Restructure and cleaned up in preparation of new backup logic

2025-08-30 07:18:09 +02:00 · 2025-07-15 23:51:51 +02:00
parent c8054ffbc3
commit af3ea9039c
106 changed files with 703 additions and 429 deletions
--- a/group_vars/all/00_general.yml
+++ b/group_vars/all/00_general.yml
@@ -55,7 +55,19 @@ certbot_cert_path:                        "/etc/letsencrypt/live" # Path contain
 docker_restart_policy:                    "unless-stopped"

 # helper
-_applications_nextcloud_oidc_flavor:      "{{ applications.nextcloud.oidc.flavor | default('oidc_login' if applications.nextcloud.features.ldap | default(true) else 'sociallogin') }}"
+_applications_nextcloud_oidc_flavor: >-
+  {{
+    applications
+      | get_app_conf(
+          'web-app-nextcloud',
+          'oidc.flavor',
+          False,
+          'oidc_login'
+          if applications
+            | get_app_conf('web-app-nextcloud','features.ldap',False)
+          else 'sociallogin'
+        )
+  }}

 # default value if not set via CLI (-e) or in playbook vars
 allowed_applications: []
--- a/group_vars/all/09_ports.yml
+++ b/group_vars/all/09_ports.yml
@@ -6,46 +6,46 @@ ports:
      svc-db-mariadb:   3306
    # https://developer.mozilla.org/de/docs/Web/API/WebSockets_API
    websocket:
-      mastodon: 4001
+      web-app-mastodon: 4001
      espocrm: 4002
    oauth2_proxy:
      phpmyadmin: 4181
      lam: 4182
-      openproject: 4183
+      web-app-openproject: 4183
      yourls: 4184
      pgadmin: 4185
      phpldapadmin: 4186
      fusiondirectory: 4187
-      gitea: 4188
+      web-app-gitea: 4188
      snipe-it: 4189
    ldap:
      svc-db-openldap: 389
    http:
-      nextcloud: 8001
-      gitea: 8002
-      wordpress: 8003
-      mediawiki: 8004
-      mybb: 8005
+      web-app-nextcloud: 8001
+      web-app-gitea: 8002
+      web-app-wordpress: 8003
+      web-app-mediawiki: 8004
+      web-app-mybb: 8005
      yourls: 8006
      mailu: 8007
-      elk: 8008
-      mastodon: 8009
-      pixelfed: 8010
-      peertube: 8011
+      web-app-elk: 8008
+      web-app-mastodon: 8009
+      web-app-pixelfed: 8010
+      web-app-peertube: 8011
      funkwhale: 8012
      roulette-wheel: 8013
-      joomla: 8014
+      web-app-joomla: 8014
      attendize: 8015
      pgadmin: 8016
-      baserow: 8017
+      web-app-baserow: 8017
      web-app-matomo: 8018
-      listmonk: 8019
-      discourse: 8020
-      matrix_synapse: 8021
-      matrix_element: 8022
-      openproject: 8023
+      web-app-listmonk: 8019
+      web-app-discourse: 8020
+      web-app-matrix_synapse: 8021
+      web-app-matrix_element: 8022
+      web-app-openproject: 8023
      gitlab: 8024
-      akaunting: 8025
+      web-app-akaunting: 8025
      moodle: 8026
      taiga: 8027
      friendica: 8028
@@ -73,11 +73,13 @@ ports:
  public:
    # The following ports should be changed to 22 on the subdomain via stream mapping
    ssh:
-      gitea: 2201
+      web-app-gitea: 2201
      gitlab: 2202
    ldaps:
      svc-db-openldap: 636
    stun:
      bigbluebutton: 3478    # Not sure if it's right placed here or if it should be moved to localhost section
+      web-app-nextcloud:     3479
    turn:
      bigbluebutton: 5349    # Not sure if it's right placed here or if it should be moved to localhost section
+      web-app-nextcloud:     5350    # Not used yet
--- a/group_vars/all/10_networks.yml
+++ b/group_vars/all/10_networks.yml
@@ -8,11 +8,11 @@ defaults_networks:
    # This should be sufficient for the most cases

