Added variable mailu subnet

group_vars/all

@@ -1,3 +1,49 @@
+# PASSWORDS AND SECRETS:
+
+akaunting_database_password:        "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+akaunting_setup_admin_password:     "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+baserow_database_password:          "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+bigbluebutton_database_password:    "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+bigbluebutton_etherpad_api_key:     "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+bigbluebutton_fsesl_password:       "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+bigbluebutton_rails_secret:         "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+bigbluebutton_shared_secret:        "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+bigbluebutton_postgresql_secret:    "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+bigbluebutton_turn_secret:          "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+central_mariadb_root_password:      "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+central_postgres_password:          "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+discourse_database_password:        "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+gitlab_database_password:	          "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+gitlab_initial_root_password:       "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+gitea_database_password:            "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+listmonk_admin_password:            "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+listmonk_database_password:         "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+mailu_api_token:                    "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+mailu_database_password:            "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+mailu_initial_root_password:        "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+mailu_secret_key:                   "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+mastodon_database_password:         "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+mastodon_otp_secret:                "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+mastodon_secret_key_base:           "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+mastodon_vapid_private_key:         "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+mastodon_vapid_public_key:          "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+matomo_auth_token:                  "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+matomo_database_password:           "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+matrix_database_password:           "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+matrix_generic_secret_key:		      "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+matrix_form_secret:                 "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+matrix_macaroon_secret_key:         "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+matrix_registration_shared_secret:  "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+nextcloud_database_password:        "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+openproject_database_password:      "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+peertube_database_password:         "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+peertube_secret:                    "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+pixelfed_database_password:         "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+pixelfed_app_key:                   "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+wordpress_database_password:        "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+yourls_database_password:           "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+yourls_user_password:               "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+
 # General
 setup:                false       # Pass CLI commands to execute the setup tasks for the different roles
 verbose:              false       # Prints well formated debug information
@@ -137,25 +183,38 @@ postgres_default_version:       "16"
 
 ### Docker Role Specific Parameters
 
-#### Pixelfed
+#### Akaunting
-pixelfed_app_name:      "Pictures"
+version_akaunting:            "latest"
+akaunting_company_name:       "DUMMY_VALUE_NEEDS_TO_BE_CHANGED"
+akaunting_company_email:      "DUMMY_VALUE_NEEDS_TO_BE_CHANGED"
+akaunting_setup_admin_email:  "DUMMY_VALUE_NEEDS_TO_BE_CHANGED"
+
+#### Listmonk
+listmonk_admin_username:          "admin"
+
+#### Mastodon
+version_mastodon:                 "latest"
+mastodon_single_user_mode:        false
 
 #### Matrix
 matrix_playbook_tags:   "setup-all,start" # For the initial update use: install-all,ensure-matrix-users-created,start
 matrix_role:            "compose"         # Role to setup Matrix. Valid values: ansible, compose
 
-#### Mastodon
-version_mastodon:       "latest"
-
-#### Akaunting
-version_akaunting:      "latest"
-
 #### Mailu
-version_mailu:          "2.0"
+version_mailu:                    "2.0"
+mailu_domain:                     "{{top_domain}}"
+mailu_subnet:                     "192.168.203.0/24"
 
 #### Nextcloud
 version_nextcloud:      "production"  # Danger: Nextcloud can't skipp major version updates.
 
+#### Pixelfed
+pixelfed_app_name:      "Pictures"
+
+#### YOURLS
+yourls_user:            "admin"
+
+
 # Routing Configurations for Domain Redirections
 redirect_domain_mappings:
 - { source: "bbb.{{top_domain}}",         target: "{{domain_bigbluebutton}}" }

roles/docker-discourse/handlers/main.yml

@@ -2,4 +2,4 @@
 - name: recreate discourse
   command:
     cmd: ./launcher rebuild app
-    chdir: "{{docker_compose_instance_directory}}"
+    chdir: "{{discourse_repository_directory}}"

roles/docker-discourse/tasks/main.yml

@@ -18,30 +18,51 @@
     state: directory
     mode: 0755
 
-- name: checkout repository 
+- name: add docker-compose.yml
-  ansible.builtin.shell: git checkout .
+  template: src=docker-compose.yml.j2 dest={{docker_compose_instance_directory}}docker-compose.yml
-  become: true
+  notify: docker compose project setup
-  args:
+
-    chdir: "{{docker_compose_instance_directory}}"
+- name: flush, to recreate discourse docker compose
-  ignore_errors: true
+  meta: flush_handlers
+  when: enable_central_database | bool
 
