mirror of
https://github.com/kevinveenbirkenbach/computer-playbook.git
synced 2025-03-29 04:23:34 +01:00
Big cleanup
This commit is contained in:
parent
6520350731
commit
836a3e0238
@ -1,35 +1,23 @@
|
|||||||
import yaml
|
def get_oauth22_enabled(applications, application_id):
|
||||||
|
|
||||||
def get_oauth2_enabled(applications:yaml, application_id:string):
|
|
||||||
# Retrieve the application dictionary based on the ID
|
# Retrieve the application dictionary based on the ID
|
||||||
app = applications.get(application_id, {})
|
app = applications.get(application_id, {})
|
||||||
# Retrieve the value for oauth2_proxy.enabled, default is False
|
# Retrieve the value for oauth2_proxy.enabled, default is False
|
||||||
enabled = app.get('oauth2_proxy', {}).get('enabled', False)
|
enabled = app.get('oauth2_proxy', {}).get('enabled', False)
|
||||||
return bool(enabled)
|
return bool(enabled)
|
||||||
|
|
||||||
def get_oidc_enabled(applications:yaml, application_id:string):
|
def get_oidc_enabled(applications, application_id):
|
||||||
# Retrieve the application dictionary based on the ID
|
# Retrieve the application dictionary based on the ID
|
||||||
app = applications.get(application_id, {})
|
app = applications.get(application_id, {})
|
||||||
# Retrieve the value for oidc.enabled, default is False
|
# Retrieve the value for oidc.enabled, default is False
|
||||||
enabled = app.get('oidc', {}).get('enabled', False)
|
enabled = app.get('oidc', {}).get('enabled', False)
|
||||||
return bool(enabled)
|
return bool(enabled)
|
||||||
|
|
||||||
def get_css_enabled(applications:yaml, application_id:string):
|
def get_landingpage_iframe_enabled(applications, application_id):
|
||||||
app = applications.get(application_id)
|
|
||||||
enabled = app.get('css_enabled')
|
|
||||||
return bool(enabled)
|
|
||||||
|
|
||||||
def get_landingpage_iframe_enabled(applications:yaml, application_id:string):
|
|
||||||
app = applications.get(application_id)
|
app = applications.get(application_id)
|
||||||
enabled = app.get('landingpage_iframe_enabled')
|
enabled = app.get('landingpage_iframe_enabled')
|
||||||
return bool(enabled)
|
return bool(enabled)
|
||||||
|
|
||||||
def get_matomo_tracking_enabled(applications:yaml, application_id:string):
|
def get_database_central_storage(applications, application_id):
|
||||||
app = applications.get(application_id)
|
|
||||||
enabled = app.get('matomo_tracking_enabled')
|
|
||||||
return bool(enabled)
|
|
||||||
|
|
||||||
def get_database_central_storage(applications:yaml, application_id:string):
|
|
||||||
"""
|
"""
|
||||||
Retrieve the type of the database from the application dictionary.
|
Retrieve the type of the database from the application dictionary.
|
||||||
The expected key structure is: applications[application_id]['database']['central_storage'].
|
The expected key structure is: applications[application_id]['database']['central_storage'].
|
||||||
@ -42,10 +30,8 @@ def get_database_central_storage(applications:yaml, application_id:string):
|
|||||||
class FilterModule(object):
|
class FilterModule(object):
|
||||||
def filters(self):
|
def filters(self):
|
||||||
return {
|
return {
|
||||||
'get_css_enabled': get_css_enabled,
|
|
||||||
'get_oidc_enabled': get_oidc_enabled,
|
'get_oidc_enabled': get_oidc_enabled,
|
||||||
'get_oauth2_enabled': get_oauth2_enabled,
|
'get_oauth2_enabled': get_oauth22_enabled,
|
||||||
'get_database_central_storage': get_database_central_storage,
|
'get_database_central_storage': get_database_central_storage,
|
||||||
'get_landingpage_iframe_enabled': get_landingpage_iframe_enabled,
|
'get_landingpage_iframe_enabled': get_landingpage_iframe_enabled,
|
||||||
'get_matomo_tracking_enabled': get_matomo_tracking_enabled,
|
|
||||||
}
|
}
|
||||||
@ -68,4 +68,6 @@ matomo_tracking_enabled_default: true # Enables\Disables Matomo track
|
|||||||
css_enabled_default: true # Enables\Disables Global CSS on all html pages by default.
