Big code and variable refactoring

roles/docker-baserow/templates/env.j2

@@ -2,12 +2,12 @@
 BASEROW_PUBLIC_URL=https://{{ domain }}
 
 # Email Server Configuration
-EMAIL_SMTP={{ system_email_smtp | upper }}
-EMAIL_SMTP_HOST={{ system_email_host }}
-EMAIL_SMTP_PORT={{ system_email_smtp_port }}
-EMAIL_SMTP_USER={{system_email_username}}
-EMAIL_SMTP_PASSWORD={{ system_email_password }}
-EMAIL_SMTP_USE_TLS={{ system_email_tls | upper }}
+EMAIL_SMTP={{ system_email.smtp | upper }}
+EMAIL_SMTP_HOST={{ system_email.host }}
+EMAIL_SMTP_PORT={{ system_email.smtp_port }}
+EMAIL_SMTP_USER={{system_email.username}}
+EMAIL_SMTP_PASSWORD={{ system_email.password }}
+EMAIL_SMTP_USE_TLS={{ system_email.tls | upper }}
 
 DATABASE_USER={{ database_username }}
 DATABASE_NAME={{ database_name }}

roles/docker-bigbluebutton/tasks/main.yml

@@ -1,6 +1,7 @@
 ---
-- name: "include docker/compose/common.yml"
-  include_tasks: docker/compose/common.yml
+- name: "include docker-compose role"
+  include_role: 
+    name: docker-compose
 
 - name: "include task certbot-matomo.yml"
   include_tasks: certbot-matomo.yml

roles/docker-bigbluebutton/templates/env.j2

@@ -201,19 +201,19 @@ ALLOW_GREENLIGHT_ACCOUNTS=true
 # Emails are required for the basic features of Greenlight to function.
 # Please refer to your SMTP provider to get the values for the variables below
 
-SMTP_SERVER={{system_email_host}}
+SMTP_SERVER={{system_email.host}}
 SMTP_DOMAIN={{domain}}
-SMTP_PORT={{system_email_smtp_port}}
-SMTP_USERNAME={{system_email_username}}
-SMTP_PASSWORD={{system_email_password}}
+SMTP_PORT={{system_email.smtp_port}}
+SMTP_USERNAME={{system_email.username}}
+SMTP_PASSWORD={{system_email.password}}
 SMTP_AUTH=plain
 SMTP_OPENSSL_VERIFY_MODE=none
-SMTP_STARTTLS_AUTO={{system_email_start_tls | lower}}
-SMTP_STARTTLS={{system_email_start_tls | lower}}
-SMTP_TLS={{system_email_tls | lower}}
+SMTP_STARTTLS_AUTO={{system_email.start_tls | lower}}
+SMTP_STARTTLS={{system_email.start_tls | lower}}
+SMTP_TLS={{system_email.tls | lower}}
 SMTP_SSL_VERIFY=true
-SMTP_SENDER={{system_email_from}}
-SMTP_SENDER_EMAIL={{system_email_from}}
+SMTP_SENDER={{system_email.from}}
+SMTP_SENDER_EMAIL={{system_email.from}}
 
 # Prefix for the applications root URL.
 # Useful for deploying the application to a subdirectory, which is highly recommended

roles/docker-bluesky/tasks/main.yml

@@ -1,6 +1,7 @@
 ---
-- name: "include docker/compose/common.yml"
-  include_tasks: docker/compose/common.yml
+- name: "include docker-compose role"
+  include_role: 
+    name: docker-compose
 
 - name: "Include tasks for API domain"
   include_tasks: nginx-docker-proxy-domain.yml

