Decoupeld database, docker and proxy

2025-07-18 22:44:24 +02:00 · 2025-07-09 14:21:30 +02:00 · 2025-07-09 14:21:30 +02:00 · c9c73cbdb2
commit c9c73cbdb2
parent 73329506a9
55 changed files with 386 additions and 103 deletions
--- a/roles/categories.yml
+++ b/roles/categories.yml
@ -0,0 +1,184 @@
 categories:
  core:
    title: "Core & System"
    description: "Fundamental system configuration"
    icon: "fas fa-cogs"
    gen:
      title: "gen-*"
      description: "Helper roles & installers (git, locales, timer, etc.)"
      icon: "fas fa-wrench"
    desk:
      title: "desk-*"
      description: "Desktop environment roles & apps (GNOME, browser, LibreOffice, etc.)"
      icon: "fas fa-desktop"
  desk:
    applications:
      title: "Desktop Applications"
      description: "Setup & utilities for desktop apps"
      icon: "fas fa-desktop"
    utils:
      title: "utils-desk-*"
      description: "Utility roles for desktop tools & development"
      icon: "fas fa-tools"
  srv:
    web:
      core:
        title: "srv-web-core"
        description: "Install & configure base Nginx server"
        icon: "fas fa-server"
      tls:
        title: "srv-web-tls-*"
        description: "Deploy & renew TLS certificates"
        icon: "fas fa-lock"
      proxy:
        title: "srv-web-proxy-*"
        description: "Proxy & vhost orchestration"
        icon: "fas fa-project-diagram"
      injector:
        core:
          title: "srv-web-injector-core"
          description: "Inject core HTML modifiers"
          icon: "fas fa-code"
        css:
          title: "srv-web-injector-css"
          description: "Inject CSS into responses"
          icon: "fas fa-paint-brush"
        iframe:
          title: "srv-web-injector-iframe"
          description: "Inject iframe notifier"
          icon: "fas fa-window-maximize"
        javascript:
          title: "srv-web-injector-javascript"
          description: "Inject JS into responses"
          icon: "fas fa-code"
        matomo:
          title: "srv-web-injector-matomo"
          description: "Inject Matomo tracking code"
          icon: "fas fa-chart-pie"
      composer:
        title: "srv-web-composer"
        description: "Compose multiple filters into one include"
        icon: "fas fa-layer-group"
  web:
    svc:
      title: "web-svc-*"
      description: "Static content servers (assets, HTML, legal, files)"
      icon: "fas fa-file"
    app:
      title: "web-app-*"
      description: "Deployable web applications (GitLab, Nextcloud, Mastodon, etc.)"
      icon: "fas fa-docker"
  net:
    general:
      title: "net-*"
      description: "Network setup (DNS, Let's Encrypt HTTP, WireGuard, etc.)"
      icon: "fas fa-globe"
    svc:
      title: "svc-*"
      description: "Docker infrastructure services (DBMS, LDAP, Redis, etc.)"
      icon: "fas fa-database"
    wireguard:
      core:
        title: "net-wireguard-core"
        description: "Core WireGuard configuration"
        icon: "fas fa-network-wired"
      firewalled:
        title: "net-wireguard-firewalled"
        description: "WireGuard with firewall rules"
        icon: "fas fa-shield-alt"
      plain:
        title: "net-wireguard-plain"
        description: "WireGuard without extra firewall"
        icon: "fas fa-network-wired"
  monitoring:
    bot:
      title: "mon-bot-*"
      description: "Bot-style health checks (disk, Docker, webserver, etc.)"
      icon: "fas fa-robot"
    core:
      title: "monitor-core-*"
      description: "Low-level monitors (journalctl, containers, disk space, etc.)"
