diff --git a/group_vars/all/07_applications.yml b/group_vars/all/07_applications.yml index 8eb153f9..06c12de5 100644 --- a/group_vars/all/07_applications.yml +++ b/group_vars/all/07_applications.yml @@ -18,14 +18,20 @@ defaults_applications: company_name: "{{primary_domain}}" company_email: "{{administrator_email}}" setup_admin_email: "{{administrator_email}}" + database: + central_storage: True ## Attendize attendize: version: "latest" + database: + central_storage: True ## Baserow baserow: version: "latest" + database: + central_storage: True ## Big Blue Button bigbluebutton: @@ -33,6 +39,8 @@ defaults_applications: setup: false # Set to true in inventory file for initial setup oidc: enabled: true # Activate OIDC + database: + central_storage: True ## Bluesky bluesky: @@ -42,6 +50,8 @@ defaults_applications: #jwt_secret: # Needs to be defined in inventory file - Use: openssl rand -base64 64 | tr -d '\n' #plc_rotation_key_k256_private_key_hex: # Needs to be defined in inventory file - Use: openssl rand -hex 32 #admin_password: # Needs to be defined in inventory file - Use: openssl rand -base64 16 + database: + central_storage: True ## Discourse: discourse: @@ -51,25 +61,35 @@ defaults_applications: # database_password: # Needs to be defined in inventory file oidc: enabled: true # Activate OIDC + database: + central_storage: True ## Friendica friendica: version: "latest" oidc: enabled: true # Activate OIDC. Plugin is not working yet + database: + central_storage: True ## Funkwhale funkwhale: version: "1.4.0" - ldap_enabled: True # Enables LDAP by default + ldap_enabled: True # Enables LDAP by default + database: + central_storage: True ## Gitea gitea: version: "latest" + database: + central_storage: True ## Gitlab gitlab: version: "latest" + database: + central_storage: True ## Joomla joomla: @@ -79,7 +99,9 @@ defaults_applications: keycloak: version: "latest" administrator_username: "{{administrator_username}}" # Administrator Username for Keycloak - ldap_enabled: True # Enables LDAP by default + ldap_enabled: True # Enables LDAP by default + database: + central_storage: True # database_password: # Needs to be defined in inventory file # administrator_password: # Needs to be defined in inventory file @@ -113,6 +135,8 @@ defaults_applications: public_api_activated: False # Security hole. Can be used for spaming version: "latest" # Docker Image version setup: false # Set true in inventory file to execute the setup and initializing procedures + database: + central_storage: True mailu: version: "2024.06" # Docker Image Version @@ -121,7 +145,8 @@ defaults_applications: enabled: true # Activate OIDC for Mailu domain: "{{primary_domain}}" # The main domain from which mails will be send \ email suffix behind @ # I don't know why the database deactivation is necessary - enable_central_database: False # Deactivate central database for mailu + database: + central_storage: False # Deactivate central database for mailu credentials: # secret_key: # Set to a randomly generated 16 bytes string # database_password: # Needs to be set in inventory file @@ -139,13 +164,17 @@ defaults_applications: # database_password: Null # Needs to be set in inventory file # auth_token: Null # Needs to be set in inventory file css: - enabled: false # The css isn't optimized yet for Matomo + enabled: false # The css isn't optimized yet for Matomo + database: + central_storage: True ## Mastodon mastodon: version: "latest" single_user_mode: false # Set true for initial setup setup: false # Set true in inventory file to execute the setup and initializing procedures + database: + central_storage: True oidc: enabled: true # Activate OIDC for Mastodon credentials: @@ -172,6 +201,8 @@ defaults_applications: element: version: "latest" setup: false # Set true in inventory file to execute the setup and initializing procedures + database: + central_storage: True ## Moodle moodle: @@ -179,10 +210,14 @@ defaults_applications: administrator_name: "{{administrator_username}}" administrator_email: "{{administrator_email}}" version: "latest" + database: + central_storage: True ## MyBB mybb: version: "latest" + database: + central_storage: True ## Nextcloud nextcloud: @@ -192,6 +227,8 @@ defaults_applications: oidc: enabled: true # Activate OIDC for Nextcloud force_import: False # Forces the import of the LDIF files + database: + central_storage: True ## OAuth2 Proxy oauth2_proxy: @@ -208,7 +245,9 @@ defaults_applications: enabled: true # OpenProject doesn't support OIDC, so this procy in combination with LDAP is needed application: "proxy" port: "80" - ldap_enabled: True # Enables LDAP by default + ldap_enabled: True # Enables LDAP by default + database: + central_storage: True ## Peertube peertube: @@ -222,11 +261,15 @@ defaults_applications: enabled: true port: "80" application: "application" + database: + central_storage: True ## Pixelfed pixelfed: - titel: "Pictures on {{primary_domain}}" - version: "latest" + titel: "Pictures on {{primary_domain}}" + version: "latest" + database: + central_storage: True ## Postgres # Please set an version in your inventory file - Rolling release for postgres isn't recommended @@ -236,10 +279,14 @@ defaults_applications: # Snipe-IT snipe_it: version: "latest" + database: + central_storage: True ## Taiga taiga: version: "latest" + database: + central_storage: True ## YOURLS yourls: @@ -250,7 +297,8 @@ defaults_applications: application: "application" port: "80" location: "/admin/" # Protects the admin area - + database: + central_storage: True wordpress: # Deactivate Global theming for wordpress role @@ -260,4 +308,6 @@ defaults_applications: # May a solution could be to generate a template or css file dedicated # for wordpress based on the theming values and import it. css: - enabled: false \ No newline at end of file + enabled: false + database: + central_storage: True \ No newline at end of file diff --git a/group_vars/all/12_storage.yml b/group_vars/all/12_storage.yml index 020247cd..c7a71646 100644 --- a/group_vars/all/12_storage.yml +++ b/group_vars/all/12_storage.yml @@ -1,6 +1,3 @@ -## Enable Central Postgress and MariaDB instead of dedicated container per application -enable_central_database: true - ## Enable Storage Optimizer for Docker Volumes enable_system_storage_optimizer: true diff --git a/roles/docker-central-database/README.md b/roles/docker-central-database/README.md index 482b55ec..e509206b 100644 --- a/roles/docker-central-database/README.md +++ b/roles/docker-central-database/README.md @@ -47,7 +47,7 @@ When executed, the role will: 1. Load database configuration variables. 2. Generate the appropriate environment file for the database. 3. Incorporate the Docker Compose routines. -4. Create a central database if `enable_central_database` is set to `true`. +4. Create a central database if `applications[application_id].database.central_storage` is set to `true`. --- diff --git a/roles/docker-central-database/tasks/main.yml b/roles/docker-central-database/tasks/main.yml index 234e3bcf..1118e212 100644 --- a/roles/docker-central-database/tasks/main.yml +++ b/roles/docker-central-database/tasks/main.yml @@ -14,9 +14,9 @@ src: "env/{{database_type}}.env.j2" dest: "{{database_env}}" notify: docker compose project build and setup - when: not enable_central_database | bool + when: not applications[application_id].database.central_storage | bool - name: create central database include_role: name: "docker-{{database_type}}" - when: enable_central_database | bool \ No newline at end of file + when: applications[application_id].database.central_storage | bool \ No newline at end of file diff --git a/roles/docker-central-database/templates/services/mariadb.yml.j2 b/roles/docker-central-database/templates/services/mariadb.yml.j2 index ba00f62d..9ebf4d61 100644 --- a/roles/docker-central-database/templates/services/mariadb.yml.j2 +++ b/roles/docker-central-database/templates/services/mariadb.yml.j2 @@ -1,5 +1,5 @@ # This template needs to be included in docker-compose.yml, which depend on a mariadb database -{% if not enable_central_database | bool %} +{% if not applications[application_id].database.central_storage | bool %} database: container_name: {{application_id}}-database logging: diff --git a/roles/docker-central-database/templates/services/postgres.yml.j2 b/roles/docker-central-database/templates/services/postgres.yml.j2 index 731c62b7..79e501e2 100644 --- a/roles/docker-central-database/templates/services/postgres.yml.j2 +++ b/roles/docker-central-database/templates/services/postgres.yml.j2 @@ -1,5 +1,5 @@ # This template needs to be included in docker-compose.yml, which depend on a postgres database -{% if not enable_central_database | bool %} +{% if not applications[application_id].database.central_storage | bool %} database: image: postgres:{{applications.postgres.database_version}}-alpine container_name: {{application_id}}-database diff --git a/roles/docker-central-database/vars/database.yml b/roles/docker-central-database/vars/database.yml index 568ea101..02c8fd6c 100644 --- a/roles/docker-central-database/vars/database.yml +++ b/roles/docker-central-database/vars/database.yml @@ -1,5 +1,5 @@ -database_instance: "{{ 'central-' + database_type if enable_central_database | bool else application_id }}" -database_host: "{{ 'central-' + database_type if enable_central_database | bool else 'database' }}" +database_instance: "{{ 'central-' + database_type if applications[application_id].database.central_storage | bool else application_id }}" +database_host: "{{ 'central-' + database_type if applications[application_id].database.central_storage | bool else 'database' }}" database_name: "{{ application_id }}" database_username: "{{ application_id }}" database_port: "{{ 3306 if database_type == 'mariadb' else 5432 }}" diff --git a/roles/docker-discourse/handlers/main.yml b/roles/docker-discourse/handlers/main.yml index dcc7d837..665e38c0 100644 --- a/roles/docker-discourse/handlers/main.yml +++ b/roles/docker-discourse/handlers/main.yml @@ -11,7 +11,7 @@ command: cmd: "docker network connect {{applications.discourse.network}} central-{{ database_type }}" ignore_errors: true - when: enable_central_database | bool + when: applications[application_id].database.central_storage | bool listen: recreate discourse - name: rebuild discourse diff --git a/roles/docker-discourse/tasks/main.yml b/roles/docker-discourse/tasks/main.yml index f612b2bf..bc9d3733 100644 --- a/roles/docker-discourse/tasks/main.yml +++ b/roles/docker-discourse/tasks/main.yml @@ -65,10 +65,10 @@ command: cmd: "docker network connect central_postgres {{applications.discourse.container}}" ignore_errors: true - when: enable_central_database | bool + when: applications[application_id].database.central_storage | bool - name: "remove central database from {{application_id}}_default" command: cmd: "docker network disconnect {{applications.discourse.network}} central-{{ database_type }}" ignore_errors: true - when: enable_central_database | bool + when: applications[application_id].database.central_storage | bool diff --git a/roles/docker-discourse/templates/discourse_application.yml.j2 b/roles/docker-discourse/templates/discourse_application.yml.j2 index 745f8931..13cac1af 100644 --- a/roles/docker-discourse/templates/discourse_application.yml.j2 +++ b/roles/docker-discourse/templates/discourse_application.yml.j2 @@ -1,5 +1,5 @@ templates: -{% if not enable_central_database | bool %} +{% if not applications[application_id].database.central_storage | bool %} - "templates/postgres.template.yml" {% endif %} #- "templates/redis.template.yml" diff --git a/roles/docker-mailu/vars/main.yml b/roles/docker-mailu/vars/main.yml index 474c8856..21d2b40c 100644 --- a/roles/docker-mailu/vars/main.yml +++ b/roles/docker-mailu/vars/main.yml @@ -4,11 +4,6 @@ database_type: "mariadb" cert_mount_directory: "{{docker_compose.directories.volumes}}certs/" enable_wildcard_certificate: false -# I don't know why this configuration is necessary. -# Propabldy due to a database migration problem, or dificulties to configure an external db in mailu -# @todo research -enable_central_database: "{{applications.mailu.enable_central_database}}" - # Use dedicated source for oidc if activated # @see https://github.com/heviat/Mailu-OIDC/tree/2024.06 docker_source: "{{ 'ghcr.io/heviat' if applications[application_id].oidc.enabled | bool else 'ghcr.io/mailu' }}" \ No newline at end of file diff --git a/roles/docker-matrix-compose/tasks/create-and-seed-database.yml b/roles/docker-matrix-compose/tasks/create-and-seed-database.yml index 15e3403c..b6598b9b 100644 --- a/roles/docker-matrix-compose/tasks/create-and-seed-database.yml +++ b/roles/docker-matrix-compose/tasks/create-and-seed-database.yml @@ -7,7 +7,7 @@ - name: "create {{database_name}} database" include_role: name: docker-postgres - when: enable_central_database | bool + when: applications[application_id].database.central_storage | bool - name: "include seed-database-to-backup.yml" include_tasks: "{{ playbook_dir }}/roles/backup-docker-to-local/tasks/seed-database-to-backup.yml" \ No newline at end of file diff --git a/roles/docker-phpmyadmin/vars/main.yml b/roles/docker-phpmyadmin/vars/main.yml index 2f0fb781..7ba56590 100644 --- a/roles/docker-phpmyadmin/vars/main.yml +++ b/roles/docker-phpmyadmin/vars/main.yml @@ -1,3 +1,3 @@ application_id: "phpmyadmin" database_type: "mariadb" -database_host: "{{ 'central-' + database_type if enable_central_database}}" \ No newline at end of file +database_host: "{{ 'central-' + database_type if applications[application_id].database.central_storage}}" \ No newline at end of file diff --git a/roles/docker-snipe_it/templates/env.j2 b/roles/docker-snipe_it/templates/env.j2 index ffd4e53c..d5a70f18 100644 --- a/roles/docker-snipe_it/templates/env.j2 +++ b/roles/docker-snipe_it/templates/env.j2 @@ -27,7 +27,7 @@ DB_DATABASE={{database_name}} DB_USERNAME={{database_username}} DB_PASSWORD={{database_password}} -{% if not enable_central_database | bool %} +{% if not applications[application_id].database.central_storage | bool %} MYSQL_ROOT_PASSWORD={{database_password}} DB_PREFIX=null DB_DUMP_PATH='/usr/bin' diff --git a/roles/docker-snipe_it/vars/main.yml b/roles/docker-snipe_it/vars/main.yml index 