common/docker_dockerstats/templates/Dockerfile

-FROM node:14-alpine
+FROM node:19-alpine
 
 RUN apk update \
  && apk upgrade \

group_vars/test

+# Globale Variablen für alle produktiven Server
+
+
+# SMTP Settings 
+smtp_domain: enteentelos.com
+smtp_host: mailserver.enteentelos.com
+smtp_port: 587 
+noreply_email_user: noreply@enteentelos.com
+

host_vars/ogg

@@ -53,11 +53,24 @@ alert:
     crit: 4
   containers:
     - { name: "dockerstats_app_1" }    
+    - { name: "esphome_app_1" }    
+    - { name: "esphome-dev_app_1" }    
+    - { name: "fridgeserver_app_1" }    
+    - { name: "grafana_app_1" }    
+    - { name: "graylog_graylog_1" }    
+    - { name: "graylog_mongodb_1" }    
+    - { name: "graylog_opensearch_1" }    
+    - { name: "heimdall_app_1" }    
+    - { name: "homeassistant_app_1" }    
+    - { name: "homeassistant_influxdb_1" }    
     - { name: "mqtt_app_1" } 
     - { name: "mqtt_influxdb_1" } 
-    - { name: "mqtt_telegraf_1" } 
+    - { name: "mqtt_tgbinary_1" } 
+    - { name: "mqtt_tgfloat_1" } 
     - { name: "nodered_app_1" }
-    - { name: "unifi_app_1" }
+    - { name: "omada_app_1" }
+    - { name: "tasmoadmin_app_1" }
+    - { name: "traefik_app_1" }
   disks:
     - { mountpoint: "/", warn: "5 GB", crit: "1 GB" }
     - { mountpoint: "/srv", warn: "5 GB", crit: "1 GB" }

host_vars/webserver

@@ -33,8 +33,6 @@ webserver_domains:
   - "warpzone.ms"
   - "api.warpzone.ms"
 #  - "auth.warpzone.ms"
-  - "autodiscover.warpzone.ms"
-  - "autoconfig.warpzone.ms"
   - "gitlab.warpzone.ms"
   - "matrix.warpzone.ms"
   - "mailserver.warpzone.ms"
@@ -65,7 +63,6 @@ administratorenteam:
 docker:
   # Interne Docker-Netzwerke 
   internal_networks:
-    - mail
     - web
     
 # Monitoring aktivieren 
@@ -74,9 +71,6 @@ alert:
     warn: 8
     crit: 16
   containers:
-    - { name: "autodiscover_warpzonems_1" }
-    - { name: "autodiscover_lists_warpzonems_1" }
-    - { name: "autodiscover_member_warpzonems_1" }
     - { name: "dockerstats_app_1" }
     - { name: "dokuwiki_app_1" }
     - { name: "coturn_coturn_1" }
@@ -93,27 +87,20 @@ alert:
     - { name: "keycloak_sync-group-active_1" }
     - { name: "ldap_openldap_1" }
     - { name: "ldap_phpldapadmin_1" }
-    - { name: "mail_dovecot-mailcow_1" }
-    - { name: "mail_dockerapi-mailcow_1" }
-    - { name: "mail_ipv6nat-mailcow_1" }
-    - { name: "mail_mailman-core" }
-    - { name: "mail_mailman-db" }
-    - { name: "mail_mailman-nginx" }
-    - { name: "mail_mailman-web" }
-    - { name: "mail_memcached-mailcow_1" }
-    - { name: "mail_mysql-mailcow_1" }
-    - { name: "mail_netfilter-mailcow_1" }
-    - { name: "mail_nginx-mailcow_1" }
-    - { name: "mail_olefy-mailcow_1" }
-    - { name: "mail_ofelia-mailcow_1" }
-    - { name: "mail_postfix-mailcow_1" }
-    - { name: "mail_postfix-exporter_1" }
-    - { name: "mail_php-fpm-mailcow_1" }
-    - { name: "mail_redis-mailcow_1" }
-    - { name: "mail_rspamd-mailcow_1" }
-    - { name: "mail_traefik-certdumper_1" }    
-    - { name: "mail_unbound-mailcow_1" }
-    - { name: "mail_watchdog-mailcow_1" }
+    - { name: "mail_admin_1" }
+    - { name: "mail_antispam_1" }
+    - { name: "mail_certdumper_1" }
+    - { name: "mail_db_1" }
+    - { name: "mail_front_1" }
+    - { name: "mail_imap_1" }
+    - { name: "mail_oletools_1" }
+    - { name: "mail_redis_1" }
+    - { name: "mail_resolver_1" }
+    - { name: "mail_smtp_1" }
+    - { name: "mail_webmail_1" }
+    - { name: "mail_mailman-core_1" }
+    - { name: "mail_mailman-web_1" }
+    - { name: "mail_mailman-nginx_1" }
     - { name: "matterbridge_cw_1" }
     - { name: "matterbridge_wz_1" }
     - { name: "matterbridge_web_1" }