 - name: pull docker repository
   git:
     repo: "https://github.com/discourse/discourse_docker.git"
-    dest: "{{docker_compose_instance_directory}}"
+    dest: "{{discourse_repository_directory}}"
     update: yes
   notify: recreate discourse
   become: true
   ignore_errors: true
 
-- name: set chmod 700 for {{docker_compose_instance_directory}}containers
+- name: set chmod 700 for {{discourse_repository_directory}}containers
   ansible.builtin.file:
-    path: "{{docker_compose_instance_directory}}/containers"
+    path: "{{discourse_repository_directory}}/containers"
     mode: '700'
     state: directory
 
-- name: "copy configuration to {{docker_compose_instance_directory}}containers/app.yml"
+- name: "copy configuration to {{discourse_repository_directory}}containers/app.yml"
   template: 
     src: app.yml.j2
-    dest: "{{docker_compose_instance_directory}}containers/app.yml"
+    dest: "{{discourse_repository_directory}}containers/app.yml"
-  notify: recreate discourse
+  notify: recreate discourse
+
+- name: "Ensure {{docker_compose_project_name}}_default network exists"
+  community.docker.docker_network:
+    name: "{{docker_compose_project_name}}_default"
+    state: present
+  when: enable_central_database | bool
+
+- name: "add central database temporary to {{docker_compose_project_name}}_default"
+  command:
+    cmd: "docker network connect discourse_default central-{{ database_type }}"
+  when: enable_central_database | bool
+
+- name: flush, to recreate discourse app
+  meta: flush_handlers
+  when: enable_central_database | bool
+
+- name: "remove central database from {{docker_compose_project_name}}_default"
+  command:
+    cmd: "docker network disconnect discourse_default central-{{ database_type }}"
+  when: enable_central_database | bool

roles/docker-discourse/templates/app.yml.j2

@@ -1,17 +1,8 @@
-## this is the all-in-one, standalone Discourse Docker container template
-##
-## After making changes to this file, you MUST rebuild
-## /var/discourse/launcher rebuild app
-##
-## BE *VERY* CAREFUL WHEN EDITING!
-## YAML FILES ARE SUPER SUPER SENSITIVE TO MISTAKES IN WHITESPACE OR ALIGNMENT!
-## visit http://www.yamllint.com/ to validate this file as needed
-
 templates:
 {% if not enable_central_database | bool %}
   - "templates/postgres.template.yml"
 {% endif %}
-  - "templates/redis.template.yml"
+  #- "templates/redis.template.yml"
   - "templates/web.template.yml"
   ## Uncomment the next line to enable the IPv6 listener
   #- "templates/web.ipv6.template.yml"
@@ -25,7 +16,6 @@ templates:
 ## see https://meta.discourse.org/t/17247 for details
 expose:
   - "127.0.0.1:{{http_port}}:80"   # http
-  #- "443:443" # https
 
 params:
   db_default_text_search_config: "pg_catalog.english"
@@ -73,13 +63,14 @@ env:
   DISCOURSE_SMTP_DOMAIN:            {{ system_email_domain }}
   DISCOURSE_NOTIFICATION_EMAIL:     {{ system_email }}
 
-{% if enable_central_database | bool %}
   # Database Configuration
   DISCOURSE_DB_USERNAME: {{ database_username }}
   DISCOURSE_DB_PASSWORD: {{ database_password }}
   DISCOURSE_DB_HOST:     {{ database_host }}
   DISCOURSE_DB_NAME:     {{ database_databasename }}
-{% endif %}
+
+  # Redis Configuration
+  DISCOURSE_REDIS_HOST: {{docker_compose_project_name}}-redis
 
   ## If you added the Lets Encrypt template, uncomment below to get a free SSL certificate
   #LETSENCRYPT_ACCOUNT_EMAIL: administrator@veen.world
@@ -127,7 +118,5 @@ run:
   - exec: echo "End of custom commands"
 
 docker_args:
-{% if enable_central_database | bool %}
+  - --network={{docker_compose_project_name}}_default
-  - --network=central_{{ database_type }}_network
-{% endif %}
   - --name=discourse_application

roles/docker-discourse/templates/docker-compose.yml.j2

@@ -0,0 +1,12 @@
+version: '3.8'
+
+services:
+
+{% include 'templates/docker-service-redis.yml.j2' %}
+
+{% include 'templates/docker-service-' + database_type + '.yml.j2' %}
+
+{% include 'templates/docker-compose-volumes.yml.j2' %}
+  redis:
+
+{% include 'templates/docker-compose-networks.yml.j2' %}