      icon: "fas fa-chart-area"
  alerting:
    title: "Alerting"
    description: "Notification handlers for system events"
    icon: "fas fa-bell"
    subcategories:
      email:
        title: "alert-email"
        description: "Send alerts via email"
        icon: "fas fa-envelope"
      telegram:
        title: "alert-telegram"
        description: "Send alerts via Telegram"
        icon: "fab fa-telegram-plane"
      compose:
        title: "alert-compose"
        description: "Compose multiple alert handlers"
        icon: "fas fa-project-diagram"
  maintenance:
    title: "Maintenance & Healing"
    description: "Periodic maintenance & auto-recovery"
    icon: "fas fa-tools"
    subcategories:
      general:
        title: "maint-*"
        description: "Periodic tasks (Btrfs balancing, swapfile, etc.)"
        icon: "fas fa-sync-alt"
      docker:
        title: "maint-docker-*"
        description: "Automated Docker recovery & restarts"
        icon: "fas fa-docker"
      cleanup:
        title: "cln-*"
        description: "Housekeeping tasks (backups, certs, logs, etc.)"
        icon: "fas fa-broom"
  backup:
    title: "Backup & Restore"
    description: "Backup strategies & restore procedures"
    icon: "fas fa-hdd"
    subcategories:
      general:
        title: "bkp-*"
        description: "Local & remote backups (files, volumes, DBs)"
        icon: "fas fa-cloud-upload-alt"
  updates:
    title: "Updates & Package Management"
    description: "OS & package updates"
    icon: "fas fa-sync"
    subcategories:
      os:
        title: "update-*"
        description: "Automatic OS & package updates (apt, Docker, pip, etc.)"
        icon: "fas fa-download"
      pkgmgr:
        title: "pkgmgr-*"
        description: "Language/platform package managers (npm, pip, AUR, etc.)"
        icon: "fas fa-box-open"
  users:
    title: "Users & Access"
    description: "User accounts & access control"
    icon: "fas fa-users"
    subcategories:
      general:
        title: "user-*"
        description: "Create user accounts & SSH keys"
        icon: "fas fa-user"
      administrator:
        title: "user-administrator"
        description: "Config for admin users"
        icon: "fas fa-user-shield"
      root:
        title: "user-root"
        description: "Config for root user"
        icon: "fas fa-user-shield"
--- a/roles/cmp-db-docker/README.md
+++ b/roles/cmp-db-docker/README.md
@ -0,0 +1,25 @@
 # Database Docker Composition
 This role combines the central RDBMS role (`svc-rdbms-central`) with Docker Compose to deliver a ready-to-use containerized database environment.
 ## Features
 - **Central RDBMS Integration**  
  Includes the `svc-rdbms-central` role, which handles backups, restores, user and permission management for your relational database system (PostgreSQL, MariaDB, etc.).
 - **Docker Compose**  
  Utilizes the standalone `docker-compose` role to define and bring up containers, networks, and volumes automatically.
 - **Variable Load Order**  
  1. Docker Compose variables (`roles/docker-compose/vars/docker-compose.yml`)  
  2. Database variables (`roles/svc-rdbms-central/vars/database.yml`)  
  Ensures compose ports and volumes are defined before the database role consumes them.
 The role will load both sub-roles and satisfy all dependencies transparently.
 ## Task Breakdown
 1. **Set Fact** `database_application_id` to work around lazy‐loading ordering.
 2. **Include Vars** in the specified order.
 3. **Invoke** `docker-compose` role to create containers, networks, and volumes.
 4. **Invoke** `svc-rdbms-central` role to provision the database, backups, and users.
--- a/roles/cmp-db-docker/meta/main.yml
+++ b/roles/cmp-db-docker/meta/main.yml
@ -0,0 +1,17 @@
 galaxy_info:
  author: "Kevin Veen-Birkenbach"
  description: >
    Combines Docker Compose with a central RDBMS role to automatically
    provision database containers with backup, user, and permission management.
