From ed40ee1f427e1588c71125cd09bc99d3348c7d2b Mon Sep 17 00:00:00 2001
From: Kevin Veen-Birkenbach <kevin@veen.world>
Date: Wed, 6 Dec 2023 17:59:57 +0100
Subject: [PATCH] refactored docker and nginx roles, to make them more modular

---
 playbook-servers.yml                          |  3 ++-
 roles/docker-akaunting/tasks/main.yml         |  8 ++------
 roles/docker-baserow/tasks/main.yml           |  8 ++------
 roles/docker-bigbluebutton/tasks/main.yml     |  4 ++--
 roles/docker-elk/tasks/main.yml               |  8 ++------
 roles/docker-funkwhale/tasks/main.yml         |  8 ++------
 roles/docker-gitea/tasks/main.yml             |  8 ++------
 roles/docker-jenkins/tasks/main.yml           |  8 ++------
 roles/docker-joomla/tasks/main.yml            | 11 +++++------
 roles/docker-listmonk/tasks/main.yml          | 10 ++--------
 roles/docker-mailu/tasks/main.yml             |  9 ++-------
 roles/docker-mastodon/tasks/main.yml          |  4 ++--
 roles/docker-matomo/tasks/main.yml            | 10 ++--------
 roles/docker-mediawiki/tasks/main.yml         |  8 ++------
 roles/docker-nextcloud/tasks/main.yml         |  4 ++--
 roles/docker-peertube/tasks/main.yml          |  8 ++------
 roles/docker-pixelfed/tasks/main.yml          |  8 ++------
 roles/docker-roulette-wheel/tasks/main.yml    |  8 ++------
 .../tasks/create-wordpress-nginx.yml          | 10 ----------
 roles/docker-wordpress/tasks/main.yml         | 19 ++++++-------------
 roles/docker-yourls/tasks/main.yml            | 10 ++--------
 roles/nginx-homepage/tasks/main.yml           |  7 ++++---
 tasks/certbot-matomo.yml                      |  5 +++++
 tasks/nginx-docker-proxy-domain.yml           |  7 ++-----
 24 files changed, 58 insertions(+), 135 deletions(-)
 delete mode 100644 roles/docker-wordpress/tasks/create-wordpress-nginx.yml
 create mode 100644 tasks/certbot-matomo.yml

diff --git a/playbook-servers.yml b/playbook-servers.yml
index 638349d4..59b1eb67 100644
--- a/playbook-servers.yml
+++ b/playbook-servers.yml
@@ -55,6 +55,7 @@
   roles:
   - role: docker-wordpress
     vars:
+      domains: "{{wordpress_domains}}"
       http_port: 8003
 
 - name: setup mediawiki hosts
@@ -161,7 +162,7 @@
   roles:
    -  role: docker-joomla
       vars:
-        domain: "joomla.{{top_domain}}"
+        domain: "{{joomla_domains}}"
         http_port: 8014
 
 - name: setup attendize
diff --git a/roles/docker-akaunting/tasks/main.yml b/roles/docker-akaunting/tasks/main.yml
index 49f91540..72535180 100644
--- a/roles/docker-akaunting/tasks/main.yml
+++ b/roles/docker-akaunting/tasks/main.yml
@@ -1,10 +1,6 @@
 ---
-- name: recieve {{domain}} certificate
-  command: certbot certonly --agree-tos --email {{administrator_email}} --non-interactive --webroot -w /var/lib/letsencrypt/ -d {{domain}}
-
-- name: configure {{domain}}.conf
-  template: src=roles/nginx-docker-reverse-proxy/templates/domain.conf.j2 dest=/etc/nginx/conf.d/{{domain}}.conf
-  notify: restart nginx
+- name: "include tasks nginx-docker-proxy-domain.yml"
+  include_tasks: nginx-docker-proxy-domain.yml
 
