kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-06-25 11:45:32 +02:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: kevinveenbirkenbach:b599a528b8f50b7073e2b04ca8aa2f01de4ff868
Branches Tags
kevinveenbirkenbach:master
..
compare: kevinveenbirkenbach:7a7825cc6115eb7b80769eed7089ad8d45e7169b
Branches Tags
kevinveenbirkenbach:master

No commits in common. "b599a528b8f50b7073e2b04ca8aa2f01de4ff868" and "7a7825cc6115eb7b80769eed7089ad8d45e7169b" have entirely different histories.
b599a528b8 ... 7a7825cc61

93 changed files with 204 additions and 322 deletions
Show Stats Expand all files Collapse all files

2
Makefile
View File

@ -1,7 +1,7 @@
ROLES_DIR := ./roles
APPLICATIONS_OUT := ./group_vars/all/03_applications.yml
APPLICATIONS_SCRIPT := ./cli/generate-applications-defaults.py
INCLUDES_OUT := ./tasks/utils/docker-roles.yml
INCLUDES_OUT := ./tasks/include-docker-roles.yml
INCLUDES_SCRIPT := ./cli/generate_playbook.py
.PHONY: build install test

3
docs/guides/developer/Role_Creation.md
View File

@ -98,7 +98,8 @@ Now that you have defined the application settings, domain, and application ID,
domain: "{{ domains | get_domain(application_id) }}"
http_port: "{{ ports.localhost.http[application_id] }}"
- include_tasks: "{{ playbook_dir }}/roles/docker-compose/tasks/create-files.yml"
- name: "copy docker-compose.yml and env file"
include_tasks: copy-docker-compose-and-env.yml
```
3. **`docker-compose.yml.j2`**:

1
filter_plugins/configuration_filters.py
View File

@ -23,7 +23,6 @@ def get_docker_compose(path_docker_compose_instances: str, application_id: str)
'files': {
'env': f"{base}.env/env",
'docker_compose': f"{base}docker-compose.yml",
'dockerfile': f"{base}Dockerfile",
}
}

16
group_vars/all/15_about.yml
View File

@ -19,15 +19,15 @@ defaults_service_provider:
bluesky: >-
{{ ('@' ~ users.administrator.username ~ '.' ~ domains.bluesky.api)
if 'bluesky' in group_names else '' }}
email: "contact@{{ primary_domain }}"
mastodon: "{{ '@' ~ users.administrator.username ~ '@' ~ domains | get_domain('mastodon') if 'mastodon' in group_names else '' }}"
matrix: "{{ '@' ~ users.administrator.username ~ ':' ~ domains.matrix.synapse if 'matrix' in group_names else '' }}"
peertube: "{{ '@' ~ users.administrator.username ~ '@' ~ domains | get_domain('peertube') if 'peertube' in group_names else '' }}"
pixelfed: "{{ '@' ~ users.administrator.username ~ '@' ~ domains | get_domain('pixelfed') if 'pixelfed' in group_names else '' }}"
phone: "+0 000 000 404"
wordpress: "{{ '@' ~ users.administrator.username ~ '@' ~ domains | get_domain('wordpress') if 'wordpress' in group_names else '' }}"
email: "contact@{{ primary_domain }}"
mastodon: "{{ '@' ~ users.administrator.username ~ '@' ~ domains | get_domain('mastodon') if 'mastodon' in group_names else '' }}"
matrix: "{{ '@' ~ users.administrator.username ~ ':' ~ domains.matrix.synapse if 'matrix' in group_names else '' }}"
peertube: "{{ '@' ~ users.administrator.username ~ '@' ~ domains | get_domain('peertube') if 'peertube' in group_names else '' }}"
pixelfed: "{{ '@' ~ users.administrator.username ~ '@' ~ domains | get_domain('pixelfed') if 'pixelfed' in group_names else '' }}"
phone: "+0 000 000 404"
wordpress: "{{ '@' ~ users.administrator.username ~ '@' ~ domains | get_domain('wordpress') if 'wordpress' in group_names else '' }}"
legal:
editorial_responsible: "Johannes Gutenberg"
source_code: "https://github.com/kevinveenbirkenbach/cymais"
imprint: "{{web_protocol}}://{{ domains | get_domain('html-server') }}/imprint.html"
imprint: "{{web_protocol}}://{{ domains | get_domain('html-server') }}/imprint.html"

6
playbook.yml
View File

@ -2,9 +2,9 @@
hosts: all
tasks:
- name: "Load 'constructor' tasks"
include_tasks: "tasks/plays/01_constructor.yml"
include_tasks: "tasks/constructor.yml"
- name: "Load '{{host_type}}' tasks"
include_tasks: "tasks/plays/02_{{host_type}}.yml"
include_tasks: "tasks/{{host_type}}.yml"
- name: "Load 'destructor' tasks"
include_tasks: "tasks/plays/03_destructor.yml"
include_tasks: "tasks/destructor.yml"
become: true

2
roles/docker-akaunting/templates/docker-compose.yml.j2
View File

@ -6,7 +6,7 @@ services:
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
image: "{{ applications[application_id].images.akaunting }}"
image: docker.io/akaunting/akaunting:{{applications.akaunting.version}}
build:
context: .
