From 45d9da31256c297f533987b13b011e9ade46a21c Mon Sep 17 00:00:00 2001 From: Kevin Veen-Birkenbach Date: Sat, 19 Jul 2025 16:45:04 +0200 Subject: [PATCH] Implemented friendica database credentials update (untested) --- group_vars/all/09_ports.yml | 2 +- group_vars/all/10_networks.yml | 2 +- roles/web-app-friendica/tasks/01_ldap.yml | 9 ++++ roles/web-app-friendica/tasks/02_database.yml | 34 +++++++++++++ roles/web-app-friendica/tasks/03_addons.yml | 35 +++++++++++++ roles/web-app-friendica/tasks/main.yml | 50 +++---------------- roles/web-app-friendica/vars/main.yml | 15 +++--- 7 files changed, 95 insertions(+), 52 deletions(-) create mode 100644 roles/web-app-friendica/tasks/01_ldap.yml create mode 100644 roles/web-app-friendica/tasks/02_database.yml create mode 100644 roles/web-app-friendica/tasks/03_addons.yml diff --git a/group_vars/all/09_ports.yml b/group_vars/all/09_ports.yml index 027305c0..6f5bf52b 100644 --- a/group_vars/all/09_ports.yml +++ b/group_vars/all/09_ports.yml @@ -49,7 +49,7 @@ ports: web-app-akaunting: 8025 web-app-moodle: 8026 taiga: 8027 - friendica: 8028 + web-app-friendica: 8028 web-app-port-ui: 8029 bluesky_api: 8030 bluesky_web: 8031 diff --git a/group_vars/all/10_networks.yml b/group_vars/all/10_networks.yml index 4a586909..8f3b91da 100644 --- a/group_vars/all/10_networks.yml +++ b/group_vars/all/10_networks.yml @@ -18,7 +18,7 @@ defaults_networks: subnet: 192.168.101.48/28 bluesky: subnet: 192.168.101.64/28 - friendica: + web-app-friendica: subnet: 192.168.101.80/28 funkwhale: subnet: 192.168.101.96/28 diff --git a/roles/web-app-friendica/tasks/01_ldap.yml b/roles/web-app-friendica/tasks/01_ldap.yml new file mode 100644 index 00000000..042aafac --- /dev/null +++ b/roles/web-app-friendica/tasks/01_ldap.yml @@ -0,0 +1,9 @@ +- name: "create {{ friendica_host_ldap_config }}" + template: + src: "ldapauth.config.php.j2" + dest: "{{ friendica_host_ldap_config }}" + mode: '644' + owner: root + group: 33 + force: yes + notify: docker compose up \ No newline at end of file diff --git a/roles/web-app-friendica/tasks/02_database.yml b/roles/web-app-friendica/tasks/02_database.yml new file mode 100644 index 00000000..e123d75e --- /dev/null +++ b/roles/web-app-friendica/tasks/02_database.yml @@ -0,0 +1,34 @@ +- name: flush handlers to ensure that friendica is up before friendica addon configuration + meta: flush_handlers +- name: Check if Friendica local.config.php exists + command: docker exec --user {{ friendica_user }} {{ friendica_container }} test -f {{ friendica_config_file }} + register: friendica_config_exists + changed_when: false + failed_when: false + +- name: Patch Friendica local.config.php with updated DB credentials + when: friendica_config_exists.rc == 0 + block: + - name: Update DB host + command: > + docker exec --user {{ friendica_user }} {{ friendica_container }} + sed -i "s/'hostname' => .*/'hostname' => '{{ database_host }}:{{ database_port }}',/" {{ friendica_config_file }} + notify: docker compose up + + - name: Update DB name + command: > + docker exec --user {{ friendica_user }} {{ friendica_container }} + sed -i "s/'database' => .*/'database' => '{{ database_name }}',/" {{ friendica_config_file }} + notify: docker compose up + + - name: Update DB user + command: > + docker exec --user {{ friendica_user }} {{ friendica_container }} + sed -i "s/'username' => .*/'username' => '{{ database_username }}',/" {{ friendica_config_file }} + notify: docker compose up + + - name: Update DB password + command: > + docker exec --user {{ friendica_user }} {{ friendica_container }} + sed -i "s/'password' => .