mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-08-15 08:30:46 +02:00

History

ansible: quote file modes; keycloak: robust LDAP bind update + config cleanup

Highlights
- Quote all file modes as strings ("0755"/"0770") across multiple roles to avoid YAML octal quirks and improve portability.
- Keycloak: introduce actions.{import_realm,update_ldap_bind} feature flags and wire them via vars/config.
- Implement idempotent LDAP bind updater (tasks/03_update-ldap-bind.yml):
  * kcadm login with no_log protection,
  * fetch LDAP UserStorage component by name,
  * compare current bindDn/bindCredential and update only when changed.
- Keycloak realm import template: keep providerId="ldap" and set name from keycloak_ldap_component_name.
- Centralize Keycloak readiness check in tasks/main.yml; remove duplicate waits from 02_update_client_redirects.yml and 04_ssh_public_key.yml.
- 01_import.yml: fix typo (keycloak), quote modes, tidy spacing, and replace Jinja-in-Jinja fileglob with concatenation.
- 02_update_client_redirects.yml: correct assert fail_msg filename; keep login-first flow.
- Minor template/vars tidy-ups (spacing, comments, consistent variable usage).

Files touched (excerpt)
- roles/*/*: replace 0755/0770 → "0755"/"0770"
- roles/web-app-keycloak/config/main.yml: add actions map
- roles/web-app-keycloak/vars/main.yml: unify Keycloak vars and feature flags
- roles/web-app-keycloak/tasks/{01_import,02_update_client_redirects,03_update-ldap-bind,04_ssh_public_key,main}.yml
- roles/web-app-keycloak/templates/{docker-compose.yml.j2,import/realm.json.j2}

https://chatgpt.com/share/689bda16-b138-800f-8258-e13f6d7d8239

2025-08-13 02:20:38 +02:00

files

Adapted roles to new architecture

2025-07-17 15:39:31 +02:00

handlers

Renamed cymais to infinito and did some other optimations and logout implementations

2025-07-29 16:35:42 +02:00

README.md

Docker Auto Restart

Description

This role automates the restart process for Docker Compose instances within a specified directory. It deploys a Python script that checks for the presence of docker-compose.yml files and restarts the associated services—using a hard restart for certain directories if needed.

Overview

Optimized for containerized environments, this role:

Sets up the necessary directories and scripts for restarting Docker Compose instances.
Configures a systemd service (and optionally a timer) to execute the restart script.
Handles both standard restarts and hard restarts for specific containers (e.g., for Mailu).

Purpose

The primary purpose of this role is to ensure that all Docker Compose services are restarted consistently, resolving issues that may arise from partial restarts. This helps maintain overall service stability and minimizes downtime.

Features

Automated Detection: Scans a specified parent directory for docker-compose.yml files.
Service Restart: Executes a Python script to restart Docker services via docker-compose.
Conditional Hard Restart: Applies a hard restart procedure for specific directories (e.g., Mailu).
Systemd Integration: Configures a systemd service and optionally a timer for scheduled restarts.

Context

This role was implemented to address the classic issue: "Have you tried turning it off and on again?". The problem initially arose with the fetchmail container in Mailu, which fails if only some containers, and not the full docker-compose composition, are restarted.

Credits 📝

This role was developed with the assistance of ChatGPT, including insights and optimizations from this conversation. Special thanks for providing guidance on error handling, Ansible best practices, and Python integration.