  company: |
    Kevin Veen-Birkenbach
    Consulting & Coaching Solutions
    https://www.veen.world
  license: "CyMaIS NonCommercial License (CNCL)"
  license_url: "https://s.veen.world/cncl"
  galaxy_tags:
    - docker
    - database
    - rdbms
    - backup
    - compose
--- a/roles/cmp-db-docker/tasks/main.yml
+++ b/roles/cmp-db-docker/tasks/main.yml
@ -0,0 +1,17 @@
 - name: "set database_application_id (Needed due to lazzy loading issue)"
  set_fact:
    database_application_id: "{{ application_id }}"
 - name: "Load database variables"
  include_vars: "{{ item }}"
  loop:
    - "{{ cmp_db_docker_vars_file_docker }}"   # Important to load docker variables first so that database can use them
    - "{{ cmp_db_docker_vars_file_db }}" # Important to load them before docker role so that backup can use them
 - name: "Load docker-compose for {{ application_id }}"
  include_role: 
    name: docker-compose
 - name: "Load central rdbms for {{ application_id }}"
  include_role: 
    name: svc-rdbms-central
--- a/roles/cmp-db-docker/vars/main.yml
+++ b/roles/cmp-db-docker/vars/main.yml
@ -0,0 +1,2 @@
 cmp_db_docker_vars_file_db:     "{{ playbook_dir }}/roles/svc-rdbms-central/vars/database.yml"
 cmp_db_docker_vars_file_docker: "{{ playbook_dir }}/roles/docker-compose/vars/docker-compose.yml"
--- a/roles/docker-compose/meta/main.yml
+++ b/roles/docker-compose/meta/main.yml
@ -25,5 +25,4 @@ galaxy_info:
  issue_tracker_url: https://s.veen.world/cymaisissues
  documentation: https://s.veen.world/cymais
 dependencies:
  - srv-web-proxy-core
  - docker-container # Necessary for template use
--- a/roles/docker-compose/tasks/files.yml
+++ b/roles/docker-compose/tasks/files.yml
@ -40,4 +40,5 @@
  register:       docker_ps
  changed_when:   (docker_ps.stdout | trim) == ""
  notify:         docker compose up
-  when:           not (docker_compose_template.changed or env_template.changed)
+  when:           not (docker_compose_template.changed or env_template.changed)
  ignore_errors:  true
--- a/roles/docker-container/meta/main.yml
+++ b/roles/docker-container/meta/main.yml
@ -0,0 +1,2 @@
 dependencies:
 - docker-core
--- a/roles/docker-core/Administration.md
+++ b/roles/docker-core/Administration.md
--- a/roles/docker-core/README.md
+++ b/roles/docker-core/README.md
--- a/roles/docker-core/handlers/main.yml
+++ b/roles/docker-core/handlers/main.yml
--- a/roles/docker-core/meta/main.yml
+++ b/roles/docker-core/meta/main.yml
--- a/roles/docker-core/tasks/main.yml
+++ b/roles/docker-core/tasks/main.yml
--- a/roles/srv-web-proxy-core/meta/main.yml
+++ b/roles/srv-web-proxy-core/meta/main.yml
@ -24,5 +24,5 @@ galaxy_info:
  issue_tracker_url: https://s.veen.world/cymaisissues
  documentation: https://s.veen.world/cymais
 dependencies:
-  - docker
+  - srv-web-https
-  - srv-web-https
+  - srv-web-core
--- a/roles/srv-web-proxy-domain/meta/main.yml
+++ b/roles/srv-web-proxy-domain/meta/main.yml
@ -24,4 +24,4 @@ galaxy_info:
  issue_tracker_url: https://s.veen.world/cymaisissues
  documentation: https://s.veen.world/cymais
 dependencies:
-  - srv-web-core
+  - srv-web-proxy-core
--- a/roles/svc-openldap/tasks/main.yml
+++ b/roles/svc-openldap/tasks/main.yml
@ -1,4 +1,5 @@
 ---
 - name: "include docker-compose role"
  include_role: 
    name: docker-compose
@ -23,6 +24,14 @@
    ipam_config:
      - subnet: "{{ networks.local.central_ldap.subnet }}"
 - name: "Wait for LDAP to be available"
  wait_for:
    host: "127.0.0.1"
    port: "{{ ports.localhost.ldap.openldap }}"
    delay: 5
    timeout: 120
    state: started
 - name: "Reset LDAP admin passwords"
  include_tasks: reset_admin_passwords.yml
  when: applications[application_id].network.local
--- a/roles/svc-rdbms-central/tasks/main.yml
+++ b/roles/svc-rdbms-central/tasks/main.yml
@ -1,18 +1,3 @@
 - name: "set database_application_id (Needed due to lazzy loading issue)"
  set_fact:
    database_application_id: "{{ application_id }}"
 - name: "Load database variables"
  include_vars: "{{ item }}"
  loop:
    - "{{ docker_var_file }}"   # Important to load docker variables first so that database can use them
    - "{{ database_var_file }}" # Important to load them before docker role so that backup can use them
 # Docker Routines
 - name: "Include docker-compose role"
  include_role: 
    name: docker-compose
 # The following env file will just be used from the dedicated mariadb container
 # and not the {{applications.mariadb.hostname }}-database
 - name: "Create {{database_env}}"
--- a/roles/svc-rdbms-central/vars/main.yml
+++ b/roles/svc-rdbms-central/vars/main.yml
@ -1,2 +0,0 @@
 database_var_file:  "{{ role_path }}/vars/database.yml"
 docker_var_file:    "{{playbook_dir}}/roles/docker-compose/vars/docker-compose.yml"
--- a/roles/web-app-akaunting/tasks/main.yml
+++ b/roles/web-app-akaunting/tasks/main.yml
@ -1,7 +1,7 @@
 ---
- name: "include svc-rdbms-central"
+- name: "load docker and db for {{application_id}}"
  include_role: 
-    name: svc-rdbms-central
+    name: cmp-db-docker
 - name: "include role srv-web-proxy-domain for {{application_id}}"
  include_role:
--- a/roles/web-app-attendize/tasks/main.yml
+++ b/roles/web-app-attendize/tasks/main.yml
@ -1,7 +1,7 @@
 ---
- name: "include svc-rdbms-central"
+- name: "load docker and db for {{application_id}}"
  include_role: 
-    name: svc-rdbms-central
+    name: cmp-db-docker
 - name: "include role for {{application_id}} to receive certs & do modification routines"
  include_role:
--- a/roles/web-app-baserow/tasks/main.yml
+++ b/roles/web-app-baserow/tasks/main.yml
@ -1,7 +1,7 @@
 ---
- name: "include svc-rdbms-central"
+- name: "load docker and db for {{application_id}}"
  include_role: 
-    name: svc-rdbms-central
+    name: cmp-db-docker
 - name: "include role srv-web-proxy-domain for {{application_id}}"
  include_role:
--- a/roles/web-app-coturn/tasks/main.yml
+++ b/roles/web-app-coturn/tasks/main.yml
@ -1,7 +1,7 @@
 ---
- name: "include svc-rdbms-central"
+- name: "load docker and db for {{application_id}}"
  include_role: 
-    name: svc-rdbms-central
+    name: cmp-db-docker
 - name: "include role srv-web-proxy-domain for {{application_id}}"
  include_role:
--- a/roles/web-app-discourse/tasks/main.yml
+++ b/roles/web-app-discourse/tasks/main.yml
@ -10,9 +10,9 @@
    state: present
  when: run_once_docker_discourse is not defined
- name: "include svc-rdbms-central"
+- name: "load docker and db for {{application_id}}"
  include_role: 
-    name: svc-rdbms-central
+    name: cmp-db-docker
  when: run_once_docker_discourse is not defined
 - name: "include role srv-web-proxy-domain for {{application_id}}"
--- a/roles/web-app-espocrm/tasks/main.yml
+++ b/roles/web-app-espocrm/tasks/main.yml
