diff --git a/group_vars/all/00_general.yml b/group_vars/all/00_general.yml
index 7c156d49..fe0bf7d8 100644
--- a/group_vars/all/00_general.yml
+++ b/group_vars/all/00_general.yml
@@ -16,8 +16,8 @@ HOST_DECIMAL_MARK: ","
# Deployment mode
deployment_mode: "single" # Use single, if you deploy on one server. Use cluster if you setup in cluster mode.
-web_protocol: "https" # Web protocol type. Use https or http. If you run local you need to change it to http
-WEB_PORT: "{{ 443 if web_protocol == 'https' else 80 }}" # Default port web applications will listen to
+WEB_PROTOCOL: "https" # Web protocol type. Use https or http. If you run local you need to change it to http
+WEB_PORT: "{{ 443 if WEB_PROTOCOL == 'https' else 80 }}" # Default port web applications will listen to
## Domain
primary_domain_tld: "localhost" # Top Level Domain of the server
diff --git a/group_vars/all/12_oidc.yml b/group_vars/all/12_oidc.yml
index 0f6a0fe6..350d407c 100644
--- a/group_vars/all/12_oidc.yml
+++ b/group_vars/all/12_oidc.yml
@@ -12,7 +12,7 @@ _oidc_client_realm: "{{ oidc.client.realm if oidc.client is defined and
_oidc_url: "{{
(oidc.url
if (oidc is defined and oidc.url is defined)
- else web_protocol ~ '://' ~ (domains | get_domain('web-app-keycloak'))
+ else WEB_PROTOCOL ~ '://' ~ (domains | get_domain('web-app-keycloak'))
)
}}"
_oidc_client_issuer_url: "{{ _oidc_url }}/realms/{{_oidc_client_realm}}"
diff --git a/group_vars/all/15_about.yml b/group_vars/all/15_about.yml
index ad606a03..8f73a354 100644
--- a/group_vars/all/15_about.yml
+++ b/group_vars/all/15_about.yml
@@ -30,4 +30,4 @@ defaults_service_provider:
legal:
editorial_responsible: "Johannes Gutenberg"
source_code: "https://github.com/kevinveenbirkenbach/infinito-nexus"
- imprint: "{{web_protocol}}://{{ domains | get_domain('web-svc-html') }}/imprint.html"
\ No newline at end of file
+ imprint: "{{WEB_PROTOCOL}}://{{ domains | get_domain('web-svc-html') }}/imprint.html"
\ No newline at end of file
diff --git a/roles/srv-proxy-6-6-domain/tasks/main.yml b/roles/srv-proxy-6-6-domain/tasks/main.yml
index 010dcabc..43b2d07f 100644
--- a/roles/srv-proxy-6-6-domain/tasks/main.yml
+++ b/roles/srv-proxy-6-6-domain/tasks/main.yml
@@ -16,7 +16,7 @@
- name: "Check if {{ domains | get_domain(application_id) }} is reachable (only if config unchanged)"
uri:
- url: "{{ domains | get_url(application_id, web_protocol) }}"
+ url: "{{ domains | get_url(application_id, WEB_PROTOCOL) }}"
register: site_check
failed_when: false
changed_when: false
diff --git a/roles/srv-web-7-7-inj-logout/templates/head_sub.j2 b/roles/srv-web-7-7-inj-logout/templates/head_sub.j2
index cf63e7f9..2ad7de47 100644
--- a/roles/srv-web-7-7-inj-logout/templates/head_sub.j2
+++ b/roles/srv-web-7-7-inj-logout/templates/head_sub.j2
@@ -1 +1 @@
-
\ No newline at end of file
+
\ No newline at end of file
diff --git a/roles/srv-web-7-7-inj-logout/templates/logout_one_liner.js.j2 b/roles/srv-web-7-7-inj-logout/templates/logout_one_liner.js.j2
index 1ef90835..2916fbfb 100644
--- a/roles/srv-web-7-7-inj-logout/templates/logout_one_liner.js.j2
+++ b/roles/srv-web-7-7-inj-logout/templates/logout_one_liner.js.j2
@@ -1,5 +1,5 @@
initLogoutPatch(
'{{ oidc.client.logout_url }}',
- '{{ web_protocol }}',
+ '{{ WEB_PROTOCOL }}',
'{{ primary_domain }}'
);
\ No newline at end of file
diff --git a/roles/srv-web-7-7-inj-matomo/vars/main.yml b/roles/srv-web-7-7-inj-matomo/vars/main.yml
index c1d33e9c..ee68d463 100644
--- a/roles/srv-web-7-7-inj-matomo/vars/main.yml
+++ b/roles/srv-web-7-7-inj-matomo/vars/main.yml
@@ -1,4 +1,4 @@
base_domain: "{{ domain | regex_replace('^(?:.*\\.)?(.+\\..+)$', '\\1') }}"
-matomo_index_php_url: "{{ domains | get_url('web-app-matomo', web_protocol) }}/index.php"
+matomo_index_php_url: "{{ domains | get_url('web-app-matomo', WEB_PROTOCOL) }}/index.php"
matomo_auth_token: "{{ applications['web-app-matomo'].credentials.auth_token }}"
matomo_verification_url: "{{ matomo_index_php_url }}?module=API&method=SitesManager.getSitesIdFromSiteUrl&url=https://{{ base_domain }}&format=json&token_auth={{ matomo_auth_token }}"
\ No newline at end of file
diff --git a/roles/sys-hlth-webserver/templates/sys-hlth-webserver.py.j2 b/roles/sys-hlth-webserver/templates/sys-hlth-webserver.py.j2
index a6f0b12c..160a4de9 100644
--- a/roles/sys-hlth-webserver/templates/sys-hlth-webserver.py.j2
+++ b/roles/sys-hlth-webserver/templates/sys-hlth-webserver.py.j2
@@ -40,7 +40,7 @@ for filename in os.listdir(config_path):
parts = domain.split('.')
# Prepare the URL and expected status codes
- url = f"{{ web_protocol }}://{domain}"
+ url = f"{{ WEB_PROTOCOL }}://{domain}"
redirected_domains = [domain['source'] for domain in {{ current_play_domain_mappings_redirect}}]
redirected_domains.append("{{domains | get_domain('web-app-mailu')}}")
diff --git a/roles/web-app-akaunting/templates/env.j2 b/roles/web-app-akaunting/templates/env.j2
index aa67b13f..823657b6 100644
--- a/roles/web-app-akaunting/templates/env.j2
+++ b/roles/web-app-akaunting/templates/env.j2
@@ -1,5 +1,5 @@
# You should change this to match your reverse proxy DNS name and protocol
-APP_URL={{ domains | get_url(application_id, web_protocol) }}
+APP_URL={{ domains | get_url(application_id, WEB_PROTOCOL) }}
LOCALE={{ HOST_LL }}
# Don't change this unless you rename your database container or use rootless podman, in case of using rootless podman you should set it to 127.0.0.1 (NOT localhost)
diff --git a/roles/web-app-bigbluebutton/templates/env.j2 b/roles/web-app-bigbluebutton/templates/env.j2
index 77be8e13..1bfe2506 100644
--- a/roles/web-app-bigbluebutton/templates/env.j2
+++ b/roles/web-app-bigbluebutton/templates/env.j2
@@ -290,6 +290,6 @@ DEFAULT_REGISTRATION=invite
OPENID_CONNECT_CLIENT_ID={{oidc.client.id}}
OPENID_CONNECT_CLIENT_SECRET={{oidc.client.secret}}
OPENID_CONNECT_ISSUER={{oidc.client.issuer_url}}
-OPENID_CONNECT_REDIRECT={{ domains | get_url(application_id, web_protocol) }}
+OPENID_CONNECT_REDIRECT={{ domains | get_url(application_id, WEB_PROTOCOL) }}
# OPENID_CONNECT_UID_FIELD=sub default
{% endif %}
\ No newline at end of file
diff --git a/roles/web-app-bluesky/templates/docker-compose.yml.j2 b/roles/web-app-bluesky/templates/docker-compose.yml.j2
index 6a455b4b..90acd19b 100644
--- a/roles/web-app-bluesky/templates/docker-compose.yml.j2
+++ b/roles/web-app-bluesky/templates/docker-compose.yml.j2
@@ -22,8 +22,8 @@
dockerfile: Dockerfile
# It doesn't compile yet with this parameters. @todo Fix it
args:
- REACT_APP_PDS_URL: "{{ web_protocol }}://{{domains[application_id].api}}" # URL des PDS
- REACT_APP_API_URL: "{{ web_protocol }}://{{domains[application_id].api}}" # API-URL des PDS
+ REACT_APP_PDS_URL: "{{ WEB_PROTOCOL }}://{{domains[application_id].api}}" # URL des PDS
+ REACT_APP_API_URL: "{{ WEB_PROTOCOL }}://{{domains[application_id].api}}" # API-URL des PDS
REACT_APP_SITE_NAME: "{{primary_domain | upper}} - Bluesky"
REACT_APP_SITE_DESCRIPTION: "Decentral Social "
ports:
diff --git a/roles/web-app-espocrm/templates/env.j2 b/roles/web-app-espocrm/templates/env.j2
index f35cb969..d7ea70f2 100644
--- a/roles/web-app-espocrm/templates/env.j2
+++ b/roles/web-app-espocrm/templates/env.j2
@@ -23,7 +23,7 @@ ESPOCRM_ADMIN_USERNAME={{ applications | get_app_conf(application_id, 'users.adm
ESPOCRM_ADMIN_PASSWORD={{ applications | get_app_conf(application_id, 'credentials.administrator_password', True) }}
# Public base URL of the EspoCRM instance
-ESPOCRM_SITE_URL={{ domains | get_url(application_id, web_protocol) }}
+ESPOCRM_SITE_URL={{ domains | get_url(application_id, WEB_PROTOCOL) }}
# ------------------------------------------------
# General UI & locale settings
diff --git a/roles/web-app-funkwhale/templates/env.j2 b/roles/web-app-funkwhale/templates/env.j2
