Refactored docker-compose roles

2025-07-08 01:25:14 +02:00 · 2025-07-07 03:24:54 +02:00 · 2025-07-07 03:24:54 +02:00 · 38ed1e94e8
commit 38ed1e94e8
parent 2ea7a606b6
102 changed files with 681 additions and 507 deletions
--- a/docs/guides/developer/Role_Creation.md
+++ b/docs/guides/developer/Role_Creation.md
@ -111,11 +111,6 @@ Now that you have defined the application settings, domain, and application ID,
          dockerfile: {{ path_cymais_my_service_output.stdout }}/Dockerfile
        ports:
          - "127.0.0.1:{{ ports.localhost.http[application_id] }}:5000"
        healthcheck:
          test: ["CMD", "curl", "-f", "http://127.0.0.1:5000"]
          interval: 1m
          timeout: 10s
          retries: 3
        volumes:
          - {{ path_cymais_my_service_output.stdout }}:/app
          - {{ path_cymais_output.stdout }}:/source
--- a/roles/docker-akaunting/templates/docker-compose.yml.j2
+++ b/roles/docker-akaunting/templates/docker-compose.yml.j2
@ -1,10 +1,7 @@
-services:
+{% include 'roles/docker-compose/templates/base.yml.j2' %}
 {% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %}
  application:
-{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
+{% include 'roles/docker-container/templates/base.yml.j2' %}
    image: "{{ applications[application_id].images[application_id] }}"
    build:
@ -16,7 +13,7 @@ services:
    environment:
      - AKAUNTING_SETUP
 {% include 'templates/docker/container/networks.yml.j2' %}
-{% include 'templates/docker/container/depends-on-just-database.yml.j2' %}
+{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %}
 {% include 'templates/docker/compose/volumes.yml.j2' %}
  data:
--- a/roles/docker-akaunting/vars/configuration.yml
+++ b/roles/docker-akaunting/vars/configuration.yml
@ -12,4 +12,8 @@ credentials:
 domains:
  canonical:
    - "accounting.{{ primary_domain }}"
 docker:
  services:
    database:
      enabled: true
--- a/roles/docker-attendize/templates/docker-compose.yml.j2
+++ b/roles/docker-attendize/templates/docker-compose.yml.j2
@ -1,8 +1,4 @@
-services:
+{% include 'roles/docker-compose/templates/base.yml.j2' %}
 {% include 'templates/docker/services/redis.yml.j2' %}
 {% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %}
  web:
    image: "{{ applications[application_id].images.web }}"
@ -11,7 +7,7 @@ services:
    volumes:
      - .:/usr/share/nginx/html
      - .:/var/www
-{% include 'templates/docker/container/depends-on-database-redis.yml.j2' %}
+{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %}
      maildev:
      worker:
    env_file:
@ -20,7 +16,7 @@ services:
  worker:
    image: "{{ applications[application_id].images.worker }}"
-{% include 'templates/docker/container/depends-on-database-redis.yml.j2' %}
+{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %}
      maildev:
 {% include 'templates/docker/container/networks.yml.j2' %}
    volumes:
--- a/roles/docker-attendize/vars/configuration.yml
+++ b/roles/docker-attendize/vars/configuration.yml
@ -7,7 +7,12 @@ features:
  css:              true
  portfolio_iframe: false
  central_database: true
-
+docker:
  services:
    redis:
      enabled: true
    database: 
      enabled: true
 domains:
  canonical:
    - "tickets.{{ primary_domain }}"
--- a/roles/docker-baserow/templates/docker-compose.yml.j2
+++ b/roles/docker-baserow/templates/docker-compose.yml.j2
@ -1,11 +1,7 @@
-services:
+{% include 'roles/docker-compose/templates/base.yml.j2' %}
 {% include 'templates/docker/services/redis.yml.j2' %}
 {% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %}
  application:
-{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
+{% include 'roles/docker-container/templates/base.yml.j2' %}
    image: "{{ applications[application_id].images.baserow }}"
    container_name: baserow-application
    volumes:
@ -13,7 +9,7 @@ services:
    ports:
      - "{{ports.localhost.http[application_id]}}:80"
 {% include 'templates/docker/container/networks.yml.j2' %}
-{% include 'templates/docker/container/depends-on-database-redis.yml.j2' %}
+{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %}
 {% include 'templates/docker/compose/volumes.yml.j2' %}
  data:
--- a/roles/docker-baserow/vars/configuration.yml
+++ b/roles/docker-baserow/vars/configuration.yml
@ -1,7 +1,13 @@
 images:
-  baserow:        "baserow/baserow:latest"
+  baserow:            "baserow/baserow:latest"
 features:
  matomo:             true
  css:                true
  portfolio_iframe:   true
-  central_database:   true
+  central_database:   true
 docker:
  services:
    redis:
      enabled:        true
    database:
      enabled: true
--- a/roles/docker-bluesky/templates/docker-compose.yml.j2
+++ b/roles/docker-bluesky/templates/docker-compose.yml.j2
@ -1,17 +1,17 @@
-services:
+{% include 'roles/docker-compose/templates/base.yml.j2' %}
  pds:
 {% set container_port = 3000 %}
 {% set container_healthcheck = 'xrpc/_health' %}
    image: "{{ applications[application_id].images.pds }}"
-{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
+{% include 'roles/docker-container/templates/base.yml.j2' %}
    volumes:
        - pds_data:/opt/pds
        - {{pdsadmin_file_path}}:/usr/local/bin/pdsadmin:ro
    ports:
-      - "127.0.0.1:{{ports.localhost.http.bluesky_api}}:3000"
+      - "127.0.0.1:{{ports.localhost.http.bluesky_api}}:{{ container_port }}"
-    healthcheck:
+
-      test: ["CMD", "wget", "--spider", "http://127.0.0.1:3000/xrpc/_health"]
+{% include 'roles/docker-container/templates/healthcheck/wget.yml.j2' %}
      interval: 1m
      timeout: 10s
      retries: 3
 {% include 'templates/docker/container/networks.yml.j2' %}
 #  Deactivated for the moment @see https://github.com/bluesky-social/social-app
--- a/roles/docker-bluesky/vars/configuration.yml
+++ b/roles/docker-bluesky/vars/configuration.yml
@ -11,4 +11,8 @@ features:
 domains:
  canonical:
    web:  "bskyweb.{{ primary_domain }}"
-    api:  "bluesky.{{ primary_domain }}"
+    api:  "bluesky.{{ primary_domain }}"
 docker:
  services:
    database:
      enabled: true
--- a/roles/docker-central-database/templates/services/main.yml.j2
+++ b/roles/docker-central-database/templates/services/main.yml.j2
@ -0,0 +1 @@
 {% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %}
--- a/roles/docker-collabora/templates/docker-compose.yml.j2
+++ b/roles/docker-collabora/templates/docker-compose.yml.j2
@ -1,6 +1,4 @@
-services:
+{% include 'roles/docker-compose/templates/base.yml.j2' %}
 {% include 'templates/docker/services/redis.yml.j2' %}
  collabora:
    image: collabora/code
@ -8,8 +6,8 @@ services:
    ports:
      - "127.0.0.1:{{ports.localhost.http[application_id]}}:80"
-{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
+{% include 'roles/docker-container/templates/base.yml.j2' %}
-{% include 'templates/docker/container/depends-on-database-redis.yml.j2' %}
+{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %}
 {% include 'templates/docker/container/networks.yml.j2' %}
 {% include 'templates/docker/compose/networks.yml.j2' %}
--- a/roles/docker-collabora/vars/configuration.yml
+++ b/roles/docker-collabora/vars/configuration.yml
@ -1,3 +1,9 @@
 domains:
  canonical:
-    - "collabora.{{ primary_domain }}"
+    - "collabora.{{ primary_domain }}"
 docker:
  services:
    redis:
      enabled: true
    database: 
      enabled: false # May this is wrong. Just set during refactoring
--- a/roles/docker-compose/templates/base.yml.j2
+++ b/roles/docker-compose/templates/base.yml.j2
@ -0,0 +1,15 @@
 {# Base template for all docker-compose.yml.j2 #}
 services:
 {# Load Database #}
 {% if applications[application_id].docker.database.enabled | default(false) | bool %}
 {% include 'roles/docker-central-database/templates/services/main.yml.j2' %}
 {% endif %}
 {# Load Redis #}
 {% if applications[application_id].docker.redis.enabled | default(false) | bool %}
 {% include 'templates/docker/services/redis.yml.j2' %}
 {% endif %}
 {# Load OAuth2 Proxy #}
 {% if not applications | is_feature_enabled('oauth2',application_id) %}
 {% include 'roles/docker-oauth2-proxy/templates/container.yml.j2' %}
 {% endif %}
 {{ "\n" }}
--- a/roles/docker-compose/templates/services/base.yml.j2
+++ b/roles/docker-compose/templates/services/base.yml.j2
--- a/roles/docker-container/templates/depends_on_dmbs.j2
+++ b/roles/docker-container/templates/depends_on_dmbs.j2
@ -0,0 +1,17 @@
 {# This template needs to be included in docker-compose.yml containers, which depend on a database, redis and optional additional volumes #}
 {% if applications | is_feature_enabled('central_database', application_id)
      and not (applications[application_id].docker.redis.enabled
               | default(false)
               | bool) %}
  depends_on: []
 {% else %}
  depends_on:
  {% if not applications | is_feature_enabled('central_database', application_id) %}
    database:
      condition: service_healthy
  {% endif %}
  {% if applications[application_id].docker.redis.enabled | default(false) | bool %}
    redis:
      condition: service_healthy
  {% endif %}
 {% endif %}
--- a/roles/docker-container/templates/healthcheck/curl.yml.j2
+++ b/roles/docker-container/templates/healthcheck/curl.yml.j2
@ -0,0 +1,9 @@
    healthcheck:
      test:
        - "CMD"
        - "curl"
        - "-f"
        - "http://127.0.0.1{{ (":" ~ container_port) if container_port is defined else '' }}/{{ container_healthcheck | default('') }}"
      interval: 1m
      timeout: 10s
      retries: 3
--- a/roles/docker-container/templates/healthcheck/msmtp_curl.yml.j2
+++ b/roles/docker-container/templates/healthcheck/msmtp_curl.yml.j2
--- a/roles/docker-container/templates/healthcheck/tcp.yml.j2
