Solved Snipe IT bug

group_vars/all/00_general.yml

@@ -3,7 +3,7 @@ pause_duration:         "120"         # Database delay to wait for the central d
 
 backups_folder_path:    "/Backups/"   # Path to the backups folder
 timezone:               "UTC"
-locale:                 "locale"
+locale:                 "en"
 
 ## Domain
 primary_domain_tld:     "localhost"                                     # Top Level Domain of the server
@@ -44,3 +44,6 @@ nginx_matomo_tracking:                false   # Activates matomo tracking on all
 # For detailed setup instructions, visit: 
 # https://github.com/kevinveenbirkenbach/cymais/tree/master/roles/nginx-docker-cert-deploy
 enable_wildcard_certificate:          false  
+
+# This enables debugging in ansible and in the apps
+enable_debug:   false

group_vars/all/01_modes.yml

@@ -2,7 +2,6 @@
 
 # The following modes can be combined with each other
 mode_reset:   false # Cleans up all CyMaIS files. It's necessary to run to whole playbook and not particial roles when using this function.
-mode_debug:   false # Prints well formated debug information
 mode_test:    false # Executes test routines instead of productive routines
 mode_update:  true  # Executes updates
 mode_backup:  true  # Activates the backup before the update procedure

group_vars/all/02_system_email.yml

@@ -4,7 +4,7 @@ default_system_email:
   domain:    "{{primary_domain}}"
   username:  "no-reply@{{primary_domain}}"
   host:      "mail.{{primary_domain}}"
-  smtp_port: 465
+  port:      465
   tls:       true
   start_tls: false
   from:      "no-reply@{{primary_domain}}"

roles/docker-baserow/templates/env.j2

@@ -4,7 +4,7 @@ BASEROW_PUBLIC_URL=https://{{ domain }}
 # Email Server Configuration
 EMAIL_SMTP={{ system_email.smtp | upper }}
 EMAIL_SMTP_HOST={{ system_email.host }}
-EMAIL_SMTP_PORT={{ system_email.smtp_port }}
+EMAIL_SMTP_PORT={{ system_email.port }}
 EMAIL_SMTP_USER={{system_email.username}}
 EMAIL_SMTP_PASSWORD={{ system_email.password }}
 EMAIL_SMTP_USE_TLS={{ system_email.tls | upper }}

roles/docker-bigbluebutton/templates/env.j2

@@ -204,7 +204,7 @@ ALLOW_GREENLIGHT_ACCOUNTS=true
 
 SMTP_SERVER={{system_email.host}}
 SMTP_DOMAIN={{domain}}
-SMTP_PORT={{system_email.smtp_port}}
+SMTP_PORT={{system_email.port}}
 SMTP_USERNAME={{system_email.username}}
 SMTP_PASSWORD={{system_email.password}}
 SMTP_AUTH=plain

roles/docker-bluesky/templates/docker-compose.yml.j2

@@ -16,7 +16,7 @@ services:
       PDS_ADMIN_PASSWORD: "{{bluesky_pds_admin_password}}"
       PDS_PLC_ROTATION_KEY_K256_PRIVATE_KEY_HEX: "{{bluesky_pds_plc_rotation_key_k256_private_key_hex}}"
       PDS_CRAWLERS: https://bsky.network
-      PDS_EMAIL_SMTP_URL: smtps://{{system_email.username}}:{{system_email.password}}@{{system_email.host}}:{{system_email.smtp_port}}/
+      PDS_EMAIL_SMTP_URL: smtps://{{system_email.username}}:{{system_email.password}}@{{system_email.host}}:{{system_email.port}}/
       PDS_EMAIL_FROM_ADDRESS: {{system_email.from}}
       LOG_ENABLED: true
       PDS_BLOBSTORE_DISK_LOCATION: /opt/pds/blocks

roles/docker-central-database/tasks/main.yml

@@ -7,11 +7,14 @@
 - name: "load variables from {{ role_path }}/vars/database.yml for whole play"
   include_vars: "{{ role_path }}/vars/database.yml"
 
+# The following env file will just be used from the dedicated mariadb container
+# and not the central-mariadb-database
 - name: "create {{database_env}}"
   template: 
     src: "env/{{database_type}}.env.j2"
     dest: "{{database_env}}"
   notify: docker compose project build and setup
+  when: not enable_central_database | bool
 
