Renamed server roles by osi they work on

roles/README.md

@@ -24,19 +24,19 @@ For a complete list of role categories and detailed definitions, see:
 
 ## Webserver & HTTP
 
-- **srv-web-core**  
+- **srv-web-7-4-core**  
   Installs and configures the base Nginx server.
 
-- **srv-web-tls-***  
-  Manages TLS certificates and renewal (formerly “https”; e.g. `srv-web-tls-deploy`, `srv-web-tls-renew`).
+- **srv-web-6-6-tls-***  
+  Manages TLS certificates and renewal (formerly “https”; e.g. `srv-web-6-6-tls-deploy`, `srv-web-6-6-tls-renew`).
 
 - **srv-web-proxy-***  
   Proxy and vhost orchestration roles (domain setup, OAuth2 proxy, etc.)
 
-- **srv-web-injector-***  
+- **srv-web-7-7-inj-***  
   HTML response modifiers: CSS, JS, Matomo tracking, iframe notifier.
 
-- **srv-web-composer**  
+- **srv-web-7-6-composer**  
   Aggregates multiple sub-filters into one include for your vhost.
 
 - **web-svc-***  

roles/categories.yml

@@ -25,11 +25,11 @@ categories:
   srv:
     web:
       core:
-        title: "srv-web-core"
+        title: "srv-web-7-4-core"
         description: "Install & configure base Nginx server"
         icon: "fas fa-server"
       tls:
-        title: "srv-web-tls-*"
+        title: "srv-web-6-6-tls-*"
         description: "Deploy & renew TLS certificates"
         icon: "fas fa-lock"
       proxy:
@@ -38,27 +38,27 @@ categories:
         icon: "fas fa-project-diagram"
       injector:
         core:
-          title: "srv-web-injector-compose"
+          title: "srv-web-7-7-inj-compose"
           description: "Inject core HTML modifiers"
           icon: "fas fa-code"
         css:
-          title: "srv-web-injector-css"
+          title: "srv-web-7-7-inj-css"
           description: "Inject CSS into responses"
           icon: "fas fa-paint-brush"
         iframe:
-          title: "srv-web-injector-iframe"
+          title: "srv-web-7-7-inj-iframe"
           description: "Inject iframe notifier"
           icon: "fas fa-window-maximize"
         javascript:
-          title: "srv-web-injector-javascript"
+          title: "srv-web-7-7-inj-javascript"
           description: "Inject JS into responses"
           icon: "fas fa-code"
         matomo:
-          title: "srv-web-injector-matomo"
+          title: "srv-web-7-7-inj-matomo"
           description: "Inject Matomo tracking code"
           icon: "fas fa-chart-pie"
       composer:
-        title: "srv-web-composer"
+        title: "srv-web-7-6-composer"
         description: "Compose multiple filters into one include"
         icon: "fas fa-layer-group"
 

roles/cln-domains/meta/main.yml

@@ -21,5 +21,5 @@ galaxy_info:
   issue_tracker_url: "https://s.veen.world/cymaisissues"
   documentation: "https://s.veen.world/cymais"
 dependencies:
-  - srv-web-core
+  - srv-web-7-4-core
   - core-daemon

roles/cmp-db-docker-proxy/README.md

@@ -8,4 +8,4 @@ This role builds on `cmp-db-docker` by adding a reverse-proxy frontend for HTTP
   Leverages the `cmp-db-docker` role to stand up your containerized database (PostgreSQL, MariaDB, etc.) with backups and user management.
 
 - **Reverse Proxy**  
-  Includes the `srv-web-proxy-domain` role to configure a proxy (e.g. nginx) for routing HTTP(S) traffic to your database UI or management endpoint.
+  Includes the `srv-proxy-6-6-domain` role to configure a proxy (e.g. nginx) for routing HTTP(S) traffic to your database UI or management endpoint.

roles/cmp-db-docker-proxy/meta/main.yml

@@ -1,7 +1,7 @@
 galaxy_info:
   author: "Kevin Veen-Birkenbach"
   description: >
-    Extends cmp-db-docker by adding an HTTP reverse proxy via srv-web-proxy-domain.
+    Extends cmp-db-docker by adding an HTTP reverse proxy via srv-proxy-6-6-domain.
   company: |
     Kevin Veen-Birkenbach
     Consulting & Coaching Solutions

roles/cmp-db-docker-proxy/tasks/main.yml

@@ -2,9 +2,9 @@
   include_role: 
     name: cmp-db-docker
 
-- name: "include role srv-web-proxy-domain for {{application_id}}"
+- name: "include role srv-proxy-6-6-domain for {{application_id}}"
   include_role:
-    name: srv-web-proxy-domain
+    name: srv-proxy-6-6-domain
   vars:
     domain:   "{{ domains | get_domain(application_id) }}"
     http_port:   "{{ ports.localhost.http[application_id] }}"

roles/cmp-docker-proxy/README.md

@@ -8,4 +8,4 @@ This role combines the standard Docker Compose setup with a reverse-proxy for an
   Brings up containers, networks, and volumes via the `docker-compose` role.
 
