Implemented friendica database credentials update (untested)

2025-07-20 15:21:10 +02:00 · 2025-07-19 16:45:04 +02:00 · 2025-07-19 16:45:04 +02:00 · 45d9da3125
commit 45d9da3125
parent 8ccfb1dfbe
7 changed files with 95 additions and 52 deletions
--- a/group_vars/all/09_ports.yml
+++ b/group_vars/all/09_ports.yml
@ -49,7 +49,7 @@ ports:
      web-app-akaunting: 8025
      web-app-moodle: 8026
      taiga: 8027
-      friendica: 8028
+      web-app-friendica: 8028
      web-app-port-ui: 8029
      bluesky_api: 8030
      bluesky_web: 8031
--- a/group_vars/all/10_networks.yml
+++ b/group_vars/all/10_networks.yml
@ -18,7 +18,7 @@ defaults_networks:
      subnet: 192.168.101.48/28
    bluesky:
      subnet: 192.168.101.64/28
-    friendica:
+    web-app-friendica:
      subnet: 192.168.101.80/28
    funkwhale:
      subnet: 192.168.101.96/28
--- a/roles/web-app-friendica/tasks/01_ldap.yml
+++ b/roles/web-app-friendica/tasks/01_ldap.yml
@ -0,0 +1,9 @@
+- name: "create {{ friendica_host_ldap_config }}"
+  template: 
+    src:  "ldapauth.config.php.j2" 
+    dest: "{{ friendica_host_ldap_config }}"
+    mode: '644'
+    owner: root
+    group: 33
+    force: yes
+  notify: docker compose up
--- a/roles/web-app-friendica/tasks/02_database.yml
+++ b/roles/web-app-friendica/tasks/02_database.yml
@ -0,0 +1,34 @@
+- name: flush handlers to ensure that friendica is up before friendica addon configuration
+  meta: flush_handlers
+- name: Check if Friendica local.config.php exists
+  command: docker exec --user {{ friendica_user }} {{ friendica_container }} test -f {{ friendica_config_file }}
+  register: friendica_config_exists
+  changed_when: false
+  failed_when: false
+
+- name: Patch Friendica local.config.php with updated DB credentials
+  when: friendica_config_exists.rc == 0
+  block:
+    - name: Update DB host
+      command: >
+        docker exec --user {{ friendica_user }} {{ friendica_container }}
+        sed -i "s/'hostname' => .*/'hostname' => '{{ database_host }}:{{ database_port }}',/" {{ friendica_config_file }}
+      notify: docker compose up
+
+    - name: Update DB name
+      command: >
+        docker exec --user {{ friendica_user }} {{ friendica_container }}
+        sed -i "s/'database' => .*/'database' => '{{ database_name }}',/" {{ friendica_config_file }}
+      notify: docker compose up
+
+    - name: Update DB user
+      command: >
+        docker exec --user {{ friendica_user }} {{ friendica_container }}
+        sed -i "s/'username' => .*/'username' => '{{ database_username }}',/" {{ friendica_config_file }}
+      notify: docker compose up
+
+    - name: Update DB password
+      command: >
+        docker exec --user {{ friendica_user }} {{ friendica_container }}
+        sed -i "s/'password' => .*/'password' => '{{ database_password }}',/" {{ friendica_config_file }}
+      notify: docker compose up
--- a/roles/web-app-friendica/tasks/03_addons.yml
+++ b/roles/web-app-friendica/tasks/03_addons.yml
@ -0,0 +1,35 @@
+- name: flush handlers to ensure that friendica is up before friendica addon configuration
+  meta: flush_handlers
+
+- name: Build friendica_addons based on features
+  set_fact:
+    friendica_addons: >-
+      {{
+        friendica_addons | default([])
+        + [{
+            'name': item.key,
+            'enabled': (
+              applications | get_app_conf(application_id, 'features.oidc', True)
+                if item.key == 'keycloakpassword'
+              else applications | get_app_conf(application_id, 'features.ldap', True)
+                if item.key == 'ldapauth'
+              else (item.value.enabled if item.value is mapping and 'enabled' in item.value else False)
+            )
+          }]
+      }}
+  loop: "{{ applications | get_app_conf(application_id, 'addons', True) | dict2items }}"
+  loop_control:
+    label: "{{ item.key }}"
+
+- name: Ensure Friendica addons are in sync
+  command: >
+    docker compose exec --user {{ friendica_user }}
+    application
+    bin/console addon
+    {{ 'enable' if item.enabled else 'disable' }}
+    {{ item.name }}
+  args:
+    chdir: "{{ docker_compose.directories.instance }}"
+  loop: "{{ friendica_addons }}"
+  loop_control:
+    label: "{{ item.name }}"
--- a/roles/web-app-friendica/tasks/main.yml
+++ b/roles/web-app-friendica/tasks/main.yml
@ -3,50 +3,12 @@
  include_role: 
    name: cmp-db-docker-proxy

