From 009bee531b37c5eb7e4b4b85a46a659b9c4af9e8 Mon Sep 17 00:00:00 2001 From: Kevin Veen-Birkenbach Date: Fri, 29 Aug 2025 14:38:20 +0200 Subject: [PATCH] Refactor role naming for TLS and proxy stack MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - Renamed role `srv-tls-core` → `sys-svc-certs` - Renamed role `srv-https-stack` → `sys-stk-front-pure` - Renamed role `sys-stk-front` → `sys-stk-front-proxy` - Updated all includes, READMEs, meta, and dependent roles accordingly This improves clarity and consistency of naming conventions for certificate management and proxy orchestration. See: https://chatgpt.com/share/68b19f2c-22b0-800f-ba9b-3f2c8fd427b0 --- roles/srv-composer/README.md | 4 ++-- roles/srv-composer/tasks/main.yml | 4 ++-- roles/srv-proxy-core/README.md | 2 +- roles/srv-proxy-core/tasks/main.yml | 2 +- roles/{sys-stk-front => sys-stk-front-proxy}/README.md | 4 ++-- .../defaults/main.yml | 0 .../{sys-stk-front => sys-stk-front-proxy}/meta/main.yml | 0 .../tasks/01_cloudflare.yml | 0 .../tasks/cloudflare/01_cleanup.yml | 0 .../tasks/cloudflare/02_enable_cf_dev_mode.yml | 0 .../{sys-stk-front => sys-stk-front-proxy}/tasks/main.yml | 2 +- .../{sys-stk-front => sys-stk-front-proxy}/vars/main.yml | 0 roles/{srv-https-stack => sys-stk-front-pure}/README.md | 4 ++-- .../{srv-https-stack => sys-stk-front-pure}/meta/main.yml | 0 .../tasks/main.yml | 2 +- roles/sys-stk-full-stateful/README.md | 2 +- roles/sys-stk-full-stateful/meta/main.yml | 2 +- roles/sys-stk-full-stateful/tasks/main.yml | 4 ++-- roles/sys-stk-full-stateless/README.md | 2 +- roles/sys-stk-full-stateless/meta/main.yml | 2 +- roles/sys-stk-full-stateless/tasks/main.yml | 4 ++-- roles/{srv-tls-core => sys-svc-certs}/README.md | 0 roles/{srv-tls-core => sys-svc-certs}/meta/main.yml | 0 .../tasks/flavors/_san.yml | 0 .../tasks/flavors/dedicated.yml | 0 .../{srv-tls-core => sys-svc-certs}/tasks/flavors/san.yml | 0 .../tasks/flavors/wildcard.yml | 0 roles/{srv-tls-core => sys-svc-certs}/tasks/main.yml | 8 ++++---- roles/web-app-bluesky/tasks/main.yml | 4 ++-- roles/web-app-elk/tasks/main.yml | 4 ++-- roles/web-app-fusiondirectory/README.md | 2 +- roles/web-app-joomla/tasks/main.yml | 4 ++-- roles/web-app-mastodon/tasks/main.yml | 2 +- roles/web-app-matrix/tasks/03_webserver.yml | 4 ++-- roles/web-app-taiga/README.md | 2 +- roles/web-app-wordpress/tasks/main.yml | 4 ++-- roles/web-opt-rdr-domains/README.md | 2 +- roles/web-opt-rdr-domains/tasks/main.yml | 6 +++--- roles/web-opt-rdr-domains/tasks/redirect-domain.yml | 2 +- roles/web-svc-cdn/tasks/01_core.yml | 2 +- roles/web-svc-file/tasks/main.yml | 2 +- roles/web-svc-html/tasks/main.yml | 2 +- 42 files changed, 45 insertions(+), 45 deletions(-) rename roles/{sys-stk-front => sys-stk-front-proxy}/README.md (89%) rename roles/{sys-stk-front => sys-stk-front-proxy}/defaults/main.yml (100%) rename roles/{sys-stk-front => sys-stk-front-proxy}/meta/main.yml (100%) rename roles/{sys-stk-front => sys-stk-front-proxy}/tasks/01_cloudflare.yml (100%) rename roles/{sys-stk-front => sys-stk-front-proxy}/tasks/cloudflare/01_cleanup.yml (100%) rename roles/{sys-stk-front => sys-stk-front-proxy}/tasks/cloudflare/02_enable_cf_dev_mode.yml (100%) rename roles/{sys-stk-front => sys-stk-front-proxy}/tasks/main.yml (95%) rename roles/{sys-stk-front => sys-stk-front-proxy}/vars/main.yml (100%) rename roles/{srv-https-stack => sys-stk-front-pure}/README.md (91%) rename roles/{srv-https-stack => sys-stk-front-pure}/meta/main.yml (100%) rename roles/{srv-https-stack => sys-stk-front-pure}/tasks/main.yml (79%) rename