 - name: register directory
   stat:
diff --git a/roles/docker-baserow/tasks/main.yml b/roles/docker-baserow/tasks/main.yml
index 216da95a..5ba4b0dd 100644
--- a/roles/docker-baserow/tasks/main.yml
+++ b/roles/docker-baserow/tasks/main.yml
@@ -1,10 +1,6 @@
 ---
-- name: recieve {{domain}} certificate
-  command: certbot certonly --agree-tos --email {{administrator_email}} --non-interactive --webroot -w /var/lib/letsencrypt/ -d {{domain}}
-
-- name: configure {{domain}}.conf
-  template: src=roles/nginx-docker-reverse-proxy/templates/domain.conf.j2 dest=/etc/nginx/conf.d/{{domain}}.conf
-  notify: restart nginx
+- name: "include tasks nginx-docker-proxy-domain.yml"
+  include_tasks: nginx-docker-proxy-domain.yml
 
 - name: "create {{docker_compose_instance_directory}}"
   file:
diff --git a/roles/docker-bigbluebutton/tasks/main.yml b/roles/docker-bigbluebutton/tasks/main.yml
index 11c97a80..fa76aaaa 100644
--- a/roles/docker-bigbluebutton/tasks/main.yml
+++ b/roles/docker-bigbluebutton/tasks/main.yml
@@ -1,6 +1,6 @@
 ---
-- name: recieve {{domain}} certificate
-  command: certbot certonly --agree-tos --email {{administrator_email}} --non-interactive --webroot -w /var/lib/letsencrypt/ -d {{domain}}
+- name: "include task certbot-matomo.yml"
+  include_tasks: certbot-matomo.yml
 
 - name: configure {{domain}}.conf
   template: src=templates/nginx-proxy.conf.j2 dest=/etc/nginx/conf.d/{{domain}}.conf
diff --git a/roles/docker-elk/tasks/main.yml b/roles/docker-elk/tasks/main.yml
index d38de01d..b0ec3fdc 100644
--- a/roles/docker-elk/tasks/main.yml
+++ b/roles/docker-elk/tasks/main.yml
@@ -1,11 +1,7 @@
 ---
 
-- name: recieve {{domain}} certificate
-  command: certbot certonly --agree-tos --email {{administrator_email}} --non-interactive --webroot -w /var/lib/letsencrypt/ -d {{domain}}
-
-- name: configure {{domain}}.conf
-  template: src=roles/nginx-docker-reverse-proxy/templates/domain.conf.j2 dest=/etc/nginx/conf.d/{{domain}}.conf
-  notify: restart nginx
+- name: "include tasks nginx-docker-proxy-domain.yml"
+  include_tasks: nginx-docker-proxy-domain.yml
 
 - name: create elasticsearch-sysctl.conf
   copy:
diff --git a/roles/docker-funkwhale/tasks/main.yml b/roles/docker-funkwhale/tasks/main.yml
index e2eae661..b68cb3a9 100644
--- a/roles/docker-funkwhale/tasks/main.yml
+++ b/roles/docker-funkwhale/tasks/main.yml
@@ -1,10 +1,6 @@
 ---
-- name: recieve {{domain}} certificate
-  command: certbot certonly --agree-tos --email {{administrator_email}} --non-interactive --webroot -w /var/lib/letsencrypt/ -d {{domain}}
-
-- name: configure {{domain}}.conf
-  template: src=roles/nginx-docker-reverse-proxy/templates/domain.conf.j2 dest=/etc/nginx/conf.d/{{domain}}.conf
-  notify: restart nginx
+- name: "include tasks nginx-docker-proxy-domain.yml"
+  include_tasks: nginx-docker-proxy-domain.yml
 
 - name: "create {{docker_compose_instance_directory}}"
   file:
diff --git a/roles/docker-gitea/tasks/main.yml b/roles/docker-gitea/tasks/main.yml
index c1f8761c..da9f0511 100644
--- a/roles/docker-gitea/tasks/main.yml
+++ b/roles/docker-gitea/tasks/main.yml
@@ -1,10 +1,6 @@
 ---
-- name: recieve {{domain}} certificate
-  command: certbot certonly --agree-tos --email {{administrator_email}} --non-interactive --webroot -w /var/lib/letsencrypt/ -d {{domain}}
-
-- name: configure {{domain}} https
-  template: src=roles/nginx-docker-reverse-proxy/templates/domain.conf.j2 dest=/etc/nginx/conf.d/{{domain}}.conf
-  notify: restart nginx
+- name: "include tasks nginx-docker-proxy-domain.yml"
+  include_tasks: nginx-docker-proxy-domain.yml
 