roles/docker-bluesky/templates/docker-compose.yml.j2

@@ -7,7 +7,7 @@ services:
         - {{pdsadmin_file_path}}:/usr/local/bin/pdsadmin:ro
     environment:
       # Geben Sie hier Ihre Domain und Konfigurationsdetails an
-      PDS_HOSTNAME: "{{domain_api}}"
+      PDS_HOSTNAME: "{{domains.api}}"
       PDS_ADMIN_EMAIL: "{{bluesky_administrator_email}}"
       PDS_SERVICE_DID: "did:web:{{domain_api}}"
       # See https://mattdyson.org/blog/2024/11/self-hosting-bluesky-pds/
@@ -16,8 +16,8 @@ services:
       PDS_ADMIN_PASSWORD: "{{bluesky_pds_admin_password}}"
       PDS_PLC_ROTATION_KEY_K256_PRIVATE_KEY_HEX: "{{bluesky_pds_plc_rotation_key_k256_private_key_hex}}"
       PDS_CRAWLERS: https://bsky.network
-      PDS_EMAIL_SMTP_URL: smtps://{{system_email_username}}:{{system_email_password}}@{{system_email_host}}:{{system_email_smtp_port}}/
-      PDS_EMAIL_FROM_ADDRESS: {{system_email_from}}
+      PDS_EMAIL_SMTP_URL: smtps://{{system_email.username}}:{{system_email.password}}@{{system_email.host}}:{{system_email.smtp_port}}/
+      PDS_EMAIL_FROM_ADDRESS: {{system_email.from}}
       LOG_ENABLED: true
       PDS_BLOBSTORE_DISK_LOCATION: /opt/pds/blocks
       # -- DEFAULT VALUES ---

roles/docker-compose/defaults/main.yml

@@ -0,0 +1 @@
+docker_compose_instance_directory:  "{{ path_docker_compose_instances + docker_compose_project_name + '/' }}"

roles/docker-compose/tasks/main.yml

@@ -0,0 +1,24 @@
+- name: load docker compose dependencies
+  include_role:
+    name: docker-compose
+
+- name: "remove {{ docker_compose_instance_directory }} and all its contents"
+  file:
+    path: "{{ docker_compose_instance_directory }}"
+    state: absent
+  when: mode_reset | bool
+
+- name: "create {{docker_compose_instance_directory}}"
+  file:
+    path: "{{docker_compose_instance_directory}}"
+    state: directory
+    mode: 0755
+
+- name: flush docker service
+  meta: flush_handlers
+  when: run_once_docker_compose is not defined
+
+- name: run the docker tasks once
+  set_fact:
+    run_once_docker_compose: true
+  when: run_once_docker_compose is not defined

roles/docker-discourse/templates/discourse_application.yml.j2

@@ -52,13 +52,13 @@ env:
 
   # SMTP ADDRESS, username, and password are required
   # WARNING the char '#' in SMTP password can cause problems!
-  DISCOURSE_SMTP_ADDRESS:           {{ system_email_host }}
-  DISCOURSE_SMTP_PORT:              {{ system_email_smtp_port }}
-  DISCOURSE_SMTP_USER_NAME:         {{system_email_username}}
-  DISCOURSE_SMTP_PASSWORD:          {{ system_email_password }}
-  DISCOURSE_SMTP_ENABLE_START_TLS:  {{ system_email_start_tls | upper }}
-  DISCOURSE_SMTP_DOMAIN:            {{ system_email_domain }}
-  DISCOURSE_NOTIFICATION_EMAIL:     {{system_email_from}}
+  DISCOURSE_SMTP_ADDRESS:           {{ system_email.host }}
+  DISCOURSE_SMTP_PORT:              {{ system_email.smtp_port }}
+  DISCOURSE_SMTP_USER_NAME:         {{system_email.username}}
+  DISCOURSE_SMTP_PASSWORD:          {{ system_email.password }}
+  DISCOURSE_SMTP_ENABLE_START_TLS:  {{ system_email.start_tls | upper }}
+  DISCOURSE_SMTP_DOMAIN:            {{ system_email.domain }}
+  DISCOURSE_NOTIFICATION_EMAIL:     {{system_email.from}}
 