 - name: create central database
   include_role:

roles/docker-discourse/templates/discourse_application.yml.j2

@@ -53,7 +53,7 @@ env:
   # SMTP ADDRESS, username, and password are required
   # WARNING the char '#' in SMTP password can cause problems!
   DISCOURSE_SMTP_ADDRESS:           {{ system_email.host }}
-  DISCOURSE_SMTP_PORT:              {{ system_email.smtp_port }}
+  DISCOURSE_SMTP_PORT:              {{ system_email.port }}
   DISCOURSE_SMTP_USER_NAME:         {{system_email.username}}
   DISCOURSE_SMTP_PASSWORD:          {{ system_email.password }}
   DISCOURSE_SMTP_ENABLE_START_TLS:  {{ system_email.start_tls | upper }}

roles/docker-friendica/templates/env.j2

@@ -17,7 +17,7 @@ MYSQL_PASSWORD= {{database_password}}
 # Email Configuration
 SMTP=           {{system_email.host}}
 SMTP_DOMAIN=    {{system_email.domain}}
-SMTP_PORT=      {{system_email.smtp_port}}
+SMTP_PORT=      {{system_email.port}}
 SMTP_AUTH_USER= {{system_email.username}}
 SMTP_AUTH_PASS= {{system_email.password}}
 SMTP_TLS=       {{ 'on' if system_email.tls else 'off' }}

roles/docker-funkwhale/templates/env.j2

@@ -59,7 +59,7 @@ LOGLEVEL=error
 # (returns `noreply%40youremail.host`)
 # EMAIL_CONFIG=smtp://user:password@youremail.host:25
 # EMAIL_CONFIG=smtp+ssl://user:password@youremail.host:465
-EMAIL_CONFIG=smtp+tls://{{system_email.local}}:{{system_email.password}}@{{system_email.host}}:{{system_email.smtp_port}}
+EMAIL_CONFIG=smtp+tls://{{system_email.local}}:{{system_email.password}}@{{system_email.host}}:{{system_email.port}}
 
 # Make e-mail verification mandatory before using the service
 # Doesn't apply to admins.

roles/docker-mastodon/templates/env.j2

@@ -17,7 +17,7 @@ REDIS_PORT=6379
 REDIS_PASSWORD=
 
 SMTP_SERVER={{system_email.host}}
-SMTP_PORT={{system_email.smtp_port}}
+SMTP_PORT={{system_email.port}}
 SMTP_LOGIN={{system_email.username}}
 SMTP_PASSWORD={{system_email.password}}
 SMTP_AUTH_METHOD=plain

roles/docker-matrix-ansible/tasks/main.yml

@@ -70,7 +70,7 @@
 - name: show variable information
   debug:
     msg: "hosts_path: {{hosts_path}}\nmatrix_inventory_tmp_dir:{{ matrix_inventory_tmp_dir }}"
-  when: mode_debug | bool
+  when: enable_debug | bool
 
 - name: install requirements
   local_action: command just roles

roles/docker-matrix-compose/templates/synapse/homeserver.yaml.j2

@@ -32,7 +32,7 @@ admin_contact: 'mailto:{{administrator_email}}'
 
 email:
   smtp_host:                    "{{system_email.host}}"
-  smtp_port:                    "{{system_email.smtp_port}}"
+  smtp_port:                    "{{system_email.port}}"
   smtp_user:                    "{{system_email.from}}"
   smtp_pass:                    "{{system_email.password}}"
   #force_tls:                    true

roles/docker-moodle/templates/env.j2

@@ -10,4 +10,4 @@ MOODLE_REVERSE_PROXY=yes
 MOODLE_USERNAME={{applications.moodle.administrator_name}}
 MOODLE_PASSWORD={{moodle_user_password}}
 MOODLE_EMAIL={{applications.moodle.administrator_email}}
-BITNAMI_DEBUG={% if mode_debug | bool %}true{% else %}false{% endif %}
+BITNAMI_DEBUG={% if enable_debug | bool %}true{% else %}false{% endif %}

roles/docker-nextcloud/templates/env.j2

@@ -12,7 +12,7 @@ PHP_MEMORY_LIMIT= 1G # Required for plugin duplicate finder
 # Email Configuration
 SMTP_HOST=      {{system_email.host}}
 SMTP_SECURE=    {{ 'ssl' if system_email.tls else '' }}
-SMTP_PORT=      {{system_email.smtp_port}}
+SMTP_PORT=      {{system_email.port}}
 SMTP_NAME=      {{system_email.username}}
 SMTP_PASSWORD=  {{system_email.password}}
 

roles/docker-peertube/templates/env.j2

@@ -17,7 +17,7 @@ PEERTUBE_SECRET={{peertube_secret}}
 PEERTUBE_SMTP_USERNAME={{system_email.username}}
 PEERTUBE_SMTP_PASSWORD={{system_email.password}}
 PEERTUBE_SMTP_HOSTNAME={{system_email.host}}
-PEERTUBE_SMTP_PORT={{system_email.smtp_port}}
+PEERTUBE_SMTP_PORT={{system_email.port}}
 PEERTUBE_SMTP_FROM={{system_email.from}}
 PEERTUBE_SMTP_TLS={{ system_email.tls | lower }}
 PEERTUBE_SMTP_DISABLE_STARTTLS={{ 'false' if system_email.start_tls else 'true' }}