|
css_enabled_default: true # Enables\Disables Global CSS on all html pages by default.
|
||||||
|
|
||||||
## iframe for primary domain
|
## iframe for primary domain
|
||||||
landingpage_iframe_enabled_default: false # Enables\Disables the possibility to be embedded via iframe by default.
|
# Enables\Disables the possibility to be embedded via iframe by default.
|
||||||
|
# Enable conciously on every app in which it makes sense, due to that this a potential security risk
|
||||||
|
landingpage_iframe_enabled_default: false
|
||||||
@ -98,6 +98,12 @@ defaults_applications:
|
|||||||
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
|
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
|
||||||
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe
|
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe
|
||||||
|
|
||||||
|
## File Server
|
||||||
|
file_server:
|
||||||
|
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
|
||||||
|
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
|
||||||
|
landingpage_iframe_enabled: "true" # Landingpage should be embeded in portfolio
|
||||||
|
|
||||||
## Friendica
|
## Friendica
|
||||||
friendica:
|
friendica:
|
||||||
version: "latest"
|
version: "latest"
|
||||||
@ -122,21 +128,21 @@ defaults_applications:
|
|||||||
|
|
||||||
## Gitea
|
## Gitea
|
||||||
gitea:
|
gitea:
|
||||||
version: "latest" # Use latest docker image
|
version: "latest" # Use latest docker image
|
||||||
database:
|
database:
|
||||||
central_storage: True # Activate Central Database Storage
|
central_storage: True # Activate Central Database Storage
|
||||||
configuration:
|
configuration:
|
||||||
repository:
|
repository:
|
||||||
enable_push_create_user: True # Allow users to push local repositories to Gitea and have them automatically created for a user.
|
enable_push_create_user: True # Allow users to push local repositories to Gitea and have them automatically created for a user.
|
||||||
default_private: last # Default private when creating a new repository: last, private, public
|
default_private: last # Default private when creating a new repository: last, private, public
|
||||||
default_push_create_private: True # Default private when creating a new repository with push-to-create.
|
default_push_create_private: True # Default private when creating a new repository with push-to-create.
|
||||||
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
|
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
|
||||||
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
|
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
|
||||||
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe
|
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe
|
||||||
|
|
||||||
## Gitlab
|
## Gitlab
|
||||||
gitlab:
|
gitlab:
|
||||||
version: "latest"
|
version: "latest"
|
||||||
database:
|
database:
|
||||||
central_storage: True # Activate Central Database Storage
|
central_storage: True # Activate Central Database Storage
|
||||||
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
|
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
|
||||||
@ -145,11 +151,23 @@ defaults_applications:
|
|||||||
|
|
||||||
## Joomla
|
## Joomla
|
||||||
joomla:
|
joomla:
|
||||||
version: "latest"
|
version: "latest"
|
||||||
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
|
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
|
||||||
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
|
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
|
||||||
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe
|
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe
|
||||||
|
|
||||||
|
## HTML Server
|
||||||
|
html_server:
|
||||||
|
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
|
||||||
|
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
|
||||||
|
landingpage_iframe_enabled: "true" # Landingpage should be embeded in portfolio
|
||||||
|
|
||||||
|
## Imprint
|
||||||
|
imprint:
|
||||||
|
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
|
||||||
|
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
|
||||||
|
landingpage_iframe_enabled: "true" # Landingpage should be embeded in portfolio
|
||||||
|
|
||||||
## Keycloak
|
## Keycloak
|
||||||
keycloak:
|
keycloak:
|
||||||
version: "latest"
|
version: "latest"
|
||||||
@ -186,7 +204,6 @@ defaults_applications:
|
|||||||
username: "{{users.administrator.username}}"
|
username: "{{users.administrator.username}}"
|
||||||
ldap:
|
ldap:
|
||||||
enabled: True # Should have the same value as applications.ldap.openldap.network.local.
|
enabled: True # Should have the same value as applications.ldap.openldap.network.local.
|
||||||
force_import: false # Forces the import of the LDIF files when set to true
|
|
||||||
oauth2_proxy:
|
oauth2_proxy:
|
||||||
enabled: true # Activate the OAuth2 Proxy for the LDAP Webinterface
|
enabled: true # Activate the OAuth2 Proxy for the LDAP Webinterface
|
||||||
application: lam # Needs to be the same as webinterface
|
application: lam # Needs to be the same as webinterface
|
||||||
@ -196,6 +213,7 @@ defaults_applications:
|
|||||||
central_storage: false # LDAP doesn't use an database in the current configuration. Propably a good idea to implement one later.
