Raw refactoring of roles

roles/docker-funkwhale/meta/schema.yml

@@ -0,0 +1,9 @@
+credentials:
+  database_password:
+    description: "Password for the Funkwhale PostgreSQL database"
+    algorithm: "bcrypt"
+    validation: "^\\$2[aby]\\$.{56}$"
+  django_secret:
+    description: "Django SECRET_KEY used for cryptographic signing"
+    algorithm: "sha256"
+    validation: "^[a-f0-9]{64}$"

roles/docker-funkwhale/templates/env.j2

@@ -98,7 +98,7 @@ STATIC_ROOT={{static_root}}
 DJANGO_SETTINGS_MODULE=config.settings.production
 
 # Generate one using `openssl rand -base64 45`, for example
-DJANGO_SECRET_KEY={{funkwhale_django_secret}}
+DJANGO_SECRET_KEY={{applications[application_id].credentials.django_secret}}
 
 {% if applications[application_id].features.ldap | bool %}
 # LDAP settings

roles/docker-funkwhale/vars/configuration.yml

@@ -0,0 +1,10 @@
+version:              "1.4.0"
+features:
+  matomo:             true
+  css:                true
+  landingpage_iframe: true
+  ldap:               true
+  central_database:   true
+credentials:
+#  database_password: # Needs to be defined in inventory file
+#  django_secret:     # Needs to be defined in inventory file

roles/docker-funkwhale/vars/main.yml

@@ -1,6 +1,6 @@
 application_id:                                 "funkwhale"
 nginx_docker_reverse_proxy_extra_configuration: "client_max_body_size 512M;"
-database_password:                              "{{funkwhale_database_password}}"
+database_password:                              "{{applications[application_id].credentials.database_password}}"
 database_type:                                  "postgres"
 media_root:                                     "/srv/funkwhale/data/"
 static_root:                                    "{{media_root}}static"