ports:

17
roles/docker-akaunting/vars/configuration.yml
View File

@ -1,13 +1,12 @@
images:
akaunting: "docker.io/akaunting/akaunting:latest"
company_name: "{{primary_domain}}"
company_email: "{{users.administrator.email}}"
setup_admin_email: "{{users.administrator.email}}"
version: "latest"
company_name: "{{primary_domain}}"
company_email: "{{users.administrator.email}}"
setup_admin_email: "{{users.administrator.email}}"
features:
matomo: true
css: true
portfolio_iframe: false
central_database: true
matomo: true
css: true
portfolio_iframe: false
central_database: true
credentials:
domains:
canonical:

4
roles/docker-attendize/templates/docker-compose.yml.j2
View File

@ -5,7 +5,7 @@ services:
{% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %}
web:
image: "{{ applications[application_id].images.web }}"
image: "attendize_web:{{applications.attendize.version}}"
ports:
- "{{ports.localhost.http[application_id]}}:80"
volumes:
@ -19,7 +19,7 @@ services:
{% include 'templates/docker/container/networks.yml.j2' %}
worker:
image: "{{ applications[application_id].images.worker }}"
image: "attendize_worker:{{applications.attendize.version}}"
{% include 'templates/docker/container/depends-on-database-redis.yml.j2' %}
maildev:
{% include 'templates/docker/container/networks.yml.j2' %}

4
roles/docker-attendize/vars/configuration.yml
View File

@ -1,6 +1,4 @@
image:
web: "attendize_web:latest"
worker: "attendize_worker:latest"
version: "latest"
credentials:
features:
matomo: true

3
roles/docker-baserow/tasks/main.yml
View File

@ -10,4 +10,5 @@
domain: "{{ domains | get_domain(application_id) }}"
http_port: "{{ ports.localhost.http[application_id] }}"
- include_tasks: "{{ playbook_dir }}/roles/docker-compose/tasks/create-files.yml"
- name: "copy docker-compose.yml and env file"
include_tasks: copy-docker-compose-and-env.yml

2
roles/docker-baserow/templates/docker-compose.yml.j2
View File

@ -6,7 +6,7 @@ services:
application:
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
image: "{{ applications[application_id].images.baserow }}"
image: "baserow/baserow:{{applications.baserow.version}}"
container_name: baserow-application
volumes:
- data:/baserow/data

3
roles/docker-baserow/vars/configuration.yml
View File

@ -1,5 +1,4 @@
images:
baserow: "baserow/baserow:latest"
version: "latest"
features:
matomo: true
css: true

3
roles/docker-bluesky/tasks/main.yml
View File

@ -47,4 +47,5 @@
version: "main"
notify: docker compose project build and setup
- include_tasks: "{{ playbook_dir }}/roles/docker-compose/tasks/create-files.yml"
- name: "copy docker-compose.yml and env file"
include_tasks: copy-docker-compose-and-env.yml

2
roles/docker-bluesky/templates/docker-compose.yml.j2
View File

@ -1,6 +1,6 @@
services:
pds:
image: "{{ applications[application_id].images.pds }}"
image: "ghcr.io/bluesky-social/pds:{{applications.bluesky.pds.version}}"
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
volumes:
- pds_data:/opt/pds

2
roles/docker-bluesky/vars/configuration.yml
View File

@ -1,8 +1,6 @@
users:
administrator:
email: "{{users.administrator.email}}"
images:
pds: "ghcr.io/bluesky-social/pds:latest"
pds:
version: "latest"
credentials:

42
roles/docker-compose/tasks/create-files.yml
View File

@ -1,42 +0,0 @@
- name: "Create (optional) '{{ docker_compose.files.dockerfile }}'"
template:
src: "{{ playbook_dir }}/roles/{{ role_name }}/templates/Dockerfile"
dest: "{{ docker_compose.files.dockerfile }}"
notify: docker compose project build and setup
ignore_errors: false
register: create_dockerfile_result
failed_when:
- create_dockerfile_result is failed
- "'Could not find or access' not in create_dockerfile_result.msg"
- name: "Create (optional) '{{ docker_compose.files.env }}'"
template:
src: "env.j2"
dest: "{{ docker_compose.files.env }}"
mode: '770'
force: yes
notify: docker compose project setup
register: env_template
ignore_errors: false
failed_when:
- env_template is failed
- "'Could not find or access' not in env_template.msg"
- name: "Create (obligatoric) '{{ docker_compose.files.docker_compose }}'"
template:
src: "docker-compose.yml.j2"
dest: "{{ docker_compose.files.docker_compose }}"
notify: docker compose project setup
register: docker_compose_template
- name: "Check if any container is running in {{ docker_compose.directories.instance }}"
command: docker compose ps -q --filter status=running
args:
chdir: "{{ docker_compose.directories.instance }}"
register: docker_ps
changed_when: (docker_ps.stdout | trim) == ""
notify: docker compose project setup
when: not (docker_compose_template.changed or env_template.changed)
- name: flush docker compose project setup
meta: flush_handlers

2
roles/docker-coturn/README.md
View File

@ -1,4 +1,4 @@
# Coturn Server (DRAFT)
# DRAFT role docker-coturn
setup an coturn server based on https://hub.docker.com/r/coturn/coturn
## todo

3
roles/docker-coturn/tasks/main.yml
View File

@ -10,4 +10,5 @@
domain: "{{ domains | get_domain(application_id) }}"
http_port: "{{ ports.localhost.http[application_id] }}"
- include_tasks: "{{ playbook_dir }}/roles/docker-compose/tasks/create-files.yml"
- name: "copy docker-compose.yml and env file"
include_tasks: copy-docker-compose-and-env.yml

6
roles/docker-coturn/vars/configuration.yml.j2
View File

@ -1,2 +1,4 @@
user: turnuser
credentials:
user: turnuser
credentials:
# password: # Need to be defined in invetory file
# secret: # Need to be defined in invetory file

3
roles/docker-espocrm/tasks/main.yml
View File

@ -14,7 +14,8 @@
domain: "{{ domains | get_domain(application_id) }}"
http_port: "{{ ports.localhost.http[application_id] }}"
- include_tasks: "{{ playbook_dir }}/roles/docker-compose/tasks/create-files.yml"
- name: "copy docker-compose.yml and env file"