@ -1,7 +1,7 @@
 ---
- name: "include svc-rdbms-central"
+- name: "load docker and db for {{application_id}}"
-  include_role:
+  include_role: 
-    name: svc-rdbms-central
+    name: cmp-db-docker
 - name: "Include setup for domain '{{ domain }}'"
  include_role: 
--- a/roles/web-app-friendica/tasks/main.yml
+++ b/roles/web-app-friendica/tasks/main.yml
@ -1,7 +1,7 @@
 ---
- name: "include svc-rdbms-central"
+- name: "load docker and db for {{application_id}}"
  include_role: 
-    name: svc-rdbms-central
+    name: cmp-db-docker
 - name: "create {{ friendica_host_ldap_config }}"
  template: 
--- a/roles/web-app-funkwhale/tasks/main.yml
+++ b/roles/web-app-funkwhale/tasks/main.yml
@ -1,7 +1,7 @@
 ---
- name: "include svc-rdbms-central"
+- name: "load docker and db for {{application_id}}"
  include_role: 
-    name: svc-rdbms-central
+    name: cmp-db-docker
 - name: "include role srv-web-proxy-domain for {{application_id}}"
  include_role:
--- a/roles/web-app-gitea/tasks/main.yml
+++ b/roles/web-app-gitea/tasks/main.yml
@ -1,7 +1,7 @@
 ---
- name: "include svc-rdbms-central"
+- name: "load docker and db for {{application_id}}"
  include_role: 
-    name: svc-rdbms-central
+    name: cmp-db-docker
 - name: "include role srv-web-proxy-domain for {{application_id}}"
  include_role:
--- a/roles/web-app-gitlab/tasks/main.yml
+++ b/roles/web-app-gitlab/tasks/main.yml
@ -1,7 +1,7 @@
 ---
- name: "include svc-rdbms-central"
+- name: "load docker and db for {{application_id}}"
  include_role: 
-    name: svc-rdbms-central
+    name: cmp-db-docker
 - name: "include role srv-web-proxy-domain for {{application_id}}"
  include_role:
--- a/roles/web-app-jenkins/meta/main.yml
+++ b/roles/web-app-jenkins/meta/main.yml
@ -1,2 +1 @@
-dependencies:
+
 - srv-web-proxy-core
--- a/roles/web-app-jenkins/tasks/main.yml
+++ b/roles/web-app-jenkins/tasks/main.yml
@ -1,3 +1,7 @@
 - name: "load docker and db for {{application_id}}"
  include_role: 
    name: cmp-db-docker
 - name: "include role srv-web-proxy-domain for {{application_id}}"
  include_role:
    name: srv-web-proxy-domain
@ -5,15 +9,3 @@
    domain:   "{{ domains | get_domain(application_id) }}"
    http_port:   "{{ ports.localhost.http[application_id] }}"
 - name: "docker jenkins"
  docker_compose:
    application_id: jenkins
    definition:
      application:
        image: jenkins/jenkins:lts
        restart: "{{docker_restart_policy}}"
        ports:
          - "127.0.0.1:{{ports.localhost.http[application_id]}}:8080"
        volumes:
          - jenkins_data:/var/jenkins_home
        log_driver: journald
--- a/roles/web-app-jenkins/templates/docker-compose.yml.j2
+++ b/roles/web-app-jenkins/templates/docker-compose.yml.j2
@ -0,0 +1,10 @@
 {% include 'roles/docker-compose/templates/base.yml.j2' %}
    application:
      image: jenkins/jenkins:lts
      restart: "{{docker_restart_policy}}"
      ports:
        - "127.0.0.1:{{ports.localhost.http[application_id]}}:8080"
      volumes:
        - jenkins_data:/var/jenkins_home
      log_driver: journald
 {% include 'roles/docker-compose/templates/networks.yml.j2' %}
--- a/roles/web-app-joomla/tasks/main.yml
+++ b/roles/web-app-joomla/tasks/main.yml
@ -1,7 +1,7 @@
 ---
- name: "include svc-rdbms-central"
+- name: "load docker and db for {{application_id}}"
  include_role: 