hosts

 
 # Nameskonvention für Server: Pratchett Name/Charaktere
 # Namensliste: https://wiki.lspace.org/List_of_Pratchett_characters
-# Nächste freie Namen: vimes, cake, colon, detritus, dibbler, dorfl, gaspode, quirm, cherry, nobby, ramkin, ron, shoe, slant, angua, vetinary, bursar, coin, dean, hex, hix, worblehat, luggage. mustrum, rincewind, wrangler, stibbons, whitlow  
+# Nächste freie Namen: vimes, cake, colon, detritus, dibbler, dorfl, gaspode, quirm, cherry, nobby, ramkin, ron, shoe, slant, angua, vetinary, bursar, coin, dean, worblehat, luggage. mustrum, rincewind, wrangler, stibbons, whitlow  
+
+[test]
 
 [prod]
 
-# Interner Server Warpzone 
-# Umgebaute Watchguard im Serverschrank 
-# https://wiki.warpzone.ms/intern:warpzone_internal_it_infrastructure#host_fuer_interne_dienste_watchguard_xtm_505
+# Interner Proxmox-Server
 # Für Verbindungen über den Webserver als Jumphost folgende Parameter ergänzen: 
 # ansible_ssh_common_args='-o ForwardAgent=yes -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o ProxyCommand="ssh -W %h:%p -q 159.69.57.51"'
-
-# Interner Proxmox-Server (neu ab 09-2022) 
 weatherwax   ansible_ssh_host=192.168.0.200
 
-# Server für interne Dienste (neu ab 09-2022)
+# Server für interne Dienste
 # Container auf dem internen Proxmox Server 
 # Wichtige Optionen: Nesting = Yes, keyctl = enabled
 ogg          ansible_ssh_host=192.168.0.201
@@ -44,4 +42,4 @@ hex         ansible_ssh_host=10.111.10.100
 # Virtueller Server für Infrastruktur-Dienste auf Veranstaltungen / Camps
 # Container auf dem warpzone.remote Proxmox-Server 
 # Wichtige Optionen: Nesting = Yes, keyctl = enabled
-hix         ansible_ssh_host=10.111.10.101
\ No newline at end of file
+hix         ansible_ssh_host=10.111.10.101

