kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-08-29 15:06:26 +02:00
Code Issues Packages Projects Releases Wiki Activity

Renamed the mariadb, openldap and postgres database

Browse Source
This commit is contained in:
Kevin Veen-Birkenbach
2025-07-12 16:06:13 +02:00
parent e174523fc6
commit 3b03c5171d
84 changed files with 210 additions and 106 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
roles/cmp-db-docker-proxy/tasks/main.yml
View File

@@ -1,8 +1,8 @@
- name: "load docker and db for {{application_id}}"
- name: "For '{{ application_id }}': load docker and db"
include_role:
name: cmp-db-docker
- name: "include role srv-proxy-6-6-domain for {{application_id}}"
- name: "For '{{ application_id }}': include role srv-proxy-6-6-domain"
include_role:
name: srv-proxy-6-6-domain
vars:

8
roles/cmp-db-docker/tasks/main.yml
View File

@@ -1,17 +1,17 @@
- name: "set database_application_id (Needed due to lazzy loading issue)"
- name: "For '{{ application_id }}': Set database_application_id (Needed due to lazzy loading issue)"
set_fact:
database_application_id: "{{ application_id }}"
- name: "Load database variables"
- name: "For '{{ application_id }}': Load database variables"
include_vars: "{{ item }}"
loop:
- "{{ cmp_db_docker_vars_file_docker }}" # Important to load docker variables first so that database can use them
- "{{ cmp_db_docker_vars_file_db }}" # Important to load them before docker role so that backup can use them
- name: "Load docker-compose for {{ application_id }}"
- name: "For '{{ application_id }}': Load docker-compose"
include_role:
name: docker-compose
- name: "Load central rdbms for {{ application_id }}"
- name: "For '{{ application_id }}': Load central RDBMS"
include_role:
name: cmp-rdbms

4
roles/cmp-docker-proxy/tasks/main.yml
View File

@@ -1,8 +1,8 @@
- name: "include docker-compose role"
- name: "For '{{ application_id }}': include docker-compose role"
include_role:
name: docker-compose
- name: "include role srv-proxy-6-6-domain for {{application_id}}"
- name: "For '{{ application_id }}': include role srv-proxy-6-6-domain"
include_role:
name: srv-proxy-6-6-domain
vars:

18
roles/cmp-rdbms/tasks/main.yml
View File

@@ -1,20 +1,18 @@
# The following env file will just be used from the dedicated mariadb container
# and not the {{applications['mariadb'].hostname }}-database
- name: "Create {{database_env}}"
# and not the {{applications['svc-db-mariadb'].hostname }}
- name: "For '{{ application_id }}': Create {{database_env}}"
template:
src: "env/{{database_type}}.env.j2"
dest: "{{database_env}}"
notify: docker compose up
when: not applications | is_feature_enabled('central_database',application_id)
- name: "Create central database"
- name: "For '{{ application_id }}': Create central database"
# I don't know why this includes leads to that the application_id in vars/main.yml of the database role isn't used
# This is the behaviour which I want, but I'm still wondering why ;)
include_role:
name: "svc-{{database_type}}"
name: "svc-db-{{database_type}}"
when: applications | is_feature_enabled('central_database',application_id)
#- name: "Create central database"
# include_tasks: "{{ playbook_dir }}/roles/svc-{{database_type}}/tasks/main.yml"
# when: applications | is_feature_enabled('central_database',application_id)
- name: "Add database to backup"
include_tasks: "{{ playbook_dir }}/roles/sys-bkp-docker-to-local/tasks/seed-database-to-backup.yml"
- name: "For '{{ application_id }}': Add Entry for Backup Procedure"
include_tasks: "{{ playbook_dir }}/roles/sys-bkp-docker-to-local/tasks/seed-database-to-backup.yml"

2
roles/cmp-rdbms/templates/services/postgres.yml.j2
View File

@@ -1,7 +1,7 @@
# This template needs to be included in docker-compose.yml, which depend on a postgres database
{% if not applications | is_feature_enabled('central_database',application_id) %}
{{ database_host }}:
image: postgres:{{applications['postgres'].version}}-alpine
image: postgres:{{applications['svc-db-postgres'].version}}-alpine
container_name: {{application_id}}-database
env_file:
- {{database_env}}

