From 96268e7161a6377ed6c2ae6ce229a39f9992c3a1 Mon Sep 17 00:00:00 2001 From: Kevin Veen-Birkenbach Date: Thu, 10 Jul 2025 12:33:46 +0200 Subject: [PATCH] Renamed server roles by osi they work on --- roles/README.md | 10 +++++----- roles/categories.yml | 16 ++++++++-------- roles/cln-domains/meta/main.yml | 2 +- roles/cmp-db-docker-proxy/README.md | 2 +- roles/cmp-db-docker-proxy/meta/main.yml | 2 +- roles/cmp-db-docker-proxy/tasks/main.yml | 4 ++-- roles/cmp-docker-proxy/README.md | 2 +- roles/cmp-docker-proxy/meta/main.yml | 2 +- roles/cmp-docker-proxy/tasks/main.yml | 4 ++-- roles/docker-compose/README.md | 2 +- roles/net-letsencrypt/meta/main.yml | 2 +- .../README.md | 8 ++++---- .../defaults/main.yml | 2 +- .../meta/main.yml | 2 +- .../tasks/main.yml | 2 +- .../vars/main.yml | 0 .../README.md | 8 ++++---- .../SETUP.md | 0 .../files/srv-proxy-6-6-tls-deploy.sh} | 0 .../srv-proxy-6-6-tls-deploy/handlers/main.yml | 7 +++++++ .../meta/main.yml | 2 +- .../tasks/main.yml | 18 +++++++++--------- .../srv-proxy-6-6-tls-deploy.service.j2} | 2 +- .../vars/main.yml | 2 +- .../README.md | 2 +- .../Todo.md | 0 .../meta/main.yml | 4 ++-- .../headers/content_security_policy.conf.j2 | 0 .../templates/location/proxy_basic.conf.j2 | 2 +- .../templates/location/proxy_cache.conf.j2 | 0 .../templates/vhost/basic.conf.j2 | 14 +++++++------- .../templates/vhost/ws_generic.conf.j2 | 4 ++-- .../README.md | 0 .../meta/main.yml | 2 +- .../tasks/flavors/dedicated.yml | 0 .../tasks/flavors/san.yml | 0 .../tasks/flavors/wildcard.yml | 0 .../tasks/main.yml | 0 .../README.md | 0 .../handlers/main.yml | 2 +- .../meta/main.yml | 2 +- .../tasks/main.yml | 6 +++--- .../srv-web-6-6-tls-renew.service.j2} | 0 .../README.md | 0 .../handlers/main.yml | 0 .../meta/main.yml | 2 +- .../tasks/cache_directories.yml | 0 .../tasks/main.yml | 0 .../tasks/reset.yml | 0 .../templates/nginx.conf.j2 | 0 .../README.md | 8 ++++---- .../meta/main.yml | 6 +++--- roles/srv-web-7-6-composer/tasks/main.yml | 7 +++++++ .../README.md | 10 +++++----- .../meta/main.yml | 2 +- .../README.md | 0 .../meta/main.yml | 4 ++-- .../tasks/main.yml | 8 ++++---- .../templates/global.includes.conf.j2 | 12 ++++++------ .../README.md | 0 .../meta/main.yml | 2 +- .../tasks/main.yml | 2 +- .../templates/global.css.j2 | 0 .../templates/head_sub.j2 | 0 .../templates/location.conf.j2 | 0 .../vars/main.yml | 0 .../README.md | 0 .../meta/main.yml | 2 +- .../tasks/main.yml | 0 .../templates/head_sub.j2 | 0 .../templates/iframe-handler.js.j2 | 0 .../README.md | 0 .../meta/main.yml | 2 +- .../tasks/main.yml | 0 .../templates/head_sub.j2 | 0 .../vars/main.yml | 0 .../README.md | 0 .../meta/main.yml | 4 ++-- .../tasks/main.yml | 2 +- .../templates/head_sub.j2 | 0 .../templates/matomo-tracking.conf.j2 | 0 .../templates/matomo-tracking.js.j2 | 0 .../vars/main.yml | 0 roles/srv-web-composer/tasks/main.yml | 7 ------- .../srv-web-proxy-tls-deploy/handlers/main.yml | 7 ------- roles/web-app-attendize/tasks/main.yml | 4 ++-- roles/web-app-bigbluebutton/README.md | 2 +- roles/web-app-bigbluebutton/tasks/main.yml | 4 ++-- roles/web-app-bluesky/tasks/main.yml | 4 ++-- .../web-app-collabora/templates/nginx.conf.j2 | 8 ++++---- roles/web-app-coturn/meta/main.yml | 2 +- roles/web-app-elk/tasks/main.yml | 4 ++-- roles/web-app-fusiondirectory/README.md | 2 +- roles/web-app-mailu/tasks/main.yml | 4 ++-- roles/web-app-mastodon/tasks/main.yml | 2 +- roles/web-app-matrix-deprecated/meta/main.yml | 2 +- roles/web-app-matrix-deprecated/tasks/main.yml | 4 ++-- roles/web-app-matrix/tasks/main.yml | 6 +++--- roles/web-app-matrix/templates/nginx.conf.j2 | 4 ++-- roles/web-app-mybb/meta/main.yml | 2 +- roles/web-app-mybb/tasks/setup-domain.yml | 4 ++-- roles/web-app-nextcloud/tasks/main.yml | 2 +- .../templates/nginx/host.conf.j2 | 4 ++-- roles/web-app-oauth2-proxy/meta/main.yml | 2 +- .../web-app-peertube/tasks/create-domains.yml | 2 +- .../templates/peertube.conf.j2 | 4 ++-- roles/web-app-syncope/tasks/main.yml | 2 +- roles/web-app-syncope/templates/proxy.conf | 4 ++-- roles/web-app-taiga/README.md | 2 +- roles/web-app-wordpress/tasks/main.yml | 4 ++-- roles/web-redirect-domains/README.md | 2 +- roles/web-redirect-domains/meta/main.yml | 2 +- .../tasks/redirect-domain.yml | 2 +- roles/web-redirect-www/meta/main.yml | 2 +- roles/web-svc-files/meta/main.yml | 2 +- roles/web-svc-files/tasks/main.yml | 2 +- roles/web-svc-files/templates/nginx.conf.j2 | 4 ++-- roles/web-svc-html/meta/main.yml | 2 +- roles/web-svc-html/tasks/main.yml | 2 +- roles/web-svc-html/templates/nginx.conf.j2 | 4 ++-- 120 files changed, 167 insertions(+), 167 deletions(-) rename roles/{srv-web-proxy-domain => srv-proxy-6-6-domain}/README.md (84%) rename roles/{srv-web-proxy-domain => srv-proxy-6-6-domain}/defaults/main.yml (72%) rename roles/{srv-web-proxy-domain => srv-proxy-6-6-domain}/meta/main.yml (96%) rename roles/{srv-web-proxy-domain => srv-proxy-6-6-domain}/tasks/main.yml (97%) rename roles/{srv-web-proxy-domain => srv-proxy-6-6-domain}/vars/main.yml (100%) rename roles/{srv-web-proxy-tls-deploy => srv-proxy-6-6-tls-deploy}/README.md (89%) rename roles/{srv-web-proxy-tls-deploy => srv-proxy-6-6-tls-deploy}/SETUP.md (100%) rename roles/{srv-web-proxy-tls-deploy/files/srv-web-proxy-tls-deploy.sh => srv-proxy-6-6-tls-deploy/files/srv-proxy-6-6-tls-deploy.sh} (100%) create mode 100644 roles/srv-proxy-6-6-tls-deploy/handlers/main.yml rename roles/{srv-web-proxy-tls-deploy => srv-proxy-6-6-tls-deploy}/meta/main.yml (94%) rename roles/{srv-web-proxy-tls-deploy => srv-proxy-6-6-tls-deploy}/tasks/main.yml (56%) rename roles/{srv-web-proxy-tls-deploy/templates/srv-web-proxy-tls-deploy.service.j2 => srv-proxy-6-6-tls-deploy/templates/srv-proxy-6-6-tls-deploy.service.j2} (56%) rename roles/{srv-web-proxy-tls-deploy => srv-proxy-6-6-tls-deploy}/vars/main.yml (68%) rename roles/{srv-web-proxy-core => srv-proxy-7-4-core}/README.md (93%) rename roles/{srv-web-proxy-core => srv-proxy-7-4-core}/Todo.md (100%) rename roles/{srv-web-proxy-core => srv-proxy-7-4-core}/meta/main.yml (94%) rename roles/{srv-web-proxy-core => srv-proxy-7-4-core}/templates/headers/content_security_policy.conf.j2 (100%) rename roles/{srv-web-proxy-core => srv-proxy-7-4-core}/templates/location/proxy_basic.conf.j2 (93%) rename roles/{srv-web-proxy-core => srv-proxy-7-4-core}/templates/location/proxy_cache.conf.j2 (100%) rename roles/{srv-web-proxy-core => srv-proxy-7-4-core}/templates/vhost/basic.conf.j2 (78%) rename roles/{srv-web-proxy-core => srv-proxy-7-4-core}/templates/vhost/ws_generic.conf.j2 (89%) rename roles/{srv-web-tls-core => srv-web-6-6-tls-core}/README.md (100%) rename roles/{srv-web-tls-core => srv-web-6-6-tls-core}/meta/main.yml (97%) rename roles/{srv-web-tls-core => srv-web-6-6-tls-core}/tasks/flavors/dedicated.yml (100%) rename roles/{srv-web-tls-core => srv-web-6-6-tls-core}/tasks/flavors/san.yml (100%) rename roles/{srv-web-tls-core => srv-web-6-6-tls-core}/tasks/flavors/wildcard.yml (100%) rename roles/{srv-web-tls-core => srv-web-6-6-tls-core}/tasks/main.yml (100%) rename roles/{srv-web-tls-renew => srv-web-6-6-tls-renew}/README.md (100%) rename roles/{srv-web-tls-renew => srv-web-6-6-tls-renew}/handlers/main.yml (68%) rename roles/{srv-web-tls-renew => srv-web-6-6-tls-renew}/meta/main.yml (97%) rename roles/{srv-web-tls-renew => srv-web-6-6-tls-renew}/tasks/main.yml (81%) rename roles/{srv-web-tls-renew/templates/srv-web-tls-renew.service.j2 => srv-web-6-6-tls-renew/templates/srv-web-6-6-tls-renew.service.j2} (100%) rename roles/{srv-web-core => srv-web-7-4-core}/README.md (100%) rename roles/{srv-web-core => srv-web-7-4-core}/handlers/main.yml (100%) rename roles/{srv-web-core => srv-web-7-4-core}/meta/main.yml (96%) rename roles/{srv-web-core => srv-web-7-4-core}/tasks/cache_directories.yml (100%) rename roles/{srv-web-core => srv-web-7-4-core}/tasks/main.yml (100%) rename roles/{srv-web-core => srv-web-7-4-core}/tasks/reset.yml (100%) rename roles/{srv-web-core => srv-web-7-4-core}/templates/nginx.conf.j2 (100%) rename roles/{srv-web-composer => srv-web-7-6-composer}/README.md (86%) rename roles/{srv-web-composer => srv-web-7-6-composer}/meta/main.yml (91%) create mode 100644 roles/srv-web-7-6-composer/tasks/main.yml rename roles/{srv-web-https => srv-web-7-6-https}/README.md (78%) rename roles/{srv-web-https => srv-web-7-6-https}/meta/main.yml (97%) rename roles/{srv-web-injector-compose => srv-web-7-7-inj-compose}/README.md (100%) rename roles/{srv-web-injector-compose => srv-web-7-7-inj-compose}/meta/main.yml (92%) rename roles/{srv-web-injector-compose => srv-web-7-7-inj-compose}/tasks/main.yml (80%) rename roles/{srv-web-injector-compose => srv-web-7-7-inj-compose}/templates/global.includes.conf.j2 (68%) rename roles/{srv-web-injector-css => srv-web-7-7-inj-css}/README.md (100%) rename roles/{srv-web-injector-css => srv-web-7-7-inj-css}/meta/main.yml (97%) rename roles/{srv-web-injector-css => srv-web-7-7-inj-css}/tasks/main.yml (95%) rename roles/{srv-web-injector-css => srv-web-7-7-inj-css}/templates/global.css.j2 (100%) rename roles/{srv-web-injector-css => srv-web-7-7-inj-css}/templates/head_sub.j2 (100%) rename roles/{srv-web-injector-css => srv-web-7-7-inj-css}/templates/location.conf.j2 (100%) rename roles/{srv-web-injector-css => srv-web-7-7-inj-css}/vars/main.yml (100%) rename roles/{srv-web-injector-iframe => srv-web-7-7-inj-iframe}/README.md (100%) rename roles/{srv-web-injector-iframe => srv-web-7-7-inj-iframe}/meta/main.yml (97%) rename roles/{srv-web-injector-iframe => srv-web-7-7-inj-iframe}/tasks/main.yml (100%) rename roles/{srv-web-injector-iframe => srv-web-7-7-inj-iframe}/templates/head_sub.j2 (100%) rename roles/{srv-web-injector-iframe => srv-web-7-7-inj-iframe}/templates/iframe-handler.js.j2 (100%) rename roles/{srv-web-injector-javascript => srv-web-7-7-inj-javascript}/README.md (100%) rename roles/{srv-web-injector-javascript => srv-web-7-7-inj-javascript}/meta/main.yml (97%) rename roles/{srv-web-injector-javascript => srv-web-7-7-inj-javascript}/tasks/main.yml (100%) rename roles/{srv-web-injector-javascript => srv-web-7-7-inj-javascript}/templates/head_sub.j2 (100%) rename roles/{srv-web-injector-javascript => srv-web-7-7-inj-javascript}/vars/main.yml (100%) rename roles/{srv-web-injector-matomo => srv-web-7-7-inj-matomo}/README.md (100%) rename roles/{srv-web-injector-matomo => srv-web-7-7-inj-matomo}/meta/main.yml (92%) rename roles/{srv-web-injector-matomo => srv-web-7-7-inj-matomo}/tasks/main.yml (96%) rename roles/{srv-web-injector-matomo => srv-web-7-7-inj-matomo}/templates/head_sub.j2 (100%) rename roles/{srv-web-injector-matomo => srv-web-7-7-inj-matomo}/templates/matomo-tracking.conf.j2 (100%) rename roles/{srv-web-injector-matomo => srv-web-7-7-inj-matomo}/templates/matomo-tracking.js.j2 (100%) rename roles/{srv-web-injector-matomo => srv-web-7-7-inj-matomo}/vars/main.yml (100%) delete mode 100644 roles/srv-web-composer/tasks/main.yml delete mode 100644 roles/srv-web-proxy-tls-deploy/handlers/main.yml diff --git a/roles/README.md b/roles/README.md index 8f9520da..ae728674 100644 --- a/roles/README.md +++ b/roles/README.md @@ -24,19 +24,19 @@ For a complete list of role categories and detailed definitions, see: ## Webserver & HTTP -- **srv-web-core** +- **srv-web-7-4-core** Installs and configures the base Nginx server. -- **srv-web-tls-*** - Manages TLS certificates and renewal (formerly “https”; e.g. `srv-web-tls-deploy`, `srv-web-tls-renew`). +- **srv-web-6-6-tls-*** + Manages TLS certificates and renewal (formerly “https”; e.g. `srv-web-6-6-tls-deploy`, `srv-web-6-6-tls-renew`). - **srv-web-proxy-*** Proxy and vhost orchestration roles (domain setup, OAuth2 proxy, etc.) -- **srv-web-injector-*** +- **srv-web-7-7-inj-*** HTML response modifiers: CSS, JS, Matomo tracking, iframe notifier. -- **srv-web-composer** +- **srv-web-7-6-composer** Aggregates multiple sub-filters into one include for your vhost. - **web-svc-*** diff --git a/roles/categories.yml b/roles/categories.yml index 1c110915..d4c7d2cc 100644 --- a/roles/categories.yml +++ b/roles/categories.yml @@ -25,11 +25,11 @@ categories: srv: web: core: - title: "srv-web-core" + title: "srv-web-7-4-core" description: "Install & configure base Nginx server" icon: "fas fa-server" tls: - title: "srv-web-tls-*" + title: "srv-web-6-6-tls-*" description: "Deploy & renew TLS certificates" icon: "fas fa-lock" proxy: @@ -38,27 +38,27 @@ categories: icon: "fas fa-project-diagram" injector: core: - title: "srv-web-injector-compose" + title: "srv-web-7-7-inj-compose" description: "Inject core HTML modifiers" icon: "fas fa-code" css: - title: "srv-web-injector-css" + title: "srv-web-7-7-inj-css" description: "Inject CSS into responses" icon: "fas fa-paint-brush" iframe: - title: "srv-web-injector-iframe" + title: "srv-web-7-7-inj-iframe" description: "Inject iframe notifier" icon: "fas fa-window-maximize" javascript: - title: "srv-web-injector-javascript" + title: "srv-web-7-7-inj-javascript" description: "Inject JS into responses" icon: "fas fa-code" matomo: - title: "srv-web-injector-matomo" + title: "srv-web-7-7-inj-matomo" description: "Inject Matomo tracking code" icon: "fas fa-chart-pie" composer: - title: "srv-web-composer" + title: "srv-web-7-6-composer" description: "Compose multiple filters into one include" icon: "fas fa-layer-group" diff --git a/roles/cln-domains/meta/main.yml b/roles/cln-domains/meta/main.yml index 5af49bd3..e032320b 100644 --- a/roles/cln-domains/meta/main.yml +++ b/roles/cln-domains/meta/main.yml @@ -21,5 +21,5 @@ galaxy_info: issue_tracker_url: "https://s.veen.world/cymaisissues" documentation: "https://s.veen.world/cymais" dependencies: - - srv-web-core + - srv-web-7-4-core - core-daemon \ No newline at end of file diff --git a/roles/cmp-db-docker-proxy/README.md b/roles/cmp-db-docker-proxy/README.md index 6252e0a9..f5928878 100644 --- a/roles/cmp-db-docker-proxy/README.md +++ b/roles/cmp-db-docker-proxy/README.md @@ -8,4 +8,4 @@ This role builds on `cmp-db-docker` by adding a reverse-proxy frontend for HTTP Leverages the `cmp-db-docker` role to stand up your containerized database (PostgreSQL, MariaDB, etc.) with backups and user management. - **Reverse Proxy** - Includes the `srv-web-proxy-domain` role to configure a proxy (e.g. nginx) for routing HTTP(S) traffic to your database UI or management endpoint. \ No newline at end of file + Includes the `srv-proxy-6-6-domain` role to configure a proxy (e.g. nginx) for routing HTTP(S) traffic to your database UI or management endpoint. \ No newline at end of file diff --git a/roles/cmp-db-docker-proxy/meta/main.yml b/roles/cmp-db-docker-proxy/meta/main.yml index d06d1003..b858817f 100644 --- a/roles/cmp-db-docker-proxy/meta/main.yml +++ b/roles/cmp-db-docker-proxy/meta/main.yml @@ -1,7 +1,7 @@ galaxy_info: author: "Kevin Veen-Birkenbach" description: > - Extends cmp-db-docker by adding an HTTP reverse proxy via srv-web-proxy-domain. + Extends cmp-db-docker by adding an HTTP reverse proxy via srv-proxy-6-6-domain. company: | Kevin Veen-Birkenbach Consulting & Coaching Solutions diff --git a/roles/cmp-db-docker-proxy/tasks/main.yml b/roles/cmp-db-docker-proxy/tasks/main.yml index 14a3320c..19308873 100644 --- a/roles/cmp-db-docker-proxy/tasks/main.yml +++ b/roles/cmp-db-docker-proxy/tasks/main.yml @@ -2,9 +2,9 @@ include_role: name: cmp-db-docker -- name: "include role srv-web-proxy-domain for {{application_id}}" +- name: "include role srv-proxy-6-6-domain for {{application_id}}" include_role: - name: srv-web-proxy-domain + name: srv-proxy-6-6-domain vars: domain: "{{ domains | get_domain(application_id) }}" http_port: "{{ ports.localhost.http[application_id] }}" \ No newline at end of file diff --git a/roles/cmp-docker-proxy/README.md b/roles/cmp-docker-proxy/README.md index 49f74d6e..ff4ecaeb 100644 --- a/roles/cmp-docker-proxy/README.md +++ b/roles/cmp-docker-proxy/README.md @@ -8,4 +8,4 @@ This role combines the standard Docker Compose setup with a reverse-proxy for an Brings up containers, networks, and volumes via the `docker-compose` role. - **Reverse Proxy** - Uses the `srv-web-proxy-domain` role to expose your application under a custom domain and port. + Uses the `srv-proxy-6-6-domain` role to expose your application under a custom domain and port. diff --git a/roles/cmp-docker-proxy/meta/main.yml b/roles/cmp-docker-proxy/meta/main.yml index 061d99e5..41631aca 100644 --- a/roles/cmp-docker-proxy/meta/main.yml +++ b/roles/cmp-docker-proxy/meta/main.yml @@ -1,7 +1,7 @@ galaxy_info: author: "Kevin Veen-Birkenbach" description: > - Combines the docker-compose role with srv-web-proxy-domain to + Combines the docker-compose role with srv-proxy-6-6-domain to deploy applications behind a reverse proxy. company: | Kevin Veen-Birkenbach diff --git a/roles/cmp-docker-proxy/tasks/main.yml b/roles/cmp-docker-proxy/tasks/main.yml index 65de44c8..548ed053 100644 --- a/roles/cmp-docker-proxy/tasks/main.yml +++ b/roles/cmp-docker-proxy/tasks/main.yml @@ -2,9 +2,9 @@ include_role: name: docker-compose -- name: "include role srv-web-proxy-domain for {{application_id}}" +- name: "include role srv-proxy-6-6-domain for {{application_id}}" include_role: - name: srv-web-proxy-domain + name: srv-proxy-6-6-domain vars: domain: "{{ domains | get_domain(application_id) }}" http_port: "{{ ports.localhost.http[application_id] }}" \ No newline at end of file diff --git a/roles/docker-compose/README.md b/roles/docker-compose/README.md index 73c9a9ac..d3879868 100644 --- a/roles/docker-compose/README.md +++ b/roles/docker-compose/README.md @@ -20,7 +20,7 @@ To offer a centralized, extensible system for managing containerized application - **Reset Logic:** Cleans previous Compose project files and data when `mode_reset` is enabled. - **Handlers for Runtime Control:** Automatically builds, sets up, or restarts containers based on handlers. - **Template-ready Service Files:** Predefined service base and health check templates. -- **Integration Support:** Compatible with `srv-web-proxy-core` and other CyMaIS service roles. +- **Integration Support:** Compatible with `srv-proxy-7-4-core` and other CyMaIS service roles. ## Administration Tips diff --git a/roles/net-letsencrypt/meta/main.yml b/roles/net-letsencrypt/meta/main.yml index 5abfb5dd..88ca58a3 100644 --- a/roles/net-letsencrypt/meta/main.yml +++ b/roles/net-letsencrypt/meta/main.yml @@ -23,4 +23,4 @@ galaxy_info: issue_tracker_url: "https://s.veen.world/cymaisissues" documentation: "https://s.veen.world/cymais" dependencies: - - srv-web-tls-renew + - srv-web-6-6-tls-renew diff --git a/roles/srv-web-proxy-domain/README.md b/roles/srv-proxy-6-6-domain/README.md similarity index 84% rename from roles/srv-web-proxy-domain/README.md rename to roles/srv-proxy-6-6-domain/README.md index f7907b6d..c8a4b843 100644 --- a/roles/srv-web-proxy-domain/README.md +++ b/roles/srv-proxy-6-6-domain/README.md @@ -6,11 +6,11 @@ This role bootstraps **per-domain Nginx configuration**: it requests TLS certifi ## Overview -A higher-level orchestration wrapper, *srv-web-proxy-domain* ties together several lower-level roles: +A higher-level orchestration wrapper, *srv-proxy-6-6-domain* ties together several lower-level roles: -1. **`srv-web-injector-compose`** – applies global tweaks and includes. -2. **`srv-web-tls-core`** – obtains Let’s Encrypt certificates. -3. **Domain template deployment** – copies a Jinja2 vHost from *srv-web-proxy-core*. +1. **`srv-web-7-7-inj-compose`** – applies global tweaks and includes. +2. **`srv-web-6-6-tls-core`** – obtains Let’s Encrypt certificates. +3. **Domain template deployment** – copies a Jinja2 vHost from *srv-proxy-7-4-core*. 