kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-03-30 05:53:33 +02:00
Code Issues Packages Projects Releases Wiki Activity

Implemented more detailed configuration for landing_page, css and matomo and restructured code

Browse Source
This commit is contained in:
Kevin Veen-Birkenbach 2025-03-19 20:26:43 +01:00
parent f23850068a
commit 72693e09e2
No known key found for this signature in database
GPG Key ID: 44D8F11FD62F878E
12 changed files with 277 additions and 159 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
filter_plugins/configuration_filters.py
View File

@ -1,25 +1,35 @@
def get_oauth2_enabled(applications, application_id): import yaml
def get_oauth2_enabled(applications:yaml, application_id:string):
# Retrieve the application dictionary based on the ID # Retrieve the application dictionary based on the ID
app = applications.get(application_id, {}) app = applications.get(application_id, {})
# Retrieve the value for oauth2_proxy.enabled, default is False # Retrieve the value for oauth2_proxy.enabled, default is False
enabled = app.get('oauth2_proxy', {}).get('enabled', False) enabled = app.get('oauth2_proxy', {}).get('enabled', False)
return bool(enabled) return bool(enabled)
def get_oidc_enabled(applications, application_id): def get_oidc_enabled(applications:yaml, application_id:string):
# Retrieve the application dictionary based on the ID # Retrieve the application dictionary based on the ID
app = applications.get(application_id, {}) app = applications.get(application_id, {})
# Retrieve the value for oidc.enabled, default is False # Retrieve the value for oidc.enabled, default is False
enabled = app.get('oidc', {}).get('enabled', False) enabled = app.get('oidc', {}).get('enabled', False)
return bool(enabled) return bool(enabled)
def get_css_enabled(applications, application_id): def get_css_enabled(applications:yaml, application_id:string):
# Retrieve the application dictionary based on the given application_id. app = applications.get(application_id)
app = applications.get(application_id, {}) enabled = app.get('css_enabled')
# Retrieve the 'enabled' value from the css key, defaulting to True if not present.
enabled = app.get('css', {}).get('enabled', True)
return bool(enabled) return bool(enabled)
def get_database_central_storage(applications, application_id): def get_landingpage_iframe_enabled(applications:yaml, application_id:string):
app = applications.get(application_id)
enabled = app.get('landingpage_iframe_enabled')
return bool(enabled)
def get_matomo_tracking_enabled(applications:yaml, application_id:string):
app = applications.get(application_id)
enabled = app.get('matomo_tracking_enabled')
return bool(enabled)
def get_database_central_storage(applications:yaml, application_id:string):
""" """
Retrieve the type of the database from the application dictionary. Retrieve the type of the database from the application dictionary.
The expected key structure is: applications[application_id]['database']['central_storage']. The expected key structure is: applications[application_id]['database']['central_storage'].
@ -36,4 +46,6 @@ class FilterModule(object):
'get_oidc_enabled': get_oidc_enabled, 'get_oidc_enabled': get_oidc_enabled,
'get_oauth2_enabled': get_oauth2_enabled, 'get_oauth2_enabled': get_oauth2_enabled,
'get_database_central_storage': get_database_central_storage, 'get_database_central_storage': get_database_central_storage,
'get_landingpage_iframe_enabled': get_landingpage_iframe_enabled,
'get_matomo_tracking_enabled': get_matomo_tracking_enabled,
} }

17
group_vars/all/00_general.yml
View File

@ -52,3 +52,20 @@ enable_wildcard_certificate: false
# This enables debugging in ansible and in the apps # This enables debugging in ansible and in the apps
# You SHOULD NOT enable this on production servers # You SHOULD NOT enable this on production servers
enable_debug: false enable_debug: false
#########################
## ENABLED DEFAULTS ##
#########################
# The following defaults are used for the default_applications
# It can be that in a default_applications the value for one application is overwritten.
# You can overwritte it in this case in the applications in your inventory
## Matomo Tracking
matomo_tracking_enabled_default: true # Enables\Disables Matomo tracking on all html pages by default.
## CSS
css_enabled_default: true # Enables\Disables Global CSS on all html pages by default.
## iframe for primary domain
landingpage_iframe_enabled: false # Enables\Disables the possibility to be embedded via iframe by default.

5
group_vars/all/05_nginx.yml
View File

@ -15,7 +15,4 @@ nginx:
files: "/var/www/public_files/" # Path where the web accessable files are stored files: "/var/www/public_files/" # Path where the web accessable files are stored
global: "/var/www/global/" # Directory containing files which will be globaly accessable global: "/var/www/global/" # Directory containing files which will be globaly accessable
user: "http" # Default nginx user in ArchLinux user: "http" # Default nginx user in ArchLinux
iframe: true # Allows applications to be loaded in iframe iframe: true # Allows applications to be loaded in iframe
## Matomo Tracking
global_matomo_tracking_enabled: false # Activates matomo tracking on all html pages. Change this in inventory.

