.http[application_id]}}:80" {% include 'templates/docker/container/networks.yml.j2' %} -{% include 'templates/docker/container/depends-on-just-database.yml.j2' %} +{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %} {% include 'templates/docker/compose/volumes.yml.j2' %} data: diff --git a/roles/docker-mobilizon/templates/docker-compose.yml.j2 b/roles/docker-mobilizon/templates/docker-compose.yml.j2 index c1ba054e..1c991182 100644 --- a/roles/docker-mobilizon/templates/docker-compose.yml.j2 +++ b/roles/docker-mobilizon/templates/docker-compose.yml.j2 @@ -1,21 +1,14 @@ -services: - -{% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %} - +{% include 'roles/docker-compose/templates/base.yml.j2' %} application: image: "{{ applications[application_id].images[application_id] }}" volumes: - uploads:/var/lib/mobilizon/uploads - {{ mobilizon_host_conf_exs_file }}:/etc/mobilizon/config.exs:ro ports: - - "127.0.0.1:{{ ports.localhost.http[application_id] }}:{{ mobilizon_exposed_docker_port }}" - healthcheck: - test: ["CMD", "curl", "-f", "http://127.0.0.1:{{ mobilizon_exposed_docker_port }}"] - interval: 30s - timeout: 10s - retries: 3 -{% include 'roles/docker-compose/templates/services/base.yml.j2' %} -{% include 'templates/docker/container/depends-on-just-database.yml.j2' %} + - "127.0.0.1:{{ ports.localhost.http[application_id] }}:{{ container_port }}" +{% include 'roles/docker-container/templates/healthcheck/curl.yml.j2' %} +{% include 'roles/docker-container/templates/base.yml.j2' %} +{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %} {% include 'templates/docker/container/networks.yml.j2' %} {% include 'templates/docker/compose/volumes.yml.j2' %} diff --git a/roles/docker-mobilizon/templates/env.j2 b/roles/docker-mobilizon/templates/env.j2 index d0a40046..011a4aa7 100644 --- a/roles/docker-mobilizon/templates/env.j2 +++ b/roles/docker-mobilizon/templates/env.j2 @@ -15,7 +15,7 @@ MOBILIZON_INSTANCE_HOST={{ domains | get_domain(application_id) }} # MOBILIZON_INSTANCE_LISTEN_IP # The port to listen on (defaults to 4000). Point your reverse proxy on this port. -MOBILIZON_INSTANCE_PORT={{ mobilizon_exposed_docker_port }} +MOBILIZON_INSTANCE_PORT={{ container_port }} # Whether registrations are opened or closed. Can be changed in the admin settings UI as well. # Make sure to moderate actively your instance if registrations are opened. diff --git a/roles/docker-mobilizon/vars/configuration.yml b/roles/docker-mobilizon/vars/configuration.yml index 8844e95c..8e1de690 100644 --- a/roles/docker-mobilizon/vars/configuration.yml +++ b/roles/docker-mobilizon/vars/configuration.yml @@ -15,4 +15,8 @@ domains: canonical: - "event.{{ primary_domain }}" aliases: - - "events.{{ primary_domain }}" \ No newline at end of file + - "events.{{ primary_domain }}" +docker: + services: + database: + enabled: true \ No newline at end of file diff --git a/roles/docker-mobilizon/vars/main.yml b/roles/docker-mobilizon/vars/main.yml index 12b0d590..0e7393fb 100644 --- a/roles/docker-mobilizon/vars/main.yml +++ b/roles/docker-mobilizon/vars/main.yml @@ -4,5 +4,5 @@ database_type: "postgres" database_gis_enabled: true mobilizon_oidc_callback_url: "{{ domains | get_url(application_id, web_protocol) }}/auth/openid_connect/callback" -mobilizon_exposed_docker_port: 4000 +container_port: 4000 mobilizon_host_conf_exs_file: "{{docker_compose.directories.config}}config.exs" \ No newline at end of file diff --git a/roles/docker-moodle/templates/docker-compose.yml.j2 b/roles/docker-moodle/templates/docker-compose.yml.j2 index 3f5ee2f9..4ff18880 100644 --- a/roles/docker-moodle/templates/docker-compose.yml.j2 +++ b/roles/docker-moodle/templates/docker-compose.yml.j2 @@ -1,24 +1,20 @@ -services: +{% include 'roles/docker-compose/templates/base.yml.j2' %} -{% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %} moodle: +{% set container_port = 8008 %} container_name: {{ container_name }} build: context: . dockerfile: Dockerfile image: moodle_custom ports: - - 127.0.0.1:{{ports.localhost.http[application_id]}}:8080 -{% include 'roles/docker-compose/templates/services/base.yml.j2' %} + - 127.0.0.1:{{ports.localhost.http[application_id]}}:{{ container_port }} +{% include 'roles/docker-container/templates/base.yml.j2' %} volumes: - 'code:{{ bitnami_code_link }}' - 'data:{{ bitnami_data_dir }}' - healthcheck: - test: ["CMD", "bash", "-c", "exec 3<>/dev/tcp/localhost/8080 && echo -e 'GET / HTTP/1.1\\r\\nHost: localhost\\r\\nConnection: close\\r\\n\\r\\n' >&3 && cat <&3 | grep -q 'HTTP/1.1'"] - interval: 30s - timeout: 10s - retries: 3 -{% include 'templates/docker/container/depends-on-just-database.yml.j2' %} +{% include 'roles/docker-container/templates/healthcheck/tcp.yml.j2' %} +{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %} {% include 'templates/docker/container/networks.yml.j2' %} {% include 'templates/docker/compose/volumes.yml.j2' %} diff --git a/roles/docker-moodle/vars/configuration.yml b/roles/docker-moodle/vars/configuration.yml index 1255a316..5d2091aa 100644 --- a/roles/docker-moodle/vars/configuration.yml +++ b/roles/docker-moodle/vars/configuration.yml @@ -24,4 +24,8 @@ csp: - "https://cdn.jsdelivr.net" domains: canonical: - - "academy.{{ primary_domain }}" \ No newline at end of file + - "academy.