- name: "create {{ friendica_host_ldap_config }}"
-  template: 
-    src:  "ldapauth.config.php.j2" 
-    dest: "{{ friendica_host_ldap_config }}"
-    mode: '644'
-    owner: root
-    group: 33
-    force: yes
-  notify: docker compose up
+- name: Integrate LDAP
+  include_tasks: 01_ldap.yml
  when: applications | get_app_conf(application_id, 'features.ldap', False)

- name: Build friendica_addons based on features
-  set_fact:
-    friendica_addons: >-
-      {{
-        friendica_addons | default([])
-        + [{
-            'name': item.key,
-            'enabled': (
-              applications | get_app_conf(application_id, 'features.oidc', True)
-                if item.key == 'keycloakpassword'
-              else applications | get_app_conf(application_id, 'features.ldap', True)
-                if item.key == 'ldapauth'
-              else (item.value.enabled if item.value is mapping and 'enabled' in item.value else False)
-            )
-          }]
-      }}
-  loop: "{{ applications | get_app_conf(application_id, 'addons', True) | dict2items }}"
-  loop_control:
-    label: "{{ item.key }}"
-
- name: flush handlers to ensure that friendica is up before friendica addon configuration
-  meta: flush_handlers
-
- name: Ensure Friendica addons are in sync
-  command: >
-    docker compose exec --user www-data
-    application
-    bin/console addon
-    {{ 'enable' if item.enabled else 'disable' }}
-    {{ item.name }}
-  args:
-    chdir: "{{ docker_compose.directories.instance }}"
-  loop: "{{ friendica_addons }}"
-  loop_control:
-    label: "{{ item.name }}"
+- name: Update Friendica DB credentials
+  include_tasks: 02_database.yml

+- name: Add Friendica Add Ons
+  include_tasks: 03_addons.yml
--- a/roles/web-app-friendica/vars/main.yml
+++ b/roles/web-app-friendica/vars/main.yml
@ -1,8 +1,11 @@
-application_id:     "friendica"
+application_id:     "web-app-friendica"
 database_type:      "mariadb"
-
-friendica_no_validation:       "{{ applications | get_app_conf(application_id, 'features.oidc', True) }}" # Email validation is not neccessary if OIDC is active
-friendica_application_base:    "/var/www/html"
-friendica_docker_ldap_config:  "{{friendica_application_base}}/config/ldapauth.config.php"
-friendica_host_ldap_config:    "{{ docker_compose.directories.volumes }}ldapauth.config.php"
+friendica_container:            "application"
+friendica_no_validation:        "{{ applications | get_app_conf(application_id, 'features.oidc', True) }}" # Email validation is not neccessary if OIDC is active
+friendica_application_base:     "/var/www/html"
+friendica_docker_ldap_config:   "{{friendica_application_base}}/config/ldapauth.config.php"
+friendica_host_ldap_config:     "{{ docker_compose.directories.volumes }}ldapauth.config.php"
+friendica_config_dir:           "{{ friendica_application_base }}/config"
+friendica_config_file:          "{{ friendica_config_dir }}/local.config.php"
+friendica_user:                 "www-data"