hosts.yml

+---
+# Nameskonvention für Server: Pratchett Name/Charaktere
+# Namensliste: https://wiki.lspace.org/List_of_Pratchett_characters
+# Nächste freie Namen: vimes, cake, colon, detritus, dibbler, dorfl, gaspode, quirm, cherry, nobby, ramkin, ron, shoe, slant, angua, vetinary, bursar, coin, dean, worblehat, luggage. mustrum, rincewind, wrangler, stibbons, whitlow  
+
+prod:
+  children:
+    pyhsical:
+      hosts:
+        # Interner Proxmox-Server
+        # Für Verbindungen über den Webserver als Jumphost folgende Parameter ergänzen: 
+        # ansible_ssh_common_args='-o ForwardAgent=yes -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o ProxyCommand="ssh -W %h:%p -q 159.69.57.51"'
+        weatherwax:
+          ansible_ssh_host: 192.168.0.200
+
+        # Externe Server Warpzone
+        # Öffentlicher Root Server Warpzone bei Hetzner
+        tiffany:
+          ansible_ssh_host: 159.69.57.15
+
+    vms:
+      children:
+        weatherwax:
+          hosts:
+            # Server für interne Dienste
+            # Container auf dem internen Proxmox Server
+            # Wichtige Optionen: Nesting = Yes, keyctl = enabled
+            ogg:
+              ansible_ssh_host: 192.168.0.201
+
+            # Server für VPN Verbindung zum Webserver
+            # Container auf dem internen Proxmox Server
+            # Wichtige Optionen: Nesting = Yes, keyctl = enabled
+            carrot:
+              ansible_ssh_host: 192.168.0.202
+
+        tiffany:
+          hosts:
+            # Öffentlicher Webserver Warpzone
+            # VM auf Tiffany
+            webserver:
+              ansible_ssh_host: 159.69.57.51
+
+            # Vorstands-VM
+            # VM auf Tiffany
+            # Auch erreichbar unter verwaltung.warpzone.ms
+            verwaltung:
+              ansible_ssh_host: 195.201.179.60
+
+event:
+  children:
+    physical:
+      hosts:
+        # Physischer Server für Veranstaltungen / Camps
+        # warpzone.remote Proxmox-Server
+        hex:
+          ansible_ssh_host: 10.111.10.100
+
+    vms:
+      hosts:
+        # Virtueller Server für Infrastruktur-Dienste auf Veranstaltungen / Camps
+        # Container auf dem warpzone.remote Proxmox-Server
+        # Wichtige Optionen: Nesting = Yes, keyctl = enabled
+        hix:
+          ansible_ssh_host: 10.111.10.101

intern/docker_fridgeserver/templates/htaccess

+<Files *.php>
+deny from all

intern/docker_grafana/templates/provisioning/dashboards/dashboards.yml

+apiVersion: 1
+
+providers:
+  # <string> an unique provider name
+- name: 'Pixelflut'
+  # <int> org id. will default to orgId 1 if not specified
+  # orgId: 1
+  # <string, required> name of the dashboard folder. Required
+  folder: 'Pixelflut'
+  # <string> folder UID. will be automatically generated if not specified
+  # folderUid: ''
+  # <string, required> provider type. Required
+  type: file
+  # <bool> disable dashboard deletion
+  # disableDeletion: false
+  # <bool> enable dashboard editing
+  editable: true
+  # <int> how often Grafana will scan for changed dashboards
+  updateIntervalSeconds: 10
+  # <bool> allow updating provisioned dashboards from the UI
+  allowUiUpdates: true
+  options:
+    # <string, required> path to dashboard files on disk. Required
+    path: /etc/grafana/provisioning/dashboards/pixelflut
+

intern/docker_grafana/templates/provisioning/datasources/datasources.yml

+
+apiVersion: 1
+
+datasources:
+
+  - name: MQTT_Flux
+    type: influxdb
+    access: proxy
+    url: http://{{ int_ip4 }}:{{ mqtt_influxdb_port }}
+    jsonData:
+      version: Flux
+      organization: mqtt
+      defaultBucket: mqtt
+      tlsSkipVerify: true
+    secureJsonData:
+      token: {{ influxdb_token }}
+
+  - name: MQTT_InfluxQL
+    type: influxdb
+    access: proxy
+    url: http://{{ int_ip4 }}:{{ mqtt_influxdb_port }}
+    # This database should be mapped to a bucket
+    database: mqtt
+    jsonData:
+      httpMode: GET
+      httpHeaderName1: 'Authorization'
+    secureJsonData:
+      httpHeaderValue1: 'Token {{ influxdb_token }}'
+
+{% if inventory_hostname == 'hix' %}
+
+  - name: Prometheus
+    type: prometheus
+    access: proxy
+    url: http://{{ int_ip4 }}:9090
+
+{% endif %}
+
+{% if inventory_hostname == 'ogg' %}
+
+  - name: Pixelflut
+    type: prometheus
+    access: proxy
+    url: http://pixelflut.warpzone.lan:9090
+    uuid: P0FAC05DE14135586
+
+{% endif %}