 - name: "create {{docker_compose_instance_directory}}"
   file:
diff --git a/roles/docker-jenkins/tasks/main.yml b/roles/docker-jenkins/tasks/main.yml
index 2f99b428..f38e8a0d 100644
--- a/roles/docker-jenkins/tasks/main.yml
+++ b/roles/docker-jenkins/tasks/main.yml
@@ -1,9 +1,5 @@
-- name: recieve {{domain}} certificate
-  command: certbot certonly --agree-tos --email {{administrator_email}} --non-interactive --webroot -w /var/lib/letsencrypt/ -d {{domain}}
-
-- name: configure {{domain}}.conf
-  template: src=roles/nginx-docker-reverse-proxy/templates/domain.conf.j2 dest=/etc/nginx/conf.d/{{domain}}.conf
-  notify: restart nginx
+- name: "include tasks nginx-docker-proxy-domain.yml"
+  include_tasks: nginx-docker-proxy-domain.yml
 
 - name: "docker jenkins"
   docker_compose:
diff --git a/roles/docker-joomla/tasks/main.yml b/roles/docker-joomla/tasks/main.yml
index ef524fcf..9c993607 100644
--- a/roles/docker-joomla/tasks/main.yml
+++ b/roles/docker-joomla/tasks/main.yml
@@ -1,10 +1,9 @@
 ---
-- name: recieve {{domain}} certificate
-  command: certbot certonly --agree-tos --email {{administrator_email}} --non-interactive --webroot -w /var/lib/letsencrypt/ -d {{domain}}
-
-- name: configure {{domain}}.conf
-  template: src=roles/nginx-docker-reverse-proxy/templates/domain.conf.j2 dest=/etc/nginx/conf.d/{{domain}}.conf
-  notify: restart nginx
+- name: "include tasks nginx-docker-proxy-domain.yml"
+  include_tasks: nginx-docker-proxy-domain.yml
+  loop: "{{ domains }}"
+  loop_control:
+    loop_var: domain
 
 - name: "create {{docker_compose_instance_directory}}"
   file:
diff --git a/roles/docker-listmonk/tasks/main.yml b/roles/docker-listmonk/tasks/main.yml
index 5cfca8d3..b51fba5b 100644
--- a/roles/docker-listmonk/tasks/main.yml
+++ b/roles/docker-listmonk/tasks/main.yml
@@ -1,12 +1,6 @@
 ---
-- name: recieve {{domain}} certificate
-  command: certbot certonly --agree-tos --email {{administrator_email}} --non-interactive --webroot -w /var/lib/letsencrypt/ -d {{domain}}
-
-- name: configure {{domain}}.conf
-  template: 
-    src:  "roles/nginx-docker-reverse-proxy/templates/domain.conf.j2"
-    dest: "/etc/nginx/conf.d/{{domain}}.conf"
-  notify: restart nginx
+- name: "include tasks nginx-docker-proxy-domain.yml"
+  include_tasks: nginx-docker-proxy-domain.yml
 
 - name: "create {{docker_compose_instance_directory}}"
   file:
diff --git a/roles/docker-mailu/tasks/main.yml b/roles/docker-mailu/tasks/main.yml
index d3100934..080ea80c 100644
--- a/roles/docker-mailu/tasks/main.yml
+++ b/roles/docker-mailu/tasks/main.yml
@@ -1,13 +1,8 @@
 ---
-
-- name: recieve {{domain}} certificate
-  command: certbot certonly --agree-tos --email {{administrator_email}} --non-interactive --webroot -w /var/lib/letsencrypt/ -d {{domain}}
-
-- name: configure {{domain}}.conf
+- name: "include tasks nginx-docker-proxy-domain.yml"
+  include_tasks: nginx-docker-proxy-domain.yml
   vars:
     client_max_body_size: "31M"
-  template: src=roles/nginx-docker-reverse-proxy/templates/domain.conf.j2 dest=/etc/nginx/conf.d/{{domain}}.conf
-  notify: restart nginx
 
