General code optimations and peertube optimation

2025-08-29 15:06:26 +02:00 · 2025-05-20 07:00:29 +02:00
parent a051fde662
commit 5948d7aa93
19 changed files with 306 additions and 115 deletions
--- a/roles/backup-data-to-usb/meta/main.yml
+++ b/roles/backup-data-to-usb/meta/main.yml
@@ -23,5 +23,5 @@ galaxy_info:
  issue_tracker_url: https://s.veen.world/cymaisissues
  documentation: https://s.veen.world/cymais
 dependencies:
-  - role: cleanup-backups-service
-  - role: system-maintenance-lock
+  - cleanup-backups-service
+  - system-maintenance-lock
--- a/roles/client-spotify/meta/main.yml
+++ b/roles/client-spotify/meta/main.yml
@@ -24,4 +24,4 @@ galaxy_info:
  issue_tracker_url: https://s.veen.world/cymaisissues
  documentation: https://s.veen.world/cymais
 dependencies:
-  - role: system-aur-helper
+  - system-aur-helper
--- a/roles/docker-akaunting/vars/configuration.yml
+++ b/roles/docker-akaunting/vars/configuration.yml
@@ -5,7 +5,7 @@ setup_admin_email:        "{{users.administrator.email}}"
 features:
  matomo:                 true
  css:                    true
-  portfolio_iframe:     false
+  portfolio_iframe:       false
  central_database:       true
 credentials:
 #  database_password:     Needs to be defined in inventory file 
--- a/roles/docker-keycloak/meta/main.yml
+++ b/roles/docker-keycloak/meta/main.yml
@@ -20,3 +20,8 @@ galaxy_info:
  logo:
    class: "fa-solid fa-lock"
 dependencies: []
+role_run_order:
+  before: 
+    - all
+  after:  
+    - docker-ldap
--- a/roles/docker-ldap/meta/main.yml
+++ b/roles/docker-ldap/meta/main.yml
@@ -21,3 +21,6 @@ galaxy_info:
  logo:
    class: "fa-solid fa-users"
 dependencies: []
+role_run_order:
+  before:  
+    - all
--- a/roles/docker-mastodon/meta/main.yml
+++ b/roles/docker-mastodon/meta/main.yml
@@ -21,4 +21,5 @@ galaxy_info:
  documentation: "https://s.veen.world/cymais"
  logo:
    class: "fa-solid fa-bullhorn"
-dependencies: []
+role_run_order:
+  after: docker-keycloak
--- a/roles/docker-matomo/meta/main.yml
+++ b/roles/docker-matomo/meta/main.yml
@@ -18,4 +18,8 @@ galaxy_info:
  documentation: "https://s.veen.world/cymais"
  logo:
    class: "fa-solid fa-chart-line"
-dependencies: []
+role_run_order:
+  before:
+    - all
+  after: 
+    - docker-keycloak
--- a/roles/docker-peertube/tasks/enable-oidc.yml
+++ b/roles/docker-peertube/tasks/enable-oidc.yml
@@ -3,14 +3,28 @@
    docker exec {{ container_name }} \
    npm run plugin:install -- --npm-name {{oidc_plugin}}

- name: Update Peertube config for OpenID Connect
-  ansible.builtin.lineinfile:
-    path: /opt/peertube/config/production.yaml
-    regexp: '^{{ item.key }}:'
-    line: "{{ item.key }}: {{ item.value }}"
-  loop:
-    - { key: "oidc.client_id", value: "{{ oidc_client_id }}" }
-    - { key: "oidc.client_secret", value: "{{ oidc_client_secret }}" }
-    - { key: "oidc.discover_url", value: "{{ oidc_discover_url }}" }
-    - { key: "oidc.scope", value: "openid email profile" }
-  become: yes
+- name: "Update the settings column of the auth-openid-connect plugin"
+  community.postgresql.postgresql_query:
+    db: "{{ database_name }}"
+    login_user: "{{ database_username }}"
+    login_password: "{{ database_password }}"
+    login_host: "127.0.0.1"
+    login_port: "{{ database_port }}"
+    query: |
+      UPDATE plugins
+      SET settings = '{
+        "scope": "openid email profile",
+        "client-id": "{{ oidc.client.id }}",
+        "discover-url": "{{ oidc.client.discovery_document }}",
+        "client-secret": "{{ oidc.client.secret }}",
+        "mail-property": "email",
+        "auth-display-name": "{{ oidc.button_text }}",
+        "username-property": "{{ oidc.attributes.username }}",
+        "signature-algorithm": "RS256",
+        "display-name-property": "{{ oidc.attributes.username }}"
+      }',
+      enabled = TRUE
+      WHERE name = 'auth-openid-connect';
+  when: applications | is_feature_enabled('oidc', application_id)
+  become: true
+  become_user: "{{ container_name }}"
--- a/roles/nginx-docker-reverse-proxy/meta/main.yml
+++ b/roles/nginx-docker-reverse-proxy/meta/main.yml
@@ -24,5 +24,5 @@ galaxy_info:
  issue_tracker_url: https://s.veen.world/cymaisissues
  documentation: https://s.veen.world/cymais
 dependencies:
-  - role: docker
-  - role: nginx-https
+  - docker
+  - nginx-https
--- a/roles/nginx-modifier-css/meta/main.yml
+++ b/roles/nginx-modifier-css/meta/main.yml
@@ -26,4 +26,4 @@ galaxy_info:
  issue_tracker_url: https://s.veen.world/cymaisissues
  documentation: https://s.veen.world/cymais
 dependencies:
-  - role: nginx
+  - nginx
--- a/roles/persona-gamer/meta/main.yml
+++ b/roles/persona-gamer/meta/main.yml
@@ -26,6 +26,6 @@ galaxy_info:
  issue_tracker_url: https://s.veen.world/cymaisissues
  documentation: https://s.veen.world/cymais
 dependencies:
-  - role: persona-gamer-retro
-  - role: persona-gamer-default
-  - role: persona-gamer-core
+  - persona-gamer-retro
+  - persona-gamer-default
+  - persona-gamer-core
--- a/roles/systemd-notifier/meta/main.yml
+++ b/roles/systemd-notifier/meta/main.yml
@@ -23,5 +23,5 @@ galaxy_info:
  issue_tracker_url: "https://s.veen.world/cymaisissues"
  documentation: "https://s.veen.world/cymais"
 dependencies:
-  - role: systemd-notifier-telegram
-  - role: systemd-notifier-email
+  - systemd-notifier-telegram
+  - systemd-notifier-email