include_tasks: copy-docker-compose-and-env.yml
- name: Set OIDC scopes in EspoCRM config (inside web container)
ansible.builtin.shell: |

6
roles/docker-espocrm/templates/docker-compose.yml.j2
View File

@ -3,7 +3,7 @@ services:
{% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %}
web:
image: "{{ applications[application_id].images.espocrm }}"
image: espocrm/espocrm:{{ applications[application_id].version }}
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost/"]
@ -15,7 +15,7 @@ services:
- data:/var/www/html
daemon:
image: "{{ applications[application_id].images.espocrm }}"
image: espocrm/espocrm:{{ applications[application_id].version }}
restart: {{docker_restart_policy}}
logging:
driver: journald
@ -25,7 +25,7 @@ services:
- data:/var/www/html
websocket:
image: "{{ applications[application_id].images.espocrm }}"
image: espocrm/espocrm:{{ applications[application_id].version }}
restart: {{docker_restart_policy}}
logging:
driver: journald

3
roles/docker-espocrm/vars/configuration.yml
View File

@ -1,5 +1,4 @@
images:
espocrm: "espocrm/espocrm:latest"
version: "latest"
users:
administrator:
username: "{{ users.administrator.username }}"

3
roles/docker-friendica/tasks/main.yml
View File

@ -10,4 +10,5 @@
domain: "{{ domains | get_domain(application_id) }}"
http_port: "{{ ports.localhost.http[application_id] }}"
- include_tasks: "{{ playbook_dir }}/roles/docker-compose/tasks/create-files.yml"
- name: "copy docker-compose.yml and env file"
include_tasks: copy-docker-compose-and-env.yml

2
roles/docker-friendica/templates/docker-compose.yml.j2
View File

@ -3,7 +3,7 @@ services:
{% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %}
application:
image: "{{ applications[application_id].images.friendica }}"
image: "friendica:{{applications.friendica.version}}"
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
volumes:
- html:/var/www/html

3
roles/docker-friendica/vars/configuration.yml
View File

@ -1,5 +1,4 @@
images:
friendica: "friendica:latest"
version: "latest"
features:
matomo: true
css: true

3
roles/docker-funkwhale/tasks/main.yml
View File

@ -10,6 +10,7 @@
domain: "{{ domains | get_domain(application_id) }}"
http_port: "{{ ports.localhost.http[application_id] }}"
- include_tasks: "{{ playbook_dir }}/roles/docker-compose/tasks/create-files.yml"
- name: "copy docker-compose.yml and env file"
include_tasks: copy-docker-compose-and-env.yml

10
roles/docker-funkwhale/templates/docker-compose.yml.j2
View File

@ -14,7 +14,7 @@ services:
# flag:
# celery -A funkwhale_api.taskapp worker -l INFO --concurrency=4
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
image: "{{ applications[application_id].images.api }}"
image: funkwhale/api:{{applications.funkwhale.version}}
command: celery -A funkwhale_api.taskapp worker -l INFO --concurrency={{celeryd_concurrency}}
environment:
- C_FORCE_ROOT=true
@ -26,14 +26,14 @@ services:
celerybeat:
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
image: "{{ applications[application_id].images.api }}"
image: funkwhale/api:{{applications.funkwhale.version}}
command: celery -A funkwhale_api.taskapp beat --pidfile= -l INFO
{% include 'templates/docker/container/depends-on-database-redis.yml.j2' %}
{% include 'templates/docker/container/networks.yml.j2' %}
api:
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
image: "{{ applications[application_id].images.api }}"
image: funkwhale/api:{{applications.funkwhale.version}}
volumes:
- "music:{{music_directory_path}}:ro"
- "data:{{media_root}}"
@ -45,7 +45,7 @@ services:
front:
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
image: "{{ applications[application_id].images.front }}"
image: funkwhale/front:{{applications.funkwhale.version}}
depends_on:
- api
environment:
@ -60,7 +60,7 @@ services:
typesense:
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
image: "{{ applications[application_id].images.typesense }}"
image: typesense/typesense:0.24.0
volumes:
- ./typesense/data:/data
command: --data-dir /data --enable-cors

5
roles/docker-funkwhale/vars/configuration.yml
View File

@ -1,7 +1,4 @@
images:
api: "funkwhale/api:1.4.0"
front: "funkwhale/front:1.4.0"
typesense: "typesense/typesense"
version: "1.4.0"
features:
matomo: true
css: true

2
roles/docker-fusiondirectory/README.md
View File

@ -1,4 +1,4 @@
# FusionDirectory (DRAFT)
# FusionDirectory
# Warning
This application isn't implemented yet

3
roles/docker-fusiondirectory/tasks/main.yml
View File

@ -9,4 +9,5 @@
domain: "{{ domains | get_domain(application_id) }}"
http_port: "{{ ports.localhost.http[application_id] }}"
- include_tasks: "{{ playbook_dir }}/roles/docker-compose/tasks/create-files.yml"
- name: "copy docker-compose.yml and env file"
include_tasks: copy-docker-compose-and-env.yml

3
roles/docker-gitea/tasks/main.yml
View File

@ -10,4 +10,5 @@
domain: "{{ domains | get_domain(application_id) }}"
http_port: "{{ ports.localhost.http[application_id] }}"
- include_tasks: "{{ playbook_dir }}/roles/docker-compose/tasks/create-files.yml"
- name: "copy docker-compose.yml and env file"
include_tasks: copy-docker-compose-and-env.yml

2
roles/docker-gitea/templates/docker-compose.yml.j2
View File

@ -4,7 +4,7 @@ services:
application:
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
image: "{{ applications[application_id].images.gitea }}"
image: "gitea/gitea:{{applications.gitea.version}}"
ports:
- "127.0.0.1:{{ports.localhost.http[application_id]}}:3000"
- "{{ports.public.ssh[application_id]}}:22"

9
roles/docker-gitea/vars/configuration.yml
View File

@ -1,5 +1,4 @@
images:
gitea: "gitea/gitea:latest"
version: "latest" # Use latest docker image
configuration:
repository:
enable_push_create_user: True # Allow users to push local repositories to Gitea and have them automatically created for a user.
