.gitignore

@@ -1,2 +1 @@
-site.retry
-*__pycache__
+site.retry

group_vars/all/07_applications.yml

@@ -40,12 +40,6 @@ defaults_applications:
       #plc_rotation_key_k256_private_key_hex: # Needs to be defined in inventory file - Use: openssl rand -hex 32 
       #admin_password:                        # Needs to be defined in inventory file - Use: openssl rand -base64 16
 
-  ## Discourse:
-  discourse:
-    container:  "discourse_application"       # Name of the container application
-    repository: "discourse_repository"        # Name of the repository folder
-    # database_password:                      # Needs to be defined in inventory file
-
   ## Friendica
   friendica:
     version:              "latest"

inventory.example.yml

@@ -0,0 +1,51 @@
+# THIS INVENTORY IS AN EXAMPLE INVENTORY.
+# You should change all of the variables in here. 
+# Addidiotnally feel free to overwrite configuration variables of group_vars/all in the enventory
+
+# PASSWORDS AND SECRETS:
+akaunting_database_password:        "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+akaunting_setup_admin_password:     "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+baserow_database_password:          "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+bigbluebutton_database_password:    "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+bigbluebutton_etherpad_api_key:     "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+bigbluebutton_fsesl_password:       "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+bigbluebutton_rails_secret:         "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+bigbluebutton_shared_secret:        "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+bigbluebutton_postgresql_secret:    "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+bigbluebutton_turn_secret:          "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+central_mariadb_root_password:      "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+central_postgres_password:          "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+discourse_database_password:        "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+gitlab_database_password:	          "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+gitlab_initial_root_password:       "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+gitea_database_password:            "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+listmonk_admin_password:            "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+listmonk_database_password:         "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+mailu_api_token:                    "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+mailu_database_password:            "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+mailu_initial_root_password:        "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+mailu_secret_key:                   "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+mastodon_database_password:         "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+mastodon_otp_secret:                "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+mastodon_secret_key_base:           "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+mastodon_vapid_private_key:         "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+mastodon_vapid_public_key:          "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+matomo_auth_token:                  "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+matomo_database_password:           "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+matrix_database_password:           "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+matrix_generic_secret_key:		      "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+matrix_form_secret:                 "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+matrix_macaroon_secret_key:         "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+matrix_registration_shared_secret:  "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+nextcloud_database_password:        "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+openproject_database_password:      "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+peertube_database_password:         "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+peertube_secret:                    "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+pixelfed_database_password:         "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+pixelfed_app_key:                   "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+wordpress_database_password:        "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+yourls_database_password:           "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+yourls_administrator_password:      "I_NEED_TO_CHANGE_THIS_UNSECURE_PASSWORD"
+
+path_mass_storage:                  "/mnt/hdd/"
+path_rapid_storage:                 "/mnt/ssd/"

roles/docker-discourse/handlers/main.yml

@@ -1,7 +1,7 @@
 ---
 - name: "stop and remove discourse container if it exist"
   docker_container:
-    name: "{{applications.discourse.container}}"
+    name: "{{discourse_application_container}}"
     state: absent
   register: container_action
   failed_when: container_action.failed and 'No such container' not in container_action.msg
@@ -16,6 +16,6 @@
 
 - name: rebuild discourse
   command:
-    cmd: "./launcher rebuild {{applications.discourse.container}}"
+    cmd: "./launcher rebuild {{discourse_application_container}}"
     chdir: "{{discourse_repository_directory}}"
   listen: recreate discourse

roles/docker-discourse/tasks/main.yml

@@ -60,9 +60,9 @@
 - name: flush, to recreate discourse app
   meta: flush_handlers
 
-- name: "add {{applications.discourse.container}} to network central_postgres"
+- name: "add {{discourse_application_container}} to network central_postgres"
   command:
-    cmd: "docker network connect central_postgres {{applications.discourse.container}}"
+    cmd: "docker network connect central_postgres {{discourse_application_container}}"
   ignore_errors: true
   when: enable_central_database | bool
   

roles/docker-discourse/templates/discourse_application.yml.j2

@@ -130,4 +130,4 @@ run:
 
 docker_args:
   - --network={{application_id}}_default
-  - --name={{applications.discourse.container}}
+  - --name={{discourse_application_container}}

roles/docker-discourse/vars/main.yml

@@ -1,5 +1,6 @@
 application_id:                         "discourse"
-database_password:                      "{{ applications.discourse.database_password }}"
+discourse_application_container:        "discourse_application"
+database_password:                      "{{ discourse_database_password }}"
 database_type:                          "postgres"
-discourse_repository_directory:         "{{docker_compose.directories.services}}{{applications.discourse.repository}}/"
-discourse_application_yml_destination:  "{{discourse_repository_directory}}containers/{{applications.discourse.container}}.yml"
+discourse_repository_directory:         "{{docker_compose.directories.services}}repository/"
+discourse_application_yml_destination:  "{{discourse_repository_directory}}containers/discourse_application.yml"