4. **`web-app-oauth2-proxy`** *(optional)* – protects the site with OAuth2. The result is a complete, reproducible domain rollout in a single playbook task. diff --git a/roles/srv-web-proxy-domain/defaults/main.yml b/roles/srv-proxy-6-6-domain/defaults/main.yml similarity index 72% rename from roles/srv-web-proxy-domain/defaults/main.yml rename to roles/srv-proxy-6-6-domain/defaults/main.yml index 3ee4c26a..dc9b222f 100644 --- a/roles/srv-web-proxy-domain/defaults/main.yml +++ b/roles/srv-proxy-6-6-domain/defaults/main.yml @@ -2,4 +2,4 @@ vhost_flavour: "basic" # valid: basic | ws_generic # build the full template path from the flavour -vhost_template_src: "roles/srv-web-proxy-core/templates/vhost/{{ vhost_flavour }}.conf.j2" \ No newline at end of file +vhost_template_src: "roles/srv-proxy-7-4-core/templates/vhost/{{ vhost_flavour }}.conf.j2" \ No newline at end of file diff --git a/roles/srv-web-proxy-domain/meta/main.yml b/roles/srv-proxy-6-6-domain/meta/main.yml similarity index 96% rename from roles/srv-web-proxy-domain/meta/main.yml rename to roles/srv-proxy-6-6-domain/meta/main.yml index 88b8f252..9f6e61b2 100644 --- a/roles/srv-web-proxy-domain/meta/main.yml +++ b/roles/srv-proxy-6-6-domain/meta/main.yml @@ -24,4 +24,4 @@ galaxy_info: issue_tracker_url: https://s.veen.world/cymaisissues documentation: https://s.veen.world/cymais dependencies: - - srv-web-proxy-core \ No newline at end of file + - srv-proxy-7-4-core \ No newline at end of file diff --git a/roles/srv-web-proxy-domain/tasks/main.yml b/roles/srv-proxy-6-6-domain/tasks/main.yml similarity index 97% rename from roles/srv-web-proxy-domain/tasks/main.yml rename to roles/srv-proxy-6-6-domain/tasks/main.yml index 5593c0a6..572b4c08 100644 --- a/roles/srv-web-proxy-domain/tasks/main.yml +++ b/roles/srv-proxy-6-6-domain/tasks/main.yml @@ -1,6 +1,6 @@ - name: "include role for {{domain}} to receive certificates and do the modification routines" include_role: - name: srv-web-composer + name: srv-web-7-6-composer - name: "Copy nginx config to {{ configuration_destination }}" template: diff --git a/roles/srv-web-proxy-domain/vars/main.yml b/roles/srv-proxy-6-6-domain/vars/main.yml similarity index 100% rename from roles/srv-web-proxy-domain/vars/main.yml rename to roles/srv-proxy-6-6-domain/vars/main.yml diff --git a/roles/srv-web-proxy-tls-deploy/README.md b/roles/srv-proxy-6-6-tls-deploy/README.md similarity index 89% rename from roles/srv-web-proxy-tls-deploy/README.md rename to roles/srv-proxy-6-6-tls-deploy/README.md index 27067cd1..e9cb7018 100644 --- a/roles/srv-web-proxy-tls-deploy/README.md +++ b/roles/srv-proxy-6-6-tls-deploy/README.md @@ -21,7 +21,7 @@ This Ansible role simplifies the deployment of **Let's Encrypt certificates** in ### **1️⃣ Main Tasks** 1. **Add Deployment Script** - - Copies `srv-web-proxy-tls-deploy.sh` to the administrator scripts directory. + - Copies `srv-proxy-6-6-tls-deploy.sh` to the administrator scripts directory. 2. **Create Certificate Directory** - Ensures `cert_mount_directory` exists with proper permissions. @@ -34,14 +34,14 @@ This Ansible role simplifies the deployment of **Let's Encrypt certificates** in ### **2️⃣ Handlers** - **Restart Nginx Service** - - Restarts `srv-web-proxy-tls-deploy` whenever a certificate update occurs. + - Restarts `srv-proxy-6-6-tls-deploy` whenever a certificate update occurs. --- ## **🔧 Deploying Certificates into Docker Containers** The role **automates copying certificates** into Docker Compose setups. -### **1️⃣ Deployment Script (`srv-web-proxy-tls-deploy.sh`)** +### **1️⃣ Deployment Script (`srv-proxy-6-6-tls-deploy.sh`)** This script: - **Copies certificates** to the correct container directory. - **Reloads Nginx** inside all running containers. @@ -49,7 +49,7 @@ This script: **Usage:** ```sh -sh srv-web-proxy-tls-deploy.sh primary_domain /path/to/docker/compose +sh srv-proxy-6-6-tls-deploy.sh primary_domain /path/to/docker/compose ``` --- diff --git a/roles/srv-web-proxy-tls-deploy/SETUP.md b/roles/srv-proxy-6-6-tls-deploy/SETUP.md similarity index 100% rename from roles/srv-web-proxy-tls-deploy/SETUP.md rename to roles/srv-proxy-6-6-tls-deploy/SETUP.md diff --git a/roles/srv-web-proxy-tls-deploy/files/srv-web-proxy-tls-deploy.sh b/roles/srv-proxy-6-6-tls-deploy/files/srv-proxy-6-6-tls-deploy.sh similarity index 100% rename from roles/srv-web-proxy-tls-deploy/files/srv-web-proxy-tls-deploy.sh rename to roles/srv-proxy-6-6-tls-deploy/files/srv-proxy-6-6-tls-deploy.sh diff --git a/roles/srv-proxy-6-6-tls-deploy/handlers/main.yml b/roles/srv-proxy-6-6-tls-deploy/handlers/main.yml new file mode 100644 index 00000000..540aab29 --- /dev/null +++ b/roles/srv-proxy-6-6-tls-deploy/handlers/main.yml @@ -0,0 +1,7 @@ +--- +- name: "restart srv-proxy-6-6-tls-deploy.cymais.service" + systemd: + name: srv-proxy-6-6-tls-deploy.{{application_id}}.cymais.service + state: restarted + enabled: yes + daemon_reload: yes \ No newline at end of file diff --git a/roles/srv-web-proxy-tls-deploy/meta/main.yml b/roles/srv-proxy-6-6-tls-deploy/meta/main.yml similarity index 94% rename from roles/srv-web-proxy-tls-deploy/meta/main.yml rename to roles/srv-proxy-6-6-tls-deploy/meta/main.yml index 25270125..742d391c 100644 --- a/roles/srv-web-proxy-tls-deploy/meta/main.yml +++ b/roles/srv-proxy-6-6-tls-deploy/meta/main.yml @@ -15,7 +15,7 @@ galaxy_info: - systemd repository: "https://github.com/kevinveenbirkenbach/cymais" issue_tracker_url: "https://github.com/kevinveenbirkenbach/cymais/issues" - documentation: "https://github.com/kevinveenbirkenbach/cymais/tree/main/roles/srv-web-proxy-tls-deploy" + documentation: "https://github.com/kevinveenbirkenbach/cymais/tree/main/roles/srv-proxy-6-6-tls-deploy" min_ansible_version: "2.9" platforms: - name: Any diff --git a/roles/srv-web-proxy-tls-deploy/tasks/main.yml b/roles/srv-proxy-6-6-tls-deploy/tasks/main.yml similarity index 56% rename from roles/srv-web-proxy-tls-deploy/tasks/main.yml rename to roles/srv-proxy-6-6-tls-deploy/tasks/main.yml index b00301e6..ace50339 100644 --- a/roles/srv-web-proxy-tls-deploy/tasks/main.yml +++ b/roles/srv-proxy-6-6-tls-deploy/tasks/main.yml @@ -1,9 +1,9 @@ -- name: add srv-web-proxy-tls-deploy.sh +- name: add srv-proxy-6-6-tls-deploy.sh copy: - src: "srv-web-proxy-tls-deploy.sh" + src: "srv-proxy-6-6-tls-deploy.sh" dest: "{{nginx_docker_cert_deploy_script}}" when: run_once_nginx_docker_cert_deploy is not defined - notify: restart srv-web-proxy-tls-deploy.cymais.service + notify: restart srv-proxy-6-6-tls-deploy.cymais.service - name: run the nginx_docker_cert_deploy tasks once set_fact: @@ -15,18 +15,18 @@ path: "{{cert_mount_directory}}" state: directory mode: 0755 - notify: restart srv-web-proxy-tls-deploy.cymais.service + notify: restart srv-proxy-6-6-tls-deploy.cymais.service -- name: configure srv-web-proxy-tls-deploy.cymais.service +- name: configure srv-proxy-6-6-tls-deploy.cymais.service template: - src: "srv-web-proxy-tls-deploy.service.j2" - dest: "/etc/systemd/system/srv-web-proxy-tls-deploy.{{application_id}}.cymais.service" - notify: restart srv-web-proxy-tls-deploy.cymais.service + src: "srv-proxy-6-6-tls-deploy.service.j2" + dest: "/etc/systemd/system/srv-proxy-6-6-tls-deploy.{{application_id}}.cymais.service" + notify: restart srv-proxy-6-6-tls-deploy.cymais.service - name: "include role for gen-timer for {{service_name}}" include_role: name: gen-timer vars: on_calendar: "{{on_calendar_deploy_certificates}}" - service_name: "srv-web-proxy-tls-deploy.{{application_id}}" + service_name: "srv-proxy-6-6-tls-deploy.{{application_id}}" persistent: "true" \ No newline at end of file diff --git a/roles/srv-web-proxy-tls-deploy/templates/srv-web-proxy-tls-deploy.service.j2 b/roles/srv-proxy-6-6-tls-deploy/templates/srv-proxy-6-6-tls-deploy.service.j2 similarity index 56% rename from roles/srv-web-proxy-tls-deploy/templates/srv-web-proxy-tls-deploy.service.j2 rename to roles/srv-proxy-6-6-tls-deploy/templates/srv-proxy-6-6-tls-deploy.service.j2 index a1ac5c35..79187ea7 100644 --- a/roles/srv-web-proxy-tls-deploy/templates/srv-web-proxy-tls-deploy.service.j2 +++ b/roles/srv-proxy-6-6-tls-deploy/templates/srv-proxy-6-6-tls-deploy.service.j2 @@ -4,4 +4,4 @@ OnFailure=alert-compose.cymais@%n.service [Service] Type=oneshot -ExecStart=/usr/bin/bash {{path_administrator_scripts}}/srv-web-proxy-tls-deploy.sh {{ssl_cert_folder}} {{docker_compose.directories.instance}} +ExecStart=/usr/bin/bash {{path_administrator_scripts}}/srv-proxy-6-6-tls-deploy.sh {{ssl_cert_folder}} {{docker_compose.directories.instance}} diff --git a/roles/srv-web-proxy-tls-deploy/vars/main.yml b/roles/srv-proxy-6-6-tls-deploy/vars/main.yml similarity index 68% rename from roles/srv-web-proxy-tls-deploy/vars/main.yml rename to roles/srv-proxy-6-6-tls-deploy/vars/main.yml index 87d55d1a..3f49829c 100644 --- a/roles/srv-web-proxy-tls-deploy/vars/main.yml +++ b/roles/srv-proxy-6-6-tls-deploy/vars/main.yml @@ -1 +1 @@ -nginx_docker_cert_deploy_script: "{{path_administrator_scripts}}srv-web-proxy-tls-deploy.sh" \ No newline at end of file +nginx_docker_cert_deploy_script: "{{path_administrator_scripts}}srv-proxy-6-6-tls-deploy.sh" \ No newline at end of file diff --git a/roles/srv-web-proxy-core/README.md b/roles/srv-proxy-7-4-core/README.md similarity index 93% rename from roles/srv-web-proxy-core/README.md rename to roles/srv-proxy-7-4-core/README.md index d9b6bdbf..f96e9b66 100644 --- a/roles/srv-web-proxy-core/README.md +++ b/roles/srv-proxy-7-4-core/README.md @@ -16,7 +16,7 @@ The goal of this role is to deliver a **hassle-free, production-ready reverse pr ## Features -- **Automatic TLS & HSTS** — integrates with the *srv-web-https* role for certificate management. +- **Automatic TLS & HSTS** — integrates with the *srv-web-7-6-https* role for certificate management. - **Flexible vHost templates** — *basic* and *ws_generic* flavours cover standard HTTP and WebSocket applications. - **Security headers** — sensible defaults plus optional X-Frame-Options / CSP based on application settings. - **WebSocket & HTTP/2 aware** — upgrades, keep-alive tuning, and gzip already configured. diff --git a/roles/srv-web-proxy-core/Todo.md b/roles/srv-proxy-7-4-core/Todo.md similarity index 100% rename from roles/srv-web-proxy-core/Todo.md rename to roles/srv-proxy-7-4-core/Todo.md diff --git a/roles/srv-web-proxy-core/meta/main.yml b/roles/srv-proxy-7-4-core/meta/main.yml similarity index 94% rename from roles/srv-web-proxy-core/meta/main.yml rename to roles/srv-proxy-7-4-core/meta/main.yml index 2d52dffc..2ab8ece3 100644 --- a/roles/srv-web-proxy-core/meta/main.yml +++ b/roles/srv-proxy-7-4-core/meta/main.yml @@ -24,5 +24,5 @@ galaxy_info: issue_tracker_url: https://s.veen.world/cymaisissues documentation: https://s.veen.world/cymais dependencies: - - srv-web-https - - srv-web-core + - srv-web-7-6-https + - srv-web-7-4-core diff --git a/roles/srv-web-proxy-core/templates/headers/content_security_policy.conf.j2 b/roles/srv-proxy-7-4-core/templates/headers/content_security_policy.conf.j2 similarity index 100% rename from roles/srv-web-proxy-core/templates/headers/content_security_policy.conf.j2 rename to roles/srv-proxy-7-4-core/templates/headers/content_security_policy.conf.j2 diff --git a/roles/srv-web-proxy-core/templates/location/proxy_basic.conf.j2 b/roles/srv-proxy-7-4-core/templates/location/proxy_basic.conf.j2 similarity index 93% rename from roles/srv-web-proxy-core/templates/location/proxy_basic.conf.j2 rename to roles/srv-proxy-7-4-core/templates/location/proxy_basic.conf.j2 index 7efe81fd..b9209735 100644 --- a/roles/srv-web-proxy-core/templates/location/proxy_basic.conf.j2 +++ b/roles/srv-proxy-7-4-core/templates/location/proxy_basic.conf.j2 @@ -14,7 +14,7 @@ location {{location | default("/")}} proxy_set_header X-Forwarded-Port 443; proxy_set_header Accept-Encoding ""; - {% include 'roles/srv-web-proxy-core/templates/headers/content_security_policy.conf.j2' %} + {% include 'roles/srv-proxy-7-4-core/templates/headers/content_security_policy.conf.j2' %} # WebSocket specific header proxy_http_version 1.1; diff --git a/roles/srv-web-proxy-core/templates/location/proxy_cache.conf.j2 b/roles/srv-proxy-7-4-core/templates/location/proxy_cache.conf.j2 similarity index 100% rename from roles/srv-web-proxy-core/templates/location/proxy_cache.conf.j2 rename to roles/srv-proxy-7-4-core/templates/location/proxy_cache.conf.j2 diff --git a/roles/srv-web-proxy-core/templates/vhost/basic.conf.j2 b/roles/srv-proxy-7-4-core/templates/vhost/basic.conf.j2 similarity index 78% rename from roles/srv-web-proxy-core/templates/vhost/basic.conf.j2 rename to roles/srv-proxy-7-4-core/templates/vhost/basic.conf.j2 index 0fac365c..dbeb1a82 100644 --- a/roles/srv-web-proxy-core/templates/vhost/basic.conf.j2 +++ b/roles/srv-proxy-7-4-core/templates/vhost/basic.conf.j2 @@ -6,7 +6,7 @@ server {% include 'roles/web-app-oauth2-proxy/templates/endpoint.conf.j2'%} {% endif %} - {% include 'roles/srv-web-injector-compose/templates/global.includes.conf.j2'%} + {% include 'roles/srv-web-7-7-inj-compose/templates/global.includes.conf.j2'%} {% if proxy_extra_configuration is defined %} {# Additional Domain Specific Configuration #} @@ -22,38 +22,38 @@ server {# 1. Expose everything by default, then protect blacklisted paths #} {% set oauth2_proxy_enabled = false %} {% set location = "/" %} - {% include 'roles/srv-web-proxy-core/templates/location/proxy_basic.conf.j2' %} + {% include 'roles/srv-proxy-7-4-core/templates/location/proxy_basic.conf.j2' %} {% for loc in acl.blacklist %} {% set oauth2_proxy_enabled = true %} {% set location = loc %} - {% include 'roles/srv-web-proxy-core/templates/location/proxy_basic.conf.j2' %} + {% include 'roles/srv-proxy-7-4-core/templates/location/proxy_basic.conf.j2' %} {% endfor %} {% elif acl.whitelist is defined %} {# 2. Protect everything by default, then expose whitelisted paths #} {% set oauth2_proxy_enabled = true %} {% set location = "/" %} - {% include 'roles/srv-web-proxy-core/templates/location/proxy_basic.conf.j2' %} + {% include 'roles/srv-proxy-7-4-core/templates/location/proxy_basic.conf.j2' %} {% for loc in acl.whitelist %} {% set oauth2_proxy_enabled = false %} {% set location = loc %} - {% include 'roles/srv-web-proxy-core/templates/location/proxy_basic.conf.j2' %} + {% include 'roles/srv-proxy-7-4-core/templates/location/proxy_basic.conf.j2' %} {% endfor %} {% else %} {# 3. OAuth2 enabled but no (or empty) ACL — protect all #} {% set oauth2_proxy_enabled = true %} {% set location = "/" %} - {% include 'roles/srv-web-proxy-core/templates/location/proxy_basic.conf.j2' %} + {% include 'roles/srv-proxy-7-4-core/templates/location/proxy_basic.conf.j2' %} {% endif %} {% else %} {# 4. OAuth2 completely disabled — expose all #} {% set oauth2_proxy_enabled = false %} {% set location = "/" %} - {% include 'roles/srv-web-proxy-core/templates/location/proxy_basic.conf.j2' %} + {% include 'roles/srv-proxy-7-4-core/templates/location/proxy_basic.conf.j2' %} {% endif %} } diff --git a/roles/srv-web-proxy-core/templates/vhost/ws_generic.conf.j2 b/roles/srv-proxy-7-4-core/templates/vhost/ws_generic.conf.j2 similarity index 89% rename from roles/srv-web-proxy-core/templates/vhost/ws_generic.conf.j2 rename to roles/srv-proxy-7-4-core/templates/vhost/ws_generic.conf.j2 index 443c8bb5..7eda2829 100644 --- a/roles/srv-web-proxy-core/templates/vhost/ws_generic.conf.j2 +++ b/roles/srv-proxy-7-4-core/templates/vhost/ws_generic.conf.j2 @@ -7,7 +7,7 @@ server { server_name {{ domain }}; {% include 'roles/net-letsencrypt/templates/ssl_header.j2' %} - {% include 'roles/srv-web-injector-compose/templates/global.includes.conf.j2' %} + {% include 'roles/srv-web-7-7-inj-compose/templates/global.includes.conf.j2' %} client_max_body_size {{ client_max_body_size | default('100m') }}; keepalive_timeout 70; @@ -24,7 +24,7 @@ server { add_header Strict-Transport-Security "max-age=31536000"; - {% include 'roles/srv-web-proxy-core/templates/location/proxy_basic.conf.j2' %} + {% include 'roles/srv-proxy-7-4-core/templates/location/proxy_basic.conf.j2' %} {% if ws_path is defined %} location {{ ws_path }} { diff --git a/roles/srv-web-tls-core/README.md b/roles/srv-web-6-6-tls-core/README.md similarity index 100% rename from roles/srv-web-tls-core/README.md rename to roles/srv-web-6-6-tls-core/README.md diff --git a/roles/srv-web-tls-core/meta/main.yml b/roles/srv-web-6-6-tls-core/meta/main.yml similarity index 97% rename from roles/srv-web-tls-core/meta/main.yml rename to roles/srv-web-6-6-tls-core/meta/main.yml index 6e22d4ec..2e4ed9d5 100644 --- a/roles/srv-web-tls-core/meta/main.yml +++ b/roles/srv-web-6-6-tls-core/meta/main.yml @@ -28,4 +28,4 @@ galaxy_info: issue_tracker_url: "https://s.veen.world/cymaisissues" documentation: "https://s.veen.world/cymais" dependencies: - - srv-web-https + - srv-web-7-6-https diff --git a/roles/srv-web-tls-core/tasks/flavors/dedicated.yml b/roles/srv-web-6-6-tls-core/tasks/flavors/dedicated.yml similarity index 100% rename from roles/srv-web-tls-core/tasks/flavors/dedicated.yml rename to roles/srv-web-6-6-tls-core/tasks/flavors/dedicated.yml diff --git a/roles/srv-web-tls-core/tasks/flavors/san.yml b/roles/srv-web-6-6-tls-core/tasks/flavors/san.yml similarity index 100% rename from roles/srv-web-tls-core/tasks/flavors/san.yml rename to roles/srv-web-6-6-tls-core/tasks/flavors/san.yml diff --git a/roles/srv-web-tls-core/tasks/flavors/wildcard.yml b/roles/srv-web-6-6-tls-core/tasks/flavors/wildcard.yml similarity index 100% rename from roles/srv-web-tls-core/tasks/flavors/wildcard.yml rename to roles/srv-web-6-6-tls-core/tasks/flavors/wildcard.yml diff --git a/roles/srv-web-tls-core/tasks/main.yml b/roles/srv-web-6-6-tls-core/tasks/main.yml similarity index 100% rename from roles/srv-web-tls-core/tasks/main.yml rename to roles/srv-web-6-6-tls-core/tasks/main.yml diff --git a/roles/srv-web-tls-renew/README.md b/roles/srv-web-6-6-tls-renew/README.md similarity index 100% rename from roles/srv-web-tls-renew/README.md rename to roles/srv-web-6-6-tls-renew/README.md diff --git a/roles/srv-web-tls-renew/handlers/main.yml b/roles/srv-web-6-6-tls-renew/handlers/main.yml similarity index 68% rename from roles/srv-web-tls-renew/handlers/main.yml rename to roles/srv-web-6-6-tls-renew/handlers/main.yml index 11915424..d65c8f90 100644 --- a/roles/srv-web-tls-renew/handlers/main.yml +++ b/roles/srv-web-6-6-tls-renew/handlers/main.yml @@ -1,6 +1,6 @@ - name: "reload certbot service" systemd: - name: srv-web-tls-renew.cymais.service + name: srv-web-6-6-tls-renew.cymais.service state: reloaded enabled: yes daemon_reload: yes diff --git a/roles/srv-web-tls-renew/meta/main.yml b/roles/srv-web-6-6-tls-renew/meta/main.yml similarity index 97% rename from roles/srv-web-tls-renew/meta/main.yml rename to roles/srv-web-6-6-tls-renew/meta/main.yml index 375cbe75..71a3c1ea 100644 --- a/roles/srv-web-tls-renew/meta/main.yml +++ b/roles/srv-web-6-6-tls-renew/meta/main.yml @@ -28,6 +28,6 @@ galaxy_info: documentation: "https://s.veen.world/cymais" dependencies: - gen-certbot - - srv-web-core + - srv-web-7-4-core - alert-compose - cln-certs diff --git a/roles/srv-web-tls-renew/tasks/main.yml b/roles/srv-web-6-6-tls-renew/tasks/main.yml similarity index 81% rename from roles/srv-web-tls-renew/tasks/main.yml rename to roles/srv-web-6-6-tls-renew/tasks/main.yml index 3afb5aa0..a04c6c57 100644 --- a/roles/srv-web-tls-renew/tasks/main.yml +++ b/roles/srv-web-6-6-tls-renew/tasks/main.yml @@ -5,10 +5,10 @@ state: present when: run_once_nginx_certbot is not defined -- name: configure srv-web-tls-renew.cymais.service +- name: configure srv-web-6-6-tls-renew.cymais.service template: - src: srv-web-tls-renew.service.j2 - dest: /etc/systemd/system/srv-web-tls-renew.cymais.service + src: srv-web-6-6-tls-renew.service.j2 + dest: /etc/systemd/system/srv-web-6-6-tls-renew.cymais.service notify: reload certbot service when: run_once_nginx_certbot is not defined diff --git a/roles/srv-web-tls-renew/templates/srv-web-tls-renew.service.j2 b/roles/srv-web-6-6-tls-renew/templates/srv-web-6-6-tls-renew.service.j2 