mirror of
https://github.com/kevinveenbirkenbach/computer-playbook.git
synced 2025-05-13 16:54:57 +02:00
Compare commits
No commits in common. "c9ab0cd7cc2171c539b591b0b987901f0efc1e5d" and "3b3ec5196aa7fdc76823a37ff10e6001b4447c70" have entirely different histories.
c9ab0cd7cc
...
3b3ec5196a
@ -3,10 +3,10 @@
|
|||||||
include_role:
|
include_role:
|
||||||
name: docker-central-database
|
name: docker-central-database
|
||||||
|
|
||||||
- name: Set nginx_docker_reverse_proxy_extra_configuration based on applications[application_id].public_api_activated
|
- name: Set nginx_docker_reverse_proxy_extra_configuration based on applications.listmonk.public_api_activated
|
||||||
set_fact:
|
set_fact:
|
||||||
nginx_docker_reverse_proxy_extra_configuration: >-
|
nginx_docker_reverse_proxy_extra_configuration: >-
|
||||||
{% if not applications[application_id].public_api_activated %}
|
{% if not applications.listmonk.public_api_activated %}
|
||||||
{{ lookup('file', '{{ role_path }}/files/deactivate-public-api.conf') }}
|
{{ lookup('file', '{{ role_path }}/files/deactivate-public-api.conf') }}
|
||||||
{% else %}
|
{% else %}
|
||||||
""
|
""
|
||||||
@ -28,40 +28,8 @@
|
|||||||
- name: "copy docker-compose.yml and env file"
|
- name: "copy docker-compose.yml and env file"
|
||||||
include_tasks: copy-docker-compose-and-env.yml
|
include_tasks: copy-docker-compose-and-env.yml
|
||||||
|
|
||||||
- name: Check if listmonk database is already initialized
|
- name: setup routine for listmonk
|
||||||
command: docker compose exec -T {{database_host}} psql -U {{database_username}} -d {{database_name}} -c "\dt"
|
|
||||||
register: db_tables
|
|
||||||
changed_when: false
|
|
||||||
failed_when: false
|
|
||||||
|
|
||||||
- name: Run Listmonk setup only if DB is empty
|
|
||||||
command:
|
command:
|
||||||
cmd: docker compose run -T --rm application sh -c "yes | ./listmonk --install"
|
cmd: docker compose run -T --rm application sh -c "yes | ./listmonk --install"
|
||||||
chdir: "{{docker_compose.directories.instance}}"
|
chdir: "{{docker_compose.directories.instance}}"
|
||||||
when: "'No relations found.' in db_tables.stdout"
|
ignore_errors: true # Ignore errors if already setup
|
||||||
|
|
||||||
- name: Build OIDC settings JSON
|
|
||||||
set_fact:
|
|
||||||
oidc_settings_json: >-
|
|
||||||
{{ {
|
|
||||||
"enabled": True,
|
|
||||||
"client_id": oidc.client.id,
|
|
||||||
"provider_url": oidc.client.issuer_url,
|
|
||||||
"client_secret": oidc.client.secret
|
|
||||||
} | to_json }}
|
|
||||||
|
|
||||||
- name: Apply all Listmonk settings
|
|
||||||
shell: |
|
|
||||||
docker exec -i {{ database_host }} psql \
|
|
||||||
-U {{ database_username }} \
|
|
||||||
-d {{ database_name }} << 'EOSQL'
|
|
||||||
UPDATE settings
|
|
||||||
SET value = '{{ item.value }}'::jsonb
|
|
||||||
WHERE key = '{{ item.key }}';
|
|
||||||
EOSQL
|
|
||||||
args:
|
|
||||||
executable: /bin/bash
|
|
||||||
loop: "{{ listmonk_settings }}"
|
|
||||||
loop_control:
|
|
||||||
label: "{{ item.key }}"
|
|
||||||
when: item.when is not defined or item.when
|
|
||||||
@ -4,3 +4,14 @@ TZ=Etc/UTC
|
|||||||
|
|
||||||
LISTMONK_ADMIN_USER={{ applications[application_id].users.administrator.username }}
|
LISTMONK_ADMIN_USER={{ applications[application_id].users.administrator.username }}
|
||||||
LISTMONK_ADMIN_PASSWORD={{ applications[application_id].users.administrator.password }}
|
LISTMONK_ADMIN_PASSWORD={{ applications[application_id].users.administrator.password }}
|
||||||
|
|
||||||
|
{% if applications[application_id].features.oidc | bool %}
|
||||||
|
###################################
|
||||||
|
# OpenID Connect settings
|
||||||
|
###################################
|
||||||
|
|
||||||
|
LISTMONK_security__oidc__enabled=true
|
||||||
|
LISTMONK_security__oidc__provider_url={{ oidc.client.discovery_document }}
|
||||||
|
LISTMONK_security__oidc__client_id={{oidc.client.id}}
|
||||||
|
LISTMONK_security__oidc__client_secret={{oidc.client.secret}}
|
||||||
|
{% endif %}
|
||||||
@ -1,25 +1,3 @@
|
|||||||
application_id: "listmonk"
|
application_id: "listmonk"
|
||||||
database_password: "{{applications[application_id].credentials.database.password}}"
|
database_password: "{{applications[application_id].credentials.database.password}}"
|
||||||
database_type: "postgres"
|
database_type: "postgres"
|
||||||
|
|
||||||
listmonk_settings:
|
|
||||||
- key: "app.root_url"
|
|
||||||
value: '"https://{{ domains[application_id] }}"'
|
|
||||||
|
|
||||||
# OIDC integration (conditional)
|
|
||||||
- key: "security.oidc"
|
|
||||||
value: >-
|
|
||||||
{{ {
|
|
||||||
"enabled": True,
|
|
||||||
"client_id": oidc.client.id,
|
|
||||||
"provider_url": oidc.client.issuer_url,
|
|
||||||
"client_secret": oidc.client.secret
|
|
||||||
} | to_json }}
|
|
||||||
when: applications[application_id].features.oidc | bool
|
|
||||||
|
|
||||||
# hCaptcha toggles and credentials\ n - key: "security.enable_captcha"
|
|
||||||
value: "true"
|
|
||||||
- key: "security.captcha_key"
|
|
||||||
value: '"{{ applications[application_id].credentials.hcaptcha.site_key }}"'
|
|
||||||
- key: "security.captcha_secret"
|
|
||||||
value: '"{{ applications[application_id].credentials.hcaptcha.secret }}"'
|
|
||||||
@ -276,12 +276,9 @@ defaults_applications:
|
|||||||
credentials:
|
credentials:
|
||||||
database:
|
database:
|
||||||
# password: "" # Database password
|
# password: "" # Database password
|
||||||
hcaptcha:
|
|
||||||
# site_key:
|
|
||||||
# secret:
|
|
||||||
public_api_activated: False # Security hole. Can be used for spaming
|
public_api_activated: False # Security hole. Can be used for spaming
|
||||||
version: "latest" # Docker Image version
|
version: "latest" # Docker Image version
|
||||||
|
setup: false # Set true in inventory file to execute the setup and initializing procedures
|
||||||
{% endraw %}{{ features.render_features({
|
{% endraw %}{{ features.render_features({
|
||||||
'matomo': true,
|
'matomo': true,
|
||||||
'css': true,
|
'css': true,
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user