 - name: "create {{path_docker_compose_files}}mailu"
   file:
diff --git a/roles/docker-mastodon/tasks/main.yml b/roles/docker-mastodon/tasks/main.yml
index 4c0ff52b..7d01bd7d 100644
--- a/roles/docker-mastodon/tasks/main.yml
+++ b/roles/docker-mastodon/tasks/main.yml
@@ -1,6 +1,6 @@
 ---
-- name: recieve {{domain}} certificate
-  command: certbot certonly --agree-tos --email {{administrator_email}} --non-interactive --webroot -w /var/lib/letsencrypt/ -d {{domain}}
+- name: "include task certbot-matomo.yml"
+  include_tasks: certbot-matomo.yml
 
 - name: configure {{domain}}.conf
   template: src=templates/mastodon.conf.j2 dest=/etc/nginx/conf.d/{{domain}}.conf
diff --git a/roles/docker-matomo/tasks/main.yml b/roles/docker-matomo/tasks/main.yml
index e35626ad..ff9ca982 100644
--- a/roles/docker-matomo/tasks/main.yml
+++ b/roles/docker-matomo/tasks/main.yml
@@ -1,12 +1,6 @@
 ---
-- name: recieve {{domain}} certificate
-  command: certbot certonly --agree-tos --email {{administrator_email}} --non-interactive --webroot -w /var/lib/letsencrypt/ -d {{domain}}
-
-- name: configure {{domain}}.conf
-  template: 
-    src:  "roles/nginx-docker-reverse-proxy/templates/domain.conf.j2"
-    dest: "/etc/nginx/conf.d/{{domain}}.conf"
-  notify: restart nginx
+- name: "include tasks nginx-docker-proxy-domain.yml"
+  include_tasks: nginx-docker-proxy-domain.yml
 
 - name: "create {{docker_compose_instance_directory}}"
   file:
diff --git a/roles/docker-mediawiki/tasks/main.yml b/roles/docker-mediawiki/tasks/main.yml
index 409f8358..b0b2e0b9 100644
--- a/roles/docker-mediawiki/tasks/main.yml
+++ b/roles/docker-mediawiki/tasks/main.yml
@@ -1,9 +1,5 @@
-- name: recieve {{domain}} certificate
-  command: certbot certonly --agree-tos --email {{administrator_email}} --non-interactive --webroot -w /var/lib/letsencrypt/ -d {{domain}}
-
-- name: configure {{domain}}.conf
-  template: src=roles/nginx-docker-reverse-proxy/templates/domain.conf.j2 dest=/etc/nginx/conf.d/{{domain}}.conf
-  notify: restart nginx
+- name: "include tasks nginx-docker-proxy-domain.yml"
+  include_tasks: nginx-docker-proxy-domain.yml
 
 - name: "docker mediawiki"
   docker_compose:
diff --git a/roles/docker-nextcloud/tasks/main.yml b/roles/docker-nextcloud/tasks/main.yml
index fc28225e..0399eb29 100644
--- a/roles/docker-nextcloud/tasks/main.yml
+++ b/roles/docker-nextcloud/tasks/main.yml
@@ -1,6 +1,6 @@
 ---
-- name: recieve {{domain}} certificate
-  command: certbot certonly --agree-tos --email {{administrator_email}} --non-interactive --webroot -w /var/lib/letsencrypt/ -d {{domain}}
+- name: "include task certbot-matomo.yml"
+  include_tasks: certbot-matomo.yml
 