0916c9cd..c6155b31 100644 --- a/roles/docker-snipe_it/vars/main.yml +++ b/roles/docker-snipe_it/vars/main.yml @@ -1,4 +1,3 @@ application_id: "snipe_it" database_password: "{{applications.snipe_it.database_password}}" -database_type: "mariadb" -# enable_central_database: false For debugging reasons here \ No newline at end of file +database_type: "mariadb" \ No newline at end of file diff --git a/templates/docker/compose/networks.yml.j2 b/templates/docker/compose/networks.yml.j2 index fe8e681b..2844c880 100644 --- a/templates/docker/compose/networks.yml.j2 +++ b/templates/docker/compose/networks.yml.j2 @@ -1,6 +1,6 @@ -# This template needs to be included in docker-compose.yml +{# This template needs to be included in docker-compose.yml #} networks: -{% if enable_central_database | bool and database_type is defined %} +{% if applications[application_id].database.central_storage | bool and database_type is defined %} central_{{ database_type }}: external: true {% endif %} diff --git a/templates/docker/compose/volumes-just-database.yml.j2 b/templates/docker/compose/volumes-just-database.yml.j2 index d75a3dd5..a63634fd 100644 --- a/templates/docker/compose/volumes-just-database.yml.j2 +++ b/templates/docker/compose/volumes-just-database.yml.j2 @@ -1,5 +1,5 @@ -# This needs to be included in docker-compose.yml which just contain a database volume -{% if not enable_central_database | bool %} +{# This needs to be included in docker-compose.yml which just contain a database volume #} +{% if not applications[application_id].database.central_storage | bool %} volumes: database: {% endif %} diff --git a/templates/docker/compose/volumes.yml.j2 b/templates/docker/compose/volumes.yml.j2 index af5026a5..99163779 100644 --- a/templates/docker/compose/volumes.yml.j2 +++ b/templates/docker/compose/volumes.yml.j2 @@ -1,6 +1,6 @@ -# This template needs to be included in docker-compose.yml which contain a database and additional volumes +{# This template needs to be included in docker-compose.yml which contain a database and additional volumes #} volumes: -{% if not enable_central_database | bool %} +{% if not applications[application_id].database.central_storage | bool %} database: {% endif %} {{ "\n" }} \ No newline at end of file diff --git a/templates/docker/container/depends-on-also-database.yml.j2 b/templates/docker/container/depends-on-also-database.yml.j2 index 9f239b43..dd725d40 100644 --- a/templates/docker/container/depends-on-also-database.yml.j2 +++ b/templates/docker/container/depends-on-also-database.yml.j2 @@ -1,6 +1,6 @@ {# This template needs to be included in docker-compose.yml containers which depend on a database and additional containers #} depends_on: -{% if not enable_central_database | bool %} +{% if not applications[application_id].database.central_storage | bool %} database: condition: service_healthy {% endif %} diff --git a/templates/docker/container/depends-on-database-redis.yml.j2 b/templates/docker/container/depends-on-database-redis.yml.j2 index 60f39d04..ba7b4466 100644 --- a/templates/docker/container/depends-on-database-redis.yml.j2 +++ b/templates/docker/container/depends-on-database-redis.yml.j2 @@ -1,6 +1,6 @@ {# This template needs to be included in docker-compose.yml containers, which depend on a database, redis and optional additional volumes #} depends_on: -{% if not enable_central_database | bool %} +{% if not applications[application_id].database.central_storage | bool %} database: condition: service_healthy {% endif %} diff --git a/templates/docker/container/depends-on-just-database.yml.j2 b/templates/docker/container/depends-on-just-database.yml.j2 index 9c2dc9ea..fc984fd8 100644 --- a/templates/docker/container/depends-on-just-database.yml.j2 +++ b/templates/docker/container/depends-on-just-database.yml.j2 @@ -1,5 +1,5 @@ {# This template needs to be included in docker-compose.yml containers, which just depend on a database #} -{% if not enable_central_database | bool %} +{% if not applications[application_id].database.central_storage | bool %} depends_on: database: condition: service_healthy diff --git a/templates/docker/container/networks.yml.j2 b/templates/docker/container/networks.yml.j2 index f0bdd9a1..424c60c8 100644 --- a/templates/docker/container/networks.yml.j2 +++ b/templates/docker/container/networks.yml.j2 @@ -1,6 +1,6 @@ {# This template needs to be included in docker-compose.yml containers #} networks: -{% if enable_central_database | bool and database_type is defined %} +{% if applications[application_id].database.central_storage | bool and database_type is defined %} central_{{ database_type }}: {% endif %} {% if applications[application_id].ldap_enabled|default(false)|bool and applications.ldap.openldap.network.local|bool %}