12
roles/cmp-rdbms/vars/database.yml
View File

@@ -1,9 +1,9 @@
database_instance: "{{ 'central-' + database_type if applications | is_feature_enabled('central_database',database_application_id) else database_application_id }}"
database_host: "{{ 'central-' + database_type if applications | is_feature_enabled('central_database',database_application_id) else 'database' }}"
database_name: "{{ applications[database_application_id].database.name | default( database_application_id ) }}" # The overwritte configuration is needed by bigbluebutton
database_username: "{{ applications[database_application_id].database.username | default( database_application_id )}}" # The overwritte configuration is needed by bigbluebutton
database_password: "{{ applications[database_application_id].credentials.database_password }}"
database_port: "{{ 3306 if database_type == 'mariadb' else applications['postgres'].port }}"
database_instance: "{{ applications[ 'svc-db-' ~ database_type ].hostname if applications | is_feature_enabled('central_database',database_application_id) else database_application_id }}"
database_host: "{{ applications[ 'svc-db-' ~ database_type ].hostname if applications | is_feature_enabled('central_database',database_application_id) else 'database' }}"
database_name: "{{ applications[ database_application_id ].database.name | default( database_application_id ) }}" # The overwritte configuration is needed by bigbluebutton
database_username: "{{ applications[ database_application_id ].database.username | default( database_application_id )}}" # The overwritte configuration is needed by bigbluebutton
database_password: "{{ applications[ database_application_id ].credentials.database_password }}"
database_port: "{{ applications[ 'svc-db-' ~ database_type ].port }}"
database_env: "{{docker_compose.directories.env}}{{database_type}}.env"
database_url_jdbc: "jdbc:{{ database_type if database_type == 'mariadb' else 'postgresql' }}://{{ database_host }}:{{ database_port }}/{{ database_name }}"
database_url_full: "{{database_type}}://{{database_username}}:{{database_password}}@{{database_host}}:{{database_port}}/{{ database_name }}"

6
roles/docker-compose/templates/networks.yml.j2
View File

@@ -1,11 +1,11 @@
{# This template needs to be included in docker-compose.yml #}
networks:
{% if applications | is_feature_enabled('central_database',application_id) and database_type is defined %}
central_{{ database_type }}:
{{ applications[ 'svc-db-' ~ database_type ].network }}:
external: true
{% endif %}
{% if applications[application_id].get('features', {}).get('ldap', false) and applications.openldap.network.docker | bool %}
central_ldap:
{% if applications[application_id].get('features', {}).get('ldap', false) and applications['svc-db-openldap'].network.docker | bool %}
svc-db-openldap:
external: true
{% endif %}
default:

6
roles/docker-container/templates/networks.yml.j2
View File

@@ -1,10 +1,10 @@
{# This template needs to be included in docker-compose.yml containers #}
networks:
{% if applications | is_feature_enabled('central_database',application_id) | bool and database_type is defined %}
central_{{ database_type }}:
{{ applications[ 'svc-db-' ~ database_type ].network }}:
{% endif %}
{% if applications[application_id].get('features', {}).get('ldap', false) | bool and applications.openldap.network.docker|bool %}
central_ldap:
{% if applications[application_id].get('features', {}).get('ldap', false) | bool and applications['svc-db-openldap'].network.docker|bool %}
svc-db-openldap:
{% endif %}
default:
{{ "\n" }}

0
roles/svc-mariadb/Administration.md → roles/svc-db-mariadb/Administration.md
View File

0
roles/svc-mariadb/README.md → roles/svc-db-mariadb/README.md
View File

4
roles/svc-db-mariadb/config/main.yml Normal file
View File

@@ -0,0 +1,4 @@
version: "latest"
hostname: "svc-db-mariadb"
network: "svc-db-mariadb"
port: 5432

4
roles/svc-mariadb/defaults/README.md → roles/svc-db-mariadb/defaults/README.md
View File

