chore(release): 2.0.4

Breaking change!

.github/FUNDING.yml

@@ -0,0 +1,2 @@
+github: equinoxel
+patreon: laurivan

CHANGELOG.md

@@ -2,9 +2,43 @@
 
 All notable changes to this project will be documented in this file. See [standard-version](https://github.com/conventional-changelog/standard-version) for commit guidelines.
 
-## 1.0.0 (2022-12-10)
+### [2.0.4](https://git.laurivan.com/Dev/ansible-role-outline-wiki/compare/v2.0.3...v2.0.4) (2023-02-03)
 
 
+### Bug Fixes
+
+* Change db update command. ([7c533ba](https://git.laurivan.com/Dev/ansible-role-outline-wiki/commit/7c533baa05bd6af418895a627303039081aa00ff))
+
+### [2.0.3](https://git.laurivan.com/Dev/ansible-role-outline-wiki/compare/v2.0.2...v2.0.3) (2022-12-12)
+
+### [2.0.2](https://git.laurivan.com/Dev/ansible-role-outline-wiki/compare/v2.0.1...v2.0.2) (2022-12-11)
+
+
+### Bug Fixes
+
+* **docs:** Update role documentation. ([f17ee9a](https://git.laurivan.com/Dev/ansible-role-outline-wiki/commit/f17ee9a9cc7ccb15f0196a7dbecf83e0b1c53bdf))
+* Remove superfluous port declaration. ([b7fd2cf](https://git.laurivan.com/Dev/ansible-role-outline-wiki/commit/b7fd2cff4539b97dfd3b70e1d1d26138ed648dd2))
+
+### [2.0.1](https://git.laurivan.com/Dev/ansible-role-outline-wiki/compare/v2.0.0...v2.0.1) (2022-12-11)
+
+
+### Bug Fixes
+
+* Fix template and rights. ([83d3e45](https://git.laurivan.com/Dev/ansible-role-outline-wiki/commit/83d3e45c05c096506430fd9e2568787c8a793a25))
+
+## [2.0.0](https://git.laurivan.com/Dev/ansible-role-outline-wiki/compare/v1.0.0...v2.0.0) (2022-12-10)
+
+
+### ⚠ BREAKING CHANGES
+
+* Make paths absolute.
+
+### Bug Fixes
+
+* Make paths absolute. ([310649b](https://git.laurivan.com/Dev/ansible-role-outline-wiki/commit/310649b9735822eee4f962bbb3f9207c33989f89))
+
+## 1.0.0 (2022-12-10)
+
 ### Bug Fixes
 
 * AWS variable, fake S3 condition. ([8b84af0](https://git.laurivan.com/Dev/ansible-role-outline-wiki/commit/8b84af081fc8ec7a63ce139409c3fbd546ae1478))

README.md

@@ -10,54 +10,126 @@ None
 
 All variables are listed below (see also `defaults/main.yml`).
 
-```yml
-# defaults file for outline
+### Outline Core Variables
 
+Outline requires a couple of secrets for data encryption:
+
+```yml
 outline_secret_key: 'changeme'
 outline_utils_secret: 'changeme'
+```
 
+You also need to specify the deployment type. Usually it's `production`
 
-outline_setup_path: '~/outline'
+```yml
 outline_deployment: ''
+```
 
-outline_port: 3000
-outline_url: "http://localhost:{{ outline_port }}"
-outline_force_https: "false"
-outline_enable_updates: "false"
-outline_cdn_url: 
+You also need to define how you access outline:
 
-outline_debug: "cache,presenters,events,emails,mailer,utils,multiplayer,server,services"
+- `outline_port` is the port mapping in Docker. Outline runs at port 3000, which is alos the default
+- `outline_url` is the public URL where we see Outline. If you use reverse proxy mapping, put the URL of the reverse proxy (in my case *[this one](https://wiki.home.laurivan.com)*).
+- `outline_force_https` will run with HTTPS if true. you can define it as *false* If you're behind a proxy or you don't have a certificate. It defaults to `false`.
+- `outline_enable_updates` will enable updates if true. Please read [the documentation](https://app.getoutline.com/s/770a97da-13e5-401e-9f8a-37949c19f97e/) for what this implies (e.g. telemetry)
+- Define `outline_cdn_url` if you have a CDN. Defaults to *empty*
 
+**Note**: `outline_url` will define the authentication redirect url for e.g. authentik
+
+You can define which debug messages to be logged via `outline_debug`.
+
+### Storage
+
+Following values are defined for the docker-compose:
+
+```yml
 outline_volume_base: "/mnt/outline"
+outline_setup_path: '{{ outline_volume_base }}/config'
 outline_volume_redis: "{{ outline_volume_base }}/redis"
 outline_volume_db: "{{ outline_volume_base }}/db"
 outline_volume_s3: "{{ outline_volume_base }}/s3"
+```
 