-    name: svc-rdbms-central
+    name: cmp-db-docker
 - name: "include role srv-web-proxy-domain for {{application_id}}"
  include_role:
--- a/roles/web-app-keycloak/tasks/main.yml
+++ b/roles/web-app-keycloak/tasks/main.yml
@ -1,7 +1,7 @@
 ---
- name: "include svc-rdbms-central"
+- name: "load docker and db for {{application_id}}"
  include_role: 
-    name: svc-rdbms-central
+    name: cmp-db-docker
 - name: "include role srv-web-proxy-domain for {{application_id}}"
  include_role:
--- a/roles/web-app-keycloak/tasks/update-ldap-bind.yml
+++ b/roles/web-app-keycloak/tasks/update-ldap-bind.yml
@ -0,0 +1,42 @@
 # Draft 
 - name: Wait until Keycloak is up
  uri:
    url: "{{ keycloak_server_host_url }}/realms/{{ keycloak_realm }}"
    method: GET
    status_code: 200
    validate_certs: false
  register: keycloak_up
  retries: 30
  delay: 5
  until: keycloak_up.status == 200
 - name: Log in with kcadm.sh
  shell: |
    {{ keycloak_kcadm_path }} config credentials \
      --server {{ keycloak_server_internal_url }} \
      --realm master \
      --user {{ keycloak_administrator_username }} \
      --password {{ keycloak_administrator_password }}
 - name: Retrieve LDAP component ID
  shell: |
    {{ keycloak_kcadm_path }} get components \
      -r {{ keycloak_realm }} \
      --query 'providerId=ldap' \
      --fields id \
      --format json \
      | jq -r '.[0].id'
  register: ldap_component
  changed_when: false
 - name: Update LDAP bind password
  vars:
    new_bind_password: "MyNewLdapPassword123!"
  shell: |
    {{ keycloak_kcadm_path }} update components/{{ ldap_component.stdout }} \
      -r {{ keycloak_realm }} \
      -s 'config.bindCredential=["{{ new_bind_password }}"]'
  no_log: true
  register: update_bind
  changed_when: update_bind.rc == 0
--- a/roles/web-app-listmonk/tasks/main.yml
+++ b/roles/web-app-listmonk/tasks/main.yml
@ -1,7 +1,7 @@
 ---
- name: "include svc-rdbms-central"
+- name: "load docker and db for {{application_id}}"
  include_role: 
-    name: svc-rdbms-central
+    name: cmp-db-docker
 - name: Set nginx_docker_reverse_proxy_extra_configuration based on applications[application_id].public_api_activated
  set_fact:
--- a/roles/web-app-mailu/tasks/main.yml
+++ b/roles/web-app-mailu/tasks/main.yml
@ -1,7 +1,7 @@
 ---
- name: "Include svc-rdbms-central"
+- name: "load docker and db for {{application_id}}"
-  include_role:
+  include_role: 
-    name: svc-rdbms-central
+    name: cmp-db-docker
  when: run_once_docker_mailu is not defined
 - name: "Include role srv-web-proxy-domain for {{ application_id }}"
--- a/roles/web-app-mastodon/tasks/main.yml
+++ b/roles/web-app-mastodon/tasks/main.yml
@ -1,7 +1,7 @@
 ---
- name: "include svc-rdbms-central"
+- name: "load docker and db for {{application_id}}"
  include_role: 
-    name: svc-rdbms-central
+    name: cmp-db-docker
 - name: "Include setup for domain '{{ domain }}'"
  include_role: 
--- a/roles/web-app-matomo/tasks/constructor.yml
+++ b/roles/web-app-matomo/tasks/constructor.yml
@ -1,6 +1,6 @@
- name: "include svc-rdbms-central"
+- name: "load docker and db for {{application_id}}"
  include_role: 
-    name: svc-rdbms-central
+    name: cmp-db-docker
 - name: "include role srv-web-proxy-domain for {{application_id}}"
  include_role:
--- a/roles/web-app-matrix/tasks/main.yml
+++ b/roles/web-app-matrix/tasks/main.yml