@@ -1,6 +1,6 @@
# defaults/
This directory contains default variable definition files for the `svc-mariadb` Ansible role. It centralizes all configurable values related to MariaDB deployment and can be adjusted without modifying task logic.
This directory contains default variable definition files for the `svc-db-mariadb` Ansible role. It centralizes all configurable values related to MariaDB deployment and can be adjusted without modifying task logic.
---
@@ -34,7 +34,7 @@ Defines default values for how the MariaDB database should be created.
To customize any of these values without editing role defaults:
1. Create or update a playbook-level vars file (e.g. `group_vars/all/svc-mariadb.yml`).
1. Create or update a playbook-level vars file (e.g. `group_vars/all/svc-db-mariadb.yml`).
2. Set the desired values, for example:
```yaml

0
roles/svc-mariadb/defaults/main.yml → roles/svc-db-mariadb/defaults/main.yml
View File

0
roles/svc-mariadb/meta/main.yml → roles/svc-db-mariadb/meta/main.yml
View File

0
roles/svc-mariadb/schema/main.yml → roles/svc-db-mariadb/schema/main.yml
View File

24
roles/svc-mariadb/tasks/main.yml → roles/svc-db-mariadb/tasks/main.yml
View File

@@ -1,29 +1,29 @@
- name: Create Docker network for MariaDB
docker_network:
name: central_mariadb
name: "{{ applications['svc-db-mariadb'].network }}"
state: present
ipam_config:
- subnet: "{{ networks.local.mariadb.subnet }}"
- subnet: "{{ networks.local['svc-db-mariadb'].subnet }}"
when: run_once_docker_mariadb is not defined
- name: install MariaDB
docker_container:
name: "{{applications['mariadb'].hostname }}"
image: "mariadb:{{applications['mariadb'].version}}" #could lead to problems with nextcloud
name: "{{ applications['svc-db-mariadb'].hostname }}"
image: "mariadb:{{applications['svc-db-mariadb'].version}}"
detach: yes
env:
MARIADB_ROOT_PASSWORD: "{{applications['mariadb'].credentials.root_password}}"
MARIADB_ROOT_PASSWORD: "{{applications['svc-db-mariadb'].credentials.root_password}}"
MARIADB_AUTO_UPGRADE: "1"
networks:
- name: central_mariadb
- name: "{{ applications['svc-db-mariadb'].network }}"
volumes:
- central_mariadb_database:/var/lib/mysql
- mariadb_database:/var/lib/mysql
published_ports:
- "127.0.0.1:{{database_port}}:3306" # can be that this will be removed if all applications use sockets
command: "--transaction-isolation=READ-COMMITTED --binlog-format=ROW" #for nextcloud
restart_policy: "{{docker_restart_policy}}"
healthcheck:
test: "/usr/bin/mariadb --user=root --password={{applications['mariadb'].credentials.root_password}} --execute \"SHOW DATABASES;\""
test: "/usr/bin/mariadb --user=root --password={{applications['svc-db-mariadb'].credentials.root_password}} --execute \"SHOW DATABASES;\""
interval: 3s
timeout: 1s
retries: 5
@@ -38,7 +38,7 @@
- name: Wait until the MariaDB container is healthy
community.docker.docker_container_info:
name: "{{ applications['mariadb'].hostname }}"
name: "{{ applications['svc-db-mariadb'].hostname }}"
register: db_info
until:
- db_info.containers is defined
@@ -56,7 +56,7 @@
name: "{{ database_name }}"
state: present
login_user: root
login_password: "{{ applications['mariadb'].credentials.root_password }}"
login_password: "{{ applications['svc-db-mariadb'].credentials.root_password }}"
login_host: 127.0.0.1
login_port: "{{ database_port }}"
encoding: "{{ database_encoding }}"
@@ -70,7 +70,7 @@
priv: '{{database_name}}.*:ALL'
state: present
login_user: root
login_password: "{{applications['mariadb'].credentials.root_password}}"
login_password: "{{applications['svc-db-mariadb'].credentials.root_password}}"
login_host: 127.0.0.1
login_port: "{{database_port}}"
@@ -78,7 +78,7 @@
# @todo Remove if this works fine in the future.
#- name: Grant database privileges
