kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-08-29 15:06:26 +02:00
Code Issues Packages Projects Releases Wiki Activity

General Optimations

Browse Source
This commit is contained in:
Kevin Veen-Birkenbach
2025-05-28 02:42:39 +02:00
parent 70bf9ad3fb
commit aacc6877cb
12 changed files with 106 additions and 66 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
roles/docker-espocrm/meta/main.yml
View File

@@ -19,4 +19,5 @@ galaxy_info:
documentation: "https://s.veen.world/cymais"
logo:
class: "fa-solid fa-phone"
dependencies: []
run_after:
- docker-keycloak

2
roles/docker-espocrm/templates/docker-compose.yml.j2
View File

@@ -31,7 +31,7 @@ services:
driver: journald
environment:
- ESPOCRM_CONFIG_USE_WEB_SOCKET=true
- ESPOCRM_CONFIG_WEB_SOCKET_URL=ws://{{ domains | get_domain(application_id) }}/ws
- ESPOCRM_CONFIG_WEB_SOCKET_URL=wss://{{ domains | get_domain(application_id) }}/ws
- ESPOCRM_CONFIG_WEB_SOCKET_ZERO_M_Q_SUBSCRIBER_DSN=tcp://*:7777
- ESPOCRM_CONFIG_WEB_SOCKET_ZERO_M_Q_SUBMISSION_DSN=tcp://websocket:7777
entrypoint: docker-websocket.sh

2
roles/docker-espocrm/vars/configuration.yml
View File

@@ -22,7 +22,7 @@ csp:
unsafe-inline: true
whitelist:
connect-src:
- ws://espocrm.{{ primary_domain }}
- wss://espocrm.{{ primary_domain }}
domains:
aliases:
- "crm.{{ primary_domain }}"

3
roles/docker-mailu/meta/main.yml
View File

@@ -19,4 +19,5 @@ galaxy_info:
documentation: "https://s.veen.world/cymais"
logo:
class: "fa-solid fa-envelope"
dependencies: []
run_after:
- docker-keycloak

32
roles/docker-mailu/tasks/create-mailu-user-and-token.yml
View File

@@ -1,7 +1,7 @@
- name: "Ensure Mailu user {{ mailu_user }}@{{ mailu_domain }} exists"
- name: "Ensure Mailu user '{{ mailu_user_key }};{{ mailu_user_name }}@{{ mailu_domain }}'' exists"
command: >
docker compose exec admin flask mailu {{ mailu_action }}
{{ mailu_user }} {{ mailu_domain }} '{{ mailu_password }}'
{{ mailu_user_name }} {{ mailu_domain }} '{{ mailu_password }}'
args:
chdir: "{{ mailu_compose_dir }}"
register: mailu_user_result
@@ -13,10 +13,10 @@
)
changed_when: mailu_user_result.rc == 0
- name: "Change password for user {{ mailu_user }}@{{ mailu_domain }}"
- name: "Change password for user '{{ mailu_user_key }};{{ mailu_user_name }}@{{ mailu_domain }}'"
command: >
docker compose exec admin flask mailu password
{{ mailu_user }} {{ mailu_domain }} '{{ mailu_password }}'
{{ mailu_user_name }} {{ mailu_domain }} '{{ mailu_password }}'
args:
chdir: "{{ mailu_compose_dir }}"
@@ -30,18 +30,18 @@
register: mailu_tokens_cli
changed_when: false
- name: "Extract existing token info for {{ mailu_user }}"
- name: "Extract existing token info for '{{ mailu_user_key }};{{ mailu_user_name }}'"
set_fact:
mailu_user_existing_token: >-
{{ (
mailu_tokens_cli.stdout
| default('[]')
| from_json
| selectattr('comment','equalto', mailu_user ~ " - ansible.cymais")
| selectattr('comment','equalto', mailu_user_key ~ " - ansible.cymais")
| list
).0 | default(None) }}
- name: "Delete existing API token for {{ mailu_user }} if local token missing but remote exists"
- name: "Delete existing API token for '{{ mailu_user_key }};{{ mailu_user_name }}' if local token missing but remote exists"
command: >-
docker compose exec -T admin \
curl -s -X DELETE {{ mailu_api_base_url }}/token/{{ mailu_user_existing_token.id }} \
@@ -49,40 +49,40 @@
args:
chdir: "{{ mailu_compose_dir }}"
when:
- users[mailu_user].mailu_token is not defined
- users[mailu_user_key].mailu_token is not defined
- mailu_user_existing_token is not none
- mailu_user_existing_token.id is defined
register: mailu_token_delete
changed_when: mailu_token_delete.rc == 0
- name: "Create API token for {{ mailu_user }} if no local token defined"
- name: "Create API token for '{{ mailu_user_key }};{{ mailu_user_name }}' if no local token defined"
command: >-
docker compose exec -T admin \
curl -s -X POST {{ mailu_api_base_url }}/token \
-H "Authorization: Bearer {{ mailu_global_api_token }}" \
-H "Content-Type: application/json" \
-d '{{ {
"comment": mailu_user ~ " - ansible.cymais",
"email": users[mailu_user].email,
"comment": mailu_user_key ~ " - ansible.cymais",
"email": users[mailu_user_key].email,
"ip": mailu_token_ip
} | to_json }}'
args:
chdir: "{{ mailu_compose_dir }}"
when: users[mailu_user].mailu_token is not defined
when: users[mailu_user_key].mailu_token is not defined
register: mailu_token_creation
changed_when: mailu_token_creation.rc == 0
- name: "Set mailu_token for {{ mailu_user }} in users dict if newly created"
- name: "Set mailu_token for '{{ mailu_user_key }};{{ mailu_user_name }}' in users dict if newly created"
set_fact:
users: >-
{{ users
| combine({
mailu_user: (
users[mailu_user]
mailu_user_key: (
users[mailu_user_key]
| combine({
'mailu_token': (mailu_token_creation.stdout | from_json).token
})
)
}, recursive=True)
}}
when: users[mailu_user].mailu_token is not defined
when: users[mailu_user_key].mailu_token is not defined

3
roles/docker-mailu/tasks/main.yml
View File

@@ -33,7 +33,8 @@
mailu_api_base_url: "http://127.0.0.1:8080/api/v1"
mailu_global_api_token: "{{ applications.mailu.credentials.api_token }}"
mailu_action: "{{ item.value.is_admin | default(false) | ternary('admin','user') }}"
mailu_user: "{{ item.key }}"
mailu_user_key: "{{ item.key }}"
mailu_user_name: "{{ item.value.username }}"
mailu_password: "{{ item.value.password }}"
mailu_token_ip: "{{ item.value.ip | default('') }}"
loop: "{{ users | dict2items }}"

7
roles/docker-mailu/vars/configuration.yml
View File

@@ -15,4 +15,9 @@ features:
central_database: false # Deactivate central database for mailu, I don't know why the database deactivation is necessary
domains:
canonical:
- "mail.{{ primary_domain }}"
- "mail.{{ primary_domain }}"
flags:
style-src:
unsafe-inline: true
script-src:
unsafe-inline: true

29
roles/docker-portfolio/templates/config.yaml.j2
View File

@@ -10,9 +10,7 @@ accounts:
description: Platforms where I share content.
icon:
class: fas fa-newspaper
{% if ["mastodon", "bluesky"] | any_in(group_names) %}
{% if ["mastodon", "bluesky"] | any_in(group_names) %}
children:
- name: Microblogs
description: Stay updated with {{ 'our' if service_provider.type == 'legal' else 'my' }} microblogs.
@@ -20,8 +18,6 @@ accounts:
class: fa-solid fa-pen-nib
children:
{% if service_provider.contact.mastodon is defined and service_provider.contact.mastodon != "" %}
- name: Mastodon
description: Follow {{ 'our' if service_provider.type == 'legal' else 'my' }} updates on Mastodon.
icon:
@@ -29,11 +25,8 @@ accounts:
url: "{{ web_protocol }}://{{ service_provider.contact.mastodon.split('@')[2] }}/@{{ service_provider.contact.mastodon.split('@')[1] }}"
identifier: "{{service_provider.contact.mastodon}}"
iframe: {{ applications | is_feature_enabled('portfolio_iframe','mastodon') }}
{% endif %}
{% if service_provider.contact.bluesky is defined and service_provider.contact.bluesky != "" %}
- name: Bluesky
description: Follow {{ 'our' if service_provider.type == 'legal' else 'my' }} on Bluesky.
icon:
@@ -41,11 +34,9 @@ accounts:
alternatives:
- link: accounts.publishingchannels.microblogs.mastodon
identifier: "{{service_provider.contact.bluesky}}"
{% endif %}
{% endif %}
{% if service_provider.contact.pixelfed is defined and service_provider.contact.pixelfed != "" %}
- name: Pictures
description: Explore {{ 'our' if service_provider.type == 'legal' else 'my' }} photo gallery on Pixelfed.
icon:
@@ -53,11 +44,8 @@ accounts:
identifier: "{{service_provider.contact.pixelfed}}"
url: "{{ web_protocol }}://{{ service_provider.contact.pixelfed.split('@')[2] }}/@{{ service_provider.contact.pixelfed.split('@')[1] }}"
iframe: {{ applications | is_feature_enabled('portfolio_iframe','pixelfed') }}
{% endif %}
{% if service_provider.contact.peertube is defined and service_provider.contact.peertube != "" %}
- name: Peertube
description: Discover {{ 'our' if service_provider.type == 'legal' else 'my' }} videos on Peertube.
icon:
@@ -65,11 +53,8 @@ accounts:
identifier: "{{service_provider.contact.peertube}}"
url: "{{ web_protocol }}://{{ service_provider.contact.peertube.split('@')[2] }}/@{{ service_provider.contact.peertube.split('@')[1] }}"
iframe: {{ applications | is_feature_enabled('portfolio_iframe','peertube') }}
{% endif %}
{% if service_provider.contact.wordpress is defined and service_provider.contact.wordpress != "" %}
- name: Blog
description: Read {{ 'our' if service_provider.type == 'legal' else 'my' }} articles and stories.
icon:
@@ -77,21 +62,15 @@ accounts:
identifier: "{{service_provider.contact.wordpress}}"
url: "{{ web_protocol }}://{{ service_provider.contact.wordpress.split('@')[2] }}/@{{ service_provider.contact.wordpress.split('@')[1] }}"
iframe: {{ applications | is_feature_enabled('portfolio_iframe','wordpress') }}
{% endif %}
{% if service_provider.contact.source_code is defined and service_provider.contact.source_code != "" %}
- name: Our Code
{% if service_provider.legal.source_code is defined and service_provider.legal.source_code != "" %}
- name: Source Code
description: Explore {{ 'our' if service_provider.type == 'legal' else 'my' }} code.
icon:
class: fa-solid fa-code
url: "{{service_provider.legal.source_code}}"
{% endif %}
{% if service_provider.contact.friendica is defined and service_provider.contact.friendica != "" %}
- name: Social Network
description: Visit {{ 'our' if service_provider.type == 'legal' else 'my' }} friendica profile
icon:
@@ -99,9 +78,7 @@ accounts:
identifier: "{{service_provider.contact.friendica}}"
url: "{{ web_protocol }}://{{ service_provider.contact.friendica.split('@')[2] }}/@{{ service_provider.contact.friendica.split('@')[1] }}"
iframe: {{ applications | is_feature_enabled('portfolio_iframe','friendica') }}
{% endif %}
- link: navigation.header.contact
cards:

6
roles/health-nginx/templates/health-nginx.py.j2
View File

@@ -15,16 +15,12 @@ def get_expected_statuses(domain: str, parts: list[str], redirected_domains: set
Returns:
A list of expected HTTP status codes.
"""
{%- if domains.listmonk | safe_var | bool %}
if domain == '{{domains | get_domain('listmonk')}}':
return [404]
{%- endif %}
if (parts and parts[0] == 'www') or (domain in redirected_domains):
return [301]
{%- if domains.yourls | safe_var | bool %}
if domain == '{{domains | get_domain('yourls')}}':
return [403]
{%- endif %}
# Default: Expect status code 200 or 302 for a domain
return [200,302]
@@ -48,9 +44,7 @@ for filename in os.listdir(config_path):
url = f"{{ web_protocol }}://{domain}"
redirected_domains = [domain['source'] for domain in {{ current_play_domain_mappings_redirect}}]
{%- if domains.mailu | safe_var | bool %}
redirected_domains.append("{{domains | get_domain('mailu')}}")
{%- endif %}
expected_statuses = get_expected_statuses(domain, parts, redirected_domains)