Add initial XWiki role draft

- Added web-app-xwiki draft role with config, vars, templates, and docs
- Registered new network and port for XWiki
- Adjusted MediaWiki canonical domain to media.wiki

https://chatgpt.com/share/68c18c65-a008-800f-8d62-b695df2c6fa1

group_vars/all/09_networks.yml

@@ -102,6 +102,8 @@ defaults_networks:
       subnet: 192.168.103.208/28
     web-app-bridgy-fed:
       subnet: 192.168.103.224/28
+    web-app-xwiki:
+      subnet: 192.168.103.240/28
 
     # /24 Networks / 254 Usable Clients
     web-app-bigbluebutton:

group_vars/all/10_ports.yml

@@ -75,6 +75,7 @@ ports:
       web-app-bluesky_view: 8051
       web-app-magento: 8052
       web-app-bridgy-fed: 8053
+      web-app-xwiki:      8054
       web-app-bigbluebutton: 48087    # This port is predefined by bbb. @todo Try to change this to a 8XXX port
   public:
     # The following ports should be changed to 22 on the subdomain via stream mapping

roles/web-app-mediawiki/config/main.yml

@@ -2,7 +2,7 @@ sitename:       "Wiki on {{ PRIMARY_DOMAIN | upper }}"
 server:
   domains:
     canonical:
-      - "wiki.{{ PRIMARY_DOMAIN }}"
+      - "media.wiki.{{ PRIMARY_DOMAIN }}"
 docker:
   services:
     database:

roles/web-app-xwiki/README.md

@@ -0,0 +1,34 @@
+# XWiki
+
+## Description
+
+Empower your organization with **XWiki**, an open-source enterprise wiki and knowledge management platform. XWiki provides powerful collaboration features, structured content management, and extensibility through applications and plugins—all under your control.
+
+## Overview
+
+This role deploys XWiki using Docker, automating the installation, configuration, and management of your XWiki server. It integrates with an external PostgreSQL database, Redis for caching and sessions, and an Nginx reverse proxy. The role supports advanced features such as global CSS injection, Matomo analytics, OIDC authentication, and centralized logout, making it a powerful and customizable solution within the Infinito.Nexus ecosystem.
+
+## Features
+
+- **Enterprise Wiki Platform:** Create, edit, and organize pages with a powerful WYSIWYG editor and structured content support.  
+- **Advanced Rights Management:** Fine-grained permissions for users, groups, and spaces.  
+- **Extensions & Applications:** Extend functionality with hundreds of available XWiki extensions and macros.  
+- **Powerful Search:** Full-text and structured search to quickly find knowledge across spaces.  
+- **Office Integration:** Import, export, and collaborate on Office documents (Word, Excel, PDF).  
+- **Customization & Theming:** Adapt the look and feel of your wiki with skins, CSS, and scripting.  
+- **Integration Ready:** Connect with external systems such as Keycloak (OIDC), LDAP, or analytics tools like Matomo.  
+- **Scalability:** Backend support with PostgreSQL and Redis for performance and session handling.  
+
+## Further Resources
+
+- [XWiki Official Website](https://www.xwiki.org/)  
+- [XWiki Documentation](https://www.xwiki.org/xwiki/bin/view/Documentation/)  
+- [XWiki GitHub Repository](https://github.com/xwiki/xwiki-platform)  
+
+## Credits
+
+Developed and maintained by **Kevin Veen-Birkenbach**.  
+Learn more at [veen.world](https://www.veen.world).  
+
+Part of the [Infinito.Nexus Project](https://s.infinito.nexus/code)  
+Licensed under [Infinito.Nexus NonCommercial License](https://s.infinito.nexus/license).  

roles/web-app-xwiki/config/main.yml

@@ -0,0 +1,31 @@
+credentials: {}
+docker:
+  services:
+    redis:
+      enabled:      false
+    database:
+      enabled:      true
+    xwiki:
+      image:        xwiki
+      version:      stable-mariadb-tomcat
+      name:         xwiki
+      backup:
+        no_stop_required: true
+  volumes:
+    data:           "xwiki_data"
+features:
+  matomo:           true
+  css:              true
+  desktop:          true
+  central_database: true
+  logout:           true
+  oidc:             true
+server:
+  csp:
+    whitelist:      {}
+    flags:          {}
+  domains:
+    canonical:
+      - "x.wiki.{{ PRIMARY_DOMAIN }}"
+rbac:
+  roles: {}

roles/web-app-xwiki/meta/main.yml

@@ -0,0 +1,21 @@
+---
+galaxy_info:
+  author: "Kevin Veen-Birkenbach"
+  description: "XWiki is an open-source enterprise wiki and knowledge management platform, offering collaboration tools, structured content, and extensibility through apps and plugins."
+  license: "Infinito.Nexus NonCommercial License"
+  license_url: "https://s.infinito.nexus/license"
+  company: | 
+    Kevin Veen-Birkenbach
+    Consulting & Coaching Solutions
+    https://www.veen.world
+  galaxy_tags: [wiki, collaboration, knowledge, documentation, cms]
+  repository: "https://s.infinito.nexus/code"
+  issue_tracker_url: "https://s.infinito.nexus/issues"
+  documentation: "https://s.infinito.nexus/code/"
+  logo:
+    class: "fas fa-book"
+  run_after:
+    - web-app-matomo
+    - web-app-keycloak
+    - web-app-mailu
+dependencies: []

roles/web-app-xwiki/tasks/main.yml

@@ -0,0 +1,7 @@
+---
+- block:
+  - name: "load docker, db and proxy for {{ application_id }}"
+    include_role: 
+      name: sys-stk-full-stateful
+  - include_tasks: utils/run_once.yml
+  when: run_once_web_app_xwiki is not defined

roles/web-app-xwiki/templates/Dockerfile.j2

@@ -0,0 +1 @@
+FROM {{ XWIKI_IMAGE }}:{{ XWIKI_VERSION }}

roles/web-app-xwiki/templates/docker-compose.yml.j2

@@ -0,0 +1,23 @@
+{% include 'roles/docker-compose/templates/base.yml.j2' %}
+  application:
+    build:
+      context: .
+      dockerfile: Dockerfile
+    image: "{{ XWIKI_IMAGE_CUSTOM }}"
+    container_name: "{{ XWIKI_CONTAINER }}"
+    hostname: '{{ XWIKI_HOSTNAME}}'
+    command: ["all"]
+    ports:
+      - "127.0.0.1:{{ ports.localhost.http[application_id] }}:{{ container_port }}"
+    volumes:
+      - 'data:/usr/local/xwiki'
+{% include 'roles/docker-container/templates/healthcheck/curl.yml.j2' %}
+{% include 'roles/docker-container/templates/base.yml.j2' %}
+{% include 'roles/docker-container/templates/depends_on/dmbs_excl.yml.j2' %}
+{% include 'roles/docker-container/templates/networks.yml.j2' %}
+
+{% include 'roles/docker-compose/templates/volumes.yml.j2' %}
+  data:
+    name: {{ XWIKI_DATA_VOLUME }}
+
+{% include 'roles/docker-compose/templates/networks.yml.j2' %}

roles/web-app-xwiki/templates/env.j2

@@ -0,0 +1,45 @@
+DB_USER="{{ database_username }}"
+DB_PASSWORD="{{ database_password }}"
+DB_HOST="{{ database_host }}"
+
+### Pretix core
+#XWIKI_XWIKI_INSTANCE_NAME="{{ PRIMARY_DOMAIN | upper }} Tickets"
+#XWIKI_XWIKI_ALLOWED_HOSTS="{{ XWIKI_HOSTNAME }},127.0.0.1,localhost"
+#XWIKI_XWIKI_URL="{{ XWIKI_URL }}"
+#XWIKI_XWIKI_AUTH_BACKENDS="xwiki.base.auth.NativeAuthBackend{% if XWIKI_OIDC_ENABLED %},xwiki_oidc.auth.OIDCAuthBackend{% endif %}"
+#
+### Locale
+#XWIKI_LOCALE_TIMEZONE="{{ HOST_TIMEZONE }}"
+#
+### Database
+#XWIKI_DATABASE_BACKEND="postgresql"
+#XWIKI_DATABASE_NAME="{{ database_name }}"
+#XWIKI_DATABASE_USER="{{ database_username }}"
+#XWIKI_DATABASE_PASSWORD="{{ database_password }}"
+#XWIKI_DATABASE_HOST="{{ database_host }}"
+#XWIKI_DATABASE_PORT="{{ database_port }}"
+#XWIKI_WEB_CONCURRENCY="{{ POSTGRES_ALLOWED_AVG_CONNECTIONS }}"
+#XWIKI_WORKER_THREADS="{{ (POSTGRES_ALLOWED_AVG_CONNECTIONS | int // 2 ) }}"
+#
+#{% if XWIKI_REDIS_ENABLED %}
+### Redis
+#XWIKI_REDIS_SESSIONS="true"
+#XWIKI_REDIS_LOCATION="redis://redis:6379/{{ XWIKI_REDIS_CACHE_DB }}"
+#CELERY_BROKER_URL="redis://redis:6379/{{ XWIKI_REDIS_BROKER_DB }}"
+#CELERY_RESULT_BACKEND="redis://redis:6379/{{ XWIKI_REDIS_RESULT_DB }}"
+#{% endif %}
+#
+#{% if XWIKI_OIDC_ENABLED %}
+### OIDC (plugin)
+#XWIKI_OIDC_TITLE="{{ XWIKI_OIDC_LABEL | replace('\"','\\\"') }}"
+#XWIKI_OIDC_ISSUER="{{ XWIKI_OIDC_ISSUER }}"
+#XWIKI_OIDC_AUTHORIZATION_ENDPOINT="{{ XWIKI_OIDC_AUTH_URL }}"
+#XWIKI_OIDC_TOKEN_ENDPOINT="{{ XWIKI_OIDC_TOKEN_URL }}"
+#XWIKI_OIDC_USERINFO_ENDPOINT="{{ XWIKI_OIDC_USERINFO_URL }}"
+#XWIKI_OIDC_END_SESSION_ENDPOINT="{{ XWIKI_OIDC_LOGOUT_URL }}"
+#XWIKI_OIDC_JWKS_URI="{{ XWIKI_OIDC_JWKS_URL }}"
+#XWIKI_OIDC_CLIENT_ID="{{ XWIKI_OIDC_CLIENT_ID }}"
+#XWIKI_OIDC_CLIENT_SECRET="{{ XWIKI_OIDC_CLIENT_SECRET }}"
+#XWIKI_OIDC_SCOPES="{{ XWIKI_OIDC_SCOPES }}"
+#XWIKI_OIDC_UNIQUE_ATTRIBUTE="{{ XWIKI_OIDC_UNIQUE_ATTRIBUTE }}"
+#{% endif %}

roles/web-app-xwiki/vars/main.yml

@@ -0,0 +1,33 @@
+# General
+application_id:                 "web-app-xwiki"
+database_type:                  "postgres"
+container_port:                 8080
+container_hostname:             "{{ domains | get_domain(application_id) }}"
+
+# Pretix
+
+## URLs
+XWIKI_URL:                     "{{ domains | get_url(application_id, WEB_PROTOCOL) }}"
+XWIKI_HOSTNAME:                "{{ container_hostname }}"
+
+## OIDC (mirrors GitLab’s pattern)
+XWIKI_OIDC_ENABLED:            "{{ applications | get_app_conf(application_id, 'features.oidc') }}"
+XWIKI_OIDC_LABEL:              "{{ OIDC.BUTTON_TEXT }}"
+XWIKI_OIDC_CLIENT_ID:          "{{ OIDC.CLIENT.ID }}"
+XWIKI_OIDC_CLIENT_SECRET:      "{{ OIDC.CLIENT.SECRET }}"
+XWIKI_OIDC_ISSUER:             "{{ OIDC.CLIENT.ISSUER_URL }}"
+XWIKI_OIDC_AUTH_URL:           "{{ OIDC.CLIENT.AUTHORIZE_URL }}"
+XWIKI_OIDC_TOKEN_URL:          "{{ OIDC.CLIENT.TOKEN_URL }}"
+XWIKI_OIDC_USERINFO_URL:       "{{ OIDC.CLIENT.USER_INFO_URL }}"
+XWIKI_OIDC_LOGOUT_URL:         "{{ OIDC.CLIENT.LOGOUT_URL }}"
+XWIKI_OIDC_JWKS_URL:           "{{ OIDC.CLIENT.CERTS }}"
+XWIKI_OIDC_SCOPES:             "openid,email,profile"
+# Use Keycloak username claim by default (plugin default is 'sub')
+XWIKI_OIDC_UNIQUE_ATTRIBUTE:   "{{ OIDC.ATTRIBUTES.USERNAME }}"
+
+## Docker
+XWIKI_IMAGE_CUSTOM:            "xwiki_custom"
+XWIKI_IMAGE:                   "{{ applications | get_app_conf(application_id, 'docker.services.xwiki.image') }}"
+XWIKI_VERSION:                 "{{ applications | get_app_conf(application_id, 'docker.services.xwiki.version') }}"
+XWIKI_CONTAINER:               "{{ applications | get_app_conf(application_id, 'docker.services.xwiki.name') }}"
+XWIKI_DATA_VOLUME:             "{{ applications | get_app_conf(application_id, 'docker.volumes.data') }}"