# ansible.builtin.shell:
# cmd: "docker exec {{applications['mariadb'].hostname }} mariadb -u root -p{{ applications['mariadb'].credentials.root_password }} -e \"GRANT ALL PRIVILEGES ON `{{database_name}}`.* TO '{{database_username}}'@'%';\""
# cmd: "docker exec {{applications['svc-db-mariadb'].hostname }} mariadb -u root -p{{ applications['svc-db-mariadb'].credentials.root_password }} -e \"GRANT ALL PRIVILEGES ON `{{database_name}}`.* TO '{{database_username}}'@'%';\""
# args:
# executable: /bin/bash

2
roles/svc-mariadb/vars/README.md → roles/svc-db-mariadb/vars/README.md
View File

@@ -1,6 +1,6 @@
# vars/
This directory contains variable definition files for the `svc-mariadb` Ansible role. It centralizes all configurable values related to MariaDB deployment and can be adjusted without modifying task logic.
This directory contains variable definition files for the `svc-db-mariadb` Ansible role. It centralizes all configurable values related to MariaDB deployment and can be adjusted without modifying task logic.
---

1
roles/svc-db-mariadb/vars/main.yml Normal file
View File

@@ -0,0 +1 @@
application_id: svc-db-mariadb

0
roles/svc-openldap/README.md → roles/svc-db-openldap/README.md
View File

0
roles/svc-openldap/TODO.md → roles/svc-db-openldap/TODO.md
View File

0
roles/svc-openldap/__init__.py → roles/svc-db-openldap/__init__.py
View File

7
roles/svc-openldap/config/main.yml → roles/svc-db-openldap/config/main.yml
View File

@@ -1,10 +1,11 @@
images:
openldap: "bitnami/openldap:latest"
hostname: "svc-db-openldap" # Hostname of the LDAP Server in the ldap network
network:
name: "svc-db-openldap"
local: True # Activates local network. Necessary for LDIF import routines
docker: True # Activates docker network to allow other docker containers to connect
public: False # Set to true in inventory file if you want to expose the LDAP port to the internet
hostname: "ldap" # Hostname of the LDAP Server in the central_ldap network
images:
openldap: "bitnami/openldap:latest"
webinterface: "lam" # The webinterface which should be used. Possible: lam and phpldapadmin
features:
ldap: true

0
roles/svc-openldap/docs/Administration.md → roles/svc-db-openldap/docs/Administration.md
View File

0
roles/svc-openldap/docs/Change_DN.md → roles/svc-db-openldap/docs/Change_DN.md
View File

0
roles/svc-openldap/docs/Installation.md → roles/svc-db-openldap/docs/Installation.md
View File

0
roles/svc-openldap/filter_plugins/__init__.py → roles/svc-db-openldap/filter_plugins/__init__.py
View File

0
roles/svc-openldap/filter_plugins/build_ldap_nested_group_entries.py → roles/svc-db-openldap/filter_plugins/build_ldap_nested_group_entries.py
View File

0
roles/svc-openldap/filter_plugins/build_ldap_role_entries.py → roles/svc-db-openldap/filter_plugins/build_ldap_role_entries.py
View File

0
roles/svc-openldap/handlers/main.yml → roles/svc-db-openldap/handlers/main.yml
View File

0
roles/svc-openldap/meta/main.yml → roles/svc-db-openldap/meta/main.yml
View File

0
roles/svc-openldap/schema/main.yml → roles/svc-db-openldap/schema/main.yml
View File

0
roles/svc-openldap/tasks/add_user_objects.yml → roles/svc-db-openldap/tasks/add_user_objects.yml
View File

0
roles/svc-openldap/tasks/create_ldif_files.yml → roles/svc-db-openldap/tasks/create_ldif_files.yml
View File

6
roles/svc-openldap/tasks/main.yml → roles/svc-db-openldap/tasks/main.yml
View File

@@ -19,17 +19,17 @@
- name: create docker network for LDAP, so that other applications can access it
docker_network:
name: central_ldap
name: "{{ applications[application_id].network.name }}"
state: present
ipam_config:
- subnet: "{{ networks.local.central_ldap.subnet }}"
- subnet: "{{ networks.local['svc-db-openldap'].subnet }}"
- meta: flush_handlers
- name: "Wait for LDAP to be available"
wait_for:
host: "127.0.0.1"
port: "{{ ports.localhost.ldap.openldap }}"
port: "{{ ports.localhost.ldap['svc-db-openldap'] }}"
delay: 5
timeout: 120
state: started

1
roles/svc-openldap/tasks/reset_admin_passwords.yml → roles/svc-db-openldap/tasks/reset_admin_passwords.yml
View File

@@ -1,6 +1,5 @@
---