roles/docker-pixelfed/templates/env.j2

@@ -4,7 +4,7 @@ APP_KEY={{pixelfed_app_key}}
 ## General Settings
 APP_NAME="{{applications.pixelfed.titel}}"
 APP_ENV=production
-APP_DEBUG=false
+APP_DEBUG={{enable_debug | string | lower }}
 APP_URL=https://{{domain}}
 APP_DOMAIN="{{domain}}"
 ADMIN_DOMAIN="{{domain}}"
@@ -47,7 +47,7 @@ RESTRICTED_INSTANCE=false
 ## Mail
 MAIL_DRIVER=log
 MAIL_HOST={{system_email.host}}
-MAIL_PORT={{system_email.smtp_port}}
+MAIL_PORT={{system_email.port}}
 MAIL_FROM_ADDRESS="{{system_email.from}}"
 MAIL_FROM_NAME="Pixelfed"
 MAIL_USERNAME={{system_email.username}}
@@ -60,7 +60,7 @@ MAIL_ENCRYPTION={{ 'ssl' if system_email.start_tls else 'tls' }}
 DB_CONNECTION=mysql
 DB_DATABASE={{database_name}}
 DB_HOST={{database_host}}
-DB_PASSWORD="{{pixelfed_database_password}}"
+DB_PASSWORD="{{database_password}}"
 DB_PORT="{{database_port}}"
 DB_USERNAME={{database_username}}
 

roles/docker-snipe_it/README.md

@@ -3,3 +3,4 @@
 - https://github.com/snipe/snipe-it
 - https://snipeitapp.com/
 - https://snipe-it.readme.io/docs/ldap-sync-login
+- https://snipe-it.readme.io/docs/saml

roles/docker-snipe_it/tasks/main.yml

@@ -6,10 +6,16 @@
 - name: "include tasks nginx-docker-proxy-domain.yml"
   include_tasks: nginx-docker-proxy-domain.yml
 
-- name: create .env
+- name: "create {{docker_compose.files.docker_compose}}"
-  template: src=env.j2 dest={{docker_compose.directories.instance}}/.env
+  template:
+    src:	"docker-compose.yml.j2"
+    dest:	"{{docker_compose.files.docker_compose}}"
   notify: docker compose project setup
 
-- name: add docker-compose.yml
+- name: "create {{docker_compose.files.env}}"
-  template: src=docker-compose.yml.j2 dest={{docker_compose.directories.instance}}docker-compose.yml
+  template: 
+    src:  "env.j2" 
+    dest: "{{docker_compose.files.env}}"
+    mode: '770'
+    force: yes
   notify: docker compose project setup

roles/docker-snipe_it/templates/env.j2

@@ -2,10 +2,10 @@
 # REQUIRED: BASIC APP SETTINGS
 # --------------------------------------------
 APP_ENV=production
-APP_DEBUG=false
+APP_DEBUG={{enable_debug | string | lower }}
 # Please regenerate the APP_KEY value by calling `docker compose run --rm app php artisan key:generate --show`. Copy paste the value here
-APP_KEY=base64:3ilviXqB9u6DX1NRcyWGJ+sjySF+H18CPDGb3+IVwMQ=
+APP_KEY={{applications.snipe_it.app_key}}
-APP_URL=https://{{domain}}
+APP_URL=http://{{domain}}
 # https://en.wikipedia.org/wiki/List_of_tz_database_time_zones - TZ identifier
 APP_TIMEZONE='{{timezone}}'
 APP_LOCALE={{locale}}
@@ -25,13 +25,15 @@ DB_HOST={{database_host}}
 DB_PORT={{database_port}}
 DB_DATABASE={{database_name}}
 DB_USERNAME={{database_username}}
-DB_PASSWORD={{pixelfed_database_password}}
+DB_PASSWORD={{database_password}}
-#MYSQL_ROOT_PASSWORD=
-#DB_PREFIX=null
-#DB_DUMP_PATH='/usr/bin'
-#DB_CHARSET=utf8mb4
-#DB_COLLATION=utf8mb4_unicode_ci
 
