Add missing Ansible changes

    - setup: # gather facts

  tasks:

  - name: install dependencies

    apt:

      pkg: ['apt-transport-https', 'ca-certificates', 'curl', 'software-properties-common', 'apache2-utils',

            'docker.io', 'docker-compose', 'gnupg2', 'pass', 'certbot', 'dnsutils']

  - name: create credentials folder

    shell: mkdir -p credentials/{{ inventory_hostname }}/

    delegate_to: localhost

    become: no

  - name: detect if ecloud selfhosting is already installed (compatibility with old versions)

    shell: ls /mnt/repo-base/.git/ /mnt/repo-base/volumes/nextcloud/config/config.php && touch /mnt/repo-base/config-dynamic/.installation-complete

  - name: detect if ecloud selfhosting is already installed

    shell: "[[ -d /mnt/repo-base/.git/ && -f /mnt/repo-base/volumes/nextcloud/config/config.php && ! -f /mnt/repo-base/config-dynamic/.installation-complete ]]"

    args:

      creates: /mnt/repo-base/config-dynamic/.installation-complete

      executable: /bin/bash

    ignore_errors: yes

    register: installation_complete_result

  - name: fetch existing passwords from server

    block:

      - name: create installation-complete file

        shell: touch /a/config-dynamic/.installation-complete

      - name: fetch env file to read passwords

        fetch:

          src: /mnt/repo-base/.env

          dest: credentials/env

          dest: credentials/{{ inventory_hostname }}/env

          flat: yes

      - name: create credentials folder

        shell: mkdir -p credentials/{{ inventory_hostname }}/

        delegate_to: localhost

      - name: read variables from env file and write to credentials folder

        shell: grep {{ item.env_var }} credentials/env | cut -d '=' -f2 > credentials/{{ inventory_hostname }}/{{ item.credentials_var }}

        shell: grep {{ item.env_var }} credentials/{{ inventory_hostname }}/env | cut -d '=' -f2 > credentials/{{ inventory_hostname }}/{{ item.credentials_var }}

        delegate_to: localhost

        become: no

        with_items:

          - { env_var: 'RSPAMD_PASSWORD', credentials_var: 'rspamd_password' }

          #- { env_var: 'NEXTCLOUD_ADMIN_USER', credentials_var: 'nextcloud_admin_user' }

          - { env_var: 'NEXTCLOUD_ADMIN_USER', credentials_var: 'nextcloud_admin_user' }

          - { env_var: 'NEXTCLOUD_ADMIN_PASSWORD', credentials_var: 'nextcloud_admin_password' }

          - { env_var: 'MYSQL_USER_NC', credentials_var: 'mysql_user_nextcloud' }

          - { env_var: 'MYSQL_PASSWORD_NC', credentials_var: 'mysql_password_nextcloud' }

          - { env_var: 'POSTFIXADMIN_SSH_PASSWORD', credentials_var: 'postfixadmin_ssh_password' }

          - { env_var: 'CREATE_ACCOUNT_PASSWORD', credentials_var: 'create_account_password' }

          - { env_var: 'PFA_SUPERADMIN_PASSWORD', credentials_var: 'pfa_superadmin_password' }

          - { env_var: 'PFDB_DB', credentials_var: 'postfix_database_name' }

          - { env_var: 'PFDB_USR', credentials_var: 'postfix_database_user' }

      - name: remove local copy of env file

        command: rm credentials/env

        command: rm credentials/{{ inventory_hostname }}/env

        delegate_to: localhost

    when: installation_complete_result is changed # meaning that an existing ecloud installation was found on the server

        become: no

    when: installation_complete_result is success # meaning that an existing ecloud installation was found on the server

  - name: install dependencies

    apt:

      pkg: ['apt-transport-https', 'ca-certificates', 'curl', 'software-properties-common', 'apache2-utils',

            'docker.io', 'docker-compose', 'gnupg2', 'pass', 'certbot', 'dnsutils']

  - name: create folders

    file: path={{item.path}} state=directory owner={{item.owner}}

  - name: generate random usernames if they dont exist

    shell: if [ ! -e "credentials/{{ inventory_hostname }}/{{ item.name }}" ]; then echo "{{ item.prefix }}{{ item.random_id }}" > "credentials/{{ inventory_hostname }}/{{ item.name }}"; fi

    delegate_to: localhost

    become: no

    vars:

      mysql_user_nextcloud:     "{{ lookup('password', '/dev/null chars=ascii_letters,digits length=4') }}"

      nextcloud_admin_user:     "{{ lookup('password', '/dev/null chars=ascii_letters,digits length=4') }}"

      mysql_user_nextcloud:         "{{ lookup('file', 'credentials/{{ inventory_hostname }}/mysql_user_nextcloud') }}"

      nextcloud_admin_user:         "{{ lookup('file', 'credentials/{{ inventory_hostname }}/nextcloud_admin_user') }}"

      mysql_database_nextcloud:     "{{ lookup('file', 'credentials/{{ inventory_hostname }}/mysql_database_nextcloud') }}"

      postfix_database_name:        "postfix"

      postfix_database_user:        "postfix"