index 3be31181..61915291 100644
--- a/roles/web-app-funkwhale/templates/env.j2
+++ b/roles/web-app-funkwhale/templates/env.j2
@@ -37,7 +37,7 @@ FUNKWHALE_WEB_WORKERS=4
# your instance. It cannot be changed after initial deployment
# without breaking your instance.
FUNKWHALE_HOSTNAME={{domains | get_domain(application_id)}}
-FUNKWHALE_PROTOCOL={{ web_protocol }}
+FUNKWHALE_PROTOCOL={{ WEB_PROTOCOL }}
# Log level (debug, info, warning, error, critical)
LOGLEVEL={% if enable_debug | bool %}debug{% else %}error{% endif %}
diff --git a/roles/web-app-gitea/templates/env.j2 b/roles/web-app-gitea/templates/env.j2
index 6c35bae9..1d25401c 100644
--- a/roles/web-app-gitea/templates/env.j2
+++ b/roles/web-app-gitea/templates/env.j2
@@ -4,7 +4,7 @@
# General
DOMAIN={{domains | get_domain(application_id)}}
RUN_MODE="{{ 'dev' if (INFINITO_ENVIRONMENT | lower) == 'development' else 'prod' }}"
-ROOT_URL="{{ domains | get_url(application_id, web_protocol) }}/"
+ROOT_URL="{{ domains | get_url(application_id, WEB_PROTOCOL) }}/"
APP_NAME="{{ applications | get_app_conf(application_id, 'title', True) }}"
USER_UID=1000
USER_GID=1000
diff --git a/roles/web-app-keycloak/templates/import/realm.json.j2 b/roles/web-app-keycloak/templates/import/realm.json.j2
index cce08bfb..d73acfa7 100644
--- a/roles/web-app-keycloak/templates/import/realm.json.j2
+++ b/roles/web-app-keycloak/templates/import/realm.json.j2
@@ -517,7 +517,7 @@
"/realms/{{ keycloak_realm }}/account/*"
],
"webOrigins": [
- "{{ domains | get_url('web-app-keycloak', web_protocol) }}"
+ "{{ domains | get_url('web-app-keycloak', WEB_PROTOCOL) }}"
],
"notBefore": 0,
"bearerOnly": false,
@@ -825,9 +825,9 @@
"clientId": "{{ keycloak_realm }}",
"name": "",
"description": "",
- "rootUrl": "{{ web_protocol }}://{{ keycloak_realm }}/",
- "adminUrl": "{{ web_protocol }}://{{ keycloak_realm }}/",
- "baseUrl": "{{ web_protocol }}://{{ keycloak_realm }}/",
+ "rootUrl": "{{ WEB_PROTOCOL }}://{{ keycloak_realm }}/",
+ "adminUrl": "{{ WEB_PROTOCOL }}://{{ keycloak_realm }}/",
+ "baseUrl": "{{ WEB_PROTOCOL }}://{{ keycloak_realm }}/",
"surrogateAuthRequired": false,
"enabled": true,
"alwaysDisplayInConsole": false,
@@ -837,10 +837,10 @@
{%- for domain_application_id, domain in domains.items() %}
{%- if applications | get_app_conf(domain_application_id, 'features.oauth2', False) or applications | get_app_conf(domain_application_id, 'features.oidc', False) %}
{%- if domain is string %}
- {%- set _ = redirect_uris.append(web_protocol ~ '://' ~ domain ~ '/*') %}
+ {%- set _ = redirect_uris.append(WEB_PROTOCOL ~ '://' ~ domain ~ '/*') %}
{%- else %}
{%- for d in domain %}
- {%- set _ = redirect_uris.append(web_protocol ~ '://' ~ d ~ '/*') %}
+ {%- set _ = redirect_uris.append(WEB_PROTOCOL ~ '://' ~ d ~ '/*') %}
{%- endfor %}
{%- endif %}
{%- endif %}
@@ -848,7 +848,7 @@
"redirectUris": {{ redirect_uris | tojson }},
"webOrigins": [
- "{{ web_protocol }}://*.{{primary_domain}}"
+ "{{ WEB_PROTOCOL }}://*.{{primary_domain}}"
],
"notBefore": 0,
"bearerOnly": false,
@@ -865,7 +865,7 @@
"oidc.ciba.grant.enabled": "false",
"client.secret.creation.time": "0",
"backchannel.logout.session.required": "true",
- "post.logout.redirect.uris": "{{ web_protocol }}://{{primary_domain}}/*##+",
+ "post.logout.redirect.uris": "{{ WEB_PROTOCOL }}://{{primary_domain}}/*##+",
"frontchannel.logout.session.required": "true",
"oauth2.device.authorization.grant.enabled": "false",
"display.on.consent.screen": "false",
diff --git a/roles/web-app-listmonk/vars/main.yml b/roles/web-app-listmonk/vars/main.yml
index cff30363..26c9a670 100644
--- a/roles/web-app-listmonk/vars/main.yml
+++ b/roles/web-app-listmonk/vars/main.yml
@@ -8,7 +8,7 @@ listmonk_name: "{{ applications | get_app_conf(application_id, 'docker.servic
listmonk_settings:
- key: "app.root_url"
- value: '"{{ domains | get_url(application_id, web_protocol) }}"'
+ value: '"{{ domains | get_url(application_id, WEB_PROTOCOL) }}"'
- key: "app.notify_emails"
value: "{{ [ users.administrator.email ] | to_json }}"
diff --git a/roles/web-app-matomo/vars/main.yml b/roles/web-app-matomo/vars/main.yml
index 45825d7d..09f14f6f 100644
--- a/roles/web-app-matomo/vars/main.yml
+++ b/roles/web-app-matomo/vars/main.yml
@@ -5,7 +5,7 @@ database_type: "mariadb"
# Matomo
matomo_excluded_ips: "{{ applications | get_app_conf(application_id, 'excluded_ips', True) }}"
-matomo_index_php_url: "{{ domains | get_url(application_id, web_protocol) }}/index.php"
+matomo_index_php_url: "{{ domains | get_url(application_id, WEB_PROTOCOL) }}/index.php"
matomo_auth_token: "{{ applications | get_app_conf(application_id, 'credentials.auth_token', True) }}"
matomo_version: "{{ applications | get_app_conf(application_id, 'docker.services.matomo.version', True) }}"
matomo_image: "{{ applications | get_app_conf(application_id, 'docker.services.matomo.image', True) }}"
diff --git a/roles/web-app-matrix/templates/docker-compose.yml.j2 b/roles/web-app-matrix/templates/docker-compose.yml.j2
index 8d336e0d..9a3d268f 100644
--- a/roles/web-app-matrix/templates/docker-compose.yml.j2
+++ b/roles/web-app-matrix/templates/docker-compose.yml.j2
@@ -81,7 +81,7 @@
KEYV_URL: ''
KEYV_BOT_ENCRYPTION: 'false'
KEYV_BOT_STORAGE: 'true'
- MATRIX_HOMESERVER_URL: '{{ web_protocol }}://{{ domains[application_id].synapse }}'
+ MATRIX_HOMESERVER_URL: '{{ WEB_PROTOCOL }}://{{ domains[application_id].synapse }}'
MATRIX_BOT_USERNAME: '@chatgptbot:{{applications | get_app_conf(application_id, 'server_name', True)}}'
MATRIX_ACCESS_TOKEN: '{{ applications | get_app_conf(application_id, 'credentials.chatgpt_bridge_access_token', True) | default('') }}'
MATRIX_BOT_PASSWORD: '{{applications | get_app_conf(application_id, 'credentials.chatgpt_bridge_user_password', True)}}'
diff --git a/roles/web-app-matrix/templates/element.config.json.j2 b/roles/web-app-matrix/templates/element.config.json.j2
index 696c255a..ab98de9a 100644
--- a/roles/web-app-matrix/templates/element.config.json.j2
+++ b/roles/web-app-matrix/templates/element.config.json.j2
@@ -1,11 +1,11 @@
{
"default_server_config": {
"m.homeserver": {
- "base_url": "{{ web_protocol }}://{{domains[application_id].synapse}}",
+ "base_url": "{{ WEB_PROTOCOL }}://{{domains[application_id].synapse}}",
"server_name": "{{domains[application_id].synapse}}"
},
"m.identity_server": {
- "base_url": "{{ web_protocol }}://{{primary_domain}}"
+ "base_url": "{{ WEB_PROTOCOL }}://{{primary_domain}}"
}
},
"brand": "Element",
diff --git a/roles/web-app-matrix/templates/mautrix/instagram.config.yml.j2 b/roles/web-app-matrix/templates/mautrix/instagram.config.yml.j2
index 6f3905bb..0732c8b0 100644
--- a/roles/web-app-matrix/templates/mautrix/instagram.config.yml.j2
+++ b/roles/web-app-matrix/templates/mautrix/instagram.config.yml.j2
@@ -134,7 +134,7 @@ bridge:
double_puppet_allow_discovery: false
# Servers to allow double puppeting from, even if double_puppet_allow_discovery is false.
double_puppet_server_map:
- {{applications | get_app_conf(application_id, 'server_name', True)}}: {{ web_protocol }}://{{ domains[application_id].synapse }}
+ {{applications | get_app_conf(application_id, 'server_name', True)}}: {{ WEB_PROTOCOL }}://{{ domains[application_id].synapse }}
# Shared secret for https://github.com/devture/matrix-synapse-shared-secret-auth
#
# If set, custom puppets will be enabled automatically for local users
diff --git a/roles/web-app-matrix/templates/mautrix/signal.config.yml.j2 b/roles/web-app-matrix/templates/mautrix/signal.config.yml.j2
index e26e5ea6..e5ef5960 100644
--- a/roles/web-app-matrix/templates/mautrix/signal.config.yml.j2
+++ b/roles/web-app-matrix/templates/mautrix/signal.config.yml.j2
@@ -141,7 +141,7 @@ bridge:
federate_rooms: true
# Servers to always allow double puppeting from
double_puppet_server_map:
- {{applications | get_app_conf(application_id, 'server_name', True)}}: {{ web_protocol }}://{{ domains[application_id].synapse }}
+ {{applications | get_app_conf(application_id, 'server_name', True)}}: {{ WEB_PROTOCOL }}://{{ domains[application_id].synapse }}
# Allow using double puppeting from any server with a valid client .well-known file.
double_puppet_allow_discovery: false
# Shared secrets for https://github.com/devture/matrix-synapse-shared-secret-auth
diff --git a/roles/web-app-matrix/templates/mautrix/slack.config.yml.j2 b/roles/web-app-matrix/templates/mautrix/slack.config.yml.j2
index 70b20729..917f096f 100644
--- a/roles/web-app-matrix/templates/mautrix/slack.config.yml.j2
+++ b/roles/web-app-matrix/templates/mautrix/slack.config.yml.j2
@@ -118,7 +118,7 @@ bridge:
# Servers to always allow double puppeting from
double_puppet_server_map:
- {{applications | get_app_conf(application_id, 'server_name', True)}}: {{ web_protocol }}://{{ domains[application_id].synapse }}
+ {{applications | get_app_conf(application_id, 'server_name', True)}}: {{ WEB_PROTOCOL }}://{{ domains[application_id].synapse }}
# Allow using double puppeting from any server with a valid client .well-known file.
double_puppet_allow_discovery: false
# Shared secrets for https://github.com/devture/matrix-synapse-shared-secret-auth
diff --git a/roles/web-app-matrix/templates/mautrix/telegram.config.yml.j2 b/roles/web-app-matrix/templates/mautrix/telegram.config.yml.j2
index 9155f733..5984b640 100644
--- a/roles/web-app-matrix/templates/mautrix/telegram.config.yml.j2
+++ b/roles/web-app-matrix/templates/mautrix/telegram.config.yml.j2
@@ -198,7 +198,7 @@ bridge:
sync_direct_chat_list: false
# Servers to always allow double puppeting from
double_puppet_server_map:
- {{applications | get_app_conf(application_id, 'server_name', True)}}: {{ web_protocol }}://{{ domains[application_id].synapse }}
+ {{applications | get_app_conf(application_id, 'server_name', True)}}: {{ WEB_PROTOCOL }}://{{ domains[application_id].synapse }}
# Allow using double puppeting from any server with a valid client .well-known file.
double_puppet_allow_discovery: false
# Shared secrets for https://github.com/devture/matrix-synapse-shared-secret-auth
diff --git a/roles/web-app-matrix/templates/mautrix/whatsapp.config.yml.j2 b/roles/web-app-matrix/templates/mautrix/whatsapp.config.yml.j2
index 3ca80c87..ba3f0683 100644
--- a/roles/web-app-matrix/templates/mautrix/whatsapp.config.yml.j2
+++ b/roles/web-app-matrix/templates/mautrix/whatsapp.config.yml.j2
@@ -236,7 +236,7 @@ bridge:
force_active_delivery_receipts: false
# Servers to always allow double puppeting from
double_puppet_server_map:
- {{applications | get_app_conf(application_id, 'server_name', True)}}: {{ web_protocol }}://{{ domains[application_id].synapse }}
+ {{applications | get_app_conf(application_id, 'server_name', True)}}: {{ WEB_PROTOCOL }}://{{ domains[application_id].synapse }}
