attempt to fix shit

5 files changed, 15 insertions, 6 deletions

diff --git a/group_vars/all.yml b/group_vars/all.yml
index 8e21681..e89e9f1 100644
--- a/group_vars/all.yml
+++ b/group_vars/all.yml
@@ -4,7 +4,7 @@ dns_servers:
   - 1.1.1.1
   - 1.0.0.1
 dns_domains:
-  - ["mistymountainstherapy.com"]
+  - mistymountainstherapy.com
 dns_dnssec: true
 dns_stub_listener: false
 
diff --git a/playbooks/roles/borg/tasks/main.yml b/playbooks/roles/borg/tasks/main.yml
index fd3be99..037ecdd 100644
--- a/playbooks/roles/borg/tasks/main.yml
+++ b/playbooks/roles/borg/tasks/main.yml
@@ -16,6 +16,7 @@
     borg_group: "{{ borg_my_group }}"
     borgmatic_timer: cron
     borg_ssh_command: "ssh -o StrictHostKeyChecking=no -i {{ borg_ssh_key }}"
+    borgmatic_relocated_repo_access_is_ok: true
     borg_source_directories:
       "{{ base_files + (extra_files[inventory_hostname] | default([])) }}"
     borg_retention_policy:
diff --git a/playbooks/roles/docker/files/docker-compose@.service b/playbooks/roles/docker/files/docker-compose@.service
index bd8dedb..6a6314c 100644
--- a/playbooks/roles/docker/files/docker-compose@.service
+++ b/playbooks/roles/docker/files/docker-compose@.service
@@ -6,7 +6,7 @@ After=docker.service
 [Service]
 RemainAfterExit=true
 WorkingDirectory=/etc/docker/compose/%i
-ExecStartPre=/usr/bin/docker compose pull
+ExecStartPre=/bin/bash -c "/usr/bin/docker compose pull || /bin/test"
 ExecStart=/usr/bin/docker compose up --detach --remove-orphans
 ExecStop=/usr/bin/docker compose down
 Restart=always
diff --git a/playbooks/roles/mail/templates/docker-compose.yml.j2 b/playbooks/roles/mail/templates/docker-compose.yml.j2
index f122185..8f5d3ab 100644
--- a/playbooks/roles/mail/templates/docker-compose.yml.j2
+++ b/playbooks/roles/mail/templates/docker-compose.yml.j2
@@ -4,6 +4,10 @@ services:
   roundcube:
     image: roundcube/roundcubemail:latest
     restart: always
+    logging:
+      driver: "json-file"
+      options:
+          max-size: "200m"
     volumes:
       - ./docker-data/roundcube/www:/var/www/html
       - ./docker-data/roundcube/db/sqlite:/var/roundcube/db
@@ -21,8 +25,14 @@ services:
 
   mailserver:
     image: ghcr.io/docker-mailserver/docker-mailserver:latest
-    hostname: {{ mail_domain }}
+    hostname: {{ domain }}
+    logging:
+      driver: "json-file"
+      options:
+          max-size: "200m"
     restart: always
+    cap_add:
+      - NET_ADMIN
     ports:
       - 0.0.0.0:25:25
       - 0.0.0.0:465:465
@@ -67,5 +77,6 @@ services:
 
       - ENABLE_OAUTH2=1
       - OAUTH2_INTROSPECTION_URL={{ roundcube_oauth2_user_uri }}
+      - PERMIT_DOCKER=host #fix SPF fail by copying the IPv4 of the docker container into the postfix cfg
     extra_hosts:
       - {{ ldap_server }}:{{ ldap_intranet }}
diff --git a/playbooks/roles/wireguard-mesh/templates/mmtmesh.conf.j2 b/playbooks/roles/wireguard-mesh/templates/mmtmesh.conf.j2
index 634b20a..c206e2e 100644
--- a/playbooks/roles/wireguard-mesh/templates/mmtmesh.conf.j2
+++ b/playbooks/roles/wireguard-mesh/templates/mmtmesh.conf.j2
@@ -3,9 +3,6 @@ Address={{ wireguard_node_ips[inventory_hostname] }}/32
 ListenPort={{ wireguard_listen_port }}
 PrivateKey={{ wireguard_private_key.stdout }}
 SaveConfig=true
-{% if wireguard_node_ips[inventory_hostname] != '10.212.0.1' %}
-PostUp=ip route add 10.137.0.0/16 via 10.212.0.1 dev mmtmesh
-{% endif %}
 
 {% for peer in groups['wireguard-mesh'] %}
 {% if peer != inventory_hostname %}