From c9ab0cd7cc2171c539b591b0b987901f0efc1e5d Mon Sep 17 00:00:00 2001
From: Kevin Veen-Birkenbach <kevin@veen.world>
Date: Wed, 23 Apr 2025 18:41:22 +0200
Subject: [PATCH] Updated settings

---
 roles/docker-listmonk/tasks/main.yml | 36 +++++++---------------------
 roles/docker-listmonk/vars/main.yml  | 24 ++++++++++++++++++-
 2 files changed, 31 insertions(+), 29 deletions(-)

diff --git a/roles/docker-listmonk/tasks/main.yml b/roles/docker-listmonk/tasks/main.yml
index d9734b8f..3777b4fa 100644
--- a/roles/docker-listmonk/tasks/main.yml
+++ b/roles/docker-listmonk/tasks/main.yml
@@ -50,38 +50,18 @@
          "client_secret": oidc.client.secret
       } | to_json }}
 
-- name: Apply OIDC settings via Docker + here-doc
+- name: Apply all Listmonk settings
   shell: |
     docker exec -i {{ database_host }} psql \
       -U {{ database_username }} \
-      -d {{ database_name }} <<'EOSQL'
+      -d {{ database_name }} << 'EOSQL'
     UPDATE settings
-    SET value = '{{ oidc_settings_json }}'::jsonb
-    WHERE key = 'security.oidc';
-    EOSQL
-  args:
-    executable: /bin/bash
-  when: applications[application_id].features.oidc | bool
-
-- name: Enable hCaptcha and configure keys in Listmonk database
-  shell: |
-    docker exec -i {{ database_host }} psql \
-      -U {{ database_username }} \
-      -d {{ database_name }} <<'EOSQL'
-    -- enable captcha (boolean true)
-    UPDATE settings
-    SET value = 'true'::jsonb
-    WHERE key = 'security.enable_captcha';
-
-    -- set site key (JSON string)
-    UPDATE settings
-    SET value = '"{{ applications[application_id].credentials.hcaptcha.site_key }}"'::jsonb
-    WHERE key = 'security.captcha_key';
-
-    -- set secret (JSON string)
-    UPDATE settings
-    SET value = '"{{ applications[application_id].credentials.hcaptcha.secret }}"'::jsonb
-    WHERE key = 'security.captcha_secret';
+    SET value = '{{ item.value }}'::jsonb
+    WHERE key = '{{ item.key }}';
     EOSQL
   args:
     executable: /bin/bash
+  loop: "{{ listmonk_settings }}"
+  loop_control:
+    label: "{{ item.key }}"
+  when: item.when is not defined or item.when
diff --git a/roles/docker-listmonk/vars/main.yml b/roles/docker-listmonk/vars/main.yml
index 8fe12191..62b01548 100644
--- a/roles/docker-listmonk/vars/main.yml
+++ b/roles/docker-listmonk/vars/main.yml
@@ -1,3 +1,25 @@
 application_id:  	  "listmonk"
 database_password:  "{{applications[application_id].credentials.database.password}}"
-database_type:      "postgres"
\ No newline at end of file
+database_type:      "postgres"
+
+listmonk_settings:
+  - key: "app.root_url"
+    value: '"https://{{ domains[application_id] }}"'
+
+  # OIDC integration (conditional)
+  - key: "security.oidc"
+    value: >-
+      {{ {
+         "enabled": True,
+         "client_id": oidc.client.id,
+         "provider_url": oidc.client.issuer_url,
+         "client_secret": oidc.client.secret
+      } | to_json }}
+    when: applications[application_id].features.oidc | bool
+
+  # hCaptcha toggles and credentials\ n  - key: "security.enable_captcha"
+    value: "true"
+  - key: "security.captcha_key"
+    value: '"{{ applications[application_id].credentials.hcaptcha.site_key }}"'
+  - key: "security.captcha_secret"
+    value: '"{{ applications[application_id].credentials.hcaptcha.secret }}"'
\ No newline at end of file