Raw refactoring of roles

roles/docker-listmonk/meta/schema.yml

@@ -0,0 +1,20 @@
+credentials:
+  database_password:
+    description: "Password for the Listmonk PostgreSQL database user"
+    algorithm: "bcrypt"
+    validation: "^\\$2[aby]\\$.{56}$"
+
+  administrator_password:
+    description: "Initial password for the Listmonk administrator account"
+    algorithm: "sha256"
+    validation: "^[a-f0-9]{64}$"
+
+  hcaptcha_site_key:
+    description: "Public site key used by Listmonk to render hCaptcha"
+    algorithm: "plain"
+    validation: "^[0-9a-zA-Z_-]{32,}$"
+
+  hcaptcha_secret:
+    description: "Private hCaptcha secret key for server-side verification"
+    algorithm: "plain"
+    validation: "^[0-9a-zA-Z_-]{32,}$"

roles/docker-listmonk/templates/env.j2

@@ -3,4 +3,4 @@ TZ={{ HOST_TIMEZONE }}
 # Administrator setup
 
 LISTMONK_ADMIN_USER={{ applications[application_id].users.administrator.username }}
-LISTMONK_ADMIN_PASSWORD={{ applications[application_id].users.administrator.password }}
+LISTMONK_ADMIN_PASSWORD={{ applications[application_id].credentials.administrator_password }}

roles/docker-listmonk/vars/configuration.yml

@@ -0,0 +1,11 @@
+users:
+  administrator:
+    username:               "{{users.administrator.username}}"    # Listmonk administrator account username
+public_api_activated:       False                                 # Security hole. Can be used for spaming
+version:                    "latest"                              # Docker Image version
+features:
+  matomo:                   true
+  css:                      true
+  landingpage_iframe:       true
+  central_database:         true
+  oidc:                     true

roles/docker-listmonk/vars/main.yml

@@ -1,5 +1,5 @@
 application_id:  	  "listmonk"
-database_password:  "{{applications[application_id].credentials.database.password}}"
+database_password:  "{{applications[application_id].credentials.database_password}}"
 database_type:      "postgres"
 
 listmonk_settings:
@@ -25,10 +25,10 @@ listmonk_settings:
     value: 'true'
 
   - key: "security.captcha_key"
-    value: '"{{ applications[application_id].credentials.hcaptcha.site_key }}"'
+    value: '"{{ applications[application_id].credentials.hcaptcha_site_key }}"'
 
   - key: "security.captcha_secret"
-    value: '"{{ applications[application_id].credentials.hcaptcha.secret }}"'
+    value: '"{{ applications[application_id].credentials.hcaptcha_secret }}"'
 
   # SMTP servers
   - key: "smtp"