|
central_storage: false # LDAP doesn't use an database in the current configuration. Propably a good idea to implement one later.
|
||||||
# administrator_password: # CHANGE for security reasons in inventory file
|
# administrator_password: # CHANGE for security reasons in inventory file
|
||||||
# administrator_database_password: # CHANGE for security reasons in inventory file
|
# administrator_database_password: # CHANGE for security reasons in inventory file
|
||||||
|
force_import: False # Forces the import of the LDIF files
|
||||||
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
|
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
|
||||||
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
|
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
|
||||||
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe
|
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe
|
||||||
@ -230,7 +248,7 @@ defaults_applications:
|
|||||||
# initial_administrator_password: # Initial administrator password for setup
|
# initial_administrator_password: # Initial administrator password for setup
|
||||||
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
|
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
|
||||||
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
|
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
|
||||||
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe
|
landingpage_iframe_enabled: true # Default enabled because working well in iframe
|
||||||
|
|
||||||
## MariaDB
|
## MariaDB
|
||||||
mariadb:
|
mariadb:
|
||||||
@ -331,7 +349,9 @@ defaults_applications:
|
|||||||
# @see https://apps.nextcloud.com/apps/oidc_login
|
# @see https://apps.nextcloud.com/apps/oidc_login
|
||||||
# @see https://apps.nextcloud.com/apps/sociallogin
|
# @see https://apps.nextcloud.com/apps/sociallogin
|
||||||
flavor: "oidc_login" # Keeping on sociallogin because the other option is not implemented yet
|
flavor: "oidc_login" # Keeping on sociallogin because the other option is not implemented yet
|
||||||
force_import: False # Forces the import of the LDIF files
|
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
|
||||||
|
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
|
||||||
|
landingpage_iframe_enabled: "true" # Enables\Disables the possibility to embed this on landing page via iframe
|
||||||
database:
|
database:
|
||||||
central_storage: True # Activate Central Database Storage
|
central_storage: True # Activate Central Database Storage
|
||||||
credentials:
|
credentials:
|
||||||
@ -540,9 +560,6 @@ defaults_applications:
|
|||||||
whiteboard:
|
whiteboard:
|
||||||
# Nextcloud Whiteboard: provides a collaborative drawing and brainstorming tool (https://apps.nextcloud.com/apps/whiteboard)
|
# Nextcloud Whiteboard: provides a collaborative drawing and brainstorming tool (https://apps.nextcloud.com/apps/whiteboard)
|
||||||
enabled: true
|
enabled: true
|
||||||
matomo_tracking_enabled: "{{matomo_tracking_enabled_default}}" # Enables\Disables Matomo Tracking
|
|
||||||
css_enabled: "{{css_enabled_default}}" # Enables\Disables Global CSS Style
|
|
||||||
landingpage_iframe_enabled: "{{landingpage_iframe_enabled_default}}" # Enables\Disables the possibility to embed this on landing page via iframe
|
|
||||||
|
|
||||||
## OAuth2 Proxy
|
## OAuth2 Proxy
|
||||||
oauth2_proxy:
|
oauth2_proxy:
|
||||||
|
|||||||
BIN
images/favicon.ico
Normal file
BIN
images/favicon.ico
Normal file
Binary file not shown.