roles/nginx-global-css/filter_plugins/color_filters.py

@@ -1,23 +0,0 @@
-def adjust_color(hex_color, amount):
-    # Remove the leading '#' if present
-    hex_color = hex_color.lstrip('#')
-    
-    # Extract the RGB components
-    r = int(hex_color[0:2], 16)
-    g = int(hex_color[2:4], 16)
-    b = int(hex_color[4:6], 16)
-    
-    # Adjust the values, ensuring they remain within the range 0-255
-    r = max(0, min(255, r + amount))
-    g = max(0, min(255, g + amount))
-    b = max(0, min(255, b + amount))
-    
-    # Convert the values back into a hexadecimal string
-    return '#{0:02x}{1:02x}{2:02x}'.format(r, g, b)
-
-class FilterModule(object):
-    '''Custom filters for Ansible'''
-    def filters(self):
-        return {
-            'adjust_color': adjust_color,
-        }

roles/nginx-global-css/templates/global.css.j2

@@ -1,11 +1,4 @@
-/***
-
-Global Theming Styles – Color and Shadow Variables 
-
-HINT: Better overwritte CSS variables instead of individual elements.
-
-*/
-
+/* Global Theming Styles – Color and Shadow Variables */
 :root {
     --primary-color:    {{ global_theming.css.colors.primary }};
     --secondary-color:  {{ global_theming.css.colors.secondary }};
@@ -40,31 +33,22 @@ HINT: Better overwritte CSS variables instead of individual elements.
     --bs-btn-color: var(--dark-color);
 }
 
-/** Keycloak Overrides **/ 
-:root{
-    --pf-v5-global--Color--100:         {{global_theming.css.colors.background_dark | adjust_color(10) }};
-    --pf-v5-global--Color--200:         {{global_theming.css.colors.background_dark | adjust_color(30) }};
-    --pf-v5-global--Color--light-100:   {{global_theming.css.colors.background_dark | adjust_color(0) }};
-    --pf-v5-global--Color--light-200:   {{global_theming.css.colors.background_dark | adjust_color(20) }};
-    --pf-v5-global--Color--light-300:   {{global_theming.css.colors.background_dark | adjust_color(40) }};
-} 
-
 /** Mastodon Overrides **/
 :root{
-    --surface-variant-background-color: var(--button-bg-color);
+    --surface-variant-background-color: var(--button-bg-color)
 }
 
 /** Nextcloud Specific**/
 :root{
-    --color-main-background:        var(--bright-color);
-    --color-main-background-rgb:    var(--bright-color);
-    --color-primary-element:        var(--button-bg-color);
-    --color-main-text:              var(--dark-color);
-    --color-background-hover:       var(--secondary-color);
+    --color-main-background: var(--bright-color);
+    --color-main-background-rgb: var(--bright-color);
+    --color-primary-element: var(--button-bg-color);
+    --color-main-text: var(--dark-color);
+    --color-background-hover: var(--secondary-color);
 
     /** Calendar **/
-    --color-background-dark:        var(--info-color); /** Days which aren't in the current month **/
-    --color-primary-element-light:  var(--secondary-color);
+    --color-background-dark: var(--info-color); /** Days which aren't in the current month **/
+    --color-primary-element-light: var(--secondary-color);
 }
 
 /* Peertube Overrides */
@@ -221,12 +205,6 @@ div#app main#kc-main-content-page-container section a
     border-color: transparent !important;
 }
 
-/** Mailu **/
-[class*=sidebar-dark-], .bg-mailu-logo {
-    background-color: var(--bright-color) !important;
-}
-
-
 /** Mastodon Specific **/ 
 div#mastodon div.compose-panel div.compose-form__highlightable{
     background-color: var(--bright-color) !important;

