refactor(web-app-espocrm): improve config patching and container vars

- Replace `ESPOCRM_NAME` with `ESPOCRM_CONTAINER` for clarity and consistency. - Drop unused `ESPOCRM_CONFIG_FILE_PUBLIC`, rely only on `config-internal.php`. - Make DB credential patching idempotent using `grep` + `sed` checks. - Replace direct sed edits for maintenance/cron/cache with EspoCRM ConfigWriter. - Add fallback execution as root if www-data user cannot write config. - Clear EspoCRM cache only when config changes and in update mode. - Remove obsolete OIDC scopes inline task (now handled via env/vars). - Fix docker-compose template to use `ESPOCRM_CONTAINER`. This refactor makes the EspoCRM role more robust, idempotent, and aligned with EspoCRM’s official ConfigWriter mechanism. See conversation: https://chatgpt.com/share/68a87820-12f8-800f-90d6-01ba97a1b279
2025-08-30 07:18:09 +02:00 · 2025-08-22 16:01:48 +02:00
parent 9d6d64e11d
commit 8b2f0ac47b
4 changed files with 81 additions and 54 deletions
--- a/roles/web-app-espocrm/tasks/main.yml
+++ b/roles/web-app-espocrm/tasks/main.yml
@@ -6,29 +6,14 @@
    docker_compose_flush_handlers:  true

 - name: Check if config.php exists in EspoCRM
-  command: docker exec --user root {{ ESPOCRM_NAME }} test -f {{ ESPOCRM_CONFIG_FILE_PRIVATE }}
+  command: docker exec --user root {{ ESPOCRM_CONTAINER }} test -f {{ ESPOCRM_CONFIG_FILE_PRIVATE }}
  register: config_file_exists
  changed_when: false
  failed_when: false

- name: Patch EspoCRM config.php with updated DB credentials
+- name: Patch EspoCRM config.php
  include_tasks: 01_patch_config.yml
  when: config_file_exists.rc == 0

 - name: Flush handlers to make DB available before password reset
  meta: flush_handlers
-
- name: Set OIDC scopes in EspoCRM config (inside web container)
-  ansible.builtin.shell: |
-    docker compose exec -T web php -r '
-      require "/var/www/html/bootstrap.php";
-      $writer = (new \Espo\Core\Application())
-        ->getContainer()
-        ->get("injectableFactory")
-        ->create("\Espo\Core\Utils\Config\ConfigWriter");
-      $writer->set("oidcScopes", ["openid", "profile", "email"]);
-      $writer->save();
-    '
-  args:
-    chdir: "{{ docker_compose.directories.instance }}"
-  when: ESPOCRM_OIDC_ENABLED | bool