@ -8,9 +8,9 @@
    bridges: "{{ bridges_configuration | filter_enabled_bridges(applications[application_id].plugins) }}"
  changed_when: false
- name: "include svc-rdbms-central"
+- name: "load docker and db for {{application_id}}"
  include_role: 
-    name: svc-rdbms-central
+    name: cmp-db-docker
 - name: "include role for {{application_id}} to receive certs & do modification routines"
  include_role:
--- a/roles/web-app-mediawiki/tasks/main.yml
+++ b/roles/web-app-mediawiki/tasks/main.yml
@ -1,7 +1,7 @@
 ---
- name: "include svc-rdbms-central"
+- name: "load docker and db for {{application_id}}"
  include_role: 
-    name: svc-rdbms-central
+    name: cmp-db-docker
 - name: "include role srv-web-proxy-domain for {{application_id}}"
  include_role:
--- a/roles/web-app-mobilizon/tasks/main.yml
+++ b/roles/web-app-mobilizon/tasks/main.yml
@ -1,7 +1,7 @@
 ---
- name: "include svc-rdbms-central"
+- name: "load docker and db for {{application_id}}"
  include_role: 
-    name: svc-rdbms-central
+    name: cmp-db-docker
 - name: "include role srv-web-proxy-domain for {{application_id}}"
  include_role:
--- a/roles/web-app-moodle/tasks/main.yml
+++ b/roles/web-app-moodle/tasks/main.yml
@ -1,7 +1,7 @@
 ---
- name: "include svc-rdbms-central"
+- name: "load docker and db for {{application_id}}"
  include_role: 
-    name: svc-rdbms-central
+    name: cmp-db-docker
 - name: "include role srv-web-proxy-domain for {{application_id}}"
  include_role:
--- a/roles/web-app-mybb/tasks/main.yml
+++ b/roles/web-app-mybb/tasks/main.yml
@ -1,7 +1,7 @@
 ---
- name: "include svc-rdbms-central"
+- name: "load docker and db for {{application_id}}"
  include_role: 
-    name: svc-rdbms-central
+    name: cmp-db-docker
 - name: "include tasks setup-domain.yml with {{domains | get_domain(application_id)}}"
  include_tasks: setup-domain.yml
--- a/roles/web-app-nextcloud/tasks/main.yml
+++ b/roles/web-app-nextcloud/tasks/main.yml
@ -1,7 +1,7 @@
 ---
- name: "include svc-rdbms-central"
+- name: "load docker and db for {{application_id}}"
  include_role: 
-    name: svc-rdbms-central
+    name: cmp-db-docker
 - name: "create {{ nextcloud_host_config_additives_directory }}"
  file:
--- a/roles/web-app-openproject/tasks/main.yml
+++ b/roles/web-app-openproject/tasks/main.yml
@ -1,7 +1,7 @@
 ---
- name: "include svc-rdbms-central"
+- name: "load docker and db for {{application_id}}"
  include_role: 
-    name: svc-rdbms-central
+    name: cmp-db-docker
 - name: "include role srv-web-proxy-domain for {{application_id}}"
  include_role:
--- a/roles/web-app-peertube/tasks/main.yml
+++ b/roles/web-app-peertube/tasks/main.yml
@ -1,7 +1,7 @@
 ---
- name: "include svc-rdbms-central"
+- name: "load docker and db for {{application_id}}"
  include_role: 
-    name: svc-rdbms-central
+    name: cmp-db-docker
 - name: "include create-domains.yml for peertube"
  include_tasks: create-domains.yml
--- a/roles/web-app-pgadmin/tasks/configuration.yml
+++ b/roles/web-app-pgadmin/tasks/configuration.yml
@ -1,5 +1,5 @@
- name: "load variables from {{ database_var_file }}"
+- name: "load variables from {{ cmp_db_docker_vars_file_db }}"
-  include_vars: "{{ database_var_file }}"
+  include_vars: "{{ cmp_db_docker_vars_file_db }}"
 - name: "loading database configuration variables"
  include_vars:
--- a/roles/web-app-pixelfed/tasks/main.yml