keyfiles/jabertwo.pub

-ecdsa-sha2-nistp384 AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzODQAAABhBCxsaY88ZP/bk15JNs2zzVbpG4S4uLYlzfMVlqSZQJVZ0t65vJMKp2yepp6BdOb2rAuXnhPX5zrFEP/A8idR0DFLR5kp6pvdKOeWToND3V763WXJvOutyoKIXPGSuEJF+Q== jabertwo
-ecdsa-sha2-nistp384 AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzODQAAABhBGR9N60F+0annoCi9cM+94jSxsw8KPgMf7GqKoFmxwpcDf6fd7Vc5sRQg0avnEg009D2nxihED0y2eTP2Tzn6eQQ/2LRXRfMCa+hRK99YYPUjpszH/y2bC2r/08CvcdeVA== jabertwo
+ecdsa-sha2-nistp384 AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzODQAAABhBCxsaY88ZP/bk15JNs2zzVbpG4S4uLYlzfMVlqSZQJVZ0t65vJMKp2yepp6BdOb2rAuXnhPX5zrFEP/A8idR0DFLR5kp6pvdKOeWToND3V763WXJvOutyoKIXPGSuEJF+Q== jabertwo-home
+ecdsa-sha2-nistp384 AAAAE2VjZHNhLXNoYTItbmlzdHAzODQAAAAIbmlzdHAzODQAAABhBGR9N60F+0annoCi9cM+94jSxsw8KPgMf7GqKoFmxwpcDf6fd7Vc5sRQg0avnEg009D2nxihED0y2eTP2Tzn6eQQ/2LRXRfMCa+hRK99YYPUjpszH/y2bC2r/08CvcdeVA== jabertwo-mob

site.yml

@@ -10,6 +10,9 @@
     - { role: all/common, tags: common }
     - { role: all/sysctl, tags: sysctl }
 
+##################################################
+# Test Server
+##################################################
 
 ##################################################
 # Produktive Server
@@ -26,6 +29,7 @@
   remote_user: root
   roles:
     - { role: common/proxmox, tags: proxmox }
+    - { role: common/prometheus-node, tags: prometheus-node }
     - { role: common/cronapt, tags: cronapt }
 
 
@@ -33,6 +37,7 @@
   remote_user: root
   roles:
     - { role: common/cronapt, tags: cronapt }
+    - { role: common/prometheus-node, tags: prometheus-node }
     - { role: common/wireguard, tags: wireguard }
 
 
@@ -159,11 +164,6 @@
         domain_default: "www.warpzone.ms", 
         matrix_federation: true
       }   
-    - { 
-        role: webserver/docker_autodiscover, tags: autodiscover,
-        servicename: autodiscover, 
-        basedir: /srv/autodiscover
-      }
     - { 
         role: webserver/docker_coturn, tags: coturn,
         servicename: "coturn",
@@ -202,10 +202,15 @@
       }
     - { 
         role: webserver/docker_mail, tags: mail, 
+        servicename: mail,
         basedir: /srv/mail, 
+        domain: "warpzone.ms",
+        mailserver: "mailserver.warpzone.ms",
+        listserver: "listserver.warpzone.ms"      
       }
     - { 
         role: webserver/docker_matterbridge, tags: matterbridge,
+        servicename: matterbridge,
         basedir: /srv/matterbridge, 
         domain: "www.warpzone.ms" 
       }

webserver/docker_autodiscover/tasks/main.yml

----
-
-- name: "create folder struct for {{ servicename }}"
-  file:
-    path: "{{ item }}"
-    state: "directory"
-  with_items:
-    - "{{ basedir }}"
-
-
-- name: deploy {{ servicename }} config
-  template:
-    dest:  "{{ basedir }}/{{ item }}"
-    src: "{{ item }}"
-  with_items:
-    - docker-compose.yml
-  register: config
-
-
-# Start containers
-- name: "stop {{ servicename }} docker"
-  docker_compose:
-    project_src: "{{ basedir }}"
-    state: absent
-  when: config.changed
-
-
-- name: "start {{ servicename }} docker"
-  docker_compose:
-    project_src: "{{ basedir }}"
-    state: present
-