# Reset both Database and Configuration Admin passwords in LDAP via LDAPI
# roles/svc-openldap/tasks/reset_admin_passwords.yml
- name: "Query available LDAP databases"
shell: |

0
roles/svc-openldap/tasks/schemas/nextcloud.yml → roles/svc-db-openldap/tasks/schemas/nextcloud.yml
View File

0
roles/svc-openldap/tasks/schemas/openssh_lpk.yml → roles/svc-db-openldap/tasks/schemas/openssh_lpk.yml
View File

2
roles/svc-openldap/templates/docker-compose.yml.j2 → roles/svc-db-openldap/templates/docker-compose.yml.j2
View File

@@ -6,7 +6,7 @@
{% include 'roles/docker-container/templates/base.yml.j2' %}
{% if applications[application_id].network.public | bool or applications[application_id].network.local | bool %}
ports:
- 127.0.0.1:{{ports.localhost.ldap.openldap}}:{{ldap_docker_port}}
- 127.0.0.1:{{ports.localhost.ldap['svc-db-openldap']}}:{{ldap_docker_port}}
{% endif %}
volumes:
- 'data:/bitnami/openldap'

0
roles/svc-openldap/templates/env.j2 → roles/svc-db-openldap/templates/env.j2
View File

0
roles/svc-openldap/templates/ldif/configuration/01_member_of_configuration.ldif.j2 → roles/svc-db-openldap/templates/ldif/configuration/01_member_of_configuration.ldif.j2
View File

0
roles/svc-openldap/templates/ldif/configuration/02_member_of_configuration.ldif.j2 → roles/svc-db-openldap/templates/ldif/configuration/02_member_of_configuration.ldif.j2
View File

0
roles/svc-openldap/templates/ldif/configuration/03_member_of_configuration.ldif.j2 → roles/svc-db-openldap/templates/ldif/configuration/03_member_of_configuration.ldif.j2
View File

0
roles/svc-openldap/templates/ldif/configuration/04_hashed_password.ldif.j2 → roles/svc-db-openldap/templates/ldif/configuration/04_hashed_password.ldif.j2
View File

0
roles/svc-openldap/templates/ldif/configuration/README.md → roles/svc-db-openldap/templates/ldif/configuration/README.md
View File

0
roles/svc-openldap/templates/ldif/data/01_rbac_group.ldif.j2 → roles/svc-db-openldap/templates/ldif/data/01_rbac_group.ldif.j2
View File

0
roles/svc-openldap/templates/ldif/data/02_rbac_roles.ldif.j2 → roles/svc-db-openldap/templates/ldif/data/02_rbac_roles.ldif.j2
View File

0
roles/svc-openldap/templates/ldif/data/README.md → roles/svc-db-openldap/templates/ldif/data/README.md
View File

6
roles/svc-db-openldap/templates/nginx.stream.conf.j2 Normal file
View File

@@ -0,0 +1,6 @@
server {
listen {{ ports.public.ldaps['svc-db-openldap'] }}ssl;
proxy_pass 127.0.0.1:{{ ports.localhost.ldap['svc-db-openldap'] }};
{% include 'roles/srv-web-7-7-letsencrypt/templates/ssl_credentials.j2' %}
}

0
roles/svc-openldap/users/main.yml → roles/svc-db-openldap/users/main.yml
View File

4
roles/svc-openldap/vars/main.yml → roles/svc-db-openldap/vars/main.yml
View File

@@ -1,9 +1,9 @@
application_id: "openldap"
application_id: "svc-db-openldap"
# LDAP Variables
ldaps_docker_port: 636
ldap_docker_port: 389
ldap_server_uri: "ldap://127.0.0.1:{{ ports.localhost.ldap.openldap }}"
ldap_server_uri: "ldap://127.0.0.1:{{ ports.localhost.ldap['svc-db-openldap'] }}"
ldap_hostname: "{{ applications[application_id].hostname }}"
ldap_bind_dn: "{{ ldap.dn.administrator.configuration }}"
ldap_bind_pw: "{{ applications[application_id].credentials.administrator_password }}"

0
roles/svc-postgres/Administration.md → roles/svc-db-postgres/Administration.md
View File

0
roles/svc-postgres/README.md → roles/svc-db-postgres/README.md
View File

0
roles/svc-postgres/Todo.md → roles/svc-db-postgres/Todo.md
View File

0
roles/svc-postgres/Upgrade.md → roles/svc-db-postgres/Upgrade.md
View File

6
roles/svc-postgres/config/main.yml → roles/svc-db-postgres/config/main.yml
View File

@@ -1,6 +1,6 @@
hostname: "central-postgres"
network: "central_postgres"
port: 5432
hostname: "svc-db-postgres"
network: "svc-db-postgres"
port: 5432
docker:
images:
# Postgis is necessary for mobilizon

0
roles/svc-postgres/meta/main.yml → roles/svc-db-postgres/meta/main.yml
View File

0
roles/svc-postgres/schema/main.yml → roles/svc-db-postgres/schema/main.yml
View File