roles/docker-discourse/vars/main.yml

@@ -1,3 +1,4 @@
-docker_compose_project_name:        "discourse"
+docker_compose_project_name:     "discourse"
-database_password:                  "{{ baserow_database_password }}"
+database_password:               "{{ baserow_database_password }}"
-database_type:                      "postgres"
+database_type:                   "postgres"
+discourse_repository_directory:  "{{ path_docker_compose_instances + docker_compose_project_name + '/repository/' }}"

roles/docker-listmonk/tasks/main.yml

@@ -21,4 +21,14 @@
   template: 
     src:  "config.toml.j2" 
     dest: "{{docker_compose_instance_directory}}config.toml"
-  notify: docker compose project setup
+  notify: docker compose project setup
+
+- name: flush docker service
+  meta: flush_handlers
+  when: setup | bool 
+
+- name: setup routine for listmonk
+  command:
+    cmd: "yes | docker compose run -T --rm application ./listmonk --install"
+    chdir: "{{docker_compose_instance_directory}}"
+  when: setup | bool 

roles/docker-mailu/tasks/main.yml

@@ -60,4 +60,14 @@
   vars:
     on_calendar:  "{{on_calendar_deploy_mailu_certificates}}"
     service_name: "deploy-letsencrypt-mailu"
-    persistent:   "true"
+    persistent:   "true"
+
+- name: flush docker service
+  meta: flush_handlers
+  when: setup | bool 
+
+- name: execute database migration
+  command:
+    cmd: "docker compose -p mailu exec admin flask mailu admin admin {{top_domain}} {{mailu_initial_root_password}}"
+    chdir: "{{docker_compose_instance_directory}}"
+  when: setup | bool 

roles/docker-mailu/templates/docker-compose.yml.j2

@@ -12,7 +12,6 @@ services:
     env_file: mailu.env
     restart: always
 {% include 'templates/docker-container-networks.yml.j2' %}
-      default:
         ipv4_address: 192.168.203.254
     logging:
       driver: journald
@@ -39,7 +38,6 @@ services:
       resolver:
         condition: service_started
 {% include 'templates/docker-container-networks.yml.j2' %}
-      default:
       webmail:
       radicale:
     dns:
@@ -124,7 +122,6 @@ services:
     logging:
       driver: journald
 {% include 'templates/docker-container-networks.yml.j2' %}
-      default:
       noinet:  
 
 
@@ -204,7 +201,6 @@ services:
   redis:
 
 {% include 'templates/docker-compose-networks.yml.j2' %}
-  default:
     driver: bridge
     ipam:
       driver: default

roles/docker-mariadb/tasks/main.yml

@@ -1,6 +1,6 @@
 - name: Create Docker network for MariaDB
   docker_network:
-    name: central_mariadb_network
+    name: central_mariadb
     state: present
   when: run_once_docker_mariadb is not defined
 
@@ -18,12 +18,18 @@
       MARIADB_ROOT_PASSWORD:  "{{central_mariadb_root_password}}"
       MARIADB_AUTO_UPGRADE:   "1"
     networks:
-      - name: central_mariadb_network
+      - name: central_mariadb
     volumes:
       - central_mariadb_database:/var/lib/mysql
     published_ports:
       - "127.0.0.1:3306:3306" # can be that this will be removed if all applications use sockets
     command: "--transaction-isolation=READ-COMMITTED --binlog-format=ROW" #for nextcloud
+    restart_policy: unless-stopped
+    healthcheck:
+      test: "/usr/bin/mariadb --user=root --password={{central_mariadb_root_password}} --execute \"SHOW DATABASES;\""
+      interval: 3s
+      timeout: 1s
+      retries: 5
   when: run_once_docker_mariadb is not defined
 
 - name: install python-mysqlclient

roles/docker-mastodon/tasks/main.yml

@@ -24,7 +24,11 @@
     dest: "{{docker_compose_instance_directory}}.env.production"
   notify: docker compose project setup
 