webserver/docker_autodiscover/templates/docker-compose.yml

-version: '2.1'
-
-services:
-
-{% for domain in mail_domains %}
-
-  {{ domain }}:
-    image: monogramm/autodiscover-email-settings:1.4.0
-    restart: always
-    environment:
-      - DOMAIN={{ mail_domains[domain].maildomain }}
-      - IMAP_HOST={{ mail_domains[domain].mxserver }}
-      - IMAP_PORT=993
-      - IMAP_SOCKET=SSL
-      - POP_HOST={{ mail_domains[domain].mxserver }}
-      - POP_PORT=995
-      - POP_SOCKET=SSL
-      - SMTP_HOST={{ mail_domains[domain].mxserver }}
-      - SMTP_PORT=587
-      - SMTP_SOCKET=STARTTLS
-    labels:
-      - traefik.enable=true
-      - traefik.http.routers.{{ servicename }}-{{ domain }}.rule=Host(`autodiscover.{{ mail_domains[domain].maildomain }}`) || Host(`autoconfig.{{ mail_domains[domain].maildomain }}`)
-      - traefik.http.routers.{{ servicename }}-{{ domain }}.entrypoints=websecure
-      - traefik.http.services.{{ servicename }}-{{ domain }}.loadbalancer.server.port=8000
-    networks:
-      - default 
-      - web
-
-{% endfor %}
-
-networks:
-  web:
-    external: true
-

webserver/docker_dokuwiki/templates/docker-compose.yml

@@ -3,6 +3,7 @@ version: "3"
 services:
 
   app:
+    # values set in configuration: noreply_email_user - noreply_email_pass - smtp_host - smtp_port 
     build: .
     image: "dokuwiki--{{ ansible_date_time.date }}--{{ ansible_date_time.hour }}-{{ ansible_date_time.minute }}-{{ ansible_date_time.second }}"
     restart: always
@@ -16,11 +17,8 @@ services:
       - traefik.http.services.{{ servicename }}.loadbalancer.server.port=80      
     networks:
       - default      
-      - mail
       - web  
-
+    
 networks:
-  mail:
-    external: true    
   web:
     external: true    

webserver/docker_gitlab/templates/conf/gitlab.rb

@@ -116,8 +116,8 @@ gitlab_rails['gitlab_email_enabled'] = true
 # gitlab_rails['gitlab_email_smime_key_file'] = '/etc/gitlab/ssl/gitlab_smime.key'
 # gitlab_rails['gitlab_email_smime_cert_file'] = '/etc/gitlab/ssl/gitlab_smime.crt'
 # gitlab_rails['gitlab_email_smime_ca_certs_file'] = '/etc/gitlab/ssl/gitlab_smime_cas.crt'
-gitlab_rails['gitlab_email_from'] = '{{ noreply_email_user }}'
-gitlab_rails['gitlab_email_display_name'] = 'Gitlab Warpzone'
+gitlab_rails['gitlab_email_from'] = 'gitlab@{{ smtp_domain }}'
+gitlab_rails['gitlab_email_display_name'] = 'Warpzone Gitlab'
 gitlab_rails['gitlab_email_reply_to'] = '{{ noreply_email_user }}'
 
 ### GitLab user privileges

webserver/docker_keycloak/tasks/main.yml

@@ -2,6 +2,7 @@
 
 - include_tasks: ../functions/get_secret.yml
   with_items:
+   - { path: /srv/shared/noreply_email_pass, length: -1 } 
    - { path: /srv/keycloak/keycloak_admin_pass,  length: 32 }
    - { path: /srv/keycloak/postgres_user_pass,  length: 24 }
 

webserver/docker_keycloak/templates/docker-compose.yml

@@ -6,7 +6,7 @@ services:
 
 
   app:
-
+    # values set in configuration: noreply_email_user - noreply_email_pass - smtp_host - smtp_port 
     image: jboss/keycloak:16.1.1
     restart: always
     depends_on:
@@ -31,7 +31,6 @@ services:
       - traefik.http.services.{{ servicename }}.loadbalancer.server.port=8080
     networks:
       - default
-      - mail
       - web
 
