hetzner-ansible/roles/connect/defaults/main.yml

---

connect_image_name: docker.arxes-tolina.de/smardigo/connect-whitelabel-app

connect_version: '7.1.0-SNAPSHOT'
connect_admin_username: "connect-admin"
connect_admin_password: "connect-admin"

connect_postgres_version: "12"
connect_postgres_database: "connect-postgres"
connect_postgres_admin_username: "connect-postgres-admin"
connect_postgres_admin_password: "connect-postgres-admin"

connect_mail_properties_base_url: "{{ http_s }}://{{ connect_id }}.{{ domain }}"
connect_mail_properties_base_url_extern: "{{ http_s }}://{{ connect_id }}.{{ domain }}"

connect_id: "{{ service_name }}-connect"
connect_postgres_id: "{{ service_name }}-postgres-connect"

connect_labels: [
  '"traefik.enable=true"',
  '"traefik.http.routers.{{ connect_id }}.service={{ connect_id }}"',
  '"traefik.http.routers.{{ connect_id }}.rule=Host(`{{ connect_id }}.{{ domain }}`)"',
  '"traefik.http.routers.{{ connect_id }}.entrypoints=websecure"',
  '"traefik.http.routers.{{ connect_id }}.tls=true"',
  '"traefik.http.routers.{{ connect_id }}.tls.certresolver=letsencrypt"',
  '"traefik.http.services.{{ connect_id }}.loadbalancer.server.port={{ service_port }}"',

  '"traefik.http.routers.{{ connect_id }}-admin.service={{ connect_id }}-admin"',
  '"traefik.http.routers.{{ connect_id }}-admin.rule=Host(`{{ connect_id }}.{{ domain }}`)"',
  '"traefik.http.routers.{{ connect_id }}-admin.entrypoints=admin-service"',
  '"traefik.http.routers.{{ connect_id }}-admin.tls=true"',
  '"traefik.http.routers.{{ connect_id }}-admin.tls.certresolver=letsencrypt"',
  '"traefik.http.routers.{{ connect_id }}-admin.middlewares={{ connect_id }}-admin-cors"',
  '"traefik.http.middlewares.{{ connect_id }}-admin-cors.headers.accesscontrolallowmethods=GET,OPTIONS"',
  '"traefik.http.middlewares.{{ connect_id }}-admin-cors.headers.accesscontrolalloworigin=*"',
  '"traefik.http.middlewares.{{ connect_id }}-admin-cors.headers.accesscontrolallowheaders=SMA_USER"',
  '"traefik.http.services.{{ connect_id }}-admin.loadbalancer.server.port={{ management_port }}"',

  '"traefik.http.routers.{{ connect_id }}-monitor.service={{ service_name }}-node-exporter"',
  '"traefik.http.routers.{{ connect_id }}-monitor.rule=Host(`{{ connect_id }}.{{ domain }}`)"',
  '"traefik.http.routers.{{ connect_id }}-monitor.entrypoints=admin-system"',
  '"traefik.http.routers.{{ connect_id }}-monitor.tls=true"',
  '"traefik.http.routers.{{ connect_id }}-monitor.tls.certresolver=letsencrypt"',
]

connect_docker: {
  networks: [
    {
      name: back-tier,
      external: true,
    },
    {
      name: front-tier,
      external: true,
    },
  ],
  volumes: [
    {
      name: "{{ connect_postgres_id }}-data"
    }
  ],
  services: [
    {
      name: "{{ connect_id }}",
      image_name: "{{ connect_image_name }}",
      image_version: "{{ connect_version }}",
      labels: "{{ connect_labels + ( connect_labels_additional | default([])) }}",
      restart: "{{ connect_service_restart | default('always') }}",
      environment: [
        "ADMIN_LOGIN: \"{{ connect_admin_username }}\"",
        "ADMIN_PASSWORD: \"{{ connect_admin_password }}\"",