roles/{srv-tls-core => sys-svc-certs}/README.md (100%) rename roles/{srv-tls-core => sys-svc-certs}/meta/main.yml (100%) rename roles/{srv-tls-core => sys-svc-certs}/tasks/flavors/_san.yml (100%) rename roles/{srv-tls-core => sys-svc-certs}/tasks/flavors/dedicated.yml (100%) rename roles/{srv-tls-core => sys-svc-certs}/tasks/flavors/san.yml (100%) rename roles/{srv-tls-core => sys-svc-certs}/tasks/flavors/wildcard.yml (100%) rename roles/{srv-tls-core => sys-svc-certs}/tasks/main.yml (90%) diff --git a/roles/srv-composer/README.md b/roles/srv-composer/README.md index 439c90b1..637c7557 100644 --- a/roles/srv-composer/README.md +++ b/roles/srv-composer/README.md @@ -4,7 +4,7 @@ This Ansible role composes and orchestrates all necessary HTTPS-layer tasks and 1. **`sys-srv-web-inj-compose`** Injects global HTML snippets (CSS, Matomo tracking, iFrame notifier, custom JavaScript) into responses using Nginx `sub_filter`. -2. **`srv-tls-core`** +2. **`sys-svc-certs`** Handles issuing, renewing, and managing TLS certificates via ACME/Certbot. By combining encryption setup with content enhancements, this role streamlines domain provisioning for secure, fully-featured HTTP/HTTPS delivery. @@ -16,7 +16,7 @@ By combining encryption setup with content enhancements, this role streamlines d * **Content Injection** Adds global theming, analytics, and custom scripts before `` and tracking noscript tags before ``. * **Certificate Management** - Automates cert issuance and renewal via `srv-tls-core`. + Automates cert issuance and renewal via `sys-svc-certs`. * **Idempotent Workflow** Ensures each component runs only once per domain. * **Simplified Playbooks** diff --git a/roles/srv-composer/tasks/main.yml b/roles/srv-composer/tasks/main.yml index 4cf02f06..c5447e78 100644 --- a/roles/srv-composer/tasks/main.yml +++ b/roles/srv-composer/tasks/main.yml @@ -4,6 +4,6 @@ include_role: name: sys-srv-web-inj-compose -- name: "include role srv-tls-core for '{{ domain }}'" +- name: "include role sys-svc-certs for '{{ domain }}'" include_role: - name: srv-tls-core + name: sys-svc-certs diff --git a/roles/srv-proxy-core/README.md b/roles/srv-proxy-core/README.md index c7bbc764..fa1ea4cd 100644 --- a/roles/srv-proxy-core/README.md +++ b/roles/srv-proxy-core/README.md @@ -16,7 +16,7 @@ The goal of this role is to deliver a **hassle-free, production-ready reverse pr ## Features -- **Automatic TLS & HSTS** — integrates with the *srv-https-stack* role for certificate management. +- **Automatic TLS & HSTS** — integrates with the *sys-stk-front-pure* role for certificate management. - **Flexible vHost templates** — *basic* and *ws_generic* flavours cover standard HTTP and WebSocket applications. - **Security headers** — sensible defaults plus optional X-Frame-Options / CSP based on application settings. - **WebSocket & HTTP/2 aware** — upgrades, keep-alive tuning, and gzip already configured. diff --git a/roles/srv-proxy-core/tasks/main.yml b/roles/srv-proxy-core/tasks/main.yml index db3bc09e..4ad8eb7f 100644 --- a/roles/srv-proxy-core/tasks/main.yml +++ b/roles/srv-proxy-core/tasks/main.yml @@ -3,7 +3,7 @@ include_role: name: '{{ item }}' loop: - - srv-https-stack + - sys-stk-front-pure - srv-core - include_tasks: utils/run_once.yml when: run_once_srv_proxy_core is not defined diff --git a/roles/sys-stk-front/README.md b/roles/sys-stk-front-proxy/README.md similarity index 89% rename from roles/sys-stk-front/README.md rename to roles/sys-stk-front-proxy/README.md index 7c6e1543..5effc606 100644 --- a/roles/sys-stk-front/README.md +++ b/roles/sys-stk-front-proxy/README.md @@ -6,10 +6,10 @@ This role bootstraps **per-domain Nginx configuration**: it requests TLS certifi ## Overview -A higher-level orchestration wrapper, *sys-stk-front* ties together several lower-level roles: +A higher-level orchestration wrapper, *sys-stk-front-proxy* ties together several lower-level roles: 1. **`sys-srv-web-inj-compose`** – applies global tweaks and includes. -2. **`srv-tls-core`** – obtains Let’s Encrypt certificates. +2. **`sys-svc-certs`** – obtains Let’s Encrypt certificates. 3. **Domain template deployment** – copies a Jinja2 vHost from *srv-proxy-core*. 4. **`web-app-oauth2-proxy`** *(optional)* – protects the site with OAuth2. diff --git a/roles/sys-stk-front/defaults/main.yml b/roles/sys-stk-front-proxy/defaults/main.yml similarity index 100% rename from roles/sys-stk-front/defaults/main.yml rename to roles/sys-stk-front-proxy/defaults/main.yml diff --git a/roles/sys-stk-front/meta/main.yml b/roles/sys-stk-front-proxy/meta/main.yml similarity index 100% rename from roles/sys-stk-front/meta/main.yml rename to roles/sys-stk-front-proxy/meta/main.yml diff --git a/roles/sys-stk-front/tasks/01_cloudflare.yml b/roles/sys-stk-front-proxy/tasks/01_cloudflare.yml similarity index 100% rename from roles/sys-stk-front/tasks/01_cloudflare.yml rename to roles/sys-stk-front-proxy/tasks/01_cloudflare.yml diff --git a/roles/sys-stk-front/tasks/cloudflare/01_cleanup.yml b/roles/sys-stk-front-proxy/tasks/cloudflare/01_cleanup.yml similarity index 100% rename from roles/sys-stk-front/tasks/cloudflare/01_cleanup.yml rename to roles/sys-stk-front-proxy/tasks/cloudflare/01_cleanup.yml diff --git a/roles/sys-stk-front/tasks/cloudflare/02_enable_cf_dev_mode.yml b/roles/sys-stk-front-proxy/tasks/cloudflare/02_enable_cf_dev_mode.yml similarity index 100% rename from roles/sys-stk-front/tasks/cloudflare/02_enable_cf_dev_mode.yml rename to roles/sys-stk-front-proxy/tasks/cloudflare/02_enable_cf_dev_mode.yml diff --git a/roles/sys-stk-front/tasks/main.yml b/roles/sys-stk-front-proxy/tasks/main.yml similarity index 95% rename from roles/sys-stk-front/tasks/main.yml rename to roles/sys-stk-front-proxy/tasks/main.yml index 02b75669..0c8aaf74 100644 --- a/roles/sys-stk-front/tasks/main.yml +++ b/roles/sys-stk-front-proxy/tasks/main.yml @@ -4,7 +4,7 @@ name: srv-proxy-core when: run_once_srv_proxy_core is not defined - include_tasks: utils/run_once.yml - when: run_once_sys_stk_front is not defined + when: run_once_sys_stk_front_proxy is not defined - include_tasks: "01_cloudflare.yml" when: DNS_PROVIDER == "cloudflare" diff --git a/roles/sys-stk-front/vars/main.yml b/roles/sys-stk-front-proxy/vars/main.yml similarity index 100% rename from roles/sys-stk-front/vars/main.yml rename to roles/sys-stk-front-proxy/vars/main.yml diff --git a/roles/srv-https-stack/README.md b/roles/sys-stk-front-pure/README.md similarity index 91% rename from roles/srv-https-stack/README.md rename to roles/sys-stk-front-pure/README.md index 717659d1..7d8931f4 100644 --- a/roles/srv-https-stack/README.md +++ b/roles/sys-stk-front-pure/README.md @@ -1,7 +1,7 @@ # Webserver HTTPS Provisioning 🚀 ## Description -The **srv-https-stack** role extends a basic Nginx installation by wiring in everything you need to serve content over HTTPS: +The **sys-stk-front-pure** role extends a basic Nginx installation by wiring in everything you need to serve content over HTTPS: 1. Ensures your Nginx server is configured for SSL/TLS. 2. Pulls in Let’s Encrypt ACME challenge handling. @@ -13,7 +13,7 @@ This role is built on top of your existing `srv-core` role, and it automates the ## Overview -When you apply **srv-https-stack**, it will: +When you apply **sys-stk-front-pure**, it will: 1. **Include** the `srv-core` role to install and configure Nginx. 2. **Clean up** any stale vHost files under `sys-svc-cln-domains`. diff --git a/roles/srv-https-stack/meta/main.yml b/roles/sys-stk-front-pure/meta/main.yml similarity index 100% rename from roles/srv-https-stack/meta/main.yml rename to roles/sys-stk-front-pure/meta/main.yml diff --git a/roles/srv-https-stack/tasks/main.yml b/roles/sys-stk-front-pure/tasks/main.yml similarity index 79% rename from roles/srv-https-stack/tasks/main.yml rename to roles/sys-stk-front-pure/tasks/main.yml index 1f2ca2b0..3d14c177 100644 --- a/roles/srv-https-stack/tasks/main.yml +++ b/roles/sys-stk-front-pure/tasks/main.yml @@ -7,4 +7,4 @@ - sys-svc-cln-domains - srv-letsencrypt - include_tasks: utils/run_once.yml - when: run_once_srv_https_stack is not defined + when: run_once_sys_stk_front_pure is not defined diff --git a/roles/sys-stk-full-stateful/README.md b/roles/sys-stk-full-stateful/README.md index 4f859169..5e074219 100644 --- a/roles/sys-stk-full-stateful/README.md +++ b/roles/sys-stk-full-stateful/README.md @@ -8,4 +8,4 @@ This role builds on `sys-stk-back-stateful` by adding a reverse-proxy frontend f Leverages the `sys-stk-back-stateful` role to stand up your containerized database (PostgreSQL, MariaDB, etc.) with backups and user management. - **Reverse Proxy** - Includes the `sys-stk-front` role to configure a proxy (e.g. nginx) for routing HTTP(S) traffic to your database UI or management endpoint. \ No newline at end of file + Includes the `sys-stk-front-proxy` role to configure a proxy (e.g. nginx) for routing HTTP(S) traffic to your database UI or management endpoint. \ No newline at end of file diff --git a/roles/sys-stk-full-stateful/meta/main.yml b/roles/sys-stk-full-stateful/meta/main.yml index 1f39ec9d..a06ab210 100644 --- a/roles/sys-stk-full-stateful/meta/main.yml +++ b/roles/sys-stk-full-stateful/meta/main.yml @@ -1,7 +1,7 @@ galaxy_info: author: "Kevin Veen-Birkenbach" description: > - Extends sys-stk-back-stateful by adding an HTTP reverse proxy via sys-stk-front. + Extends sys-stk-back-stateful by adding an HTTP reverse proxy via sys-stk-front-proxy. company: | Kevin Veen-Birkenbach Consulting & Coaching Solutions diff --git a/roles/sys-stk-full-stateful/tasks/main.yml b/roles/sys-stk-full-stateful/tasks/main.yml index a583cbfd..e9d70260 100644 --- a/roles/sys-stk-full-stateful/tasks/main.yml +++ b/roles/sys-stk-full-stateful/tasks/main.yml @@ -4,9 +4,9 @@ vars: handler_role_name: "svc-prx-openresty" -- name: "For '{{ application_id }}': include role sys-stk-front" +- name: "For '{{ application_id }}': include role sys-stk-front-proxy" include_role: - name: sys-stk-front + name: sys-stk-front-proxy vars: domain: "{{ domains | get_domain(application_id) }}" http_port: "{{ ports.localhost.http[application_id] }}" diff --git a/roles/sys-stk-full-stateless/README.md b/roles/sys-stk-full-stateless/README.md index 7fe1ee98..3bd52dc9 100644 --- a/roles/sys-stk-full-stateless/README.md +++ b/roles/sys-stk-full-stateless/README.md @@ -8,4 +8,4 @@ This role combines the standard Docker Compose setup with a reverse-proxy for an Brings up containers, networks, and volumes via the `docker-compose` role. - **Reverse Proxy** - Uses the `sys-stk-front` role to expose your application under a custom domain and port. + Uses the `sys-stk-front-proxy` role to expose your application under a custom domain and port. diff --git a/roles/sys-stk-full-stateless/meta/main.yml b/roles/sys-stk-full-stateless/meta/main.yml index 7afaf086..7c30c6fa 100644 --- a/roles/sys-stk-full-stateless/meta/main.yml +++ b/roles/sys-stk-full-stateless/meta/main.yml @@ -1,7 +1,7 @@ galaxy_info: author: "Kevin Veen-Birkenbach" description: > - Combines the docker-compose role with sys-stk-front to + Combines the docker-compose role with sys-stk-front-proxy to deploy applications behind a reverse proxy. company: | Kevin Veen-Birkenbach diff --git a/roles/sys-stk-full-stateless/tasks/main.yml b/roles/sys-stk-full-stateless/tasks/main.yml index a57d3503..0cb99917 100644 --- a/roles/sys-stk-full-stateless/tasks/main.yml +++ b/roles/sys-stk-full-stateless/tasks/main.yml @@ -1,9 +1,9 @@ # run_once_sys_stk_full_stateless: deactivated # Load the proxy first, so that openresty handlers are flushed before the main docker compose -- name: "For '{{ application_id }}': include role sys-stk-front" +- name: "For '{{ application_id }}': include role sys-stk-front-proxy" include_role: - name: sys-stk-front + name: sys-stk-front-proxy vars: domain: "{{ domains | get_domain(application_id) }}" http_port: "{{ ports.localhost.http[application_id] }}" diff --git a/roles/srv-tls-core/README.md b/roles/sys-svc-certs/README.md similarity index 100% rename from roles/srv-tls-core/README.md rename to roles/sys-svc-certs/README.md diff --git a/roles/srv-tls-core/meta/main.yml b/roles/sys-svc-certs/meta/main.yml similarity index 100% rename from roles/srv-tls-core/meta/main.yml rename to roles/sys-svc-certs/meta/main.yml diff --git a/roles/srv-tls-core/tasks/flavors/_san.yml b/roles/sys-svc-certs/tasks/flavors/_san.yml similarity index 100% rename from roles/srv-tls-core/tasks/flavors/_san.yml rename to roles/sys-svc-certs/tasks/flavors/_san.yml diff --git a/roles/srv-tls-core/tasks/flavors/dedicated.yml b/roles/sys-svc-certs/tasks/flavors/dedicated.yml similarity index 100% rename from roles/srv-tls-core/tasks/flavors/dedicated.yml rename to roles/sys-svc-certs/tasks/flavors/dedicated.yml diff --git a/roles/srv-tls-core/tasks/flavors/san.yml b/roles/sys-svc-certs/tasks/flavors/san.yml similarity index 100% rename from roles/srv-tls-core/tasks/flavors/san.yml rename to roles/sys-svc-certs/tasks/flavors/san.yml diff --git a/roles/srv-tls-core/tasks/flavors/wildcard.yml b/roles/sys-svc-certs/tasks/flavors/wildcard.yml similarity index 100% rename from roles/srv-tls-core/tasks/flavors/wildcard.yml rename to roles/sys-svc-certs/tasks/flavors/wildcard.yml diff --git a/roles/srv-tls-core/tasks/main.yml b/roles/sys-svc-certs/tasks/main.yml similarity index 90% rename from roles/srv-tls-core/tasks/main.yml rename to roles/sys-svc-certs/tasks/main.yml index c4508433..fcabcbe2 100644 --- a/roles/srv-tls-core/tasks/main.yml +++ b/roles/sys-svc-certs/tasks/main.yml @@ -1,10 +1,10 @@ - block: - - name: Include dependency 'srv-https-stack' + - name: Include dependency 'sys-stk-front-pure' include_role: - name: srv-https-stack - when: run_once_srv_https_stack is not defined + name: sys-stk-front-pure + when: run_once_sys_stk_front_pure is not defined - include_tasks: utils/run_once.yml - when: run_once_srv_tls_core is not defined + when: run_once_sys_svc_certs is not defined - name: "Include flavor '{{ CERTBOT_FLAVOR }}' for '{{ domain }}'" include_tasks: "{{ [role_path, 'tasks/flavors', CERTBOT_FLAVOR ~'.yml'] | path_join }}" diff --git a/roles/web-app-bluesky/tasks/main.yml b/roles/web-app-bluesky/tasks/main.yml index 0cc942b3..50a1bb30 100644 --- a/roles/web-app-bluesky/tasks/main.yml +++ b/roles/web-app-bluesky/tasks/main.yml @@ -2,9 +2,9 @@ include_role: name: docker-compose -- name: "include role sys-stk-front for {{ application_id }}" +- name: "include role sys-stk-front-proxy for {{ application_id }}" include_role: - name: sys-stk-front + name: sys-stk-front-proxy vars: domain: "{{ item.domain }}" http_port: "{{ item.http_port }}" diff --git a/roles/web-app-elk/tasks/main.yml b/roles/web-app-elk/tasks/main.yml index 3bd3b84b..d0548f91 100644 --- a/roles/web-app-elk/tasks/main.yml +++ b/roles/web-app-elk/tasks/main.yml @@ -1,8 +1,8 @@ --- -- name: "include role sys-stk-front for {{ application_id }}" +- name: "include role sys-stk-front-proxy for {{ application_id }}" include_role: - name: sys-stk-front + name: sys-stk-front-proxy vars: domain: "{{ domains | get_domain(application_id) }}" http_port: "{{ ports.localhost.http[application_id] }}" diff --git a/roles/web-app-fusiondirectory/README.md b/roles/web-app-fusiondirectory/README.md index 5596889c..aa7c3779 100644 --- a/roles/web-app-fusiondirectory/README.md +++ b/roles/web-app-fusiondirectory/README.md @@ -9,7 +9,7 @@ This Ansible role deploys and configures [FusionDirectory](https://www.fusiondir - Loads and templating of FusionDirectory-specific variables - Generates a `.env` file for the container environment - Deploys the FusionDirectory container via Docker Compose -- Configures NGINX (via the `sys-stk-front` role) to expose the service +- Configures NGINX (via the `sys-stk-front-proxy` role) to expose the service - Integrates with your central LDAP server for authentication ## Features diff --git a/roles/web-app-joomla/tasks/main.yml b/roles/web-app-joomla/tasks/main.yml index d0f3a812..005d9ea2 100644 --- a/roles/web-app-joomla/tasks/main.yml +++ b/roles/web-app-joomla/tasks/main.yml @@ -1,7 +1,7 @@ --- -- name: "Include role sys-stk-front for {{ application_id }}" +- name: "Include role sys-stk-front-proxy for {{ application_id }}" include_role: - name: sys-stk-front + name: sys-stk-front-proxy loop: "{{ JOOMLA_DOMAINS }}" loop_control: loop_var: domain diff --git a/roles/web-app-mastodon/tasks/main.yml b/roles/web-app-mastodon/tasks/main.yml index 602778e8..a0096a66 100644 --- a/roles/web-app-mastodon/tasks/main.yml +++ b/roles/web-app-mastodon/tasks/main.yml @@ -1,7 +1,7 @@ --- - name: "Include setup for domain '{{ domain }}'" include_role: - name: sys-stk-front + name: sys-stk-front-proxy loop: "{{ domains['web-app-mastodon'] }}" loop_control: loop_var: domain diff --git a/roles/web-app-matrix/tasks/03_webserver.yml b/roles/web-app-matrix/tasks/03_webserver.yml index bfb77ef3..a9afe0ef 100644 --- a/roles/web-app-matrix/tasks/03_webserver.yml +++ b/roles/web-app-matrix/tasks/03_webserver.yml @@ -9,9 +9,9 @@ src: "well-known.j2" dest: "{{ MATRIX_WELL_KNOWN_FILE }}" -- name: "include role sys-stk-front for {{ MATRIX_ELEMENT_DOMAIN }}" +- name: "include role sys-stk-front-proxy for {{ MATRIX_ELEMENT_DOMAIN }}" include_role: - name: sys-stk-front + name: sys-stk-front-proxy vars: domain: "{{ MATRIX_ELEMENT_DOMAIN }}" http_port: "{{ MATRIX_ELEMENT_PORT }}" diff --git a/roles/web-app-taiga/README.md b/roles/web-app-taiga/README.md index b52348df..f4e16654 100644 --- a/roles/web-app-taiga/README.md +++ b/roles/web-app-taiga/README.md @@ -39,7 +39,7 @@ By using this role, teams can set up Taiga in minutes on Arch Linux systems — - [taiga-contrib-oidc-auth (official)](https://github.com/taigaio/taiga-contrib-oidc-auth) - 📨 **Email Backend:** Supports SMTP and console backends for development. - 🔁 **Async & Realtime Events:** Includes