   # Database Configuration
   DISCOURSE_DB_USERNAME: {{ database_username }}

roles/docker-friendica/templates/docker-compose.yml.j2

@@ -43,14 +43,14 @@ services:
       MYSQL_PASSWORD: {{database_password}}
 
       # Email Configuration
-      SMTP:           {{system_email_host}}
-      SMTP_DOMAIN:    {{system_email_domain}}
-      SMTP_PORT:      {{system_email_smtp_port}}
-      SMTP_AUTH_USER: {{system_email_username}}
-      SMTP_AUTH_PASS: {{system_email_password}}
-      SMTP_TLS:       {{ 'on' if system_email_tls else 'off' }}
-      SMTP_STARTTLS:  {{ 'on' if system_email_start_tls else 'off' }}
-      SMTP_FROM:      {{system_email_local}}
+      SMTP:           {{system_email.host}}
+      SMTP_DOMAIN:    {{system_email.domain}}
+      SMTP_PORT:      {{system_email.smtp_port}}
+      SMTP_AUTH_USER: {{system_email.username}}
+      SMTP_AUTH_PASS: {{system_email.password}}
+      SMTP_TLS:       {{ 'on' if system_email.tls else 'off' }}
+      SMTP_STARTTLS:  {{ 'on' if system_email.start_tls else 'off' }}
+      SMTP_FROM:      {{system_email.local}}
 
       # Administrator Credentials
       FRIENDICA_ADMIN_MAIL: {{administrator_email}}

roles/docker-funkwhale/templates/env.j2

@@ -53,14 +53,14 @@ LOGLEVEL=error
 # (returns `noreply%40youremail.host`)
 # EMAIL_CONFIG=smtp://user:password@youremail.host:25
 # EMAIL_CONFIG=smtp+ssl://user:password@youremail.host:465
-EMAIL_CONFIG=smtp+tls://{{system_email_local}}:{{system_email_password}}@{{system_email_host}}:{{system_email_smtp_port}}
+EMAIL_CONFIG=smtp+tls://{{system_email.local}}:{{system_email.password}}@{{system_email.host}}:{{system_email.smtp_port}}
 
 # Make e-mail verification mandatory before using the service
 # Doesn't apply to admins.
 # ACCOUNT_EMAIL_VERIFICATION_ENFORCE=false
 
 # The e-mail address to use to send system e-mails.
-DEFAULT_FROM_EMAIL={{system_email_from}}
+DEFAULT_FROM_EMAIL={{system_email.from}}
 
 # Depending on the reverse proxy used in front of your funkwhale instance,
 # the API will use different kind of headers to serve audio files

roles/docker-ldap/tasks/main.yml

@@ -1,15 +1,23 @@
 ---
-- name: "include docker/compose/common.yml"
-  include_tasks: docker/compose/common.yml
+- name: "include docker-compose role"
+  include_role: 
+    name: docker-compose
 
 - name: "include tasks nginx-docker-proxy-domain.yml"
   include_tasks: nginx-docker-proxy-domain.yml
 
-- name: create {{domain}}.conf
+- name: Create {{domain}}.conf if LDAP is exposed to internet
   template: 
     src:  "nginx.stream.conf.j2" 
     dest: "{{nginx_streams_directory}}{{domain}}.conf"
   notify: restart nginx
+  when: ldap_expose_to_internet | bool
+
+- name: Remove {{domain}}.conf if LDAP is not exposed to internet
+  file:
+    path: "{{ nginx_streams_directory }}{{ domain }}.conf"
+    state: absent
+  when: not ldap_expose_to_internet | bool
 
 - name: "create {{docker_compose_instance_directory}}"
   file:

roles/docker-ldap/templates/docker-compose.yml.j2

@@ -79,6 +79,7 @@ services:
       retries: 3
       start_period: 20s
 {% include 'templates/docker/container/networks.yml.j2' %}
+  central_ldap:
 {% include 'templates/docker/compose/volumes.yml.j2' %}
   data:
 

roles/docker-mastodon/templates/.env.production.j2

@@ -16,14 +16,14 @@ REDIS_HOST=redis
 REDIS_PORT=6379
 REDIS_PASSWORD=
 
-SMTP_SERVER={{system_email_host}}
-SMTP_PORT={{system_email_smtp_port}}
-SMTP_LOGIN={{system_email_username}}
-SMTP_PASSWORD={{system_email_password}}
+SMTP_SERVER={{system_email.host}}
+SMTP_PORT={{system_email.smtp_port}}
+SMTP_LOGIN={{system_email.username}}
+SMTP_PASSWORD={{system_email.password}}
 SMTP_AUTH_METHOD=plain
 SMTP_OPENSSL_VERIFY_MODE=none
 SMTP_ENABLE_STARTTLS=auto
-SMTP_FROM_ADDRESS=Mastodon <{{system_email_from}}>
+SMTP_FROM_ADDRESS=Mastodon <{{system_email.from}}>
 
