Moved email host and domain SPOT to SYSTEM_EMAIL constant

Moved healthcheck to the end so that it is setup after email configuration
Made System Email Variables UPPER
2025-11-03 19:58:14 +00:00 · 2025-08-19 10:00:35 +02:00 · 2025-08-19 09:46:12 +02:00 · 2025-08-19 09:34:18 +02:00
28 changed files with 98 additions and 95 deletions
--- a/cli/build/defaults/users.py
+++ b/cli/build/defaults/users.py
@@ -189,7 +189,7 @@ def parse_args():

 def main():
    args = parse_args()
-    primary_domain = '{{ PRIMARY_DOMAIN }}'
+    primary_domain = '{{ SYSTEM_EMAIL.DOMAIN }}'
    become_pwd = '{{ lookup("password", "/dev/null length=42 chars=ascii_letters,digits") }}'

    try:
--- a/group_vars/all/02_email.yml
+++ b/group_vars/all/02_email.yml
@@ -0,0 +1,8 @@
+# Email Configuration
+DEFAULT_SYSTEM_EMAIL:
+  DOMAIN:    "{{ PRIMARY_DOMAIN }}"
+  HOST:      "mail.{{ PRIMARY_DOMAIN }}"
+  PORT:      465
+  TLS:       true   # true for TLS and false for SSL
+  START_TLS: false
+  SMTP:      true  
--- a/group_vars/all/02_system_email.yml
+++ b/group_vars/all/02_system_email.yml
@@ -1,9 +0,0 @@
-# Email Configuration
-default_system_email:
-  domain:    "{{ PRIMARY_DOMAIN }}"
-  host:      "mail.{{ PRIMARY_DOMAIN }}"
-  port:      465
-  tls:       true   # true for TLS and false for SSL
-  start_tls: false
-  smtp:      true
-# password:  # Needs to be defined in inventory file  
--- a/roles/sys-svc-msmtp/tasks/01_core.yml
+++ b/roles/sys-svc-msmtp/tasks/01_core.yml
@@ -1,6 +1,3 @@
- include_role:
-    name: sys-ctl-hlth-msmtp
-  when: run_once_sys_ctl_hlth_msmtp is not defined

 - name: install msmtp msmtp-mta
  community.general.pacman:
@@ -14,3 +11,7 @@
    src: "msmtprc.conf.j2"
    dest: "/root/.msmtprc"
    mode: 600
+
+- include_role:
+    name: sys-ctl-hlth-msmtp
+  when: run_once_sys_ctl_hlth_msmtp is not defined
--- a/roles/sys-svc-msmtp/templates/msmtprc.conf.j2
+++ b/roles/sys-svc-msmtp/templates/msmtprc.conf.j2
@@ -2,19 +2,19 @@
 defaults
 auth           on
 logfile        ~/.msmtp.log
-tls_starttls   {{ 'on' if system_email.start_tls else 'off' }}
-{% if system_email.tls %}
+tls_starttls   {{ 'on' if SYSTEM_EMAIL.START_TLS else 'off' }}
+{% if SYSTEM_EMAIL.TLS %}
 tls            on
 tls_trust_file /etc/ssl/certs/ca-certificates.crt
 {% else %}
 tls            off
 {% endif %}

-account        system_email
-host           {{ system_email.host }}
-port           {{ system_email.port }}
+account        {{ DEFAULT_EMAIL_ACCOUNT }}
+host           {{ SYSTEM_EMAIL.HOST }}
+port           {{ SYSTEM_EMAIL.PORT }}
 from           {{ users['no-reply'].email }}
 user           {{ users['no-reply'].email }}
 password       {{ users['no-reply'].mailu_token }}

-account default : system_email
+account default : {{ DEFAULT_EMAIL_ACCOUNT }}
--- a/roles/sys-svc-msmtp/vars/main.yml
+++ b/roles/sys-svc-msmtp/vars/main.yml
@@ -0,0 +1 @@
+DEFAULT_EMAIL_ACCOUNT: "{{ SOFTWARE_NAME | replace('.', '_') | lower }}__default_email_account"
--- a/roles/web-app-baserow/templates/env.j2
+++ b/roles/web-app-baserow/templates/env.j2
@@ -2,12 +2,12 @@
 BASEROW_PUBLIC_URL={{ domains | get_url(application_id, WEB_PROTOCOL) }}