RabbitMQ and support for Taiga’s event system. -- 🌐 **Reverse Proxy Ready:** Integrates with Nginx using the `sys-stk-front` role. +- 🌐 **Reverse Proxy Ready:** Integrates with Nginx using the `sys-stk-front-proxy` role. - 🧩 **Composable Design:** Integrates cleanly with other Infinito.Nexus infrastructure roles. --- diff --git a/roles/web-app-wordpress/tasks/main.yml b/roles/web-app-wordpress/tasks/main.yml index 8539d928..104420f5 100644 --- a/roles/web-app-wordpress/tasks/main.yml +++ b/roles/web-app-wordpress/tasks/main.yml @@ -1,7 +1,7 @@ --- -- name: "Include role sys-stk-front for {{ application_id }}" +- name: "Include role sys-stk-front-proxy for {{ application_id }}" include_role: - name: sys-stk-front + name: sys-stk-front-proxy loop: "{{ WORDPRESS_DOMAINS }}" loop_control: loop_var: domain diff --git a/roles/web-opt-rdr-domains/README.md b/roles/web-opt-rdr-domains/README.md index c09e6704..f93c0111 100644 --- a/roles/web-opt-rdr-domains/README.md +++ b/roles/web-opt-rdr-domains/README.md @@ -9,7 +9,7 @@ This Ansible role configures Nginx to perform 301 redirects from one domain to a ## Dependencies -- `srv-https-stack`: A role for setting up HTTPS for Nginx +- `sys-stk-front-pure`: A role for setting up HTTPS for Nginx - `letsencrypt`: A role for managing SSL certificates with Let's Encrypt ## Author Information diff --git a/roles/web-opt-rdr-domains/tasks/main.yml b/roles/web-opt-rdr-domains/tasks/main.yml index 4b8defae..f8db46e5 100644 --- a/roles/web-opt-rdr-domains/tasks/main.yml +++ b/roles/web-opt-rdr-domains/tasks/main.yml @@ -1,8 +1,8 @@ - block: - - name: Include dependency 'srv-https-stack' + - name: Include dependency 'sys-stk-front-pure' include_role: - name: srv-https-stack - when: run_once_srv_https_stack is not defined + name: sys-stk-front-pure + when: run_once_sys_stk_front_pure is not defined - include_tasks: utils/run_once.yml when: run_once_web_opt_rdr_domains is not defined diff --git a/roles/web-opt-rdr-domains/tasks/redirect-domain.yml b/roles/web-opt-rdr-domains/tasks/redirect-domain.yml index ed72875b..8a3c70f1 100644 --- a/roles/web-opt-rdr-domains/tasks/redirect-domain.yml +++ b/roles/web-opt-rdr-domains/tasks/redirect-domain.yml @@ -1,6 +1,6 @@ - name: "include task receive certbot certificate" include_role: - name: srv-tls-core + name: sys-svc-certs - name: "Deploying NGINX redirect configuration for '{{ domain }}'" template: diff --git a/roles/web-svc-cdn/tasks/01_core.yml b/roles/web-svc-cdn/tasks/01_core.yml index 49c84eb7..027ea0f8 100644 --- a/roles/web-svc-cdn/tasks/01_core.yml +++ b/roles/web-svc-cdn/tasks/01_core.yml @@ -2,7 +2,7 @@ include_role: name: '{{ item }}' loop: - - srv-https-stack + - sys-stk-front-pure - dev-git - name: "include role for {{ application_id }} to receive certs & do modification routines" diff --git a/roles/web-svc-file/tasks/main.yml b/roles/web-svc-file/tasks/main.yml index 7c94649e..095cdb44 100644 --- a/roles/web-svc-file/tasks/main.yml +++ b/roles/web-svc-file/tasks/main.yml @@ -3,7 +3,7 @@ include_role: name: '{{ item }}' loop: - - srv-https-stack + - sys-stk-front-pure - dev-git - include_tasks: utils/run_once.yml when: run_once_web_svc_file is not defined diff --git a/roles/web-svc-html/tasks/main.yml b/roles/web-svc-html/tasks/main.yml index 7ab50392..b3e698a0 100644 --- a/roles/web-svc-html/tasks/main.yml +++ b/roles/web-svc-html/tasks/main.yml @@ -3,7 +3,7 @@ include_role: name: '{{ item }}' loop: - - srv-https-stack + - sys-stk-front-pure - dev-git - include_tasks: utils/run_once.yml when: run_once_web_svc_html is not defined