added new playbooks and tasks

2025-11-19 11:23:50 +01:00
parent 7c9a2109d5
commit 787f438a97
8 changed files with 177 additions and 12 deletions
--- a/playbooks/managed-mailcow/enable-sni-globally.yml
+++ b/playbooks/managed-mailcow/enable-sni-globally.yml
@@ -0,0 +1,34 @@
+---
+
+- name: Enable SNI globally
+  hosts: all
+  vars:
+    debug: false
+  tasks:
+
+  - name: "Get mailcow Installation location"
+    include_role:
+      name: managed-mailcow
+      tasks_from: find-mailcow-composedir
+
+  - name: "Prüfe ob mailcow.conf exists"
+    ansible.builtin.stat:
+      path: "{{ mailcow_dir_result.files[0].path }}/mailcow.conf"
+    register: mailcow_conf
+
+  - name: "Setze SNI global ein"
+    ansible.builtin.replace:
+      path: "{{ mailcow_dir_result.files[0].path }}/mailcow.conf"
+      regexp: "^ENABLE_SSL_SNI=n"
+      replace: "ENABLE_SSL_SNI=y"
+      backup: yes
+    register: sni
+    when: mailcow_conf.stat.exists
+      
+  - name: "Restart mailcow Docker Compose"
+    vars:
+      docker_compose_path: "{{ mailcow_dir_result.files[0].path }}"
+    include_role:
+      name: managed-mailcow
+      tasks_from: start-mailcow
+    when: sni.changed
--- a/playbooks/managed-mailcow/remove-watchdog-mail.yaml
+++ b/playbooks/managed-mailcow/remove-watchdog-mail.yaml
@@ -0,0 +1,34 @@
+---
+
+- name: Enable SNI globally
+  hosts: all
+  vars:
+    debug: false
+  tasks:
+
+  - name: "Get mailcow Installation location"
+    include_role:
+      name: managed-mailcow
+      tasks_from: find-mailcow-composedir
+
+  - name: "Check if mailcow.conf exists"
+    ansible.builtin.stat:
+      path: "{{ mailcow_dir_result.files[0].path }}/mailcow.conf"
+    register: mailcow_conf
+
+  - name: "Remove WATCHDOG_NOTIFY_EMAIL globally"
+    ansible.builtin.replace:
+      path: "{{ mailcow_dir_result.files[0].path }}/mailcow.conf"
+      regexp: "^WATCHDOG_NOTIFY_EMAIL=info@servercow.de"
+      replace: "#WATCHDOG_NOTIFY_EMAIL="
+      backup: yes
+    register: watchdog
+    when: mailcow_conf.stat.exists
+      
+  - name: "Restart mailcow Docker Compose"
+    vars:
+      docker_compose_path: "{{ mailcow_dir_result.files[0].path }}"
+      verbose: false
+    include_role:
+      name: managed-mailcow
+      tasks_from: start-mailcow
--- a/playbooks/os-major-upgrade.yml
+++ b/playbooks/os-major-upgrade.yml
@@ -2,6 +2,10 @@
  vars:
    os_update_major_version: true # Can either be true or false | To toggle if systems need to be upgraded to newer codename
    os_update_version_codename: "trixie" # Change to switch major release (e.g. bookworm or trixie) | Used for jinja2 Template fill in as it determines the current codename of system where ansible is run on
+    snapshot_name: "AUTO_before_major_{{ ansible_date_time.date }}" # Name of the snapshot to be created before major upgrade
+  vars_files:
+  # Load vault file for sensitive data like Proxmox API tokens
+  - ../vault.yml
  tasks:
    - name: Verify if system is Debian
      debug:
@@ -13,8 +17,53 @@
        msg: "This playbook only supports Debian."
      when: ansible_os_family != "Debian"

+    - name: Read /etc/os-release
+      ansible.builtin.slurp:
+        src: /etc/os-release
+      register: os_release
+      when: ansible_os_family == "Debian"
+
+    - name: Extract current codename
+      ansible.builtin.set_fact:
+        current_os_codename: >-
+          {{ (os_release.content | b64decode).splitlines()
+             | select('match','^VERSION_CODENAME=')
+             | list | first | regex_replace('^VERSION_CODENAME=', '') | lower }}
+      when: ansible_os_family == "Debian"
+
+    - name: Show current and target codenames
+      debug:
+        msg: "Current codename: {{ current_os_codename }}, Target codename: {{ os_update_version_codename | lower }}"
+      when: ansible_os_family == "Debian"
+
+    - name: Include Proxmox Info task
+      ansible.builtin.include_role:
+        name: proxmox-automation
+        tasks_from: get-vmid
+      when:
+        - ansible_os_family == "Debian"
+        - current_os_codename | lower != os_update_version_codename | lower
+
+    - name: Create Snapshot before Modifications
+      ansible.builtin.include_role:
+        name: proxmox-automation
+        tasks_from: create-snapshots
+      when:
+        - ansible_os_family == "Debian"
+        - current_os_codename | lower != os_update_version_codename | lower
+
    - name: Include OS update role
      ansible.builtin.include_role:
        name: os-updates
        tasks_from: update_major_version
-      when: ansible_os_family == "Debian"
+      when:
+        - ansible_os_family == "Debian"
+        - current_os_codename | lower != os_update_version_codename | lower
+
+    - name: Check if system is back online after reboot
+      ansible.builtin.wait_for_connection:
+        delay: 10
+        timeout: 300
+      when:
+        - ansible_os_family == "Debian"
+        - current_os_codename | lower != os_update_version_codename | lower