# Allow using double puppeting from any server with a valid client .well-known file.
double_puppet_allow_discovery: false
# Shared secrets for https://github.com/devture/matrix-synapse-shared-secret-auth
diff --git a/roles/web-app-matrix/templates/synapse/homeserver.yaml.j2 b/roles/web-app-matrix/templates/synapse/homeserver.yaml.j2
index 758d29fb..ad219c6c 100644
--- a/roles/web-app-matrix/templates/synapse/homeserver.yaml.j2
+++ b/roles/web-app-matrix/templates/synapse/homeserver.yaml.j2
@@ -25,8 +25,8 @@ report_stats: true
macaroon_secret_key: "{{applications | get_app_conf(application_id, 'credentials.macaroon_secret_key', True)}}"
form_secret: "{{applications | get_app_conf(application_id, 'credentials.form_secret', True)}}"
signing_key_path: "/data/{{domains[application_id].synapse}}.signing.key"
-web_client_location: "{{ web_protocol }}://{{domains[application_id].element}}"
-public_baseurl: "{{ web_protocol }}://{{domains[application_id].synapse}}"
+web_client_location: "{{ WEB_PROTOCOL }}://{{domains[application_id].element}}"
+public_baseurl: "{{ WEB_PROTOCOL }}://{{domains[application_id].synapse}}"
trusted_key_servers:
- server_name: "matrix.org"
admin_contact: 'mailto:{{ users.administrator.email }}'
diff --git a/roles/web-app-moodle/tasks/oidc.yml b/roles/web-app-moodle/tasks/oidc.yml
index 1e4dc292..74053323 100644
--- a/roles/web-app-moodle/tasks/oidc.yml
+++ b/roles/web-app-moodle/tasks/oidc.yml
@@ -39,7 +39,7 @@
- { name: "field_lock_lastname", value: "locked" }
- { name: "field_map_email", value: "locked" }
#- { name: "showloginform", value: 0 } # Deactivate if OIDC is active
- - { name: "alternateloginurl", value: "{{ domains | get_url(application_id, web_protocol) }}/auth/oidc/" }
+ - { name: "alternateloginurl", value: "{{ domains | get_url(application_id, WEB_PROTOCOL) }}/auth/oidc/" }
loop_control:
label: "{{ item.name }}"
command: >
diff --git a/roles/web-app-navigator/config/main.yml b/roles/web-app-navigator/config/main.yml
index dc4b5fe5..06f78a4d 100644
--- a/roles/web-app-navigator/config/main.yml
+++ b/roles/web-app-navigator/config/main.yml
@@ -16,7 +16,7 @@ server:
font-src:
- https://cdnjs.cloudflare.com
frame-src:
- - "{{ web_protocol }}://*.{{primary_domain}}" # Makes sense that all of the website content is available in the navigator
+ - "{{ WEB_PROTOCOL }}://*.{{primary_domain}}" # Makes sense that all of the website content is available in the navigator
flags:
style-src:
unsafe-inline: true
diff --git a/roles/web-app-nextcloud/templates/env.j2 b/roles/web-app-nextcloud/templates/env.j2
index 519fae77..e57bbd40 100644
--- a/roles/web-app-nextcloud/templates/env.j2
+++ b/roles/web-app-nextcloud/templates/env.j2
@@ -32,7 +32,7 @@ NEXTCLOUD_ADMIN_PASSWORD= "{{applications | get_app_conf(application_id, '
NEXTCLOUD_TRUSTED_DOMAINS= "{{ domains[application_id] | select | join(',') }}"
# Whitelist local docker gateway in Nextcloud to prevent brute-force throtteling
TRUSTED_PROXIES= "{{ networks.internet.values() | select | join(',') }}"
-OVERWRITECLIURL= "{{ domains | get_url(application_id, web_protocol) }}"
+OVERWRITECLIURL= "{{ domains | get_url(application_id, WEB_PROTOCOL) }}"
OVERWRITEPROTOCOL= "https"
# Redis Configuration
diff --git a/roles/web-app-nextcloud/vars/plugins/bbb.yml b/roles/web-app-nextcloud/vars/plugins/bbb.yml
index f490e9e9..97d0f787 100644
--- a/roles/web-app-nextcloud/vars/plugins/bbb.yml
+++ b/roles/web-app-nextcloud/vars/plugins/bbb.yml
@@ -4,4 +4,4 @@ plugin_configuration:
configvalue: "{{ applications | get_app_conf('web-app-bigbluebutton', 'credentials.shared_secret', False,'') }}"
- appid: "bbb"
configkey: "api.url"
- configvalue: "{{ domains | get_url('web-app-bigbluebutton', web_protocol) }}{{ applications | get_app_conf('web-app-bigbluebutton', 'api_suffix', False,'') }}"
\ No newline at end of file
+ configvalue: "{{ domains | get_url('web-app-bigbluebutton', WEB_PROTOCOL) }}{{ applications | get_app_conf('web-app-bigbluebutton', 'api_suffix', False,'') }}"
\ No newline at end of file
diff --git a/roles/web-app-nextcloud/vars/system.yml b/roles/web-app-nextcloud/vars/system.yml
index b2fe9940..9d75f3b2 100644
--- a/roles/web-app-nextcloud/vars/system.yml
+++ b/roles/web-app-nextcloud/vars/system.yml
@@ -18,4 +18,4 @@ nextcloud_system_config:
value: "{{domains | get_domain(application_id)}}"
- parameter: "overwrite.cli.url"
- value: "{{ domains | get_url(application_id, web_protocol) }}"
\ No newline at end of file
+ value: "{{ domains | get_url(application_id, WEB_PROTOCOL) }}"
\ No newline at end of file
diff --git a/roles/web-app-oauth2-proxy/templates/oauth2-proxy-keycloak.cfg.j2 b/roles/web-app-oauth2-proxy/templates/oauth2-proxy-keycloak.cfg.j2
index 6fd06d7c..7ee0d63d 100644
--- a/roles/web-app-oauth2-proxy/templates/oauth2-proxy-keycloak.cfg.j2
+++ b/roles/web-app-oauth2-proxy/templates/oauth2-proxy-keycloak.cfg.j2
@@ -8,7 +8,7 @@ whitelist_domains = [".{{ primary_domain }}"]