+++ b/roles/docker-container/templates/healthcheck/tcp.yml.j2
@ -0,0 +1,6 @@
    healthcheck:
      test:
        - "CMD"
        - "bash"
        - "-c"
        - "exec 3<>/dev/tcp/localhost/{{ container_port }} && echo -e 'GET /{{ container_healthcheck | default('') }} HTTP/1.1\\r\\nHost: localhost\\r\\nConnection: close\\r\\n\\r\\n' >&3 && cat <&3 | grep -q 'HTTP/1.1'"
--- a/roles/docker-container/templates/healthcheck/wget.yml.j2
+++ b/roles/docker-container/templates/healthcheck/wget.yml.j2
@ -0,0 +1,10 @@
    healthcheck:
      test: 
        - "CMD"
        - "wget"
        - "--spider"
        - "--proxy=off"
        - "http://127.0.0.1{{ (":" ~ container_port) if container_port is defined else '' }}/{{ container_healthcheck | default('') }}"
      interval: 1m
      timeout: 10s
      retries: 3
--- a/roles/docker-coturn/templates/docker-compose.yml.j2
+++ b/roles/docker-coturn/templates/docker-compose.yml.j2
@ -1,24 +1,18 @@
-services:
+{% include 'roles/docker-compose/templates/base.yml.j2' %}
 {% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %}
  application:
-{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
+{% include 'roles/docker-container/templates/base.yml.j2' %}
    image: "gitea/gitea:{{applications.gitea.version}}"
    ports:
-      - "127.0.0.1:{{ports.localhost.http[application_id]}}:3000"
+      - "127.0.0.1:{{ports.localhost.http[application_id]}}:{{ container_port }}"
      - "{{ports.public.ssh[application_id]}}:22"
    volumes:
      - data:/data
      - /etc/timezone:/etc/timezone:ro
      - /etc/localtime:/etc/localtime:ro
-    healthcheck:
+{% include 'roles/docker-container/templates/healthcheck/curl.yml.j2' %}
-      test: ["CMD", "curl", "-f", "http://127.0.0.1:3000"]
+
      interval: 1m
      timeout: 10s
      retries: 3
 {% include 'templates/docker/container/networks.yml.j2' %}
-{% include 'templates/docker/container/depends-on-just-database.yml.j2' %}
+{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %}
 {% include 'templates/docker/compose/volumes.yml.j2' %}
  data:
--- a/roles/docker-coturn/vars/main.yml
+++ b/roles/docker-coturn/vars/main.yml
@ -1,2 +1,3 @@
 application_id:     "coturn"
 container_port:   3000
 #database_type:      "mariadb"
--- a/roles/docker-discourse/templates/docker-compose.yml.j2
+++ b/roles/docker-discourse/templates/docker-compose.yml.j2
@ -1,8 +1,4 @@
-services:
+{% include 'roles/docker-compose/templates/base.yml.j2' %}
 {% include 'templates/docker/services/redis.yml.j2' %}
 {% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %}
 {% include 'templates/docker/compose/volumes.yml.j2' %}
  redis:
--- a/roles/docker-discourse/vars/configuration.yml
+++ b/roles/docker-discourse/vars/configuration.yml
@ -21,3 +21,9 @@ csp:
 domains:
  canonical:
    - "forum.{{ primary_domain }}"
 docker:
  services:
    database:
      enabled: true
    redis:
      enabled: true
--- a/roles/docker-elk/templates/docker-compose.yml.j2
+++ b/roles/docker-elk/templates/docker-compose.yml.j2
@ -1,4 +1,4 @@
-services:
+{% include 'roles/docker-compose/templates/base.yml.j2' %}
  elasticsearch:
    build:
      context: elasticsearch/
@ -61,5 +61,7 @@ services:
    depends_on:
      - elasticsearch
-volumes:
+{% include 'templates/docker/compose/volumes.yml.j2' %}
  elasticsearch:
 {% include 'templates/docker/compose/networks.yml.j2' %}
--- a/roles/docker-espocrm/templates/docker-compose.yml.j2
+++ b/roles/docker-espocrm/templates/docker-compose.yml.j2
@ -1,15 +1,11 @@
-services:
+{% include 'roles/docker-compose/templates/base.yml.j2' %}
 {% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %}
  web:
    image: "{{ applications[application_id].images.espocrm }}"
-{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
+{% include 'roles/docker-container/templates/base.yml.j2' %}
-    healthcheck:
+{% include 'roles/docker-container/templates/healthcheck/curl.yml.j2' %}
      test: ["CMD", "curl", "-f", "http://localhost/"]
    ports:
      - "127.0.0.1:{{ ports.localhost.http[application_id] }}:80"
-{% include 'templates/docker/container/depends-on-just-database.yml.j2' %}
+{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %}
 {% include 'templates/docker/container/networks.yml.j2' %}
    volumes:
      - data:/var/www/html
@ -35,7 +31,7 @@ services:
      - ESPOCRM_CONFIG_WEB_SOCKET_ZERO_M_Q_SUBSCRIBER_DSN=tcp://*:7777
      - ESPOCRM_CONFIG_WEB_SOCKET_ZERO_M_Q_SUBMISSION_DSN=tcp://websocket:7777
    entrypoint: docker-websocket.sh
-{% include 'templates/docker/container/depends-on-just-database.yml.j2' %}
+{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %}
 {% include 'templates/docker/container/networks.yml.j2' %}
    volumes:
      - data:/var/www/html
--- a/roles/docker-espocrm/vars/configuration.yml
+++ b/roles/docker-espocrm/vars/configuration.yml
@ -26,4 +26,8 @@ domains:
  aliases:
    - "crm.{{ primary_domain }}"
 email:
-  from_name: "Customer Relationship Management ({{ primary_domain }})"
+  from_name: "Customer Relationship Management ({{ primary_domain }})"
 docker:
  services:
    database:
      enabled: true
--- a/roles/docker-friendica/templates/docker-compose.yml.j2
+++ b/roles/docker-friendica/templates/docker-compose.yml.j2
@ -1,10 +1,7 @@
-services:
+{% include 'roles/docker-compose/templates/base.yml.j2' %}
 {% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %}
  application:
    image: "{{ applications[application_id].images.friendica }}"
-    {% include 'roles/docker-compose/templates/services/base.yml.j2' %}
+    {% include 'roles/docker-container/templates/base.yml.j2' %}
    volumes:
      - html:{{ friendica_application_base }}
      - data:/var/www/data # I assume that this one is unnessecarry
@ -12,10 +9,9 @@ services:
    ports:
      - "127.0.0.1:{{ports.localhost.http[application_id]}}:80"
-{% include 'roles/docker-compose/templates/services/msmtp_curl_test.yml.j2' %}
+{% include 'roles/docker-container/templates/healthcheck/msmtp_curl.yml.j2' %}
 {% include 'templates/docker/container/networks.yml.j2' %}
-{% include 'templates/docker/container/depends-on-just-database.yml.j2' %}
+{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %}
 {% include 'templates/docker/compose/volumes.yml.j2' %}
  data:
--- a/roles/docker-friendica/vars/configuration.yml
+++ b/roles/docker-friendica/vars/configuration.yml
@ -25,4 +25,8 @@ oauth2_proxy:
  port:               "80"
 addons:
  keycloakpassword:
-  ldapauth:
+  ldapauth:
 docker:
  services:
    database:
      enabled: true
--- a/roles/docker-funkwhale/templates/docker-compose.yml.j2
+++ b/roles/docker-funkwhale/templates/docker-compose.yml.j2
@ -1,8 +1,4 @@
-services:
+{% include 'roles/docker-compose/templates/base.yml.j2' %}
 {% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %}
 {% include 'templates/docker/services/redis.yml.j2' %}
  celeryworker:
    # Celery workers handle background tasks (such file imports or federation
    # messaging). The more processes a worker gets, the more tasks
@ -12,7 +8,7 @@ services:
    # of CPUs. You can adjust this, by explicitly setting the --concurrency
    # flag:
    #   celery -A funkwhale_api.taskapp worker -l INFO --concurrency=4
-{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
+{% include 'roles/docker-container/templates/base.yml.j2' %}
    image: "{{ applications | get_docker_image(application_id,'api') }}"
    command: celery -A funkwhale_api.taskapp worker -l INFO --concurrency={{celeryd_concurrency}}
    environment:
@ -20,18 +16,18 @@ services:
    volumes:
      - "data:{{funkwhale_media_root}}"
      - "music:{{funkwhale_music_directory_path}}:ro"
-{% include 'templates/docker/container/depends-on-database-redis.yml.j2' %}
+{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %}
 {% include 'templates/docker/container/networks.yml.j2' %}
  celerybeat:
-{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
+{% include 'roles/docker-container/templates/base.yml.j2' %}
    image: "{{ applications | get_docker_image(application_id,'api') }}"
    command: celery -A funkwhale_api.taskapp beat --pidfile= -l INFO
-{% include 'templates/docker/container/depends-on-database-redis.yml.j2' %}
+{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %}
 {% include 'templates/docker/container/networks.yml.j2' %}
  api:
-{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
+{% include 'roles/docker-container/templates/base.yml.j2' %}
    image: "{{ applications | get_docker_image(application_id,'api') }}"
    volumes:
      - "music:{{funkwhale_music_directory_path}}:ro"
@ -39,11 +35,11 @@ services:
      - "funkwhale_static_root:{{funkwhale_static_root}}"
    ports:
      - "{{ funkwhale_docker_api_port }}"
-{% include 'templates/docker/container/depends-on-database-redis.yml.j2' %}
+{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %}
 {% include 'templates/docker/container/networks.yml.j2' %}
  front:
-{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
+{% include 'roles/docker-container/templates/base.yml.j2' %}
    image: "{{ applications | get_docker_image(application_id,'front') }}"
    depends_on:
      - api
@ -56,7 +52,7 @@ services:
      - "127.0.0.1:{{ports.localhost.http[application_id]}}:80"
  typesense:
-{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
+{% include 'roles/docker-container/templates/base.yml.j2' %}
    image: "{{ applications[application_id].docker.images.typesense }}"
    volumes:
      - ./typesense/data:/data
--- a/roles/docker-funkwhale/vars/configuration.yml
+++ b/roles/docker-funkwhale/vars/configuration.yml
@ -7,6 +7,11 @@ docker:
    api:        "funkwhale/api"
    front:      "funkwhale/front"
    typesense:  "typesense/typesense"
  services:
    redis:
      enabled: true