0
roles/svc-postgres/tasks/init_database.yml → roles/svc-db-postgres/tasks/init_database.yml
View File

4
roles/svc-postgres/tasks/main.yml → roles/svc-db-postgres/tasks/main.yml
View File

@@ -3,7 +3,7 @@
name: "{{ applications[application_id].network }}"
state: present
ipam_config:
- subnet: "{{ networks.local.postgres.subnet }}"
- subnet: "{{ networks.local['svc-db-postgres'].subnet }}"
when: run_once_docker_postgres is not defined
- name: Install PostgreSQL
@@ -19,7 +19,7 @@
published_ports:
- "127.0.0.1:{{ applications[application_id].port }}:5432"
volumes:
- central_postgres_database:/var/lib/postgresql/data
- postgres_database:/var/lib/postgresql/data
restart_policy: "{{ docker_restart_policy }}"
healthcheck:
test: ["CMD-SHELL", "pg_isready -U postgres"]

1
roles/svc-db-postgres/vars/main.yml Normal file
View File

@@ -0,0 +1 @@
application_id: svc-db-postgres

2
roles/svc-mariadb/config/main.yml
View File

@@ -1,2 +0,0 @@
version: "latest"
hostname: "central-mariadb"

1
roles/svc-mariadb/vars/main.yml
View File

@@ -1 +0,0 @@
application_id: mariadb

6
roles/svc-openldap/templates/nginx.stream.conf.j2
View File

@@ -1,6 +0,0 @@
server {
listen {{ports.public.ldaps.ldap}}ssl;
proxy_pass 127.0.0.1:{{ports.localhost.ldap.openldap}};
{% include 'roles/srv-web-7-7-letsencrypt/templates/ssl_credentials.j2' %}
}

1
roles/svc-postgres/vars/main.yml
View File

@@ -1 +0,0 @@
application_id: postgres

2
roles/update-docker/templates/update-docker.py.j2
View File

@@ -133,7 +133,7 @@ def update_discourse(directory):
update_procedure("docker stop {{applications.discourse.container}}")
update_procedure("docker rm {{applications.discourse.container}}")
try:
update_procedure("docker network connect {{applications.discourse.network}} {{ applications['postgres'].hostname }}")
update_procedure("docker network connect {{applications.discourse.network}} {{ applications['bpostgres'].hostname }}")
except subprocess.CalledProcessError as e:
error_message = e.output.decode()
if "already exists" in error_message or "is already connected" in error_message:

4
roles/web-app-akaunting/tasks/main.yml
View File

@@ -1,5 +1,5 @@
---
- name: "load docker, db and proxy for {{application_id}}"
- name: "For '{{ application_id }}': load docker, db and proxy"
include_role:
name: cmp-db-docker-proxy
@@ -9,7 +9,7 @@
detached_files:
- "docker-compose.yml"
- name: "create {{docker_compose.files.env}}"
- name: "For '{{ application_id }}': create {{docker_compose.files.env}}"
template:
src: "env.j2"
dest: "{{docker_compose.files.env}}"

8
roles/web-app-attendize/tasks/main.yml
View File

@@ -1,9 +1,9 @@
---
- name: "load docker and db for {{application_id}}"
- name: "For '{{ application_id }}': load docker and db"
include_role:
name: cmp-db-docker
- name: "include role for {{application_id}} to receive certs & do modification routines"
- name: "For '{{ application_id }}': include role to receive certs & do modification routines"
include_role:
name: srv-web-7-6-composer
vars:
@@ -13,13 +13,13 @@
- "{{ domains | get_domain('mailu') }}"
- "{{ domain }}"
- name: configure {{domains | get_domain(application_id)}}.conf
- name: "For '{{ application_id }}': configure {{domains | get_domain(application_id)}}.conf"
template:
src: roles/srv-proxy-7-4-core/templates/vhost/basic.conf.j2
dest: "{{nginx.directories.http.servers}}{{domains | get_domain(application_id)}}.conf"
notify: restart nginx
- name: "include tasks update-repository-with-files.yml"
- name: "For '{{ application_id }}': include tasks update-repository-with-files.yml"
include_tasks: utils/update-repository-with-files.yml
vars:
detached_files:

2
roles/web-app-baserow/tasks/main.yml
View File

@@ -1,4 +1,4 @@
---
- name: "load docker, db and proxy for {{application_id}}"
- name: "For '{{ application_id }}': load docker, db and proxy"
include_role:
name: cmp-db-docker-proxy

2
roles/web-app-bigbluebutton/tasks/main.yml
View File

@@ -17,7 +17,7 @@