248
group_vars/all/07_applications.yml
View File

@ -26,29 +26,41 @@ defaults_applications:
setup_admin_email: "{{users.administrator.email}}" setup_admin_email: "{{users.administrator.email}}"
database: database:
central_storage: True central_storage: True
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe
## Attendize ## Attendize
attendize: attendize:
version: "latest" version: "latest"
database: database:
central_storage: True central_storage: True
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe
## Baserow ## Baserow
baserow: baserow:
version: "latest" version: "latest"
database: database:
central_storage: True central_storage: True
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe
## Big Blue Button ## Big Blue Button
bigbluebutton: bigbluebutton:
enable_greenlight: "true" enable_greenlight: "true"
setup: false # Set to true in inventory file for initial setup setup: false # Set to true in inventory file for initial setup
oidc: oidc:
enabled: true # Activate OIDC enabled: true # Activate OIDC
database: database:
central_storage: True central_storage: True
ldap: ldap:
enabled: False # @todo LDAP needs to get propper implemented and tested, just set values during refactoring enabled: False # @todo LDAP needs to get propper implemented and tested, just set values during refactoring
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe
## Bluesky ## Bluesky
bluesky: bluesky:
@ -57,79 +69,103 @@ defaults_applications:
email: "{{users.administrator.email}}" email: "{{users.administrator.email}}"
pds: pds:
version: "latest" version: "latest"
#jwt_secret: # Needs to be defined in inventory file - Use: openssl rand -base64 64 | tr -d '\n' #jwt_secret: # Needs to be defined in inventory file - Use: openssl rand -base64 64 | tr -d '\n'
#plc_rotation_key_k256_private_key_hex: # Needs to be defined in inventory file - Use: openssl rand -hex 32 #plc_rotation_key_k256_private_key_hex: # Needs to be defined in inventory file - Use: openssl rand -hex 32
#admin_password: # Needs to be defined in inventory file - Use: openssl rand -base64 16 #admin_password: # Needs to be defined in inventory file - Use: openssl rand -base64 16
database: database:
central_storage: True central_storage: True
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe
coturn: # @todo implement coturn: # @todo implement
credentials: credentials:
user: turnuser user: turnuser
# password: # Need to be defined in invetory file # password: # Need to be defined in invetory file
# secret: # Need to be defined in invetory file # secret: # Need to be defined in invetory file
## Discourse: ## Discourse:
discourse: discourse:
network: "discourse_default" # Name of the docker network network: "discourse_default" # Name of the docker network
container: "discourse_application" # Name of the container application container: "discourse_application" # Name of the container application
repository: "discourse_repository" # Name of the repository folder repository: "discourse_repository" # Name of the repository folder
# database_password: # Needs to be defined in inventory file # database_password: # Needs to be defined in inventory file
oidc: oidc:
enabled: true # Activate OIDC enabled: true # Activate OIDC
database: database:
central_storage: True # Activate Central Database Storage central_storage: True # Activate Central Database Storage
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe
## Friendica ## Friendica
friendica: friendica:
version: "latest" version: "latest"
oidc: oidc:
enabled: true # Activate OIDC. Plugin is not working yet enabled: true # Activate OIDC. Plugin is not working yet
database: database:
central_storage: True # Activate Central Database Storage central_storage: True # Activate Central Database Storage
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe
## Funkwhale ## Funkwhale
funkwhale: funkwhale:
version: "1.4.0" version: "1.4.0"
ldap: ldap:
enabled: True # Enables LDAP by default @todo check implementation enabled: True # Enables LDAP by default @todo check implementation
database: database:
central_storage: True # Activate Central Database Storage central_storage: True # Activate Central Database Storage
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe
## Gitea ## Gitea
gitea: gitea:
version: "latest" # Use latest docker image version: "latest" # Use latest docker image
database: database:
central_storage: True # Activate Central Database Storage central_storage: True # Activate Central Database Storage
configuration: configuration:
repository: repository:
enable_push_create_user: True # Allow users to push local repositories to Gitea and have them automatically created for a user. enable_push_create_user: True # Allow users to push local repositories to Gitea and have them automatically created for a user.
default_private: last # Default private when creating a new repository: last, private, public default_private: last # Default private when creating a new repository: last, private, public
default_push_create_private: True # Default private when creating a new repository with push-to-create. default_push_create_private: True # Default private when creating a new repository with push-to-create.
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe
## Gitlab ## Gitlab
gitlab: gitlab:
version: "latest" version: "latest"
database: database:
central_storage: True # Activate Central Database Storage central_storage: True # Activate Central Database Storage
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe
## Joomla ## Joomla
joomla: joomla:
version: "latest" version: "latest"
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe
## Keycloak ## Keycloak
keycloak: keycloak:
version: "latest" version: "latest"
users: users:
administrator: administrator:
username: "{{users.administrator.username}}" # Administrator Username for Keycloak username: "{{users.administrator.username}}" # Administrator Username for Keycloak
ldap: ldap:
enabled: True # Enables LDAP by default enabled: True # Enables LDAP by default
import_realm: True # If True realm will be imported. If false skip. import_realm: True # If True realm will be imported. If false skip.
database: database:
central_storage: True # Activate Central Database Storage central_storage: True # Activate Central Database Storage
# database_password: # Needs to be defined in inventory file # database_password: # Needs to be defined in inventory file
# administrator_password: # Needs to be defined in inventory file # administrator_password: # Needs to be defined in inventory file
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe
## LDAP ## LDAP
ldap: ldap:
@ -160,32 +196,41 @@ defaults_applications:
central_storage: false # LDAP doesn't use an database in the current configuration. Propably a good idea to implement one later. central_storage: false # LDAP doesn't use an database in the current configuration. Propably a good idea to implement one later.
# administrator_password: # CHANGE for security reasons in inventory file # administrator_password: # CHANGE for security reasons in inventory file
# administrator_database_password: # CHANGE for security reasons in inventory file # administrator_database_password: # CHANGE for security reasons in inventory file
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe
## Listmonk ## Listmonk
listmonk: listmonk:
users: users:
administrator: administrator:
username: "{{users.administrator.username}}" # Listmonk administrator account username username: "{{users.administrator.username}}" # Listmonk administrator account username
public_api_activated: False # Security hole. Can be used for spaming public_api_activated: False # Security hole. Can be used for spaming
version: "latest" # Docker Image version version: "latest" # Docker Image version
setup: false # Set true in inventory file to execute the setup and initializing procedures setup: false # Set true in inventory file to execute the setup and initializing procedures
database: database:
central_storage: True # Activate Central Database Storage central_storage: True # Activate Central Database Storage
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe
mailu: mailu:
version: "2024.06" # Docker Image Version version: "2024.06" # Docker Image Version
setup: false # Set true in inventory file to execute the setup and initializing procedures setup: false # Set true in inventory file to execute the setup and initializing procedures
oidc: oidc:
enabled: true # Activate OIDC for Mailu enabled: true # Activate OIDC for Mailu
domain: "{{primary_domain}}" # The main domain from which mails will be send \ email suffix behind @ domain: "{{primary_domain}}" # The main domain from which mails will be send \ email suffix behind @
# I don't know why the database deactivation is necessary # I don't know why the database deactivation is necessary
database: database:
central_storage: False # Deactivate central database for mailu central_storage: False # Deactivate central database for mailu
credentials: credentials:
# secret_key: # Set to a randomly generated 16 bytes string # secret_key: # Set to a randomly generated 16 bytes string
# database_password: # Needs to be set in inventory file # database_password: # Needs to be set in inventory file
# api_token: # Configures the authentication token. The minimum length is 3 characters. This is a mandatory setting for using the RESTful API. # api_token: # Configures the authentication token. The minimum length is 3 characters. This is a mandatory setting for using the RESTful API.
# initial_administrator_password: # Initial administrator password for setup # initial_administrator_password: # Initial administrator password for setup
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe
## MariaDB ## MariaDB
mariadb: mariadb:
@ -199,20 +244,21 @@ defaults_applications:
# cookie_secret: None # Set via openssl rand -hex 16 # cookie_secret: None # Set via openssl rand -hex 16
# database_password: Null # Needs to be set in inventory file # database_password: Null # Needs to be set in inventory file
# auth_token: Null # Needs to be set in inventory file # auth_token: Null # Needs to be set in inventory file
css:
enabled: false # The css isn't optimized yet for Matomo
database: database:
central_storage: True # Activate Central Database Storage central_storage: True # Activate Central Database Storage