roles/update-docker/files/update-docker.py

@@ -4,11 +4,6 @@ import sys
 import time
 
 def run_command(command):
-    """
-    Executes the specified shell command, streaming and collecting its output in real-time.
-    If the command exits with a non-zero status, a subprocess.CalledProcessError is raised,
-    including the exit code, the executed command, and the full output (as bytes) for debugging purposes.
-    """
     process = None
     try:
         process = subprocess.Popen(command, shell=True, stdout=subprocess.PIPE, stderr=subprocess.STDOUT)
@@ -30,35 +25,19 @@ def run_command(command):
 def git_pull():
     """
     Checks whether the Git repository in the specified directory is up to date and performs a git pull if necessary.
-    
-    Raises:
-        Exception: If retrieving the local or remote git revision fails because the command returns a non-zero exit code.
     """
-    print("Checking if the git repository is up to date.")
-
-    # Run 'git rev-parse @' and check its exit code explicitly.
-    local_proc = subprocess.run("git rev-parse @", shell=True, capture_output=True)
-    if local_proc.returncode != 0:
-        error_msg = local_proc.stderr.decode().strip() or "Unknown error while retrieving local revision."
-        raise Exception(f"Failed to retrieve local git revision: {error_msg}")
-    local = local_proc.stdout.decode().strip()
-
-    # Run 'git rev-parse @{u}' and check its exit code explicitly.
-    remote_proc = subprocess.run("git rev-parse @{u}", shell=True, capture_output=True)
-    if remote_proc.returncode != 0:
-        error_msg = remote_proc.stderr.decode().strip() or "Unknown error while retrieving remote revision."
-        raise Exception(f"Failed to retrieve remote git revision: {error_msg}")
-    remote = remote_proc.stdout.decode().strip()
-
+    print(f"Checking if the git repository is up to date.")
+    local = subprocess.check_output("git rev-parse @", shell=True).decode().strip()
+    remote = subprocess.check_output("git rev-parse @{u}", shell=True).decode().strip()
+    
     if local != remote:
         print("Repository is not up to date. Performing git pull.")
         run_command("git pull")
         return True
-
+    
     print("Repository is already up to date.")
     return False
-
-{% raw %}        
+        
 def get_image_digests(directory):
     """
     Retrieves the image digests for all images in the specified Docker Compose project.
@@ -75,7 +54,6 @@ def get_image_digests(directory):
             return {}
         else:
             raise  # Other errors are still raised
-{% endraw %}
 
 def is_any_service_up():
     """
@@ -120,21 +98,6 @@ def update_docker(directory):
     else:
         print("Docker images are up to date. No rebuild necessary.")
 
-def update_discourse(directory):
-    """
-    Updates Discourse by running the rebuild command on the launcher script.
-    """
-    repository_directory = os.path.join(directory, "services", "{{applications.discourse.repository}}")
-    print(f"Using path {repository_directory} to pull discourse repository.")
-    os.chdir(repository_directory)
-    if git_pull():
-        print("Start Discourse update procedure.")
-        update_procedure("docker stop {{applications.discourse.container}}")
-        update_procedure("docker network connect discourse_default central-postgres")
-        update_procedure("./launcher rebuild {{applications.discourse.container}}")
-    else:
-        print("Discourse update skipped. No changes in git repository.")
-
 def update_mastodon():
     """
     Runs the database migration for Mastodon to ensure all required tables are up to date.
@@ -167,6 +130,14 @@ def update_nextcloud():
     update_procedure("docker-compose exec -T -u www-data application /var/www/html/occ db:add-missing-primary-keys")
     print("Deacitvate Maintanance Mode")
     update_procedure("docker-compose exec -T -u www-data application /var/www/html/occ maintenance:mode --off")
+    
+def update_discourse(directory):
+    """
+    Updates Discourse by running the rebuild command on the launcher script.
+    """
+    os.chdir(directory)
+    print("Start Discourse update procedure.")
+    update_procedure("./launcher rebuild app")
 
 def update_procedure(command):
     """
@@ -207,13 +178,16 @@ if __name__ == "__main__":
             print(f"Checking for updates in: {dir_path}")
             os.chdir(dir_path)
             
-            # Pull git repository if it exist
-            # @deprecated: This function should be removed in the future, as soon as all docker applications use the correct folder path
             if os.path.isdir(os.path.join(dir_path, ".git")):
-                print("DEPRECATED: Docker .git repositories should be saved under /opt/docker/{instance}/services/{repository_name} ")
-                git_pull()
+                git_repository_was_pulled = git_pull()
             
-            if os.path.basename(dir_path) == "matrix":
+            # Discourse is an exception and uses own update command instead of docker compose
+            if os.path.basename(dir_path) == "discourse":
+                if git_repository_was_pulled:
+                    update_discourse(dir_path)
+                else:
+                    print("Discourse update skipped. No changes in git repository.")
+            elif os.path.basename(dir_path) == "matrix":
                 # No autoupdate for matrix is possible atm, 
                 # due to the reason that the role has to be executed every time.
                 # The update has to be executed in the role
@@ -224,15 +198,9 @@ if __name__ == "__main__":
                 update_docker(dir_path)
                 
                 # The following instances need additional update and upgrade procedures
-                if os.path.basename(dir_path) == "discourse":
-                    update_discourse(dir_path)
+                if os.path.basename(dir_path) == "nextcloud":
+                    update_nextcloud()
                 elif os.path.basename(dir_path) == "listmonk":
                     upgrade_listmonk()
                 elif os.path.basename(dir_path) == "mastodon":
                     update_mastodon()
-                elif os.path.basename(dir_path) == "nextcloud":
-                    update_nextcloud()
-                    
-                # @todo implement dedicated procedure for bluesky
-                # @todo implement dedicated procedure for openproject
-                # @todo implement dedicated procedure for taiga

roles/update-docker/tasks/main.yml

@@ -5,8 +5,8 @@
   when: mode_backup | bool
 
 - name: create {{update_docker_script}}
-  template:
-    src: update-docker.py.j2
+  copy:
+    src: update-docker.py
     dest: "{{update_docker_script}}"
 
 - name: configure update-docker.cymais.service