diff --git a/group_vars/all/00_general.yml b/group_vars/all/00_general.yml
index 626ac9d9..cc2e7d42 100644
--- a/group_vars/all/00_general.yml
+++ b/group_vars/all/00_general.yml
@@ -1,8 +1,16 @@
-# General
-pause_duration: "120" # Database delay to wait for the central database before continue tasks
-timezone: "Etc/UTC"
-locale: "en" # Some applications are case sensitive
+HOST_CURRENCY: "EUR"
+HOST_TIMEZONE: "UTC"
+
+# https://en.wikipedia.org/wiki/ISO_639
+HOST_LL: "en" # Some applications are case sensitive
+HOST_LL_CC: "{{HOST_LL}}_{{HOST_LL | upper }}"
+
+HOST_DATE_FORMAT: "YYYY-MM-DD"
+HOST_TIME_FORMAT: "HH:mm"
+
+HOST_THOUSAND_SEPARATOR: "."
+HOST_DECIMAL_MARK: ","
# Deployment mode
deployment_mode: "single" # Use single, if you deploy on one server. Use cluster if you setup in cluster mode.
diff --git a/group_vars/all/09_ports.yml b/group_vars/all/09_ports.yml
index 1908218a..4f1df7bb 100644
--- a/group_vars/all/09_ports.yml
+++ b/group_vars/all/09_ports.yml
@@ -1,6 +1,7 @@
ports:
# Ports which are exposed to localhost
localhost:
+ # https://developer.mozilla.org/de/docs/Web/API/WebSockets_API
websocket:
mastodon: 4001
espocrm: 4002
diff --git a/roles/docker-akaunting/templates/env.j2 b/roles/docker-akaunting/templates/env.j2
index 5bc388ca..14cab9f9 100644
--- a/roles/docker-akaunting/templates/env.j2
+++ b/roles/docker-akaunting/templates/env.j2
@@ -1,6 +1,6 @@
# You should change this to match your reverse proxy DNS name and protocol
APP_URL=https://{{domains[application_id]}}
-LOCALE={{locale}}
+LOCALE={{ HOST_LL }}
# Don't change this unless you rename your database container or use rootless podman, in case of using rootless podman you should set it to 127.0.0.1 (NOT localhost)
DB_HOST={{database_host}}
diff --git a/roles/docker-discourse/templates/discourse_application.yml.j2 b/roles/docker-discourse/templates/discourse_application.yml.j2
index d8608603..4e009bbf 100644
--- a/roles/docker-discourse/templates/discourse_application.yml.j2
+++ b/roles/docker-discourse/templates/discourse_application.yml.j2
@@ -34,7 +34,7 @@ env:
LC_ALL: en_US.UTF-8
LANG: en_US.UTF-8
LANGUAGE: en_US.UTF-8
- #DISCOURSE_DEFAULT_LOCALE: {{locale}} # Deactivated because not right format was selected @todo find right format
+ #DISCOURSE_DEFAULT_LOCALE: {{ HOST_LL }} # Deactivated because not right format was selected @todo find right format
## How many concurrent web requests are supported? Depends on memory and CPU cores.
## will be set automatically by bootstrap based on detected CPUs, or you can override
diff --git a/roles/docker-espocrm/tasks/main.yml b/roles/docker-espocrm/tasks/main.yml
index 01e6828b..12932e50 100644
--- a/roles/docker-espocrm/tasks/main.yml
+++ b/roles/docker-espocrm/tasks/main.yml
@@ -16,13 +16,3 @@
- name: "copy docker-compose.yml and env file"
include_tasks: copy-docker-compose-and-env.yml
-
-- name: flush docker service
- meta: flush_handlers
- when: applications.espocrm.setup | bool
-
-- name: "run database setup / upgrade"
- command:
- cmd: "docker compose run --rm web php command.php upgrade"
- chdir: "{{ docker_compose.directories.instance }}"
- when: applications.espocrm.setup | bool
diff --git a/roles/docker-espocrm/templates/docker-compose.yml.j2 b/roles/docker-espocrm/templates/docker-compose.yml.j2
index bda42090..2378aa81 100644
--- a/roles/docker-espocrm/templates/docker-compose.yml.j2
