fix vikunja

host_vars/vikunja.yaml

@@ -2,7 +2,11 @@
 ansible_host: vikunja.intra.tormakris.dev
 webserver:
   - domain: "vikunja.tormakristof.eu"
-    port: 8080
+    port: 8081
     bigrequests: false
     https: false
+    additionallocations:
+      - https: true
+        port: 8080
+        location: '~* ^/(api|dav|\.well-known)/'
 ...

roles/realmd/tasks/main.yaml

@@ -28,12 +28,12 @@
   ansible.builtin.set_fact:
     join_passw: "{{ lookup('env', 'JOIN_PASSW') }}"
   delegate_to: localhost
-  when: found in checkjoined and checkjoined.found == 0
+  when: checkjoined.found == 0
 
 - name: Join to AD with realmd
   ansible.builtin.shell:
     cmd: echo {{ join_passw }} | realm join -v -U tormakris_admin intra.tormakris.dev
-  when: found in checkjoined and checkjoined.found == 0
+  when: checkjoined.found == 0
 
 - name: Enable pam homedir create on first logon
   ansible.builtin.command:
@@ -53,7 +53,7 @@
     state: present
     path: /etc/sssd/sssd.conf
     line: "ad_gpo_access_control = disabled"
-  when: found in checkadgpoac and checkadgpoac.found == 0
+  when: checkadgpoac.found == 0
 
 - name: Check if ad_access_filter is set
   ansible.builtin.lineinfile:
@@ -69,7 +69,7 @@
     state: present
     path: /etc/sssd/sssd.conf
     line: "ad_access_filter = memberOf=CN=LinuxUsers,OU=Service Groups,DC=intra,DC=tormakris,DC=dev"
-  when: found in checkadaf and checkadaf.found == 0
+  when: checkadaf.found == 0
 
 - name: "Restart sssd"
   ansible.builtin.service:
@@ -90,5 +90,5 @@
     state: present
     path: /etc/sudoers
     line: "%linuxadmins@intra.tormakris.dev ALL=(ALL) NOPASSWD: ALL"
-  when: found in checksudoers and checksudoers.found == 0
+  when: checksudoers.found == 0
 ...

roles/webserver/templates/nginx.conf

@@ -65,16 +65,16 @@ http {
             return 301 https://$host$request_uri;
         }
 
-        {%- for server in webserver %}
+        {% for server in webserver %}
         server {
             listen 443 ssl http2;
             listen [::]:443 ssl http2;
             server_name {{ server.domain }};
             ssl_certificate /etc/letsencrypt/live/{{ server.domain }}/fullchain.pem;
             ssl_certificate_key /etc/letsencrypt/live/{{ server.domain }}/privkey.pem;
-            {% if server.bigrequests -%}
+            {% if server.bigrequests %}
             client_max_body_size    8G;
-            {% endif -%}
+            {% endif %}
             location /{
                 {% if server.https %}
                 proxy_pass  https://127.0.0.1:{{ server.port }};
@@ -100,7 +100,7 @@ http {
                 proxy_pass  http://127.0.0.1:{{ location.port }};
                 {% endif %}
             }
-            {% endfor -%}
+            {% endfor %}
             {% endif %}
         }