mirror of
https://github.com/kevinveenbirkenbach/computer-playbook.git
synced 2025-10-10 02:38:10 +02:00
Kevin Veen-Birkenbach
ca52dcda43
- Add CPU, memory and PID limits to all services in config/main.yml to prevent OOM - Replace old LDAP admin bootstrap with new 02_admin.yml using OPENPROJECT_ADMINISTRATOR_* vars - Standardize variable names (uppercase convention) - Fix HTTPS/HSTS port check (443 instead of 433) - Allow docker_restart_policy override in base.yml.j2 - Cleanup redundant LDAP admin runner in 01_ldap.yml See: https://chatgpt.com/share/68d40c6e-ab9c-800f-a4a0-d9338d8c1b32
31 lines
1.2 KiB
YAML
31 lines
1.2 KiB
YAML
- name: Ensure administrator user exists and is admin
|
|
shell: >
|
|
docker compose exec web bash -c "
|
|
cd /app &&
|
|
RAILS_ENV={{ ENVIRONMENT | lower }} bundle exec rails runner \"
|
|
u = User.find_by(login: '{{ OPENPROJECT_ADMINISTRATOR_USERNAME }}')
|
|
if u.nil?
|
|
u = User.new(
|
|
login: '{{ OPENPROJECT_ADMINISTRATOR_USERNAME }}',
|
|
mail: '{{ OPENPROJECT_ADMINISTRATOR_EMAIL }}',
|
|
firstname: 'Admin',
|
|
lastname: 'User',
|
|
password: '{{ OPENPROJECT_ADMINISTRATOR_PASSWORD }}',
|
|
password_confirmation: '{{ OPENPROJECT_ADMINISTRATOR_PASSWORD }}'
|
|
)
|
|
u.admin = true
|
|
u.save!
|
|
puts 'Administrator {{ OPENPROJECT_ADMINISTRATOR_USERNAME }} created and set as admin.'
|
|
else
|
|
u.admin = true
|
|
u.save!
|
|
puts 'User {{ OPENPROJECT_ADMINISTRATOR_USERNAME }} updated to admin.'
|
|
end
|
|
\"
|
|
"
|
|
args:
|
|
chdir: "{{ docker_compose.directories.instance }}"
|
|
async: "{{ ASYNC_TIME if ASYNC_ENABLED | bool else omit }}"
|
|
poll: "{{ ASYNC_POLL if ASYNC_ENABLED | bool else omit }}"
|
|
no_log: "{{ MASK_CREDENTIALS_IN_LOGS | bool }}"
|