{{ primary_domain }}" +docker: + services: + database: + enabled: true \ No newline at end of file diff --git a/roles/docker-mybb/templates/docker-compose.yml.j2 b/roles/docker-mybb/templates/docker-compose.yml.j2 index a8593f5a..bf232fff 100644 --- a/roles/docker-mybb/templates/docker-compose.yml.j2 +++ b/roles/docker-mybb/templates/docker-compose.yml.j2 @@ -1,7 +1,4 @@ -services: - -{% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %} - +{% include 'roles/docker-compose/templates/base.yml.j2' %} application: logging: driver: journald @@ -11,7 +8,7 @@ services: restart: {{docker_restart_policy}} volumes: - data:/var/www/html -{% include 'templates/docker/container/depends-on-just-database.yml.j2' %} +{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %} {% include 'templates/docker/container/networks.yml.j2' %} server: diff --git a/roles/docker-mybb/vars/configuration.yml b/roles/docker-mybb/vars/configuration.yml index 5eb1cdc9..2da79520 100644 --- a/roles/docker-mybb/vars/configuration.yml +++ b/roles/docker-mybb/vars/configuration.yml @@ -3,5 +3,10 @@ version: "latest" features: matomo: true css: true - portfolio_iframe: false - central_database: true \ No newline at end of file + portfolio_iframe: true + central_database: true + +docker: + services: + database: + enabled: true \ No newline at end of file diff --git a/roles/docker-nextcloud/templates/docker-compose.yml.j2 b/roles/docker-nextcloud/templates/docker-compose.yml.j2 index 100183f9..35b9db5e 100644 --- a/roles/docker-nextcloud/templates/docker-compose.yml.j2 +++ b/roles/docker-nextcloud/templates/docker-compose.yml.j2 @@ -1,8 +1,4 @@ -services: - -{% include 'templates/docker/services/redis.yml.j2' %} - -{% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %} +{% include 'roles/docker-compose/templates/base.yml.j2' %} application: image: "nextcloud:{{applications.nextcloud.version}}-fpm-alpine" @@ -15,8 +11,8 @@ services: interval: 1m timeout: 10s retries: 3 -{% include 'roles/docker-compose/templates/services/base.yml.j2' %} -{% include 'templates/docker/container/depends-on-database-redis.yml.j2' %} +{% include 'roles/docker-container/templates/base.yml.j2' %} +{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %} {% include 'templates/docker/container/networks.yml.j2' %} ipv4_address: 192.168.102.69 @@ -49,16 +45,13 @@ services: driver: journald restart: {{docker_restart_policy}} ports: - - "127.0.0.1:{{ports.localhost.http[application_id]}}:80" + - "127.0.0.1:{{ports.localhost.http[application_id]}}:{{ container_port }}" volumes: - "{{docker_compose.directories.volumes}}nginx.conf:/etc/nginx/nginx.conf:ro" volumes_from: - application - healthcheck: - test: ["CMD", "curl", "-f", "http://localhost:80/"] - interval: 1m - timeout: 10s - retries: 3 + +{% include 'roles/docker-container/templates/healthcheck/curl.yml.j2' %} networks: default: ipv4_address: 192.168.102.67 @@ -77,7 +70,7 @@ services: interval: 1m timeout: 10s retries: 3 -{% include 'templates/docker/container/depends-on-database-redis.yml.j2' %} +{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %} {% include 'templates/docker/container/networks.yml.j2' %} ipv4_address: 192.168.102.70 diff --git a/roles/docker-nextcloud/vars/configuration.yml b/roles/docker-nextcloud/vars/configuration.yml index 0eda8e1b..4db697d6 100644 --- a/roles/docker-nextcloud/vars/configuration.yml +++ b/roles/docker-nextcloud/vars/configuration.yml @@ -11,7 +11,12 @@ csp: domains: canonical: - "cloud.{{ primary_domain }}" - +docker: + services: + redis: + enabled: true + database: + enabled: true oidc: enabled: "{{ applications.nextcloud.features.oidc | default(true) }}" # Activate OIDC for Nextcloud # floavor decides which OICD plugin should be used. diff --git a/roles/docker-nextcloud/vars/main.yml b/roles/docker-nextcloud/vars/main.yml index 555b70d0..0bf2ed9e 100644 --- a/roles/docker-nextcloud/vars/main.yml +++ b/roles/docker-nextcloud/vars/main.yml @@ -1,6 +1,7 @@ --- # General application_id: "nextcloud" # Application identifier +container_port: 80 # Database database_password: "{{applications.nextcloud.credentials.database_password}}" # Database password diff --git a/roles/docker-openproject/templates/docker-compose.yml.j2 b/roles/docker-openproject/templates/docker-compose.yml.j2 index f341005e..660116dc 100644 --- a/roles/docker-openproject/templates/docker-compose.yml.j2 +++ b/roles/docker-openproject/templates/docker-compose.yml.j2 @@ -7,18 +7,15 @@ x-op-app: &app context: . dockerfile: Dockerfile -services: -{% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %} - -{% include 'roles/docker-oauth2-proxy/templates/container.yml.j2' %} +{% include 'roles/docker-compose/templates/base.yml.j2' %} cache: image: memcached container_name: openproject-memcached -{% include 'roles/docker-compose/templates/services/base.yml.j2' %} +{% include 'roles/docker-container/templates/base.yml.j2' %} proxy: -{% include 'roles/docker-compose/templates/services/base.yml.j2' %} +{% include 'roles/docker-container/templates/base.yml.j2' %} image: {{custom_openproject_image}} container_name: openproject-proxy command: "./docker/prod/proxy" @@ -34,32 +31,29 @@ services: web: <<: *app -{% include 'roles/docker-compose/templates/services/base.yml.j2' %} +{% include 'roles/docker-container/templates/base.yml.j2' %} command: "./docker/prod/web" container_name: openproject-web {% include 'templates/docker/container/networks.yml.j2' %} -{% include 'templates/docker/container/depends-on-also-database.yml.j2' %} +{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %} cache: condition: service_started seeder: condition: service_started - healthcheck: - test: ["CMD", "curl", "-f", "http://localhost:8080/health_checks/default"] - interval: 10s - timeout: 3s - retries: 3 - start_period: 30s +{% set container_port = 8080 %} +{% set container_healthcheck = 'health_checks/default' %} +{% include 'roles/docker-container/templates/healthcheck/curl.yml.j2' %} volumes: - "data:/var/openproject/assets" - "{{dummy_volume}}:/var/openproject/pgdata" # This mount is unnecessary and just done to prevent anonymous volumes worker: <<: *app -{% include 'roles/docker-compose/templates/services/base.yml.j2' %} +{% include 'roles/docker-container/templates/base.yml.j2' %} command: "./docker/prod/worker" container_name: openproject-worker {% include 'templates/docker/container/networks.yml.j2' %} -{% include 'templates/docker/container/depends-on-also-database.yml.j2' %} +{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %} cache: condition: service_started seeder: @@ -71,11 +65,11 @@ services: cron: <<: *app -{% include 'roles/docker-compose/templates/services/base.yml.j2' %} +{% include 'roles/docker-container/templates/base.yml.j2' %} command: "./docker/prod/cron" container_name: openproject-cron {% include 'templates/docker/container/networks.yml.j2' %} -{% include 'templates/docker/container/depends-on-also-database.yml.j2' %} +{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %} cache: condition: service_started seeder: @@ -98,7 +92,7 @@ services: - "data:/var/openproject/assets" - "{{dummy_volume}}:/var/openproject/pgdata" # This mount is unnecessary and just done to prevent anonymous volumes -{% include 'templates/docker/compose/networks.yml.j2' %} - {% include 'templates/docker/compose/volumes.yml.j2' %} - data: \ No newline at end of file + data: + +{% include 'templates/docker/compose/networks.yml.j2' %} \ No newline at end of file diff --git a/roles/docker-openproject/vars/configuration.yml b/roles/docker-openproject/vars/configuration.yml index ad8a53cb..405b0581 100644 --- a/roles/docker-openproject/vars/configuration.yml +++ b/roles/docker-openproject/vars/configuration.yml @@ -26,4 +26,9 @@ csp: unsafe-inline: true domains: canonical: - - "project.