 
@@ -64,7 +63,5 @@ services:
 
 
 networks:
-  mail:
-    external: true
   web:
     external: true

webserver/docker_mail/defaults/main.yaml

----
-servicename: mail
-basedir: /srv/mail

webserver/docker_mail/tasks/main.yaml

@@ -2,21 +2,23 @@
 
 - include_tasks: ../functions/get_secret.yml
   with_items:
-   - { path: "{{ basedir }}/secrets/mailcow_admin_pass",  length: 28 }
-   - { path: "{{ basedir }}/secrets/mysql_mailcow_pass",  length: 28 }
-   - { path: "{{ basedir }}/secrets/mysql_root_pass",     length: 28 }
-   # mailman
+   - { path: "{{ basedir }}/secrets/mailu_secret_key",  length: 32 }
+   - { path: "{{ basedir }}/secrets/mailu_admin_pass",  length: 32 }
+   - { path: "{{ basedir }}/secrets/mailu_api_token",  length: 32 }
+   - { path: "{{ basedir }}/secrets/mailu_db_pass",  length: 28 }
+   - { path: "{{ basedir }}/secrets/roundcube_db_pass",  length: 28 }
    - { path: "{{ basedir }}/secrets/hyperkitty_api_key",  length: 28 }
-   - { path: "{{ basedir }}/secrets/postgres_mailman_pass",  length: 28 }
+   - { path: "{{ basedir }}/secrets/mailman_db_pass",  length: 28 }
    - { path: "{{ basedir }}/secrets/mailman_secret_key",  length: 28 }
    - { path: "{{ basedir }}/secrets/mailman_restapi_pass",  length: 28 }
+   - { path: "{{ basedir }}/secrets/mysql_root_pass",  length: 28 }
 
 
-- name: pakete installieren
-  apt:
-    pkg: ['git', 'logrotate', 'openssl']
-    update_cache: no
-    state: present
+# - name: pakete installieren
+#   apt:
+#     pkg: ['logrotate']
+#     update_cache: no
+#     state: present
 