+Please note that `outline_volume_db` and `outline_volume_s3` are actually created only if local posstgres and fake_s3 containers are created by configuration below.
+
+You can specify a logo too via `outline_team_logo_url`. By default this is empty.
+
+You can also change the default language via `outline_language`. The role defaults the language to *en_US*.
+
+### Authentication
+
+Outline authentication can happen via:
+
+- OIDC
+- Google authentication
+- Slack
+
+You need to define at least one of them.
+
+#### OIDC
+
+OIDC parameters are
+
+```yml
 oidc_client_id:
 oidc_client_secret:
 oidc_auth_uri:
 oidc_token_uri:
 oidc_userinfo_uri:
+```
 
+Your authentication app should provide you all the above. I use something along the lines:
+
+```yml
+oidc_client_id: "changeme"
+oidc_client_secret: "changeme"
+oidc_auth_uri: "https://sso.laurivan.com/application/o/authorize/"
+oidc_token_uri: "https://sso.laurivan.com/application/o/token/"
+oidc_userinfo_uri: "https://sso.laurivan.com/application/o/userinfo/"
+oidc_username_claim: "preferred_username"
+```
+
+**Note**: you will probably need to provide the redirect URL to the authentication application. For Authentik, you can find it in the **Provider** for the specific application.
+
+#### Google ID
+
+You need to define:
+
+```yml
 outline_google_client_id:
 outline_google_client_secret:
+```
+
+#### Slack
+
+You need to define
+
+```yml
 outline_slack_client_id:
 outline_slack_client_secret:
+```
 
-# If the db_host is not "postgres", then we assume the
-# db is external and not spin up the docker container
+### Database
+
+You need to assign a database to Outline. This role allows you to launch Postgres in a container via:
+
+```yml
 outline_db_schema: "postgres"
 outline_db_host: "postgres"
 outline_db_port: "5432"
 outline_db_user: "postgres"
 outline_db_password: "changeme"
 outline_db: "outline"
+```
 
-# By default, PostgreSQL is not secured. If you have a secure
-# database instance, replace the content below with "enable".
-outline_db_ssl: "disable"
+If the db_host is not "postgres", then we assume the db is external and not spin up the docker container.
 
-# Spin up the fake S3 only if "fake_s3" is true
+By default, PostgreSQL is not secured. If you have a secure database instance, set the `outline_db_ssl` variable to "enable".
+
+### S3
+
+We define the following variables:
+
+```yml
 outline_fake_s3: true
 outline_fake_s3_port: 4569
 outline_aws_access_key_id:
@@ -68,17 +140,34 @@ outline_aws_s3_upload_bucket_name: outline-bucket
 outline_aws_s3_upload_max_size: "26214400"
 outline_aws_s3_force_path_style: "true"
 outline_aws_s3_acl: "private"
+```
 