+++ b/roles/docker-espocrm/templates/docker-compose.yml.j2
@@ -5,52 +5,41 @@ services:
web:
image: espocrm/espocrm:{{ applications.espocrm.version }}
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
- environment:
- # --- DB connection ----------------------------------------------------
- - ESPOCRM_DATABASE_PLATFORM=Mysql
- - ESPOCRM_DATABASE_HOST={{ database_host }}
- - ESPOCRM_DATABASE_PORT={{ database_port }}
- - ESPOCRM_DATABASE_NAME={{ database_name }}
- - ESPOCRM_DATABASE_USER={{ database_username }}
- - ESPOCRM_DATABASE_PASSWORD={{ database_password }}
- # --- initial admin & site URL ----------------------------------------
- - ESPOCRM_ADMIN_USERNAME={{ applications[application_id].credentials.admin.username }}
- - ESPOCRM_ADMIN_PASSWORD={{ applications[application_id].credentials.admin.password }}
- - ESPOCRM_SITE_URL={{ web_protocol }}://{{ domains[application_id] }}
command: "php-fpm"
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost/"]
ports:
- "127.0.0.1:{{ ports.localhost.http[application_id] }}:80"
-{% include 'templates/docker/container/depends-on-database.yml.j2' %}
+{% include 'templates/docker/container/depends-on-just-database.yml.j2' %}
{% include 'templates/docker/container/networks.yml.j2' %}
volumes:
- data:/var/www/html
daemon:
image: espocrm/espocrm:{{ applications.espocrm.version }}
-{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
+ restart: {{docker_restart_policy}}
+ logging:
+ driver: journald
entrypoint: docker-daemon.sh
-{% include 'templates/docker/container/depends-on-database.yml.j2' %}
{% include 'templates/docker/container/networks.yml.j2' %}
volumes:
- data:/var/www/html
- restart: unless-stopped
websocket:
image: espocrm/espocrm:{{ applications.espocrm.version }}
-{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
+ restart: {{docker_restart_policy}}
+ logging:
+ driver: journald
environment:
- ESPOCRM_CONFIG_USE_WEB_SOCKET=true
- ESPOCRM_CONFIG_WEB_SOCKET_URL=ws://{{ domains[application_id] }}/ws
- ESPOCRM_CONFIG_WEB_SOCKET_ZERO_M_Q_SUBSCRIBER_DSN=tcp://*:7777
- ESPOCRM_CONFIG_WEB_SOCKET_ZERO_M_Q_SUBMISSION_DSN=tcp://websocket:7777
entrypoint: docker-websocket.sh
-{% include 'templates/docker/container/depends-on-database.yml.j2' %}
+{% include 'templates/docker/container/depends-on-just-database.yml.j2' %}
{% include 'templates/docker/container/networks.yml.j2' %}
volumes:
- data:/var/www/html
- restart: unless-stopped
ports:
- "{{ ports.localhost.websocket[application_id] | default('127.0.0.1:8081') }}:8080"
diff --git a/roles/docker-espocrm/templates/env.j2 b/roles/docker-espocrm/templates/env.j2
index 5b4d2fbd..3827e584 100644
--- a/roles/docker-espocrm/templates/env.j2
+++ b/roles/docker-espocrm/templates/env.j2
@@ -1,44 +1,98 @@
-# EspoCRM environment
+#############################################
+# EspoCRM Docker Environment (.env) – ENGLISH
+# See: https://hub.docker.com/r/espocrm/espocrm
+#############################################
+
+# ------------------------------------------------
# Database connection
+# ------------------------------------------------
+ESPOCRM_DATABASE_PLATFORM=Mysql
ESPOCRM_DATABASE_HOST={{ database_host }}
ESPOCRM_DATABASE_PORT={{ database_port }}
ESPOCRM_DATABASE_NAME={{ database_name }}
ESPOCRM_DATABASE_USER={{ database_username }}
ESPOCRM_DATABASE_PASSWORD={{ database_password }}
-# Cron toggle