 
 - name: "create folder struct for {{ servicename }}"
@@ -26,139 +28,78 @@
   with_items:
     - "{{ basedir }}"
     - "{{ basedir }}/secrets"
-    # mailcow
-    - "{{ basedir }}/data/mysql"
-    - "{{ basedir }}/data/mysql-socket"
-    - "{{ basedir }}/data/redis"
-    - "{{ basedir }}/data/rspamd"
-    - "{{ basedir }}/data/solr"
-    - "{{ basedir }}/data/postfix"
-    - "{{ basedir }}/data/sogo-web"
-    - "{{ basedir }}/data/sogo-userdata-backup"
-    - "{{ basedir }}/data/xmpp-vol-1"
-    - "{{ basedir }}/data/xmpp-upload-vol-1"
-    # mailmann
-    - "{{ basedir }}/data/mailman-core"
-    - "{{ basedir }}/data/mailman-core/var"
-    - "{{ basedir }}/data/mailman-core/var/data"
-    - "{{ basedir }}/data/mailman-web"
-    - "{{ basedir }}/data/mailman-postgres"
-
-
-- name: "create folder struct for {{ servicename }} with rights"
-  file:
-    path: "{{ item }}"
-    state: "directory"
-    owner: "5000"
-    group: "5000"
-    mode: "ugo+rwx"
-  with_items:
-  - "{{ basedir }}/data/crypt"
-  - "{{ basedir }}/data/vmail"
-  - "{{ basedir }}/data/vmail-index"
-
-
-- name: check if git dir exists
-  stat:
-    path: "{{ basedir }}/mailcow-dockerized/.git"
-  register: mailcow_dotgit
-
-- name: revert main.cf to avoid local changes
-  command: "git checkout data/conf/postfix/main.cf"
-  args:
-    chdir: "{{ basedir }}/mailcow-dockerized"
-  when: mailcow_dotgit.stat.exists == True
-
-
-- name: Git checkout mailcow
-  git:
-    repo: 'https://github.com/mailcow/mailcow-dockerized.git'
-    dest: "{{ basedir }}/mailcow-dockerized"
-    version: d6a3094bcc8b3d748994978ca7e274301b39e583
-    # current version 2021-05-18
-
-
-- name: Git checkout mailman-dockerized
-  git:
-    repo: 'https://github.com/maxking/docker-mailman.git'
-    dest: "{{ basedir }}/docker-mailman"
-    version: v0.4.4
-    # current version 2020-03-15
-
-
-- name: "create folder struct for {{ servicename }} 3"
-  file:
-    path: "{{ item }}"
-    state: "directory"
-  with_items:
-    - "{{ basedir }}/mailcow-dockerized/data/assets/ssl/"
-
-
-- name: check if DH Params exists
-  stat:
-    path: "{{ basedir }}/mailcow-dockerized/data/assets/ssl/dhparams.pem"
-  register: dhparams
-
-- name: generate new DH Params
-  command: "openssl dhparam -out {{ basedir }}/mailcow-dockerized/data/assets/ssl/dhparams.pem 2048"
-  when: dhparams.stat.exists == False
-
-
-- name: deploy mailcow config files
-  template:
-    dest:  "{{ basedir }}/{{ item }}"
-    src: "{{ item }}"
-    mode: 0644
-  with_items:
-    - mailcow-dockerized/mailcow.conf
-    - mailcow-dockerized/docker-compose.override.yml
-    - mailcow-dockerized/data/conf/postfix/extra.cf
-  register: config_mailcow
-
-
-- name: deploy mailman config files
+    - "{{ basedir }}/db"
+    - "{{ basedir }}/db-init"
+    - "{{ basedir }}/mailu"
+    - "{{ basedir }}/mailu/overrides"
+    - "{{ basedir }}/mailu/overrides/postfix"
+    - "{{ basedir }}/mailman-core"
+    - "{{ basedir }}/mailman-core/var"
+    - "{{ basedir }}/mailman-core/var/data"
+    - "{{ basedir }}/mailman-web"
+#    - "{{ basedir }}/mailman-db"
+
+
+# - name: "create folder struct for {{ servicename }} with rights"
+#   file:
+#     path: "{{ item }}"
+#     state: "directory"
+#     owner: "5000"
+#     group: "5000"
+#     mode: "ugo+rwx"
+#   with_items:
+#   - "{{ basedir }}/data/crypt"
+#   - "{{ basedir }}/data/vmail"
+#   - "{{ basedir }}/data/vmail-index"
+
+
+
+- name: "deploy {{ servicename }} config files"
   template:
     dest:  "{{ basedir }}/{{ item }}"
     src: "{{ item }}"
     mode: 0644
   with_items:
-    - docker-mailman/docker-compose.override.yml
-    - docker-mailman/nginx.conf
-    - data/mailman-core/mailman-extra.cfg
-    - data/mailman-web/settings_local.py
-  register: config_mailman
-
-
-- name: deploy LogRotate configs
-  template:
-    src: "logrotate/{{item}}"
-    dest: "/etc/logrotate.d/{{item}}"
-  with_items:
-    - mailman-core
-    - mailman-web
-
-
-# Start mailcow containers
-- name: "stop {{ servicename }} (mailcow) docker"
+    - docker-compose.yml
+    - mailu.env
+    - mailman.env
+    - mailman-nginx.conf
+    - db-init/mailman.sql
+    - db-init/roundcube.sql
+    - mailu/overrides/postfix/postfix.cf
+  register: config
+
+
+# - name: deploy LogRotate configs
+#   template:
+#     src: "logrotate/{{item}}"
+#     dest: "/etc/logrotate.d/{{item}}"
+#   with_items:
+#     - mailman-core
+#     - mailman-web
+
+
+# Start containers
+- name: "stop {{ servicename }} docker"
   docker_compose:
-    project_src: "{{ basedir }}/mailcow-dockerized"
+    project_src: "{{ basedir }}"
     state: absent
-  when: config_mailcow.changed
+  when: config.changed
 
-- name: "start {{ servicename }} (mailcow) docker"
+- name: "start {{ servicename }} docker"
   docker_compose:
-    project_src: "{{ basedir }}/mailcow-dockerized"
+    project_src: "{{ basedir }}"
     state: present
 
 
 # Start mailman containers
-- name: "stop {{ servicename }} (mailman) docker"
-  docker_compose:
-    project_src: "{{ basedir }}/docker-mailman"
-    state: absent
-  when: config_mailcow.changed
-
-- name: "start {{ servicename }} (mailman) docker"
-  docker_compose:
-    project_src: "{{ basedir }}/docker-mailman"
-    state: present
+# - name: "stop {{ servicename }} (mailman) docker"
+#   docker_compose:
+#     project_src: "{{ basedir }}/docker-mailman"
+#     state: absent
+#   when: config_mailcow.changed
+
+# - name: "start {{ servicename }} (mailman) docker"
+#   docker_compose:
+#     project_src: "{{ basedir }}/docker-mailman"
+#     state: present