{{ primary_domain }}" \ No newline at end of file + - "project.{{ primary_domain }}" + +docker: + services: + database: + enabled: true \ No newline at end of file diff --git a/roles/docker-openproject/vars/main.yml b/roles/docker-openproject/vars/main.yml index dea3bc53..498a7f07 100644 --- a/roles/docker-openproject/vars/main.yml +++ b/roles/docker-openproject/vars/main.yml @@ -2,7 +2,7 @@ application_id: "openproject" docker_repository_address: "https://github.com/opf/openproject-deploy" database_type: "postgres" docker_repository: true - + openproject_plugins_folder: "{{docker_compose.directories.volumes}}plugins/" custom_openproject_image: "custom_openproject" diff --git a/roles/docker-peertube/templates/docker-compose.yml.j2 b/roles/docker-peertube/templates/docker-compose.yml.j2 index 849015db..5a163168 100644 --- a/roles/docker-peertube/templates/docker-compose.yml.j2 +++ b/roles/docker-peertube/templates/docker-compose.yml.j2 @@ -1,29 +1,22 @@ -services: - -{% include 'templates/docker/services/redis.yml.j2' %} - -{% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %} +{% include 'roles/docker-compose/templates/base.yml.j2' %} application: +{% set container_port = 9000 %} image: chocobozzz/peertube:production-{{ applications[application_id].version }} container_name: {{ container_name }} -{% include 'roles/docker-compose/templates/services/base.yml.j2' %} +{% include 'roles/docker-container/templates/base.yml.j2' %} ports: - "1935:1935" # @todo Add to ports - - "127.0.0.1:{{ports.localhost.http[application_id]}}:9000" + - "127.0.0.1:{{ports.localhost.http[application_id]}}:{{ container_port }}" volumes: - assets:/app/client/dist - data:/data - config:/config -{% include 'templates/docker/container/depends-on-database-redis.yml.j2' %} +{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %} {% include 'templates/docker/container/networks.yml.j2' %} healthcheck: # This just tests if the service is running on port 9000. It doesn't check if there is an 200 or e.g. an 404 response - test: ["CMD", "bash", "-c", "exec 3<>/dev/tcp/localhost/9000 && echo -e 'GET / HTTP/1.1\\r\\nHost: localhost\\r\\nConnection: close\\r\\n\\r\\n' >&3 && cat <&3 | grep -q 'HTTP/1.1'"] - interval: 30s - timeout: 10s - retries: 3 - +{% include 'roles/docker-container/templates/healthcheck/tcp.yml.j2' %} {% include 'templates/docker/compose/volumes.yml.j2' %} assets: data: diff --git a/roles/docker-peertube/vars/configuration.yml b/roles/docker-peertube/vars/configuration.yml index b5aa4fe2..9d8cf5bc 100644 --- a/roles/docker-peertube/vars/configuration.yml +++ b/roles/docker-peertube/vars/configuration.yml @@ -24,4 +24,10 @@ domains: canonical: - "video.{{ primary_domain }}" aliases: - - "videos.{{ primary_domain }}" \ No newline at end of file + - "videos.{{ primary_domain }}" +docker: + services: + redis: + enabled: true + database: + enabled: true \ No newline at end of file diff --git a/roles/docker-pgadmin/templates/docker-compose.yml.j2 b/roles/docker-pgadmin/templates/docker-compose.yml.j2 index 74c7e7c3..da47d7df 100644 --- a/roles/docker-pgadmin/templates/docker-compose.yml.j2 +++ b/roles/docker-pgadmin/templates/docker-compose.yml.j2 @@ -1,20 +1,15 @@ -services: - -{% include 'roles/docker-oauth2-proxy/templates/container.yml.j2' %} +{% include 'roles/docker-compose/templates/base.yml.j2' %} application: +{% set container_port = 80 %} image: dpage/pgadmin4:{{applications[application_id].version}} container_name: pgadmin -{% include 'roles/docker-compose/templates/services/base.yml.j2' %} +{% include 'roles/docker-container/templates/base.yml.j2' %} ports: - "127.0.0.1:{{ports.localhost.http[application_id]}}:80" -{% include 'templates/docker/container/depends-on-just-database.yml.j2' %} +{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %} {% include 'templates/docker/container/networks.yml.j2' %} - healthcheck: - test: ["CMD", "wget", "--spider", "-q", "http://localhost:80/"] - interval: 30s - timeout: 10s - retries: 3 +{% include 'roles/docker-container/templates/healthcheck/wget.yml.j2' %} volumes: - "data:/var/lib/pgadmin" {% if applications[application_id].server_mode | bool %} diff --git a/roles/docker-pgadmin/vars/configuration.yml b/roles/docker-pgadmin/vars/configuration.yml index 28cc13fa..b1a633ab 100644 --- a/roles/docker-pgadmin/vars/configuration.yml +++ b/roles/docker-pgadmin/vars/configuration.yml @@ -18,4 +18,8 @@ csp: unsafe-inline: true whitelist: font-src: - - "data:" \ No newline at end of file + - "data:" +docker: + services: + database: + enabled: true \ No newline at end of file diff --git a/roles/docker-phpldapadmin/templates/docker-compose.yml.j2 b/roles/docker-phpldapadmin/templates/docker-compose.yml.j2 index f8f0cb20..4ee3e341 100644 --- a/roles/docker-phpldapadmin/templates/docker-compose.yml.j2 +++ b/roles/docker-phpldapadmin/templates/docker-compose.yml.j2 @@ -1,13 +1,11 @@ -services: - -{% include 'roles/docker-oauth2-proxy/templates/container.yml.j2' %} +{% include 'roles/docker-compose/templates/base.yml.j2' %} application: container_name: {{ application_id }} image: leenooks/phpldapadmin:{{applications[application_id].version}} ports: - 127.0.0.1:{{ports.localhost.http[application_id]}}:8080 -{% include 'roles/docker-compose/templates/services/base.yml.j2' %} +{% include 'roles/docker-container/templates/base.yml.j2' %} {% include 'templates/docker/container/networks.yml.j2' %} diff --git a/roles/docker-phpmyadmin/templates/docker-compose.yml.j2 b/roles/docker-phpmyadmin/templates/docker-compose.yml.j2 index 7543cfd9..3a7f65be 100644 --- a/roles/docker-phpmyadmin/templates/docker-compose.yml.j2 +++ b/roles/docker-phpmyadmin/templates/docker-compose.yml.j2 @@ -1,19 +1,14 @@ -services: - -{% include 'roles/docker-oauth2-proxy/templates/container.yml.j2' %} +{% include 'roles/docker-compose/templates/base.yml.j2' %} application: +{% set container_port = 80 %} image: phpmyadmin/phpmyadmin:{{applications.phpmyadmin.version}} container_name: phpmyadmin -{% include 'roles/docker-compose/templates/services/base.yml.j2' %} +{% include 'roles/docker-container/templates/base.yml.j2' %} ports: - - "127.0.0.1:{{ports.localhost.http[application_id]}}:80" -{% include 'templates/docker/container/depends-on-just-database.yml.j2' %} + - "127.0.0.1:{{ports.localhost.http[application_id]}}:{{ container_port }}" +{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %} {% include 'templates/docker/container/networks.yml.j2' %} - healthcheck: - test: ["CMD", "bash", "-c", "exec 3<>/dev/tcp/localhost/80 && echo -e 'GET / HTTP/1.1\\r\\nHost: localhost\\r\\nConnection: close\\r\\n\\r\\n' >&3 && cat <&3 | grep -q 'HTTP/1.1'"] - interval: 30s - timeout: 10s - retries: 3 +{% include 'roles/docker-container/templates/healthcheck/tcp.yml.j2' %} {% include 'templates/docker/compose/networks.yml.j2' %} \ No newline at end of file diff --git a/roles/docker-phpmyadmin/vars/configuration.yml b/roles/docker-phpmyadmin/vars/configuration.yml index e5b6fcd5..3dad024f 100644 --- a/roles/docker-phpmyadmin/vars/configuration.yml +++ b/roles/docker-phpmyadmin/vars/configuration.yml @@ -20,3 +20,7 @@ domains: aliases: - "mysql.{{ primary_domain }}" - "mariadb.{{ primary_domain }}" +docker: + services: + database: + enabled: true diff --git a/roles/docker-pixelfed/templates/docker-compose.yml.j2 b/roles/docker-pixelfed/templates/docker-compose.yml.j2 index b715b1cc..e7988669 100644 --- a/roles/docker-pixelfed/templates/docker-compose.yml.j2 +++ b/roles/docker-pixelfed/templates/docker-compose.yml.j2 @@ -1,22 +1,18 @@ -services: - -{% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %} - -{% include 'templates/docker/services/redis.yml.j2' %} +{% include 'roles/docker-compose/templates/base.yml.j2' %} application: image: "{{ applications[application_id].images.pixelfed }}" -{% include 'roles/docker-compose/templates/services/base.yml.j2' %} +{% include 'roles/docker-container/templates/base.yml.j2' %} volumes: - "data:/var/www/storage" - "./env:/var/www/.env" ports: - "{{ports.localhost.http[application_id]}}:80" -{% include 'templates/docker/container/depends-on-database-redis.yml.j2' %} +{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %} {% include 'templates/docker/container/networks.yml.j2' %} worker: image: "{{ applications[application_id].images.pixelfed }}" -{% include 'roles/docker-compose/templates/services/base.yml.j2' %} +{% include 'roles/docker-container/templates/base.yml.j2' %} volumes: - "data:/var/www/storage" - "./env:/var/www/.env" @@ -26,7 +22,7 @@ services: interval: 60s timeout: 5s retries: 1 -{% include 'templates/docker/container/depends-on-database-redis.yml.j2' %} +{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %} application: condition: service_started {% include 'templates/docker/container/networks.yml.j2' %} diff --git a/roles/docker-pixelfed/vars/configuration.yml b/roles/docker-pixelfed/vars/configuration.yml index 440a4601..705f4398 100644 --- a/roles/docker-pixelfed/vars/configuration.yml +++ b/roles/docker-pixelfed/vars/configuration.yml @@ -22,4 +22,10 @@ domains: canonical: - "picture.{{ primary_domain }}" aliases: - - "pictures.{{ primary_domain }}" \ No newline at end of file + - "pictures.{{ primary_domain }}" +docker: + services: + redis: + enabled: true + database: + enabled: true \ No newline at end of file diff --git a/roles/docker-portfolio/templates/docker-compose.yml.j2 b/roles/docker-portfolio/templates/docker-compose.yml.j2 index 7c8af583..012ec521 100644 --- a/roles/docker-portfolio/templates/docker-compose.yml.j2 +++ b/roles/docker-portfolio/templates/docker-compose.yml.j2 @@ -1,19 +1,17 @@ -services: +{% include 'roles/docker-compose/templates/base.yml.j2' %} portfolio: +{% set container_port = 5000 %} build: context: {{docker_repository_path}} dockerfile: Dockerfile image: application-portfolio container_name: portfolio ports: - - 127.0.0.1:{{ports.localhost.http[application_id]}}:5000 + - 127.0.0.1:{{ports.localhost.http[application_id]}}:{{ container_port }} volumes: - {{docker_repository_path}}app:/app restart: unless-stopped {% include 'templates/docker/container/networks.yml.j2' %} - healthcheck: - test: ["CMD", "bash", "-c", "exec 3<>/dev/tcp/localhost/5000 && echo -e 'GET / HTTP/1.1\\r\\nHost: localhost\\r\\nConnection: close\\r\\n\\r\\n' >&3 && cat <&3 | grep -q 'HTTP/1.1'"] - interval: 30s - timeout: 10s - retries: 3 +{% include 'roles/docker-container/templates/healthcheck/tcp.yml.j2' %} + {% include 'templates/docker/compose/networks.yml.j2' %} \ No newline at end of file diff --git a/roles/docker-presentation/templates/docker-compose.yml.j2 b/roles/docker-presentation/templates/docker-compose.yml.j2 index fb0bbca5..2879b0d3 100644 --- a/roles/docker-presentation/templates/docker-compose.yml.j2 +++ b/roles/docker-presentation/templates/docker-compose.yml.j2 @@ -1,4 +1,4 @@ -services: +{% include 'roles/docker-compose/templates/base.yml.j2' %} cymais-presentation: build: context: {{ path_cymais_presentation_output.stdout }} @@ -8,7 +8,7 @@ services: volumes: - {{ path_cymais_presentation_output.stdout }}:/app - {{ path_cymais_output.stdout }}:/source -{% include 'roles/docker-compose/templates/services/base.yml.j2' %} +{% include 'roles/docker-container/templates/base.yml.j2' %} {% include 'templates/docker/container/networks.yml.j2' %} {% include 'templates/docker/compose/networks.yml.j2' %} diff --git a/roles/docker-roulette-wheel/templates/docker-compose.yml.j2 b/roles/docker-roulette-wheel/templates/docker-compose.yml.j2 index a825706c..926ce136 100644 --- a/roles/docker-roulette-wheel/templates/docker-compose.yml.j2 +++ b/roles/docker-roulette-wheel/templates/docker-compose.yml.j2 @@ -1,8 +1,10 @@ -services: +{% include 'roles/docker-compose/templates/base.yml.j2' %} application: container_name: roulette_application build: context: . ports: - 127.0.0.1:{{ports.localhost.http[application_id]}}:8080 - restart: {{docker_restart_policy}} \ No newline at end of file + restart: {{docker_restart_policy}} + +{% include 'templates/docker/compose/networks.yml.j2' %} \ No newline at end of file diff --git a/roles/docker-simpleicons/templates/docker-compose.yml.j2 b/roles/docker-simpleicons/templates/docker-compose.yml.j2 index 7154c5a8..fd047f22 100644 --- a/roles/docker-simpleicons/templates/docker-compose.yml.j2 +++ b/roles/docker-simpleicons/templates/docker-compose.yml.j2 @@ -1,4 +1,4 @@ -services: +{% include 'roles/docker-compose/templates/base.yml.j2' %} application: build: context: . @@ -7,7 +7,7 @@ services: container_name: simpleicons-server ports: - "{{ports.localhost.http[application_id]}}:3000" -{% include 'roles/docker-compose/templates/services/base.yml.j2' %} +{% include 'roles/docker-container/templates/base.yml.j2' %} {% include 'templates/docker/container/networks.yml.j2' %} {% include 'templates/docker/compose/networks.yml.j2' %} diff --git a/roles/docker-snipe-it/templates/docker-compose.yml.j2 b/roles/docker-snipe-it/templates/docker-compose.yml.j2 index b6a3e2ba..5f52ab0a 100644 --- a/roles/docker-snipe-it/templates/docker-compose.yml.j2 +++ b/roles/docker-snipe-it/templates/docker-compose.yml.j2 @@ -1,28 +1,18 @@ -services: - -{% include 'templates/docker/services/redis.yml.j2' %} - -{% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %} - -{% include 'roles/docker-oauth2-proxy/templates/container.yml.j2' %} +{% include 'roles/docker-compose/templates/base.yml.j2' %} application: +{% set container_port = 80 %} image: grokability/snipe-it:{{applications[application_id].version}} -{% include 'roles/docker-compose/templates/services/base.yml.j2' %} +{% include 'roles/docker-container/templates/base.yml.j2' %} volumes: - data:/var/lib/snipeit ports: - - "127.0.0.1:{{ports.localhost.http[application_id]}}:80" -{% include 'templates/docker/container/depends-on-database-redis.yml.j2' %} + - "127.0.0.1:{{ports.localhost.http[application_id]}}:{{ container_port }}" +{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %} {% include 'templates/docker/container/networks.yml.j2' %} - healthcheck: - test: ["CMD", "bash", "-c", "exec 3<>/dev/tcp/localhost/80 && echo -e 'GET / HTTP/1.1\\r\\nHost: localhost\\r\\nConnection: close\\r\\n\\r\\n' >&3 && cat <&3 | grep -q 'HTTP/1.1'"] - interval: 30s - timeout: 10s - retries: 3 - +{% include 'roles/docker-container/templates/healthcheck/tcp.yml.j2' %} {% include 'templates/docker/compose/volumes.yml.j2' %} redis: data: -{% include 'templates/docker/compose/networks.yml.j2' %} \ No newline at end of file +{% include 'templates/docker/compose/networks.yml.j2' %} diff --git a/roles/docker-snipe-it/vars/configuration.yml b/roles/docker-snipe-it/vars/configuration.yml index 574444e8..a73bc783 100644 --- a/roles/docker-snipe-it/vars/configuration.yml +++ b/roles/docker-snipe-it/vars/configuration.yml @@ -26,4 +26,10 @@ oauth2_proxy: port: "80" acl: blacklist: - - "/login" \ No newline at end of file + - "/login" +docker: + services: + redis: + enabled: true + database: + enabled: true \ No newline at end of file diff --git a/roles/docker-sphinx/templates/docker-compose.yml.j2 b/roles/docker-sphinx/templates/docker-compose.yml.j2 index f87613b1..70e70bdb 100644 --- a/roles/docker-sphinx/templates/docker-compose.yml.j2 +++ b/roles/docker-sphinx/templates/docker-compose.yml.j2 @@ -1,16 +1,13 @@ -services: +{% include 'roles/docker-compose/templates/base.yml.j2' %} application: +{% set container_port = 8008 %} build: context: {{ path_cymais_sphinx_output.stdout }} dockerfile: {{ path_cymais_sphinx_output.stdout }}/Dockerfile ports: - - "127.0.0.1:{{ports.localhost.http[application_id]}}:8000" - healthcheck: - test: ["CMD", "curl", "-f", "http://127.0.0.1:8000"] - interval: 1m - timeout: 10s - retries: 3 -{% include 'roles/docker-compose/templates/services/base.yml.j2' %} + - "127.0.0.1:{{ports.localhost.http[application_id]}}:{{ container_port }}" +{% include 'roles/docker-container/templates/healthcheck/curl.yml.j2' %} +{% include 'roles/docker-container/templates/base.yml.j2' %} {% include 'templates/docker/container/networks.yml.j2' %} {% include 'templates/docker/compose/networks.yml.j2' %} diff --git a/roles/docker-syncope/templates/docker-compose.yml.j2 b/roles/docker-syncope/templates/docker-compose.yml.j2 index 1c621f74..5c165ff6 100644 --- a/roles/docker-syncope/templates/docker-compose.yml.j2 +++ b/roles/docker-syncope/templates/docker-compose.yml.j2 @@ -1,7 +1,4 @@ -services: - -{% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %} - +{% include 'roles/docker-compose/templates/base.yml.j2' %} application: depends_on: - db @@ -9,7 +6,7 @@ services: ports: - "18080:8080" restart: always -{% include 'roles/docker-compose/templates/services/base.yml.j2' %} +{% include 'roles/docker-container/templates/base.yml.j2' %} environment: SPRING_PROFILES_ACTIVE: docker,postgresql,saml2 OPENJPA_REMOTE_COMMIT: sjvm @@ -37,4 +34,5 @@ services: environment: SPRING_PROFILES_ACTIVE: docker,saml2 SERVICE_DISCOVERY_ADDRESS: {{ domains | get_url(application_id, web_protocol) }}/{{syncope_paths[enduser]}}/ - \ No newline at end of file + +{% include 'templates/docker/compose/networks.yml.j2' %} \ No newline at end of file diff --git a/roles/docker-taiga/templates/docker-compose-inits.yml.j2 b/roles/docker-taiga/templates/docker-compose-inits.yml.j2 index d3de71a2..2ad812b7 100644 --- a/roles/docker-taiga/templates/docker-compose-inits.yml.j2 +++ b/roles/docker-taiga/templates/docker-compose-inits.yml.j2 @@ -3,7 +3,7 @@ services: image: taigaio/taiga-back:latest environment: CELERY_ENABLED: "False" -{% include 'templates/docker/container/depends-on-just-database.yml.j2' %} +{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %} {% include 'templates/docker/container/networks.yml.j2' %} entrypoint: "python manage.py" volumes: diff --git a/roles/docker-taiga/templates/docker-compose.yml.j2 b/roles/docker-taiga/templates/docker-compose.yml.j2 index bca30e84..fa5a634b 100644 --- a/roles/docker-taiga/templates/docker-compose.yml.j2 +++ b/roles/docker-taiga/templates/docker-compose.yml.j2 @@ -1,7 +1,7 @@ -services: -{% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %} +{% include 'roles/docker-compose/templates/base.yml.j2' %} + taiga-back: -{% include 'roles/docker-compose/templates/services/base.yml.j2' %} +{% include 'roles/docker-container/templates/base.yml.j2' %} image: {{taiga_image_backend}}:{{applications.taiga.version}} volumes: # These volumens will be used by taiga-back and taiga-async. @@ -17,7 +17,7 @@ services: {% include 'templates/docker/container/networks.yml.j2' %} taiga: -{% include 'templates/docker/container/depends-on-also-database.yml.j2' %} +{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %} taiga-events-rabbitmq: condition: service_started taiga-async-rabbitmq: @@ -33,7 +33,7 @@ services: taiga-async: -{% include 'roles/docker-compose/templates/services/base.yml.j2' %} +{% include 'roles/docker-container/templates/base.yml.j2' %} image: {{taiga_image_backend}}:{{applications.taiga.version}} entrypoint: ["/taiga-back/docker/async_entrypoint.sh"] volumes: @@ -52,7 +52,7 @@ services: {% include 'templates/docker/container/networks.yml.j2' %} taiga: -{% include 'templates/docker/container/depends-on-also-database.yml.j2' %} +{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %} taiga-events-rabbitmq: condition: service_started taiga-async-rabbitmq: @@ -71,13 +71,13 @@ services: hostname: "taiga-async-rabbitmq" volumes: - async-rabbitmq-data:/var/lib/rabbitmq -{% include 'roles/docker-compose/templates/services/base.yml.j2' %} +{% include 'roles/docker-container/templates/base.yml.j2' %} {% include 'templates/docker/container/networks.yml.j2' %} taiga: taiga-front: image: {{taiga_image_frontend}}:{{applications.taiga.version}} -{% include 'roles/docker-compose/templates/services/base.yml.j2' %} +{% include 'roles/docker-container/templates/base.yml.j2' %} {% include 'templates/docker/container/networks.yml.j2' %} taiga: # volumes: @@ -85,7 +85,7 @@ services: taiga-events: image: taigaio/taiga-events:latest -{% include 'roles/docker-compose/templates/services/base.yml.j2' %} +{% include 'roles/docker-container/templates/base.yml.j2' %} {% include 'templates/docker/container/networks.yml.j2' %} taiga: depends_on: @@ -97,14 +97,14 @@ services: hostname: "events-rabbitmq" volumes: - events-rabbitmq-data:/var/lib/rabbitmq -{% include 'roles/docker-compose/templates/services/base.yml.j2' %} +{% include 'roles/docker-container/templates/base.yml.j2' %} {% include 'templates/docker/container/networks.yml.j2' %} taiga: taiga-protected: image: taigaio/taiga-protected:latest -{% include 'roles/docker-compose/templates/services/base.yml.j2' %} +{% include 'roles/docker-container/templates/base.yml.j2' %} {% include 'templates/docker/container/networks.yml.j2' %} taiga: @@ -117,7 +117,7 @@ services: - {{docker_repository_path}}taiga-gateway/taiga.conf:/etc/nginx/conf.d/default.conf - static-data:/taiga/static - media-data:/taiga/media -{% include 'roles/docker-compose/templates/services/base.yml.j2' %} +{% include 'roles/docker-container/templates/base.yml.j2' %} {% include 'templates/docker/container/networks.yml.j2' %} taiga: @@ -133,4 +133,4 @@ services: events-rabbitmq-data: {% include 'templates/docker/compose/networks.yml.j2' %} - taiga: + taiga: \ No newline at end of file diff --git a/roles/docker-taiga/vars/configuration.yml b/roles/docker-taiga/vars/configuration.yml index 52f2511a..2f5f9144 100644 --- a/roles/docker-taiga/vars/configuration.yml +++ b/roles/docker-taiga/vars/configuration.yml @@ -12,7 +12,10 @@ features: portfolio_iframe: false oidc: false central_database: true - +docker: + services: + database: + enabled: true csp: flags: script-src-elem: @@ -21,7 +24,7 @@ csp: style-src: unsafe-inline: true script-src: - unsafe-eval: true + unsafe-eval: true domains: canonical: - "kanban.{{ primary_domain }}" \ No newline at end of file diff --git a/roles/docker-wordpress/templates/docker-compose.yml.j2 b/roles/docker-wordpress/templates/docker-compose.yml.j2 index a2dc917c..47eca248 100644 --- a/roles/docker-wordpress/templates/docker-compose.yml.j2 +++ b/roles/docker-wordpress/templates/docker-compose.yml.j2 @@ -1,9 +1,6 @@ -services: - -{% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %} - +{% include 'roles/docker-compose/templates/base.yml.j2' %} application: - {% include 'roles/docker-compose/templates/services/base.yml.j2' %} + {% include 'roles/docker-container/templates/base.yml.j2' %} image: {{wordpress_custom_image}} container_name: wordpress-application build: @@ -13,9 +10,8 @@ services: volumes: - data:{{ wordpress_docker_html_path }} -{% include 'roles/docker-compose/templates/services/msmtp_curl_test.yml.j2' %} - -{% include 'templates/docker/container/depends-on-just-database.yml.j2' %} +{% include 'roles/docker-container/templates/healthcheck/msmtp_curl.yml.j2' %} +{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %} {% include 'templates/docker/container/networks.yml.j2' %} {% include 'templates/docker/compose/networks.yml.j2' %} diff --git a/roles/docker-wordpress/vars/configuration.yml b/roles/docker-wordpress/vars/configuration.yml index 21de4380..13895f41 100644 --- a/roles/docker-wordpress/vars/configuration.yml +++ b/roles/docker-wordpress/vars/configuration.yml @@ -39,6 +39,10 @@ csp: domains: canonical: - "blog.