# keycloak provider
client_secret = "{{ oidc.client.secret }}"
client_id = "{{ oidc.client.id }}"
-redirect_url = "{{ web_protocol }}://{{ domains | get_domain(oauth2_proxy_application_id) }}/oauth2/callback"
+redirect_url = "{{ WEB_PROTOCOL }}://{{ domains | get_domain(oauth2_proxy_application_id) }}/oauth2/callback"
oidc_issuer_url = "{{ oidc.client.issuer_url }}"
provider = "oidc"
provider_display_name = "{{ oidc.button_text }}"
diff --git a/roles/web-app-phpldapadmin/templates/env.j2 b/roles/web-app-phpldapadmin/templates/env.j2
index c7c8ef6c..cad768fe 100644
--- a/roles/web-app-phpldapadmin/templates/env.j2
+++ b/roles/web-app-phpldapadmin/templates/env.j2
@@ -1,3 +1,3 @@
# @See https://github.com/leenooks/phpLDAPadmin/wiki/Docker-Container
-APP_URL= {{ domains | get_url(application_id, web_protocol) }}
+APP_URL= {{ domains | get_url(application_id, WEB_PROTOCOL) }}
LDAP_HOST= {{ldap.server.domain}}
\ No newline at end of file
diff --git a/roles/web-app-pixelfed/templates/env.j2 b/roles/web-app-pixelfed/templates/env.j2
index f9c11fdc..43e9315e 100644
--- a/roles/web-app-pixelfed/templates/env.j2
+++ b/roles/web-app-pixelfed/templates/env.j2
@@ -5,7 +5,7 @@ APP_KEY={{applications | get_app_conf(application_id, 'credentials.app_key', Tru
APP_NAME="{{ pixelfed_titel }}"
APP_ENV={{ INFINITO_ENVIRONMENT | lower }}
APP_DEBUG={{enable_debug | string | lower }}
-APP_URL={{ domains | get_url(application_id, web_protocol) }}
+APP_URL={{ domains | get_url(application_id, WEB_PROTOCOL) }}
APP_DOMAIN="{{domains | get_domain(application_id)}}"
ADMIN_DOMAIN="{{domains | get_domain(application_id)}}"
SESSION_DOMAIN="{{domains | get_domain(application_id)}}"
diff --git a/roles/web-app-port-ui/config/main.yml b/roles/web-app-port-ui/config/main.yml
index a67e53cf..7d12b6f3 100644
--- a/roles/web-app-port-ui/config/main.yml
+++ b/roles/web-app-port-ui/config/main.yml
@@ -20,7 +20,7 @@ server:
connect-src:
- https://ka-f.fontawesome.com
frame-src:
- - "{{ web_protocol }}://*.{{primary_domain}}"
+ - "{{ WEB_PROTOCOL }}://*.{{primary_domain}}"
flags:
style-src:
unsafe-inline: true
diff --git a/roles/web-app-port-ui/tasks/main.yml b/roles/web-app-port-ui/tasks/main.yml
index 8137c5b6..85dd8418 100644
--- a/roles/web-app-port-ui/tasks/main.yml
+++ b/roles/web-app-port-ui/tasks/main.yml
@@ -25,7 +25,7 @@
- name: "Load images for applications feature simpleicons is enabled "
set_fact:
- portfolio_cards: "{{ portfolio_cards | add_simpleicon_source(domains, web_protocol) }}"
+ portfolio_cards: "{{ portfolio_cards | add_simpleicon_source(domains, WEB_PROTOCOL) }}"
when:
- (applications | get_app_conf(application_id, 'features.simpleicons', False))
- run_once_docker_portfolio is not defined
diff --git a/roles/web-app-port-ui/templates/menu/followus.yml.j2 b/roles/web-app-port-ui/templates/menu/followus.yml.j2
index 37f09f96..0b7b7a96 100644
--- a/roles/web-app-port-ui/templates/menu/followus.yml.j2
+++ b/roles/web-app-port-ui/templates/menu/followus.yml.j2
@@ -10,7 +10,7 @@ followus:
description: Follow {{ 'our' if service_provider.type == 'legal' else 'my' }} updates on Mastodon.
icon:
class: fa-brands fa-mastodon
- url: "{{ web_protocol }}://{{ service_provider.contact.mastodon.split('@')[2] }}/@{{ service_provider.contact.mastodon.split('@')[1] }}"
+ url: "{{ WEB_PROTOCOL }}://{{ service_provider.contact.mastodon.split('@')[2] }}/@{{ service_provider.contact.mastodon.split('@')[1] }}"
identifier: "{{service_provider.contact.mastodon}}"
iframe: {{ applications | get_app_conf('web-app-mastodon','features.port-ui-desktop',True) }}
{% endif %}
@@ -30,7 +30,7 @@ followus:
icon:
class: fa-solid fa-camera
identifier: "{{service_provider.contact.pixelfed}}"
- url: "{{ web_protocol }}://{{ service_provider.contact.pixelfed.split('@')[2] }}/@{{ service_provider.contact.pixelfed.split('@')[1] }}"
+ url: "{{ WEB_PROTOCOL }}://{{ service_provider.contact.pixelfed.split('@')[2] }}/@{{ service_provider.contact.pixelfed.split('@')[1] }}"
iframe: {{ applications | get_app_conf('web-app-pixelfed','features.port-ui-desktop',True) }}
{% endif %}
{% if service_provider.contact.peertube is defined and service_provider.contact.peertube != "" %}
@@ -39,7 +39,7 @@ followus:
icon:
class: fa-solid fa-video
identifier: "{{service_provider.contact.peertube}}"
- url: "{{ web_protocol }}://{{ service_provider.contact.peertube.split('@')[2] }}/@{{ service_provider.contact.peertube.split('@')[1] }}"
+ url: "{{ WEB_PROTOCOL }}://{{ service_provider.contact.peertube.split('@')[2] }}/@{{ service_provider.contact.peertube.split('@')[1] }}"
iframe: {{ applications | get_app_conf('web-app-peertube','features.port-ui-desktop',True) }}
{% endif %}
{% if service_provider.contact.wordpress is defined and service_provider.contact.wordpress != "" %}
@@ -48,7 +48,7 @@ followus:
icon:
class: fa-solid fa-blog
identifier: "{{service_provider.contact.wordpress}}"