|
After Width: | Height: | Size: 162 KiB |
|
Before Width: | Height: | Size: 286 KiB After Width: | Height: | Size: 286 KiB |
@ -71,10 +71,10 @@ http {
|
|||||||
add_header Referrer-Policy "no-referrer" always;
|
add_header Referrer-Policy "no-referrer" always;
|
||||||
add_header X-Content-Type-Options "nosniff" always;
|
add_header X-Content-Type-Options "nosniff" always;
|
||||||
add_header X-Download-Options "noopen" always;
|
add_header X-Download-Options "noopen" always;
|
||||||
add_header X-Frame-Options "SAMEORIGIN" always;
|
|
||||||
add_header X-Permitted-Cross-Domain-Policies "none" always;
|
add_header X-Permitted-Cross-Domain-Policies "none" always;
|
||||||
add_header X-Robots-Tag "noindex, nofollow" always;
|
add_header X-Robots-Tag "noindex, nofollow" always;
|
||||||
add_header X-XSS-Protection "1; mode=block" always;
|
add_header X-XSS-Protection "1; mode=block" always;
|
||||||
|
{% include 'roles/nginx-docker-reverse-proxy/templates/iframe.conf.j2' %}
|
||||||
|
|
||||||
# Remove X-Powered-By, which is an information leak
|
# Remove X-Powered-By, which is an information leak
|
||||||
fastcgi_hide_header X-Powered-By;
|
fastcgi_hide_header X-Powered-By;
|
||||||
|
|||||||
@ -12,4 +12,10 @@ nextcloud_system_config:
|
|||||||
value: "{{ on_calendar_nextcloud }}"
|
value: "{{ on_calendar_nextcloud }}"
|
||||||
|
|
||||||
- parameter: "default_phone_region"
|
- parameter: "default_phone_region"
|
||||||
value: "{{ locale | upper }}"
|
value: "{{ locale | upper }}"
|
||||||
|
|
||||||
|
- parameter: "trusted_domains 0"
|
||||||
|
value: "{{domains[application_id]}}"
|
||||||
|
|
||||||
|
- parameter: "overwrite.cli.url"
|
||||||
|
value: "https://{{domains[application_id]}}"
|
||||||
@ -36,5 +36,7 @@
|
|||||||
when: not config_file.stat.exists
|
when: not config_file.stat.exists
|
||||||
|
|
||||||
- name: add docker-compose.yml
|
- name: add docker-compose.yml
|
||||||
template: src=docker-compose.yml.j2 dest={{docker_compose.directories.instance}}docker-compose.yml
|
template:
|
||||||
|
src: docker-compose.yml.j2
|
||||||
|
dest: "{docker_compose.directories.instance}}docker-compose.yml"
|
||||||
notify: docker compose project setup
|
notify: docker compose project setup
|
||||||
|
|||||||
@ -10,6 +10,9 @@ accounts:
|
|||||||
description: Platforms where I share content.
|
description: Platforms where I share content.
|
||||||
icon:
|
icon:
|
||||||
class: fas fa-newspaper
|
class: fas fa-newspaper
|
||||||
|
|
||||||
|
{% if ["mastodon", "bluesky"] | any_in(group_names) %}
|
||||||
|
|
||||||
children:
|
children:
|
||||||
- name: Microblogs
|
- name: Microblogs
|
||||||
description: Stay updated with {{ 'our' if service_provider.type == 'legal' else 'my' }} microblogs.
|
description: Stay updated with {{ 'our' if service_provider.type == 'legal' else 'my' }} microblogs.
|
||||||
@ -39,6 +42,7 @@ accounts:
|
|||||||
- link: accounts.publishingchannels.microblogs.mastodon
|
- link: accounts.publishingchannels.microblogs.mastodon
|
||||||
identifier: "{{service_provider.contact.bluesky}}"
|
identifier: "{{service_provider.contact.bluesky}}"
|
||||||
|
|
||||||
|
{% endif %}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
{% if service_provider.contact.pixelfed is defined and service_provider.contact.pixelfed != "" %}
|
{% if service_provider.contact.pixelfed is defined and service_provider.contact.pixelfed != "" %}
|
||||||
|
|
||||||
|
|||||||
@ -1,4 +1,4 @@
|
|||||||
{% if landingpage_iframe_enabled | bool %}
|
add_header X-Frame-Options "SAMEORIGIN" always; # Allow iframe embedding only from the same origin
|
||||||
add_header X-Frame-Options "SAMEORIGIN" always; # Allow iframe embedding only from the same origin
|
{% if landingpage_iframe_enabled | default(applications.get(application_id).get('landingpage_iframe_enabled')) | bool %}
|
||||||
add_header Content-Security-Policy "frame-ancestors {{primary_domain}};" always; # Restrict embedding to the specified primary domain
|
add_header Content-Security-Policy "frame-ancestors {{primary_domain}};" always; # Restrict embedding to the specified primary domain
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|||||||
@ -14,7 +14,7 @@ location {{location | default("/")}}
|
|||||||
proxy_set_header X-Forwarded-Port 443;
|
proxy_set_header X-Forwarded-Port 443;
|
||||||
proxy_set_header Accept-Encoding "";
|
proxy_set_header Accept-Encoding "";
|
||||||
|
|
||||||
{% include 'iframe.conf.j2' %}
|
{% include 'roles/nginx-docker-reverse-proxy/templates/iframe.conf.j2' %}