    database:
      enabled: true
 features:
  matomo:             true
  css:                false
--- a/roles/docker-fusiondirectory/templates/docker-compose.yml.j2
+++ b/roles/docker-fusiondirectory/templates/docker-compose.yml.j2
@ -1,20 +1,4 @@
-services:
+{% include 'roles/docker-compose/templates/base.yml.j2' %}
 {% include 'roles/docker-oauth2-proxy/templates/container.yml.j2' %}
  application:
    container_name: {{ application_id }}
    image: ghcr.io/ldapaccountmanager/lam:{{applications[application_id].version}}
    ports:
      - 127.0.0.1:{{ports.localhost.http[application_id]}}:80 
 {% include 'roles/docker-compose/templates/services/base.yml.j2' %}
 {% include 'templates/docker/container/networks.yml.j2' %}
 {# include 'templates/docker/compose/volumes.yml.j2' #}
 {% include 'templates/docker/compose/networks.yml.j2' %}
 services:
  fusiondirectory:
    image: tiredofit/fusiondirectory:latest
    container_name: fusiondirectory
@ -39,5 +23,7 @@ services:
      - fusiondirectory_data:/assets/fusiondirectory
    restart: always
-volumes:
+{% include 'templates/docker/compose/volumes.yml.j2' %}
  fusiondirectory_data:
 {% include 'templates/docker/compose/networks.yml.j2' %}
--- a/roles/docker-gitea/templates/docker-compose.yml.j2
+++ b/roles/docker-gitea/templates/docker-compose.yml.j2
@ -1,26 +1,18 @@
-services:
+{% include 'roles/docker-compose/templates/base.yml.j2' %}
 {% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %}
 {% include 'roles/docker-oauth2-proxy/templates/container.yml.j2' %}
  application:
-{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
+{% include 'roles/docker-container/templates/base.yml.j2' %}
    image: "{{ applications[application_id].images.gitea }}"
    ports:
-      - "127.0.0.1:{{ports.localhost.http[application_id]}}:3000"
+      - "127.0.0.1:{{ports.localhost.http[application_id]}}:{{ container_port }}"
      - "{{ports.public.ssh[application_id]}}:22"
    volumes:
      - data:/data
      - /etc/timezone:/etc/timezone:ro
      - /etc/localtime:/etc/localtime:ro
-    healthcheck:
+{% include 'roles/docker-container/templates/healthcheck/curl.yml.j2' %}
      test: ["CMD", "curl", "-f", "http://127.0.0.1:3000"]
      interval: 1m
      timeout: 10s
      retries: 3
 {% include 'templates/docker/container/networks.yml.j2' %}
-{% include 'templates/docker/container/depends-on-just-database.yml.j2' %}
+{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %}
 {% include 'templates/docker/compose/volumes.yml.j2' %}
  data:
--- a/roles/docker-gitea/vars/configuration.yml
+++ b/roles/docker-gitea/vars/configuration.yml
@ -36,4 +36,8 @@ csp:
      - "data:"
 domains:
  aliases:
-    - "git.{{ primary_domain }}"
+    - "git.{{ primary_domain }}"
 docker:
  services:
    database:
      enabled: true
--- a/roles/docker-gitea/vars/main.yml
+++ b/roles/docker-gitea/vars/main.yml
@ -1,4 +1,5 @@
 application_id:     "gitea"
 container_port:   3000
 database_type:      "mariadb"
 gitea_ldap_auth_args:
  - '--name "LDAP ({{ primary_domain }})"'
--- a/roles/docker-gitlab/templates/docker-compose.yml.j2
+++ b/roles/docker-gitlab/templates/docker-compose.yml.j2
@ -1,13 +1,9 @@
-services:
+{% include 'roles/docker-compose/templates/base.yml.j2' %}
 {% include 'templates/docker/services/redis.yml.j2' %}
 {% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %}
  web:
    image: "{{ applications[application_id].images.gitlab }}"
    hostname: '{{domains | get_domain(application_id)}}'
-{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
+{% include 'roles/docker-container/templates/base.yml.j2' %}
    ports:
      - "127.0.0.1:{{ports.localhost.http[application_id]}}:80"
      - "{{ports.public.ssh[application_id]}}:22"
@ -16,13 +12,13 @@ services:
      - 'logs:/var/log/gitlab'
      - 'data:/var/opt/gitlab'
    shm_size: '256m'
-{% include 'templates/docker/container/depends-on-database-redis.yml.j2' %}
+{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %}
 {% include 'templates/docker/container/networks.yml.j2' %}
 {% include 'templates/docker/compose/networks.yml.j2' %}
 {% include 'templates/docker/compose/volumes.yml.j2' %}
  redis:
  config:
  logs:
  data:
 {% include 'templates/docker/compose/networks.yml.j2' %}
--- a/roles/docker-gitlab/vars/configuration.yml
+++ b/roles/docker-gitlab/vars/configuration.yml
@ -4,4 +4,10 @@ features:
  matomo:             true
  css:                true
  portfolio_iframe:   true
-  central_database:   true
+  central_database:   true
 docker:
  services:
    redis:
      enabled: true
    database: 
      enabled: true
--- a/roles/docker-joomla/templates/docker-compose.yml.j2
+++ b/roles/docker-joomla/templates/docker-compose.yml.j2
@ -1,16 +1,13 @@
-services:
+{% include 'roles/docker-compose/templates/base.yml.j2' %}
 {% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %}
  application:
    image: "{{ applications[application_id].images.joomla }}"
-{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
+{% include 'roles/docker-container/templates/base.yml.j2' %}
    volumes:
      - data:/var/www/html
    ports:
      - "127.0.0.1:{{ports.localhost.http[application_id]}}:80"
 {% include 'templates/docker/container/networks.yml.j2' %}
-{% include 'templates/docker/container/depends-on-just-database.yml.j2' %}
+{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %}
 {% include 'templates/docker/compose/volumes.yml.j2' %}
  data:
--- a/roles/docker-joomla/vars/configuration.yml
+++ b/roles/docker-joomla/vars/configuration.yml
@ -4,6 +4,11 @@ features:
  matomo:             true
  css:                true
  portfolio_iframe:   true
  central_database:   true
 domains:
  canonical:
-    - "cms.{{ primary_domain }}"
+    - "cms.{{ primary_domain }}"
 docker:
  services:
    database:
      enabled: true
--- a/roles/docker-keycloak/templates/docker-compose.yml.j2
+++ b/roles/docker-keycloak/templates/docker-compose.yml.j2
@ -1,22 +1,18 @@
-services:
+{% include 'roles/docker-compose/templates/base.yml.j2' %}
 {% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %}
  application:
    image: "{{ applications[application_id].images.keycloak }}"
    container_name: {{container_name}}
    command: start {% if applications[application_id].import_realm | bool %}--import-realm{% endif %}
-    {% include 'roles/docker-compose/templates/services/base.yml.j2' %}
+    {% include 'roles/docker-container/templates/base.yml.j2' %}
    ports:
      - "{{ keycloak_server_host }}:8080"
    volumes:
      - "{{import_directory_host}}:{{import_directory_docker}}"
-{% include 'templates/docker/container/depends-on-just-database.yml.j2' %}
+{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %}
 {% include 'templates/docker/container/networks.yml.j2' %}
-    healthcheck:
+{% set container_port = 9000 %}
-      test: ["CMD", "sh", "-c", "exec 3<>/dev/tcp/localhost/9000 && echo -e 'GET /health/live HTTP/1.1\\r\\nHost: {{domains | get_domain('keycloak')}}\\r\\nConnection: close\\r\\n\\r\\n' >&3 && cat <&3"]
+{% set container_healthcheck = 'health/live' %}
-      interval: 30s
+{% include 'roles/docker-container/templates/healthcheck/tcp.yml.j2' %}
      timeout: 10s
      retries: 3
 {% include 'templates/docker/compose/networks.yml.j2' %}
--- a/roles/docker-keycloak/vars/configuration.yml
+++ b/roles/docker-keycloak/vars/configuration.yml
@ -25,3 +25,7 @@ scopes:
  nextcloud:  nextcloud
 rbac_groups:  "/rbac"
 docker:
  services:
    database:
      enabled: true
--- a/roles/docker-lam/templates/docker-compose.yml.j2
+++ b/roles/docker-lam/templates/docker-compose.yml.j2
@ -1,15 +1,11 @@
-services:
+{% include 'roles/docker-compose/templates/base.yml.j2' %}
 {% include 'roles/docker-oauth2-proxy/templates/container.yml.j2' %}
  application:
    container_name: {{ application_id }}
    image: "{{ applications[application_id].images.lam }}"
    ports:
      - 127.0.0.1:{{ports.localhost.http[application_id]}}:80 
-{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
+{% include 'roles/docker-container/templates/base.yml.j2' %}
 {% include 'templates/docker/container/networks.yml.j2' %}
-{# include 'templates/docker/compose/volumes.yml.j2' #}
+{% include 'templates/docker/compose/networks.yml.j2' %}
 {% include 'templates/docker/compose/networks.yml.j2' %}
--- a/roles/docker-ldap/templates/docker-compose.yml.j2
+++ b/roles/docker-ldap/templates/docker-compose.yml.j2
@ -1,11 +1,9 @@
-services:
+{% include 'roles/docker-compose/templates/base.yml.j2' %}
 {% include 'roles/docker-oauth2-proxy/templates/container.yml.j2' %}
  application:
    image: "{{ applications[application_id].images.openldap }}"
    container_name: {{ applications[application_id].hostname }}
-{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
+{% include 'roles/docker-container/templates/base.yml.j2' %}
 {% if applications[application_id].network.public | bool or applications[application_id].network.local | bool %}
    ports:
      - 127.0.0.1:{{ports.localhost.ldap.ldap}}:{{ldap_docker_port}}  # Expose just on localhost so that nginx stream proxy can use it
@ -27,4 +25,4 @@ services:
 {% include 'templates/docker/compose/volumes.yml.j2' %}
  data:
-{% include 'templates/docker/compose/networks.yml.j2' %}
+{% include 'templates/docker/compose/networks.yml.j2' %}
--- a/roles/docker-listmonk/templates/config.toml.j2
+++ b/roles/docker-listmonk/templates/config.toml.j2
@ -3,7 +3,7 @@
 # of localhost will only listen to connections from the current machine. To
 # listen on all interfaces use '0.0.0.0'. To listen on the default web address
 # port, use port 80 (this will require running with elevated permissions).
-address = "0.0.0.0:9000"
+address = "0.0.0.0:{{ container_port }}"