-- name: execute database migration
+- name: flush docker service
+  meta: flush_handlers
+  when: setup | bool 
+
+- name: setup routine for mastodon
   command:
     cmd: "docker-compose run --rm web bundle exec rails db:migrate"
     chdir: "{{docker_compose_instance_directory}}"

roles/docker-openproject/templates/docker-compose.yml.j2

@@ -50,7 +50,9 @@ services:
 {% include 'templates/docker-container-networks.yml.j2' %}
 {% include 'templates/docker-container-depends-on-also-database.yml.j2' %}
       cache:
+        condition: service_started
       seeder:
+        condition: service_started
     labels:
       - autoheal=true
     healthcheck:
@@ -75,7 +77,9 @@ services:
 {% include 'templates/docker-container-networks.yml.j2' %}
 {% include 'templates/docker-container-depends-on-also-database.yml.j2' %}
       cache:
+        condition: service_started
       seeder:
+        condition: service_started
 
   cron:
     <<: *app
@@ -83,7 +87,9 @@ services:
 {% include 'templates/docker-container-networks.yml.j2' %}
 {% include 'templates/docker-container-depends-on-also-database.yml.j2' %}
       cache:
+        condition: service_started
       seeder:
+        condition: service_started
 
   seeder:
     <<: *app

roles/docker-postgres/tasks/main.yml

@@ -1,6 +1,6 @@
 - name: Create Docker network for PostgreSQL
   docker_network:
-    name: central_postgres_network
+    name: central_postgres
     state: present
   when: run_once_docker_postgres is not defined
 
@@ -13,11 +13,18 @@
       POSTGRES_PASSWORD: "{{ central_postgres_password }}"
       POSTGRES_INITDB_ARGS: "--encoding=UTF8 --locale=C" # Necessary for docker-matrix
     networks:
-      - name: central_postgres_network
+      - name: central_postgres
     published_ports:
       - "127.0.0.1:5432:5432"
     volumes:
       - central_postgres_database:/var/lib/postgresql/data
+    restart_policy: unless-stopped
+    healthcheck:
+      test: ["CMD-SHELL", "pg_isready -U postgres"]
+      interval: 10s
+      timeout: 5s
+      retries: 5
+      start_period: 30s
   when: run_once_docker_postgres is not defined
 
 - name: wait for availability of postgres

roles/docker-roulette-wheel/templates/docker-compose.yml.j2

@@ -1,7 +1,7 @@
 version: '3.7'
 services:
     application:
-        container_name: application
+        container_name: roulette_application
         build:
             context: .
         ports:

templates/docker-compose-networks.yml.j2

@@ -1,8 +1,8 @@
 # This template needs to be included in docker-compose.yml
 networks:
 {% if enable_central_database | bool %}
-  central_{{ database_type }}_network:
+  central_{{ database_type }}:
     external: true
 {% endif %}
-  {{docker_compose_project_name}}_network:
+  default:
 {{ "\n" }}

templates/docker-container-networks.yml.j2

@@ -1,7 +1,7 @@
 # This template needs to be included in docker-compose.yml containers
     networks:
-      {{docker_compose_project_name}}_network:
 {% if enable_central_database | bool %}
-      central_{{ database_type }}_network:
+      central_{{ database_type }}:
 {% endif %}
+      default:
 {{ "\n" }}

templates/docker-service-mariadb.yml.j2

@@ -1,6 +1,7 @@
 # This template needs to be included in docker-compose.yml, which depend on a mariadb database
 {% if not enable_central_database | bool %}
   database:
+    container_name: {{docker_compose_project_name}}-mariadb
     logging:
       driver: journald
     image: mariadb
@@ -20,6 +21,6 @@
       timeout: 1s
       retries: 5
     networks:
-      - {{docker_compose_project_name}}_network
+      - default
 {% endif %}
 {{ "\n" }}

templates/docker-service-postgres.yml.j2

@@ -2,6 +2,7 @@
 {% if not enable_central_database | bool %}  
   database:
     image: postgres:{{database_version}}-alpine
+    container_name: {{docker_compose_project_name}}-postgres
     environment:
       - POSTGRES_PASSWORD={{database_password}}
       - POSTGRES_USER={{database_username}}
@@ -18,6 +19,6 @@
         source: database
         target: /var/lib/postgresql/data
     networks:
-      - {{docker_compose_project_name}}_network
+      - default
 {% endif %}
 {{ "\n" }}

templates/docker-service-redis.yml.j2

@@ -1,6 +1,7 @@
 # This template needs to be included in docker-compose.yml, which depend on redis
   redis:
     image: redis:alpine
+    container_name: {{docker_compose_project_name}}-redis
     restart: always
     logging:
       driver: journald
@@ -12,5 +13,5 @@
       timeout: 3s
       retries: 30
     networks:
-      - {{docker_compose_project_name}}_network
+      - default
 {{ "\n" }}