|
||||||
|
|
||||||
# WebSocket specific header
|
# WebSocket specific header
|
||||||
proxy_http_version 1.1;
|
proxy_http_version 1.1;
|
||||||
|
|||||||
@ -11,4 +11,4 @@
|
|||||||
- name: "include the docker-oauth2-proxy role {{domain}}"
|
- name: "include the docker-oauth2-proxy role {{domain}}"
|
||||||
include_role:
|
include_role:
|
||||||
name: docker-oauth2-proxy
|
name: docker-oauth2-proxy
|
||||||
when: applications | get_oauth2_enabled(application_id)
|
when: final_oauth2_enabled | bool
|
||||||
@ -1 +1,2 @@
|
|||||||
configuration_destination: "{{nginx.directories.http.servers}}{{domain}}.conf"
|
configuration_destination: "{{nginx.directories.http.servers}}{{domain}}.conf"
|
||||||
|
final_oauth2_enabled: "{{applications[application_id].get('oauth2_proxy', {}).get('enabled', False)}}"
|
||||||
@ -1,9 +1,9 @@
|
|||||||
- name: "Activate Global CSS for {{domain}}"
|
- name: "Activate Global CSS for {{domain}}"
|
||||||
include_role:
|
include_role:
|
||||||
name: nginx-modifier-css
|
name: nginx-modifier-css
|
||||||
when: applications | get_css_enabled(application_id)
|
when: applications.get(application_id).get('css_enabled') | bool
|
||||||
|
|
||||||
- name: "Activate Global Matomo Tracking for {{domain}}"
|
- name: "Activate Global Matomo Tracking for {{domain}}"
|
||||||
include_role:
|
include_role:
|
||||||
name: nginx-modifier-matomo
|
name: nginx-modifier-matomo
|
||||||
when: matomo_tracking_enabled | bool
|
when: applications.get(application_id).get('matomo_tracking_enabled') | bool
|
||||||
@ -2,16 +2,20 @@
|
|||||||
sub_filter_once off;
|
sub_filter_once off;
|
||||||
sub_filter_types text/html;
|
sub_filter_types text/html;
|
||||||
|
|
||||||
{% if matomo_tracking_enabled | bool %}
|
{% set css_enabled_final = applications.get(application_id).get('css_enabled') | bool %}
|
||||||
|
{% set matomo_tracking_enabled_final = applications.get(application_id).get('matomo_tracking_enabled') | bool %}
|
||||||
|
|
||||||
|
|
||||||
|
{% if matomo_tracking_enabled_final | bool %}
|
||||||
{# Include Global Matomo Tracking #}
|
{# Include Global Matomo Tracking #}
|
||||||
{% include 'roles/nginx-modifier-matomo/templates/matomo-tracking.conf.j2' %}
|
{% include 'roles/nginx-modifier-matomo/templates/matomo-tracking.conf.j2' %}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
||||||
{% if css_enabled | bool or matomo_tracking_enabled | bool %}
|
{% if css_enabled_final | bool or matomo_tracking_enabled_final | bool %}
|
||||||
sub_filter '</head>' '{% if matomo_tracking_enabled | bool %}{% include 'roles/nginx-modifier-matomo/templates/script.j2' %}{% endif %}{% if css_enabled | bool %}{% include 'roles/nginx-modifier-css/templates/link.j2' %}{% endif %}</head>';
|
sub_filter '</head>' '{% if matomo_tracking_enabled_final | bool %}{% include 'roles/nginx-modifier-matomo/templates/script.j2' %}{% endif %}{% if css_enabled_final | bool %}{% include 'roles/nginx-modifier-css/templates/link.j2' %}{% endif %}</head>';
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|
||||||
{% if css_enabled | bool %}
|
{% if css_enabled_final | bool %}
|
||||||
{# Include Global CSS Location #}
|
{# Include Global CSS Location #}
|
||||||
{% include 'roles/nginx-modifier-css/templates/location.conf.j2' %}
|
{% include 'roles/nginx-modifier-css/templates/location.conf.j2' %}
|
||||||
{% endif %}
|
{% endif %}
|
||||||
|
|||||||
@ -1,3 +0,0 @@
|
|||||||
matomo_tracking_enabled: "{{ matomo_tracking_enabled | default(applications | get_matomo_tracking_enabled(application_id)) }}"
|
|
||||||
css_enabled: "{{ css_enabled | default (applications | get_css_enabled(application_id)) }}"
|
|
||||||
landingpage_iframe_enabled: "{{ landingpage_iframe_enabled | default (applications | get_landingpage_iframe_enabled(application_id)) }}"
|
|
||||||
1
roles/nginx-serve-html-legal/vars/main.yml
Normal file
1
roles/nginx-serve-html-legal/vars/main.yml
Normal file
@ -0,0 +1 @@
|
|||||||
|
application_id: "imprint" # Application identifier
|
||||||
1
sphinx/.gitignore
vendored
Normal file
1
sphinx/.gitignore
vendored
Normal file
@ -0,0 +1 @@
|
|||||||
|
_static/img/*
|
||||||
@ -1,20 +1,24 @@
|
|||||||
# Minimal makefile for Sphinx documentation
|
# Minimal Makefile for Sphinx documentation
|
||||||
#
|
#
|
||||||
|
|
||||||
# You can set these variables from the command line, and also
|
# You can set these variables from the command line, and also
|
||||||
# from the environment
|
# from the environment
|
||||||
SPHINXOPTS ?= -c .