    # /28 Networks, 14 Usable Ip Addresses
-    akaunting:
+    web-app-akaunting:
      subnet: 192.168.101.0/28
    attendize:
      subnet: 192.168.101.16/28
-    baserow:
+    web-app-baserow:
      subnet: 192.168.101.32/28
    mobilizon:
      subnet: 192.168.101.48/28
@@ -22,25 +22,25 @@ defaults_networks:
      subnet: 192.168.101.80/28
    funkwhale:
      subnet: 192.168.101.96/28
-    gitea:
+    web-app-gitea:
      subnet: 192.168.101.112/28
    gitlab:
      subnet: 192.168.101.128/28
-    joomla:
+    web-app-joomla:
      subnet: 192.168.101.144/28
    keycloak:
      subnet: 192.168.101.160/28
-    #svc-db-openldap:
-    #  subnet: 192.168.101.176/28
-    listmonk:
+    web-app-wordpress:
+      subnet: 192.168.101.176/28
+    web-app-listmonk:
      subnet: 192.168.101.192/28
    # Free:
    #  subnet: 192.168.101.208/28
    web-app-matomo:
      subnet: 192.168.101.224/28
-    mastodon:
+    web-app-mastodon:
      subnet: 192.168.101.240/28
-    matrix:
+    web-app-matrix:
      subnet: 192.168.102.0/28
    mailu:
      # Use one of the last container ips for dns resolving so that it isn't used
@@ -48,17 +48,17 @@ defaults_networks:
      subnet: 192.168.102.16/28
    moodle:
      subnet: 192.168.102.32/28
-    mybb:
+    web-app-mybb:
      subnet: 192.168.102.48/28
-    nextcloud:
+    web-app-nextcloud:
      subnet: 192.168.102.64/28
-    openproject:
+    web-app-openproject:
      subnet: 192.168.102.80/28
-    peertube:
+    web-app-peertube:
      subnet: 192.168.102.96/28
    phpmyadmin:
      subnet: 192.168.102.112/28
-    pixelfed:
+    web-app-pixelfed:
      subnet: 192.168.102.128/28
    pgadmin:
      subnet: 192.168.102.144/28
@@ -68,7 +68,7 @@ defaults_networks:
      subnet: 192.168.102.176/28
    yourls:
      subnet: 192.168.102.192/28
-    discourse:
+    web-app-discourse:
      subnet: 192.168.102.208/28
    sphinx:
      subnet: 192.168.102.224/28
--- a/group_vars/all/15_about.yml
+++ b/group_vars/all/15_about.yml
@@ -20,12 +20,12 @@ defaults_service_provider:
      {{ ('@' ~ users.contact.username ~ '.' ~ domains.bluesky.api)
         if 'bluesky' in group_names else '' }}
    email:          "{{ users.contact.username ~ '@' ~ primary_domain if 'mailu' in group_names else '' }}"
-    mastodon:       "{{ '@' ~ users.contact.username ~ '@' ~ domains | get_domain('mastodon') if 'mastodon' in group_names else '' }}"
-    matrix:         "{{ '@' ~ users.contact.username ~ ':' ~ domains.matrix.synapse if 'matrix' in group_names else '' }}"
-    peertube:       "{{ '@' ~ users.contact.username ~ '@' ~ domains | get_domain('peertube') if 'peertube' in group_names else '' }}"
-    pixelfed:       "{{ '@' ~ users.contact.username ~ '@' ~ domains | get_domain('pixelfed') if 'pixelfed' in group_names else '' }}"
+    mastodon:       "{{ '@' ~ users.contact.username ~ '@' ~ domains | get_domain('web-app-mastodon') if 'web-app-mastodon' in group_names else '' }}"
+    matrix:         "{{ '@' ~ users.contact.username ~ ':' ~ domains['web-app-matrix'].synapse if 'web-app-matrix' in group_names else '' }}"
+    peertube:       "{{ '@' ~ users.contact.username ~ '@' ~ domains | get_domain('web-app-peertube') if 'web-app-peertube' in group_names else '' }}"
+    pixelfed:       "{{ '@' ~ users.contact.username ~ '@' ~ domains | get_domain(web-app-pixelfed) if web-app-pixelfed in group_names else '' }}"
    phone:          "+0 000 000 404"
-    wordpress:      "{{ '@' ~ users.contact.username ~ '@' ~ domains | get_domain('wordpress') if 'wordpress' in group_names else '' }}"
+    wordpress:      "{{ '@' ~ users.contact.username ~ '@' ~ domains | get_domain('web-app-wordpress') if 'web-app-wordpress' in group_names else '' }}"

  legal:
    editorial_responsible:  "Johannes Gutenberg"
--- a/group_vars/all/16_storage.yml
+++ b/group_vars/all/16_storage.yml
@@ -1,6 +1,3 @@
-## Enable Storage Optimizer for Docker Volumes
-enable_system_storage_optimizer:  true
-
 backups_folder_path:              "/Backups/"   # Path to the backups folder

 # Storage Space-Related Configurations