{{ primary_domain }}" +docker: + services: + database: + enabled: true rbac: roles: subscriber: diff --git a/roles/docker-yourls/templates/docker-compose.yml.j2 b/roles/docker-yourls/templates/docker-compose.yml.j2 index 6236a3ca..8bab6df0 100644 --- a/roles/docker-yourls/templates/docker-compose.yml.j2 +++ b/roles/docker-yourls/templates/docker-compose.yml.j2 @@ -1,22 +1,17 @@ -services: - -{% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %} - -{% include 'roles/docker-oauth2-proxy/templates/container.yml.j2' %} +{% include 'roles/docker-compose/templates/base.yml.j2' %} application: +{% set container_port = 80 %} +{% set container_healthcheck = 'http://127.0.0.1/admin/' %} image: yourls:{{applications.yourls.version}} -{% include 'roles/docker-compose/templates/services/base.yml.j2' %} +{% include 'roles/docker-container/templates/base.yml.j2' %} ports: - - "127.0.0.1:{{ports.localhost.http[application_id]}}:80" - healthcheck: - test: ["CMD", "curl", "-f", "http://127.0.0.1/admin/"] - interval: 1m - timeout: 10s - retries: 3 + - "127.0.0.1:{{ports.localhost.http[application_id]}}:{{ container_port }}" +{% include 'roles/docker-container/templates/healthcheck/curl.yml.j2' %} -{% include 'templates/docker/container/depends-on-just-database.yml.j2' %} +{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %} {% include 'templates/docker/container/networks.yml.j2' %} {% include 'templates/docker/compose/volumes-just-database.yml.j2' %} + {% include 'templates/docker/compose/networks.yml.j2' %} diff --git a/roles/docker-yourls/vars/configuration.yml b/roles/docker-yourls/vars/configuration.yml index ffbd2385..8f1daa92 100644 --- a/roles/docker-yourls/vars/configuration.yml +++ b/roles/docker-yourls/vars/configuration.yml @@ -17,4 +17,8 @@ domains: canonical: - "s.{{ primary_domain }}" aliases: - - "short.{{ primary_domain }}" \ No newline at end of file + - "short.{{ primary_domain }}" +docker: + services: + database: + enabled: true \ No newline at end of file diff --git a/templates/docker/container/depends-on-also-database.yml.j2 b/templates/docker/container/depends-on-also-database.yml.j2 deleted file mode 100644 index 1363e8f7..00000000 --- a/templates/docker/container/depends-on-also-database.yml.j2 +++ /dev/null @@ -1,7 +0,0 @@ -{# This template needs to be included in docker-compose.yml containers which depend on a database and additional containers #} - depends_on: -{% if not applications | is_feature_enabled('central_database',application_id) %} - database: - condition: service_healthy -{% endif %} -{{ "\n" }} \ No newline at end of file diff --git a/templates/docker/container/depends-on-database-redis.yml.j2 b/templates/docker/container/depends-on-database-redis.yml.j2 deleted file mode 100644 index 16c4aefc..00000000 --- a/templates/docker/container/depends-on-database-redis.yml.j2 +++ /dev/null @@ -1,9 +0,0 @@ -{# This template needs to be included in docker-compose.yml containers, which depend on a database, redis and optional additional volumes #} - depends_on: -{% if not applications | is_feature_enabled('central_database',application_id) %} - database: - condition: service_healthy -{% endif %} - redis: - condition: service_healthy -{{ "\n" }} \ No newline at end of file diff --git a/templates/docker/container/depends-on-just-database.yml.j2 b/templates/docker/container/depends-on-just-database.yml.j2 deleted file mode 100644 index db43d852..00000000 --- a/templates/docker/container/depends-on-just-database.yml.j2 +++ /dev/null @@ -1,7 +0,0 @@ -{# This template needs to be included in docker-compose.yml containers, which just depend on a database #} -{% if not applications | is_feature_enabled('central_database',application_id) %} - depends_on: - database: - condition: service_healthy -{% endif %} -{{ "\n" }} \ No newline at end of file diff --git a/templates/docker_role/templates/docker-compose.yml.j2.j2 b/templates/docker_role/templates/docker-compose.yml.j2.j2 index 7c8af583..2c5702c6 100644 --- a/templates/docker_role/templates/docker-compose.yml.j2.j2 +++ b/templates/docker_role/templates/docker-compose.yml.j2.j2 @@ -1,19 +1,21 @@ services: - portfolio: - build: - context: {{docker_repository_path}} - dockerfile: Dockerfile - image: application-portfolio - container_name: portfolio - ports: - - 127.0.0.1:{{ports.localhost.http[application_id]}}:5000 + +{% include 'roles/docker-central-database/templates/services/main.yml.j2' %} + + application: + image: "{{ applications[application_id].images[application_id] }}" volumes: - - {{docker_repository_path}}app:/app - restart: unless-stopped + - uploads:/var/lib/mobilizon/uploads + - {{ mobilizon_host_conf_exs_file }}:/etc/mobilizon/config.exs:ro + ports: + - "127.0.0.1:{{ ports.localhost.http[application_id] }}:{{ container_port }}" +{% include 'roles/docker-container/templates/healthcheck/curl.yml.j2' %} +{% include 'roles/docker-container/templates/base.yml.j2' %} +{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %} {% include 'templates/docker/container/networks.yml.j2' %} - healthcheck: - test: ["CMD", "bash", "-c", "exec 3<>/dev/tcp/localhost/5000 && echo -e 'GET / HTTP/1.1\\r\\nHost: localhost\\r\\nConnection: close\\r\\n\\r\\n' >&3 && cat <&3 | grep -q 'HTTP/1.1'"] - interval: 30s - timeout: 10s - retries: 3 -{% include 'templates/docker/compose/networks.yml.j2' %} \ No newline at end of file + +{% include 'templates/docker/compose/volumes.yml.j2' %} + uploads: + +{% include 'templates/docker/compose/networks.yml.j2' %} + diff --git a/templates/docker_role/vars/configuration.yml.j2 b/templates/docker_role/vars/configuration.yml.j2 index 93e8620d..35d99617 100644 --- a/templates/docker_role/vars/configuration.yml.j2 +++ b/templates/docker_role/vars/configuration.yml.j2 @@ -1,7 +1,10 @@ credentials: docker: - images: {} - versions: {} + images: {} # @todo Move under services + versions: {} # @todo Move under services + services: + redis: + enabled: false # Enable Redis features: matomo: true # Enable Matomo Tracking css: true # Enable Global CSS Styling @@ -16,4 +19,8 @@ csp: domains: canonical: [] # Urls under which the domain should be directly accessible alias: [] # Alias redirections to the first element of the canonical domains +rbac: + roles: + mail-bot: + description: "Has an token to send and recieve emails" diff --git a/tests/integration/test_application_id_consistency.py b/tests/integration/test_application_id_consistency.py index 75d822c3..92b0f81e 100644 --- a/tests/integration/test_application_id_consistency.py +++ b/tests/integration/test_application_id_consistency.py @@ -11,7 +11,7 @@ class TestApplicationIdConsistency(unittest.TestCase): failed_roles = [] for role_path in ROLES_DIR.iterdir(): - if role_path.name in ["docker-compose", "docker-central-database", "docker-repository-setup"]: + if role_path.name in ["docker-container","docker-compose", "docker-central-database", "docker-repository-setup"]: continue if role_path.is_dir() and role_path.name.startswith("docker-"): diff --git a/tests/integration/test_configuration_database_dependency.py b/tests/integration/test_configuration_database_dependency.py new file mode 100644 index 00000000..226e0106 --- /dev/null +++ b/tests/integration/test_configuration_database_dependency.py @@ -0,0 +1,43 @@ +import unittest +from pathlib import Path +import yaml + +class TestConfigurationDatabaseDependency(unittest.TestCase): + # Define project root and glob pattern for configuration files + PROJECT_ROOT = Path(__file__).resolve().parents[2] + CONFIG_PATTERN = 'roles/*/vars/configuration.yml' + + def test_central_database_implies_database_service_enabled(self): + """ + For each roles/*/vars/configuration.yml: + If features.central_database is true, + then docker.services.database.enabled must be true. + """ + config_paths = sorted(self.PROJECT_ROOT.glob(self.CONFIG_PATTERN)) + self.assertTrue(config_paths, f"No configuration files found for pattern {self.CONFIG_PATTERN}") + + for config_path in config_paths: + with self.subTest(configuration=config_path): + content = yaml.safe_load(config_path.read_text(encoding='utf-8')) or {} + + # Read central_database flag + features = content.get('features', {}) + central_db = features.get('central_database', False) + + # Read database enabled flag + docker = content.get('docker', {}) + services = docker.get('services', {}) + database = services.get('database', {}) + db_enabled = database.get('enabled', False) + + if central_db: + self.assertTrue( + db_enabled, + f"{config_path}: features.central_database is true but docker.services.database.enabled is not true" + ) + else: + # No requirement when central_database is false or absent + self.assertTrue(True) + +if __name__ == '__main__': + unittest.main() diff --git a/tests/integration/test_docker_compose_templates.py b/tests/integration/test_docker_compose_templates.py new file mode 100644 index 00000000..33a5da1c --- /dev/null +++ b/tests/integration/test_docker_compose_templates.py @@ -0,0 +1,67 @@ +import re +import warnings +import unittest +from pathlib import Path + +class TestDockerComposeTemplates(unittest.TestCase): + # Search for all roles/*/templates/docker-compose.yml.j2 + PROJECT_ROOT = Path(__file__).resolve().parents[2] + TEMPLATE_PATTERN = 'roles/*/templates/docker-compose.yml.j2' + + # Allowed lines before BASE_INCLUDE + ALLOWED_BEFORE_BASE = [ + re.compile(r'^\s*$'), # empty line + re.compile(r'^\s*version:.*$'), # version: ... + re.compile(r'^\s*#.*$'), # YAML comment + re.compile(r'^\s*\{\#.*\#\}\s*$'), # Jinja comment {# ... #} + ] + + BASE_INCLUDE = "{% include 'roles/docker-compose/templates/base.yml.j2' %}" + NET_INCLUDE = "{% include 'templates/docker/compose/networks.yml.j2' %}" + + def test_docker_compose_includes(self): + """ + Verifies for each found docker-compose.yml.j2: + 1. BASE_INCLUDE and NET_INCLUDE are present + 2. BASE_INCLUDE appears before NET_INCLUDE + 3. Only allowed lines appear before BASE_INCLUDE (invalid lines issue warnings) + """ + template_paths = sorted( + self.PROJECT_ROOT.glob(self.TEMPLATE_PATTERN) + ) + self.assertTrue(template_paths, f"No templates found for pattern {self.TEMPLATE_PATTERN}") + + for template_path in template_paths: + with self.subTest(template=template_path): + content = template_path.read_text(encoding='utf-8') + lines = content.splitlines() + + # Find BASE_INCLUDE + try: + idx_base = lines.index(self.BASE_INCLUDE) + except ValueError: + self.fail(f"{template_path}: '{self.BASE_INCLUDE}' not found") + + # Find NET_INCLUDE + try: + idx_net = lines.index(self.NET_INCLUDE) + except ValueError: + self.fail(f"{template_path}: '{self.NET_INCLUDE}' not found") + + # Check order + self.assertLess( + idx_base, + idx_net, + f"{template_path}: '{self.BASE_INCLUDE}' must come before '{self.NET_INCLUDE}'" + ) + + # Warn on invalid lines before BASE_INCLUDE + for i, line in enumerate(lines[:idx_base]): + if not any(pat.match(line) for pat in self.ALLOWED_BEFORE_BASE): + warnings.warn( + f"{template_path}: Invalid line before {self.BASE_INCLUDE} (line {i+1}): {line!r}", + category=RuntimeWarning + ) + +if __name__ == '__main__': + unittest.main() diff --git a/tests/integration/test_jinja_includes.py b/tests/integration/test_jinja_includes.py new file mode 100644 index 00000000..31079ef7 --- /dev/null +++ b/tests/integration/test_jinja_includes.py @@ -0,0 +1,48 @@ +import re +import unittest +from pathlib import Path + +class TestJinjaIncludePaths(unittest.TestCase): + """ + Verifies that in all .j2 files in the project (root + subfolders): + - Every {% include 'string/path' %} or {% include "string/path" %} refers to an existing file. + - Any include using a variable or concatenation is ignored. + """ + PROJECT_ROOT = Path(__file__).resolve().parents[2] + # Fängt jede include-Direktive ein (den gesamten Ausdruck zwischen include und %}) + INCLUDE_STMT_RE = re.compile(r"{%\s*include\s+(.+?)\s*%}") + # Erlaubt nur ein einzelnes String-Literal (Gänse- oder einfache Anführungszeichen) + LITERAL_PATH_RE = re.compile(r"^['\"]([^'\"]+)['\"]$") + + def test_all_jinja_includes_exist(self): + template_paths = list(self.PROJECT_ROOT.glob("**/*.j2")) + self.assertTrue( + template_paths, + "No .j2 templates found anywhere in the project" + ) + + missing = [] + for tpl in template_paths: + text = tpl.read_text(encoding="utf-8") + for stmt in self.INCLUDE_STMT_RE.finditer(text): + expr = stmt.group(1).strip() + m = self.LITERAL_PATH_RE.match(expr) + if not m: + continue # Variable-based includes ignorieren + + include_path = m.group(1) + abs_target = self.PROJECT_ROOT / include_path + rel_target = tpl.parent / include_path + + if not (abs_target.exists() or rel_target.exists()): + rel_tpl = tpl.relative_to(self.PROJECT_ROOT) + missing.append( + f"{rel_tpl}: included file '{include_path}' not found " + f"(neither in PROJECT_ROOT nor in {tpl.parent.relative_to(self.PROJECT_ROOT)})" + ) + + if missing: + self.fail("Broken {% include %} references:\n" + "\n".join(missing)) + +if __name__ == "__main__": + unittest.main()