@ -8,14 +7,14 @@ configuration:
features:
matomo: true
css: true
portfolio_iframe: true
portfolio_iframe: true
central_database: true
csp:
flags:
script-src:
unsafe-inline: true
unsafe-inline: true
style-src:
unsafe-inline: true
unsafe-inline: true
whitelist:
font-src:
- "data:"

3
roles/docker-gitlab/tasks/main.yml
View File

@ -10,4 +10,5 @@
domain: "{{ domains | get_domain(application_id) }}"
http_port: "{{ ports.localhost.http[application_id] }}"
- include_tasks: "{{ playbook_dir }}/roles/docker-compose/tasks/create-files.yml"
- name: "copy docker-compose.yml and env file"
include_tasks: copy-docker-compose-and-env.yml

2
roles/docker-gitlab/templates/docker-compose.yml.j2
View File

@ -5,7 +5,7 @@ services:
{% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %}
web:
image: "{{ applications[application_id].images.gitlab }}"
image: "gitlab/gitlab-ee:{{applications.gitlab.version}}"
hostname: '{{domains | get_domain(application_id)}}'
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
ports:

3
roles/docker-gitlab/vars/configuration.yml
View File

@ -1,5 +1,4 @@
images:
gitlab: "gitlab/gitlab-ee:latest"
version: "latest"
features:
matomo: true
css: true

3
roles/docker-joomla/tasks/main.yml
View File

@ -13,4 +13,5 @@
loop_control:
loop_var: domain
- include_tasks: "{{ playbook_dir }}/roles/docker-compose/tasks/create-files.yml"
- name: "copy docker-compose.yml and env file"
include_tasks: copy-docker-compose-and-env.yml

2
roles/docker-joomla/templates/docker-compose.yml.j2
View File

@ -3,7 +3,7 @@ services:
{% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %}
application:
image: "{{ applications[application_id].images.joomla }}"
image: "joomla:{{applications.joomla.version}}"
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
volumes:
- data:/var/www/html

3
roles/docker-joomla/vars/configuration.yml
View File

@ -1,5 +1,4 @@
images:
joomla: "joomla:latest"
version: "latest"
features:
matomo: true
css: true

3
roles/docker-keycloak/tasks/main.yml
View File

@ -10,7 +10,8 @@
domain: "{{ domains | get_domain(application_id) }}"
http_port: "{{ ports.localhost.http[application_id] }}"
- include_tasks: "{{ playbook_dir }}/roles/docker-compose/tasks/create-files.yml"
- name: "copy docker-compose.yml and env file"
include_tasks: copy-docker-compose-and-env.yml
- name: "create directory {{import_directory_host}}"
file:

2
roles/docker-keycloak/templates/docker-compose.yml.j2
View File

@ -3,7 +3,7 @@ services:
{% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %}
application:
image: "{{ applications[application_id].images.keycloak }}"
image: quay.io/keycloak/keycloak:{{applications.keycloak.version}}
container_name: {{container_name}}
command: start {% if applications[application_id].import_realm | bool %}--import-realm{% endif %}
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}

3
roles/docker-keycloak/vars/configuration.yml
View File

@ -1,5 +1,4 @@
images:
keycloak: "quay.io/keycloak/keycloak:latest"
version: "latest"
users:
administrator:
username: "{{users.administrator.username}}" # Administrator Username for Keycloak

3
roles/docker-lam/tasks/main.yml
View File

@ -9,4 +9,5 @@
domain: "{{ domains | get_domain(application_id) }}"
http_port: "{{ ports.localhost.http[application_id] }}"
- include_tasks: "{{ playbook_dir }}/roles/docker-compose/tasks/create-files.yml"
- name: "copy docker-compose.yml and env file"
include_tasks: copy-docker-compose-and-env.yml

2
roles/docker-lam/templates/docker-compose.yml.j2
View File

@ -4,7 +4,7 @@ services:
application:
container_name: {{ application_id }}
image: "{{ applications[application_id].images.lam }}"
image: ghcr.io/ldapaccountmanager/lam:{{applications[application_id].version}}
ports:
- 127.0.0.1:{{ports.localhost.http[application_id]}}:80
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}

3
roles/docker-lam/vars/configuration.yml
View File

@ -1,5 +1,4 @@
images:
lam: "ghcr.io/ldapaccountmanager/lam:latest"
version: "latest"
oauth2_proxy:
application: application
port: 80

3
roles/docker-ldap/tasks/main.yml
View File

@ -23,7 +23,8 @@
ipam_config:
- subnet: "{{ networks.local.central_ldap.subnet }}"
- include_tasks: "{{ playbook_dir }}/roles/docker-compose/tasks/create-files.yml"
- name: "copy docker-compose.yml and env file"
include_tasks: copy-docker-compose-and-env.yml
- name: "create directory {{ldif_host_path}}{{item}}"
file:

2
roles/docker-ldap/templates/docker-compose.yml.j2
View File

@ -3,7 +3,7 @@ services:
{% include 'roles/docker-oauth2-proxy/templates/container.yml.j2' %}
application:
image: "{{ applications[application_id].images.openldap }}"
image: bitnami/openldap:{{ applications[application_id].version }}
container_name: {{ applications[application_id].hostname }}
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
{% if applications[application_id].network.public | bool or applications[application_id].network.local | bool %}

3
roles/docker-ldap/vars/configuration.yml
View File

@ -1,5 +1,4 @@
images:
openldap: "bitnami/openldap:latest"
version: "latest"
network:
local: True # Activates local network. Necessary for LDIF import routines
docker: True # Activates docker network to allow other docker containers to connect

3
roles/docker-listmonk/tasks/main.yml
View File

@ -25,7 +25,8 @@
dest: "{{docker_compose.directories.config}}config.toml"
notify: docker compose project setup
- include_tasks: "{{ playbook_dir }}/roles/docker-compose/tasks/create-files.yml"
