mirror of
https://github.com/kevinveenbirkenbach/computer-playbook.git
synced 2025-08-18 17:55:09 +02:00
Kevin Veen-Birkenbach
2620ee088e
- replaced CERTBOT_DNS_API_TOKEN with CLOUDFLARE_API_TOKEN everywhere - introduced generic sys-dns-cloudflare-records role for managing DNS records - added sys-dns-hetzner-rdns role with both Cloud (hcloud) and Robot API flavors - updated Mailu role to: - generate DKIM before DNS setup - delegate DNS + rDNS records to the new generic roles - removed legacy per-role Cloudflare vars (MAILU_CLOUDFLARE_API_TOKEN) - extended group vars with HOSTING_PROVIDER for rDNS flavor decision - added hetzner.hcloud collection to requirements This consolidates DNS management into reusable roles, supports both Cloudflare and Hetzner providers, and standardizes variable naming across the project.
61 lines
3.2 KiB
YAML
61 lines
3.2 KiB
YAML
# General
|
|
application_id: "web-app-mailu"
|
|
http_port: "{{ ports.localhost.http[application_id] }}"
|
|
proxy_extra_configuration: "client_max_body_size 31M;"
|
|
|
|
# Database Configuration
|
|
database_password: "{{ applications | get_app_conf(application_id, 'credentials.database_password') }}"
|
|
database_type: "mariadb"
|
|
|
|
# Cert Mount
|
|
cert_mount_directory: "{{ docker_compose.directories.volumes }}certs/"
|
|
|
|
# Mailu
|
|
|
|
## Meta
|
|
MAILU_WEBSITE: "{{ domains | get_url(application_id, WEB_PROTOCOL) }}"
|
|
|
|
## Domains
|
|
MAILU_DOMAIN: "{{ applications | get_app_conf(application_id, 'domain') }}"
|
|
MAILU_DOMAIN_DNS_ZONE: "{{ MAILU_DOMAIN | to_zone }}"
|
|
MAILU_HOSTNAMES: "{{ domains[application_id] }}"
|
|
MAILU_HOSTNAME: "{{ domains | get_domain(application_id) }}"
|
|
MAILU_HOSTNAME_DNS_ZONE: "{{ MAILU_HOSTNAME | to_zone }}"
|
|
|
|
## Docker
|
|
MAILU_VERSION: "{{ applications | get_app_conf(application_id, 'docker.services.mailu.version') }}"
|
|
MAILU_CONTAINER: "{{ applications | get_app_conf(application_id, 'docker.services.mailu.name') }}"
|
|
|
|
## Volumes
|
|
MAILU_SMTP_QUEUE_VOLUME: "mailu_smtp_queue"
|
|
MAILU_ADMIN_DATA_VOLUME: "mailu_admin_data"
|
|
MAILU_WEBDAV_DATA: "mailu_webdav_data"
|
|
MAILU_WEBMAIL_DATA: "mailu_webmail_data"
|
|
MAILU_FILTER_VOLUME: "mailu_filter"
|
|
MAILU_DKIM_VOLUME: "mailu_dkim"
|
|
MAILU_DOVECOT_MAIL_VOLUME: "mailu_dovecot_mail"
|
|
|
|
## Network
|
|
MAILU_DNS_RESOLVER: "{{ networks.local['web-app-mailu'].dns_resolver }}"
|
|
MAILU_IP4_PUBLIC: "{{ networks.internet.ip4 }}"
|
|
MAILU_IP6_PUBLIC: "" #Deactivated atm. but cloudflare logic present @todo activate it when it's configured for docker. See https://chatgpt.com/share/68a0acb8-db20-800f-9d2c-b34e38b5cdee
|
|
MAILU_SUBNET: "{{ networks.local['web-app-mailu'].subnet }}"
|
|
|
|
## Credentials
|
|
MAILU_SECRET_KEY: "{{ applications | get_app_conf(application_id,'credentials.secret_key') }}"
|
|
MAILU_API_TOKEN: "{{ applications | get_app_conf(application_id, 'credentials.api_token') }}"
|
|
|
|
## OIDC
|
|
MAILU_OIDC_ENABLED: "{{ applications | get_app_conf(application_id, 'features.oidc', False) }}"
|
|
MAILU_OIDC_EMAIL_BY_USERNAME_ENABLED: "{{ applications | get_app_conf(application_id, 'oidc.email_by_username') }}"
|
|
MAILU_OIDC_ENABLE_USER_CREATION: "{{ applications | get_app_conf(application_id, 'oidc.enable_user_creation') | string | capitalize }}"
|
|
|
|
# Use dedicated source for oidc if activated
|
|
# @see https://github.com/heviat/Mailu-OIDC/tree/2024.06
|
|
MAILU_DOCKER_FLAVOR: "{{ 'ghcr.io/heviat' if MAILU_OIDC_ENABLED | bool else 'ghcr.io/mailu' }}"
|
|
|
|
MAILU_DMARC_RUF: "{{ applications | get_app_conf(application_id, 'users.administrator.email') }}"
|
|
|
|
MAILU_DKIM_KEY_FILE: "{{ MAILU_DOMAIN }}.dkim.key"
|
|
MAILU_DKIM_KEY_PATH: "/dkim/{{ MAILU_DKIM_KEY_FILE }}"
|