 ACTIVE_RECORD_ENCRYPTION_DETERMINISTIC_KEY= {{mastodon_active_record_encryption_deterministic_key}}
 ACTIVE_RECORD_ENCRYPTION_KEY_DERIVATION_SALT={{mastodon_active_record_encryption_key_derivation_salt}}

roles/docker-matrix-compose/templates/element.config.json.j2

@@ -1,8 +1,8 @@
 {
     "default_server_config": {
         "m.homeserver": {
-            "base_url": "https://{{domain_matrix_synapse}}",
-            "server_name": "{{domain_matrix_synapse}}"
+            "base_url": "https://{{domains.matrix_synapse}}",
+            "server_name": "{{domains.matrix_synapse}}"
         },
         "m.identity_server": {
             "base_url": "https://{{primary_domain}}"

roles/docker-matrix-compose/templates/synapse/homeserver.yaml.j2

@@ -17,13 +17,13 @@ database:
     host: "{{database_host}}"
     cp_min: 5
     cp_max: 10
-log_config:                     "/data/{{domain_matrix_synapse}}.log.config"
+log_config:                     "/data/{{domains.matrix_synapse}}.log.config"
 media_store_path:               "/data/media_store"
 registration_shared_secret:     "{{matrix_registration_shared_secret}}"
 report_stats:                   true
 macaroon_secret_key:            "{{matrix_macaroon_secret_key}}"
 form_secret:                    "{{matrix_form_secret}}"
-signing_key_path:               "/data/{{domain_matrix_synapse}}.signing.key"
+signing_key_path:               "/data/{{domains.matrix_synapse}}.signing.key"
 web_client_location:            "https://{{element_domain}}"
 public_baseurl:                 "https://{{synapse_domain}}"
 trusted_key_servers:
@@ -31,18 +31,18 @@ trusted_key_servers:
 admin_contact: 'mailto:{{administrator_email}}'
 
 email:
-  smtp_host:                    "{{system_email_host}}"
-  smtp_port:                    "{{system_email_smtp_port}}"
-  smtp_user:                    "{{system_email_from}}"
-  smtp_pass:                    "{{system_email_password}}"
+  smtp_host:                    "{{system_email.host}}"
+  smtp_port:                    "{{system_email.smtp_port}}"
+  smtp_user:                    "{{system_email.from}}"
+  smtp_pass:                    "{{system_email.password}}"
   #force_tls:                    true
   #require_transport_security:   true
-  enable_tls:                   "{{ system_email_tls | upper }}"
-  notif_from:                   "Your Friendly %(app)s homeserver <{{system_email_from}}>"
+  enable_tls:                   "{{ system_email.tls | upper }}"
+  notif_from:                   "Your Friendly %(app)s homeserver <{{system_email.from}}>"
   app_name:                     "Matrix on {{synapse_domain}}"
   enable_notifs:                true
   notif_for_new_users:          false
-  client_base_url:              "{{domain_matrix_synapse}}"
+  client_base_url:              "{{domains.matrix_synapse}}"
   validation_token_lifetime:    15m
 
 app_service_config_files:

roles/docker-nextcloud/tasks/main.yml

@@ -11,10 +11,10 @@
     dest: "{{nginx_servers_directory}}{{domain}}.conf"
   notify: restart nginx
 
-- name: configure nginx.conf
+- name: create nginx.conf
   template: 
     src:  "templates/nginx.conf.j2" 
-    dest: "{{path_docker_volumes}}nextcloud/nginx.conf"
+    dest: "{{docker_compose_instance_directory}}nginx.conf"
   notify: docker compose project setup
 
 - name: add docker-compose.yml

roles/docker-nextcloud/tasks/oidc_tasks.yml

@@ -20,7 +20,7 @@
   command: >
     docker-compose exec -u www-data application /var/www/html/occ
     config:app:set sociallogin custom_providers
-    --value='{"custom_oidc":[{"name":"{{domain_keycloak}}","title":"keycloak","authorizeUrl":"{{oidc_client_authorize_url}}","tokenUrl":"{{oidc_client_toke_url}}","displayNameClaim":"","userInfoUrl":"{{oidc_client_user_info_url}}","logoutUrl":"{{oidc_client_logout_url}}","clientId":"{{oidc_client_id}}","clientSecret":"{{oidc_client_secret}}","scope":"openid","groupsClaim":"","style":"","defaultGroup":""}]}'
+    --value='{"custom_oidc":[{"name":"{{domains.keycloak}}","title":"keycloak","authorizeUrl":"{{oidc_client_authorize_url}}","tokenUrl":"{{oidc_client_toke_url}}","displayNameClaim":"","userInfoUrl":"{{oidc_client_user_info_url}}","logoutUrl":"{{oidc_client_logout_url}}","clientId":"{{oidc_client_id}}","clientSecret":"{{oidc_client_secret}}","scope":"openid","groupsClaim":"","style":"","defaultGroup":""}]}'
   # This configuration defines custom OpenID Connect (OIDC) providers for authentication.
   # In this case, it sets up a Keycloak provider with details like URLs for authorization,
   # token retrieval, user info, and logout, as well as the client ID and secret.

roles/docker-nextcloud/templates/docker-compose.yml.j2

@@ -25,15 +25,15 @@ services:
       PHP_MEMORY_LIMIT: 1G # Required for plugin duplicate finder
       
       # Email Configuration
-      SMTP_HOST: {{system_email_host}}
-      SMTP_SECURE: {{ 'ssl' if system_email_tls else '' }}
-      SMTP_PORT: {{system_email_smtp_port}}
-      SMTP_NAME: {{system_email_username}}
-      SMTP_PASSWORD: {{system_email_password}}
+      SMTP_HOST: {{system_email.host}}
+      SMTP_SECURE: {{ 'ssl' if system_email.tls else '' }}
+      SMTP_PORT: {{system_email.smtp_port}}
+      SMTP_NAME: {{system_email.username}}
+      SMTP_PASSWORD: {{system_email.password}}
 
       # Email from configuration
       MAIL_FROM_ADDRESS: no-reply
-      MAIL_DOMAIN: {{system_email_domain}}
+      MAIL_DOMAIN: {{system_email.domain}}
 
 {% include 'templates/docker/container/depends-on-database-redis.yml.j2' %}
 {% include 'templates/docker/container/networks.yml.j2' %}
@@ -47,7 +47,7 @@ services:
     ports:
       - "127.0.0.1:{{http_port}}:80"
     volumes:
-        - "{{path_docker_volumes}}nextcloud/nginx.conf:/etc/nginx/nginx.conf:ro"
+        - "{{docker_compose_instance_directory}}/nginx.conf:/etc/nginx/nginx.conf:ro"
     volumes_from:
       - application
     healthcheck:

roles/docker-oauth2-proxy/templates/oauth2-proxy-keycloak.cfg.j2

@@ -3,7 +3,7 @@ cookie_secret           =   "{{oauth2_proxy_cookie_secret}}"
 email_domains           =   "{{primary_domain}}"
 cookie_secure           =   "false"
 upstreams               =   "http://{{oauth2_proxy_upstream_application_and_port}}"
-cookie_domains          =   ["{{domain}}", "{{domain_keycloak}}"]                   # Required so cookie can be read on all subdomains.
+cookie_domains          =   ["{{domain}}", "{{domains.keycloak}}"]                   # Required so cookie can be read on all subdomains.
 whitelist_domains       =   [".{{primary_domain}}"]                                 # Required to allow redirection back to original requested target.
 
 # keycloak provider

roles/docker-openproject/templates/docker-compose.yml.j2

@@ -114,7 +114,7 @@ services:
     container_name: openproject-seeder
     restart: on-failure
 {% include 'templates/docker/container/networks.yml.j2' %}
-
+  central_ldap:
 {% include 'templates/docker/compose/networks.yml.j2' %}
 
 {% include 'templates/docker/compose/volumes.yml.j2' %}

roles/docker-peertube/templates/env.j2

@@ -14,11 +14,11 @@ PEERTUBE_TRUST_PROXY=["127.0.0.1", "loopback"]
 PEERTUBE_SECRET={{peertube_secret}}
 