+{% if not enable_central_database | bool %}
+MYSQL_ROOT_PASSWORD={{database_password}}
+DB_PREFIX=null
+DB_DUMP_PATH='/usr/bin'
+DB_CHARSET=utf8mb4
+DB_COLLATION=utf8mb4_unicode_ci
+{% endif %}
 # --------------------------------------------
 # OPTIONAL: SSL DATABASE SETTINGS
 # --------------------------------------------
@@ -48,10 +50,10 @@ DB_SSL_VERIFY_SERVER=null
 # --------------------------------------------
 MAIL_MAILER             =   smtp
 MAIL_HOST               =   {{system_email.host}}                       # SMTP server address
-MAIL_PORT               =   {{system_email.host}}                                       # SMTP server address
+MAIL_PORT               =   {{system_email.port}}                       # SMTP server address
 MAIL_USERNAME           =   {{system_email.username}}                   # user to connect the SMTP server
 MAIL_PASSWORD           =   {{system_email.password}}                   # SMTP user's password
-MAIL_TLS_VERIFY_PEER    =   EMAIL_USE_TLS={{ system_email.tls | lower | capitalize }}   # use TLS (secure) connection with the SMTP server
+MAIL_TLS_VERIFY_PEER    =   {{ system_email.tls | lower | capitalize }} # use TLS (secure) connection with the SMTP server
 MAIL_FROM_ADDR          =   {{system_email.from}}                       # default email address for the automated emails
 MAIL_FROM_NAME          =   'Snipe-IT'
 MAIL_REPLYTO_ADDR       =   {{system_email.from}}                       # default email address for the automated emails
@@ -94,7 +96,7 @@ API_TOKEN_EXPIRATION_YEARS=40
 APP_TRUSTED_PROXIES=172.17.0.1  # Docker Gateway
 ALLOW_IFRAMING=false
 REFERRER_POLICY=same-origin
-ENABLE_CSP=true
+ENABLE_CSP=false
 CORS_ALLOWED_ORIGINS=null
 ENABLE_HSTS=false               # Certificates managed by nginx
 
@@ -160,7 +162,7 @@ LOG_CHANNEL=stderr
 LOG_MAX_DAYS=10
 APP_LOCKED=false
 APP_CIPHER=AES-256-CBC
-APP_FORCE_TLS=false
+APP_FORCE_TLS=true
 GOOGLE_MAPS_API=
 LDAP_MEM_LIM=500M
 LDAP_TIME_LIM=600

roles/docker-taiga/templates/env.j2

@@ -18,7 +18,7 @@ POSTGRES_HOST       =   "{{database_host}}"
 # Taiga's SMTP settings - Variables to send Taiga's emails to the users
 EMAIL_BACKEND       =   "{{email_backend}}"          # use an SMTP server or display the emails in the console (either "smtp" or "console")
 EMAIL_HOST          =   "{{system_email.host}}"      # SMTP server address
-EMAIL_PORT          =   "{{system_email.smtp_port}}" # default SMTP port
+EMAIL_PORT          =   "{{system_email.port}}" # default SMTP port
 EMAIL_HOST_USER     =   "{{system_email.username}}"  # user to connect the SMTP server
 EMAIL_HOST_PASSWORD =   "{{system_email.password}}"  # SMTP user's password
 EMAIL_DEFAULT_FROM  =   "{{system_email.from}}"      # default email address for the automated emails

roles/nginx-domain-redirect/tasks/main.yml

@@ -8,7 +8,7 @@
 - name: The domains for which a www. redirect will be implemented
   debug:
     var: domain_mappings
-  when: mode_debug | bool
+  when: enable_debug | bool
 
 - name: configure nginx redirect configurations
   vars:

roles/nginx-www-redirect/tasks/main.yml

@@ -17,7 +17,7 @@
 - name: The domains for which a www. redirect will be implemented
   debug:
     var: filtered_domains
-  when: mode_debug | bool
+  when: enable_debug | bool
 
 # Routine for domains with primary domain included
 
@@ -28,7 +28,7 @@
 - name: Debug with primary domain
   debug:
     var: filtered_domains_with_primary_domain
-  when: mode_debug | bool
+  when: enable_debug | bool
 
 - name: Include nginx-domain-redirect role with dynamic domain mappings for domains with {{primary_domain}} included
   include_role:
@@ -55,7 +55,7 @@
 - name: Debug domains without primary domain
   debug:
     var: filtered_domains_without_primary_domain
-  when: mode_debug | bool
+  when: enable_debug | bool
 
 - name: Include nginx-domain-redirect role with dynamic domain mappings for domains without primary domain
   include_role:

roles/systemd-notifier-email/templates/msmtprc.conf.j2

@@ -12,7 +12,7 @@ tls            off
 
 account        system_email
 host           {{system_email.host}}
-port           {{system_email.smtp_port}}
+port           {{system_email.port}}
 from           {{system_email.from}}
 user           {{system_email.username}}
 password       {{system_email.password}}

tasks/seed-database-to-backup.yml

@@ -5,7 +5,7 @@
       database_name: "{{ database_name | default('undefined') }}"
       database_username: "{{ database_username | default('undefined') }}"
       database_password: "{{ database_password | default('undefined') }}"
-  when: mode_debug | bool
+  when: enable_debug | bool
 
 - name: seed database values
   command: