fix(snappymail): set admin password explicitly via PHP after container start

The SNAPPYMAIL_ADMIN_PASSWORD env var may not apply if the container started when data dir had wrong permissions. Now sets password directly via RainLoop PHP API after every deploy — idempotent and reliable. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-03-22 20:49:35 +07:00 · 2026-03-22 20:49:35 +07:00 · 1c16183bf5
commit 1c16183bf5
parent ebac7d807e
1 changed files with 21 additions and 0 deletions
--- a/roles/tools/tasks/main.yml
+++ b/roles/tools/tasks/main.yml
@ -147,6 +147,27 @@
    state: present
    pull: missing

+# ── SnappyMail admin password (set explicitly — env var may not apply on restart) ──
+- name: Wait for SnappyMail to be ready
+  ansible.builtin.command: docker exec snappymail wget -qO- http://127.0.0.1:8888
+  register: snappymail_ready
+  changed_when: false
+  retries: 12
+  delay: 5
+  until: snappymail_ready.rc == 0
+
+- name: Set SnappyMail admin password via PHP
+  ansible.builtin.shell: |
+    docker exec snappymail php -r "
+    require '/var/www/snappymail/index.php';
+    \$oConfig = \RainLoop\Api::Config();
+    \$oConfig->Set('security', 'admin_password', \RainLoop\Utils::PasswordHash('{{ snappymail_admin_password }}'));
+    \$oConfig->Save();
+    echo 'password set';
+    "
+  register: snappymail_pw
+  changed_when: "'password set' in snappymail_pw.stdout"
+
 # ── Mail accounts (idempotent: check host-side config file) ──────────────────
 - name: Wait for mailserver to be ready
  ansible.builtin.command: docker exec mailserver postfix status