 # E-mail configuration
-PEERTUBE_SMTP_USERNAME={{system_email_username}}
-PEERTUBE_SMTP_PASSWORD={{system_email_password}}
-PEERTUBE_SMTP_HOSTNAME={{system_email_host}}
-PEERTUBE_SMTP_PORT={{system_email_smtp_port}}
-PEERTUBE_SMTP_FROM={{system_email_from}}
-PEERTUBE_SMTP_TLS={{ system_email_tls | lower }}
-PEERTUBE_SMTP_DISABLE_STARTTLS={{ 'false' if system_email_start_tls else 'true' }}
-PEERTUBE_ADMIN_EMAIL={{system_email_from}}
+PEERTUBE_SMTP_USERNAME={{system_email.username}}
+PEERTUBE_SMTP_PASSWORD={{system_email.password}}
+PEERTUBE_SMTP_HOSTNAME={{system_email.host}}
+PEERTUBE_SMTP_PORT={{system_email.smtp_port}}
+PEERTUBE_SMTP_FROM={{system_email.from}}
+PEERTUBE_SMTP_TLS={{ system_email.tls | lower }}
+PEERTUBE_SMTP_DISABLE_STARTTLS={{ 'false' if system_email.start_tls else 'true' }}
+PEERTUBE_ADMIN_EMAIL={{system_email.from}}

roles/docker-phpmyadmin/tasks/main.yml

@@ -1,6 +1,7 @@
 ---
-- name: "include docker/compose/common.yml"
-  include_tasks: docker/compose/common.yml
+- name: "include docker-compose role"
+  include_role: 
+    name: docker-compose
 
 - name: "include tasks nginx-docker-proxy-domain.yml"
   include_tasks: nginx-docker-proxy-domain.yml

roles/docker-pixelfed/templates/env.j2

@@ -46,15 +46,15 @@ RESTRICTED_INSTANCE=false
 
 ## Mail
 MAIL_DRIVER=log
-MAIL_HOST={{system_email_host}}
-MAIL_PORT={{system_email_smtp_port}}
-MAIL_FROM_ADDRESS="{{system_email_from}}"
+MAIL_HOST={{system_email.host}}
+MAIL_PORT={{system_email.smtp_port}}
+MAIL_FROM_ADDRESS="{{system_email.from}}"
 MAIL_FROM_NAME="Pixelfed"
-MAIL_USERNAME={{system_email_username}}
-MAIL_PASSWORD={{system_email_password}}
+MAIL_USERNAME={{system_email.username}}
+MAIL_PASSWORD={{system_email.password}}
 # Not sure if the following is correct
 # Checkout: https://github.com/pixelfed/pixelfed/blob/dev/.env.docker
-MAIL_ENCRYPTION={{ 'ssl' if system_email_start_tls else 'tls' }} 
+MAIL_ENCRYPTION={{ 'ssl' if system_email.start_tls else 'tls' }} 
 
 ## Databases (MySQL)
 DB_CONNECTION=mysql

roles/docker-portfolio/tasks/main.yml

@@ -1,6 +1,7 @@
 ---
-- name: "include docker/compose/common.yml"
-  include_tasks: docker/compose/common.yml
+- name: "include docker-compose role"
+  include_role: 
+    name: docker-compose
 
 - name: "include tasks nginx-docker-proxy-domain.yml"
   include_tasks: nginx-docker-proxy-domain.yml

roles/docker-roulette-wheel/tasks/main.yml

@@ -1,6 +1,7 @@
 ---
-- name: "include docker/compose/common.yml"
-  include_tasks: docker/compose/common.yml
+- name: "include docker-compose role"
+  include_role: 
+    name: docker-compose
 
 - name: pull app repository
   git:

roles/docker-taiga/templates/.env.j2

@@ -13,14 +13,14 @@ POSTGRES_PASSWORD={{database_password}}  # database user's password
 
