kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-12-07 18:05:09 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
eca7ffea3613c6b012f4194fdaf1a6dc1b630b0f
computer-playbook/roles/web-app-suitecrm
History
Kevin Veen-Birkenbach 986f959696 Refactor webserver proxy variables and fix BigBlueButton deployment behavior 
Refactor proxy/webserver configuration variables to a consistent webserver_* naming scheme across roles. Replace legacy variables like proxy_extra_configuration, client_max_body_size, vhost_flavour, location_ws and ws_port with webserver_extra_configuration, webserver_client_max_body_size, webserver_vhost_flavour, webserver_websocket_location and webserver_websocket_port. Update NGINX vhost and location templates (html, upload, ws, basic, ws_generic) as well as callers (sys-front-inj-all, sys-stk-front-proxy, various web-app-* and web-svc-* roles) to use the new naming.

Tighten docker-compose Git repository handling by making docker_git_repository_pull depend on docker_git_repository_address being defined, a string and non-empty. This avoids accidental Git operations when the repository address is unset or of the wrong type.

Refactor the BigBlueButton role structure and fix deployment bugs: introduce 01_core.yml to orchestrate docker/proxy setup, database seeding, websocket map deployment, docker-compose overrides and admin/bootstrap logic in a single once-executed entrypoint. Rename supporting task files (02_docker-compose.yml, 03_administrator.yml, 04_dependencies.yml) and update tasks/main.yml to delegate via include_tasks with run_once_web_app_bigbluebutton. Improve Greenlight admin creation behavior by treating the 'Email has already been taken' error as a non-fatal, unchanged outcome and running user:set_admin_role as a fallback, both for the primary password and the OIDC starred-password path.

Also standardize vhost flavour selection for services like Mailu, Discourse, CDN, Collabora, Coturn, OnlyOffice, Simpleicons and web-svc-logout by explicitly passing webserver_vhost_flavour where needed and aligning client_max_body_size and websocket configuration with the new webserver_* variables.

Reference: ChatGPT conversation https://chatgpt.com/share/6931c530-bba8-800f-9997-dd61dc1d497b
2025-12-04 18:31:09 +01:00
..
config
Activated oauth2 for suitecrm
2025-11-27 13:48:45 +01:00
files
SuiteCRM: Implement and activate full LDAP authentication support
2025-11-27 10:46:32 +01:00
meta
schema
tasks
Add dynamic PHP error handling config for SuiteCRM:
2025-11-27 13:18:50 +01:00
templates
Add dynamic PHP error handling config for SuiteCRM:
2025-11-27 13:18:50 +01:00
users
Remove unused SuiteCRM SMTP environment variables and cleanup user definitions
2025-11-27 12:42:37 +01:00
vars
Refactor webserver proxy variables and fix BigBlueButton deployment behavior
2025-12-04 18:31:09 +01:00
README.md
Implemented CLI installer draft and replaced OIDC by OAuth2 Proxy for SuiteCRM - See https://chatgpt.com/share/69274924-9dec-800f-8653-345aa2c25664
2025-11-27 01:10:11 +01:00

README.md

SuiteCRM

Description

Manage your customer relationships with SuiteCRM, a powerful open-source CRM platform extending SugarCRM with advanced modules, workflows, and integrations. This role integrates SuiteCRM into the Infinito.Nexus ecosystem with centralized database, mail and LDAP-ready single sign-on integration. 🚀💼

Overview

This Ansible role deploys SuiteCRM using Docker and the Infinito.Nexus shared stack. It handles:

  • MariaDB database provisioning via the sys-svc-rdbms role
  • Nginx domain and reverse-proxy configuration
  • Environment variable management through Jinja2 templates
  • Docker Compose orchestration for the SuiteCRM application container
  • Native LDAP authentication via Symfonys LDAP configuration
  • SSO integration via SAML / OAuth2 configured inside SuiteCRMs Administration Panel

With this role, you get a production-ready CRM environment that plugs into your existing IAM stack.

Features

  • Sales & Service CRM: Accounts, Contacts, Leads, Opportunities, Cases, Campaigns and more 📊
  • Workflow Engine: Automate business processes and notifications 🛠️
  • LDAP Authentication: Centralize user authentication against OpenLDAP 🔐
  • SSO-Ready: Integrates with SAML / OAuth2 providers (e.g. Keycloak as IdP) via SuiteCRMs admin UI 🌐
  • Config via Templates: Fully customizable .env and docker-compose.yml rendered via Jinja2 ⚙️
  • Health Checks & Logging: Integrates with Infinito.Nexus health checking and journald logging 📈
  • Modular Role Composition: Uses shared roles for DB, proxy and monitoring to keep your stack consistent 🔄

Further Resources

LDAP & SSO Notes

  • LDAP is configured via environment variables (AUTH_TYPE=ldap, LDAP_*).
    The role writes a config_override.php so SuiteCRMs legacy backend uses LDAP for authentication against your OpenLDAP service.

  • SSO in SuiteCRM 8 is handled via SAML (e.g. with Keycloak as IdP) and OAuth providers configured in the Administration panel (for outbound email and API access). This role does not implement full OIDC login flows; instead, you configure SAML/OAuth inside SuiteCRMs admin UI.

Credits

Developed and maintained by Kevin Veen-Birkenbach.
Consulting & Coaching Solutions: veen.world 🌟
Part of the Infinito.Nexus Project 📂
License: Infinito.Nexus NonCommercial License ⚖️

Reference in New Issue View Git Blame Copy Permalink