similarity index 100% rename from roles/srv-web-tls-renew/templates/srv-web-tls-renew.service.j2 rename to roles/srv-web-6-6-tls-renew/templates/srv-web-6-6-tls-renew.service.j2 diff --git a/roles/srv-web-core/README.md b/roles/srv-web-7-4-core/README.md similarity index 100% rename from roles/srv-web-core/README.md rename to roles/srv-web-7-4-core/README.md diff --git a/roles/srv-web-core/handlers/main.yml b/roles/srv-web-7-4-core/handlers/main.yml similarity index 100% rename from roles/srv-web-core/handlers/main.yml rename to roles/srv-web-7-4-core/handlers/main.yml diff --git a/roles/srv-web-core/meta/main.yml b/roles/srv-web-7-4-core/meta/main.yml similarity index 96% rename from roles/srv-web-core/meta/main.yml rename to roles/srv-web-7-4-core/meta/main.yml index 542b4f53..a7c04ab0 100644 --- a/roles/srv-web-core/meta/main.yml +++ b/roles/srv-web-7-4-core/meta/main.yml @@ -18,7 +18,7 @@ galaxy_info: - performance repository: "https://github.com/kevinveenbirkenbach/cymais" issue_tracker_url: "https://github.com/kevinveenbirkenbach/cymais/issues" - documentation: "https://github.com/kevinveenbirkenbach/cymais/roles/srv-web-core" + documentation: "https://github.com/kevinveenbirkenbach/cymais/roles/srv-web-7-4-core" dependencies: - mon-bot-webserver - mon-bot-csp \ No newline at end of file diff --git a/roles/srv-web-core/tasks/cache_directories.yml b/roles/srv-web-7-4-core/tasks/cache_directories.yml similarity index 100% rename from roles/srv-web-core/tasks/cache_directories.yml rename to roles/srv-web-7-4-core/tasks/cache_directories.yml diff --git a/roles/srv-web-core/tasks/main.yml b/roles/srv-web-7-4-core/tasks/main.yml similarity index 100% rename from roles/srv-web-core/tasks/main.yml rename to roles/srv-web-7-4-core/tasks/main.yml diff --git a/roles/srv-web-core/tasks/reset.yml b/roles/srv-web-7-4-core/tasks/reset.yml similarity index 100% rename from roles/srv-web-core/tasks/reset.yml rename to roles/srv-web-7-4-core/tasks/reset.yml diff --git a/roles/srv-web-core/templates/nginx.conf.j2 b/roles/srv-web-7-4-core/templates/nginx.conf.j2 similarity index 100% rename from roles/srv-web-core/templates/nginx.conf.j2 rename to roles/srv-web-7-4-core/templates/nginx.conf.j2 diff --git a/roles/srv-web-composer/README.md b/roles/srv-web-7-6-composer/README.md similarity index 86% rename from roles/srv-web-composer/README.md rename to roles/srv-web-7-6-composer/README.md index e60e87f5..e00a08d2 100644 --- a/roles/srv-web-composer/README.md +++ b/roles/srv-web-7-6-composer/README.md @@ -1,10 +1,10 @@ -# Role: srv-web-composer +# Role: srv-web-7-6-composer This Ansible role composes and orchestrates all necessary HTTPS-layer tasks and HTML-content injections for your webserver domains. It integrates two key sub-roles into a unified workflow: -1. **`srv-web-injector-compose`** +1. **`srv-web-7-7-inj-compose`** Injects global HTML snippets (CSS, Matomo tracking, iFrame notifier, custom JavaScript) into responses using Nginx `sub_filter`. -2. **`srv-web-tls-core`** +2. **`srv-web-6-6-tls-core`** Handles issuing, renewing, and managing TLS certificates via ACME/Certbot. By combining encryption setup with content enhancements, this role streamlines domain provisioning for secure, fully-featured HTTP/HTTPS delivery. @@ -16,7 +16,7 @@ By combining encryption setup with content enhancements, this role streamlines d * **Content Injection** Adds global theming, analytics, and custom scripts before `` and tracking noscript tags before ``. * **Certificate Management** - Automates cert issuance and renewal via `srv-web-tls-core`. + Automates cert issuance and renewal via `srv-web-6-6-tls-core`. * **Idempotent Workflow** Ensures each component runs only once per domain. * **Simplified Playbooks** diff --git a/roles/srv-web-composer/meta/main.yml b/roles/srv-web-7-6-composer/meta/main.yml similarity index 91% rename from roles/srv-web-composer/meta/main.yml rename to roles/srv-web-7-6-composer/meta/main.yml index 8807c7ae..848bc7f1 100644 --- a/roles/srv-web-composer/meta/main.yml +++ b/roles/srv-web-7-6-composer/meta/main.yml @@ -27,7 +27,7 @@ galaxy_info: - orchestration repository: "https://github.com/kevinveenbirkenbach/cymais" issue_tracker_url: "https://github.com/kevinveenbirkenbach/cymais/issues" - documentation: "https://github.com/kevinveenbirkenbach/cymais/roles/srv-web-composer" + documentation: "https://github.com/kevinveenbirkenbach/cymais/roles/srv-web-7-6-composer" dependencies: - - srv-web-injector-compose - - srv-web-tls-core + - srv-web-7-7-inj-compose + - srv-web-6-6-tls-core diff --git a/roles/srv-web-7-6-composer/tasks/main.yml b/roles/srv-web-7-6-composer/tasks/main.yml new file mode 100644 index 00000000..e4f88236 --- /dev/null +++ b/roles/srv-web-7-6-composer/tasks/main.yml @@ -0,0 +1,7 @@ +- name: "include role srv-web-7-7-inj-compose for {{domain}}" + include_role: + name: srv-web-7-7-inj-compose + +- name: "include role srv-web-6-6-tls-core for {{domain}}" + include_role: + name: srv-web-6-6-tls-core \ No newline at end of file diff --git a/roles/srv-web-https/README.md b/roles/srv-web-7-6-https/README.md similarity index 78% rename from roles/srv-web-https/README.md rename to roles/srv-web-7-6-https/README.md index 52321e29..57d150b8 100644 --- a/roles/srv-web-https/README.md +++ b/roles/srv-web-7-6-https/README.md @@ -1,21 +1,21 @@ # Webserver HTTPS Provisioning 🚀 ## Description -The **srv-web-https** role extends a basic Nginx installation by wiring in everything you need to serve content over HTTPS: +The **srv-web-7-6-https** role extends a basic Nginx installation by wiring in everything you need to serve content over HTTPS: 1. Ensures your Nginx server is configured for SSL/TLS. 2. Pulls in Let’s Encrypt ACME challenge handling. 3. Applies global cleanup of unused domain configs. -This role is built on top of your existing `srv-web-core` role, and it automates the end-to-end process of turning HTTP sites into secure HTTPS sites. +This role is built on top of your existing `srv-web-7-4-core` role, and it automates the end-to-end process of turning HTTP sites into secure HTTPS sites. --- ## Overview -When you apply **srv-web-https**, it will: +When you apply **srv-web-7-6-https**, it will: -1. **Include** the `srv-web-core` role to install and configure Nginx. +1. **Include** the `srv-web-7-4-core` role to install and configure Nginx. 2. **Clean up** any stale vHost files under `cln-domains`. 3. **Deploy** the Let’s Encrypt challenge-and-redirect snippet from `net-letsencrypt`. 4. **Reload** Nginx automatically when any template changes. @@ -42,7 +42,7 @@ All tasks are idempotent—once your certificates are in place and your configur ## Requirements -- A working `srv-web-core` setup. +- A working `srv-web-7-4-core` setup. - DNS managed via Cloudflare (for CAA record tasks) or equivalent ACME DNS flow. - Variables: - `certbot_webroot_path` diff --git a/roles/srv-web-https/meta/main.yml b/roles/srv-web-7-6-https/meta/main.yml similarity index 97% rename from roles/srv-web-https/meta/main.yml rename to roles/srv-web-7-6-https/meta/main.yml index 41df15c0..e58a0904 100644 --- a/roles/srv-web-https/meta/main.yml +++ b/roles/srv-web-7-6-https/meta/main.yml @@ -24,6 +24,6 @@ galaxy_info: issue_tracker_url: "https://s.veen.world/cymaisissues" dependencies: - - srv-web-core + - srv-web-7-4-core - cln-domains - net-letsencrypt \ No newline at end of file diff --git a/roles/srv-web-injector-compose/README.md b/roles/srv-web-7-7-inj-compose/README.md similarity index 100% rename from roles/srv-web-injector-compose/README.md rename to roles/srv-web-7-7-inj-compose/README.md diff --git a/roles/srv-web-injector-compose/meta/main.yml b/roles/srv-web-7-7-inj-compose/meta/main.yml similarity index 92% rename from roles/srv-web-injector-compose/meta/main.yml rename to roles/srv-web-7-7-inj-compose/meta/main.yml index d05832e4..67c38b5d 100644 --- a/roles/srv-web-injector-compose/meta/main.yml +++ b/roles/srv-web-7-7-inj-compose/meta/main.yml @@ -15,7 +15,7 @@ galaxy_info: - theming repository: "https://github.com/kevinveenbirkenbach/cymais" issue_tracker_url: "https://github.com/kevinveenbirkenbach/cymais/issues" - documentation: "https://github.com/kevinveenbirkenbach/cymais/tree/main/roles/srv-web-injector-compose" + documentation: "https://github.com/kevinveenbirkenbach/cymais/tree/main/roles/srv-web-7-7-inj-compose" min_ansible_version: "2.9" platforms: - name: Any @@ -23,5 +23,5 @@ galaxy_info: - all dependencies: # The injections are called in the script. Keep the logic there. - - srv-web-core + - srv-web-7-4-core \ No newline at end of file diff --git a/roles/srv-web-injector-compose/tasks/main.yml b/roles/srv-web-7-7-inj-compose/tasks/main.yml similarity index 80% rename from roles/srv-web-injector-compose/tasks/main.yml rename to roles/srv-web-7-7-inj-compose/tasks/main.yml index 7161ef72..891184d9 100644 --- a/roles/srv-web-injector-compose/tasks/main.yml +++ b/roles/srv-web-7-7-inj-compose/tasks/main.yml @@ -1,19 +1,19 @@ - name: "Activate Global CSS for {{domain}}" include_role: - name: srv-web-injector-css + name: srv-web-7-7-inj-css when: applications | is_feature_enabled('css',application_id) - name: "Activate Global Matomo Tracking for {{domain}}" include_role: - name: srv-web-injector-matomo + name: srv-web-7-7-inj-matomo when: applications | is_feature_enabled('matomo',application_id) - name: "Activate Portfolio iFrame Notifier for {{ domain }}" include_role: - name: srv-web-injector-iframe + name: srv-web-7-7-inj-iframe when: applications | is_feature_enabled('portfolio_iframe', application_id) - name: "Activate Javascript for {{ domain }}" include_role: - name: srv-web-injector-javascript + name: srv-web-7-7-inj-javascript when: applications | is_feature_enabled('javascript', application_id) \ No newline at end of file diff --git a/roles/srv-web-injector-compose/templates/global.includes.conf.j2 b/roles/srv-web-7-7-inj-compose/templates/global.includes.conf.j2 similarity index 68% rename from roles/srv-web-injector-compose/templates/global.includes.conf.j2 rename to roles/srv-web-7-7-inj-compose/templates/global.includes.conf.j2 index 985e8dcd..62649b97 100644 --- a/roles/srv-web-injector-compose/templates/global.includes.conf.j2 +++ b/roles/srv-web-7-7-inj-compose/templates/global.includes.conf.j2 @@ -10,24 +10,24 @@ sub_filter_types text/html; {% if modifier_iframe_enabled or modifier_css_enabled or modifier_matomo_enabled or modifier_javascript_enabled %} sub_filter '' ' {%- if modifier_css_enabled -%} - {%- include "roles/srv-web-injector-css/templates/head_sub.j2" -%} + {%- include "roles/srv-web-7-7-inj-css/templates/head_sub.j2" -%} {%- endif -%} {%- if modifier_matomo_enabled -%} - {%- include "roles/srv-web-injector-matomo/templates/head_sub.j2" -%} + {%- include "roles/srv-web-7-7-inj-matomo/templates/head_sub.j2" -%} {%- endif -%} {%- if modifier_iframe_enabled -%} - {%- include "roles/srv-web-injector-iframe/templates/head_sub.j2" -%} + {%- include "roles/srv-web-7-7-inj-iframe/templates/head_sub.j2" -%} {%- endif -%} {%- if modifier_javascript_enabled -%} - {%- include "roles/srv-web-injector-javascript/templates/head_sub.j2" -%} + {%- include "roles/srv-web-7-7-inj-javascript/templates/head_sub.j2" -%} {%- endif -%} '; {% endif %} {% if modifier_css_enabled | bool %} -{% include 'roles/srv-web-injector-css/templates/location.conf.j2' %} +{% include 'roles/srv-web-7-7-inj-css/templates/location.conf.j2' %} {% endif %} {% if modifier_matomo_enabled %} -{% include 'roles/srv-web-injector-matomo/templates/matomo-tracking.conf.j2' %} +{% include 'roles/srv-web-7-7-inj-matomo/templates/matomo-tracking.conf.j2' %} {% endif %} \ No newline at end of file diff --git a/roles/srv-web-injector-css/README.md b/roles/srv-web-7-7-inj-css/README.md similarity index 100% rename from roles/srv-web-injector-css/README.md rename to roles/srv-web-7-7-inj-css/README.md diff --git a/roles/srv-web-injector-css/meta/main.yml b/roles/srv-web-7-7-inj-css/meta/main.yml similarity index 97% rename from roles/srv-web-injector-css/meta/main.yml rename to roles/srv-web-7-7-inj-css/meta/main.yml index 0f43c56d..57c4818f 100644 --- a/roles/srv-web-injector-css/meta/main.yml +++ b/roles/srv-web-7-7-inj-css/meta/main.yml @@ -26,4 +26,4 @@ galaxy_info: issue_tracker_url: https://s.veen.world/cymaisissues documentation: https://s.veen.world/cymais dependencies: - - srv-web-core \ No newline at end of file + - srv-web-7-4-core \ No newline at end of file diff --git a/roles/srv-web-injector-css/tasks/main.yml b/roles/srv-web-7-7-inj-css/tasks/main.yml similarity index 95% rename from roles/srv-web-injector-css/tasks/main.yml rename to roles/srv-web-7-7-inj-css/tasks/main.yml index 8d2df24e..27d8cb94 100644 --- a/roles/srv-web-injector-css/tasks/main.yml +++ b/roles/srv-web-7-7-inj-css/tasks/main.yml @@ -1,4 +1,4 @@ -# Load this role via srv-web-injector-compose for consistency +# Load this role via srv-web-7-7-inj-compose for consistency - name: Generate color palette with colorscheme-generator set_fact: diff --git a/roles/srv-web-injector-css/templates/global.css.j2 b/roles/srv-web-7-7-inj-css/templates/global.css.j2 similarity index 100% rename from roles/srv-web-injector-css/templates/global.css.j2 rename to roles/srv-web-7-7-inj-css/templates/global.css.j2 diff --git a/roles/srv-web-injector-css/templates/head_sub.j2 b/roles/srv-web-7-7-inj-css/templates/head_sub.j2 similarity index 100% rename from roles/srv-web-injector-css/templates/head_sub.j2 rename to roles/srv-web-7-7-inj-css/templates/head_sub.j2 diff --git a/roles/srv-web-injector-css/templates/location.conf.j2 b/roles/srv-web-7-7-inj-css/templates/location.conf.j2 similarity index 100% rename from roles/srv-web-injector-css/templates/location.conf.j2 rename to roles/srv-web-7-7-inj-css/templates/location.conf.j2 diff --git a/roles/srv-web-injector-css/vars/main.yml b/roles/srv-web-7-7-inj-css/vars/main.yml similarity index 100% rename from roles/srv-web-injector-css/vars/main.yml rename to roles/srv-web-7-7-inj-css/vars/main.yml diff --git a/roles/srv-web-injector-iframe/README.md b/roles/srv-web-7-7-inj-iframe/README.md similarity index 100% rename from roles/srv-web-injector-iframe/README.md rename to roles/srv-web-7-7-inj-iframe/README.md diff --git a/roles/srv-web-injector-iframe/meta/main.yml b/roles/srv-web-7-7-inj-iframe/meta/main.yml similarity index 97% rename from roles/srv-web-injector-iframe/meta/main.yml rename to roles/srv-web-7-7-inj-iframe/meta/main.yml index 5e32010c..b6f96da7 100644 --- a/roles/srv-web-injector-iframe/meta/main.yml +++ b/roles/srv-web-7-7-inj-iframe/meta/main.yml @@ -25,4 +25,4 @@ galaxy_info: - security - postMessage dependencies: - - srv-web-core \ No newline at end of file + - srv-web-7-4-core \ No newline at end of file diff --git a/roles/srv-web-injector-iframe/tasks/main.yml b/roles/srv-web-7-7-inj-iframe/tasks/main.yml similarity index 100% rename from roles/srv-web-injector-iframe/tasks/main.yml rename to roles/srv-web-7-7-inj-iframe/tasks/main.yml diff --git a/roles/srv-web-injector-iframe/templates/head_sub.j2 b/roles/srv-web-7-7-inj-iframe/templates/head_sub.j2 similarity index 100% rename from roles/srv-web-injector-iframe/templates/head_sub.j2 rename to roles/srv-web-7-7-inj-iframe/templates/head_sub.j2 diff --git a/roles/srv-web-injector-iframe/templates/iframe-handler.js.j2 b/roles/srv-web-7-7-inj-iframe/templates/iframe-handler.js.j2 similarity index 100% rename from roles/srv-web-injector-iframe/templates/iframe-handler.js.j2 rename to roles/srv-web-7-7-inj-iframe/templates/iframe-handler.js.j2 diff --git a/roles/srv-web-injector-javascript/README.md b/roles/srv-web-7-7-inj-javascript/README.md similarity index 100% rename from roles/srv-web-injector-javascript/README.md rename to roles/srv-web-7-7-inj-javascript/README.md diff --git a/roles/srv-web-injector-javascript/meta/main.yml b/roles/srv-web-7-7-inj-javascript/meta/main.yml similarity index 97% rename from roles/srv-web-injector-javascript/meta/main.yml rename to roles/srv-web-7-7-inj-javascript/meta/main.yml index 997918fd..2cc272a9 100644 --- a/roles/srv-web-injector-javascript/meta/main.yml +++ b/roles/srv-web-7-7-inj-javascript/meta/main.yml @@ -25,4 +25,4 @@ galaxy_info: issue_tracker_url: "https://s.veen.world/cymaisissues" dependencies: - - srv-web-core + - srv-web-7-4-core diff --git a/roles/srv-web-injector-javascript/tasks/main.yml b/roles/srv-web-7-7-inj-javascript/tasks/main.yml similarity index 100% rename from roles/srv-web-injector-javascript/tasks/main.yml rename to roles/srv-web-7-7-inj-javascript/tasks/main.yml diff --git a/roles/srv-web-injector-javascript/templates/head_sub.j2 b/roles/srv-web-7-7-inj-javascript/templates/head_sub.j2 similarity index 100% rename from roles/srv-web-injector-javascript/templates/head_sub.j2 rename to roles/srv-web-7-7-inj-javascript/templates/head_sub.j2 diff --git a/roles/srv-web-injector-javascript/vars/main.yml b/roles/srv-web-7-7-inj-javascript/vars/main.yml similarity index 100% rename from roles/srv-web-injector-javascript/vars/main.yml rename to roles/srv-web-7-7-inj-javascript/vars/main.yml diff --git a/roles/srv-web-injector-matomo/README.md b/roles/srv-web-7-7-inj-matomo/README.md similarity index 100% rename from roles/srv-web-injector-matomo/README.md rename to roles/srv-web-7-7-inj-matomo/README.md diff --git a/roles/srv-web-injector-matomo/meta/main.yml b/roles/srv-web-7-7-inj-matomo/meta/main.yml similarity index 92% rename from roles/srv-web-injector-matomo/meta/main.yml rename to roles/srv-web-7-7-inj-matomo/meta/main.yml index 6bf5abf8..e64f44f0 100644 --- a/roles/srv-web-injector-matomo/meta/main.yml +++ b/roles/srv-web-7-7-inj-matomo/meta/main.yml @@ -14,11 +14,11 @@ galaxy_info: - analytics repository: "https://github.com/kevinveenbirkenbach/cymais" issue_tracker_url: "https://github.com/kevinveenbirkenbach/cymais/issues" - documentation: "https://github.com/kevinveenbirkenbach/cymais/tree/main/roles/srv-web-injector-matomo" + documentation: "https://github.com/kevinveenbirkenbach/cymais/tree/main/roles/srv-web-7-7-inj-matomo" min_ansible_version: "2.9" platforms: - name: Any versions: [ all ] dependencies: - - srv-web-core + - srv-web-7-4-core diff --git a/roles/srv-web-injector-matomo/tasks/main.yml b/roles/srv-web-7-7-inj-matomo/tasks/main.yml similarity index 96% rename from roles/srv-web-injector-matomo/tasks/main.yml rename to roles/srv-web-7-7-inj-matomo/tasks/main.yml index ef4dacd6..f727d175 100644 --- a/roles/srv-web-injector-matomo/tasks/main.yml +++ b/roles/srv-web-7-7-inj-matomo/tasks/main.yml @@ -1,4 +1,4 @@ -# Load this role via srv-web-injector-compose for consistency +# Load this role via srv-web-7-7-inj-compose for consistency - name: "Relevant variables for role: {{ role_path | basename }}" debug: diff --git a/roles/srv-web-injector-matomo/templates/head_sub.j2 b/roles/srv-web-7-7-inj-matomo/templates/head_sub.j2 similarity index 100% rename from roles/srv-web-injector-matomo/templates/head_sub.j2 rename to roles/srv-web-7-7-inj-matomo/templates/head_sub.j2 diff --git a/roles/srv-web-injector-matomo/templates/matomo-tracking.conf.j2 b/roles/srv-web-7-7-inj-matomo/templates/matomo-tracking.conf.j2 similarity index 100% rename from roles/srv-web-injector-matomo/templates/matomo-tracking.conf.j2 rename to roles/srv-web-7-7-inj-matomo/templates/matomo-tracking.conf.j2 diff --git a/roles/srv-web-injector-matomo/templates/matomo-tracking.js.j2 b/roles/srv-web-7-7-inj-matomo/templates/matomo-tracking.js.j2 similarity index 100% rename from roles/srv-web-injector-matomo/templates/matomo-tracking.js.j2 rename to roles/srv-web-7-7-inj-matomo/templates/matomo-tracking.js.j2 diff --git a/roles/srv-web-injector-matomo/vars/main.yml b/roles/srv-web-7-7-inj-matomo/vars/main.yml similarity index 100% rename from roles/srv-web-injector-matomo/vars/main.yml rename to roles/srv-web-7-7-inj-matomo/vars/main.yml diff --git a/roles/srv-web-composer/tasks/main.yml b/roles/srv-web-composer/tasks/main.yml deleted file mode 100644 index e6f15a1e..00000000 --- a/roles/srv-web-composer/tasks/main.yml +++ /dev/null @@ -1,7 +0,0 @@ -- name: "include role srv-web-injector-compose for {{domain}}" - include_role: - name: srv-web-injector-compose - -- name: "include role srv-web-tls-core for {{domain}}" - include_role: - name: srv-web-tls-core \ No newline at end of file diff --git a/roles/srv-web-proxy-tls-deploy/handlers/main.yml b/roles/srv-web-proxy-tls-deploy/handlers/main.yml deleted file mode 100644 index 829c7872..00000000 --- a/roles/srv-web-proxy-tls-deploy/handlers/main.yml +++ /dev/null @@ -1,7 +0,0 @@ ---- -- name: "restart srv-web-proxy-tls-deploy.cymais.service" - systemd: - name: srv-web-proxy-tls-deploy.{{application_id}}.cymais.service - state: restarted - enabled: yes - daemon_reload: yes \ No newline at end of file diff --git a/roles/web-app-attendize/tasks/main.yml b/roles/web-app-attendize/tasks/main.yml index 0d66ec42..7d7c024a 100644 --- a/roles/web-app-attendize/tasks/main.yml +++ b/roles/web-app-attendize/tasks/main.yml @@ -5,7 +5,7 @@ - name: "include role for {{application_id}} to receive certs & do modification routines" include_role: - name: srv-web-composer + name: srv-web-7-6-composer vars: domain: "{{ item }}" http_port: "{{ ports.localhost.http[application_id] }}" @@ -15,7 +15,7 @@ - name: configure {{domains | get_domain(application_id)}}.conf template: - src: roles/srv-web-proxy-core/templates/vhost/basic.conf.j2 + src: roles/srv-proxy-7-4-core/templates/vhost/basic.conf.j2 dest: "{{nginx.directories.http.servers}}{{domains | get_domain(application_id)}}.conf" notify: restart nginx diff --git a/roles/web-app-bigbluebutton/README.md b/roles/web-app-bigbluebutton/README.md index 2d40ef19..1ee7c340 100644 --- a/roles/web-app-bigbluebutton/README.md +++ b/roles/web-app-bigbluebutton/README.md @@ -35,7 +35,7 @@ By default, BigBlueButton is deployed with best-practice hardening, modular secr ## System Requirements - Arch Linux with Docker, Compose, and Nginx roles pre-installed -- DNS and reverse proxy configuration using `srv-web-proxy-core` +- DNS and reverse proxy configuration using `srv-proxy-7-4-core` - Functional email system for Greenlight SMTP ## Important Resources diff --git a/roles/web-app-bigbluebutton/tasks/main.yml b/roles/web-app-bigbluebutton/tasks/main.yml index dc1f6ab9..2a11784a 100644 --- a/roles/web-app-bigbluebutton/tasks/main.yml +++ b/roles/web-app-bigbluebutton/tasks/main.yml @@ -17,9 +17,9 @@ database_username: "postgres" database_name: "" # Multiple databases -- name: "include role srv-web-proxy-domain for {{application_id}}" +- name: "include role srv-proxy-6-6-domain for {{application_id}}" include_role: - name: srv-web-proxy-domain + name: srv-proxy-6-6-domain - name: pull docker repository git: diff --git a/roles/web-app-bluesky/tasks/main.yml b/roles/web-app-bluesky/tasks/main.yml index a7c5d342..1b9d14c9 100644 --- a/roles/web-app-bluesky/tasks/main.yml +++ b/roles/web-app-bluesky/tasks/main.yml @@ -2,9 +2,9 @@ include_role: name: docker-compose -- name: "include role srv-web-proxy-domain for {{application_id}}" +- name: "include role srv-proxy-6-6-domain for {{application_id}}" include_role: - name: srv-web-proxy-domain + name: srv-proxy-6-6-domain vars: domain: "{{ item.domain }}" http_port: "{{ item.http_port }}" diff --git a/roles/web-app-collabora/templates/nginx.conf.j2 b/roles/web-app-collabora/templates/nginx.conf.j2 index dadbe90a..42c91e18 100644 --- a/roles/web-app-collabora/templates/nginx.conf.j2 +++ b/roles/web-app-collabora/templates/nginx.conf.j2 @@ -3,13 +3,13 @@ server { {% include 'roles/net-letsencrypt/templates/ssl_header.j2' %} - {% include 'roles/srv-web-injector-compose/templates/global.includes.conf.j2'%} + {% include 'roles/srv-web-7-7-inj-compose/templates/global.includes.conf.j2'%} - {% include 'roles/srv-web-proxy-core/templates/headers/content_security_policy.conf.j2' %} + {% include 'roles/srv-proxy-7-4-core/templates/headers/content_security_policy.conf.j2' %} - {% include 'roles/srv-web-proxy-core/templates/location/proxy_basic.conf.j2' %} + {% include 'roles/srv-proxy-7-4-core/templates/location/proxy_basic.conf.j2' %} {% set location = '^~ /cool/' %} - {% include 'roles/srv-web-proxy-core/templates/location/proxy_basic.conf.j2' %} + {% include 'roles/srv-proxy-7-4-core/templates/location/proxy_basic.conf.j2' %} } \ No newline at end of file diff --git a/roles/web-app-coturn/meta/main.yml b/roles/web-app-coturn/meta/main.yml index 1e292315..7745661c 100644 --- a/roles/web-app-coturn/meta/main.yml +++ b/roles/web-app-coturn/meta/main.yml @@ -23,4 +23,4 @@ galaxy_info: - all dependencies: - docker-compose - - srv-web-proxy-domain + - srv-proxy-6-6-domain diff --git a/roles/web-app-elk/tasks/main.yml b/roles/web-app-elk/tasks/main.yml index c4e591f7..327f707e 100644 --- a/roles/web-app-elk/tasks/main.yml +++ b/roles/web-app-elk/tasks/main.yml @@ -1,8 +1,8 @@ --- -- name: "include role srv-web-proxy-domain for {{application_id}}" +- name: "include role srv-proxy-6-6-domain for {{application_id}}" include_role: - name: srv-web-proxy-domain + name: srv-proxy-6-6-domain vars: domain: "{{ domains | get_domain(application_id) }}" http_port: "{{ ports.localhost.http[application_id] }}" diff --git a/roles/web-app-fusiondirectory/README.md b/roles/web-app-fusiondirectory/README.md index 3f5f06c1..aec36a75 100644 --- a/roles/web-app-fusiondirectory/README.md +++ b/roles/web-app-fusiondirectory/README.md @@ -9,7 +9,7 @@ This Ansible role deploys and configures [FusionDirectory](https://www.fusiondir - Loads and templating of FusionDirectory-specific variables - Generates a `.env` file for the container environment - Deploys the FusionDirectory container via Docker Compose -- Configures NGINX (via the `srv-web-proxy-domain` role) to expose the service +- Configures NGINX (via the `srv-proxy-6-6-domain` role) to expose the service - Integrates with your central LDAP server for authentication ## Features diff --git a/roles/web-app-mailu/tasks/main.yml b/roles/web-app-mailu/tasks/main.yml index 57f2dacb..a413474c 100644 --- a/roles/web-app-mailu/tasks/main.yml +++ b/roles/web-app-mailu/tasks/main.yml @@ -4,9 +4,9 @@ name: cmp-db-docker-proxy when: run_once_docker_mailu is not defined -- name: "Include the srv-web-proxy-tls-deploy role" +- name: "Include the srv-proxy-6-6-tls-deploy role" include_role: - name: srv-web-proxy-tls-deploy + name: srv-proxy-6-6-tls-deploy when: run_once_docker_mailu is not defined - name: Flush docker service handlers diff --git a/roles/web-app-mastodon/tasks/main.yml b/roles/web-app-mastodon/tasks/main.yml index e9611ba8..4eadc581 100644 --- a/roles/web-app-mastodon/tasks/main.yml +++ b/roles/web-app-mastodon/tasks/main.yml @@ -5,7 +5,7 @@ - name: "Include setup for domain '{{ domain }}'" include_role: - name: srv-web-proxy-domain + name: srv-proxy-6-6-domain loop: "{{ domains.mastodon }}" loop_control: loop_var: domain diff --git a/roles/web-app-matrix-deprecated/meta/main.yml b/roles/web-app-matrix-deprecated/meta/main.yml index 90f0b6ca..9bc194d3 100644 --- a/roles/web-app-matrix-deprecated/meta/main.yml +++ b/roles/web-app-matrix-deprecated/meta/main.yml @@ -24,4 +24,4 @@ galaxy_info: logo: class: "fa-solid fa-satellite-dish" dependencies: -- srv-web-proxy-core +- srv-proxy-7-4-core diff --git a/roles/web-app-matrix-deprecated/tasks/main.yml b/roles/web-app-matrix-deprecated/tasks/main.yml index 8b733c4a..eb2d37e1 100644 --- a/roles/web-app-matrix-deprecated/tasks/main.yml +++ b/roles/web-app-matrix-deprecated/tasks/main.yml @@ -1,7 +1,7 @@ --- -- name: "include role srv-web-proxy-domain for {{application_id}}" +- name: "include role srv-proxy-6-6-domain for {{application_id}}" include_role: - name: srv-web-proxy-domain + name: srv-proxy-6-6-domain loop: - "{{domains.matrix.element}}" - "{{domains.matrix.synapse}}" diff --git a/roles/web-app-matrix/tasks/main.yml b/roles/web-app-matrix/tasks/main.yml index 6791e4cb..53b0cf99 100644 --- a/roles/web-app-matrix/tasks/main.yml +++ b/roles/web-app-matrix/tasks/main.yml @@ -14,7 +14,7 @@ - name: "include role for {{application_id}} to receive certs & do modification routines" include_role: - name: srv-web-composer + name: srv-web-7-6-composer vars: domain: "{{domains.matrix.synapse}}" http_port: "{{ports.localhost.http.synapse}}" @@ -39,9 +39,9 @@ http_port: "{{ports.localhost.http.synapse}}" notify: restart nginx -- name: "include role srv-web-proxy-domain for {{application_id}}" +- name: "include role srv-proxy-6-6-domain for {{application_id}}" include_role: - name: srv-web-proxy-domain + name: srv-proxy-6-6-domain vars: domain: "{{domains.matrix.element}}" http_port: "{{ports.localhost.http.element}}" diff --git a/roles/web-app-matrix/templates/nginx.conf.j2 b/roles/web-app-matrix/templates/nginx.conf.j2 index e9814202..26bd8fe3 100644 --- a/roles/web-app-matrix/templates/nginx.conf.j2 +++ b/roles/web-app-matrix/templates/nginx.conf.j2 @@ -11,6 +11,6 @@ server { listen 8448 ssl default_server; listen [::]:8448 ssl default_server; - {% include 'roles/srv-web-injector-compose/templates/global.includes.conf.j2'%} - {% include 'roles/srv-web-proxy-core/templates/location/proxy_basic.conf.j2' %} + {% include 'roles/srv-web-7-7-inj-compose/templates/global.includes.conf.j2'%} + {% include 'roles/srv-proxy-7-4-core/templates/location/proxy_basic.conf.j2' %} } \ No newline at end of file diff --git a/roles/web-app-mybb/meta/main.yml b/roles/web-app-mybb/meta/main.yml index 90d616df..743fc300 100644 --- a/roles/web-app-mybb/meta/main.yml +++ b/roles/web-app-mybb/meta/main.yml @@ -24,4 +24,4 @@ galaxy_info: - web-app-keycloak - web-app-mailu dependencies: - - srv-web-proxy-core \ No newline at end of file + - srv-proxy-7-4-core \ No newline at end of file diff --git