 # Taiga's SMTP settings - Variables to send Taiga's emails to the users
 EMAIL_BACKEND       =   console                     # use an SMTP server or display the emails in the console (either "smtp" or "console")
-EMAIL_HOST          =   {{system_email_host}}       # SMTP server address
-EMAIL_PORT          =   {{system_email_smtp_port}}  # default SMTP port
-EMAIL_HOST_USER     =   {{system_email_username}}   # user to connect the SMTP server
-EMAIL_HOST_PASSWORD =   {{system_email_password}}   # SMTP user's password
-EMAIL_DEFAULT_FROM  =   {{system_email_from}}       # default email address for the automated emails
+EMAIL_HOST          =   {{system_email.host}}       # SMTP server address
+EMAIL_PORT          =   {{system_email.smtp_port}}  # default SMTP port
+EMAIL_HOST_USER     =   {{system_email.username}}   # user to connect the SMTP server
+EMAIL_HOST_PASSWORD =   {{system_email.password}}   # SMTP user's password
+EMAIL_DEFAULT_FROM  =   {{system_email.from}}       # default email address for the automated emails
 # EMAIL_USE_TLS/EMAIL_USE_SSL are mutually exclusive (only set one of those to True)
-EMAIL_USE_TLS={{ system_email_tls | lower | capitalize }}  # use TLS (secure) connection with the SMTP server
-EMAIL_USE_SSL={{ 'False' if system_email_start_tls else 'True' }}  # use implicit TLS (secure) connection with the SMTP server
+EMAIL_USE_TLS={{ system_email.tls | lower | capitalize }}  # use TLS (secure) connection with the SMTP server
+EMAIL_USE_SSL={{ 'False' if system_email.start_tls else 'True' }}  # use implicit TLS (secure) connection with the SMTP server
 
 # Taiga's RabbitMQ settings - Variables to leave messages for the realtime and asynchronous events
 RABBITMQ_USER=taiga  # user to connect to RabbitMQ

roles/docker/tasks/main.yml

@@ -16,15 +16,6 @@
     group: administrator
   when: run_once_docker is not defined
 
-- name: "create {{path_docker_volumes}}"
-  file:
-    path: "{{path_docker_volumes}}"
-    state: directory
-    mode: 0700
-    owner: administrator
-    group: administrator
-  when: run_once_docker is not defined
-
 - name: flush docker service
   meta: flush_handlers
   when: run_once_docker is not defined

roles/health-nginx/templates/health-nginx.py.j2

@@ -25,17 +25,17 @@ for filename in os.listdir(config_path):
         # Default: Expect status code 200 or 302 for a domain
         expected_statuses = [200,302]
         
-        redirected_domains = [domain['source'] for domain in {{redirect_domain_mappings}}]
-        redirected_domains.append("{{domain_mailu}}")
+        redirected_domains = [domain['source'] for domain in {{redirect_domains_mappings}}]
+        redirected_domains.append("{{domains.mailu}}")
 
         # Determine expected status codes based on the domain
-        if domain == '{{domain_listmonk}}':
+        if domain == '{{domains.listmonk}}':
             expected_statuses = [404]
 {% if nginx_matomo_tracking | bool %}
         elif parts[0] == 'www' or domain in redirected_domains:
             expected_statuses = [301]
 {% endif %}
-        elif domain == '{{domain_yourls}}':
+        elif domain == '{{domains.yourls}}':
             expected_statuses = [403]
 
         try:

roles/systemd-notifier-email/templates/msmtprc.conf.j2

@@ -2,8 +2,8 @@
 defaults
 auth           on
 logfile        ~/.msmtp.log
-tls_starttls   {{ 'on' if system_email_start_tls else 'off' }}
-{% if system_email_tls %}
+tls_starttls   {{ 'on' if system_email.start_tls else 'off' }}
+{% if system_email.tls %}
 tls            on
 tls_trust_file /etc/ssl/certs/ca-certificates.crt
 {% else %}
@@ -11,10 +11,10 @@ tls            off
 {% endif %}
 
 account        system_email
-host           {{system_email_host}}
-port           {{system_email_smtp_port}}
-from           {{system_email_from}}
-user           {{system_email_username}}
-password       {{system_email_password}}
+host           {{system_email.host}}
+port           {{system_email.smtp_port}}
+from           {{system_email.from}}
+user           {{system_email.username}}
+password       {{system_email.password}}
 
 account default : system_email

roles/systemd-notifier-email/templates/systemd-notifier-email.sh.j2

@@ -2,7 +2,7 @@
 
 /usr/bin/sendmail -t <<ERRMAIL
 To: {{administrator_email}}
-From: systemd <{{system_email_from}}>
+From: systemd <{{system_email.from}}>
 Subject: $1
 Content-Transfer-Encoding: 8bit
 Content-Type: text/plain; charset=UTF-8