 - **Reverse Proxy**  
-  Uses the `srv-web-proxy-domain` role to expose your application under a custom domain and port.
+  Uses the `srv-proxy-6-6-domain` role to expose your application under a custom domain and port.

roles/cmp-docker-proxy/meta/main.yml

@@ -1,7 +1,7 @@
 galaxy_info:
   author: "Kevin Veen-Birkenbach"
   description: >
-    Combines the docker-compose role with srv-web-proxy-domain to
+    Combines the docker-compose role with srv-proxy-6-6-domain to
     deploy applications behind a reverse proxy.
   company: |
     Kevin Veen-Birkenbach

roles/cmp-docker-proxy/tasks/main.yml

@@ -2,9 +2,9 @@
   include_role: 
     name: docker-compose
 
-- name: "include role srv-web-proxy-domain for {{application_id}}"
+- name: "include role srv-proxy-6-6-domain for {{application_id}}"
   include_role:
-    name: srv-web-proxy-domain
+    name: srv-proxy-6-6-domain
   vars:
     domain:   "{{ domains | get_domain(application_id) }}"
     http_port:   "{{ ports.localhost.http[application_id] }}"

roles/docker-compose/README.md

@@ -20,7 +20,7 @@ To offer a centralized, extensible system for managing containerized application
 - **Reset Logic:** Cleans previous Compose project files and data when `mode_reset` is enabled.
 - **Handlers for Runtime Control:** Automatically builds, sets up, or restarts containers based on handlers.
 - **Template-ready Service Files:** Predefined service base and health check templates.
-- **Integration Support:** Compatible with `srv-web-proxy-core` and other CyMaIS service roles.
+- **Integration Support:** Compatible with `srv-proxy-7-4-core` and other CyMaIS service roles.
 
 ## Administration Tips
 

roles/net-letsencrypt/meta/main.yml

@@ -23,4 +23,4 @@ galaxy_info:
   issue_tracker_url: "https://s.veen.world/cymaisissues"
   documentation: "https://s.veen.world/cymais"
 dependencies:
-  - srv-web-tls-renew
+  - srv-web-6-6-tls-renew

roles/srv-proxy-6-6-domain/README.md

@@ -6,11 +6,11 @@ This role bootstraps **per-domain Nginx configuration**: it requests TLS certifi
 
 ## Overview
 
-A higher-level orchestration wrapper, *srv-web-proxy-domain* ties together several lower-level roles:
+A higher-level orchestration wrapper, *srv-proxy-6-6-domain* ties together several lower-level roles:
 
-1. **`srv-web-injector-compose`** – applies global tweaks and includes.  
-2. **`srv-web-tls-core`** – obtains Let’s Encrypt certificates.  
-3. **Domain template deployment** – copies a Jinja2 vHost from *srv-web-proxy-core*.  
+1. **`srv-web-7-7-inj-compose`** – applies global tweaks and includes.  
+2. **`srv-web-6-6-tls-core`** – obtains Let’s Encrypt certificates.  
+3. **Domain template deployment** – copies a Jinja2 vHost from *srv-proxy-7-4-core*.  
 4. **`web-app-oauth2-proxy`** *(optional)* – protects the site with OAuth2.
 
 The result is a complete, reproducible domain rollout in a single playbook task.

roles/srv-proxy-6-6-domain/defaults/main.yml

@@ -2,4 +2,4 @@
 vhost_flavour:        "basic"               # valid: basic | ws_generic
 
 # build the full template path from the flavour
-vhost_template_src:   "roles/srv-web-proxy-core/templates/vhost/{{ vhost_flavour }}.conf.j2"
+vhost_template_src:   "roles/srv-proxy-7-4-core/templates/vhost/{{ vhost_flavour }}.conf.j2"

roles/srv-proxy-6-6-domain/meta/main.yml

@@ -24,4 +24,4 @@ galaxy_info:
   issue_tracker_url: https://s.veen.world/cymaisissues
   documentation: https://s.veen.world/cymais
 dependencies:
-  - srv-web-proxy-core
+  - srv-proxy-7-4-core

roles/srv-proxy-6-6-domain/tasks/main.yml

@@ -1,6 +1,6 @@
 - name: "include role for {{domain}} to receive certificates and do the modification routines"
   include_role:
-    name: srv-web-composer
+    name: srv-web-7-6-composer
     
 - name: "Copy nginx config to {{ configuration_destination }}"
   template:

roles/srv-proxy-6-6-tls-deploy/README.md

@@ -21,7 +21,7 @@ This Ansible role simplifies the deployment of **Let's Encrypt certificates** in
 
 ### **1️⃣ Main Tasks**
 1. **Add Deployment Script**  
-   - Copies `srv-web-proxy-tls-deploy.sh` to the administrator scripts directory.
+   - Copies `srv-proxy-6-6-tls-deploy.sh` to the administrator scripts directory.
    
 2. **Create Certificate Directory**  
    - Ensures `cert_mount_directory` exists with proper permissions.
@@ -34,14 +34,14 @@ This Ansible role simplifies the deployment of **Let's Encrypt certificates** in
 
 ### **2️⃣ Handlers**
 - **Restart Nginx Service**  
-  - Restarts `srv-web-proxy-tls-deploy` whenever a certificate update occurs.
+  - Restarts `srv-proxy-6-6-tls-deploy` whenever a certificate update occurs.
 
 ---
 
 ## **🔧 Deploying Certificates into Docker Containers**
 The role **automates copying certificates** into Docker Compose setups.
 