|
SPHINXOPTS ?= -c .
|
||||||
SPHINXBUILD ?= sphinx-build
|
SPHINXBUILD ?= sphinx-build
|
||||||
SPHINX_SOURCE_DIR ?= ../
|
SPHINX_SOURCE_DIR ?= ../
|
||||||
SPHINX_BUILD_DIR ?= ../docs
|
SPHINX_BUILD_DIR ?= ../docs
|
||||||
|
|
||||||
# Put it first so that "make" without argument is like "make help".
|
.PHONY: help install copy-images Makefile
|
||||||
|
|
||||||
|
# Copy images before running any Sphinx command (except for help)
|
||||||
|
copy-images:
|
||||||
|
@echo "Copying images from ../images/ to ./_static/img/..."
|
||||||
|
cp -r ../images/* ./_static/img/
|
||||||
|
|
||||||
|
# "help" target does not copy images
|
||||||
help:
|
help:
|
||||||
@$(SPHINXBUILD) -M help "$(SPHINX_SOURCE_DIR)" "$(SPHINX_BUILD_DIR)" $(SPHINXOPTS) $(O)
|
@$(SPHINXBUILD) -M help "$(SPHINX_SOURCE_DIR)" "$(SPHINX_BUILD_DIR)" $(SPHINXOPTS) $(O)
|
||||||
|
|
||||||
.PHONY: help install Makefile
|
|
||||||
|
|
||||||
# Catch-all target: route all unknown targets to Sphinx using the new
|
# Catch-all target: route all unknown targets to Sphinx using the new
|
||||||
# "make mode" option. $(O) is meant as a shortcut for $(SPHINXOPTS).
|
# "make mode" option. $(O) is meant as a shortcut for $(SPHINXOPTS).
|
||||||
%: Makefile
|
%: Makefile
|
||||||
@$(SPHINXBUILD) -M $@ "$(SPHINX_SOURCE_DIR)" "$(SPHINX_BUILD_DIR)" $(SPHINXOPTS) $(O)
|
@$(SPHINXBUILD) -M $@ "$(SPHINX_SOURCE_DIR)" "$(SPHINX_BUILD_DIR)" $(SPHINXOPTS) $(O)
|
||||||
|
|||||||
@ -31,8 +31,8 @@ html_sidebars = {
|
|||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
|
||||||
cymais_logo = "_static/img/logo_cymais.png"
|
cymais_logo = "_static/img/logo.png"
|
||||||
html_favicon = cymais_logo
|
html_favicon = "_static/img/favicon.ico"
|
||||||
|
|
||||||
html_theme_options = {
|
html_theme_options = {
|
||||||
"show_prev_next": False,
|
"show_prev_next": False,
|
||||||
|
|||||||
@ -4,7 +4,7 @@
|
|||||||
- name: "Merge detached_files with applications.oauth2_proxy.configuration_file"
|
- name: "Merge detached_files with applications.oauth2_proxy.configuration_file"
|
||||||
ansible.builtin.set_fact:
|
ansible.builtin.set_fact:
|
||||||
merged_detached_files: "{{ detached_files + [applications.oauth2_proxy.configuration_file] }}"
|
merged_detached_files: "{{ detached_files + [applications.oauth2_proxy.configuration_file] }}"
|
||||||
when: applications | get_oauth2_enabled(application_id)
|
when: applications[application_id].get('oauth2_proxy', {}).get('enabled', False) | bool
|
||||||
|
|
||||||
- name: "backup detached files"
|
- name: "backup detached files"
|
||||||
command: >
|
command: >
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user