+++ b/roles/web-app-pixelfed/tasks/main.yml
@ -1,7 +1,7 @@
 ---
- name: "include svc-rdbms-central"
+- name: "load docker and db for {{application_id}}"
  include_role: 
-    name: svc-rdbms-central
+    name: cmp-db-docker
 - name: "include role srv-web-proxy-domain for {{application_id}}"
  include_role:
--- a/roles/web-app-snipe-it/tasks/main.yml
+++ b/roles/web-app-snipe-it/tasks/main.yml
@ -1,7 +1,7 @@
 ---
- name: "include svc-rdbms-central"
+- name: "load docker and db for {{application_id}}"
  include_role: 
-    name: svc-rdbms-central
+    name: cmp-db-docker
 - name: "include role srv-web-proxy-domain for {{application_id}}"
  include_role:
--- a/roles/web-app-syncope/tasks/main.yml
+++ b/roles/web-app-syncope/tasks/main.yml
@ -1,7 +1,7 @@
 ---
- name: "include svc-rdbms-central"
+- name: "load docker and db for {{application_id}}"
  include_role: 
-    name: svc-rdbms-central
+    name: cmp-db-docker
 - name: "include role for {{application_id}} to receive certs & do modification routines"
  include_role:
--- a/roles/web-app-taiga/tasks/main.yml
+++ b/roles/web-app-taiga/tasks/main.yml
@ -1,7 +1,7 @@
 ---
- name: "include svc-rdbms-central"
+- name: "load docker and db for {{application_id}}"
  include_role: 
-    name: svc-rdbms-central
+    name: cmp-db-docker
 - name: "include role srv-web-proxy-domain for {{application_id}}"
  include_role:
--- a/roles/web-app-wordpress/tasks/main.yml
+++ b/roles/web-app-wordpress/tasks/main.yml
@ -1,7 +1,7 @@
 ---
- name: "Include svc-rdbms-central"
+- name: "load docker and db for {{application_id}}"
  include_role: 
-    name: svc-rdbms-central
+    name: cmp-db-docker
 - name: "Include role srv-web-proxy-domain for {{ application_id }}"
  include_role:
@ -21,7 +21,7 @@
 - name: "Transfering msmtprc to {{ host_msmtp_conf }}"
  template:
-    src: "{{ playbook_dir }}/roles/msmtp/templates/msmtprc.conf.j2"
+    src: "{{ playbook_dir }}/roles/gen-msmtp/templates/msmtprc.conf.j2"
    dest: "{{ host_msmtp_conf }}"
  notify: docker compose up
--- a/roles/web-app-yourls/tasks/main.yml
+++ b/roles/web-app-yourls/tasks/main.yml
@ -1,7 +1,7 @@
 ---
- name: "include svc-rdbms-central"
+- name: "load docker and db for {{application_id}}"
  include_role: 
-    name: svc-rdbms-central
+    name: cmp-db-docker
 - name: "include role srv-web-proxy-domain for {{application_id}}"
  include_role:
--- a/templates/roles/web-app/tasks/constructor.yml.j2
+++ b/templates/roles/web-app/tasks/constructor.yml.j2
@ -0,0 +1 @@
 # General Construction Tasks
--- a/templates/roles/web-app/tasks/main.yml.j2
+++ b/templates/roles/web-app/tasks/main.yml.j2
@ -3,9 +3,9 @@
 {% if database_type | bool %}
 {% raw %}
- name: "include svc-rdbms-central"
+- name: "load docker and db for {{application_id}}"
  include_role: 
-    name: svc-rdbms-central
+    name: cmp-db-docker
  when: run_once_docker_{% endraw %}{{ application_id }}{% raw %} is not defined
 {% endraw %}
		`@ -0,0 +1,2 @@`
							`cmp_db_docker_vars_file_db: "{{ playbook_dir }}/roles/svc-rdbms-central/vars/database.yml"`
							`cmp_db_docker_vars_file_docker: "{{ playbook_dir }}/roles/docker-compose/vars/docker-compose.yml"`
		`@ -1,2 +0,0 @@`
			`database_var_file: "{{ role_path }}/vars/database.yml"`
			`docker_var_file: "{{playbook_dir}}/roles/docker-compose/vars/docker-compose.yml"`