- name: "copy docker-compose.yml and env file"
include_tasks: copy-docker-compose-and-env.yml
- name: Check if listmonk database is already initialized
command: docker compose exec -T {{database_host}} psql -U {{database_username}} -d {{database_name}} -c "\dt"

2
roles/docker-listmonk/templates/docker-compose.yml.j2
View File

@ -4,7 +4,7 @@ services:
application:
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
image: "{{ applications[application_id].images.listmonk }}"
image: listmonk/listmonk:{{applications.listmonk.version}}
ports:
- "127.0.0.1:{{ports.localhost.http[application_id]}}:9000"
volumes:

2
roles/docker-listmonk/vars/configuration.yml
View File

@ -1,5 +1,3 @@
images:
listmonk: "listmonk/listmonk:latest"
users:
administrator:
username: "{{users.administrator.username}}" # Listmonk administrator account username

3
roles/docker-mailu/tasks/main.yml
View File

@ -18,7 +18,8 @@
name: nginx-docker-cert-deploy
when: run_once_docker_mailu is not defined
- include_tasks: "{{ playbook_dir }}/roles/docker-compose/tasks/create-files.yml"
- name: "Copy docker-compose.yml and env file"
include_tasks: copy-docker-compose-and-env.yml
when: run_once_docker_mailu is not defined
- name: Flush docker service handlers

3
roles/docker-mastodon/tasks/main.yml
View File

@ -16,7 +16,8 @@
client_max_body_size: "80m"
vhost_flavour: "ws_generic"
- include_tasks: "{{ playbook_dir }}/roles/docker-compose/tasks/create-files.yml"
- name: "copy docker-compose.yml and env file"
include_tasks: copy-docker-compose-and-env.yml
- name: flush docker service
meta: flush_handlers

6
roles/docker-mastodon/templates/docker-compose.yml.j2
View File

@ -5,7 +5,7 @@ services:
{% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %}
web:
image: "{{ applications[application_id].images.mastodon }}"
image: ghcr.io/mastodon/mastodon:{{applications.mastodon.version}}
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
command: bash -c "rm -f /mastodon/tmp/pids/server.pid; bundle exec rails s -p 3000"
healthcheck:
@ -18,7 +18,7 @@ services:
{% include 'templates/docker/container/networks.yml.j2' %}
streaming:
image: "{{ applications[application_id].images.streaming }}"
image: ghcr.io/mastodon/mastodon-streaming:{{applications.mastodon.version}}
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
command: node ./streaming
healthcheck:
@ -29,7 +29,7 @@ services:
{% include 'templates/docker/container/networks.yml.j2' %}
sidekiq:
image: "{{ applications[application_id].images.mastodon }}"
image: ghcr.io/mastodon/mastodon:{{applications.mastodon.version}}
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
command: bundle exec sidekiq
{% include 'templates/docker/container/depends-on-database-redis.yml.j2' %}

4
roles/docker-mastodon/vars/configuration.yml
View File

@ -1,6 +1,4 @@
images:
mastodon: "ghcr.io/mastodon/mastodon:latest"
streaming: "ghcr.io/mastodon/mastodon-streaming:latest"
version: "latest"
single_user_mode: false # Set true for initial setup
setup: false # Set true in inventory file to execute the setup and initializing procedures
credentials:

3
roles/docker-matomo/tasks/main.yml
View File

@ -12,7 +12,8 @@
http_port: "{{ ports.localhost.http[application_id] }}"
when: run_once_docker_matomo is not defined
- include_tasks: "{{ playbook_dir }}/roles/docker-compose/tasks/create-files.yml"
- name: "copy docker-compose.yml and env file"
include_tasks: copy-docker-compose-and-env.yml
when: run_once_docker_matomo is not defined
- name: run the docker matomo tasks once

2
roles/docker-matomo/templates/docker-compose.yml.j2
View File

@ -4,7 +4,7 @@ services:
application:
{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
image: "{{ applications[application_id].images.matomo }}"
image: matomo:{{applications.matomo.version}}
ports:
- "127.0.0.1:{{ports.localhost.http.matomo}}:80"
volumes:

3
roles/docker-matomo/vars/configuration.yml
View File

@ -1,5 +1,4 @@
images:
matomo: "matomo:latest"
version: "latest"
features:
matomo: true
css: false

4
roles/docker-matrix/templates/docker-compose.yml.j2
View File

@ -3,7 +3,7 @@ services:
{% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %}
synapse:
image: "{{ applications[application_id].images.synapse }}"
image: matrixdotorg/synapse:{{applications[application_id].synapse.version}}
container_name: matrix-synapse
restart: {{docker_restart_policy}}
logging:
@ -36,7 +36,7 @@ services:
{% endif %}
{% include 'templates/docker/container/networks.yml.j2' %}
element:
image: "{{ applications[application_id].images.element }}"
image: vectorim/element-web:{{applications[application_id].element.version}}
container_name: matrix-element
restart: {{docker_restart_policy}}
volumes:

5
roles/docker-matrix/vars/configuration.yml
View File

@ -1,7 +1,4 @@
images:
synapse: "matrixdotorg/synapse:latest"
element: "vectorim/element-web:latest"
# Set bridges
users:
administrator:
username: "{{users.administrator.username}}" # Accountname of the matrix admin

9
roles/docker-moodle/tasks/main.yml
View File

@ -10,7 +10,14 @@
domain: "{{ domains | get_domain(application_id) }}"
http_port: "{{ ports.localhost.http[application_id] }}"
- include_tasks: "{{ playbook_dir }}/roles/docker-compose/tasks/create-files.yml"
- name: "Transfer Dockerfile to {{ docker_compose.directories.instance }}"
template:
src: Dockerfile.j2
dest: "{{ docker_compose.directories.instance }}Dockerfile"
notify: docker compose project build and setup
- name: "copy docker-compose.yml and env file"