 # Email Server Configuration
-EMAIL_SMTP={{ system_email.smtp | upper }}
-EMAIL_SMTP_HOST={{ system_email.host }}
-EMAIL_SMTP_PORT={{ system_email.port }}
+EMAIL_SMTP={{ SYSTEM_EMAIL.SMTP | upper }}
+EMAIL_SMTP_HOST={{ SYSTEM_EMAIL.HOST }}
+EMAIL_SMTP_PORT={{ SYSTEM_EMAIL.PORT }}
 EMAIL_SMTP_USER={{ users['no-reply'].email }}
 EMAIL_SMTP_PASSWORD={{ users['no-reply'].mailu_token }}
-EMAIL_SMTP_USE_TLS={{ system_email.tls | upper }}
+EMAIL_SMTP_USE_TLS={{ SYSTEM_EMAIL.TLS | upper }}

 DATABASE_USER={{ database_username }}
 DATABASE_NAME={{ database_name }}
--- a/roles/web-app-bigbluebutton/templates/env.j2
+++ b/roles/web-app-bigbluebutton/templates/env.j2
@@ -203,16 +203,16 @@ ALLOW_GREENLIGHT_ACCOUNTS=true
 # Emails are required for the basic features of Greenlight to function.
 # Please refer to your SMTP provider to get the values for the variables below

-SMTP_SERVER={{ system_email.host }}
-SMTP_DOMAIN={{system_email.domain}}
-SMTP_PORT={{ system_email.port }}
+SMTP_SERVER={{ SYSTEM_EMAIL.HOST }}
+SMTP_DOMAIN={{SYSTEM_EMAIL.DOMAIN}}
+SMTP_PORT={{ SYSTEM_EMAIL.PORT }}
 SMTP_USERNAME={{ users['no-reply'].email }}
 SMTP_PASSWORD={{ users['no-reply'].mailu_token }}
 SMTP_AUTH=plain
 SMTP_OPENSSL_VERIFY_MODE=none
-SMTP_STARTTLS_AUTO={{system_email.start_tls | lower}}
-SMTP_STARTTLS={{system_email.start_tls | lower}}
-SMTP_TLS={{system_email.tls | lower}}
+SMTP_STARTTLS_AUTO={{SYSTEM_EMAIL.START_TLS | lower}}
+SMTP_STARTTLS={{SYSTEM_EMAIL.START_TLS | lower}}
+SMTP_TLS={{SYSTEM_EMAIL.TLS | lower}}
 SMTP_SSL_VERIFY=true
 SMTP_SENDER={{ users['no-reply'].email }}
 SMTP_SENDER_EMAIL={{ users['no-reply'].email }}
--- a/roles/web-app-bluesky/templates/env.j2
+++ b/roles/web-app-bluesky/templates/env.j2
@@ -8,7 +8,7 @@ PDS_JWT_SECRET="{{ bluesky_jwt_secret }}"
 PDS_ADMIN_PASSWORD="{{bluesky_admin_password}}"
 PDS_PLC_ROTATION_KEY_K256_PRIVATE_KEY_HEX="{{ bluesky_rotation_key }}"
 PDS_CRAWLERS=https://bsky.network
-PDS_EMAIL_SMTP_URL=smtps://{{ users['no-reply'].email }}:{{ users['no-reply'].mailu_token }}@{{ system_email.host }}:{{ system_email.port }}/
+PDS_EMAIL_SMTP_URL=smtps://{{ users['no-reply'].email }}:{{ users['no-reply'].mailu_token }}@{{ SYSTEM_EMAIL.HOST }}:{{ SYSTEM_EMAIL.PORT }}/
 PDS_EMAIL_FROM_ADDRESS={{ users['no-reply'].email }}
 LOG_ENABLED=true
 PDS_BLOBSTORE_DISK_LOCATION=/opt/pds/blocks
--- a/roles/web-app-discourse/templates/config.yml.j2
+++ b/roles/web-app-discourse/templates/config.yml.j2
@@ -58,13 +58,13 @@ env:

  # SMTP ADDRESS, username, and password are required
  # WARNING the char '#' in SMTP password can cause problems!
-  DISCOURSE_SMTP_ADDRESS:           {{ system_email.host }}
-  DISCOURSE_SMTP_PORT:              {{ system_email.port }}
+  DISCOURSE_SMTP_ADDRESS:           {{ SYSTEM_EMAIL.HOST }}
+  DISCOURSE_SMTP_PORT:              {{ SYSTEM_EMAIL.PORT }}
  DISCOURSE_SMTP_USER_NAME:         {{ users['no-reply'].email }}
  DISCOURSE_SMTP_PASSWORD:          {{ users['no-reply'].mailu_token }}
-  DISCOURSE_SMTP_ENABLE_START_TLS:  {{ system_email.start_tls }}
-  DISCOURSE_SMTP_FORCE_TLS:         {{ system_email.tls }}
-  DISCOURSE_SMTP_DOMAIN:            {{ system_email.domain }}
+  DISCOURSE_SMTP_ENABLE_START_TLS:  {{ SYSTEM_EMAIL.START_TLS }}
+  DISCOURSE_SMTP_FORCE_TLS:         {{ SYSTEM_EMAIL.TLS }}
+  DISCOURSE_SMTP_DOMAIN:            {{ SYSTEM_EMAIL.DOMAIN }}
  DISCOURSE_NOTIFICATION_EMAIL:     {{ users['no-reply'].email }}

  # Database Configuration
--- a/roles/web-app-espocrm/templates/env.j2
+++ b/roles/web-app-espocrm/templates/env.j2
@@ -48,9 +48,9 @@ ESPOCRM_CONFIG_LOGGER_ROTATION=false
 # ------------------------------------------------
 # System SMTP settings
 # ------------------------------------------------
-ESPOCRM_CONFIG_SMTP_SERVER={{ system_email.host }}
-ESPOCRM_CONFIG_SMTP_PORT={{ system_email.port }}
-ESPOCRM_CONFIG_SMTP_SECURITY={{ "TLS" if system_email.start_tls else "SSL"}}
+ESPOCRM_CONFIG_SMTP_SERVER={{ SYSTEM_EMAIL.HOST }}
+ESPOCRM_CONFIG_SMTP_PORT={{ SYSTEM_EMAIL.PORT }}
+ESPOCRM_CONFIG_SMTP_SECURITY={{ "TLS" if SYSTEM_EMAIL.START_TLS else "SSL"}}
 ESPOCRM_CONFIG_SMTP_AUTH=true
 ESPOCRM_CONFIG_SMTP_USERNAME={{ users['contact'].email }}
 ESPOCRM_CONFIG_SMTP_PASSWORD={{ users['contact'].mailu_token }}
--- a/roles/web-app-friendica/templates/env.j2
+++ b/roles/web-app-friendica/templates/env.j2
@@ -17,13 +17,13 @@ MYSQL_USER=     {{ database_username }}
 MYSQL_PASSWORD= {{ database_password }}

 # Email Configuration
-SMTP=           {{ system_email.host }}
-SMTP_DOMAIN=    {{ system_email.domain }}
-SMTP_PORT=      {{ system_email.port }}
+SMTP=           {{ SYSTEM_EMAIL.HOST }}
+SMTP_DOMAIN=    {{ SYSTEM_EMAIL.DOMAIN }}
+SMTP_PORT=      {{ SYSTEM_EMAIL.PORT }}
 SMTP_AUTH_USER= {{ users['no-reply'].email }}
 SMTP_AUTH_PASS= {{ users['no-reply'].mailu_token }}
-SMTP_TLS=       {{ 'on' if system_email.tls else 'off' }}
-SMTP_STARTTLS=  {{ 'on' if system_email.start_tls else 'off' }}
+SMTP_TLS=       {{ 'on' if SYSTEM_EMAIL.TLS else 'off' }}
+SMTP_STARTTLS=  {{ 'on' if SYSTEM_EMAIL.START_TLS else 'off' }}
 SMTP_FROM=      no-reply

 # Administrator Credentials
--- a/roles/web-app-funkwhale/templates/env.j2
+++ b/roles/web-app-funkwhale/templates/env.j2
@@ -59,7 +59,7 @@ DJANGO_LOGLEVEL={% if MODE_DEBUG | bool %}debug{% else %}error{% endif %}
 # (returns `noreply%40youremail.host`)
 # EMAIL_CONFIG=smtp://user:password@youremail.host:25
 # EMAIL_CONFIG=smtp+ssl://user:password@youremail.host:465
-EMAIL_CONFIG=smtp+tls://{{ users['no-reply'].username }}:{{ users['no-reply'].mailu_token }}@{{ system_email.host }}:{{ system_email.port }}
+EMAIL_CONFIG=smtp+tls://{{ users['no-reply'].username }}:{{ users['no-reply'].mailu_token }}@{{ SYSTEM_EMAIL.HOST }}:{{ SYSTEM_EMAIL.PORT }}

 # Make e-mail verification mandatory before using the service
 # Doesn't apply to admins.
--- a/roles/web-app-gitea/templates/env.j2
+++ b/roles/web-app-gitea/templates/env.j2
@@ -31,8 +31,8 @@ SSH_DOMAIN={{ domains | get_domain(application_id) }}
 GITEA__mailer__ENABLED=true
 GITEA__mailer__FROM={{ users['no-reply'].email }}
 GITEA__mailer__PROTOCOL=smtps
-GITEA__mailer__SMTP_ADDR={{ system_email.host }}
-GITEA__mailer__SMTP_PORT={{ system_email.port }}
+GITEA__mailer__SMTP_ADDR={{ SYSTEM_EMAIL.HOST }}
+GITEA__mailer__SMTP_PORT={{ SYSTEM_EMAIL.PORT }}
 GITEA__mailer__USER={{ users['no-reply'].email }}
 GITEA__mailer__PASSWD={{ users['no-reply'].mailu_token }}

--- a/roles/web-app-keycloak/templates/import/realm.json.j2
+++ b/roles/web-app-keycloak/templates/import/realm.json.j2
@@ -1446,11 +1446,11 @@
  "smtpServer": {
    "password": "{{ users['no-reply'].mailu_token }}",
    "replyToDisplayName": "",
-    "starttls": "{{system_email.start_tls | lower}}",
+    "starttls": "{{SYSTEM_EMAIL.START_TLS | lower}}",
    "auth": "true",
-    "port": "{{ system_email.port }}",
+    "port": "{{ SYSTEM_EMAIL.PORT }}",
    "replyTo": "",
-    "host": "{{ system_email.host }}",
+    "host": "{{ SYSTEM_EMAIL.HOST }}",
    "from": "{{ users['no-reply'].email }}",
    "fromDisplayName": "Keycloak Authentification System - {{domains | get_domain('web-app-keycloak')}}",
    "envelopeFrom": "",
--- a/roles/web-app-listmonk/vars/main.yml
+++ b/roles/web-app-listmonk/vars/main.yml
@@ -45,15 +45,15 @@ LISTMONK_SETTINGS:
    value: >-
      {{ [
        {
-          "host":            system_email.host,
-          "port":            system_email.port,
-          "enabled":         system_email.smtp,
+          "host":            SYSTEM_EMAIL.HOST,
+          "port":            SYSTEM_EMAIL.PORT,
+          "enabled":         SYSTEM_EMAIL.SMTP,
          "username":        "no-reply",
          "password":        users['no-reply'].email,
          "tls_type":        (
-                                system_email.tls
+                                SYSTEM_EMAIL.TLS
                                | ternary("TLS",
-                                    system_email.start_tls
+                                    SYSTEM_EMAIL.START_TLS
                                      | ternary("STARTTLS","NONE")
                                  )
                              ),
@@ -67,7 +67,7 @@ LISTMONK_SETTINGS:
          "tls_skip_verify": false
        }
      ] | to_json }}
-    when: system_email.smtp | bool
+    when: SYSTEM_EMAIL.SMTP | bool


  - key: "app.lang"
@@ -92,15 +92,15 @@ LISTMONK_SETTINGS:
    value: >-
      {{ [
        {
-          "host":            system_email.host,
-          "port":            system_email.port,
+          "host":            SYSTEM_EMAIL.HOST,
+          "port":            SYSTEM_EMAIL.PORT,
          "type":            "pop",
          "uuid":            "471fd0e9-8c33-4e4a-9183-c4679699faca",
          "enabled":         true,
          "username":        users.bounce.email,
          "password":        users.bounce.mailu_token,
          "return_path":     users.bounce.email,
-          "tls_enabled":     system_email.tls,
+          "tls_enabled":     SYSTEM_EMAIL.TLS,
          "auth_protocol":   "userpass",
          "scan_interval":   "15m",
          "tls_skip_verify": false
--- a/roles/web-app-mailu/config/main.yml
+++ b/roles/web-app-mailu/config/main.yml
@@ -1,7 +1,7 @@
 oidc:
  email_by_username:      true                        # If true, then the mail is set by the username. If wrong then the OIDC user email is used
  enable_user_creation:   true                        # Users will be created if not existing
-domain:                   "{{ PRIMARY_DOMAIN }}"  # The main domain from which mails will be send \ email suffix behind @                              
+domain:                   "{{ SYSTEM_EMAIL.DOMAIN }}" # The main domain from which mails will be send \ email suffix behind @                              
 features:
  matomo:                 true
  css:                    false
@@ -12,7 +12,9 @@ features:
 server:
  domains:
    canonical:
-      - "mail.{{ PRIMARY_DOMAIN }}"
+      - "{{ SYSTEM_EMAIL.HOST }}"
+    alias:
+      - "mailu.{{ PRIMARY_DOMAIN }}"
  csp:
    flags:
      style-src:
--- a/roles/web-app-mastodon/templates/env.j2
+++ b/roles/web-app-mastodon/templates/env.j2
@@ -43,8 +43,8 @@ REDIS_HOST=redis
 REDIS_PORT=6379
 REDIS_PASSWORD=

-SMTP_SERVER={{ system_email.host }}
-SMTP_PORT={{ system_email.port }}
+SMTP_SERVER={{ SYSTEM_EMAIL.HOST }}
+SMTP_PORT={{ SYSTEM_EMAIL.PORT }}
 SMTP_LOGIN={{ users['no-reply'].email }}
 SMTP_PASSWORD={{ users['no-reply'].mailu_token }}
 SMTP_AUTH_METHOD=plain
--- a/roles/web-app-matrix/templates/synapse/homeserver.yaml.j2
+++ b/roles/web-app-matrix/templates/synapse/homeserver.yaml.j2
@@ -32,13 +32,13 @@ trusted_key_servers:
 admin_contact: 'mailto:{{ users.administrator.email }}'

 email:
-  smtp_host:                    "{{ system_email.host }}"
-  smtp_port:                    "{{ system_email.port }}"
+  smtp_host:                    "{{ SYSTEM_EMAIL.HOST }}"
+  smtp_port:                    "{{ SYSTEM_EMAIL.PORT }}"
  smtp_user:                    "{{ users['no-reply'].email }}"
  smtp_pass:                    "{{ users['no-reply'].mailu_token }}"
  #force_tls:                    true
  #require_transport_security:   true
-  enable_tls:                   "{{ system_email.tls | upper }}"
+  enable_tls:                   "{{ SYSTEM_EMAIL.TLS | upper }}"
  notif_from:                   "Your Friendly %(app)s homeserver <{{ users['no-reply'].email }}>"
  app_name:                     "Matrix on {{ MATRIX_SYNAPSE_DOMAIN }}"
  enable_notifs:                true
--- a/roles/web-app-mobilizon/templates/env.j2
+++ b/roles/web-app-mobilizon/templates/env.j2
@@ -81,8 +81,8 @@ MOBILIZON_INSTANCE_SECRET_KEY={{ applications | get_app_conf(application_id, 'cr

 # The SMTP server
 # Defaults to localhost
-MOBILIZON_SMTP_SERVER={{ system_email.host }}
-MOBILIZON_SMTP_PORT={{ system_email.port }}
+MOBILIZON_SMTP_SERVER={{ SYSTEM_EMAIL.HOST }}
+MOBILIZON_SMTP_PORT={{ SYSTEM_EMAIL.PORT }}
 MOBILIZON_SMTP_USERNAME={{ users['no-reply'].email }}
 MOBILIZON_SMTP_PASSWORD={{ users['no-reply'].mailu_token }}

@@ -98,4 +98,4 @@ MOBILIZON_INSTANCE_DISABLE_DATABASE_LOGIN={{ (applications | get_app_conf(applic
 # Allowed values: always (TLS), never (Clear) and if_available (STARTTLS)
 # Make sure to match the port value as well
 # Defaults to "if_available"
-MOBILIZON_SMTP_TLS={% if system_email.tls %}TLS{% elif system_email.start_tls %}STARTTLS{% else %}Clear{% endif %}
+MOBILIZON_SMTP_TLS={% if SYSTEM_EMAIL.TLS %}TLS{% elif SYSTEM_EMAIL.START_TLS %}STARTTLS{% else %}Clear{% endif %}
--- a/roles/web-app-moodle/templates/env.j2
+++ b/roles/web-app-moodle/templates/env.j2
@@ -17,8 +17,8 @@ MOODLE_DATABASE_NAME={{ database_name }}
 MOODLE_DATABASE_PASSWORD={{ database_password }}

 # SMTP 
-MOODLE_SMTP_HOST={{ system_email.host }}
-MOODLE_SMTP_PORT_NUMBER={{ system_email.port }}
+MOODLE_SMTP_HOST={{ SYSTEM_EMAIL.HOST }}
+MOODLE_SMTP_PORT_NUMBER={{ SYSTEM_EMAIL.PORT }}
 MOODLE_SMTP_USER={{ users['no-reply'].email }}
 MOODLE_SMTP_PASSWORD={{ users['no-reply'].mailu_token }}
-MOODLE_SMTP_PROTOCOL={{ 'ssl' if system_email.tls else ('tls' if system_email.start_tls else '') }}
+MOODLE_SMTP_PROTOCOL={{ 'ssl' if SYSTEM_EMAIL.TLS else ('tls' if SYSTEM_EMAIL.START_TLS else '') }}
--- a/roles/web-app-nextcloud/templates/env.j2
+++ b/roles/web-app-nextcloud/templates/env.j2
@@ -13,15 +13,15 @@ PHP_UPLOAD_LIMIT=               "{{applications | get_app_conf(application_id, '
 PHP_OPCACHE_MEMORY_CONSUMPTION= "{{applications | get_app_conf(application_id, 'performance.php.opcache_memory_consumption')}}"
      
 # Email Configuration
-SMTP_HOST=                      {{ system_email.host }}
-SMTP_SECURE=                    {{ 'ssl' if system_email.tls else '' }}
-SMTP_PORT=                      {{ system_email.port }}
+SMTP_HOST=                      {{ SYSTEM_EMAIL.HOST }}
+SMTP_SECURE=                    {{ 'ssl' if SYSTEM_EMAIL.TLS else '' }}
+SMTP_PORT=                      {{ SYSTEM_EMAIL.PORT }}
 SMTP_NAME=                      {{ users['no-reply'].email }}
 SMTP_PASSWORD=                  {{ users['no-reply'].mailu_token }}

 # Email from configuration
 MAIL_FROM_ADDRESS=              "{{ users['no-reply'].username }}"
-MAIL_DOMAIN=                    "{{ system_email.domain }}"
+MAIL_DOMAIN=                    "{{ SYSTEM_EMAIL.DOMAIN }}"

 # Initial Admin Data
 NEXTCLOUD_ADMIN_USER=           "{{applications | get_app_conf(application_id, 'users.administrator.username')}}"
--- a/roles/web-app-openproject/vars/main.yml
+++ b/roles/web-app-openproject/vars/main.yml
@@ -38,8 +38,8 @@ openproject_dummy_volume:     "{{ docker_compose.directories.volumes }}dummy_vol

 openproject_rails_settings:
  email_delivery_method:      "smtp"
-  smtp_address:               "{{ system_email.host }}"
-  smtp_domain:                "{{ system_email.domain }}"
+  smtp_address:               "{{ SYSTEM_EMAIL.HOST }}"
+  smtp_domain:                "{{ SYSTEM_EMAIL.DOMAIN }}"
  smtp_user_name:             "{{ users['no-reply'].email }}"
  smtp_password:              "{{ users['no-reply'].mailu_token }}"
  smtp_ssl:                   false
--- a/roles/web-app-peertube/templates/env.j2
+++ b/roles/web-app-peertube/templates/env.j2
@@ -16,9 +16,9 @@ PEERTUBE_SECRET={{applications | get_app_conf(application_id, 'credentials.secre
 # E-mail configuration
 PEERTUBE_SMTP_USERNAME={{ users['no-reply'].email }}
 PEERTUBE_SMTP_PASSWORD={{ users['no-reply'].mailu_token }}
-PEERTUBE_SMTP_HOSTNAME={{ system_email.host }}
-PEERTUBE_SMTP_PORT={{ system_email.port }}
+PEERTUBE_SMTP_HOSTNAME={{ SYSTEM_EMAIL.HOST }}
+PEERTUBE_SMTP_PORT={{ SYSTEM_EMAIL.PORT }}
 PEERTUBE_SMTP_FROM={{ users['no-reply'].email }}
-PEERTUBE_SMTP_TLS={{ system_email.tls | lower }}
-PEERTUBE_SMTP_DISABLE_STARTTLS={{ 'false' if system_email.start_tls else 'true' }}
+PEERTUBE_SMTP_TLS={{ SYSTEM_EMAIL.TLS | lower }}
+PEERTUBE_SMTP_DISABLE_STARTTLS={{ 'false' if SYSTEM_EMAIL.START_TLS else 'true' }}
 PEERTUBE_ADMIN_EMAIL={{ users['no-reply'].email }}
--- a/roles/web-app-pixelfed/templates/env.j2
+++ b/roles/web-app-pixelfed/templates/env.j2
@@ -46,15 +46,15 @@ RESTRICTED_INSTANCE=false

 ## Mail
 MAIL_DRIVER=log
-MAIL_HOST={{ system_email.host }}
-MAIL_PORT={{ system_email.port }}
+MAIL_HOST={{ SYSTEM_EMAIL.HOST }}
+MAIL_PORT={{ SYSTEM_EMAIL.PORT }}
 MAIL_FROM_ADDRESS="{{ users['no-reply'].email }}"
 MAIL_FROM_NAME={{ service_provider.company.titel }} - Pixelfed
 MAIL_USERNAME={{ users['no-reply'].email }}
 MAIL_PASSWORD={{ users['no-reply'].mailu_token }}
 # Not sure if the following is correct
 # Checkout: https://github.com/pixelfed/pixelfed/blob/dev/.env.docker
-MAIL_ENCRYPTION={{ 'ssl' if system_email.start_tls else 'tls' }} 
+MAIL_ENCRYPTION={{ 'ssl' if SYSTEM_EMAIL.START_TLS else 'tls' }} 

 ## Databases (MySQL)
 DB_CONNECTION=mysql
--- a/roles/web-app-snipe-it/templates/env.j2
+++ b/roles/web-app-snipe-it/templates/env.j2
@@ -48,11 +48,11 @@ DB_SSL_VERIFY_SERVER=null
 # REQUIRED: OUTGOING MAIL SERVER SETTINGS
 # --------------------------------------------
 MAIL_MAILER             =   smtp
-MAIL_HOST               =   {{ system_email.host }}
-MAIL_PORT               =   {{ system_email.port }}
+MAIL_HOST               =   {{ SYSTEM_EMAIL.HOST }}
+MAIL_PORT               =   {{ SYSTEM_EMAIL.PORT }}
 MAIL_USERNAME           =   {{ users['no-reply'].email }}
 MAIL_PASSWORD           =   {{ users['no-reply'].mailu_token }}
-MAIL_TLS_VERIFY_PEER    =   {{ system_email.tls | capitalize }}
+MAIL_TLS_VERIFY_PEER    =   {{ SYSTEM_EMAIL.TLS | capitalize }}
 MAIL_FROM_ADDR          =   {{ users['no-reply'].email }}
 MAIL_FROM_NAME          =   {{ service_provider.company.titel }} - Snipe-IT
 MAIL_REPLYTO_ADDR       =   {{ users['no-reply'].email }}
--- a/roles/web-app-taiga/templates/env.j2
+++ b/roles/web-app-taiga/templates/env.j2
@@ -17,8 +17,8 @@ POSTGRES_HOST       =   "{{ database_host }}"