+
+# Disable EspoCRM’s built-in cron (handled externally)
CRON_DISABLED=true
-ESPOCRM_ADMIN_USERNAME: admin
-ESPOCRM_ADMIN_PASSWORD: password
-ESPOCRM_SITE_URL: "http://localhost:8080"
+# ------------------------------------------------
+# Initial admin account
+# ------------------------------------------------
+ESPOCRM_ADMIN_USERNAME={{ applications[application_id].users.administrator.username }}
+ESPOCRM_ADMIN_PASSWORD={{ applications[application_id].credentials.administrator.password }}
-# SMTP settings (example)
-SMTP_HOST={{ system_email.host }}
-SMTP_PORT={{ system_email.port }}
-SMTP_USER={{ users['no-reply'].email }}
-SMTP_PASS={{ users['no-reply'].mailu_token }}
-SMTP_SECURE=tls
+# Public base URL of the EspoCRM instance
+ESPOCRM_SITE_URL={{ web_protocol }}://{{ domains[application_id] }}
-###################################
+# ------------------------------------------------
+# General UI & locale settings
+# ------------------------------------------------
+ESPOCRM_CONFIG_LANGUAGE={{ HOST_LL_CC }}
+ESPOCRM_CONFIG_DATE_FORMAT={{ HOST_DATE_FORMAT }}
+ESPOCRM_CONFIG_TIME_FORMAT={{ HOST_TIME_FORMAT }}
+ESPOCRM_CONFIG_TIME_ZONE={{ HOST_TIMEZONE }}
+# ESPOCRM_CONFIG_WEEK_START: 0 = Sunday, 1 = Monday
+ESPOCRM_CONFIG_WEEK_START=1
+ESPOCRM_CONFIG_DEFAULT_CURRENCY={{ HOST_CURRENCY }}
+ESPOCRM_CONFIG_THOUSAND_SEPARATOR={{ HOST_THOUSAND_SEPARATOR }}
+ESPOCRM_CONFIG_DECIMAL_MARK={{HOST_DECIMAL_MARK}}
+
+# ------------------------------------------------
+# Logger
+# ------------------------------------------------
+ESPOCRM_CONFIG_LOGGER_LEVEL={{ 'DEBUG' if enable_debug | bool else 'INFO' }}
+ESPOCRM_CONFIG_LOGGER_PATH=php://stdout
+ESPOCRM_CONFIG_LOGGER_ROTATION=false
+
+# ------------------------------------------------
+# System SMTP settings
+# ------------------------------------------------
+ESPOCRM_CONFIG_SMTP_SERVER={{ system_email.host }}
+ESPOCRM_CONFIG_SMTP_PORT={{ system_email.port }}
+ESPOCRM_CONFIG_SMTP_SECURITY=TLS
+ESPOCRM_CONFIG_SMTP_AUTH=true
+ESPOCRM_CONFIG_SMTP_USERNAME={{ users['no-reply'].email }}
+ESPOCRM_CONFIG_SMTP_PASSWORD={{ users['no-reply'].mailu_token }}
+ESPOCRM_CONFIG_OUTBOUND_EMAIL_FROM_NAME={{ service_provider.company.titel }} - CRM
+ESPOCRM_CONFIG_OUTBOUND_EMAIL_FROM_ADDRESS={{ users['no-reply'].email }}
+
+# ------------------------------------------------
# LDAP settings (optional)
-###################################
+# Applied only if the feature flag is true
+# ------------------------------------------------
{% if applications[application_id].features.ldap | bool %}
-LDAP_ENABLED=true
-LDAP_HOST={{ ldap.server.domain }}
-LDAP_PORT={{ ldap.server.port }}
-LDAP_BASE_DN={{ ldap.dn.users }}
-LDAP_BIND_DN={{ ldap.dn.administrator }}
-LDAP_BIND_PASSWORD={{ ldap.bind_credential }}
-LDAP_UID_ATTRIBUTE={{ ldap.attributes.user_id }}
+ESPOCRM_CONFIG_AUTHENTICATION_METHOD=Ldap
+ESPOCRM_CONFIG_LDAP_HOST={{ ldap.server.domain }}
+ESPOCRM_CONFIG_LDAP_PORT={{ ldap.server.port }}
+# ESPOCRM_CONFIG_LDAP_SECURITY: "", SSL or TLS
+ESPOCRM_CONFIG_LDAP_SECURITY=
+ESPOCRM_CONFIG_LDAP_USERNAME={{ ldap.dn.administrator }}
+ESPOCRM_CONFIG_LDAP_PASSWORD={{ ldap.bind_credential }}
+ESPOCRM_CONFIG_LDAP_BASE_DN={{ ldap.dn.users }}
+ESPOCRM_CONFIG_LDAP_USER_LOGIN_FILTER=(sAMAccountName=%USERNAME%)
{% endif %}
-###################################
-# OpenID Connect (OIDC) settings (optional)