include_tasks: copy-docker-compose-and-env.yml
- name: "Configure OIDC login for Moodle if enabled"
include_tasks: oidc.yml

3
roles/docker-nextcloud/tasks/main.yml
View File

@ -35,7 +35,8 @@
dest: "{{docker_compose.directories.volumes}}nginx.conf"
notify: restart nextcloud nginx service
- include_tasks: "{{ playbook_dir }}/roles/docker-compose/tasks/create-files.yml"
- name: "copy docker-compose.yml and env file"
include_tasks: copy-docker-compose-and-env.yml
- name: Flush all handlers immediately so that occ can be used
meta: flush_handlers

18
roles/docker-openproject/tasks/main.yml
View File

@ -10,16 +10,23 @@
domain: "{{ domains | get_domain(application_id) }}"
http_port: "{{ ports.localhost.http[application_id] }}"
- name: "Create {{openproject_plugins_folder}}"
- name: "Create {{openproject_plugins_service}}"
file:
path: "{{openproject_plugins_folder}}"
path: "{{openproject_plugins_service}}"
state: directory
mode: '0755'
- name: "Transfering Gemfile.plugins to {{openproject_plugins_folder}}"
- name: "Transfering Gemfile.plugins to {{openproject_plugins_service}}"
copy:
src: Gemfile.plugins
dest: "{{openproject_plugins_folder}}Gemfile.plugins"
dest: "{{openproject_plugins_service}}Gemfile.plugins"
notify:
- docker compose project build and setup
- name: "Transfering Dockerfile to {{openproject_plugins_service}}Dockerfile"
template:
src: Dockerfile
dest: "{{openproject_plugins_service}}Dockerfile"
notify:
- docker compose project build and setup
@ -33,7 +40,8 @@
state: directory
mode: 0755
- include_tasks: "{{ playbook_dir }}/roles/docker-compose/tasks/create-files.yml"
- name: "copy docker-compose.yml and env file"
include_tasks: copy-docker-compose-and-env.yml
- name: flush docker service
meta: flush_handlers

2
roles/docker-openproject/templates/Dockerfile.j2 → roles/docker-openproject/templates/Dockerfile
View File

@ -5,7 +5,7 @@ FROM openproject/community:{{applications.openproject.version}}
# path inside of the container. Say for `/app/vendor/plugins/openproject-slack`:
# COPY /path/to/my/local/openproject-slack /app/vendor/plugins/openproject-slack
COPY volumes/plugins/Gemfile.plugins /app/
COPY Gemfile.plugins /app/
# If the plugin uses any external NPM dependencies you have to install them here.
# RUN npm add npm <package-name>*

2
roles/docker-openproject/templates/docker-compose.yml.j2
View File

@ -4,7 +4,7 @@ x-op-app: &app
driver: journald
image: {{custom_openproject_image}}
build:
context: .
context: {{openproject_plugins_service}}
dockerfile: Dockerfile
services:

2
roles/docker-openproject/vars/configuration.yml
View File

@ -9,7 +9,7 @@ ldap:
features:
matomo: true
css: true
portfolio_iframe: false
portfolio_iframe: false
ldap: true
central_database: true
oauth2: true

5
roles/docker-openproject/vars/main.yml
View File

@ -2,8 +2,7 @@ application_id: "openproject"
docker_repository_address: "https://github.com/opf/openproject-deploy"
database_type: "postgres"
openproject_plugins_folder: "{{docker_compose.directories.volumes}}plugins/"
openproject_plugins_service: "{{docker_compose.directories.services}}plugins/"
custom_openproject_image: "custom_openproject"
# The following volume doesn't have a practcical function. It just exist to prevent the creation of unnecessary anonymous volumes
@ -24,4 +23,4 @@ openproject_filters:
users: >-
{{ '(memberOf=cn=openproject-users,' ~ ldap.dn.application_roles ~ ')'
if applications[application_id].ldap.filters.users else '' }}
if applications[application_id].ldap.filters.users else '' }}

3
roles/docker-peertube/tasks/main.yml
View File

@ -11,7 +11,8 @@
vars:
http: "{{ ports.localhost.http[application_id] }}"
- include_tasks: "{{ playbook_dir }}/roles/docker-compose/tasks/create-files.yml"
- name: "copy docker-compose.yml and env file"
include_tasks: copy-docker-compose-and-env.yml
- name: "Install and activate auth-openid-connect plugin if OIDC is enabled"
include_tasks: enable-oidc.yml

3
roles/docker-pgadmin/tasks/main.yml
View File

@ -14,4 +14,5 @@
include_tasks: configuration.yml
when: applications[application_id].server_mode | bool
- include_tasks: "{{ playbook_dir }}/roles/docker-compose/tasks/create-files.yml"
- name: "copy docker-compose.yml and env file"
include_tasks: copy-docker-compose-and-env.yml

3
roles/docker-phpldapadmin/tasks/main.yml
View File

@ -9,4 +9,5 @@
domain: "{{ domains | get_domain(application_id) }}"
http_port: "{{ ports.localhost.http[application_id] }}"
- include_tasks: "{{ playbook_dir }}/roles/docker-compose/tasks/create-files.yml"
- name: "copy docker-compose.yml and env file"
include_tasks: copy-docker-compose-and-env.yml

3
roles/docker-phpmyadmin/tasks/main.yml
View File

@ -10,4 +10,5 @@
domain: "{{ domains | get_domain(application_id) }}"
http_port: "{{ ports.localhost.http[application_id] }}"
- include_tasks: "{{ playbook_dir }}/roles/docker-compose/tasks/create-files.yml"
- name: "copy docker-compose.yml and env file"
include_tasks: copy-docker-compose-and-env.yml

2
roles/docker-pixelfed/Todo.md
View File

@ -1,2 +0,0 @@
# Todo
- Integrate OIDC as soon as possible

3
roles/docker-pixelfed/tasks/main.yml
View File

@ -10,4 +10,5 @@
domain: "{{ domains | get_domain(application_id) }}"
http_port: "{{ ports.localhost.http[application_id] }}"
- include_tasks: "{{ playbook_dir }}/roles/docker-compose/tasks/create-files.yml"
- name: "copy docker-compose.yml and env file"
include_tasks: copy-docker-compose-and-env.yml

3
roles/docker-presentation/tasks/main.yml
View File