- url: "{{ web_protocol }}://{{ service_provider.contact.wordpress.split('@')[2] }}/@{{ service_provider.contact.wordpress.split('@')[1] }}"
+ url: "{{ WEB_PROTOCOL }}://{{ service_provider.contact.wordpress.split('@')[2] }}/@{{ service_provider.contact.wordpress.split('@')[1] }}"
iframe: {{ applications | get_app_conf('web-app-wordpress','features.port-ui-desktop',True) }}
{% endif %}
{% if service_provider.contact.friendica is defined and service_provider.contact.friendica != "" %}
@@ -57,6 +57,6 @@ followus:
icon:
class: fas fa-net-wired
identifier: "{{service_provider.contact.friendica}}"
- url: "{{ web_protocol }}://{{ service_provider.contact.friendica.split('@')[2] }}/@{{ service_provider.contact.friendica.split('@')[1] }}"
+ url: "{{ WEB_PROTOCOL }}://{{ service_provider.contact.friendica.split('@')[2] }}/@{{ service_provider.contact.friendica.split('@')[1] }}"
iframe: {{ applications | get_app_conf('web-app-friendica','features.port-ui-desktop',True) }}
{% endif %}
diff --git a/roles/web-app-port-ui/templates/menu/header.yml.j2 b/roles/web-app-port-ui/templates/menu/header.yml.j2
index a684941a..d8715c18 100644
--- a/roles/web-app-port-ui/templates/menu/header.yml.j2
+++ b/roles/web-app-port-ui/templates/menu/header.yml.j2
@@ -15,4 +15,4 @@
description: Reload the application
icon:
class: fa-solid fa-rotate-right
- url: "{{ web_protocol }}://{{ domains | get_domain('web-app-port-ui') }}"
\ No newline at end of file
+ url: "{{ WEB_PROTOCOL }}://{{ domains | get_domain('web-app-port-ui') }}"
\ No newline at end of file
diff --git a/roles/web-app-snipe-it/vars/main.yml b/roles/web-app-snipe-it/vars/main.yml
index 457377dc..16c3ad84 100644
--- a/roles/web-app-snipe-it/vars/main.yml
+++ b/roles/web-app-snipe-it/vars/main.yml
@@ -9,7 +9,7 @@ database_type: "mariadb"
docker_compose_flush_handlers: true
# Snipe-IT specific
-snipe_it_url: "{{ domains | get_url(application_id, web_protocol) }}"
+snipe_it_url: "{{ domains | get_url(application_id, WEB_PROTOCOL) }}"
snipe_it_version: "{{ applications | get_app_conf(application_id, 'docker.services.snipe-it.version', True) }}"
snipe_it_image: "{{ applications | get_app_conf(application_id, 'docker.services.snipe-it.image', True) }}"
snipe_it_container: "{{ applications | get_app_conf(application_id, 'docker.services.snipe-it.name', True) }}"
diff --git a/roles/web-app-syncope/templates/docker-compose.yml.j2 b/roles/web-app-syncope/templates/docker-compose.yml.j2
index 3249ac64..29cca60b 100644
--- a/roles/web-app-syncope/templates/docker-compose.yml.j2
+++ b/roles/web-app-syncope/templates/docker-compose.yml.j2
@@ -10,7 +10,7 @@
environment:
SPRING_PROFILES_ACTIVE: docker,postgresql,saml2
OPENJPA_REMOTE_COMMIT: sjvm
- SERVICE_DISCOVERY_ADDRESS: {{ domains | get_url(application_id, web_protocol) }}/{{syncope_paths[rest]}}/
+ SERVICE_DISCOVERY_ADDRESS: {{ domains | get_url(application_id, WEB_PROTOCOL) }}/{{syncope_paths[rest]}}/
# database variablen auslesen
console:
@@ -22,7 +22,7 @@
restart: always
environment:
SPRING_PROFILES_ACTIVE: docker,saml2
- SERVICE_DISCOVERY_ADDRESS: {{ domains | get_url(application_id, web_protocol) }}/{{syncope_paths[console]}}/
+ SERVICE_DISCOVERY_ADDRESS: {{ domains | get_url(application_id, WEB_PROTOCOL) }}/{{syncope_paths[console]}}/
enduser:
depends_on:
@@ -33,6 +33,6 @@
restart: always
environment:
SPRING_PROFILES_ACTIVE: docker,saml2
- SERVICE_DISCOVERY_ADDRESS: {{ domains | get_url(application_id, web_protocol) }}/{{syncope_paths[enduser]}}/
+ SERVICE_DISCOVERY_ADDRESS: {{ domains | get_url(application_id, WEB_PROTOCOL) }}/{{syncope_paths[enduser]}}/
{% include 'roles/docker-compose/templates/networks.yml.j2' %}
\ No newline at end of file
diff --git a/roles/web-app-syncope/templates/proxy.conf b/roles/web-app-syncope/templates/proxy.conf
index d12cd18b..2fd72f68 100644
--- a/roles/web-app-syncope/templates/proxy.conf
+++ b/roles/web-app-syncope/templates/proxy.conf
@@ -16,7 +16,7 @@ server
{% include 'roles/srv-web-7-7-letsencrypt/templates/ssl_header.j2' %}
{% for path in syncope_paths.values() %}
- {% set location = web_protocol ~ '://' ~ domains | get_domain(application_id) ~ '/' ~ path ~ '/' %}
+ {% set location = WEB_PROTOCOL ~ '://' ~ domains | get_domain(application_id) ~ '/' ~ path ~ '/' %}
{% include 'roles/srv-proxy-7-4-core/templates/location/html.conf.j2'%}
{% endfor %}
}
\ No newline at end of file
diff --git a/roles/web-app-wordpress/tasks/install.yml b/roles/web-app-wordpress/tasks/install.yml
index d0a9e0f2..1617b0eb 100644
--- a/roles/web-app-wordpress/tasks/install.yml
+++ b/roles/web-app-wordpress/tasks/install.yml
@@ -2,7 +2,7 @@
command: >
docker-compose exec -T -u www-data application
wp core install
- --url="{{ domains | get_url(application_id, web_protocol) }}"
+ --url="{{ domains | get_url(application_id, WEB_PROTOCOL) }}"
--title="{{ applications | get_app_conf(application_id, 'title', True) }}"