 - name: configure {{domain}}.conf
   template: 
diff --git a/roles/docker-peertube/tasks/main.yml b/roles/docker-peertube/tasks/main.yml
index 15a07774..a0838bdc 100644
--- a/roles/docker-peertube/tasks/main.yml
+++ b/roles/docker-peertube/tasks/main.yml
@@ -1,10 +1,6 @@
 ---
-- name: recieve {{domain}} certificate
-  command: certbot certonly --agree-tos --email {{administrator_email}} --non-interactive --webroot -w /var/lib/letsencrypt/ -d {{domain}}
-
-- name: configure {{domain}}.conf
-  template: src=templates/peertube.conf.j2 dest=/etc/nginx/conf.d/{{domain}}.conf
-  notify: restart nginx
+- name: "include task certbot-matomo.yml"
+  include_tasks: certbot-matomo.yml
 
 - name: "create {{docker_compose_instance_directory}}"
   file:
diff --git a/roles/docker-pixelfed/tasks/main.yml b/roles/docker-pixelfed/tasks/main.yml
index 7ac3db74..8f397ce1 100644
--- a/roles/docker-pixelfed/tasks/main.yml
+++ b/roles/docker-pixelfed/tasks/main.yml
@@ -1,10 +1,6 @@
 ---
-- name: recieve {{domain}} certificate
-  command: certbot certonly --agree-tos --email {{administrator_email}} --non-interactive --webroot -w /var/lib/letsencrypt/ -d {{domain}}
-
-- name: configure {{domain}}.conf
-  template: src=roles/nginx-docker-reverse-proxy/templates/domain.conf.j2 dest=/etc/nginx/conf.d/{{domain}}.conf
-  notify: restart nginx
+- name: "include tasks nginx-docker-proxy-domain.yml"
+  include_tasks: nginx-docker-proxy-domain.yml
 
 - name: "create {{docker_compose_instance_directory}}"
   file:
diff --git a/roles/docker-roulette-wheel/tasks/main.yml b/roles/docker-roulette-wheel/tasks/main.yml
index 9741507f..f94c55f3 100644
--- a/roles/docker-roulette-wheel/tasks/main.yml
+++ b/roles/docker-roulette-wheel/tasks/main.yml
@@ -1,10 +1,6 @@
 ---
-- name: recieve {{domain}} certificate
-  command: certbot certonly --agree-tos --email {{administrator_email}} --non-interactive --webroot -w /var/lib/letsencrypt/ -d {{domain}}
-
-- name: configure {{domain}}.conf
-  template: src=roles/nginx-docker-reverse-proxy/templates/domain.conf.j2 dest=/etc/nginx/conf.d/{{domain}}.conf
-  notify: restart nginx
+- name: "include tasks nginx-docker-proxy-domain.yml"
+  include_tasks: nginx-docker-proxy-domain.yml
 
 - name: "create {{docker_compose_instance_directory}}"
   file:
diff --git a/roles/docker-wordpress/tasks/create-wordpress-nginx.yml b/roles/docker-wordpress/tasks/create-wordpress-nginx.yml
deleted file mode 100644
index 06689927..00000000
--- a/roles/docker-wordpress/tasks/create-wordpress-nginx.yml
+++ /dev/null
@@ -1,10 +0,0 @@
-- name: Activate NGINX matomo tracking for {{domain}}
-  include_role:
-    name: nginx-matomo-tracking
-  when: nginx_matomo_tracking_active
-
-- name: configure wordpress nginx configurations
-  vars:
-    client_max_body_size: "{{wordpress_max_upload_size}}"
-  template: src=roles/nginx-docker-reverse-proxy/templates/domain.conf.j2 dest=/etc/nginx/conf.d/{{ domain }}.conf
-  notify: restart nginx
\ No newline at end of file
diff --git a/roles/docker-wordpress/tasks/main.yml b/roles/docker-wordpress/tasks/main.yml
index a8ad46f6..8969a183 100644
--- a/roles/docker-wordpress/tasks/main.yml
+++ b/roles/docker-wordpress/tasks/main.yml
@@ -1,19 +1,12 @@
 ---
-- name: "include task receive certbot certificate"
-  include_tasks: recieve-certbot-certificate.yml
-  vars:
-    domain: "{{ item }}"
-  loop: "{{ wordpress_domains }}"
-  loop_control:
-    loop_var: item
 