 # Taiga's SMTP settings - Variables to send Taiga's emails to the users
 EMAIL_BACKEND       =   "{{email_backend}}"          # use an SMTP server or display the emails in the console (either "smtp" or "console")
-EMAIL_HOST          =   "{{ system_email.host }}"      # SMTP server address
-EMAIL_PORT          =   "{{ system_email.port }}" # default SMTP port
+EMAIL_HOST          =   "{{ SYSTEM_EMAIL.HOST }}"      # SMTP server address
+EMAIL_PORT          =   "{{ SYSTEM_EMAIL.PORT }}" # default SMTP port
 EMAIL_HOST_USER     =   "{{ users['no-reply'].email }}"  # user to connect the SMTP server
 EMAIL_HOST_PASSWORD =   "{{ users['no-reply'].mailu_token }}"  # SMTP user's password
 EMAIL_DEFAULT_FROM  =   "{{ users['no-reply'].email }}"      # default email address for the automated emails
@@ -26,8 +26,8 @@ EMAIL_BACKEND:      =   "django.core.mail.backends.{{email_backend}}.EmailBacken
 DEFAULT_FROM_EMAIL  =   "{{ users['no-reply'].email }}"

 # EMAIL_USE_TLS/EMAIL_USE_SSL are mutually exclusive (only set one of those to True)
-EMAIL_USE_TLS   =   "{{ system_email.tls | capitalize }}"         # use TLS (secure) connection with the SMTP server
-EMAIL_USE_SSL   =   "{{ 'False' if system_email.start_tls else 'True' }}" # use implicit TLS (secure) connection with the SMTP server
+EMAIL_USE_TLS   =   "{{ SYSTEM_EMAIL.TLS | capitalize }}"         # use TLS (secure) connection with the SMTP server
+EMAIL_USE_SSL   =   "{{ 'False' if SYSTEM_EMAIL.START_TLS else 'True' }}" # use implicit TLS (secure) connection with the SMTP server

 RABBITMQ_USER=taiga
 RABBITMQ_PASS=taiga
--- a/tasks/stages/01_constructor.yml
+++ b/tasks/stages/01_constructor.yml
@@ -13,7 +13,7 @@

  - name: Merge system_email definitions
    set_fact:
-      system_email: "{{ default_system_email | combine(system_email | default({}, true), recursive=True) }}"
+      SYSTEM_EMAIL: "{{ DEFAULT_SYSTEM_EMAIL | combine(system_email | default({}, true), recursive=True) }}"
    no_log: "{{ MASK_CREDENTIALS_IN_LOGS | bool }}"

  - name: Merge application definitions
Author	SHA1	Message	Date
Kevin Veen-Birkenbach	242347878d	Moved email host and domain SPOT to SYSTEM_EMAIL constant	2025-08-19 10:00:35 +02:00
Kevin Veen-Birkenbach	f46aabe884	Moved healthcheck to the end so that it is setup after email configuration	2025-08-19 09:46:12 +02:00
Kevin Veen-Birkenbach	d3cc187c3b	Made System Email Variables UPPER	2025-08-19 09:34:18 +02:00
				`@@ -0,0 +1 @@`
				`DEFAULT_EMAIL_ACCOUNT: "{{ SOFTWARE_NAME \| replace('.', '_') \| lower }}__default_email_account"`