*/'password' => '{{ database_password }}',/" {{ friendica_config_file }} + notify: docker compose up diff --git a/roles/web-app-friendica/tasks/03_addons.yml b/roles/web-app-friendica/tasks/03_addons.yml new file mode 100644 index 00000000..f8904d84 --- /dev/null +++ b/roles/web-app-friendica/tasks/03_addons.yml @@ -0,0 +1,35 @@ +- name: flush handlers to ensure that friendica is up before friendica addon configuration + meta: flush_handlers + +- name: Build friendica_addons based on features + set_fact: + friendica_addons: >- + {{ + friendica_addons | default([]) + + [{ + 'name': item.key, + 'enabled': ( + applications | get_app_conf(application_id, 'features.oidc', True) + if item.key == 'keycloakpassword' + else applications | get_app_conf(application_id, 'features.ldap', True) + if item.key == 'ldapauth' + else (item.value.enabled if item.value is mapping and 'enabled' in item.value else False) + ) + }] + }} + loop: "{{ applications | get_app_conf(application_id, 'addons', True) | dict2items }}" + loop_control: + label: "{{ item.key }}" + +- name: Ensure Friendica addons are in sync + command: > + docker compose exec --user {{ friendica_user }} + application + bin/console addon + {{ 'enable' if item.enabled else 'disable' }} + {{ item.name }} + args: + chdir: "{{ docker_compose.directories.instance }}" + loop: "{{ friendica_addons }}" + loop_control: + label: "{{ item.name }}" \ No newline at end of file diff --git a/roles/web-app-friendica/tasks/main.yml b/roles/web-app-friendica/tasks/main.yml index e1fc9bcd..cea1f3f4 100644 --- a/roles/web-app-friendica/tasks/main.yml +++ b/roles/web-app-friendica/tasks/main.yml @@ -3,50 +3,12 @@ include_role: name: cmp-db-docker-proxy -- name: "create {{ friendica_host_ldap_config }}" - template: - src: "ldapauth.config.php.j2" - dest: "{{ friendica_host_ldap_config }}" - mode: '644' - owner: root - group: 33 - force: yes - notify: docker compose up +- name: Integrate LDAP + include_tasks: 01_ldap.yml when: applications | get_app_conf(application_id, 'features.ldap', False) -- name: Build friendica_addons based on features - set_fact: - friendica_addons: >- - {{ - friendica_addons | default([]) - + [{ - 'name': item.key, - 'enabled': ( - applications | get_app_conf(application_id, 'features.oidc', True) - if item.key == 'keycloakpassword' - else applications | get_app_conf(application_id, 'features.ldap', True) - if item.key == 'ldapauth' - else (item.value.enabled if item.value is mapping and 'enabled' in item.value else False) - ) - }] - }} - loop: "{{ applications | get_app_conf(application_id, 'addons', True) | dict2items }}" - loop_control: - label: "{{ item.key }}" - -- name: flush handlers to ensure that friendica is up before friendica addon configuration - meta: flush_handlers - -- name: Ensure Friendica addons are in sync - command: > - docker compose exec --user www-data - application - bin/console addon - {{ 'enable' if item.enabled else 'disable' }} - {{ item.name }} - args: - chdir: "{{ docker_compose.directories.instance }}" - loop: "{{ friendica_addons }}" - loop_control: - label: "{{ item.name }}" +- name: Update Friendica DB credentials + include_tasks: 02_database.yml +- name: Add Friendica Add Ons + include_tasks: 03_addons.yml \ No newline at end of file diff --git a/roles/web-app-friendica/vars/main.yml b/roles/web-app-friendica/vars/main.yml index 2c930c33..1fd3341e 100644 --- a/roles/web-app-friendica/vars/main.yml +++ b/roles/web-app-friendica/vars/main.yml @@ -1,8 +1,11 @@ -application_id: "friendica" +application_id: "web-app-friendica" database_type: "mariadb" - -friendica_no_validation: "{{ applications | get_app_conf(application_id, 'features.oidc', True) }}" # Email validation is not neccessary if OIDC is active -friendica_application_base: "/var/www/html" -friendica_docker_ldap_config: "{{friendica_application_base}}/config/ldapauth.config.php" -friendica_host_ldap_config: "{{ docker_compose.directories.volumes }}ldapauth.config.php" +friendica_container: "application" +friendica_no_validation: "{{ applications | get_app_conf(application_id, 'features.oidc', True) }}" # Email validation is not neccessary if OIDC is active +friendica_application_base: "/var/www/html" +friendica_docker_ldap_config: "{{friendica_application_base}}/config/ldapauth.config.php" +friendica_host_ldap_config: "{{ docker_compose.directories.volumes }}ldapauth.config.php" +friendica_config_dir: "{{ friendica_application_base }}/config" +friendica_config_file: "{{ friendica_config_dir }}/local.config.php" +friendica_user: "www-data"