diff --git a/group_vars/all/07_applications.yml b/group_vars/all/07_applications.yml index 26e5c3aa..556763a2 100644 --- a/group_vars/all/07_applications.yml +++ b/group_vars/all/07_applications.yml @@ -100,10 +100,10 @@ defaults_applications: ## Listmonk listmonk: - administrator_username: "{{administrator_username}}" - public_api_activated: False # Security hole. Can be used for spaming - version: "latest" # Docker Image version - setup: false # Set true in inventory file to execute the setup and initializing procedures + administrator_username: "{{administrator_username}}" # Listmonk administrator account username + public_api_activated: False # Security hole. Can be used for spaming + version: "latest" # Docker Image version + setup: false # Set true in inventory file to execute the setup and initializing procedures ## MariaDB mariadb: @@ -133,16 +133,16 @@ defaults_applications: ## Mailu mailu: - version: "2024.06" - domain: "{{primary_domain}}" - setup: false # Set true in inventory file to execute the setup and initializing procedures + version: "2024.06" + domain: "{{primary_domain}}" + setup: false # Set true in inventory file to execute the setup and initializing procedures ## Moodle moodle: - site_titel: "Global Learning Academy on {{primary_domain}}" - administrator_name: "{{administrator_username}}" - administrator_email: "{{administrator_email}}" - version: "latest" + site_titel: "Global Learning Academy on {{primary_domain}}" + administrator_name: "{{administrator_username}}" + administrator_email: "{{administrator_email}}" + version: "latest" ## MyBB mybb: diff --git a/roles/docker-matomo/tasks/main.yml b/roles/docker-matomo/tasks/main.yml index b4fefb60..813c1e3b 100644 --- a/roles/docker-matomo/tasks/main.yml +++ b/roles/docker-matomo/tasks/main.yml @@ -8,19 +8,34 @@ validate_certs: yes register: site_check ignore_errors: yes + when: run_once_docker_matomo is not defined +# @todo optimize this code. If global_matomo_tracking_enabled is active it doesn't have any impact. - name: implement matomo tracking for matomo if matomo is up and tracking enabled set_fact: global_matomo_tracking_enabled: true - when: site_check is defined and site_check.status == 200 and global_matomo_tracking_enabled | bool + when: + - site_check is defined and site_check.status == 200 + - global_matomo_tracking_enabled | bool + - run_once_docker_matomo is not defined - name: "include docker-central-database" include_role: name: docker-central-database + when: run_once_docker_matomo is not defined - name: "include role nginx-domain-setup for {{application_id}}" include_role: name: nginx-domain-setup + vars: + oauth2_proxy_active: false # Deactivate prox, in case it got activated by another app + when: run_once_docker_matomo is not defined - name: "copy docker-compose.yml and env file" - include_tasks: copy-docker-compose-and-env.yml \ No newline at end of file + include_tasks: copy-docker-compose-and-env.yml + when: run_once_docker_matomo is not defined + +- name: run the docker matomo tasks once + set_fact: + run_once_docker_matomo: true + when: run_once_docker_matomo is not defined \ No newline at end of file diff --git a/roles/nginx-domain-setup/tasks/main.yml b/roles/nginx-domain-setup/tasks/main.yml index 235874ac..7a93f7b6 100644 --- a/roles/nginx-domain-setup/tasks/main.yml +++ b/roles/nginx-domain-setup/tasks/main.yml @@ -6,10 +6,18 @@ include_role: name: nginx-https-recieve-certificate -- name: "copy nginx domain configuration to {{nginx.directories.http.servers}}{{domain}}.conf" +- name: "Relevant variables for role: {{ role_path | basename }}" + debug: + msg: + oauth2_proxy_active: "{{oauth2_proxy_active}}" + domains: "{{domains}}" + applications: "{{applications}}" + when: enable_debug | bool + +- name: "copy nginx domain configuration to {{configuration_destination}}" template: src: "roles/nginx-docker-reverse-proxy/templates/domain.conf.j2" - dest: "{{nginx.directories.http.servers}}{{domain}}.conf" + dest: "{{configuration_destination}}" notify: restart nginx - name: "include the docker-oauth2-proxy role {{domain}}" diff --git a/roles/nginx-domain-setup/vars/main.yml b/roles/nginx-domain-setup/vars/main.yml new file mode 100644 index 00000000..6a6c2417 --- /dev/null +++ b/roles/nginx-domain-setup/vars/main.yml @@ -0,0 +1 @@ +configuration_destination: "{{nginx.directories.http.servers}}{{domain}}.conf" \ No newline at end of file diff --git a/roles/nginx-redirect-www/tasks/main.yml b/roles/nginx-redirect-www/tasks/main.yml index 5acad25a..8e95b709 100644 --- a/roles/nginx-redirect-www/tasks/main.yml +++ b/roles/nginx-redirect-www/tasks/main.yml @@ -14,22 +14,12 @@ domain_regex: "^{{nginx.directories.http.servers}}(?!www\\.)[^/]+\\.conf$" path_regex: "^{{nginx.directories.http.servers}}" -- name: The domains for which a www. redirect will be implemented - debug: - var: filtered_domains - when: enable_debug | bool - # Routine for domains with primary domain included - name: Set filtered_domains_with_primary_domain set_fact: filtered_domains_with_primary_domain: "{{ filtered_domains | select('search', primary_domain + '$') | list }}" -- name: Debug with primary domain - debug: - var: filtered_domains_with_primary_domain - when: enable_debug | bool - - name: Include nginx-redirect-domain role with dynamic domain mappings for domains with {{primary_domain}} included include_role: name: nginx-redirect-domain @@ -52,9 +42,12 @@ set_fact: filtered_domains_without_primary_domain: "{{ filtered_domains | reject('search', primary_domain + '$') | list }}" -- name: Debug domains without primary domain +- name: "Relevant variables for role: {{ role_path | basename }}" debug: - var: filtered_domains_without_primary_domain + msg: + filtered_domains_with_primary_domain: "{{filtered_domains_with_primary_domain}}" + filtered_domains: "{{filtered_domains}}" + filtered_domains_without_primary_domain: "{{filtered_domains_without_primary_domain}}" when: enable_debug | bool - name: Include nginx-redirect-domain role with dynamic domain mappings for domains without primary domain