  - name:  add nginx config files

    template: src=templates/nginx/sites-enabled/{{item.src}} dest=/mnt/repo-base/config-dynamic/nginx/sites-enabled/{{item.dest}}

  # NOTE: It is not possible to get realtime output from ansible tasks.

  # https://github.com/ansible/ansible/issues/3887#issuecomment-54672569

  # TODO: fails with error Access denied for user 'root'@'localhost' (using password: YES)

  # TODO: this works fine: MYSQL_RANDOM_ROOT_PASSWORD=yes

  # TODO: also works when passing password directly, without var

  - name: run postinstall script (this will take a while)

    command: bash /mnt/repo-base/scripts/postinstall.sh

    args:

      special_time=daily

      name=ssl-renew

      job="bash /mnt/repo-base/scripts/ssl-renew.sh >> /mnt/repo-base/volumes/letsencrypt/letsencrypt-cron.log 2>&1"

DOMAIN=maindomain.com

ADD_DOMAINS=domainA.com,domainB.com

ENABLE_POP3=false

DISABLE_RATELIMITING=false

 No newline at end of file

DOMAIN=Enter your mailserver (management) domain (e.g. domainA.com):

ADD_DOMAINS=Optionally enter additional domain(s) (comma separated, no white spaces) to handle mail for (e.g. domainB.com,domainC.com) or just press enter if you need none:

ALT_EMAIL=Enter alternative email:

INSTALL_ONLYOFFICE=Do you want to install OnlyOffice? [y/n]||||^[yY|nN]$;;;;Please enter 'y' or 'n'

# Generate and display

RSPAMD_PASSWORD=@@@generate@@@:20@

NEXTCLOUD_ADMIN_USER=ncadmin_@@@generate@@@:4@

NEXTCLOUD_ADMIN_PASSWORD=@@@generate@@@:20@

# Generate and use "under the hood"

MYSQL_USER_NC=nc_@@@generate@@@:4@

MYSQL_PASSWORD_NC=@@@generate@@@:20@

MYSQL_DATABASE_NC=ncdb_@@@generate@@@:4@

SMTP_PW=@@@generate@@@:20@

PFDB_DB=postfix;default

PFDB_USR=postfix;default

MYSQL_ROOT_PASSWORD=@@@generate@@@:20@

DBPASS=@@@generate@@@:20@

DRIVE_SMTP_PASSWORD=@@@generate@@@:16@

POSTFIXADMIN_SSH_PASSWORD=@@@generate@@@:20@

CREATE_ACCOUNT_PASSWORD=@@@generate@@@:20@

PFA_SUPERADMIN_PASSWORD=1@@@generate@@@:16@2

# fixed defaults

ENABLE_POP3=false;default

DISABLE_RATELIMITING=false;default

# To be constructed repo specific

#SMTP_FROM=welcome@domainA.com

#VIRTUAL_HOST (for each domain two subdomains autoconfig/autodiscover)

#VHOSTS_ACCOUNTS=welcome.domainA.com

upgrade-all:

  pkg.uptodate:

    - name: update

    - refresh: true

  cmd.run:

    - name: apt-get -y upgrade -o Dpkg::Options::="--force-confold" && apt-get -y autoremove

    - shell: /bin/bash

install-deps:

  pkg.installed:

    - pkgs:

      - apt-transport-https

      - ca-certificates

      - curl

      - software-properties-common

      - apache2-utils

      - docker.io

      - docker-compose

      - gnupg2

      - pass

      - certbot

      - jq

      - dnsutils

    - require:

      - upgrade-all

docker-running:

  service.running:

    - name: docker

    - enable: true

    - require:

      - install-deps

cron-renew-ssl-certs:

  cron.present:

    - name: bash /mnt/repo-base/scripts/ssl-renew.sh >> /mnt/repo-base/volumes/letsencrypt/letsencrypt-cron.log 2>&1

    - user: root

    - special: '@daily'

    - identifier: 'refresh-tls-certs'

/etc/docker/daemon.json:

  file.managed:

    - source: salt://docker-daemon.json

    - user: root

    - group: root

    - mode: 644

    - makedirs: True

file_client: local

minion_id_caching: false

file_roots:

    base:

      - /mnt/repo-base/deployment/salt/base