+You need S3 (or S3-like) storage for e.g. uploaded files. By default, the role spins up the fake S3 only if `fake_s3` variable is true.
+
+I use [MinIO](https://min.io/) with something like:
+
+```yml
+outline_fake_s3: ""
+outline_aws_access_key_id: "change me"
+outline_aws_secret_access_key: "change me"
+outline_aws_region: "my-rack"
+outline_aws_s3_upload_bucket_url: "http://minio,example.com:9000"
+outline_aws_s3_upload_max_size: "26214400"
+outline_aws_s3_force_path_style: "true"
+outline_aws_s3_acl: "private"
+```
+
+### Email
+
+Outline can send notification emails if you set up the SMTP variables:
+
+```yml
 outline_smtp_host:
 outline_smtp_port:
 outline_smtp_username:
 outline_smtp_password:
 outline_smtp_from_email:
 outline_smtp_reply_email:
-
-outline_team_logo_url:
-
-outline_language: 'en_US'
 ```
 
 ## Dependencies

defaults/main.yml

@@ -7,7 +7,7 @@ outline_utils_secret: 'changeme'
 outline_deployment: ''
 
 outline_port: 3000
-outline_url: "http://localhost:{{ outline_port }}"
+outline_url: "http://localhost:{{ outline_public_port }}"
 outline_force_https: "false"
 outline_enable_updates: "false"
 outline_cdn_url: 

tasks/main.yml

@@ -21,11 +21,21 @@
     group: "{% if outline_gid %}{{ outline_gid }}{% else %}{{ ansible_effective_group_id }}{% endif %}"
     mode: "0750"
   with_items:
-    - "{{ outline_setup_path }}"
-    - "{{ outline_volume_redis }}"
-    - "{{ outline_volume_db }}"
-    - "{{ outline_volume_s3 }}"
+    - "{{ outline_setup_path | expanduser | realpath }}"
+    - "{{ outline_volume_redis | expanduser | realpath }}"
+    - "{{ outline_volume_s3 | expanduser | realpath }}"
+  tags:
+    - configuration
+  become: true
 
+- name: Set up the database directory.
+  ansible.builtin.file:
+    state: directory
+    path: "{{ item }}"
+    mode: "0755"
+    owner: 70
+  with_items:
+    - "{{ outline_volume_db | expanduser | realpath }}"
   tags:
     - configuration
   become: true
@@ -33,7 +43,7 @@
 - name: Write configuration files
   ansible.builtin.template:
     src: "{{ item }}.j2"
-    dest: "{{ outline_setup_path }}/{{ item }}"
+    dest: "{{ outline_setup_path | expanduser | realpath }}/{{ item }}"
     mode: '0640'
   loop:
     - "docker-compose.yml"
@@ -47,6 +57,6 @@
 
 - name: Ensure all requested components are running.
   community.docker.docker_compose:
-    project_src: "{{ outline_setup_path }}"
+    project_src: "{{ outline_setup_path | expanduser | realpath }}"
     build: false
   become: false

templates/docker-compose.yml.j2

@@ -13,7 +13,7 @@ services:
     networks:
       - outline
     volumes:
-      - {{ outline_volume_redis }}:/data
+      - {{ outline_volume_redis | expanduser | realpath }}:/data
       - /etc/timezone:/etc/timezone:ro
       - /etc/localtime:/etc/localtime:ro
 
@@ -21,7 +21,7 @@ services:
   postgres:
     image: docker.io/library/postgres:12-alpine
     env_file:
-      - "{{ outline_setup_path }}/env.db.conf"
+      - "{{ outline_setup_path | expanduser | realpath }}/env.db.conf"
     restart: unless-stopped
     healthcheck:
       test: ["CMD-SHELL", "pg_isready -d $${POSTGRES_DB} -U $${POSTGRES_USER}"]
@@ -45,24 +45,24 @@ services:
   s3:
     image: lphoward/fake-s3
     env_file:
-      - "{{ outline_setup_path }}/env.s3.conf"
+      - "{{ outline_setup_path | expanduser | realpath }}/env.s3.conf"
 {% if outline_fake_s3_port %}
     ports:
       - {{ outline_fake_s3_port }}:4569
 {% endif %}
     volumes:
-      - {{ outline_volume_s3 }}:/fakes3_root
+      - {{ outline_volume_s3 | expanduser | realpath }}:/fakes3_root
     networks:
       - outline
 {% endif %}
 
   outline:
     image: outlinewiki/outline:latest
-    command: sh -c "yarn start"
-    # command: sh -c "yarn sequelize:migrate --env production-ssl-disabled && yarn start"
+    #command: sh -c "yarn start"
+    command: sh -c "yarn db:migrate --env production-ssl-disabled && yarn start"
     env_file:
-      - "{{ outline_setup_path }}/env.outline.conf"
-      - "{{ outline_setup_path }}/env.oidc.conf"
+      - "{{ outline_setup_path | expanduser | realpath }}/env.outline.conf"
+      - "{{ outline_setup_path | expanduser | realpath }}/env.oidc.conf"
     restart: always
     ports:
       - {{ outline_port }}:3000
@@ -79,4 +79,3 @@ services:
 
 networks:
   outline: {}
-     

templates/env.outline.conf.j2

@@ -8,7 +8,11 @@ UTILS_SECRET={{ outline_utils_secret }}
 
 DEPLOYMENT={{ outline_deployment }}
 
+{% if outline_db_schema == 'postgres' and outline_db_host == 'postgres' %}
+DATABASE_URL=postgres://{{ outline_db_user }}:{{ outline_db_password }}@postgres:5432/{{ outline_db }}
+{% else %}
 DATABASE_URL={{ outline_db_schema }}://{{ outline_db_user }}:{{ outline_db_password }}@{{outline_db_host}}:{{ outline_db_port }}/{{ outline_db }}
+{% endif %}
 DATABASE_URL_TEST={{ outline_db_schema }}://{{ outline_db_user }}:{{ outline_db_password }}@{{outline_db_host}}:{{ outline_db_port }}/{{ outline_db }}_test
 REDIS_URL=redis://redis:6379
 
@@ -16,6 +20,7 @@ REDIS_URL=redis://redis:6379
 URL={{ outline_url }}
 PORT=3000
 
+
 # Optional. If using a Cloudfront distribution or similar the origin server
 # should be set to the same as URL.
 CDN_URL={{ outline_cdn_url }}
@@ -89,6 +94,3 @@ DEFAULT_LANGUAGE={{ outline_language }}
 {% if outline_db_ssl %}
 PGSSLMODE={{ outline_db_ssl }}
 {% endif %}
-
-
-