matomo_tracking_enabled: false # Activate in inventory file if you want to have the statistics, as soon as matomo is running
css_enabled: false # Not optimized yet for matomo
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe
## Mastodon ## Mastodon
mastodon: mastodon:
version: "latest" version: "latest"
single_user_mode: false # Set true for initial setup single_user_mode: false # Set true for initial setup
setup: false # Set true in inventory file to execute the setup and initializing procedures setup: false # Set true in inventory file to execute the setup and initializing procedures
database: database:
central_storage: True # Activate Central Database Storage central_storage: True # Activate Central Database Storage
oidc: oidc:
enabled: True # Activate OIDC for Mastodon enabled: True # Activate OIDC for Mastodon
credentials: credentials:
# Check out the README.md of the docker-mastodon role to get detailled instructions about how to setup the credentials # Check out the README.md of the docker-mastodon role to get detailled instructions about how to setup the credentials
# database_password: # database_password:
@ -225,24 +271,30 @@ defaults_applications:
# deterministic_key: # deterministic_key:
# key_derivation_salt: # key_derivation_salt:
# primary_key: # primary_key:
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe
## Matrix ## Matrix
matrix: matrix:
users: users:
administrator: administrator:
username: "{{users.administrator.username}}" # Accountname of the matrix admin username: "{{users.administrator.username}}" # Accountname of the matrix admin
playbook_tags: "setup-all,start" # For the initial update use: install-all,ensure-matrix-users-created,start playbook_tags: "setup-all,start" # For the initial update use: install-all,ensure-matrix-users-created,start
role: "compose" # Role to setup Matrix. Valid values: ansible, compose role: "compose" # Role to setup Matrix. Valid values: ansible, compose
server_name: "{{primary_domain}}" # Adress for the account names etc. server_name: "{{primary_domain}}" # Adress for the account names etc.
synapse: synapse:
version: "latest" version: "latest"
element: element:
version: "latest" version: "latest"
setup: false # Set true in inventory file to execute the setup and initializing procedures setup: false # Set true in inventory file to execute the setup and initializing procedures
database: database:
central_storage: True # Activate Central Database Storage central_storage: True # Activate Central Database Storage
oidc: oidc:
enabled: False # Deactivated OIDC due to this issue https://github.com/matrix-org/synapse/issues/10492 enabled: False # Deactivated OIDC due to this issue https://github.com/matrix-org/synapse/issues/10492
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe
## Moodle ## Moodle
moodle: moodle:
@ -253,13 +305,19 @@ defaults_applications:
email: "{{users.administrator.email}}" email: "{{users.administrator.email}}"
version: "latest" version: "latest"
database: database:
central_storage: True # Activate Central Database Storage central_storage: True # Activate Central Database Storage
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe
## MyBB ## MyBB
mybb: mybb:
version: "latest" version: "latest"
database: database:
central_storage: True # Activate Central Database Storage central_storage: True # Activate Central Database Storage
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe
## Nextcloud ## Nextcloud
nextcloud: nextcloud:
@ -482,56 +540,74 @@ defaults_applications:
whiteboard: whiteboard:
# Nextcloud Whiteboard: provides a collaborative drawing and brainstorming tool (https://apps.nextcloud.com/apps/whiteboard) # Nextcloud Whiteboard: provides a collaborative drawing and brainstorming tool (https://apps.nextcloud.com/apps/whiteboard)
enabled: true enabled: true
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe
## OAuth2 Proxy ## OAuth2 Proxy
oauth2_proxy: oauth2_proxy:
configuration_file: "oauth2-proxy-keycloak.cfg" # Needs to be set true in the roles which use it configuration_file: "oauth2-proxy-keycloak.cfg" # Needs to be set true in the roles which use it
version: "latest" # Docker Image version version: "latest" # Docker Image version
redirect_url: "https://{{domains.keycloak}}/auth/realms/{{primary_domain}}/protocol/openid-connect/auth" # The redirect URL for the OAuth2 flow. It should match the redirect URL configured in Keycloak. redirect_url: "https://{{domains.keycloak}}/auth/realms/{{primary_domain}}/protocol/openid-connect/auth" # The redirect URL for the OAuth2 flow. It should match the redirect URL configured in Keycloak.
allowed_roles: admin # Restrict it default to admin role. Use the vars/main.yml to open the specific role for other groups allowed_roles: admin # Restrict it default to admin role. Use the vars/main.yml to open the specific role for other groups
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe
## Open Project ## Open Project
openproject: openproject:
version: "13" # Update when available. Sadly no rolling release implemented version: "13" # Update when available. Sadly no rolling release implemented
oauth2_proxy: oauth2_proxy:
enabled: true # OpenProject doesn't support OIDC, so this procy in combination with LDAP is needed enabled: true # OpenProject doesn't support OIDC, so this procy in combination with LDAP is needed
application: "proxy" application: "proxy"
port: "80" port: "80"
# cookie_secret: None # Set via openssl rand -hex 16 # cookie_secret: None # Set via openssl rand -hex 16
ldap: ldap:
enabled: True # Enables LDAP by default enabled: True # Enables LDAP by default
database: database:
central_storage: True # Activate Central Database Storage central_storage: True # Activate Central Database Storage
css: css:
enabled: false # Temporary deactivated due to bugs enabled: false # Temporary deactivated due to bugs
# @todo Solve and reactivate # @todo Solve and reactivate
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe
## Peertube ## Peertube
peertube: peertube:
version: "bookworm" version: "bookworm"
database: database:
central_storage: True # Activate Central Database Storage central_storage: True # Activate Central Database Storage
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe
## PHPMyAdmin ## PHPMyAdmin
phpmyadmin: phpmyadmin:
version: "latest" version: "latest"
autologin: false # This is a high security risk. Just activate this option if you know what you're doing autologin: false # This is a high security risk. Just activate this option if you know what you're doing
oauth2_proxy: oauth2_proxy:
enabled: true enabled: true
port: "80" port: "80"
application: "application" application: "application"
# cookie_secret: None # Set via openssl rand -hex 16 # cookie_secret: None # Set via openssl rand -hex 16
database: database:
central_storage: True # Activate Central Database Storage central_storage: True # Activate Central Database Storage
css: css:
enabled: False # The css needs more optimation for PHPMyAdmin enabled: False # The css needs more optimation for PHPMyAdmin
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe
## Pixelfed ## Pixelfed
pixelfed: pixelfed:
titel: "Pictures on {{primary_domain}}" titel: "Pictures on {{primary_domain}}"
version: "latest" version: "latest"
database: database:
central_storage: True # Activate Central Database Storage central_storage: True # Activate Central Database Storage
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe
## Postgres ## Postgres
# Please set an version in your inventory file - Rolling release for postgres isn't recommended # Please set an version in your inventory file - Rolling release for postgres isn't recommended
@ -541,18 +617,27 @@ defaults_applications:
portfolio: portfolio:
database: database:
central_storage: False # Portfolio doesn't use any database central_storage: False # Portfolio doesn't use any database
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
landingpage_iframe_enabled: false # Doesn't make sense to load landingpage in landingpage
# Snipe-IT # Snipe-IT
snipe_it: snipe_it:
version: "latest" version: "latest"
database: database:
central_storage: True # Activate Central Database Storage central_storage: True # Activate Central Database Storage
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe
## Sphinx ## Sphinx
sphinx: sphinx:
version: "3.9-slim" # Use latest docker image version: "3.9-slim" # Use latest docker image
repository_sphinx_source: "https://github.com/kevinveenbirkenbach/cymais.git" # Repository address to pull the source repository from repository_sphinx_source: "https://github.com/kevinveenbirkenbach/cymais.git" # Repository address to pull the source repository from
sphinx_exec_dir_relative: "sphinx/" # The relative path to the sphinx Makefile folder from the source dir sphinx_exec_dir_relative: "sphinx/" # The relative path to the sphinx Makefile folder from the source dir
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
landingpage_iframe_enabled: true # Makes sense to make the documentary allways in iframe available
## Taiga ## Taiga
@ -560,6 +645,9 @@ defaults_applications:
version: "latest" version: "latest"
database: database:
central_storage: True # Activate Central Database Storage central_storage: True # Activate Central Database Storage
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe
## YOURLS ## YOURLS
yourls: yourls:
@ -575,6 +663,9 @@ defaults_applications:
# cookie_secret: None # Set via openssl rand -hex 16 # cookie_secret: None # Set via openssl rand -hex 16
database: database:
central_storage: True # Activate Central Database Storage central_storage: True # Activate Central Database Storage
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe
wordpress: wordpress:
# Deactivate Global theming for wordpress role # Deactivate Global theming for wordpress role
@ -583,7 +674,8 @@ defaults_applications:
# #
# May a solution could be to generate a template or css file dedicated # May a solution could be to generate a template or css file dedicated
# for wordpress based on the theming values and import it. # for wordpress based on the theming values and import it.
css:
enabled: false
database: database:
central_storage: True # Activate Central Database Storage central_storage: True # Activate Central Database Storage
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
css_enabled: false # CSS is hard to tweak for wordpress
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe

0
roles/corporate-identity/vars/main.yml Normal file
View File

6
roles/docker-matomo/vars/main.yml
View File

@ -4,8 +4,4 @@ database_type: "mariadb"
database_password: "{{applications.matomo.database_password}}" database_password: "{{applications.matomo.database_password}}"
# I don't know if this is still necessary # I don't know if this is still necessary
domain: "{{domains.matomo}}" domain: "{{domains.matomo}}"
# Disable matomo tracking, because otherwise recursiv loading technics would be neccessary
# This is the default value and it will be overwritten by set fact in main.yml
global_matomo_tracking_enabled: false

108
roles/docker-portfolio/templates/config.yaml.j2
View File

@ -25,7 +25,7 @@ accounts:
class: fa-brands fa-mastodon class: fa-brands fa-mastodon
url: "https://{{ service_provider.contact.mastodon.split('@')[2] }}/@{{ service_provider.contact.mastodon.split('@')[1] }}" url: "https://{{ service_provider.contact.mastodon.split('@')[2] }}/@{{ service_provider.contact.mastodon.split('@')[1] }}"
identifier: "{{service_provider.contact.mastodon}}" identifier: "{{service_provider.contact.mastodon}}"
iframe: true iframe: {{ applications | get_landingpage_iframe_enabled('mastodon') }}
{% endif %} {% endif %}
{% if service_provider.contact.bluesky is defined and service_provider.contact.bluesky != "" %} {% if service_provider.contact.bluesky is defined and service_provider.contact.bluesky != "" %}
@ -48,7 +48,7 @@ accounts:
class: fa-solid fa-camera class: fa-solid fa-camera
identifier: "{{service_provider.contact.pixelfed}}" identifier: "{{service_provider.contact.pixelfed}}"
url: "https://{{ service_provider.contact.pixelfed.split('@')[2] }}/@{{ service_provider.contact.pixelfed.split('@')[1] }}" url: "https://{{ service_provider.contact.pixelfed.split('@')[2] }}/@{{ service_provider.contact.pixelfed.split('@')[1] }}"
iframe: true iframe: {{ applications | get_landingpage_iframe_enabled('pixelfed') }}
{% endif %} {% endif %}
{% if service_provider.contact.peertube is defined and service_provider.contact.peertube != "" %} {% if service_provider.contact.peertube is defined and service_provider.contact.peertube != "" %}
@ -60,7 +60,7 @@ accounts:
class: fa-solid fa-video class: fa-solid fa-video
identifier: "{{service_provider.contact.peertube}}" identifier: "{{service_provider.contact.peertube}}"
url: "https://{{ service_provider.contact.peertube.split('@')[2] }}/@{{ service_provider.contact.peertube.split('@')[1] }}" url: "https://{{ service_provider.contact.peertube.split('@')[2] }}/@{{ service_provider.contact.peertube.split('@')[1] }}"
iframe: true iframe: {{ applications | get_landingpage_iframe_enabled('peertube') }}
{% endif %} {% endif %}
{% if service_provider.contact.wordpress is defined and service_provider.contact.wordpress != "" %} {% if service_provider.contact.wordpress is defined and service_provider.contact.wordpress != "" %}
@ -72,7 +72,7 @@ accounts:
class: fa-solid fa-blog class: fa-solid fa-blog
identifier: "{{service_provider.contact.wordpress}}" identifier: "{{service_provider.contact.wordpress}}"
url: "https://{{ service_provider.contact.wordpress.split('@')[2] }}/@{{ service_provider.contact.wordpress.split('@')[1] }}" url: "https://{{ service_provider.contact.wordpress.split('@')[2] }}/@{{ service_provider.contact.wordpress.split('@')[1] }}"
iframe: true iframe: {{ applications | get_landingpage_iframe_enabled('wordpress') }}
{% endif %} {% endif %}
{% if service_provider.contact.source_code is defined and service_provider.contact.source_code != "" %} {% if service_provider.contact.source_code is defined and service_provider.contact.source_code != "" %}
@ -94,7 +94,7 @@ accounts:
class: fas fa-network-wired class: fas fa-network-wired
identifier: "{{service_provider.contact.friendica}}" identifier: "{{service_provider.contact.friendica}}"
url: "https://{{ service_provider.contact.friendica.split('@')[2] }}/@{{ service_provider.contact.friendica.split('@')[1] }}" url: "https://{{ service_provider.contact.friendica.split('@')[2] }}/@{{ service_provider.contact.friendica.split('@')[1] }}"
iframe: true iframe: {{ applications | get_landingpage_iframe_enabled('friendica') }}
{% endif %} {% endif %}
@ -110,7 +110,7 @@ cards:
text: "Experience the power of Matomo, an innovative open-source analytics platform that delivers real-time insights, robust visitor tracking, and privacy-first features to elevate your website performance. Dive into actionable data with unmatched precision and clarity!" text: "Experience the power of Matomo, an innovative open-source analytics platform that delivers real-time insights, robust visitor tracking, and privacy-first features to elevate your website performance. Dive into actionable data with unmatched precision and clarity!"
url: https://{{domains.matomo}} url: https://{{domains.matomo}}
link_text: "Discover Matomo Now!" link_text: "Discover Matomo Now!"
iframe: true iframe: {{ applications | get_landingpage_iframe_enabled('matomo') }}
{% endif %} {% endif %}
{% if "ldap" in group_names %} {% if "ldap" in group_names %}
@ -121,7 +121,7 @@ cards:
text: "Unleash the potential of centralized identity management with our vibrant LDAP solution. Enjoy seamless authentication, efficient user management, and enhanced security that empowers your organization to stay connected, agile, and ahead of the curve in digital transformation." text: "Unleash the potential of centralized identity management with our vibrant LDAP solution. Enjoy seamless authentication, efficient user management, and enhanced security that empowers your organization to stay connected, agile, and ahead of the curve in digital transformation."
url: https://{{domains.ldap}} url: https://{{domains.ldap}}
link_text: "Empower Your Network!" link_text: "Empower Your Network!"
iframe: true iframe: {{ applications | get_landingpage_iframe_enabled('ldap') }}
{% endif %} {% endif %}
{% if "keycloak" in group_names %} {% if "keycloak" in group_names %}
@ -132,7 +132,7 @@ cards:
text: "Step into a secure future with Keycloak! Our dynamic identity and access management solution offers streamlined SSO capabilities, robust security measures, and an intuitive user experience that propels your applications to unprecedented heights of performance and reliability." text: "Step into a secure future with Keycloak! Our dynamic identity and access management solution offers streamlined SSO capabilities, robust security measures, and an intuitive user experience that propels your applications to unprecedented heights of performance and reliability."
url: https://{{domains.keycloak}} url: https://{{domains.keycloak}}
link_text: "Secure Your Future Now!" link_text: "Secure Your Future Now!"
iframe: true iframe: {{ applications | get_landingpage_iframe_enabled('keycloak') }}
{% endif %} {% endif %}
{% if "nextcloud" in group_names %} {% if "nextcloud" in group_names %}
@ -143,7 +143,7 @@ cards:
text: "Elevate your collaboration with Nextcloud, a vibrant self-hosted cloud solution designed for dynamic file sharing, seamless communication, and effortless teamwork. Embrace unparalleled control, flexibility, and a boosted digital workspace that adapts to your every need." text: "Elevate your collaboration with Nextcloud, a vibrant self-hosted cloud solution designed for dynamic file sharing, seamless communication, and effortless teamwork. Embrace unparalleled control, flexibility, and a boosted digital workspace that adapts to your every need."
url: https://{{domains.nextcloud}} url: https://{{domains.nextcloud}}
link_text: "Experience Nextcloud Today!" link_text: "Experience Nextcloud Today!"
iframe: true iframe: {{ applications | get_landingpage_iframe_enabled('nextcloud') }}
{% endif %} {% endif %}
{% if "gitea" in group_names %} {% if "gitea" in group_names %}
@ -154,7 +154,7 @@ cards:
text: "Boost your development journey with Gitea, a lightweight and energetic self-hosted Git service that offers efficient code collaboration, intuitive version control, and an agile environment for your projects. Ignite your coding spirit, innovate faster, and code with confidence!" text: "Boost your development journey with Gitea, a lightweight and energetic self-hosted Git service that offers efficient code collaboration, intuitive version control, and an agile environment for your projects. Ignite your coding spirit, innovate faster, and code with confidence!"
url: https://{{domains.gitea}} url: https://{{domains.gitea}}
link_text: "Ignite Your Code Now!" link_text: "Ignite Your Code Now!"
iframe: true iframe: {{ applications | get_landingpage_iframe_enabled('gitea') }}
{% endif %} {% endif %}
{% if "wordpress" in group_names %} {% if "wordpress" in group_names %}
@ -165,6 +165,8 @@ cards:
text: "Unleash your creative potential with WordPress, a dynamic platform that empowers you to build, manage, and scale stunning websites and blogs effortlessly. Experience an ever-evolving ecosystem that inspires innovation and drives digital success with every click." text: "Unleash your creative potential with WordPress, a dynamic platform that empowers you to build, manage, and scale stunning websites and blogs effortlessly. Experience an ever-evolving ecosystem that inspires innovation and drives digital success with every click."
url: https://{{domains.wordpress}} url: https://{{domains.wordpress}}