@ -26,4 +26,5 @@
domain: "{{ domains | get_domain(application_id) }}"
http_port: "{{ ports.localhost.http[application_id] }}"
- include_tasks: "{{ playbook_dir }}/roles/docker-compose/tasks/create-files.yml"
- name: "copy docker-compose.yml and env file"
include_tasks: copy-docker-compose-and-env.yml

8
roles/docker-roulette-wheel/tasks/main.yml
View File

@ -12,4 +12,10 @@
become: true
ignore_errors: true
- include_tasks: "{{ playbook_dir }}/roles/docker-compose/tasks/create-files.yml"
- name: add docker-compose.yml
template: src=docker-compose.yml.j2 dest={{docker_compose.directories.instance}}docker-compose.yml
notify: docker compose project setup
- name: add Dockerfile
template: src=Dockerfile.j2 dest={{docker_compose.directories.instance}}Dockerfile
notify: docker compose project setup

3
roles/docker-snipe-it/tasks/main.yml
View File

@ -10,4 +10,5 @@
domain: "{{ domains | get_domain(application_id) }}"
http_port: "{{ ports.localhost.http[application_id] }}"
- include_tasks: "{{ playbook_dir }}/roles/docker-compose/tasks/create-files.yml"
- name: "copy docker-compose.yml and env file"
include_tasks: copy-docker-compose-and-env.yml

3
roles/docker-sphinx/tasks/main.yml
View File

@ -22,4 +22,5 @@
domain: "{{ domains | get_domain(application_id) }}"
http_port: "{{ ports.localhost.http[application_id] }}"
- include_tasks: "{{ playbook_dir }}/roles/docker-compose/tasks/create-files.yml"
- name: "copy docker-compose.yml and env file"
include_tasks: copy-docker-compose-and-env.yml

3
roles/docker-syncope/tasks/main.yml
View File

@ -27,4 +27,5 @@
force: yes
notify: docker compose project setup
- include_tasks: "{{ playbook_dir }}/roles/docker-compose/tasks/create-files.yml"
- name: "copy docker-compose.yml and env file"
include_tasks: copy-docker-compose-and-env.yml

3
roles/docker-taiga/tasks/main.yml
View File

@ -28,4 +28,5 @@
dest: "{{docker_compose_init}}"
notify: docker compose project build and setup
- include_tasks: "{{ playbook_dir }}/roles/docker-compose/tasks/create-files.yml"
- name: "copy docker-compose.yml and env file"
include_tasks: copy-docker-compose-and-env.yml

2
roles/docker-wordpress/templates/Dockerfile.j2 → roles/docker-wordpress/files/Dockerfile
View File

@ -1,4 +1,4 @@
FROM wordpress:{{applications[application_id].version}}
FROM wordpress
# Install msmtp and update system
RUN apt-get update && \

9
roles/docker-wordpress/tasks/main.yml
View File

@ -25,7 +25,14 @@
dest: "{{ host_msmtp_conf }}"
notify: docker compose project build and setup
- include_tasks: "{{ playbook_dir }}/roles/docker-compose/tasks/create-files.yml"
- name: "Transfering Dockerfile to {{ docker_compose.directories.instance }}"
copy:
src: Dockerfile
dest: "{{ docker_compose.directories.instance }}Dockerfile"
notify: docker compose project build and setup
- name: "copy docker-compose.yml and env file"
include_tasks: copy-docker-compose-and-env.yml
- name: "Install wordpress"
include_tasks: install.yml

3
roles/docker-yourls/tasks/main.yml
View File

@ -10,4 +10,5 @@
domain: "{{ domains | get_domain(application_id) }}"
http_port: "{{ ports.localhost.http[application_id] }}"
- include_tasks: "{{ playbook_dir }}/roles/docker-compose/tasks/create-files.yml"
- name: "copy docker-compose.yml and env file"
include_tasks: copy-docker-compose-and-env.yml

1
tasks/.gitignore vendored Normal file
View File

@ -0,0 +1 @@
include-docker-roles.yml

3
tasks/TODO.md Normal file
View File

@ -0,0 +1,3 @@
# todo
- Move update-repository-with-files.yml to own role
- Move copy-docker-compose-and-env.yml to own role

0
tasks/plays/01_constructor.yml → tasks/constructor.yml
View File

27
tasks/copy-docker-compose-and-env.yml Normal file
View File

@ -0,0 +1,27 @@
- name: "create {{ docker_compose.files.docker_compose }}"
template:
src: "docker-compose.yml.j2"
dest: "{{ docker_compose.files.docker_compose }}"
notify: docker compose project setup
register: docker_compose_template
- name: "create {{ docker_compose.files.env }}"
template:
src: "env.j2"
dest: "{{ docker_compose.files.env }}"
mode: '770'
force: yes
notify: docker compose project setup
register: env_template
- name: "Check if any container is running in {{ docker_compose.directories.instance }}"
command: docker compose ps -q --filter status=running
args:
chdir: "{{ docker_compose.directories.instance }}"
register: docker_ps
changed_when: (docker_ps.stdout | trim) == ""
notify: docker compose project setup
when: not (docker_compose_template.changed or env_template.changed)
- name: flush docker compose project setup
meta: flush_handlers

0
tasks/plays/03_destructor.yml → tasks/destructor.yml
View File

0
tasks/plays/02_personal-computer.yml → tasks/personal-computer.yml
View File

2
tasks/plays/02_server.yml → tasks/server.yml
View File

@ -12,7 +12,7 @@
- system-btrfs-auto-balancer
- name: "Integrate Docker Role includes"
include_tasks: "./tasks/utils/docker-roles.yml"
include_tasks: "include-docker-roles.yml"
# Native Webserver Roles
- name: setup nginx-serve-htmls

0
tasks/utils/update-repository-with-files.yml → tasks/update-repository-with-files.yml
View File

1
tasks/utils/.gitignore vendored
View File

@ -1 +0,0 @@
docker-roles.yml

49
tests/integration/test_deprecated_version_key.py
View File

@ -1,49 +0,0 @@
import unittest
from pathlib import Path
import yaml
class TestDeprecatedVersionKey(unittest.TestCase):
def test_version_key_deprecation(self):
"""
Checks all roles/docker-*/vars/configuration.yml for deprecated use of 'version'.