-### **1️⃣ Deployment Script (`srv-web-proxy-tls-deploy.sh`)**
+### **1️⃣ Deployment Script (`srv-proxy-6-6-tls-deploy.sh`)**
 This script:
 - **Copies certificates** to the correct container directory.
 - **Reloads Nginx** inside all running containers.
@@ -49,7 +49,7 @@ This script:
 
 **Usage:**
 ```sh
-sh srv-web-proxy-tls-deploy.sh primary_domain /path/to/docker/compose
+sh srv-proxy-6-6-tls-deploy.sh primary_domain /path/to/docker/compose
 ```
 
 ---

roles/srv-proxy-6-6-tls-deploy/handlers/main.yml

@@ -0,0 +1,7 @@
+---
+- name: "restart srv-proxy-6-6-tls-deploy.cymais.service"
+  systemd:
+    name:           srv-proxy-6-6-tls-deploy.{{application_id}}.cymais.service
+    state:          restarted
+    enabled:        yes
+    daemon_reload:  yes

roles/srv-proxy-6-6-tls-deploy/meta/main.yml

@@ -15,7 +15,7 @@ galaxy_info:
     - systemd
   repository: "https://github.com/kevinveenbirkenbach/cymais"
   issue_tracker_url: "https://github.com/kevinveenbirkenbach/cymais/issues"
-  documentation: "https://github.com/kevinveenbirkenbach/cymais/tree/main/roles/srv-web-proxy-tls-deploy"
+  documentation: "https://github.com/kevinveenbirkenbach/cymais/tree/main/roles/srv-proxy-6-6-tls-deploy"
   min_ansible_version: "2.9"
   platforms:
     - name: Any

roles/srv-proxy-6-6-tls-deploy/tasks/main.yml

@@ -1,9 +1,9 @@
-- name: add srv-web-proxy-tls-deploy.sh
+- name: add srv-proxy-6-6-tls-deploy.sh
   copy: 
-    src: "srv-web-proxy-tls-deploy.sh" 
+    src: "srv-proxy-6-6-tls-deploy.sh" 
     dest: "{{nginx_docker_cert_deploy_script}}"
   when: run_once_nginx_docker_cert_deploy is not defined
-  notify: restart srv-web-proxy-tls-deploy.cymais.service
+  notify: restart srv-proxy-6-6-tls-deploy.cymais.service
 
 - name: run the nginx_docker_cert_deploy tasks once
   set_fact:
@@ -15,18 +15,18 @@
     path:     "{{cert_mount_directory}}"
     state:    directory
     mode:     0755
-  notify: restart srv-web-proxy-tls-deploy.cymais.service
+  notify: restart srv-proxy-6-6-tls-deploy.cymais.service
 
-- name: configure srv-web-proxy-tls-deploy.cymais.service
+- name: configure srv-proxy-6-6-tls-deploy.cymais.service
   template: 
-    src:  "srv-web-proxy-tls-deploy.service.j2"
-    dest: "/etc/systemd/system/srv-web-proxy-tls-deploy.{{application_id}}.cymais.service"
-  notify: restart srv-web-proxy-tls-deploy.cymais.service
+    src:  "srv-proxy-6-6-tls-deploy.service.j2"
+    dest: "/etc/systemd/system/srv-proxy-6-6-tls-deploy.{{application_id}}.cymais.service"
+  notify: restart srv-proxy-6-6-tls-deploy.cymais.service
 
 - name: "include role for gen-timer for {{service_name}}"
   include_role:
     name: gen-timer
   vars:
     on_calendar:  "{{on_calendar_deploy_certificates}}"
-    service_name: "srv-web-proxy-tls-deploy.{{application_id}}"
+    service_name: "srv-proxy-6-6-tls-deploy.{{application_id}}"
     persistent:   "true"

roles/srv-proxy-6-6-tls-deploy/templates/srv-proxy-6-6-tls-deploy.service.j2

@@ -4,4 +4,4 @@ OnFailure=alert-compose.cymais@%n.service
 
 [Service]
 Type=oneshot
-ExecStart=/usr/bin/bash {{path_administrator_scripts}}/srv-web-proxy-tls-deploy.sh {{ssl_cert_folder}} {{docker_compose.directories.instance}}
+ExecStart=/usr/bin/bash {{path_administrator_scripts}}/srv-proxy-6-6-tls-deploy.sh {{ssl_cert_folder}} {{docker_compose.directories.instance}}

roles/srv-proxy-6-6-tls-deploy/vars/main.yml

@@ -1 +1 @@
-nginx_docker_cert_deploy_script:  "{{path_administrator_scripts}}srv-web-proxy-tls-deploy.sh"
+nginx_docker_cert_deploy_script:  "{{path_administrator_scripts}}srv-proxy-6-6-tls-deploy.sh"

roles/srv-proxy-7-4-core/README.md

@@ -16,7 +16,7 @@ The goal of this role is to deliver a **hassle-free, production-ready reverse pr
 
 ## Features
 
-- **Automatic TLS & HSTS** — integrates with the *srv-web-https* role for certificate management.  
+- **Automatic TLS & HSTS** — integrates with the *srv-web-7-6-https* role for certificate management.  
 - **Flexible vHost templates** — *basic* and *ws_generic* flavours cover standard HTTP and WebSocket applications.  
 - **Security headers** — sensible defaults plus optional X-Frame-Options / CSP based on application settings.  
 - **WebSocket & HTTP/2 aware** — upgrades, keep-alive tuning, and gzip already configured.  

roles/srv-proxy-7-4-core/meta/main.yml

@@ -24,5 +24,5 @@ galaxy_info:
   issue_tracker_url: https://s.veen.world/cymaisissues
   documentation: https://s.veen.world/cymais
 dependencies:
-  - srv-web-https
-  - srv-web-core
+  - srv-web-7-6-https
+  - srv-web-7-4-core

roles/srv-proxy-7-4-core/templates/location/proxy_basic.conf.j2

@@ -14,7 +14,7 @@ location {{location | default("/")}}
   proxy_set_header X-Forwarded-Port 443;
   proxy_set_header Accept-Encoding "";
 
-  {% include 'roles/srv-web-proxy-core/templates/headers/content_security_policy.conf.j2' %}
+  {% include 'roles/srv-proxy-7-4-core/templates/headers/content_security_policy.conf.j2' %}
 
   # WebSocket specific header
   proxy_http_version 1.1;

roles/srv-proxy-7-4-core/templates/vhost/basic.conf.j2

@@ -6,7 +6,7 @@ server
     {% include 'roles/web-app-oauth2-proxy/templates/endpoint.conf.j2'%}
   {% endif %}
 
-  {% include 'roles/srv-web-injector-compose/templates/global.includes.conf.j2'%}
+  {% include 'roles/srv-web-7-7-inj-compose/templates/global.includes.conf.j2'%}
   
   {% if proxy_extra_configuration is defined %}
     {# Additional Domain Specific Configuration #}
@@ -22,38 +22,38 @@ server
       {# 1. Expose everything by default, then protect blacklisted paths #}
       {% set oauth2_proxy_enabled = false %}
       {% set location = "/" %}
-      {% include 'roles/srv-web-proxy-core/templates/location/proxy_basic.conf.j2' %}
+      {% include 'roles/srv-proxy-7-4-core/templates/location/proxy_basic.conf.j2' %}
 
       {% for loc in acl.blacklist %}
         {% set oauth2_proxy_enabled = true %}
         {% set location = loc %}
-        {% include 'roles/srv-web-proxy-core/templates/location/proxy_basic.conf.j2' %}
+        {% include 'roles/srv-proxy-7-4-core/templates/location/proxy_basic.conf.j2' %}
       {% endfor %}
 
     {% elif acl.whitelist is defined %}
       {# 2. Protect everything by default, then expose whitelisted paths #}
       {% set oauth2_proxy_enabled = true %}
       {% set location = "/" %}
-      {% include 'roles/srv-web-proxy-core/templates/location/proxy_basic.conf.j2' %}
+      {% include 'roles/srv-proxy-7-4-core/templates/location/proxy_basic.conf.j2' %}
 
       {% for loc in acl.whitelist %}
         {% set oauth2_proxy_enabled = false %}
         {% set location = loc %}
-        {% include 'roles/srv-web-proxy-core/templates/location/proxy_basic.conf.j2' %}
+        {% include 'roles/srv-proxy-7-4-core/templates/location/proxy_basic.conf.j2' %}
       {% endfor %}
 
     {% else %}
       {# 3. OAuth2 enabled but no (or empty) ACL — protect all #}
       {% set oauth2_proxy_enabled = true %}
       {% set location = "/" %}
-      {% include 'roles/srv-web-proxy-core/templates/location/proxy_basic.conf.j2' %}
+      {% include 'roles/srv-proxy-7-4-core/templates/location/proxy_basic.conf.j2' %}
     {% endif %}
 
   {% else %}
     {# 4. OAuth2 completely disabled — expose all #}
     {% set oauth2_proxy_enabled = false %}
     {% set location = "/" %}
-    {% include 'roles/srv-web-proxy-core/templates/location/proxy_basic.conf.j2' %}
+    {% include 'roles/srv-proxy-7-4-core/templates/location/proxy_basic.conf.j2' %}
   {% endif %}
 
 }

roles/srv-proxy-7-4-core/templates/vhost/ws_generic.conf.j2

@@ -7,7 +7,7 @@ server {
   server_name {{ domain }};
 
   {% include 'roles/net-letsencrypt/templates/ssl_header.j2' %}
-  {% include 'roles/srv-web-injector-compose/templates/global.includes.conf.j2' %}
+  {% include 'roles/srv-web-7-7-inj-compose/templates/global.includes.conf.j2' %}
 
   client_max_body_size {{ client_max_body_size | default('100m') }};
   keepalive_timeout    70;
@@ -24,7 +24,7 @@ server {
 
   add_header Strict-Transport-Security "max-age=31536000";
 
-  {% include 'roles/srv-web-proxy-core/templates/location/proxy_basic.conf.j2' %}
+  {% include 'roles/srv-proxy-7-4-core/templates/location/proxy_basic.conf.j2' %}
 
   {% if ws_path is defined %}
     location {{ ws_path }} {

roles/srv-web-6-6-tls-core/meta/main.yml

@@ -28,4 +28,4 @@ galaxy_info:
   issue_tracker_url: "https://s.veen.world/cymaisissues"
   documentation: "https://s.veen.world/cymais"
 dependencies:
-  - srv-web-https
+  - srv-web-7-6-https

roles/srv-web-6-6-tls-renew/handlers/main.yml

@@ -1,6 +1,6 @@
 - name: "reload certbot service"
   systemd:
-    name: srv-web-tls-renew.cymais.service
+    name: srv-web-6-6-tls-renew.cymais.service
     state: reloaded
     enabled: yes
     daemon_reload: yes

roles/srv-web-6-6-tls-renew/meta/main.yml

@@ -28,6 +28,6 @@ galaxy_info:
   documentation: "https://s.veen.world/cymais"
 dependencies:
   - gen-certbot
-  - srv-web-core
+  - srv-web-7-4-core
   - alert-compose
   - cln-certs

roles/srv-web-6-6-tls-renew/tasks/main.yml

@@ -5,10 +5,10 @@
     state: present
   when: run_once_nginx_certbot is not defined
 
-- name: configure srv-web-tls-renew.cymais.service
+- name: configure srv-web-6-6-tls-renew.cymais.service
   template: 
-    src:  srv-web-tls-renew.service.j2
-    dest: /etc/systemd/system/srv-web-tls-renew.cymais.service
+    src:  srv-web-6-6-tls-renew.service.j2
+    dest: /etc/systemd/system/srv-web-6-6-tls-renew.cymais.service
   notify: reload certbot service
   when: run_once_nginx_certbot is not defined
 

roles/srv-web-7-4-core/meta/main.yml

@@ -18,7 +18,7 @@ galaxy_info:
     - performance
   repository: "https://github.com/kevinveenbirkenbach/cymais"
   issue_tracker_url: "https://github.com/kevinveenbirkenbach/cymais/issues"
-  documentation: "https://github.com/kevinveenbirkenbach/cymais/roles/srv-web-core"
+  documentation: "https://github.com/kevinveenbirkenbach/cymais/roles/srv-web-7-4-core"
 dependencies:
   - mon-bot-webserver
   - mon-bot-csp

roles/srv-web-7-6-composer/README.md

@@ -1,10 +1,10 @@
-# Role: srv-web-composer
+# Role: srv-web-7-6-composer
 
 This Ansible role composes and orchestrates all necessary HTTPS-layer tasks and HTML-content injections for your webserver domains. It integrates two key sub-roles into a unified workflow:
 
-1. **`srv-web-injector-compose`**
+1. **`srv-web-7-7-inj-compose`**
    Injects global HTML snippets (CSS, Matomo tracking, iFrame notifier, custom JavaScript) into responses using Nginx `sub_filter`.
-2. **`srv-web-tls-core`**
+2. **`srv-web-6-6-tls-core`**
    Handles issuing, renewing, and managing TLS certificates via ACME/Certbot.
 
 By combining encryption setup with content enhancements, this role streamlines domain provisioning for secure, fully-featured HTTP/HTTPS delivery.
@@ -16,7 +16,7 @@ By combining encryption setup with content enhancements, this role streamlines d
 * **Content Injection**
   Adds global theming, analytics, and custom scripts before `</head>` and tracking noscript tags before `</body>`.
 * **Certificate Management**
-  Automates cert issuance and renewal via `srv-web-tls-core`.
+  Automates cert issuance and renewal via `srv-web-6-6-tls-core`.
 * **Idempotent Workflow**
   Ensures each component runs only once per domain.
 * **Simplified Playbooks**

roles/srv-web-7-6-composer/meta/main.yml

@@ -27,7 +27,7 @@ galaxy_info:
     - orchestration
   repository: "https://github.com/kevinveenbirkenbach/cymais"
   issue_tracker_url: "https://github.com/kevinveenbirkenbach/cymais/issues"
-  documentation: "https://github.com/kevinveenbirkenbach/cymais/roles/srv-web-composer"
+  documentation: "https://github.com/kevinveenbirkenbach/cymais/roles/srv-web-7-6-composer"
 dependencies:
-  - srv-web-injector-compose
-  - srv-web-tls-core
+  - srv-web-7-7-inj-compose
+  - srv-web-6-6-tls-core

roles/srv-web-7-6-composer/tasks/main.yml

@@ -0,0 +1,7 @@
+- name: "include role srv-web-7-7-inj-compose for {{domain}}"
+  include_role: 
+    name: srv-web-7-7-inj-compose
+
+- name: "include role srv-web-6-6-tls-core for {{domain}}"
+  include_role: 
+    name: srv-web-6-6-tls-core

roles/srv-web-7-6-https/README.md

@@ -1,21 +1,21 @@
 # Webserver HTTPS Provisioning 🚀
 
 ## Description
-The **srv-web-https** role extends a basic Nginx installation by wiring in everything you need to serve content over HTTPS:
+The **srv-web-7-6-https** role extends a basic Nginx installation by wiring in everything you need to serve content over HTTPS:
 
 1. Ensures your Nginx server is configured for SSL/TLS.
 2. Pulls in Let’s Encrypt ACME challenge handling.
 3. Applies global cleanup of unused domain configs.
 
-This role is built on top of your existing `srv-web-core` role, and it automates the end-to-end process of turning HTTP sites into secure HTTPS sites.
+This role is built on top of your existing `srv-web-7-4-core` role, and it automates the end-to-end process of turning HTTP sites into secure HTTPS sites.
 
 ---
 
 ## Overview
 
-When you apply **srv-web-https**, it will:
+When you apply **srv-web-7-6-https**, it will:
 
-1. **Include** the `srv-web-core` role to install and configure Nginx.  
+1. **Include** the `srv-web-7-4-core` role to install and configure Nginx.  
 2. **Clean up** any stale vHost files under `cln-domains`.  
 3. **Deploy** the Let’s Encrypt challenge-and-redirect snippet from `net-letsencrypt`.  
 4. **Reload** Nginx automatically when any template changes.
@@ -42,7 +42,7 @@ All tasks are idempotent—once your certificates are in place and your configur
 
 ## Requirements
 
-- A working `srv-web-core` setup.
+- A working `srv-web-7-4-core` setup.
 - DNS managed via Cloudflare (for CAA record tasks) or equivalent ACME DNS flow.
 - Variables:
   - `certbot_webroot_path`  

roles/srv-web-7-6-https/meta/main.yml

@@ -24,6 +24,6 @@ galaxy_info:
   issue_tracker_url: "https://s.veen.world/cymaisissues"
 
 dependencies:
-  - srv-web-core
+  - srv-web-7-4-core
   - cln-domains
   - net-letsencrypt

roles/srv-web-7-7-inj-compose/meta/main.yml

@@ -15,7 +15,7 @@ galaxy_info:
     - theming
   repository: "https://github.com/kevinveenbirkenbach/cymais"
   issue_tracker_url: "https://github.com/kevinveenbirkenbach/cymais/issues"
-  documentation: "https://github.com/kevinveenbirkenbach/cymais/tree/main/roles/srv-web-injector-compose"
+  documentation: "https://github.com/kevinveenbirkenbach/cymais/tree/main/roles/srv-web-7-7-inj-compose"
   min_ansible_version: "2.9"
   platforms:
     - name: Any
@@ -23,5 +23,5 @@ galaxy_info:
         - all
 dependencies:
 # The injections are called in the script. Keep the logic there.
-  - srv-web-core
+  - srv-web-7-4-core
   

roles/srv-web-7-7-inj-compose/tasks/main.yml

@@ -1,19 +1,19 @@
 - name: "Activate Global CSS for {{domain}}"
   include_role:
-    name: srv-web-injector-css
+    name: srv-web-7-7-inj-css
   when: applications | is_feature_enabled('css',application_id)
 
 - name: "Activate Global Matomo Tracking for {{domain}}"
   include_role:
-    name: srv-web-injector-matomo
+    name: srv-web-7-7-inj-matomo
   when: applications | is_feature_enabled('matomo',application_id)
 
 - name: "Activate Portfolio iFrame Notifier for {{ domain }}"
   include_role:
-    name: srv-web-injector-iframe
+    name: srv-web-7-7-inj-iframe
   when: applications | is_feature_enabled('portfolio_iframe', application_id)
 
 - name: "Activate Javascript for {{ domain }}"
   include_role:
-    name: srv-web-injector-javascript
+    name: srv-web-7-7-inj-javascript
   when: applications | is_feature_enabled('javascript', application_id)

roles/srv-web-7-7-inj-compose/templates/global.includes.conf.j2

@@ -10,24 +10,24 @@ sub_filter_types text/html;
 {% if modifier_iframe_enabled or modifier_css_enabled or modifier_matomo_enabled or modifier_javascript_enabled %}
 sub_filter '</head>' ' 
         {%- if modifier_css_enabled -%}
-          {%- include "roles/srv-web-injector-css/templates/head_sub.j2" -%}
+          {%- include "roles/srv-web-7-7-inj-css/templates/head_sub.j2" -%}
         {%- endif -%}
         {%- if modifier_matomo_enabled -%}
-          {%- include "roles/srv-web-injector-matomo/templates/head_sub.j2" -%}
+          {%- include "roles/srv-web-7-7-inj-matomo/templates/head_sub.j2" -%}
         {%- endif -%}
         {%- if modifier_iframe_enabled -%}
-          {%- include "roles/srv-web-injector-iframe/templates/head_sub.j2" -%}
+          {%- include "roles/srv-web-7-7-inj-iframe/templates/head_sub.j2" -%}
         {%- endif -%}
         {%- if modifier_javascript_enabled -%}
-          {%- include "roles/srv-web-injector-javascript/templates/head_sub.j2" -%}
+          {%- include "roles/srv-web-7-7-inj-javascript/templates/head_sub.j2" -%}
         {%- endif -%}
       </head>';
 {% endif %}
 
 {% if modifier_css_enabled | bool %}
-{% include 'roles/srv-web-injector-css/templates/location.conf.j2' %}
+{% include 'roles/srv-web-7-7-inj-css/templates/location.conf.j2' %}
 {% endif %}
 
 {% if modifier_matomo_enabled %}
-{% include 'roles/srv-web-injector-matomo/templates/matomo-tracking.conf.j2' %}
+{% include 'roles/srv-web-7-7-inj-matomo/templates/matomo-tracking.conf.j2' %}
 {% endif %}

roles/srv-web-7-7-inj-css/meta/main.yml

@@ -26,4 +26,4 @@ galaxy_info:
   issue_tracker_url: https://s.veen.world/cymaisissues
   documentation: https://s.veen.world/cymais
 dependencies:
-  - srv-web-core
+  - srv-web-7-4-core

roles/srv-web-7-7-inj-css/tasks/main.yml

@@ -1,4 +1,4 @@
-# Load this role via srv-web-injector-compose for consistency
+# Load this role via srv-web-7-7-inj-compose for consistency
 
 - name: Generate color palette with colorscheme-generator
   set_fact:

roles/srv-web-7-7-inj-iframe/meta/main.yml

@@ -25,4 +25,4 @@ galaxy_info:
     - security
     - postMessage
 dependencies:
-  - srv-web-core
+  - srv-web-7-4-core

roles/srv-web-7-7-inj-javascript/meta/main.yml

@@ -25,4 +25,4 @@ galaxy_info:
   issue_tracker_url: "https://s.veen.world/cymaisissues"
 
 dependencies:
-  - srv-web-core
+  - srv-web-7-4-core

roles/srv-web-7-7-inj-matomo/meta/main.yml

@@ -14,11 +14,11 @@ galaxy_info:
     - analytics
   repository: "https://github.com/kevinveenbirkenbach/cymais"
   issue_tracker_url: "https://github.com/kevinveenbirkenbach/cymais/issues"
-  documentation: "https://github.com/kevinveenbirkenbach/cymais/tree/main/roles/srv-web-injector-matomo"
+  documentation: "https://github.com/kevinveenbirkenbach/cymais/tree/main/roles/srv-web-7-7-inj-matomo"
   min_ansible_version: "2.9"
   platforms:
     - name: Any
       versions: [ all ]
 dependencies:
-  - srv-web-core
+  - srv-web-7-4-core
 

roles/srv-web-7-7-inj-matomo/tasks/main.yml

@@ -1,4 +1,4 @@
-# Load this role via srv-web-injector-compose for consistency
+# Load this role via srv-web-7-7-inj-compose for consistency
 
 - name: "Relevant variables for role: {{ role_path | basename }}"
   debug:

roles/srv-web-composer/tasks/main.yml

@@ -1,7 +0,0 @@
-- name: "include role srv-web-injector-compose for {{domain}}"
-  include_role: 
-    name: srv-web-injector-compose
-
-- name: "include role srv-web-tls-core for {{domain}}"
-  include_role: 
-    name: srv-web-tls-core

roles/srv-web-proxy-tls-deploy/handlers/main.yml

@@ -1,7 +0,0 @@
----
-- name: "restart srv-web-proxy-tls-deploy.cymais.service"
-  systemd:
-    name:           srv-web-proxy-tls-deploy.{{application_id}}.cymais.service
-    state:          restarted
-    enabled:        yes
-    daemon_reload:  yes

roles/web-app-attendize/tasks/main.yml

@@ -5,7 +5,7 @@
 
 - name: "include role for {{application_id}} to receive certs & do modification routines"
   include_role:
-    name: srv-web-composer
+    name: srv-web-7-6-composer
   vars:
     domain: "{{ item }}"
     http_port:   "{{ ports.localhost.http[application_id] }}"
@@ -15,7 +15,7 @@
     
 - name: configure {{domains | get_domain(application_id)}}.conf
   template: 
-    src: roles/srv-web-proxy-core/templates/vhost/basic.conf.j2 
+    src: roles/srv-proxy-7-4-core/templates/vhost/basic.conf.j2 
     dest: "{{nginx.directories.http.servers}}{{domains | get_domain(application_id)}}.conf"
   notify: restart nginx
 

roles/web-app-bigbluebutton/README.md

@@ -35,7 +35,7 @@ By default, BigBlueButton is deployed with best-practice hardening, modular secr
 ## System Requirements
 
 - Arch Linux with Docker, Compose, and Nginx roles pre-installed
-- DNS and reverse proxy configuration using `srv-web-proxy-core`
+- DNS and reverse proxy configuration using `srv-proxy-7-4-core`
 - Functional email system for Greenlight SMTP
 
 ## Important Resources

roles/web-app-bigbluebutton/tasks/main.yml

@@ -17,9 +17,9 @@
     database_username:  "postgres"
     database_name:      ""                              # Multiple databases
 
-- name: "include role srv-web-proxy-domain for {{application_id}}"
+- name: "include role srv-proxy-6-6-domain for {{application_id}}"
   include_role:
-    name: srv-web-proxy-domain
+    name: srv-proxy-6-6-domain
 
 - name: pull docker repository
   git:

roles/web-app-bluesky/tasks/main.yml

@@ -2,9 +2,9 @@
   include_role: 
     name: docker-compose
 
-- name: "include role srv-web-proxy-domain for {{application_id}}"
+- name: "include role srv-proxy-6-6-domain for {{application_id}}"
   include_role:
-    name: srv-web-proxy-domain
+    name: srv-proxy-6-6-domain
   vars:
     domain: "{{ item.domain }}"
     http_port: "{{ item.http_port }}"

roles/web-app-collabora/templates/nginx.conf.j2

@@ -3,13 +3,13 @@ server {
 
   {% include 'roles/net-letsencrypt/templates/ssl_header.j2' %}
 
-  {% include 'roles/srv-web-injector-compose/templates/global.includes.conf.j2'%}
+  {% include 'roles/srv-web-7-7-inj-compose/templates/global.includes.conf.j2'%}
   
-  {% include 'roles/srv-web-proxy-core/templates/headers/content_security_policy.conf.j2' %}
+  {% include 'roles/srv-proxy-7-4-core/templates/headers/content_security_policy.conf.j2' %}
 
-  {% include 'roles/srv-web-proxy-core/templates/location/proxy_basic.conf.j2' %}
+  {% include 'roles/srv-proxy-7-4-core/templates/location/proxy_basic.conf.j2' %}
 
   {% set location = '^~ /cool/' %}
   
-  {% include 'roles/srv-web-proxy-core/templates/location/proxy_basic.conf.j2' %}
+  {% include 'roles/srv-proxy-7-4-core/templates/location/proxy_basic.conf.j2' %}
 }

roles/web-app-coturn/meta/main.yml

@@ -23,4 +23,4 @@ galaxy_info:
         - all
 dependencies:
   - docker-compose
-  - srv-web-proxy-domain
+  - srv-proxy-6-6-domain

roles/web-app-elk/tasks/main.yml

@@ -1,8 +1,8 @@
 ---
 
-- name: "include role srv-web-proxy-domain for {{application_id}}"
+- name: "include role srv-proxy-6-6-domain for {{application_id}}"
   include_role:
-    name: srv-web-proxy-domain
+    name: srv-proxy-6-6-domain
   vars:
     domain:   "{{ domains | get_domain(application_id) }}"
     http_port:   "{{ ports.localhost.http[application_id] }}"

roles/web-app-fusiondirectory/README.md

@@ -9,7 +9,7 @@ This Ansible role deploys and configures [FusionDirectory](https://www.fusiondir
 - Loads and templating of FusionDirectory-specific variables  
 - Generates a `.env` file for the container environment  
 - Deploys the FusionDirectory container via Docker Compose  
-- Configures NGINX (via the `srv-web-proxy-domain` role) to expose the service  
+- Configures NGINX (via the `srv-proxy-6-6-domain` role) to expose the service  
 - Integrates with your central LDAP server for authentication  
 
 ## Features

roles/web-app-mailu/tasks/main.yml

@@ -4,9 +4,9 @@
     name: cmp-db-docker-proxy
   when: run_once_docker_mailu is not defined
 
-- name: "Include the srv-web-proxy-tls-deploy role"
+- name: "Include the srv-proxy-6-6-tls-deploy role"
   include_role:
-    name: srv-web-proxy-tls-deploy
+    name: srv-proxy-6-6-tls-deploy
   when: run_once_docker_mailu is not defined
 
 - name: Flush docker service handlers

roles/web-app-mastodon/tasks/main.yml

@@ -5,7 +5,7 @@
 
 - name: "Include setup for domain '{{ domain }}'"
   include_role: 
-    name: srv-web-proxy-domain
+    name: srv-proxy-6-6-domain
   loop: "{{ domains.mastodon }}"
   loop_control:
     loop_var: domain

roles/web-app-matrix-deprecated/meta/main.yml

@@ -24,4 +24,4 @@ galaxy_info:
   logo:
     class: "fa-solid fa-satellite-dish"
 dependencies: 
-- srv-web-proxy-core
+- srv-proxy-7-4-core

roles/web-app-matrix-deprecated/tasks/main.yml

@@ -1,7 +1,7 @@
 ---
-- name: "include role srv-web-proxy-domain for {{application_id}}"
+- name: "include role srv-proxy-6-6-domain for {{application_id}}"
   include_role: 
-    name: srv-web-proxy-domain
+    name: srv-proxy-6-6-domain
   loop:
     - "{{domains.matrix.element}}"
     - "{{domains.matrix.synapse}}"

roles/web-app-matrix/tasks/main.yml

@@ -14,7 +14,7 @@
 
 - name: "include role for {{application_id}} to receive certs & do modification routines"
   include_role:
-    name: srv-web-composer
+    name: srv-web-7-6-composer
   vars:
     domain:     "{{domains.matrix.synapse}}"
     http_port:  "{{ports.localhost.http.synapse}}"
@@ -39,9 +39,9 @@
     http_port:  "{{ports.localhost.http.synapse}}"
   notify: restart nginx
         
-- name: "include role srv-web-proxy-domain for {{application_id}}"
+- name: "include role srv-proxy-6-6-domain for {{application_id}}"
   include_role: 
-    name: srv-web-proxy-domain
+    name: srv-proxy-6-6-domain
   vars:        
     domain:     "{{domains.matrix.element}}"
     http_port:  "{{ports.localhost.http.element}}"

roles/web-app-matrix/templates/nginx.conf.j2

@@ -11,6 +11,6 @@ server {
     listen 8448 ssl default_server;
     listen [::]:8448 ssl default_server;
 
-    {% include 'roles/srv-web-injector-compose/templates/global.includes.conf.j2'%}
-    {% include 'roles/srv-web-proxy-core/templates/location/proxy_basic.conf.j2' %}
+    {% include 'roles/srv-web-7-7-inj-compose/templates/global.includes.conf.j2'%}
+    {% include 'roles/srv-proxy-7-4-core/templates/location/proxy_basic.conf.j2' %}
 }

roles/web-app-mybb/meta/main.yml

@@ -24,4 +24,4 @@ galaxy_info:
     - web-app-keycloak
     - web-app-mailu
 dependencies:
-  - srv-web-proxy-core
+  - srv-proxy-7-4-core