-- name: "include task create wordpress nginx"
-  include_tasks: create-wordpress-nginx.yml
-  vars:
-    domain: "{{ item }}"
-  loop: "{{ wordpress_domains }}"
+- name: "include tasks nginx-docker-proxy-domain.yml"
+  include_tasks: nginx-docker-proxy-domain.yml
+  loop: "{{ domains }}"
   loop_control:
-    loop_var: item
+    loop_var: domain
+  vars:
+    client_max_body_size: "{{wordpress_max_upload_size}}"
 
 - name: "create {{docker_compose_instance_directory}}"
   file:
diff --git a/roles/docker-yourls/tasks/main.yml b/roles/docker-yourls/tasks/main.yml
index 5f2d2bab..dd8f2af7 100644
--- a/roles/docker-yourls/tasks/main.yml
+++ b/roles/docker-yourls/tasks/main.yml
@@ -1,12 +1,6 @@
 ---
-- name: recieve {{domain}} certificate
-  command: certbot certonly --agree-tos --email {{administrator_email}} --non-interactive --webroot -w /var/lib/letsencrypt/ -d {{domain}}
-
-- name: configure {{domain}}.conf
-  template: 
-    src:  "roles/nginx-docker-reverse-proxy/templates/domain.conf.j2"
-    dest: "/etc/nginx/conf.d/{{domain}}.conf"
-  notify: restart nginx
+- name: "include tasks nginx-docker-proxy-domain.yml"
+  include_tasks: nginx-docker-proxy-domain.yml
 
 - name: "create {{docker_compose_instance_directory}}"
   file:
diff --git a/roles/nginx-homepage/tasks/main.yml b/roles/nginx-homepage/tasks/main.yml
index 4d16e19a..44f3d871 100644
--- a/roles/nginx-homepage/tasks/main.yml
+++ b/roles/nginx-homepage/tasks/main.yml
@@ -1,10 +1,11 @@
+---
+- name: "include task certbot-matomo.yml"
+  include_tasks: certbot-matomo.yml
+
 - name: configure {{domain}}.conf
   template: src=homepage.nginx.conf.j2 dest=/etc/nginx/conf.d/{{domain}}.conf
   notify: restart nginx
 
-- name: recieve {{domain}} certificate
-  command: certbot certonly --agree-tos --email {{administrator_email}} --non-interactive --webroot -w /var/lib/letsencrypt/ -d {{domain}}
-
 - name: nginx-homepage repo git
   git:
     repo: "{{nginx_homepage_repository_address}}"
diff --git a/tasks/certbot-matomo.yml b/tasks/certbot-matomo.yml
new file mode 100644
index 00000000..7a63bdbc
--- /dev/null
+++ b/tasks/certbot-matomo.yml
@@ -0,0 +1,5 @@
+- name: "include task receive certbot certificate"
+  include_tasks: recieve-certbot-certificate.yml
+
+- name: "include task implement-matomo-tracking.yml"
+  include_tasks: implement-matomo-tracking.yml
\ No newline at end of file
diff --git a/tasks/nginx-docker-proxy-domain.yml b/tasks/nginx-docker-proxy-domain.yml
index b34b9569..f0a72f20 100644
--- a/tasks/nginx-docker-proxy-domain.yml
+++ b/tasks/nginx-docker-proxy-domain.yml
@@ -1,8 +1,5 @@
-- name: "include task receive certbot certificate"
-  include_tasks: recieve-certbot-certificate.yml
-
-- name: "include task implement-matomo-tracking.yml"
-  include_tasks: implement-matomo-tracking.yml
+- name: "include task certbot-matomo.yml"
+  include_tasks: certbot-matomo.yml
 
 - name: "include task create-domain-conf.yml"
   include_tasks: create-domain-conf.yml