Warns if 'version' is set but 'images' is missing.
Prints warnings but does NOT fail the test.
"""
repo_root = Path(__file__).resolve().parent.parent.parent
roles_dir = repo_root / "roles"
warnings = []
for role_path in roles_dir.iterdir():
if not (role_path.is_dir() and role_path.name.startswith("docker-")):
continue
cfg_file = role_path / "vars" / "configuration.yml"
if not cfg_file.exists():
continue
try:
config = yaml.safe_load(cfg_file.read_text("utf-8")) or {}
except yaml.YAMLError as e:
print(f"YAML parse error in {cfg_file}: {e}")
continue
uses_version = 'version' in config
uses_images = 'images' in config
if uses_version and not uses_images:
warnings.append(
f"[DEPRECATION WARNING] {role_path.name}/vars/configuration.yml: "
f"'version:' is set, but 'images:' is missing. "
f"'version' is deprecated and must only be set if 'images' is present."
)
if warnings:
print("\n".join(warnings))
else:
print("No deprecated 'version:' keys found in docker roles without 'images:'.")
# Never fail, just warn
self.assertTrue(True)
if __name__ == "__main__":
unittest.main()

88
tests/integration/test_docker_images_configuration.py
View File

@ -1,88 +0,0 @@
import unittest
import yaml
from pathlib import Path
import re
class TestDockerRoleImagesConfiguration(unittest.TestCase):
def test_images_keys_and_templates(self):
"""
For each docker-* role, check that:
- roles/docker-*/vars/configuration.yml contains 'images' as a dict with keys/values
- Each image key is referenced as:
image: "{{ applications[application_id].images.<key> }}"
in either roles/docker-*/templates/docker-compose.yml.j2 or env.j2
"""
repo_root = Path(__file__).resolve().parent.parent.parent
roles_dir = repo_root / "roles"
errors = []
warnings = []
for role_path in roles_dir.iterdir():
if not (role_path.is_dir() and role_path.name.startswith("docker-")):
continue
cfg_file = role_path / "vars" / "configuration.yml"
if not cfg_file.exists():
continue # No configuration to check
try:
config = yaml.safe_load(cfg_file.read_text("utf-8")) or {}
except yaml.YAMLError as e:
errors.append(f"{role_path.name}: YAML parse error: {e}")
continue
images = config.get("images")
if not images:
warnings.append(f"[WARNING] {role_path.name}: No 'images' key in configuration.yml")
continue
if not isinstance(images, dict):
errors.append(f"{role_path.name}: 'images' must be a dict in configuration.yml")
continue
for key, value in images.items():
if not key or not value or not isinstance(key, str) or not isinstance(value, str):
errors.append(f"{role_path.name}: images['{key}'] is invalid (must be non-empty string key and value)")
continue
# Improved regex: matches both ' and " and allows whitespace
pattern = (
r'image:\s*["\']\{\{\s*applications\[application_id\]\.images\.' + re.escape(key) + r'\s*\}\}["\']'
)
found = False
for tmpl_file in [
role_path / "templates" / "docker-compose.yml.j2",
role_path / "templates" / "env.j2"
]:
if tmpl_file.exists():
content = tmpl_file.read_text("utf-8")
if re.search(pattern, content):
found = True
break
if not found:
errors.append(
f"{role_path.name}: image key '{key}' is not referenced as "
f'image: \"{{{{ applications[application_id].images.{key} }}}}\" in docker-compose.yml.j2 or env.j2'
)
# OPTIONAL: Check if the image is available locally via docker images
# from shutil import which
# import subprocess
# if which("docker"):
# try:
# out = subprocess.check_output(
# ["docker", "images", "--format", "{{.Repository}}:{{.Tag}}"]
# ).decode()
# if value not in out:
# errors.append(f"{role_path.name}: Image '{value}' not found locally (optional check)")
# except Exception as e:
# errors.append(f"{role_path.name}: Error running 'docker images' (optional): {e}")
if warnings:
print("\nWarnings in docker role images configuration:\n" + "\n".join(warnings))
if errors:
self.fail("Errors in docker role images configuration:\n" + "\n".join(errors))
if __name__ == "__main__":
unittest.main()