--admin_user="{{ applications | get_app_conf(application_id, 'users.administrator.username', True) }}"
--admin_password="{{ applications | get_app_conf(application_id, 'credentials.administrator_password', True) }}"
diff --git a/roles/web-app-wordpress/vars/discourse.yml b/roles/web-app-wordpress/vars/discourse.yml
index be092952..193ef60d 100644
--- a/roles/web-app-wordpress/vars/discourse.yml
+++ b/roles/web-app-wordpress/vars/discourse.yml
@@ -11,7 +11,7 @@ discourse_settings:
- name: discourse_connect
key: url
- value: "{{ domains | get_url('web-app-discourse', web_protocol) }}"
+ value: "{{ domains | get_url('web-app-discourse', WEB_PROTOCOL) }}"
- name: discourse_connect
key: api-key
value: "{{ vault_discourse_api_key }}"
diff --git a/roles/web-app-yourls/templates/env.j2 b/roles/web-app-yourls/templates/env.j2
index 00e04856..7383aa04 100644
--- a/roles/web-app-yourls/templates/env.j2
+++ b/roles/web-app-yourls/templates/env.j2
@@ -2,7 +2,7 @@ YOURLS_DB_HOST: "{{ database_host }}"
YOURLS_DB_USER: "{{ database_username }}"
YOURLS_DB_PASS: "{{ database_password }}"
YOURLS_DB_NAME: "{{ database_name }}"
-YOURLS_SITE: "{{ domains | get_url(application_id, web_protocol) }}"
+YOURLS_SITE: "{{ domains | get_url(application_id, WEB_PROTOCOL) }}"
YOURLS_USER: "{{ yourls_user }}"
YOURLS_PASS: "{{ yourls_password }}"
# The following deactivates the login mask for admins, if the oauth2 proxy is activated
diff --git a/roles/web-svc-asset/config/main.yml b/roles/web-svc-asset/config/main.yml
index 9702e5f9..4e326ec0 100644
--- a/roles/web-svc-asset/config/main.yml
+++ b/roles/web-svc-asset/config/main.yml
@@ -1,5 +1,5 @@
source_directory: "{{ playbook_dir }}/assets"
-url: "{{ web_protocol }}://<< defaults_applications['web-svc-file']server.domains.canonical[0] >>/assets"
+url: "{{ WEB_PROTOCOL }}://<< defaults_applications['web-svc-file']server.domains.canonical[0] >>/assets"
server:
domains:
canonical:
diff --git a/roles/web-svc-logout/config/main.yml b/roles/web-svc-logout/config/main.yml
index c0bfb90e..c3e2f03a 100644
--- a/roles/web-svc-logout/config/main.yml
+++ b/roles/web-svc-logout/config/main.yml
@@ -16,12 +16,12 @@ server:
unsafe-inline: true
whitelist:
connect-src:
- - "{{ web_protocol }}://*.{{ primary_domain }}"
- - "{{ web_protocol }}://{{ primary_domain }}"
+ - "{{ WEB_PROTOCOL }}://*.{{ primary_domain }}"
+ - "{{ WEB_PROTOCOL }}://{{ primary_domain }}"
script-src-elem:
- https://cdn.jsdelivr.net
style-src:
- https://cdn.jsdelivr.net
frame-ancestors:
- - "{{ web_protocol }}://<< defaults_applications[web-app-keycloak].server.domains.canonical[0] >>"
+ - "{{ WEB_PROTOCOL }}://<< defaults_applications[web-app-keycloak].server.domains.canonical[0] >>"
diff --git a/roles/web-svc-logout/templates/logout-proxy.conf.j2 b/roles/web-svc-logout/templates/logout-proxy.conf.j2
index 0ba188cd..bb20cab8 100644
--- a/roles/web-svc-logout/templates/logout-proxy.conf.j2
+++ b/roles/web-svc-logout/templates/logout-proxy.conf.j2
@@ -8,7 +8,7 @@ location = /logout {
proxy_http_version 1.1;
# CORS headers – allow your central page to call this
- add_header 'Access-Control-Allow-Origin' '{{ domains | get_url('web-svc-logout', web_protocol) }}' always;
+ add_header 'Access-Control-Allow-Origin' '{{ domains | get_url('web-svc-logout', WEB_PROTOCOL) }}' always;
add_header 'Access-Control-Allow-Credentials' 'true' always;
add_header 'Access-Control-Allow-Methods' 'GET, OPTIONS' always;
add_header 'Access-Control-Allow-Headers' 'Accept, Authorization' always;
diff --git a/roles/web-svc-simpleicons/templates/server.js.j2 b/roles/web-svc-simpleicons/templates/server.js.j2
index 5932d97f..8e49eb5e 100644
--- a/roles/web-svc-simpleicons/templates/server.js.j2
+++ b/roles/web-svc-simpleicons/templates/server.js.j2
@@ -15,7 +15,7 @@ function getExportName(slug) {
// Root: redirect to your documentation
app.get('/', (req, res) => {
- res.redirect('{{ domains | get_url('web-app-sphinx', web_protocol) }}/{{ application_id | rel_role_path_by_application_id }}/README.html');
+ res.redirect('{{ domains | get_url('web-app-sphinx', WEB_PROTOCOL) }}/{{ application_id | rel_role_path_by_application_id }}/README.html');
});
// GET /:slug.svg
diff --git a/templates/roles/web-app/config/README.md.j2 b/templates/roles/web-app/config/README.md.j2
index 2ea691fb..e1f5b7ae 100644
--- a/templates/roles/web-app/config/README.md.j2
+++ b/templates/roles/web-app/config/README.md.j2
@@ -15,7 +15,7 @@ applications:
You can reference values from the generated `defaults_applications` dictionary at build time by embedding `<< ... >>` placeholders inside your template. For example:
```yaml
-url: "{{ web_protocol }}://<< defaults_applications.web-svc-file.domains.canonical[0] >>/assets"
+url: "{{ WEB_PROTOCOL }}://<< defaults_applications.web-svc-file.domains.canonical[0] >>/assets"
```
- The `<< ... >>` placeholders are resolved by the [`DictRenderer`](../../../utils/dict_renderer.py) helper class.