diff --git a/roles/cmp-db-docker/tasks/main.yml b/roles/cmp-db-docker/tasks/main.yml index 091c38c4..bb1417c2 100644 --- a/roles/cmp-db-docker/tasks/main.yml +++ b/roles/cmp-db-docker/tasks/main.yml @@ -10,10 +10,10 @@ - "{{ DOCKER_VARS_FILE }}" # Important to load docker variables first so that database can use them - "{{ cmp_db_docker_vars_file_db }}" # Important to load them before docker role so that backup can use them -- name: "For '{{ application_id }}': Load cmp-docker-oauth2" - include_role: - name: cmp-docker-oauth2 - - name: "For '{{ application_id }}': Load central RDBMS" include_role: - name: cmp-rdbms \ No newline at end of file + name: cmp-rdbms + +- name: "For '{{ application_id }}': Load cmp-docker-oauth2" + include_role: + name: cmp-docker-oauth2 \ No newline at end of file diff --git a/roles/cmp-db-docker/vars/main.yml b/roles/cmp-db-docker/vars/main.yml index c4bd6db2..f12a3674 100644 --- a/roles/cmp-db-docker/vars/main.yml +++ b/roles/cmp-db-docker/vars/main.yml @@ -1 +1 @@ -cmp_db_docker_vars_file_db: "{{ playbook_dir }}/roles/cmp-rdbms/vars/database.yml" \ No newline at end of file +cmp_db_docker_vars_file_db: "{{ playbook_dir }}/roles/cmp-rdbms/vars/database.yml" \ No newline at end of file diff --git a/roles/cmp-rdbms/tasks/main.yml b/roles/cmp-rdbms/tasks/main.yml index 25716eb0..44661f57 100644 --- a/roles/cmp-rdbms/tasks/main.yml +++ b/roles/cmp-rdbms/tasks/main.yml @@ -2,11 +2,17 @@ # The following env file will just be used from the dedicated mariadb container # and not the central one -- name: "For '{{ application_id }}': Create {{database_env}}" - template: - src: "env/{{database_type}}.env.j2" - dest: "{{database_env}}" - notify: docker compose up +- block: + - name: "Ensure env dir exists: {{ docker_compose.directories.env }}" + ansible.builtin.file: + path: "{{ docker_compose.directories.env }}" + state: directory + mode: "0755" + - name: "For '{{ application_id }}': Create {{database_env}}" + template: + src: "env/{{database_type}}.env.j2" + dest: "{{database_env}}" + notify: docker compose up when: not applications | get_app_conf(application_id, 'features.central_database', False) - name: "For '{{ application_id }}': Create central database" diff --git a/roles/web-app-mailu/config/main.yml b/roles/web-app-mailu/config/main.yml index 20c26b5d..751286b0 100644 --- a/roles/web-app-mailu/config/main.yml +++ b/roles/web-app-mailu/config/main.yml @@ -1,13 +1,13 @@ oidc: - email_by_username: true # If true, then the mail is set by the username. If wrong then the OIDC user email is used - enable_user_creation: true # Users will be created if not existing -domain: "{{primary_domain}}" # The main domain from which mails will be send \ email suffix behind @ + email_by_username: true # If true, then the mail is set by the username. If wrong then the OIDC user email is used + enable_user_creation: true # Users will be created if not existing +domain: "{{ primary_domain }}" # The main domain from which mails will be send \ email suffix behind @ features: matomo: true css: false - port-ui-desktop: true # Deactivated mailu iframe loading until keycloak supports it + port-ui-desktop: true # Deactivated mailu iframe loading until keycloak supports it oidc: true - central_database: false # Deactivate central database for mailu, I don't know why the database deactivation is necessary + central_database: false # Deactivate central database for mailu, I don't know why the database deactivation is necessary logout: true server: domains: diff --git a/roles/web-app-mailu/tasks/create-mailu-user.yml b/roles/web-app-mailu/tasks/01_00_create-mailu-user.yml similarity index 95% rename from roles/web-app-mailu/tasks/create-mailu-user.yml rename to roles/web-app-mailu/tasks/01_00_create-mailu-user.yml index 63a44641..5646bea9 100644 --- a/roles/web-app-mailu/tasks/create-mailu-user.yml +++ b/roles/web-app-mailu/tasks/01_00_create-mailu-user.yml @@ -23,5 +23,5 @@ when: "'mail-bot' in item.value.roles or 'administrator' in item.value.roles" - name: "Create Mailu API Token for {{ mailu_user_name }}" - include_tasks: create-mailu-token.yml + include_tasks: 01_0A_create-mailu-token.yml when: "{{ 'mail-bot' in item.value.roles }}" \ No newline at end of file diff --git a/roles/web-app-mailu/tasks/create-mailu-token.yml b/roles/web-app-mailu/tasks/01_0A_create-mailu-token.yml similarity index 100% rename from roles/web-app-mailu/tasks/create-mailu-token.yml rename to roles/web-app-mailu/tasks/01_0A_create-mailu-token.yml diff --git a/roles/web-app-mailu/tasks/set-mailu-dns-records.yml b/roles/web-app-mailu/tasks/02_00_set-mailu-dns-records.yml similarity index 98% rename from roles/web-app-mailu/tasks/set-mailu-dns-records.yml rename to roles/web-app-mailu/tasks/02_00_set-mailu-dns-records.yml index bdf3e5fe..b865a6db 100644 --- a/roles/web-app-mailu/tasks/set-mailu-dns-records.yml +++ b/roles/web-app-mailu/tasks/02_00_set-mailu-dns-records.yml @@ -2,7 +2,7 @@ include_vars: vars/mailu-dns.yml - name: Generate DKIM public key - include_tasks: generate-and-read-dkim.yml + include_tasks: 02_0A_generate-and-read-dkim.yml - name: "Set A record for mail server" community.general.cloudflare_dns: diff --git a/roles/web-app-mailu/tasks/generate-and-read-dkim.yml b/roles/web-app-mailu/tasks/02_0A_generate-and-read-dkim.yml similarity index 100% rename from roles/web-app-mailu/tasks/generate-and-read-dkim.yml rename to roles/web-app-mailu/tasks/02_0A_generate-and-read-dkim.yml diff --git a/roles/web-app-mailu/tasks/main.yml b/roles/web-app-mailu/tasks/main.yml index dd8ba651..6dc537cf 100644 --- a/roles/web-app-mailu/tasks/main.yml +++ b/roles/web-app-mailu/tasks/main.yml @@ -1,46 +1,41 @@ --- -- name: "load docker, db and proxy for {{application_id}}" - include_role: - name: cmp-db-docker-proxy - when: run_once_web_app_mailu is not defined +- block: + - name: "load docker, db and proxy for {{application_id}}" + include_role: + name: cmp-db-docker-proxy -- name: "Include the srv-proxy-6-6-tls-deploy role" - include_role: - name: srv-proxy-6-6-tls-deploy - when: run_once_web_app_mailu is not defined + - name: "Include the srv-proxy-6-6-tls-deploy role" + include_role: + name: srv-proxy-6-6-tls-deploy -- name: Flush docker service handlers - meta: flush_handlers - when: run_once_web_app_mailu is not defined + - name: Flush docker service handlers + meta: flush_handlers -- name: "Create Mailu accounts" - include_tasks: create-mailu-user.yml - vars: - mailu_compose_dir: "{{ docker_compose.directories.instance }}" - mailu_domain: "{{ primary_domain }}" - mailu_api_base_url: "http://127.0.0.1:8080/api/v1" - mailu_global_api_token: "{{ applications | get_app_conf(application_id, 'credentials.api_token') }}" - mailu_action: >- - {{ - ( - 'administrator' in (item.value.get('roles', [])) - ) - | ternary('admin','user') - }} - mailu_user_key: "{{ item.key }}" - mailu_user_name: "{{ item.value.username }}" - mailu_password: "{{ item.value.password }}" - mailu_token_ip: "{{ item.value.ip | default('') }}" - loop: "{{ users | dict2items }}" - loop_control: - loop_var: item - when: run_once_web_app_mailu is not defined - -- name: Set Mailu DNS records - include_tasks: set-mailu-dns-records.yml - when: dns_provider == 'cloudflare' + - name: "Create Mailu accounts" + include_tasks: 01_00_create-mailu-user.yml + vars: + mailu_compose_dir: "{{ docker_compose.directories.instance }}" + mailu_domain: "{{ primary_domain }}" + mailu_api_base_url: "http://127.0.0.1:8080/api/v1" + mailu_global_api_token: "{{ applications | get_app_conf(application_id, 'credentials.api_token') }}" + mailu_action: >- + {{ + ( + 'administrator' in (item.value.get('roles', [])) + ) + | ternary('admin','user') + }} + mailu_user_key: "{{ item.key }}" + mailu_user_name: "{{ item.value.username }}" + mailu_password: "{{ item.value.password }}" + mailu_token_ip: "{{ item.value.ip | default('') }}" + loop: "{{ users | dict2items }}" + loop_control: + loop_var: item -- name: Run the docker_mailu roles once - set_fact: - run_once_web_app_mailu: true + - name: Set Mailu DNS records + include_tasks: 02_00_set-mailu-dns-records.yml + when: dns_provider == 'cloudflare' + + - include_tasks: utils/run_once.yml when: run_once_web_app_mailu is not defined \ No newline at end of file diff --git a/roles/web-app-mailu/vars/main.yml b/roles/web-app-mailu/vars/main.yml index f7d39da6..78919ce5 100644 --- a/roles/web-app-mailu/vars/main.yml +++ b/roles/web-app-mailu/vars/main.yml @@ -1,18 +1,20 @@ +# General application_id: "web-app-mailu" +domain: "{{ domains | get_domain(application_id) }}" +http_port: "{{ ports.localhost.http[application_id] }}" +proxy_extra_configuration: "client_max_body_size 31M;" # Database Configuration database_password: "{{ applications | get_app_conf(application_id, ' credentials.database_password') }}" database_type: "mariadb" -cert_mount_directory: "{{docker_compose.directories.volumes}}certs/" +cert_mount_directory: "{{ docker_compose.directories.volumes }}certs/" # Use dedicated source for oidc if activated # @see https://github.com/heviat/Mailu-OIDC/tree/2024.06 -docker_source: "{{ 'ghcr.io/heviat' if applications | get_app_conf(application_id, 'features.oidc', False) else 'ghcr.io/mailu' }}" +docker_source: "{{ 'ghcr.io/heviat' if applications | get_app_conf(application_id, 'features.oidc', False) else 'ghcr.io/mailu' }}" -domain: "{{ domains | get_domain(application_id) }}" -http_port: "{{ ports.localhost.http[application_id] }}" -proxy_extra_configuration: "client_max_body_size 31M;" +# Mailu Specific mailu_version: "{{ applications | get_app_conf(application_id, 'docker.services.mailu.version', True) }}" mailu_name: "{{ applications | get_app_conf(application_id, 'docker.services.mailu.name', True) }}" mailu_smtp_queue: "mailu_smtp_queue"