link_text: "Launch Your Site Today!" link_text: "Launch Your Site Today!"
iframe: {{ applications | get_landingpage_iframe_enabled('wordpress') }}
{% endif %} {% endif %}
{% if "mediawiki" in group_names %} {% if "mediawiki" in group_names %}
@ -175,7 +177,7 @@ cards:
text: "Empower your knowledge base with MediaWiki, a versatile and collaborative platform designed to build comprehensive, user-driven documentation. Embrace an energetic community and innovative tools that turn information into a vibrant, living resource." text: "Empower your knowledge base with MediaWiki, a versatile and collaborative platform designed to build comprehensive, user-driven documentation. Embrace an energetic community and innovative tools that turn information into a vibrant, living resource."
url: https://{{domains.mediawiki}} url: https://{{domains.mediawiki}}
link_text: "Explore MediaWiki Now!" link_text: "Explore MediaWiki Now!"
iframe: true iframe: {{ applications | get_landingpage_iframe_enabled('mediawiki') }}
{% endif %} {% endif %}
{% if "mybb" in group_names %} {% if "mybb" in group_names %}
@ -186,7 +188,7 @@ cards:
text: "Transform your community engagement with MyBB, a feature-rich forum solution that combines modern design with robust functionality. Enjoy dynamic discussions, intuitive moderation, and an energetic user interface that brings people together like never before." text: "Transform your community engagement with MyBB, a feature-rich forum solution that combines modern design with robust functionality. Enjoy dynamic discussions, intuitive moderation, and an energetic user interface that brings people together like never before."
url: https://{{domains.mybb}} url: https://{{domains.mybb}}
link_text: "Join the Conversation!" link_text: "Join the Conversation!"
iframe: true iframe: {{ applications | get_landingpage_iframe_enabled('mybb') }}
{% endif %} {% endif %}
{% if "yourls" in group_names %} {% if "yourls" in group_names %}
@ -197,7 +199,7 @@ cards:
text: "Streamline your online presence with YOURLS, a nimble URL shortening solution that makes sharing links faster, easier, and more engaging. Enjoy the benefits of enhanced tracking and a user-friendly interface that energizes your digital strategy." text: "Streamline your online presence with YOURLS, a nimble URL shortening solution that makes sharing links faster, easier, and more engaging. Enjoy the benefits of enhanced tracking and a user-friendly interface that energizes your digital strategy."
url: https://{{domains.yourls}} url: https://{{domains.yourls}}
link_text: "Shorten Links Instantly!" link_text: "Shorten Links Instantly!"
iframe: true iframe: {{ applications | get_landingpage_iframe_enabled('yourls') }}
{% endif %} {% endif %}
{% if "mailu" in group_names %} {% if "mailu" in group_names %}
@ -208,7 +210,7 @@ cards:
text: "Revolutionize your email communications with Mailu, a secure and flexible mail server solution that integrates seamlessly into your workflow. Experience enhanced reliability, robust security, and an energetic approach to managing your digital correspondence." text: "Revolutionize your email communications with Mailu, a secure and flexible mail server solution that integrates seamlessly into your workflow. Experience enhanced reliability, robust security, and an energetic approach to managing your digital correspondence."
url: https://{{domains.mailu}} url: https://{{domains.mailu}}
link_text: "Elevate Your Email Now!" link_text: "Elevate Your Email Now!"
iframe: true iframe: {{ applications | get_landingpage_iframe_enabled('mailu') }}
{% endif %} {% endif %}
{% if "mastodon" in group_names %} {% if "mastodon" in group_names %}
@ -219,7 +221,7 @@ cards:
text: "Dive into a decentralized social experience with Mastodon, a vibrant platform that redefines online communication with its community-driven approach. Enjoy a refreshing burst of innovation, freedom, and energetic interaction every time you connect." text: "Dive into a decentralized social experience with Mastodon, a vibrant platform that redefines online communication with its community-driven approach. Enjoy a refreshing burst of innovation, freedom, and energetic interaction every time you connect."
url: https://{{domains.mastodon}} url: https://{{domains.mastodon}}
link_text: "Join the Social Revolution!" link_text: "Join the Social Revolution!"
iframe: true iframe: {{ applications | get_landingpage_iframe_enabled('mastodon') }}
{% endif %} {% endif %}
{% if "pixelfed" in group_names %} {% if "pixelfed" in group_names %}
@ -230,7 +232,7 @@ cards:
text: "Showcase your visual story with Pixelfed, an inspiring self-hosted image sharing platform that champions creativity and privacy. Revel in a dynamic, artistic environment where every photo is a window to endless possibilities and vibrant expression." text: "Showcase your visual story with Pixelfed, an inspiring self-hosted image sharing platform that champions creativity and privacy. Revel in a dynamic, artistic environment where every photo is a window to endless possibilities and vibrant expression."
url: https://{{domains.pixelfed}} url: https://{{domains.pixelfed}}
link_text: "Share Your Vision Now!" link_text: "Share Your Vision Now!"
iframe: true iframe: {{ applications | get_landingpage_iframe_enabled('pixelfed') }}
{% endif %} {% endif %}
{% if "peertube" in group_names %} {% if "peertube" in group_names %}
@ -241,7 +243,7 @@ cards:
text: "Embrace a new era of video hosting with PeerTube, a decentralized platform that empowers creators with freedom, innovation, and a community-focused approach. Experience seamless streaming and dynamic sharing that fuels your creative ambitions." text: "Embrace a new era of video hosting with PeerTube, a decentralized platform that empowers creators with freedom, innovation, and a community-focused approach. Experience seamless streaming and dynamic sharing that fuels your creative ambitions."
url: https://{{domains.peertube}} url: https://{{domains.peertube}}
link_text: "Stream with Freedom!" link_text: "Stream with Freedom!"
iframe: true iframe: {{ applications | get_landingpage_iframe_enabled('peertube') }}
{% endif %} {% endif %}
{% if "bigbluebutton" in group_names %} {% if "bigbluebutton" in group_names %}
@ -252,7 +254,7 @@ cards:
text: "Transform online learning and collaboration with BigBlueButton, an interactive web conferencing solution designed to energize virtual classrooms and meetings. Enjoy dynamic tools and an engaging environment that makes every session a powerful learning experience." text: "Transform online learning and collaboration with BigBlueButton, an interactive web conferencing solution designed to energize virtual classrooms and meetings. Enjoy dynamic tools and an engaging environment that makes every session a powerful learning experience."
url: https://{{domains.bigbluebutton}} url: https://{{domains.bigbluebutton}}
link_text: "Start Your Virtual Session!" link_text: "Start Your Virtual Session!"
iframe: true iframe: {{ applications | get_landingpage_iframe_enabled('bigbluebutton') }}
{% endif %} {% endif %}
{% if "funkwhale" in group_names %} {% if "funkwhale" in group_names %}
@ -263,7 +265,7 @@ cards:
text: "Dive into a world of rhythm and sound with Funkwhale, an innovative self-hosted music sharing platform that celebrates creativity and community. Experience an energetic soundscape and seamless music streaming that amplifies your passion for tunes." text: "Dive into a world of rhythm and sound with Funkwhale, an innovative self-hosted music sharing platform that celebrates creativity and community. Experience an energetic soundscape and seamless music streaming that amplifies your passion for tunes."
url: https://{{domains.funkwhale}} url: https://{{domains.funkwhale}}
link_text: "Jam Out Now!" link_text: "Jam Out Now!"
iframe: true iframe: {{ applications | get_landingpage_iframe_enabled('funkwhale') }}
{% endif %} {% endif %}
{% if "joomla" in group_names %} {% if "joomla" in group_names %}
@ -274,7 +276,7 @@ cards:
text: "Elevate your website management with Joomla, a powerful content management system that fuses versatility with dynamic design. Experience a vibrant platform that inspires creativity and drives your digital presence to new, energetic heights." text: "Elevate your website management with Joomla, a powerful content management system that fuses versatility with dynamic design. Experience a vibrant platform that inspires creativity and drives your digital presence to new, energetic heights."
url: https://{{domains.joomla}} url: https://{{domains.joomla}}
link_text: "Build with Joomla Today!" link_text: "Build with Joomla Today!"
iframe: true iframe: {{ applications | get_landingpage_iframe_enabled('joomla') }}
{% endif %} {% endif %}
{% if "attendize" in group_names %} {% if "attendize" in group_names %}
@ -285,7 +287,7 @@ cards:
text: "Revolutionize your event management with Attendize, an energetic and intuitive platform designed to streamline ticketing and event planning. Enjoy a feature-rich, user-friendly solution that transforms every event into an unforgettable experience." text: "Revolutionize your event management with Attendize, an energetic and intuitive platform designed to streamline ticketing and event planning. Enjoy a feature-rich, user-friendly solution that transforms every event into an unforgettable experience."
url: https://{{domains.attendize}} url: https://{{domains.attendize}}
link_text: "Plan Your Event Now!" link_text: "Plan Your Event Now!"
iframe: true iframe: {{ applications | get_landingpage_iframe_enabled('attendize') }}
{% endif %} {% endif %}
{% if "baserow" in group_names %} {% if "baserow" in group_names %}
@ -296,7 +298,7 @@ cards:
text: "Empower your data management with Baserow, an innovative platform that makes building and managing databases both fun and efficient. Enjoy a dynamic interface, seamless collaboration, and energetic tools that supercharge your workflow." text: "Empower your data management with Baserow, an innovative platform that makes building and managing databases both fun and efficient. Enjoy a dynamic interface, seamless collaboration, and energetic tools that supercharge your workflow."
url: https://{{domains.baserow}} url: https://{{domains.baserow}}
link_text: "Manage Data with Ease!" link_text: "Manage Data with Ease!"
iframe: true iframe: {{ applications | get_landingpage_iframe_enabled('baserow') }}
{% endif %} {% endif %}
{% if "listmonk" in group_names %} {% if "listmonk" in group_names %}
@ -307,7 +309,7 @@ cards:
text: "Elevate your email marketing with Listmonk, a high-energy, self-hosted solution that offers powerful newsletter management and analytics. Enjoy an intuitive design, robust features, and a spirited approach that takes your campaigns to the next level." text: "Elevate your email marketing with Listmonk, a high-energy, self-hosted solution that offers powerful newsletter management and analytics. Enjoy an intuitive design, robust features, and a spirited approach that takes your campaigns to the next level."
url: https://{{domains.listmonk}} url: https://{{domains.listmonk}}
link_text: "Boost Your Campaigns Now!" link_text: "Boost Your Campaigns Now!"
iframe: true iframe: {{ applications | get_landingpage_iframe_enabled('listmonk') }}
{% endif %} {% endif %}
{% if "discourse" in group_names %} {% if "discourse" in group_names %}
@ -318,7 +320,7 @@ cards:
text: "Ignite community conversations with Discourse, an innovative forum platform that redefines online discussions with its modern, engaging interface. Experience an energetic, user-friendly environment that brings people together and fuels vibrant exchanges." text: "Ignite community conversations with Discourse, an innovative forum platform that redefines online discussions with its modern, engaging interface. Experience an energetic, user-friendly environment that brings people together and fuels vibrant exchanges."
url: https://{{domains.discourse}} url: https://{{domains.discourse}}
link_text: "Join the Discussion!" link_text: "Join the Discussion!"
iframe: true iframe: {{ applications | get_landingpage_iframe_enabled('discourse') }}
{% endif %} {% endif %}
{% if "matrix" in group_names %} {% if "matrix" in group_names %}
@ -329,7 +331,7 @@ cards:
text: "Step into the future of communication with Matrix, a dynamic and decentralized platform that delivers secure, real-time messaging and collaboration. Enjoy an innovative ecosystem that energizes your digital interactions and connects you globally." text: "Step into the future of communication with Matrix, a dynamic and decentralized platform that delivers secure, real-time messaging and collaboration. Enjoy an innovative ecosystem that energizes your digital interactions and connects you globally."
url: https://{{domains.matrix_synapse}} url: https://{{domains.matrix_synapse}}
link_text: "Connect on Matrix Now!" link_text: "Connect on Matrix Now!"
iframe: true iframe: {{ applications | get_landingpage_iframe_enabled('matrix') }}
{% endif %} {% endif %}
{% if "openproject" in group_names %} {% if "openproject" in group_names %}
@ -340,7 +342,7 @@ cards:
text: "Transform your project management with OpenProject, a vibrant and collaborative tool that brings clarity and energy to your planning, tracking, and team communication. Experience streamlined workflows and an innovative platform that propels your projects forward." text: "Transform your project management with OpenProject, a vibrant and collaborative tool that brings clarity and energy to your planning, tracking, and team communication. Experience streamlined workflows and an innovative platform that propels your projects forward."
url: https://{{domains.openproject}} url: https://{{domains.openproject}}
link_text: "Manage Projects Dynamically!" link_text: "Manage Projects Dynamically!"
iframe: true iframe: {{ applications | get_landingpage_iframe_enabled('openproject') }}
{% endif %} {% endif %}
{% if "gitlab" in group_names %} {% if "gitlab" in group_names %}
@ -351,7 +353,7 @@ cards:
text: "Accelerate your software development with GitLab, an energetic, all-in-one platform for source code management and continuous integration. Experience a robust, collaborative environment that empowers teams to innovate and deliver exceptional results." text: "Accelerate your software development with GitLab, an energetic, all-in-one platform for source code management and continuous integration. Experience a robust, collaborative environment that empowers teams to innovate and deliver exceptional results."
url: https://{{domains.gitlab}} url: https://{{domains.gitlab}}
link_text: "Revolutionize Your DevOps!" link_text: "Revolutionize Your DevOps!"
iframe: true iframe: {{ applications | get_landingpage_iframe_enabled('gitlab') }}
{% endif %} {% endif %}
{% if "akaunting" in group_names %} {% if "akaunting" in group_names %}
@ -362,7 +364,7 @@ cards:
text: "Empower your financial management with Akaunting, a dynamic and feature-rich accounting platform designed to simplify your bookkeeping and boost your business growth. Enjoy intuitive tools, real-time insights, and an energetic approach to your finances." text: "Empower your financial management with Akaunting, a dynamic and feature-rich accounting platform designed to simplify your bookkeeping and boost your business growth. Enjoy intuitive tools, real-time insights, and an energetic approach to your finances."
url: https://{{domains.akaunting}} url: https://{{domains.akaunting}}
link_text: "Transform Your Finances Today!" link_text: "Transform Your Finances Today!"
iframe: true iframe: {{ applications | get_landingpage_iframe_enabled('akaunting') }}
{% endif %} {% endif %}
{% if "moodle" in group_names %} {% if "moodle" in group_names %}
@ -373,7 +375,7 @@ cards:
text: "Ignite the learning experience with Moodle, a powerful and versatile platform for online education that energizes classrooms and fosters interactive learning. Embrace innovative tools, engaging content, and a dynamic community of educators and learners." text: "Ignite the learning experience with Moodle, a powerful and versatile platform for online education that energizes classrooms and fosters interactive learning. Embrace innovative tools, engaging content, and a dynamic community of educators and learners."
url: https://{{domains.moodle}} url: https://{{domains.moodle}}
link_text: "Start Learning Now!" link_text: "Start Learning Now!"
iframe: true iframe: {{ applications | get_landingpage_iframe_enabled('moodle') }}
{% endif %} {% endif %}
{% if "taiga" in group_names %} {% if "taiga" in group_names %}
@ -384,7 +386,7 @@ cards:
text: "Supercharge your project management with Taiga, a dynamic and agile tool designed for teams that thrive on creativity and collaboration. Experience a vibrant interface, robust task tracking, and an energetic platform that drives your projects to success." text: "Supercharge your project management with Taiga, a dynamic and agile tool designed for teams that thrive on creativity and collaboration. Experience a vibrant interface, robust task tracking, and an energetic platform that drives your projects to success."
url: https://{{domains.taiga}} url: https://{{domains.taiga}}
link_text: "Boost Your Projects Now!" link_text: "Boost Your Projects Now!"
iframe: true iframe: {{ applications | get_landingpage_iframe_enabled('taiga') }}
{% endif %} {% endif %}
{% if "friendica" in group_names %} {% if "friendica" in group_names %}
@ -395,7 +397,7 @@ cards:
text: "Connect and share like never before with Friendica, an innovative social networking platform that celebrates community, freedom, and dynamic interactions. Enjoy a spirited and open environment where every connection is a step toward a more engaging digital world." text: "Connect and share like never before with Friendica, an innovative social networking platform that celebrates community, freedom, and dynamic interactions. Enjoy a spirited and open environment where every connection is a step toward a more engaging digital world."
url: https://{{domains.friendica}} url: https://{{domains.friendica}}
link_text: "Join the Social Movement!" link_text: "Join the Social Movement!"
iframe: true iframe: {{ applications | get_landingpage_iframe_enabled('friendica') }}
{% endif %} {% endif %}
{% if "portfolio" in group_names %} {% if "portfolio" in group_names %}
@ -406,7 +408,7 @@ cards:
text: "Showcase your professional journey with Portfolio, a dynamic platform that combines creativity and functionality to highlight your achievements. Experience an energetic design, intuitive features, and a compelling way to present your work to the world." text: "Showcase your professional journey with Portfolio, a dynamic platform that combines creativity and functionality to highlight your achievements. Experience an energetic design, intuitive features, and a compelling way to present your work to the world."
url: https://{{domains.portfolio}} url: https://{{domains.portfolio}}
link_text: "Elevate Your Profile Now!" link_text: "Elevate Your Profile Now!"
iframe: true iframe: {{ applications | get_landingpage_iframe_enabled('portfolio') }}
{% endif %} {% endif %}
{% if "bluesky" in group_names %} {% if "bluesky" in group_names %}
@ -417,7 +419,7 @@ cards:
text: "Soar to new digital heights with Bluesky, an innovative platform that reimagines social networking with its forward-thinking, community-driven approach. Experience a burst of energy, creativity, and the freedom to connect in a truly inspiring way." text: "Soar to new digital heights with Bluesky, an innovative platform that reimagines social networking with its forward-thinking, community-driven approach. Experience a burst of energy, creativity, and the freedom to connect in a truly inspiring way."
url: https://{{domains.bluesky}} url: https://{{domains.bluesky}}
link_text: "Soar with Bluesky Today!" link_text: "Soar with Bluesky Today!"
iframe: true iframe: {{ applications | get_landingpage_iframe_enabled('bluesky') }}
{% endif %} {% endif %}
@ -429,7 +431,7 @@ cards:
text: "Unlock comprehensive insights with our extensive documentation. Explore guides, tutorials, and support resources designed to help you navigate our software effortlessly." text: "Unlock comprehensive insights with our extensive documentation. Explore guides, tutorials, and support resources designed to help you navigate our software effortlessly."
url: https://{{domains.sphinx}} url: https://{{domains.sphinx}}
link_text: "Explore Documentation Now!" link_text: "Explore Documentation Now!"
iframe: true iframe: {{ applications | get_landingpage_iframe_enabled('sphinx') }}
{% endif %} {% endif %}
@ -442,7 +444,7 @@ cards:
text: "Manage your databases with confidence using PHPMyAdmin, a robust and dynamic tool designed to simplify administration and enhance productivity. Enjoy an intuitive interface, powerful features, and an energetic approach that makes database management a breeze." text: "Manage your databases with confidence using PHPMyAdmin, a robust and dynamic tool designed to simplify administration and enhance productivity. Enjoy an intuitive interface, powerful features, and an energetic approach that makes database management a breeze."
url: https://{{domains.phpmyadmin}} url: https://{{domains.phpmyadmin}}
link_text: "Optimize Your Database Now!" link_text: "Optimize Your Database Now!"
iframe: true iframe: {{ applications | get_landingpage_iframe_enabled('phpmyadmin') }}
{% endif %} {% endif %}
{% if "snipe_it" in group_names %} {% if "snipe_it" in group_names %}
@ -453,7 +455,7 @@ cards:
text: "Streamline your asset management with SNIPE-IT, a cutting-edge solution that brings efficiency, clarity, and energy to tracking your hardware and software inventory. Experience a user-friendly design and dynamic features that make asset management simple and engaging." text: "Streamline your asset management with SNIPE-IT, a cutting-edge solution that brings efficiency, clarity, and energy to tracking your hardware and software inventory. Experience a user-friendly design and dynamic features that make asset management simple and engaging."
url: https://{{domains.snipe_it}} url: https://{{domains.snipe_it}}
link_text: "Manage Assets Effortlessly!" link_text: "Manage Assets Effortlessly!"
iframe: true iframe: {{ applications | get_landingpage_iframe_enabled('snipe_it') }}
{% endif %} {% endif %}
@ -540,7 +542,7 @@ navigation:
icon: icon:
class: fa-brands fa-discourse class: fa-brands fa-discourse
url: https://{{domains.discourse}}/ url: https://{{domains.discourse}}/
iframe: true iframe: {{ applications | get_landingpage_iframe_enabled('discourse') }}
{% endif %} {% endif %}
{% if "moodle" in group_names %} {% if "moodle" in group_names %}
@ -550,7 +552,7 @@ navigation:
icon: icon:
class: fa-solid fa-graduation-cap class: fa-solid fa-graduation-cap
url: https://{{domains.moodle}}/ url: https://{{domains.moodle}}/
iframe: true iframe: {{ applications | get_landingpage_iframe_enabled('moodle') }}
{% endif %} {% endif %}
{% if "listmonk" in group_names %} {% if "listmonk" in group_names %}
@ -560,7 +562,7 @@ navigation:
icon: icon:
class: fa-solid fa-envelope-open-text class: fa-solid fa-envelope-open-text
url: https://{{domains.listmonk}}/subscription/form url: https://{{domains.listmonk}}/subscription/form
iframe: true iframe: {{ applications | get_landingpage_iframe_enabled('listmonk') }}
{% endif %} {% endif %}
{% endif %} {% endif %}
@ -579,7 +581,7 @@ navigation:
icon: icon:
class: fa-solid fa-tasks class: fa-solid fa-tasks
url: https://{{domains.openproject}}/ url: https://{{domains.openproject}}/
iframe: true iframe: {{ applications | get_landingpage_iframe_enabled('openproject') }}
{% endif %} {% endif %}
{% if "taiga" in group_names %} {% if "taiga" in group_names %}
@ -589,7 +591,7 @@ navigation:
icon: icon:
class: bi bi-clipboard2-check-fill class: bi bi-clipboard2-check-fill
url: https://{{domains.taiga}}/ url: https://{{domains.taiga}}/
iframe: true iframe: {{ applications | get_landingpage_iframe_enabled('taiga') }}
{% endif %} {% endif %}
{% if "snipe_it" in group_names %} {% if "snipe_it" in group_names %}
@ -599,7 +601,7 @@ navigation:
icon: icon:
class: fas fa-box-open class: fas fa-box-open
url: https://{{domains.snipe_it}}/ url: https://{{domains.snipe_it}}/
iframe: true iframe: {{ applications | get_landingpage_iframe_enabled('snipe_it') }}
{% endif %} {% endif %}
{% endif %} {% endif %}
@ -617,7 +619,7 @@ navigation:
icon: icon:
class: fa-solid fa-comment class: fa-solid fa-comment
url: https://{{domains.matrix_element}}/ url: https://{{domains.matrix_element}}/
iframe: true iframe: {{ applications | get_landingpage_iframe_enabled('matrix') }}
{% endif %} {% endif %}
{% if "bigbluebutton" in group_names %} {% if "bigbluebutton" in group_names %}
@ -627,7 +629,7 @@ navigation:
icon: icon:
class: fa-solid fa-video class: fa-solid fa-video
url: https://{{domains.bigbluebutton}}/ url: https://{{domains.bigbluebutton}}/
iframe: true iframe: {{ applications | get_landingpage_iframe_enabled('bigbluebutton') }}
{% endif %} {% endif %}
{% if "mailu" in group_names %} {% if "mailu" in group_names %}
@ -637,7 +639,7 @@ navigation:
icon: icon:
class: fa-solid fa-envelope class: fa-solid fa-envelope
url: https://{{domains.mailu}}/ url: https://{{domains.mailu}}/
iframe: true iframe: {{ applications | get_landingpage_iframe_enabled('mailu') }}
{% endif %} {% endif %}
{% endif %} {% endif %}
@ -655,7 +657,7 @@ navigation:
icon: icon:
class: fa-solid fa-chart-simple class: fa-solid fa-chart-simple
url: https://{{domains.matomo}}/ url: https://{{domains.matomo}}/
iframe: true iframe: {{ applications | get_landingpage_iframe_enabled('matomo') }}
{% endif %} {% endif %}
{% if "phpmyadmin" in group_names %} {% if "phpmyadmin" in group_names %}
@ -665,7 +667,7 @@ navigation:
icon: icon:
class: fas fa-database class: fas fa-database
url: https://{{domains.phpmyadmin}}/ url: https://{{domains.phpmyadmin}}/
iframe: true iframe: {{ applications | get_landingpage_iframe_enabled('phpmyadmin') }}
{% endif %} {% endif %}
{% if "keycloak" in group_names %} {% if "keycloak" in group_names %}
@ -675,7 +677,7 @@ navigation:
icon: icon:
class: fas fa-user-shield class: fas fa-user-shield
url: https://{{domains.keycloak}}/admin url: https://{{domains.keycloak}}/admin
iframe: true iframe: {{ applications | get_landingpage_iframe_enabled('keycloak') }}
{% endif %} {% endif %}
{% if "ldap" in group_names %} {% if "ldap" in group_names %}
@ -685,7 +687,7 @@ navigation:
icon: icon:
class: fas fa-key class: fas fa-key
url: https://{{domains.ldap}}/ url: https://{{domains.ldap}}/
iframe: true iframe: {{ applications | get_landingpage_iframe_enabled('ldap') }}
{% endif %} {% endif %}
{% endif %} {% endif %}
@ -703,7 +705,7 @@ navigation:
icon: icon:
class: fa-solid fa-table class: fa-solid fa-table
url: https://{{domains.baserow}}/ url: https://{{domains.baserow}}/
iframe: true iframe: {{ applications | get_landingpage_iframe_enabled('baserow') }}
{% endif %} {% endif %}
{% if "yourls" in group_names %} {% if "yourls" in group_names %}
@ -713,7 +715,7 @@ navigation:
icon: icon:
class: bi bi-link class: bi bi-link
url: https://{{domains.yourls}}/admin/ url: https://{{domains.yourls}}/admin/
iframe: true iframe: {{ applications | get_landingpage_iframe_enabled('yourls') }}
{% endif %} {% endif %}
{% if "nextcloud" in group_names %} {% if "nextcloud" in group_names %}
@ -723,7 +725,7 @@ navigation:
icon: icon:
class: fa-solid fa-cloud class: fa-solid fa-cloud
url: https://{{domains.nextcloud}}/ url: https://{{domains.nextcloud}}/
iframe: true iframe: {{ applications | get_landingpage_iframe_enabled('nextcloud') }}
{% endif %} {% endif %}
{% endif %} {% endif %}
@ -762,7 +764,7 @@ navigation:
icon: icon:
class: fas fa-book class: fas fa-book
url: https://{{domains.sphinx}} url: https://{{domains.sphinx}}
iframe: true iframe: {{ applications | get_landingpage_iframe_enabled('sphinx') }}
{% endif %} {% endif %}

4
roles/nginx-docker-reverse-proxy/templates/iframe.conf.j2 Normal file
View File

@ -0,0 +1,4 @@
{% if landingpage_iframe_enabled | bool %}
add_header X-Frame-Options "SAMEORIGIN" always; # Allow iframe embedding only from the same origin
add_header Content-Security-Policy "frame-ancestors {{primary_domain}};" always; # Restrict embedding to the specified primary domain
{% endif %}

7
roles/nginx-docker-reverse-proxy/templates/proxy_pass.conf.j2
View File

@ -14,12 +14,7 @@ location {{location | default("/")}}
proxy_set_header X-Forwarded-Port 443; proxy_set_header X-Forwarded-Port 443;
proxy_set_header Accept-Encoding ""; proxy_set_header Accept-Encoding "";
{% include 'iframe.conf.j2' %}
{% if nginx.iframe | bool %}
# activate embedding via iframe
add_header X-Frame-Options "SAMEORIGIN" always;
add_header Content-Security-Policy "frame-ancestors {{primary_domain}} 'self' *.{{primary_domain}};" always;
{% endif %}
# WebSocket specific header # WebSocket specific header
proxy_http_version 1.1; proxy_http_version 1.1;

2
roles/nginx-modifier-all/tasks/main.yml
View File

@ -6,4 +6,4 @@
- name: "Activate Global Matomo Tracking for {{domain}}" - name: "Activate Global Matomo Tracking for {{domain}}"
include_role: include_role:
name: nginx-modifier-matomo name: nginx-modifier-matomo
when: global_matomo_tracking_enabled | bool when: matomo_tracking_enabled | bool

8
roles/nginx-modifier-all/templates/global.includes.conf.j2
View File

@ -2,16 +2,16 @@
sub_filter_once off; sub_filter_once off;
sub_filter_types text/html; sub_filter_types text/html;
{% if global_matomo_tracking_enabled | bool %} {% if matomo_tracking_enabled | bool %}
{# Include Global Matomo Tracking #} {# Include Global Matomo Tracking #}
{% include 'roles/nginx-modifier-matomo/templates/matomo-tracking.conf.j2' %} {% include 'roles/nginx-modifier-matomo/templates/matomo-tracking.conf.j2' %}
{% endif %} {% endif %}
{% if applications | get_css_enabled(application_id) or global_matomo_tracking_enabled | bool%} {% if css_enabled | bool or matomo_tracking_enabled | bool %}
sub_filter '</head>' '{% if global_matomo_tracking_enabled | bool %}{% include 'roles/nginx-modifier-matomo/templates/script.j2' %}{% endif %}{% if applications | get_css_enabled(application_id) %}{% include 'roles/nginx-modifier-css/templates/link.j2' %}{% endif %}</head>'; sub_filter '</head>' '{% if matomo_tracking_enabled | bool %}{% include 'roles/nginx-modifier-matomo/templates/script.j2' %}{% endif %}{% if css_enabled | bool %}{% include 'roles/nginx-modifier-css/templates/link.j2' %}{% endif %}</head>';
{% endif %} {% endif %}
{% if applications | get_css_enabled(application_id) %} {% if css_enabled | bool %}
{# Include Global CSS Location #} {# Include Global CSS Location #}
{% include 'roles/nginx-modifier-css/templates/location.conf.j2' %} {% include 'roles/nginx-modifier-css/templates/location.conf.j2' %}
{% endif %} {% endif %}

3
roles/nginx-modifier-all/vars/main.yml Normal file
View File

@ -0,0 +1,3 @@
matomo_tracking_enabled: "{{ matomo_tracking_enabled | default(applications | get_matomo_tracking_enabled(application_id)) }}"
css_enabled: "{{ css_enabled | default (applications | get_css_enabled(application_id)) }}"
landingpage_iframe_enabled: "{{ landingpage_iframe_enabled | default (applications | get_landingpage_iframe_enabled(application_id)) }}"