        "DATASOURCE_URL: \"jdbc:postgresql://{{ connect_postgres_id }}:{{ service_port_postgres }}/{{ connect_postgres_database }}\"",
        "DATASOURCE_USERNAME: \"{{ connect_postgres_admin_username }}\"",
        "DATASOURCE_PASSWORD: \"{{ connect_postgres_admin_password }}\"",

        "MAIL_PROTOCOL: \"{{ connect_mail_protocol | default('smtp') }}\"",
        "MAIL_HOST: \"{{ connect_mail_host | default('smtp.tolina.local') }}\"",
        "MAIL_PORT: \"{{ connect_mail_port | default('25') }}\"",
        "MAIL_USER: \"{{ connect_mail_user | default('') }}\"",
        "MAIL_PASSWORD: \"{{ connect_mail_password | default('') }}\"",
        "MAIL_PROPERTIES_SIMULATION: \"{{ connect_mail_properties_simulation | default('true') }}\"",
        "MAIL_PROPERTIES_BASE_URL: \"{{ connect_mail_properties_base_url }}\"",
        "MAIL_PROPERTIES_BASE_URL_EXTERN: \"{{ connect_mail_properties_base_url_extern }}\"",
        "MAIL_PROPERTIES_SENDER: \"{{ connect_mail_properties_sender | default('noreply-connect@arxes-tolina.de') }}\"",
        "MAIL_PROPERTIES_SENDER_ALIAS: \"{{ connect_mail_properties_sender_alias | default('noreply-connect') }}\"",

        "AUTH_MODULE: \"{{ connect_auth_module | default('preauth') }}\"",
        "OIDC_CLIENT_ID: \"{{ connect_oidc_client_id | default('oidc_config_not_found') }}\"",
        "OIDC_CLIENT_SECRET: \"{{ connect_oidc_client_secret | default('oidc_config_not_found') }}\"",
        "OIDC_REGISTRATION_ID: \"{{ connect_oidc_registration_id | default('oidc_config_not_found') }}\"",
        "OIDC_ISSUER_URI: \"{{ connect_oidc_issuer_uri | default('oidc_config_not_found') }}\"",
        "PASSWORD_CHANGE_URL: \"{{ connect_password_change_url | default('') }}\"",
        "USER_MANAGEMENT_URL: \"{{ connect_iam_user_management_url | default('') }}\"",

        "IAM_MODULE: \"{{ connect_iam_module | default('embedded') }}\"",
        "IAM_CLIENT_ENABLED: \"{{ smardigo_iam_client_enabled | default('false') }}\"",
        "EXTERNAL_IAM_SERVER_URL: \"{{ smardigo_iam_client_server_url | default('') }}\"",

        "SMA_API_TOKEN_SECRET: \"{{ connect_api_token_secret | default('') }}\"",

        "SMA_CSRF_TOKEN_NAME: \"{{ connect_csrf_token_name | default('') }}\"",
        "SMA_CSRF_TOKEN_VALUE: \"{{ connect_csrf_token_value | default('') }}\"",

        "SPRING_PROFILES_INCLUDE: \"{{ spring_profiles_include | default('swagger') }}\"",
        "RIBBON_DISPLAY_ON_ACTIVE_PROFILES: \"{{ ribbon_display_on_active_profiles | default('dev') }}\"",
      ],
      networks: [
        '"back-tier"',
        '"front-tier"',
      ],
      extra_hosts: "{{ connect_extra_hosts | default([]) }}",
    },
    {
      name: "{{ connect_postgres_id }}",
      image_name: "postgres",
      image_version: "{{ connect_postgres_version }}",
      environment: [
        'POSTGRES_DB: "{{ connect_postgres_database }}"',
        'POSTGRES_USER: "{{ connect_postgres_admin_username }}"',
        'POSTGRES_PASSWORD: "{{ connect_postgres_admin_password }}"',
      ],
      volumes: [
        '"{{ connect_postgres_id }}-data:/var/lib/postgresql/data"',
      ],
      networks: [
        '"back-tier"',
      ],
      ports: "{{ connect_postgres_ports | default([]) }}",
    },
  ],
}