 # Database.
 [db]
--- a/roles/docker-listmonk/templates/docker-compose.yml.j2
+++ b/roles/docker-listmonk/templates/docker-compose.yml.j2
@ -1,18 +1,15 @@
-services:
+{% include 'roles/docker-compose/templates/base.yml.j2' %}
 {% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %}
  application:
-{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
+{% set container_healthcheck = 'health' %}
 {% include 'roles/docker-container/templates/base.yml.j2' %}
    image: "{{ applications[application_id].images.listmonk }}"
    ports:
-      - "127.0.0.1:{{ports.localhost.http[application_id]}}:9000"
+      - "127.0.0.1:{{ports.localhost.http[application_id]}}:{{ container_port }}"
    volumes:
      - {{docker_compose.directories.config}}config.toml:/listmonk/config.toml
 {% include 'templates/docker/container/networks.yml.j2' %}
-{% include 'templates/docker/container/depends-on-just-database.yml.j2' %}
+{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %}
-    healthcheck:
+{% include 'roles/docker-container/templates/healthcheck/wget.yml.j2' %}
      test: ['CMD-SHELL', 'wget -q --spider --proxy=off localhost:9000/health || exit 1']
 {% include 'templates/docker/compose/volumes-just-database.yml.j2' %}
--- a/roles/docker-listmonk/vars/configuration.yml
+++ b/roles/docker-listmonk/vars/configuration.yml
@ -10,4 +10,8 @@ features:
  oidc:                     true
 domains:
  canonical:
-    - "newsletter.{{ primary_domain }}"
+    - "newsletter.{{ primary_domain }}"
 docker:
  services:
    database:
      enabled: true
--- a/roles/docker-listmonk/vars/main.yml
+++ b/roles/docker-listmonk/vars/main.yml
@ -1,5 +1,6 @@
-application_id:      "listmonk"
+application_id: "listmonk"
-database_type:      "postgres"
+database_type:  "postgres"
 container_port: "9000"
 listmonk_settings:
  - key: "app.root_url"
--- a/roles/docker-mailu/templates/docker-compose.yml.j2
+++ b/roles/docker-mailu/templates/docker-compose.yml.j2
@ -1,19 +1,15 @@
-services:
+{% include 'roles/docker-compose/templates/base.yml.j2' %}
 {% include 'templates/docker/services/redis.yml.j2' %}
 {% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %}
  # Core services
  resolver:
    image: {{docker_source}}/unbound:{{applications.mailu.version}}
-{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
+{% include 'roles/docker-container/templates/base.yml.j2' %}
 {% include 'templates/docker/container/networks.yml.j2' %}
        ipv4_address: {{networks.local.mailu.dns}}
  front:
    image: {{docker_source}}/nginx:{{applications.mailu.version}}
-{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
+{% include 'roles/docker-container/templates/base.yml.j2' %}
    ports:
      - "127.0.0.1:{{ports.localhost.http[application_id]}}:80"
      - "{{networks.internet.ip4}}:25:25"
@ -27,7 +23,7 @@ services:
    volumes:
      - "{{docker_compose.directories.volumes}}overrides/nginx:/overrides:ro"
      - "{{cert_mount_directory}}:/certs:ro"
-{% include 'templates/docker/container/depends-on-also-database.yml.j2' %}
+{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %}
      resolver:
        condition: service_started
 {% include 'templates/docker/container/networks.yml.j2' %}
@ -38,11 +34,11 @@ services:
  admin:
    image: {{docker_source}}/admin:{{applications.mailu.version}}
-{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
+{% include 'roles/docker-container/templates/base.yml.j2' %}
    volumes:
      - "admin_data:/data"
      - "dkim:/dkim"
-{% include 'templates/docker/container/depends-on-database-redis.yml.j2' %}
+{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %}
      resolver:
        condition: service_started
      front:
@ -53,7 +49,7 @@ services:
  imap:
    image: {{docker_source}}/dovecot:{{applications.mailu.version}}
-{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
+{% include 'roles/docker-container/templates/base.yml.j2' %}
    volumes:
      - "dovecot_mail:/mail"
      - "{{docker_compose.directories.volumes}}overrides:/overrides:ro"
@ -66,7 +62,7 @@ services:
  smtp:
    image: {{docker_source}}/postfix:{{applications.mailu.version}}
-{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
+{% include 'roles/docker-container/templates/base.yml.j2' %}
    volumes:
      - "{{docker_compose.directories.volumes}}overrides:/overrides:ro"
      - "smtp_queue:/queue"
@ -90,7 +86,7 @@ services:
  antispam:
    image: {{docker_source}}/rspamd:{{applications.mailu.version}}
-{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
+{% include 'roles/docker-container/templates/base.yml.j2' %}
    volumes:
      - "filter:/var/lib/rspamd"
      - "dkim:/dkim"
@ -109,7 +105,7 @@ services:
  # Optional services
  antivirus:
    image: clamav/clamav-debian:latest
-{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
+{% include 'roles/docker-container/templates/base.yml.j2' %}
    volumes:
      - "filter:/data"
    depends_on:
@ -120,7 +116,7 @@ services:
  webdav:
    image: {{docker_source}}/radicale:{{applications.mailu.version}}
-{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
+{% include 'roles/docker-container/templates/base.yml.j2' %}
    volumes:
      - "webdav_data:/data"
    depends_on:
@ -134,7 +130,7 @@ services:
    image: {{docker_source}}/fetchmail:{{applications.mailu.version}}
    volumes:
      - "admin_data:/data"
-{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
+{% include 'roles/docker-container/templates/base.yml.j2' %}
    depends_on:
      - admin
      - smtp
@ -146,7 +142,7 @@ services:
  webmail:
    image: {{docker_source}}/webmail:{{applications.mailu.version}}
-{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
+{% include 'roles/docker-container/templates/base.yml.j2' %}
    volumes:
      - "webmail_data:/data"
      - "{{docker_compose.directories.volumes}}overrides:/overrides:ro"
--- a/roles/docker-mailu/vars/configuration.yml
+++ b/roles/docker-mailu/vars/configuration.yml
@ -26,4 +26,9 @@ rbac:
  roles:
    mail-bot:
      description: "Has an token to send and recieve emails"
-    
+docker:
  services:
    redis:
      enabled: true
    database: 
      enabled: true
--- a/roles/docker-mastodon/templates/docker-compose.yml.j2
+++ b/roles/docker-mastodon/templates/docker-compose.yml.j2
@ -1,38 +1,36 @@
-services:
+{% include 'roles/docker-compose/templates/base.yml.j2' %}
 {% include 'templates/docker/services/redis.yml.j2' %}
 {% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %}
  web:
 {% set container_port = 3000 %}
 {% set container_healthcheck = 'health' %}
    image: "{{ applications[application_id].images[application_id] }}"
-{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
+{% include 'roles/docker-container/templates/base.yml.j2' %}
-    command: bash -c "rm -f /mastodon/tmp/pids/server.pid; bundle exec rails s -p 3000"
+    command: bash -c "rm -f /mastodon/tmp/pids/server.pid; bundle exec rails s -p {{ container_port }}"
-    healthcheck:
+{% include 'roles/docker-container/templates/healthcheck/wget.yml.j2' %}
      test: ['CMD-SHELL', 'wget -q --spider --proxy=off localhost:3000/health || exit 1']
    ports:
-      - "127.0.0.1:{{ports.localhost.http[application_id]}}:3000"
+      - "127.0.0.1:{{ports.localhost.http[application_id]}}:{{ container_port }}"
-{% include 'templates/docker/container/depends-on-database-redis.yml.j2' %}
+{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %}
    volumes:
      - data:/mastodon/public/system
 {% include 'templates/docker/container/networks.yml.j2' %}
  streaming:
 {% set container_port = 4000 %}
 {% set container_healthcheck = 'api/v1/streaming/health' %}
    image: "{{ applications[application_id].images.streaming }}"
-{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
+{% include 'roles/docker-container/templates/base.yml.j2' %}
    command: node ./streaming
-    healthcheck:
+{% include 'roles/docker-container/templates/healthcheck/wget.yml.j2' %}
      test: ['CMD-SHELL', 'wget -q --spider --proxy=off localhost:4000/api/v1/streaming/health || exit 1']
    ports:
-      - "127.0.0.1:{{ports.localhost.websocket[application_id]}}:4000"
+      - "127.0.0.1:{{ports.localhost.websocket[application_id]}}:{{ container_port }}"
-{% include 'templates/docker/container/depends-on-database-redis.yml.j2' %}
+{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %}
 {% include 'templates/docker/container/networks.yml.j2' %}
  sidekiq:
    image: "{{ applications[application_id].images.mastodon }}"
-{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
+{% include 'roles/docker-container/templates/base.yml.j2' %}
    command: bundle exec sidekiq
-{% include 'templates/docker/container/depends-on-database-redis.yml.j2' %}
+{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %}
    volumes:
      - data:/mastodon/public/system
    healthcheck:
--- a/roles/docker-mastodon/vars/configuration.yml
+++ b/roles/docker-mastodon/vars/configuration.yml
@ -16,4 +16,10 @@ domains:
 csp:
  whitelist:
    frame-src:
-      - "*"
+      - "*"
 docker:
  services:
    redis:
      enabled: true
    database: 
      enabled: true
--- a/roles/docker-matomo/templates/docker-compose.yml.j2
+++ b/roles/docker-matomo/templates/docker-compose.yml.j2
@ -1,22 +1,15 @@
-services:
+{% include 'roles/docker-compose/templates/base.yml.j2' %}
 {% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %}
  application:
-{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
+{% set container_port = 80 %}
 {% include 'roles/docker-container/templates/base.yml.j2' %}
    image: "{{ applications[application_id].images[application_id] }}"
    ports:
-      - "127.0.0.1:{{ports.localhost.http[application_id]}}:80"
+      - "127.0.0.1:{{ports.localhost.http[application_id]}}:{{ container_port }}"
    volumes:
      - data:/var/www/html
-{% include 'templates/docker/container/depends-on-just-database.yml.j2' %}
+{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %}
 {% include 'templates/docker/container/networks.yml.j2' %}
-    healthcheck:
+{% include 'roles/docker-container/templates/healthcheck/tcp.yml.j2' %}
      test: ["CMD", "bash", "-c", "exec 3<>/dev/tcp/localhost/80 && echo -e 'GET / HTTP/1.1\\r\\nHost: localhost\\r\\nConnection: close\\r\\n\\r\\n' >&3 && cat <&3 | grep -q 'HTTP/1.1'"]
      interval: 30s
      timeout: 10s
      retries: 3
 {% include 'templates/docker/compose/volumes.yml.j2' %}
  data:
--- a/roles/docker-matomo/vars/configuration.yml
+++ b/roles/docker-matomo/vars/configuration.yml
@ -24,4 +24,9 @@ csp:
 domains:
  aliases:
    - "analytics.{{ primary_domain }}"
-excluded_ips: "{{ networks.internet.values() | list }}"
+excluded_ips: "{{ networks.internet.values() | list }}"
 docker:
  services:
    database:
      enabled: true
--- a/roles/docker-matrix/templates/docker-compose.yml.j2
+++ b/roles/docker-matrix/templates/docker-compose.yml.j2
@ -1,8 +1,6 @@
-services:
+{% include 'roles/docker-compose/templates/base.yml.j2' %}
 {% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %}
  synapse:
 {% set container_port = 8008 %}
    image: "{{ applications[application_id].images.synapse }}"
    container_name: matrix-synapse
    restart: {{docker_restart_policy}}
@ -19,35 +17,27 @@ services:
      - SYNAPSE_SERVER_NAME={{domains.matrix.synapse}}
      - SYNAPSE_REPORT_STATS=no
    ports:
-      - "127.0.0.1:{{ports.localhost.http.synapse}}:8008"
+      - "127.0.0.1:{{ports.localhost.http.synapse}}:{{ container_port }}"
-    healthcheck:
+{% include 'roles/docker-container/templates/healthcheck/curl.yml.j2' %}
      test: ["CMD", "curl", "-f", "http://localhost:8008/"]
      interval: 1m
      timeout: 10s
      retries: 3
 {% if bridges | length > 0 %}
 {% include 'templates/docker/container/depends-on-also-database.yml.j2' %}
 {% for item in bridges %}
      mautrix-{{item.bridge_name}}:
        condition: service_healthy
 {% endfor %}
 {% else %}
 {% include 'templates/docker/container/depends-on-just-database.yml.j2' %}
 {% endif %}
 {% include 'roles/docker-container/templates/depends_on_dmbs.j2' %}
 {% include 'templates/docker/container/networks.yml.j2' %}
  element:
 {% set container_port = 80 %}
    image: "{{ applications[application_id].images.element }}"
    container_name: matrix-element
    restart: {{docker_restart_policy}}
    volumes:
      - ./element-config.json:/app/config.json
    ports:
-      - "127.0.0.1:{{ports.localhost.http.element}}:80"
+      - "127.0.0.1:{{ports.localhost.http.element}}:{{ container_port }}"
-    healthcheck:
+{% include 'roles/docker-container/templates/healthcheck/wget.yml.j2' %}
      test: ["CMD", "wget", "--spider", "-q", "http://localhost:80/"]
      interval: 1m
      timeout: 10s
      retries: 3
 {% include 'templates/docker/container/networks.yml.j2' %}
 {% for item in bridges %}
--- a/roles/docker-matrix/vars/configuration.yml
+++ b/roles/docker-matrix/vars/configuration.yml
@ -1,3 +1,7 @@
 docker:
  services:
    database:
      enabled: true
 images:
  synapse:            "matrixdotorg/synapse:latest"
  element:            "vectorim/element-web:latest"
--- a/roles/docker-mediawiki/templates/docker-compose.yml.j2
+++ b/roles/docker-mediawiki/templates/docker-compose.yml.j2
@ -1,18 +1,16 @@
-services:
+{% include 'roles/docker-compose/templates/base.yml.j2' %}
-
+  application:
-{% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %}
+    # Seems like image tag got lost. @todo Check and implement if necessary
-      application:
+      log_driver: journald
-      # Seems like image tag got lost. @todo Check and implement if necessary
+      restart: "{{docker_restart_policy}}"
-        log_driver: journald
+      depends_on:
-        restart: "{{docker_restart_policy}}"
+        - database
-        depends_on:
+      volumes:
-          - database
+        - "mediawiki-data:/var/www/html/"
-        volumes:
+      ports:
-          - "mediawiki-data:/var/www/html/"
+        - "127.0.0.1:{{ports.localhost.http[application_id]}}:80"
        ports:
          - "127.0.0.1:{{ports.localhost.http[application_id]}}:80"
 {% include 'templates/docker/container/networks.yml.j2' %}
-{% include 'templates/docker/container/depends-on-just-database.yml.j2' %}
+{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %}
 {% include 'templates/docker/compose/volumes.yml.j2' %}
  data:
--- a/roles/docker-mobilizon/templates/docker-compose.yml.j2
+++ b/roles/docker-mobilizon/templates/docker-compose.yml.j2
@ -1,21 +1,14 @@
-services:
+{% include 'roles/docker-compose/templates/base.yml.j2' %}
 {% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %}
  application:
    image: "{{ applications[application_id].images[application_id] }}"
    volumes:
      - uploads:/var/lib/mobilizon/uploads
      - {{ mobilizon_host_conf_exs_file }}:/etc/mobilizon/config.exs:ro
    ports:
-      - "127.0.0.1:{{ ports.localhost.http[application_id] }}:{{ mobilizon_exposed_docker_port }}"
+      - "127.0.0.1:{{ ports.localhost.http[application_id] }}:{{ container_port }}"
-    healthcheck:
+{% include 'roles/docker-container/templates/healthcheck/curl.yml.j2' %}
-      test: ["CMD", "curl", "-f", "http://127.0.0.1:{{ mobilizon_exposed_docker_port }}"]
+{% include 'roles/docker-container/templates/base.yml.j2' %}
-      interval: 30s
+{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %}
      timeout: 10s
      retries: 3
 {% include 'roles/docker-compose/templates/services/base.yml.j2' %}
 {% include 'templates/docker/container/depends-on-just-database.yml.j2' %}
 {% include 'templates/docker/container/networks.yml.j2' %}
 {% include 'templates/docker/compose/volumes.yml.j2' %}
--- a/roles/docker-mobilizon/templates/env.j2
+++ b/roles/docker-mobilizon/templates/env.j2
@ -15,7 +15,7 @@ MOBILIZON_INSTANCE_HOST={{ domains | get_domain(application_id) }}
 # MOBILIZON_INSTANCE_LISTEN_IP
 # The port to listen on (defaults to 4000). Point your reverse proxy on this port.
-MOBILIZON_INSTANCE_PORT={{ mobilizon_exposed_docker_port }}
+MOBILIZON_INSTANCE_PORT={{ container_port }}
 # Whether registrations are opened or closed. Can be changed in the admin settings UI as well.
 # Make sure to moderate actively your instance if registrations are opened.
--- a/roles/docker-mobilizon/vars/configuration.yml
+++ b/roles/docker-mobilizon/vars/configuration.yml
@ -15,4 +15,8 @@ domains:
  canonical:
    - "event.{{ primary_domain }}"
  aliases:
-    - "events.{{ primary_domain }}"
+    - "events.{{ primary_domain }}"
 docker:
  services:
    database:
      enabled: true
--- a/roles/docker-mobilizon/vars/main.yml
+++ b/roles/docker-mobilizon/vars/main.yml
@ -4,5 +4,5 @@ database_type:                  "postgres"
 database_gis_enabled:           true
 mobilizon_oidc_callback_url:    "{{ domains | get_url(application_id, web_protocol) }}/auth/openid_connect/callback"
-mobilizon_exposed_docker_port:  4000
+container_port:  4000
 mobilizon_host_conf_exs_file:   "{{docker_compose.directories.config}}config.exs"
--- a/roles/docker-moodle/templates/docker-compose.yml.j2
+++ b/roles/docker-moodle/templates/docker-compose.yml.j2
@ -1,24 +1,20 @@
-services:
+{% include 'roles/docker-compose/templates/base.yml.j2' %}
 {% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %}
  moodle:
 {% set container_port = 8008 %}
    container_name: {{ container_name }}
    build:
      context: .
      dockerfile: Dockerfile
    image: moodle_custom
    ports:
-      - 127.0.0.1:{{ports.localhost.http[application_id]}}:8080
+      - 127.0.0.1:{{ports.localhost.http[application_id]}}:{{ container_port }}
-{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
+{% include 'roles/docker-container/templates/base.yml.j2' %}
    volumes:
      - 'code:{{ bitnami_code_link }}'
      - 'data:{{ bitnami_data_dir }}'
-    healthcheck:
+{% include 'roles/docker-container/templates/healthcheck/tcp.yml.j2' %}
-      test: ["CMD", "bash", "-c", "exec 3<>/dev/tcp/localhost/8080 && echo -e 'GET / HTTP/1.1\\r\\nHost: localhost\\r\\nConnection: close\\r\\n\\r\\n' >&3 && cat <&3 | grep -q 'HTTP/1.1'"]
+{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %}
      interval: 30s
      timeout: 10s
      retries: 3
 {% include 'templates/docker/container/depends-on-just-database.yml.j2' %}
 {% include 'templates/docker/container/networks.yml.j2' %}
 {% include 'templates/docker/compose/volumes.yml.j2' %}
--- a/roles/docker-moodle/vars/configuration.yml
+++ b/roles/docker-moodle/vars/configuration.yml
@ -24,4 +24,8 @@ csp:
      - "https://cdn.jsdelivr.net"
 domains:
  canonical:
-    - "academy.{{ primary_domain }}"
+    - "academy.{{ primary_domain }}"
 docker:
  services:
    database:
      enabled: true
--- a/roles/docker-mybb/templates/docker-compose.yml.j2
+++ b/roles/docker-mybb/templates/docker-compose.yml.j2
@ -1,7 +1,4 @@
-services:
+{% include 'roles/docker-compose/templates/base.yml.j2' %}
 {% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %}
  application:
    logging:
      driver: journald
@ -11,7 +8,7 @@ services:
    restart: {{docker_restart_policy}}
    volumes:
      - data:/var/www/html
-{% include 'templates/docker/container/depends-on-just-database.yml.j2' %}
+{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %}
 {% include 'templates/docker/container/networks.yml.j2' %}
  server:
--- a/roles/docker-mybb/vars/configuration.yml
+++ b/roles/docker-mybb/vars/configuration.yml
@ -3,5 +3,10 @@ version:              "latest"
 features:
  matomo:             true
  css:                true
-  portfolio_iframe:   false
+  portfolio_iframe:   true
-  central_database:   true
+  central_database:   true
 docker:
  services:
    database:
      enabled: true
--- a/roles/docker-nextcloud/templates/docker-compose.yml.j2
+++ b/roles/docker-nextcloud/templates/docker-compose.yml.j2
@ -1,8 +1,4 @@
-services:
+{% include 'roles/docker-compose/templates/base.yml.j2' %}
 {% include 'templates/docker/services/redis.yml.j2' %}
 {% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %}
  application:
    image: "nextcloud:{{applications.nextcloud.version}}-fpm-alpine"
@ -15,8 +11,8 @@ services:
      interval: 1m
      timeout: 10s
      retries: 3
-{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
+{% include 'roles/docker-container/templates/base.yml.j2' %}
-{% include 'templates/docker/container/depends-on-database-redis.yml.j2' %}
+{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %}
 {% include 'templates/docker/container/networks.yml.j2' %}
        ipv4_address: 192.168.102.69
@ -49,16 +45,13 @@ services:
      driver: journald
    restart: {{docker_restart_policy}}
    ports:
-      - "127.0.0.1:{{ports.localhost.http[application_id]}}:80"
+      - "127.0.0.1:{{ports.localhost.http[application_id]}}:{{ container_port }}"
    volumes:
        - "{{docker_compose.directories.volumes}}nginx.conf:/etc/nginx/nginx.conf:ro"
    volumes_from:
      - application
-    healthcheck:
+
-      test: ["CMD", "curl", "-f", "http://localhost:80/"]
+{% include 'roles/docker-container/templates/healthcheck/curl.yml.j2' %}
      interval: 1m
      timeout: 10s
      retries: 3
    networks:
      default:
        ipv4_address: 192.168.102.67
@ -77,7 +70,7 @@ services:
      interval: 1m
      timeout: 10s
      retries: 3
-{% include 'templates/docker/container/depends-on-database-redis.yml.j2' %}
+{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %}
 {% include 'templates/docker/container/networks.yml.j2' %}
        ipv4_address: 192.168.102.70
--- a/roles/docker-nextcloud/vars/configuration.yml
+++ b/roles/docker-nextcloud/vars/configuration.yml
@ -11,7 +11,12 @@ csp:
 domains:
  canonical:
    - "cloud.{{ primary_domain }}"
-
+docker:
  services:
    redis:
      enabled: true
    database: 
      enabled: true
 oidc:
  enabled:                    "{{ applications.nextcloud.features.oidc | default(true) }}"      # Activate OIDC for Nextcloud
  # floavor decides which OICD plugin should be used. 
--- a/roles/docker-nextcloud/vars/main.yml
+++ b/roles/docker-nextcloud/vars/main.yml
@ -1,6 +1,7 @@
 ---
 # General
 application_id:                                     "nextcloud"                                                   # Application identifier
 container_port:                                   80
 # Database
 database_password:                                  "{{applications.nextcloud.credentials.database_password}}"    # Database password
--- a/roles/docker-openproject/templates/docker-compose.yml.j2
+++ b/roles/docker-openproject/templates/docker-compose.yml.j2
@ -7,18 +7,15 @@ x-op-app: &app
    context: .
    dockerfile: Dockerfile
-services:
+{% include 'roles/docker-compose/templates/base.yml.j2' %}
 {% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %}
 {% include 'roles/docker-oauth2-proxy/templates/container.yml.j2' %}
  cache:
    image: memcached
    container_name: openproject-memcached
-{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
+{% include 'roles/docker-container/templates/base.yml.j2' %}
  proxy:
-{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
+{% include 'roles/docker-container/templates/base.yml.j2' %}
    image: {{custom_openproject_image}}
    container_name: openproject-proxy
    command: "./docker/prod/proxy"
@ -34,32 +31,29 @@ services:
  web:
    <<: *app
-{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
+{% include 'roles/docker-container/templates/base.yml.j2' %}
    command: "./docker/prod/web"
    container_name: openproject-web
 {% include 'templates/docker/container/networks.yml.j2' %}
-{% include 'templates/docker/container/depends-on-also-database.yml.j2' %}
+{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %}
      cache:
        condition: service_started
      seeder:
        condition: service_started
-    healthcheck:
+{% set container_port = 8080 %}
-      test: ["CMD", "curl", "-f", "http://localhost:8080/health_checks/default"]
+{% set container_healthcheck = 'health_checks/default' %}
-      interval: 10s
+{% include 'roles/docker-container/templates/healthcheck/curl.yml.j2' %}
      timeout: 3s
      retries: 3
      start_period: 30s
    volumes:
      - "data:/var/openproject/assets"
      - "{{dummy_volume}}:/var/openproject/pgdata" # This mount is unnecessary and just done to prevent anonymous volumes
  worker:
    <<: *app
-{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
+{% include 'roles/docker-container/templates/base.yml.j2' %}
    command: "./docker/prod/worker"
    container_name: openproject-worker
 {% include 'templates/docker/container/networks.yml.j2' %}
-{% include 'templates/docker/container/depends-on-also-database.yml.j2' %}
+{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %}
      cache:
        condition: service_started
      seeder:
@ -71,11 +65,11 @@ services:
  cron:
    <<: *app
-{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
+{% include 'roles/docker-container/templates/base.yml.j2' %}
    command: "./docker/prod/cron"
    container_name: openproject-cron
 {% include 'templates/docker/container/networks.yml.j2' %}
-{% include 'templates/docker/container/depends-on-also-database.yml.j2' %}
+{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %}
      cache:
        condition: service_started
      seeder:
@ -98,7 +92,7 @@ services:
      - "data:/var/openproject/assets"
      - "{{dummy_volume}}:/var/openproject/pgdata" # This mount is unnecessary and just done to prevent anonymous volumes
 {% include 'templates/docker/compose/networks.yml.j2' %}
 {% include 'templates/docker/compose/volumes.yml.j2' %}
-  data:
+  data:
 {% include 'templates/docker/compose/networks.yml.j2' %}
--- a/roles/docker-openproject/vars/configuration.yml
+++ b/roles/docker-openproject/vars/configuration.yml
@ -26,4 +26,9 @@ csp:
      unsafe-inline: true  
 domains:
  canonical:
-    - "project.{{ primary_domain }}"
+    - "project.{{ primary_domain }}"
 docker:
  services:
    database:
      enabled: true
--- a/roles/docker-openproject/vars/main.yml
+++ b/roles/docker-openproject/vars/main.yml
@ -2,7 +2,7 @@ application_id:               "openproject"
 docker_repository_address:    "https://github.com/opf/openproject-deploy"
 database_type:                "postgres"
 docker_repository:            true
-
+      
 openproject_plugins_folder:  "{{docker_compose.directories.volumes}}plugins/"
 custom_openproject_image:     "custom_openproject"
--- a/roles/docker-peertube/templates/docker-compose.yml.j2
+++ b/roles/docker-peertube/templates/docker-compose.yml.j2
@ -1,29 +1,22 @@
-services:
+{% include 'roles/docker-compose/templates/base.yml.j2' %}
 {% include 'templates/docker/services/redis.yml.j2' %}
 {% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %}
  application:
 {% set container_port = 9000 %}
    image: chocobozzz/peertube:production-{{ applications[application_id].version }}
    container_name: {{ container_name }}
-{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
+{% include 'roles/docker-container/templates/base.yml.j2' %}
    ports:
     - "1935:1935"  # @todo Add to ports
-     - "127.0.0.1:{{ports.localhost.http[application_id]}}:9000" 
+     - "127.0.0.1:{{ports.localhost.http[application_id]}}:{{ container_port }}" 
    volumes:
      - assets:/app/client/dist
      - data:/data
      - config:/config
-{% include 'templates/docker/container/depends-on-database-redis.yml.j2' %}
+{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %}
 {% include 'templates/docker/container/networks.yml.j2' %}
    healthcheck:
      # This just tests if the service is running on port 9000. It doesn't check if there is an 200 or e.g. an 404 response
-      test: ["CMD", "bash", "-c", "exec 3<>/dev/tcp/localhost/9000 && echo -e 'GET / HTTP/1.1\\r\\nHost: localhost\\r\\nConnection: close\\r\\n\\r\\n' >&3 && cat <&3 | grep -q 'HTTP/1.1'"]
+{% include 'roles/docker-container/templates/healthcheck/tcp.yml.j2' %}
      interval: 30s
      timeout: 10s
      retries: 3
 {% include 'templates/docker/compose/volumes.yml.j2' %}
  assets:
  data:
--- a/roles/docker-peertube/vars/configuration.yml
+++ b/roles/docker-peertube/vars/configuration.yml
@ -24,4 +24,10 @@ domains:
  canonical:
    - "video.{{ primary_domain }}"
  aliases:
-    - "videos.{{ primary_domain }}"
+    - "videos.{{ primary_domain }}"
 docker:
  services:
    redis:
      enabled: true
    database: 
      enabled: true
--- a/roles/docker-pgadmin/templates/docker-compose.yml.j2
+++ b/roles/docker-pgadmin/templates/docker-compose.yml.j2
@ -1,20 +1,15 @@
-services:
+{% include 'roles/docker-compose/templates/base.yml.j2' %}
 {% include 'roles/docker-oauth2-proxy/templates/container.yml.j2' %}
  application:
 {% set container_port = 80 %}
    image: dpage/pgadmin4:{{applications[application_id].version}}
    container_name: pgadmin
-{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
+{% include 'roles/docker-container/templates/base.yml.j2' %}
    ports:
      - "127.0.0.1:{{ports.localhost.http[application_id]}}:80"
-{% include 'templates/docker/container/depends-on-just-database.yml.j2' %}
+{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %}
 {% include 'templates/docker/container/networks.yml.j2' %}
-    healthcheck:
+{% include 'roles/docker-container/templates/healthcheck/wget.yml.j2' %}
      test: ["CMD", "wget", "--spider", "-q", "http://localhost:80/"]
      interval: 30s
      timeout: 10s
      retries: 3
    volumes:
      - "data:/var/lib/pgadmin"
 {% if applications[application_id].server_mode | bool %}
--- a/roles/docker-pgadmin/vars/configuration.yml
+++ b/roles/docker-pgadmin/vars/configuration.yml
@ -18,4 +18,8 @@ csp:
      unsafe-inline: true
  whitelist:
    font-src:
-      - "data:"
+      - "data:"
 docker:
  services:
    database:
      enabled: true
--- a/roles/docker-phpldapadmin/templates/docker-compose.yml.j2
+++ b/roles/docker-phpldapadmin/templates/docker-compose.yml.j2
@ -1,13 +1,11 @@
-services:
+{% include 'roles/docker-compose/templates/base.yml.j2' %}
 {% include 'roles/docker-oauth2-proxy/templates/container.yml.j2' %}
  application:
    container_name: {{ application_id }}
    image: leenooks/phpldapadmin:{{applications[application_id].version}}
    ports:
      - 127.0.0.1:{{ports.localhost.http[application_id]}}:8080
-{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
+{% include 'roles/docker-container/templates/base.yml.j2' %}
 {% include 'templates/docker/container/networks.yml.j2' %}
--- a/roles/docker-phpmyadmin/templates/docker-compose.yml.j2
+++ b/roles/docker-phpmyadmin/templates/docker-compose.yml.j2
@ -1,19 +1,14 @@
-services:
+{% include 'roles/docker-compose/templates/base.yml.j2' %}
 {% include 'roles/docker-oauth2-proxy/templates/container.yml.j2' %}
  application:
 {% set container_port = 80 %}
    image: phpmyadmin/phpmyadmin:{{applications.phpmyadmin.version}}
    container_name: phpmyadmin
-{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
+{% include 'roles/docker-container/templates/base.yml.j2' %}
    ports:
-      - "127.0.0.1:{{ports.localhost.http[application_id]}}:80"
+      - "127.0.0.1:{{ports.localhost.http[application_id]}}:{{ container_port }}"
-{% include 'templates/docker/container/depends-on-just-database.yml.j2' %}
+{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %}
 {% include 'templates/docker/container/networks.yml.j2' %}
-    healthcheck:
+{% include 'roles/docker-container/templates/healthcheck/tcp.yml.j2' %}
      test: ["CMD", "bash", "-c", "exec 3<>/dev/tcp/localhost/80 && echo -e 'GET / HTTP/1.1\\r\\nHost: localhost\\r\\nConnection: close\\r\\n\\r\\n' >&3 && cat <&3 | grep -q 'HTTP/1.1'"]
      interval: 30s
      timeout: 10s
      retries: 3
 {% include 'templates/docker/compose/networks.yml.j2' %}
--- a/roles/docker-phpmyadmin/vars/configuration.yml
+++ b/roles/docker-phpmyadmin/vars/configuration.yml
@ -20,3 +20,7 @@ domains:
  aliases:
    - "mysql.{{ primary_domain }}"
    - "mariadb.{{ primary_domain }}"
 docker:
  services:
    database:
      enabled: true
--- a/roles/docker-pixelfed/templates/docker-compose.yml.j2
+++ b/roles/docker-pixelfed/templates/docker-compose.yml.j2
@ -1,22 +1,18 @@
-services:
+{% include 'roles/docker-compose/templates/base.yml.j2' %}
 {% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %}
 {% include 'templates/docker/services/redis.yml.j2' %}
  application:
    image: "{{ applications[application_id].images.pixelfed }}"
-{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
+{% include 'roles/docker-container/templates/base.yml.j2' %}
    volumes:
      - "data:/var/www/storage"
      - "./env:/var/www/.env"
    ports:
      - "{{ports.localhost.http[application_id]}}:80"
-{% include 'templates/docker/container/depends-on-database-redis.yml.j2' %}
+{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %}
 {% include 'templates/docker/container/networks.yml.j2' %}
  worker:
    image: "{{ applications[application_id].images.pixelfed }}"
-{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
+{% include 'roles/docker-container/templates/base.yml.j2' %}
    volumes:
      - "data:/var/www/storage"
      - "./env:/var/www/.env"
@ -26,7 +22,7 @@ services:
      interval: 60s
      timeout: 5s
      retries: 1
-{% include 'templates/docker/container/depends-on-database-redis.yml.j2' %}
+{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %}
      application:
        condition: service_started
 {% include 'templates/docker/container/networks.yml.j2' %}
--- a/roles/docker-pixelfed/vars/configuration.yml
+++ b/roles/docker-pixelfed/vars/configuration.yml
@ -22,4 +22,10 @@ domains:
  canonical:
    - "picture.{{ primary_domain }}"
  aliases:
-    - "pictures.{{ primary_domain }}"
+    - "pictures.{{ primary_domain }}"
 docker:
  services:
    redis:
      enabled: true
    database: 
      enabled: true
--- a/roles/docker-portfolio/templates/docker-compose.yml.j2
+++ b/roles/docker-portfolio/templates/docker-compose.yml.j2
@ -1,19 +1,17 @@
-services:
+{% include 'roles/docker-compose/templates/base.yml.j2' %}
  portfolio:
 {% set container_port = 5000 %}
    build:
      context: {{docker_repository_path}}
      dockerfile: Dockerfile
    image: application-portfolio
    container_name: portfolio
    ports:
-      - 127.0.0.1:{{ports.localhost.http[application_id]}}:5000
+      - 127.0.0.1:{{ports.localhost.http[application_id]}}:{{ container_port }}
    volumes:
      - {{docker_repository_path}}app:/app
    restart: unless-stopped
 {% include 'templates/docker/container/networks.yml.j2' %}
-    healthcheck:
+{% include 'roles/docker-container/templates/healthcheck/tcp.yml.j2' %}
-      test: ["CMD", "bash", "-c", "exec 3<>/dev/tcp/localhost/5000 && echo -e 'GET / HTTP/1.1\\r\\nHost: localhost\\r\\nConnection: close\\r\\n\\r\\n' >&3 && cat <&3 | grep -q 'HTTP/1.1'"]
+
      interval: 30s
      timeout: 10s
      retries: 3
 {% include 'templates/docker/compose/networks.yml.j2' %}
--- a/roles/docker-presentation/templates/docker-compose.yml.j2
+++ b/roles/docker-presentation/templates/docker-compose.yml.j2
@ -1,4 +1,4 @@
-services:
+{% include 'roles/docker-compose/templates/base.yml.j2' %}
  cymais-presentation:
    build:
      context:    {{ path_cymais_presentation_output.stdout }}
@ -8,7 +8,7 @@ services:
    volumes:
      - {{ path_cymais_presentation_output.stdout }}:/app
      - {{ path_cymais_output.stdout }}:/source
-{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
+{% include 'roles/docker-container/templates/base.yml.j2' %}
 {% include 'templates/docker/container/networks.yml.j2' %}
 {% include 'templates/docker/compose/networks.yml.j2' %}
--- a/roles/docker-roulette-wheel/templates/docker-compose.yml.j2
+++ b/roles/docker-roulette-wheel/templates/docker-compose.yml.j2
@ -1,8 +1,10 @@
-services:
+{% include 'roles/docker-compose/templates/base.yml.j2' %}
    application:
        container_name: roulette_application
        build:
            context: .
        ports:
        - 127.0.0.1:{{ports.localhost.http[application_id]}}:8080
-        restart: {{docker_restart_policy}}
+        restart: {{docker_restart_policy}}
 {% include 'templates/docker/compose/networks.yml.j2' %}
--- a/roles/docker-simpleicons/templates/docker-compose.yml.j2
+++ b/roles/docker-simpleicons/templates/docker-compose.yml.j2
@ -1,4 +1,4 @@
-services:
+{% include 'roles/docker-compose/templates/base.yml.j2' %}
  application:
    build:
      context: .
@ -7,7 +7,7 @@ services:
    container_name: simpleicons-server
    ports:
      - "{{ports.localhost.http[application_id]}}:3000"
-{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
+{% include 'roles/docker-container/templates/base.yml.j2' %}
 {% include 'templates/docker/container/networks.yml.j2' %}
 {% include 'templates/docker/compose/networks.yml.j2' %}
--- a/roles/docker-snipe-it/templates/docker-compose.yml.j2
+++ b/roles/docker-snipe-it/templates/docker-compose.yml.j2
@ -1,28 +1,18 @@
-services:
+{% include 'roles/docker-compose/templates/base.yml.j2' %}
 {% include 'templates/docker/services/redis.yml.j2' %}
 {% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %}
 {% include 'roles/docker-oauth2-proxy/templates/container.yml.j2' %}
  application:
 {% set container_port = 80 %}
    image: grokability/snipe-it:{{applications[application_id].version}}
-{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
+{% include 'roles/docker-container/templates/base.yml.j2' %}
    volumes:
      - data:/var/lib/snipeit
    ports:
-      - "127.0.0.1:{{ports.localhost.http[application_id]}}:80"
+      - "127.0.0.1:{{ports.localhost.http[application_id]}}:{{ container_port }}"
-{% include 'templates/docker/container/depends-on-database-redis.yml.j2' %}
+{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %}
 {% include 'templates/docker/container/networks.yml.j2' %}
-    healthcheck:
+{% include 'roles/docker-container/templates/healthcheck/tcp.yml.j2' %}
      test: ["CMD", "bash", "-c", "exec 3<>/dev/tcp/localhost/80 && echo -e 'GET / HTTP/1.1\\r\\nHost: localhost\\r\\nConnection: close\\r\\n\\r\\n' >&3 && cat <&3 | grep -q 'HTTP/1.1'"]
      interval: 30s
      timeout: 10s
      retries: 3
 {% include 'templates/docker/compose/volumes.yml.j2' %}
  redis:
  data:
-{% include 'templates/docker/compose/networks.yml.j2' %}
+{% include 'templates/docker/compose/networks.yml.j2' %}
--- a/roles/docker-snipe-it/vars/configuration.yml
+++ b/roles/docker-snipe-it/vars/configuration.yml
@ -26,4 +26,10 @@ oauth2_proxy:
  port:         "80"
  acl:
    blacklist:
-      - "/login"
+      - "/login"
 docker:
  services:
    redis:
      enabled: true
    database: 
      enabled: true
--- a/roles/docker-sphinx/templates/docker-compose.yml.j2
+++ b/roles/docker-sphinx/templates/docker-compose.yml.j2
@ -1,16 +1,13 @@
-services:
+{% include 'roles/docker-compose/templates/base.yml.j2' %}
  application:
 {% set container_port = 8008 %}
    build: 
      context: {{ path_cymais_sphinx_output.stdout }}
      dockerfile: {{ path_cymais_sphinx_output.stdout }}/Dockerfile
    ports:
-      - "127.0.0.1:{{ports.localhost.http[application_id]}}:8000"
+      - "127.0.0.1:{{ports.localhost.http[application_id]}}:{{ container_port }}"
-    healthcheck:
+{% include 'roles/docker-container/templates/healthcheck/curl.yml.j2' %}
-      test: ["CMD", "curl", "-f", "http://127.0.0.1:8000"]
+{% include 'roles/docker-container/templates/base.yml.j2' %}
      interval: 1m
      timeout: 10s
      retries: 3
 {% include 'roles/docker-compose/templates/services/base.yml.j2' %}
 {% include 'templates/docker/container/networks.yml.j2' %}
 {% include 'templates/docker/compose/networks.yml.j2' %}
--- a/roles/docker-syncope/templates/docker-compose.yml.j2
+++ b/roles/docker-syncope/templates/docker-compose.yml.j2
@ -1,7 +1,4 @@
-services:
+{% include 'roles/docker-compose/templates/base.yml.j2' %}
 {% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %}
   application: 
     depends_on:
       - db
@ -9,7 +6,7 @@ services:
     ports:
       - "18080:8080"
     restart: always
-{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
+{% include 'roles/docker-container/templates/base.yml.j2' %}
     environment:
       SPRING_PROFILES_ACTIVE: docker,postgresql,saml2
       OPENJPA_REMOTE_COMMIT: sjvm
@ -37,4 +34,5 @@ services:
     environment:
       SPRING_PROFILES_ACTIVE: docker,saml2
       SERVICE_DISCOVERY_ADDRESS: {{ domains | get_url(application_id, web_protocol) }}/{{syncope_paths[enduser]}}/
-       
+
 {% include 'templates/docker/compose/networks.yml.j2' %}
--- a/roles/docker-taiga/templates/docker-compose-inits.yml.j2
+++ b/roles/docker-taiga/templates/docker-compose-inits.yml.j2
@ -3,7 +3,7 @@ services:
    image: taigaio/taiga-back:latest
    environment:
      CELERY_ENABLED: "False"
-{% include 'templates/docker/container/depends-on-just-database.yml.j2' %}
+{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %}
 {% include 'templates/docker/container/networks.yml.j2' %}
    entrypoint: "python manage.py"
    volumes:
--- a/roles/docker-taiga/templates/docker-compose.yml.j2
+++ b/roles/docker-taiga/templates/docker-compose.yml.j2
@ -1,7 +1,7 @@
-services:
+{% include 'roles/docker-compose/templates/base.yml.j2' %}
-{% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %}
+
  taiga-back:
-{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
+{% include 'roles/docker-container/templates/base.yml.j2' %}
    image: {{taiga_image_backend}}:{{applications.taiga.version}}
    volumes:
      # These volumens will be used by taiga-back and taiga-async.
@ -17,7 +17,7 @@ services:
 {% include 'templates/docker/container/networks.yml.j2' %}
      taiga:
-{% include 'templates/docker/container/depends-on-also-database.yml.j2' %}
+{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %}
      taiga-events-rabbitmq:
        condition: service_started
      taiga-async-rabbitmq:
@ -33,7 +33,7 @@ services:
  taiga-async:
-{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
+{% include 'roles/docker-container/templates/base.yml.j2' %}
    image: {{taiga_image_backend}}:{{applications.taiga.version}}
    entrypoint: ["/taiga-back/docker/async_entrypoint.sh"]
    volumes:
@ -52,7 +52,7 @@ services:
 {% include 'templates/docker/container/networks.yml.j2' %}
      taiga:
-{% include 'templates/docker/container/depends-on-also-database.yml.j2' %}
+{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %}
      taiga-events-rabbitmq:
        condition: service_started
      taiga-async-rabbitmq:
@ -71,13 +71,13 @@ services:
    hostname: "taiga-async-rabbitmq"
    volumes:
      - async-rabbitmq-data:/var/lib/rabbitmq
-{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
+{% include 'roles/docker-container/templates/base.yml.j2' %}
 {% include 'templates/docker/container/networks.yml.j2' %}
      taiga:
  taiga-front:
    image: {{taiga_image_frontend}}:{{applications.taiga.version}}
-{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
+{% include 'roles/docker-container/templates/base.yml.j2' %}
 {% include 'templates/docker/container/networks.yml.j2' %}
      taiga:
 #    volumes:
@ -85,7 +85,7 @@ services:
  taiga-events:
    image: taigaio/taiga-events:latest
-{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
+{% include 'roles/docker-container/templates/base.yml.j2' %}
 {% include 'templates/docker/container/networks.yml.j2' %}
      taiga:
    depends_on:
@ -97,14 +97,14 @@ services:
    hostname: "events-rabbitmq"
    volumes:
      - events-rabbitmq-data:/var/lib/rabbitmq
-{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
+{% include 'roles/docker-container/templates/base.yml.j2' %}
 {% include 'templates/docker/container/networks.yml.j2' %}
      taiga:
  taiga-protected:
    image: taigaio/taiga-protected:latest
-{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
+{% include 'roles/docker-container/templates/base.yml.j2' %}
 {% include 'templates/docker/container/networks.yml.j2' %}
      taiga:
@ -117,7 +117,7 @@ services:
      - {{docker_repository_path}}taiga-gateway/taiga.conf:/etc/nginx/conf.d/default.conf
      - static-data:/taiga/static
      - media-data:/taiga/media
-{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
+{% include 'roles/docker-container/templates/base.yml.j2' %}
 {% include 'templates/docker/container/networks.yml.j2' %}
      taiga:
@ -133,4 +133,4 @@ services:
  events-rabbitmq-data:
 {% include 'templates/docker/compose/networks.yml.j2' %}
-  taiga:
+  taiga:
--- a/roles/docker-taiga/vars/configuration.yml
+++ b/roles/docker-taiga/vars/configuration.yml
@ -12,7 +12,10 @@ features:
  portfolio_iframe:   false
  oidc:               false
  central_database:   true
-
+docker:
  services:
    database:
      enabled: true
 csp:
  flags:
    script-src-elem:
@ -21,7 +24,7 @@ csp:
    style-src:
      unsafe-inline: true
    script-src:
-      unsafe-eval:    true
+      unsafe-eval:   true
 domains:
  canonical:
    - "kanban.{{ primary_domain }}"
--- a/roles/docker-wordpress/templates/docker-compose.yml.j2
+++ b/roles/docker-wordpress/templates/docker-compose.yml.j2
@ -1,9 +1,6 @@
-services:
+{% include 'roles/docker-compose/templates/base.yml.j2' %}
 {% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %}
  application:
-    {% include 'roles/docker-compose/templates/services/base.yml.j2' %}
+    {% include 'roles/docker-container/templates/base.yml.j2' %}
    image: {{wordpress_custom_image}}
    container_name: wordpress-application
    build:
@ -13,9 +10,8 @@ services:
    volumes:
      - data:{{ wordpress_docker_html_path }}
-{% include 'roles/docker-compose/templates/services/msmtp_curl_test.yml.j2' %}
+{% include 'roles/docker-container/templates/healthcheck/msmtp_curl.yml.j2' %}
-
+{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %}
 {% include 'templates/docker/container/depends-on-just-database.yml.j2' %}
 {% include 'templates/docker/container/networks.yml.j2' %}
 {% include 'templates/docker/compose/networks.yml.j2' %}
--- a/roles/docker-wordpress/vars/configuration.yml
+++ b/roles/docker-wordpress/vars/configuration.yml
@ -39,6 +39,10 @@ csp:
 domains:
  canonical:
    - "blog.{{ primary_domain }}"
 docker:
  services:
    database:
      enabled: true
 rbac:
  roles:
    subscriber:
--- a/roles/docker-yourls/templates/docker-compose.yml.j2
+++ b/roles/docker-yourls/templates/docker-compose.yml.j2
@ -1,22 +1,17 @@
-services:
+{% include 'roles/docker-compose/templates/base.yml.j2' %}
 {% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %}
 {% include 'roles/docker-oauth2-proxy/templates/container.yml.j2' %}
  application:
 {% set container_port = 80 %}
 {% set container_healthcheck = 'http://127.0.0.1/admin/' %}
    image: yourls:{{applications.yourls.version}}
-{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
+{% include 'roles/docker-container/templates/base.yml.j2' %}
    ports:
-      - "127.0.0.1:{{ports.localhost.http[application_id]}}:80"
+      - "127.0.0.1:{{ports.localhost.http[application_id]}}:{{ container_port }}"
-    healthcheck:
+{% include 'roles/docker-container/templates/healthcheck/curl.yml.j2' %}
      test: ["CMD", "curl", "-f", "http://127.0.0.1/admin/"]
      interval: 1m
      timeout: 10s
      retries: 3
-{% include 'templates/docker/container/depends-on-just-database.yml.j2' %}
+{% include 'roles/docker-container/templates/depends_on_dmbs.j2' %}
 {% include 'templates/docker/container/networks.yml.j2' %}
 {% include 'templates/docker/compose/volumes-just-database.yml.j2' %}
 {% include 'templates/docker/compose/networks.yml.j2' %}
--- a/roles/docker-yourls/vars/configuration.yml
+++ b/roles/docker-yourls/vars/configuration.yml
@ -17,4 +17,8 @@ domains:
  canonical:
    - "s.{{ primary_domain }}"
  aliases:
-    - "short.{{ primary_domain }}"
+    - "short.{{ primary_domain }}"
 docker:
  services:
    database:
      enabled: true
--- a/templates/docker/container/depends-on-also-database.yml.j2
+++ b/templates/docker/container/depends-on-also-database.yml.j2
@ -1,7 +0,0 @@
 {# This template needs to be included in docker-compose.yml containers which depend on a database and additional containers #}
    depends_on:
 {% if not applications | is_feature_enabled('central_database',application_id) %}
      database:
        condition: service_healthy
 {% endif %}
 {{ "\n" }}
--- a/templates/docker/container/depends-on-database-redis.yml.j2
+++ b/templates/docker/container/depends-on-database-redis.yml.j2
@ -1,9 +0,0 @@
 {# This template needs to be included in docker-compose.yml containers, which depend on a database, redis and optional additional volumes #}
    depends_on:
 {% if not applications | is_feature_enabled('central_database',application_id) %}
      database:
        condition: service_healthy
 {% endif %}
      redis:
        condition: service_healthy
 {{ "\n" }}
--- a/templates/docker/container/depends-on-just-database.yml.j2
+++ b/templates/docker/container/depends-on-just-database.yml.j2
@ -1,7 +0,0 @@
 {# This template needs to be included in docker-compose.yml containers, which just depend on a database #}
 {% if not applications | is_feature_enabled('central_database',application_id) %}
    depends_on:
      database:
        condition: service_healthy
 {% endif %}
 {{ "\n" }}
--- a/templates/docker_role/templates/docker-compose.yml.j2.j2
+++ b/templates/docker_role/templates/docker-compose.yml.j2.j2
@ -1,19 +1,21 @@
 services:
-  portfolio:
+
-    build:
+{% include 'roles/docker-central-database/templates/services/main.yml.j2' %}
-      context: {{docker_repository_path}}
+
-      dockerfile: Dockerfile
+  application:
-    image: application-portfolio
+    image: "{{ applications[application_id].images[application_id] }}"
    container_name: portfolio
    ports:
      - 127.0.0.1:{{ports.localhost.http[application_id]}}:5000
    volumes:
-      - {{docker_repository_path}}app:/app
+      - uploads:/var/lib/mobilizon/uploads
-    restart: unless-stopped
+      - {{ mobilizon_host_conf_exs_file }}:/etc/mobilizon/config.exs:ro
    ports:
      - "127.0.0.1:{{ ports.localhost.http[application_id] }}:{{ container_port }}"
 {% include 'roles/docker-container/templates/healthcheck/curl.yml.j2' %}
 {% include 'roles/docker-container/templates/base.yml.j2' %}
 {% include 'roles/docker-container/templates/depends_on_dmbs.j2' %}
 {% include 'templates/docker/container/networks.yml.j2' %}
-    healthcheck:
+
-      test: ["CMD", "bash", "-c", "exec 3<>/dev/tcp/localhost/5000 && echo -e 'GET / HTTP/1.1\\r\\nHost: localhost\\r\\nConnection: close\\r\\n\\r\\n' >&3 && cat <&3 | grep -q 'HTTP/1.1'"]
+{% include 'templates/docker/compose/volumes.yml.j2' %}
-      interval: 30s
+  uploads:
-      timeout: 10s
+
-      retries: 3
+{% include 'templates/docker/compose/networks.yml.j2' %}
-{% include 'templates/docker/compose/networks.yml.j2' %}
+
--- a/templates/docker_role/vars/configuration.yml.j2
+++ b/templates/docker_role/vars/configuration.yml.j2
@ -1,7 +1,10 @@
 credentials:
 docker:
-    images: {}
+  images: {}                # @todo Move under services
-    versions: {}
+  versions: {}              # @todo Move under services
  services:
    redis:
      enabled:      false   # Enable Redis 
 features:
  matomo:           true    # Enable Matomo Tracking
  css:              true    # Enable Global CSS Styling
@ -16,4 +19,8 @@ csp:
 domains:
  canonical:        []      # Urls under which the domain should be directly accessible
  alias:            []      # Alias redirections to the first element of the canonical domains
 rbac:
  roles:
    mail-bot:
      description: "Has an token to send and recieve emails"
--- a/tests/integration/test_application_id_consistency.py
+++ b/tests/integration/test_application_id_consistency.py
@ -11,7 +11,7 @@ class TestApplicationIdConsistency(unittest.TestCase):
        failed_roles = []
        for role_path in ROLES_DIR.iterdir():
-            if role_path.name in ["docker-compose", "docker-central-database", "docker-repository-setup"]:
+            if role_path.name in ["docker-container","docker-compose", "docker-central-database", "docker-repository-setup"]:
                continue
            if role_path.is_dir() and role_path.name.startswith("docker-"):
--- a/tests/integration/test_configuration_database_dependency.py
+++ b/tests/integration/test_configuration_database_dependency.py
@ -0,0 +1,43 @@
 import unittest
 from pathlib import Path
 import yaml
 class TestConfigurationDatabaseDependency(unittest.TestCase):
    # Define project root and glob pattern for configuration files
    PROJECT_ROOT = Path(__file__).resolve().parents[2]
    CONFIG_PATTERN = 'roles/*/vars/configuration.yml'
    def test_central_database_implies_database_service_enabled(self):
        """
        For each roles/*/vars/configuration.yml:
        If features.central_database is true,
        then docker.services.database.enabled must be true.
        """
        config_paths = sorted(self.PROJECT_ROOT.glob(self.CONFIG_PATTERN))
        self.assertTrue(config_paths, f"No configuration files found for pattern {self.CONFIG_PATTERN}")
        for config_path in config_paths:
            with self.subTest(configuration=config_path):
                content = yaml.safe_load(config_path.read_text(encoding='utf-8')) or {}
                # Read central_database flag
                features = content.get('features', {})
                central_db = features.get('central_database', False)
                # Read database enabled flag
                docker = content.get('docker', {})
                services = docker.get('services', {})
                database = services.get('database', {})
                db_enabled = database.get('enabled', False)
                if central_db:
                    self.assertTrue(
                        db_enabled,
                        f"{config_path}: features.central_database is true but docker.services.database.enabled is not true"
                    )
                else:
                    # No requirement when central_database is false or absent
                    self.assertTrue(True)
 if __name__ == '__main__':
    unittest.main()
--- a/Show More
+++ b/Show More
		`@ -0,0 +1 @@`
							`{% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %}`