diff --git a/filter_plugins/configuration_filters.py b/filter_plugins/configuration_filters.py new file mode 100644 index 00000000..e78ac55b --- /dev/null +++ b/filter_plugins/configuration_filters.py @@ -0,0 +1,20 @@ +def get_oauth2_enabled(applications, application_id): + # Retrieve the application dictionary based on the ID + app = applications.get(application_id, {}) + # Retrieve the value for oauth2_proxy.enabled, default is False + enabled = app.get('oauth2_proxy', {}).get('enabled', False) + return bool(enabled) + +def get_css_enabled(applications, application_id): + # Retrieve the application dictionary based on the given application_id. + app = applications.get(application_id, {}) + # Retrieve the 'enabled' value from the css key, defaulting to True if not present. + enabled = app.get('css', {}).get('enabled', True) + return bool(enabled) + +class FilterModule(object): + def filters(self): + return { + 'get_css_enabled': get_css_enabled, + 'get_oauth2_enabled': get_oauth2_enabled + } \ No newline at end of file diff --git a/group_vars/all/07_applications.yml b/group_vars/all/07_applications.yml index 9acf5a05..9835c908 100644 --- a/group_vars/all/07_applications.yml +++ b/group_vars/all/07_applications.yml @@ -213,4 +213,15 @@ defaults_applications: enabled: true application: "application" port: "80" - location: "/admin/" # Protects the admin arear \ No newline at end of file + location: "/admin/" # Protects the admin area + + + wordpress: +# Deactivate Global theming for wordpress role +# due to the reason that wordpress has to much different themes +# and one styling for all is not possible. +# +# May a solution could be to generate a template or css file dedicated +# for wordpress based on the theming values and import it. + css: + enabled: false \ No newline at end of file diff --git a/group_vars/all/13_theming.yml b/group_vars/all/13_theming.yml index 5c387e2c..58d4f7c8 100644 --- a/group_vars/all/13_theming.yml +++ b/group_vars/all/13_theming.yml @@ -15,10 +15,4 @@ global_theming: info: "#F0F8FF" filters: saturation_change: 70 - hue_shift: 0 - -# Global Theming is default enabled for all roles -# If you want to disable the global css for a role, set -# global_theming_enabled: false -# in var/main.yml -global_theming_enabled: true \ No newline at end of file + hue_shift: 0 \ No newline at end of file diff --git a/roles/docker-keycloak/templates/import/realm.json.j2 b/roles/docker-keycloak/templates/import/realm.json.j2 index 44d9cc87..4a55e3eb 100644 --- a/roles/docker-keycloak/templates/import/realm.json.j2 +++ b/roles/docker-keycloak/templates/import/realm.json.j2 @@ -836,7 +836,7 @@ "redirectUris": [ {%- set redirect_uris = [] -%} {%- for application, domain in defaults_domains.items() -%} - {%- if applications[application_id] is defined and applications[application_id].oauth2_proxy.enabled | default(false) | bool -%} + {%- if applications[application_id] is defined and applications | get_oauth2_enabled(application_id) -%} {%- if domain is string -%} {%- set _ = redirect_uris.append("https://" ~ domain ~ "/*") -%} {%- else -%} diff --git a/roles/docker-oauth2-proxy/templates/container.yml.j2 b/roles/docker-oauth2-proxy/templates/container.yml.j2 index 32931182..75b5f315 100644 --- a/roles/docker-oauth2-proxy/templates/container.yml.j2 +++ b/roles/docker-oauth2-proxy/templates/container.yml.j2 @@ -1,4 +1,4 @@ -{% if applications[application_id].oauth2_proxy.enabled | default(false) | bool %} +{% if applications | get_oauth2_enabled(application_id) %} oauth2-proxy: image: quay.io/oauth2-proxy/oauth2-proxy:{{applications.oauth2_proxy.version}} restart: {{docker_restart_policy}} diff --git a/roles/docker-portfolio/vars/main.yml b/roles/docker-portfolio/vars/main.yml index 2284ce84..7e3b9bb0 100644 --- a/roles/docker-portfolio/vars/main.yml +++ b/roles/docker-portfolio/vars/main.yml @@ -1,3 +1,2 @@ application_id: "portfolio" -repository_address: "https://github.com/kevinveenbirkenbach/portfolio" -global_theming_enabled: true # Activate Global CSS for Portfolio +repository_address: "https://github.com/kevinveenbirkenbach/portfolio" \ No newline at end of file diff --git a/roles/docker-wordpress/vars/main.yml b/roles/docker-wordpress/vars/main.yml index 5e919537..9277e76d 100644 --- a/roles/docker-wordpress/vars/main.yml +++ b/roles/docker-wordpress/vars/main.yml @@ -2,12 +2,4 @@ application_id: "wordpress" wordpress_max_upload_size: "64M" database_type: "mariadb" database_password: "{{wordpress_database_password}}" -custom_wordpress_image: "custom_wordpress" - -# Deactivate Global theming for wordpress role -# due to the reason that wordpress has to much different themes -# and one styling for all is not possible. -# -# May a solution could be to generate a template or css file dedicated -# for wordpress based on the theming values and import it. -global_theming_enabled: false \ No newline at end of file +custom_wordpress_image: "custom_wordpress" \ No newline at end of file diff --git a/roles/nginx-docker-reverse-proxy/templates/domain.conf.j2 b/roles/nginx-docker-reverse-proxy/templates/domain.conf.j2 index e4803d6d..51772f84 100644 --- a/roles/nginx-docker-reverse-proxy/templates/domain.conf.j2 +++ b/roles/nginx-docker-reverse-proxy/templates/domain.conf.j2 @@ -2,7 +2,7 @@ server { server_name {{domain}}; - {% if applications[application_id].oauth2_proxy.enabled | default(false) | bool %} + {% if applications | get_oauth2_enabled(application_id) %} {% include 'roles/docker-oauth2-proxy/templates/endpoint.conf.j2'%} {% endif %} @@ -15,7 +15,7 @@ server {% include 'roles/letsencrypt/templates/ssl_header.j2' %} - {% if applications[application_id].oauth2_proxy.enabled | default(false) %} + {% if applications | get_oauth2_enabled(application_id) %} {% if applications[application_id].oauth2_proxy.location is defined %} {# Exposed and Unprotected Location #} {% include 'proxy_pass.conf.j2' %} diff --git a/roles/nginx-domain-setup/tasks/main.yml b/roles/nginx-domain-setup/tasks/main.yml index 8b695156..e7736d82 100644 --- a/roles/nginx-domain-setup/tasks/main.yml +++ b/roles/nginx-domain-setup/tasks/main.yml @@ -22,4 +22,4 @@ - name: "include the docker-oauth2-proxy role {{domain}}" include_role: name: docker-oauth2-proxy - when: applications[application_id].oauth2_proxy.enabled | default(false) | bool \ No newline at end of file + when: applications | get_oauth2_enabled(application_id) \ No newline at end of file diff --git a/roles/nginx-modifier-all/README.md b/roles/nginx-modifier-all/README.md index 5c019531..4dd62935 100644 --- a/roles/nginx-modifier-all/README.md +++ b/roles/nginx-modifier-all/README.md @@ -7,10 +7,10 @@ This role enhances your Nginx configuration by conditionally injecting global Ma ## Features - **Global Matomo Tracking** - When enabled (`global_matomo_tracking_enabled` is `true`), the role includes Matomo tracking configuration and injects the corresponding tracking script into your HTML. + The role includes Matomo tracking configuration and injects the corresponding tracking script into your HTML. - **Global Theming** - When enabled (`global_theming_enabled` is `true`), the role injects a global CSS link for consistent theming across your site. + The role injects a global CSS link for consistent theming across your site. - **Smart Injection** Uses Nginx's `sub_filter` to insert the tracking and theming snippets right before the closing `` tag of your HTML documents. diff --git a/roles/nginx-modifier-all/meta/main.yml b/roles/nginx-modifier-all/meta/main.yml deleted file mode 100644 index 8a501cf3..00000000 --- a/roles/nginx-modifier-all/meta/main.yml +++ /dev/null @@ -1,2 +0,0 @@ -dependencies: - - nginx-modifier-css # Just required to load once \ No newline at end of file diff --git a/roles/nginx-modifier-all/tasks/main.yml b/roles/nginx-modifier-all/tasks/main.yml index 0b85aafe..56a229ed 100644 --- a/roles/nginx-modifier-all/tasks/main.yml +++ b/roles/nginx-modifier-all/tasks/main.yml @@ -1,3 +1,8 @@ +- name: "Activate Global CSS for {{domain}}" + include_role: + name: nginx-modifier-css + when: applications | get_css_enabled(application_id) + - name: "Activate Global Matomo Tracking for {{domain}}" include_role: name: nginx-modifier-matomo diff --git a/roles/nginx-modifier-all/templates/global.includes.conf.j2 b/roles/nginx-modifier-all/templates/global.includes.conf.j2 index 452afcde..33bd8c73 100644 --- a/roles/nginx-modifier-all/templates/global.includes.conf.j2 +++ b/roles/nginx-modifier-all/templates/global.includes.conf.j2 @@ -7,11 +7,11 @@ sub_filter_types text/html; {% include 'roles/nginx-modifier-matomo/templates/matomo-tracking.conf.j2' %} {% endif %} -{% if global_theming_enabled | bool or global_matomo_tracking_enabled | bool%} - sub_filter '' '{% if global_matomo_tracking_enabled | bool %}{% include 'roles/nginx-modifier-matomo/templates/script.j2' %}{% endif %}{% if global_theming_enabled | bool %}{% include 'roles/nginx-modifier-css/templates/link.j2' %}{% endif %}'; +{% if applications | get_css_enabled(application_id) or global_matomo_tracking_enabled | bool%} + sub_filter '' '{% if global_matomo_tracking_enabled | bool %}{% include 'roles/nginx-modifier-matomo/templates/script.j2' %}{% endif %}{% if applications | get_css_enabled(application_id) %}{% include 'roles/nginx-modifier-css/templates/link.j2' %}{% endif %}'; {% endif %} -{% if global_theming_enabled | bool %} +{% if applications | get_css_enabled(application_id) %} {# Include Global CSS Location #} {% include 'roles/nginx-modifier-css/templates/location.conf.j2' %} {% endif %} diff --git a/roles/nginx-modifier-css/tasks/main.yml b/roles/nginx-modifier-css/tasks/main.yml index 6689a9d6..270df2fe 100644 --- a/roles/nginx-modifier-css/tasks/main.yml +++ b/roles/nginx-modifier-css/tasks/main.yml @@ -1,3 +1,5 @@ +# Load this role via nginx-modifier-all for consistency + - name: Ensure {{nginx.directories.global}} directory exists file: path: "{{nginx.directories.global}}" @@ -5,7 +7,7 @@ owner: "{{nginx.user}}" group: "{{nginx.user}}" mode: '0755' - when: run_once_nginx_global_css is not defined and global_theming_enabled | bool + when: run_once_nginx_global_css is not defined - name: Deploy global.css from template template: @@ -14,18 +16,18 @@ owner: "{{nginx.user}}" group: "{{nginx.user}}" mode: '0644' - when: run_once_nginx_global_css is not defined and global_theming_enabled | bool + when: run_once_nginx_global_css is not defined - name: Get stat for global.css destination file stat: path: "{{ global_css_destination }}" register: global_css_stat - when: run_once_nginx_global_css is not defined and global_theming_enabled | bool + when: run_once_nginx_global_css is not defined - name: Set global_css_version to file modification time set_fact: global_css_version: "{{ global_css_stat.stat.mtime }}" - when: run_once_nginx_global_css is not defined and global_theming_enabled | bool + when: run_once_nginx_global_css is not defined - name: Mark global css tasks as run once set_fact: diff --git a/roles/nginx-modifier-matomo/tasks/main.yml b/roles/nginx-modifier-matomo/tasks/main.yml index e6bfa620..74a6b9ee 100644 --- a/roles/nginx-modifier-matomo/tasks/main.yml +++ b/roles/nginx-modifier-matomo/tasks/main.yml @@ -1,3 +1,5 @@ +# Load this role via nginx-modifier-all for consistency + - name: "Relevant variables for role: {{ role_path | basename }}" debug: msg: diff --git a/tasks/update-repository-with-files.yml b/tasks/update-repository-with-files.yml index 3f949f28..6ef5e9a0 100644 --- a/tasks/update-repository-with-files.yml +++ b/tasks/update-repository-with-files.yml @@ -4,7 +4,7 @@ - name: "Merge detached_files with applications.oauth2_proxy.configuration_file" ansible.builtin.set_fact: merged_detached_files: "{{ detached_files + [applications.oauth2_proxy.configuration_file] }}" - when: applications[application_id].oauth2_proxy.enabled | default(false) | bool + when: applications | get_oauth2_enabled(application_id) - name: "backup detached files" command: >