database_username: "postgres"
database_name: "" # Multiple databases
- name: "include role srv-proxy-6-6-domain for {{application_id}}"
- name: "include role srv-proxy-6-6-domain"
include_role:
name: srv-proxy-6-6-domain

2
roles/web-app-collabora/tasks/main.yml
View File

@@ -10,7 +10,7 @@
- name: Create Docker network for Collabora
docker_network:
name: central_mariadb
name: svc-db-mariadb
state: present
ipam_config:
- subnet: "{{ networks.local.collabora.subnet }}"

6
roles/web-app-discourse/tasks/main.yml
View File

@@ -43,13 +43,13 @@
meta: flush_handlers
when: run_once_docker_discourse is not defined
- name: "Connect {{ applications[application_id].container }} to network {{ applications['postgres'].network }}"
- name: "Connect {{ applications[application_id].container }} to network {{ applications['svc-db-postgres'].network }}"
command: >
docker network connect {{ applications['postgres'].network }} {{ applications[application_id].container }}
docker network connect {{ applications['svc-db-postgres'].network }} {{ applications[application_id].container }}
register: network_connect
failed_when: >
network_connect.rc != 0 and
'Error response from daemon: endpoint with name {{ applications[application_id].container }} already exists in network {{ applications['postgres'].network }}'
'Error response from daemon: endpoint with name {{ applications[application_id].container }} already exists in network {{ applications["svc-db-postgres"].network }}'
not in network_connect.stderr
changed_when: network_connect.rc == 0
when:

2
roles/web-app-matrix/tasks/create-and-seed-database.yml
View File

@@ -6,7 +6,7 @@
# - database_password
- name: "create {{database_name}} database"
include_role:
name: svc-postgres
name: svc-db-postgres
when: applications | is_feature_enabled('central_database',application_id)
- name: "include seed-database-to-backup.yml"

2
roles/web-app-nextcloud/vars/plugins/user_ldap.yml
View File

@@ -27,7 +27,7 @@ plugin_configuration:
-
appid: "user_ldap"
configkey: "s01ldap_backup_port"
configvalue: "{{ ports.localhost.ldap.openldap }}" # This is just optimized for local port @todo implement for external ports as well
configvalue: "{{ ports.localhost.ldap['svc-db-openldap'] }}" # This is just optimized for local port @todo implement for external ports as well
-
appid: "user_ldap"

2
roles/web-app-pgadmin/vars/db_config.yml
View File

@@ -9,6 +9,6 @@ pgadmin_servers:
port: "{{ database_port }}"
username: "postgres"
maintenance_db: "postgres"
password: "{{ applications['postgres'].credentials.postgres_password }}"
password: "{{ applications['svc-db-postgres'].credentials.postgres_password }}"
# Here you can add more databases

2
roles/web-app-pgadmin/vars/main.yml
View File

@@ -1,5 +1,5 @@
application_id: "pgadmin"
database_type: "postgres"
database_host: "{{ 'central-' + database_type if applications | is_feature_enabled('central_database',application_id) }}"
database_host: "{{ applications['svc-db-postgres'].hostname if applications | is_feature_enabled('central_database',application_id) }}"
pgadmin_user: 5050
pgadmin_group: "{{pgadmin_user}}"

4
roles/web-app-phpmyadmin/templates/env.j2
View File

@@ -1,7 +1,7 @@
# Configuration @see https://hub.docker.com/_/phpmyadmin
PMA_HOST={{applications['mariadb'].hostname}}
PMA_HOST={{applications['svc-db-mariadb'].hostname}}
{% if applications[application_id].autologin | bool %}
PMA_USER= root
PMA_PASSWORD= "{{applications['mariadb'].credentials.root_password}}"
PMA_PASSWORD= "{{applications['svc-db-mariadb'].credentials.root_password}}"
{% endif %}

2
roles/web-app-phpmyadmin/vars/main.yml
View File

@@ -1,3 +1,3 @@
application_id: "phpmyadmin"
database_type: "mariadb"
database_host: "{{ 'central-' + database_type if applications | is_feature_enabled('central_database',application_id) }}"
database_host: "{{ applications['svc-db-mariadb'].hostname if applications | is_feature_enabled('central_database',application_id) }}"