-###################################
+# ------------------------------------------------
+# OpenID Connect settings (optional)
+# Applied only if the feature flag is true
+# ------------------------------------------------
{% if applications[application_id].features.oidc | bool %}
-OIDC_ENABLED=true
-OIDC_ISSUER_URL={{ oidc.client.issuer_url }}
-OIDC_CLIENT_ID={{ oidc.client.id }}
-OIDC_CLIENT_SECRET={{ oidc.client.secret }}
-OIDC_REDIRECT_URI=https://{{ domains[application_id] }}/oidc/callback
-{% endif %}
\ No newline at end of file
+
+# ------------------------------------------------
+# OpenID Connect settings
+# ------------------------------------------------
+ESPOCRM_CONFIG_AUTHENTICATION_METHOD=Oidc
+ESPOCRM_CONFIG_OIDC_FALLBACK=false # set true if you want LDAP as fallback
+
+ESPOCRM_CONFIG_OIDC_CLIENT_ID={{ oidc.client.id }}
+ESPOCRM_CONFIG_OIDC_CLIENT_SECRET={{ oidc.client.secret }}
+
+ESPOCRM_CONFIG_OIDC_AUTHORIZATION_ENDPOINT={{ oidc.client.authorize_url }}
+ESPOCRM_CONFIG_OIDC_TOKEN_ENDPOINT={{ oidc.client.token_url }}
+ESPOCRM_CONFIG_OIDC_USER_INFO_ENDPOINT={{ oidc.client.user_info_url }}
+ESPOCRM_CONFIG_OIDC_JWKS_ENDPOINT={{ oidc.client.certs }}
+
+ESPOCRM_CONFIG_OIDC_AUTHORIZATION_REDIRECT_URI=https://{{ domains[application_id] }}/oidc/callback
+ESPOCRM_CONFIG_OIDC_SCOPES=openid,profile,email
+{% endif %}
diff --git a/roles/docker-listmonk/templates/env.j2 b/roles/docker-listmonk/templates/env.j2
index 8c24e124..45dc4837 100644
--- a/roles/docker-listmonk/templates/env.j2
+++ b/roles/docker-listmonk/templates/env.j2
@@ -1,4 +1,4 @@
-TZ={{timezone}}
+TZ={{ HOST_TIMEZONE }}
# Administrator setup
diff --git a/roles/docker-listmonk/vars/main.yml b/roles/docker-listmonk/vars/main.yml
index 24671ad8..dea782e1 100644
--- a/roles/docker-listmonk/vars/main.yml
+++ b/roles/docker-listmonk/vars/main.yml
@@ -61,7 +61,7 @@ listmonk_settings:
- key: "app.lang"
- value: '"{{ locale }}"'
+ value: '"{{ HOST_LL }}"'
# - key: "messengers"
# value: '[]'
diff --git a/roles/docker-nextcloud/vars/system.yml b/roles/docker-nextcloud/vars/system.yml
index 27cc71f1..a338b592 100644
--- a/roles/docker-nextcloud/vars/system.yml
+++ b/roles/docker-nextcloud/vars/system.yml
@@ -12,7 +12,7 @@ nextcloud_system_config:
value: "{{ on_calendar_nextcloud }}"
- parameter: "default_phone_region"
- value: "{{ locale | upper }}"
+ value: "{{ HOST_LL | upper }}"
- parameter: "trusted_domains 0"
value: "{{domains[application_id]}}"
diff --git a/roles/docker-pixelfed/templates/env.j2 b/roles/docker-pixelfed/templates/env.j2
index 2f4b26d2..82b339c4 100644
--- a/roles/docker-pixelfed/templates/env.j2
+++ b/roles/docker-pixelfed/templates/env.j2
@@ -15,8 +15,8 @@ ENFORCE_EMAIL_VERIFICATION=false
PF_MAX_USERS=1000
OAUTH_ENABLED=true
-APP_TIMEZONE={{timezone}}
-APP_LOCALE={{locale}}
+APP_TIMEZONE={{ HOST_TIMEZONE }}
+APP_LOCALE={{ HOST_LL }}
## Pixelfed Tweaks
LIMIT_ACCOUNT_SIZE=true
@@ -49,7 +49,7 @@ MAIL_DRIVER=log
MAIL_HOST={{system_email.host}}
MAIL_PORT={{system_email.port}}
MAIL_FROM_ADDRESS="{{ users['no-reply'].email }}"
-MAIL_FROM_NAME="Pixelfed"
+MAIL_FROM_NAME={{ service_provider.company.titel }} - Pixelfed
MAIL_USERNAME={{ users['no-reply'].email }}
MAIL_PASSWORD={{ users['no-reply'].mailu_token }}
# Not sure if the following is correct
diff --git a/roles/docker-snipe_it/templates/env.j2 b/roles/docker-snipe_it/templates/env.j2
index b560c37f..36494e52 100644
--- a/roles/docker-snipe_it/templates/env.j2
+++ b/roles/docker-snipe_it/templates/env.j2
@@ -7,8 +7,8 @@ APP_DEBUG={{enable_debug | string | lower }}
APP_KEY={{applications.snipe_it.app_key}}
APP_URL=https://{{domains[application_id]}}
# https://en.wikipedia.org/wiki/List_of_tz_database_time_zones - TZ identifier
-APP_TIMEZONE='{{timezone}}'
-APP_LOCALE={{locale}}
+APP_TIMEZONE='{{ HOST_TIMEZONE }}'
+APP_LOCALE={{ HOST_LL }}
MAX_RESULTS=500
# --------------------------------------------
@@ -49,15 +49,15 @@ DB_SSL_VERIFY_SERVER=null
# REQUIRED: OUTGOING MAIL SERVER SETTINGS
# --------------------------------------------
MAIL_MAILER = smtp
-MAIL_HOST = {{system_email.host}} # SMTP server address
-MAIL_PORT = {{system_email.port}} # SMTP server address
-MAIL_USERNAME = {{ users['no-reply'].email }} # user to connect the SMTP server
-MAIL_PASSWORD = {{ users['no-reply'].mailu_token }} # SMTP user's password
-MAIL_TLS_VERIFY_PEER = {{ system_email.tls | capitalize }} # use TLS (secure) connection with the SMTP server
-MAIL_FROM_ADDR = {{ users['no-reply'].email }} # default email address for the automated emails
-MAIL_FROM_NAME = 'Snipe-IT'
-MAIL_REPLYTO_ADDR = {{ users['no-reply'].email }} # default email address for the automated emails
-MAIL_REPLYTO_NAME = 'Snipe-IT'
+MAIL_HOST = {{system_email.host}}
+MAIL_PORT = {{system_email.port}}
+MAIL_USERNAME = {{ users['no-reply'].email }}
+MAIL_PASSWORD = {{ users['no-reply'].mailu_token }}
+MAIL_TLS_VERIFY_PEER = {{ system_email.tls | capitalize }}
+MAIL_FROM_ADDR = {{ users['no-reply'].email }}
+MAIL_FROM_NAME = {{ service_provider.company.titel }} - Snipe-IT
+MAIL_REPLYTO_ADDR = {{ users['no-reply'].email }}
+MAIL_REPLYTO_NAME = {{ service_provider.company.titel }} - Snipe-IT
MAIL_AUTO_EMBED_METHOD = 'attachment'
# --------------------------------------------
diff --git a/roles/nginx-serve-legal/templates/imprint.html.j2 b/roles/nginx-serve-legal/templates/imprint.html.j2
index 09e821b7..7a0e7595 100644
--- a/roles/nginx-serve-legal/templates/imprint.html.j2
+++ b/roles/nginx-serve-legal/templates/imprint.html.j2
@@ -1,5 +1,5 @@
-
+
diff --git a/tasks/server.yml b/tasks/server.yml
index 836fad72..53b85373 100644
--- a/tasks/server.yml
+++ b/tasks/server.yml
@@ -216,6 +216,11 @@
include_role:
name: docker-presentation
+- name: setup espocrm hosts
+ when: ("espocrm" in group_names)
+ include_role:
+ name: docker-espocrm
+
# Native Webserver Roles
- name: setup nginx-serve-htmls
when: ("nginx-serve-htmls" in group_names)
diff --git a/templates/vars/applications.yml.j2 b/templates/vars/applications.yml.j2
index 3a5ca20f..84974c5e 100644
--- a/templates/vars/applications.yml.j2
+++ b/templates/vars/applications.yml.j2
@@ -126,6 +126,30 @@ defaults_applications:
'database': true,
}) }}{% raw %}
+ ## EspoCRM
+ espocrm:
+ version: "fpm-alpine"
+ users:
+ administrator:
+ username: "{{ users.administrator.username }}"
+ email: "{{ users.administrator.email }}"
+
+ credentials:
+ administrator:
+ password: "{{ users.administrator.password }}"
+ database:
+ # password: # Set in your inventory file
+
+{% endraw %}{{ features.render_features({
+ 'matomo': true,
+ 'css': true,
+ 'iframe': false,
+ 'ldap': true,
+ 'oidc': true,
+ 'database': true
+}) }}{% raw %}
+
+
## File Server
file_server:
{% endraw %}{{ features.render_features({