a/roles/web-app-mybb/tasks/setup-domain.yml b/roles/web-app-mybb/tasks/setup-domain.yml index 4e025fbf..18980b11 100644 --- a/roles/web-app-mybb/tasks/setup-domain.yml +++ b/roles/web-app-mybb/tasks/setup-domain.yml @@ -1,12 +1,12 @@ - name: "include role receive certbot certificate" include_role: - name: srv-web-tls-core + name: srv-web-6-6-tls-core vars: domain: "{{domains | get_domain(application_id)}}" - name: configure {{domains | get_domain(application_id)}}.conf template: - src: "roles/srv-web-proxy-core/templates/vhost/basic.conf.j2" + src: "roles/srv-proxy-7-4-core/templates/vhost/basic.conf.j2" dest: "{{nginx.directories.http.servers}}{{domains | get_domain(application_id)}}.conf" notify: restart nginx vars: diff --git a/roles/web-app-nextcloud/tasks/main.yml b/roles/web-app-nextcloud/tasks/main.yml index 113b95cd..ec0530ac 100644 --- a/roles/web-app-nextcloud/tasks/main.yml +++ b/roles/web-app-nextcloud/tasks/main.yml @@ -21,7 +21,7 @@ - name: "include role for {{application_id}} to receive certs & do modification routines" include_role: - name: srv-web-composer + name: srv-web-7-6-composer - name: create nextcloud nginx proxy configuration file template: diff --git a/roles/web-app-nextcloud/templates/nginx/host.conf.j2 b/roles/web-app-nextcloud/templates/nginx/host.conf.j2 index 81fdb051..addda90e 100644 --- a/roles/web-app-nextcloud/templates/nginx/host.conf.j2 +++ b/roles/web-app-nextcloud/templates/nginx/host.conf.j2 @@ -6,7 +6,7 @@ server {% include 'roles/net-letsencrypt/templates/ssl_header.j2' %} - {% include 'roles/srv-web-injector-compose/templates/global.includes.conf.j2'%} + {% include 'roles/srv-web-7-7-inj-compose/templates/global.includes.conf.j2'%} # Remove X-Powered-By, which is an information leak fastcgi_hide_header X-Powered-By; @@ -18,7 +18,7 @@ server client_body_buffer_size 400M; fastcgi_buffers 64 4K; - {% include 'roles/srv-web-proxy-core/templates/location/proxy_basic.conf.j2' %} + {% include 'roles/srv-proxy-7-4-core/templates/location/proxy_basic.conf.j2' %} location ^~ /.well-known { rewrite ^/\.well-known/host-meta\.json /public.php?service=host-meta-json last; diff --git a/roles/web-app-oauth2-proxy/meta/main.yml b/roles/web-app-oauth2-proxy/meta/main.yml index 9cbd55c0..75a73f92 100644 --- a/roles/web-app-oauth2-proxy/meta/main.yml +++ b/roles/web-app-oauth2-proxy/meta/main.yml @@ -23,4 +23,4 @@ galaxy_info: - all dependencies: - docker-compose - - srv-web-proxy-domain + - srv-proxy-6-6-domain diff --git a/roles/web-app-peertube/tasks/create-domains.yml b/roles/web-app-peertube/tasks/create-domains.yml index 491f3770..d693c9b3 100644 --- a/roles/web-app-peertube/tasks/create-domains.yml +++ b/roles/web-app-peertube/tasks/create-domains.yml @@ -1,6 +1,6 @@ - name: "include role for {{application_id}} to receive certs & do modification routines" include_role: - name: srv-web-composer + name: srv-web-7-6-composer - name: configure {{domain}}.conf template: diff --git a/roles/web-app-peertube/templates/peertube.conf.j2 b/roles/web-app-peertube/templates/peertube.conf.j2 index 9ac7a040..fa70fc3a 100644 --- a/roles/web-app-peertube/templates/peertube.conf.j2 +++ b/roles/web-app-peertube/templates/peertube.conf.j2 @@ -3,9 +3,9 @@ server { {% include 'roles/net-letsencrypt/templates/ssl_header.j2' %} - {% include 'roles/srv-web-injector-compose/templates/global.includes.conf.j2'%} + {% include 'roles/srv-web-7-7-inj-compose/templates/global.includes.conf.j2'%} - {% include 'roles/srv-web-proxy-core/templates/headers/content_security_policy.conf.j2' %} + {% include 'roles/srv-proxy-7-4-core/templates/headers/content_security_policy.conf.j2' %} ## # Application diff --git a/roles/web-app-syncope/tasks/main.yml b/roles/web-app-syncope/tasks/main.yml index abe57634..679ef2fb 100644 --- a/roles/web-app-syncope/tasks/main.yml +++ b/roles/web-app-syncope/tasks/main.yml @@ -5,7 +5,7 @@ - name: "include role for {{application_id}} to receive certs & do modification routines" include_role: - name: srv-web-composer + name: srv-web-7-6-composer - name: configure {{domain}}.conf template: diff --git a/roles/web-app-syncope/templates/proxy.conf b/roles/web-app-syncope/templates/proxy.conf index b42858aa..bc989882 100644 --- a/roles/web-app-syncope/templates/proxy.conf +++ b/roles/web-app-syncope/templates/proxy.conf @@ -6,7 +6,7 @@ server {% include 'roles/web-app-oauth2-proxy/templates/endpoint.conf.j2'%} {% endif %} - {% include 'roles/srv-web-injector-compose/templates/global.includes.conf.j2'%} + {% include 'roles/srv-web-7-7-inj-compose/templates/global.includes.conf.j2'%} {% if proxy_extra_configuration is defined %} {# Additional Domain Specific Configuration #} @@ -17,6 +17,6 @@ server {% for path in syncope_paths.values() %} {% set location = web_protocol ~ '://' ~ domains | get_domain(application_id) ~ '/' ~ path ~ '/' %} - {% include 'roles/srv-web-proxy-core/templates/location/proxy_basic.conf.j2'%} + {% include 'roles/srv-proxy-7-4-core/templates/location/proxy_basic.conf.j2'%} {% endfor %} } \ No newline at end of file diff --git a/roles/web-app-taiga/README.md b/roles/web-app-taiga/README.md index 64fb480b..bc215730 100644 --- a/roles/web-app-taiga/README.md +++ b/roles/web-app-taiga/README.md @@ -39,7 +39,7 @@ By using this role, teams can set up Taiga in minutes on Arch Linux systems — - [taiga-contrib-oidc-auth (official)](https://github.com/taigaio/taiga-contrib-oidc-auth) - 📨 **Email Backend:** Supports SMTP and console backends for development. - 🔁 **Async & Realtime Events:** Includes RabbitMQ and support for Taiga’s event system. -- 🌐 **Reverse Proxy Ready:** Integrates with Nginx using the `srv-web-proxy-domain` role. +- 🌐 **Reverse Proxy Ready:** Integrates with Nginx using the `srv-proxy-6-6-domain` role. - 🧩 **Composable Design:** Integrates cleanly with other CyMaIS infrastructure roles. --- diff --git a/roles/web-app-wordpress/tasks/main.yml b/roles/web-app-wordpress/tasks/main.yml index 1f879d61..a9b67a49 100644 --- a/roles/web-app-wordpress/tasks/main.yml +++ b/roles/web-app-wordpress/tasks/main.yml @@ -3,9 +3,9 @@ include_role: name: cmp-db-docker -- name: "Include role srv-web-proxy-domain for {{ application_id }}" +- name: "Include role srv-proxy-6-6-domain for {{ application_id }}" include_role: - name: srv-web-proxy-domain + name: srv-proxy-6-6-domain loop: "{{ applications[application_id].domains.canonical }}" loop_control: loop_var: domain diff --git a/roles/web-redirect-domains/README.md b/roles/web-redirect-domains/README.md index 0e60682d..a7e0c193 100644 --- a/roles/web-redirect-domains/README.md +++ b/roles/web-redirect-domains/README.md @@ -9,7 +9,7 @@ This Ansible role configures Nginx to perform 301 redirects from one domain to a ## Dependencies -- `srv-web-https`: A role for setting up HTTPS for Nginx +- `srv-web-7-6-https`: A role for setting up HTTPS for Nginx - `letsencrypt`: A role for managing SSL certificates with Let's Encrypt ## Author Information diff --git a/roles/web-redirect-domains/meta/main.yml b/roles/web-redirect-domains/meta/main.yml index f5fd1a9e..606c8b3d 100644 --- a/roles/web-redirect-domains/meta/main.yml +++ b/roles/web-redirect-domains/meta/main.yml @@ -20,5 +20,5 @@ galaxy_info: - name: Any versions: [ all ] dependencies: - - srv-web-https + - srv-web-7-6-https diff --git a/roles/web-redirect-domains/tasks/redirect-domain.yml b/roles/web-redirect-domains/tasks/redirect-domain.yml index ba27a1fc..a85cc519 100644 --- a/roles/web-redirect-domains/tasks/redirect-domain.yml +++ b/roles/web-redirect-domains/tasks/redirect-domain.yml @@ -1,6 +1,6 @@ - name: "include task receive certbot certificate" include_role: - name: srv-web-tls-core + name: srv-web-6-6-tls-core - name: "Deploying NGINX redirect configuration for {{ domain }}" template: diff --git a/roles/web-redirect-www/meta/main.yml b/roles/web-redirect-www/meta/main.yml index db26d619..42ed03a6 100644 --- a/roles/web-redirect-www/meta/main.yml +++ b/roles/web-redirect-www/meta/main.yml @@ -23,4 +23,4 @@ galaxy_info: issue_tracker_url: "https://s.veen.world/cymaisissues" documentation: "https://s.veen.world/cymais" dependencies: - - srv-web-core \ No newline at end of file + - srv-web-7-4-core \ No newline at end of file diff --git a/roles/web-svc-files/meta/main.yml b/roles/web-svc-files/meta/main.yml index 4e5f18e1..2a7a6e99 100644 --- a/roles/web-svc-files/meta/main.yml +++ b/roles/web-svc-files/meta/main.yml @@ -26,5 +26,5 @@ galaxy_info: issue_tracker_url: "https://s.veen.world/cymaisissues" documentation: "https://s.veen.world/cymais" dependencies: - - srv-web-https + - srv-web-7-6-https - gen-git diff --git a/roles/web-svc-files/tasks/main.yml b/roles/web-svc-files/tasks/main.yml index d1ad5542..af9ae5b9 100644 --- a/roles/web-svc-files/tasks/main.yml +++ b/roles/web-svc-files/tasks/main.yml @@ -1,7 +1,7 @@ --- - name: "include role for {{application_id}} to receive certs & do modification routines" include_role: - name: srv-web-composer + name: srv-web-7-6-composer vars: domain: "{{ domains | get_domain(application_id) }}" http_port: "{{ ports.localhost.http[application_id] }}" diff --git a/roles/web-svc-files/templates/nginx.conf.j2 b/roles/web-svc-files/templates/nginx.conf.j2 index 637db4f2..2adf4c50 100644 --- a/roles/web-svc-files/templates/nginx.conf.j2 +++ b/roles/web-svc-files/templates/nginx.conf.j2 @@ -4,9 +4,9 @@ server {% include 'roles/net-letsencrypt/templates/ssl_header.j2' %} - {% include 'roles/srv-web-injector-compose/templates/global.includes.conf.j2'%} + {% include 'roles/srv-web-7-7-inj-compose/templates/global.includes.conf.j2'%} - {% include 'roles/srv-web-proxy-core/templates/headers/content_security_policy.conf.j2' %} + {% include 'roles/srv-proxy-7-4-core/templates/headers/content_security_policy.conf.j2' %} charset utf-8; location / diff --git a/roles/web-svc-html/meta/main.yml b/roles/web-svc-html/meta/main.yml index ee060e5e..f4d5c04f 100644 --- a/roles/web-svc-html/meta/main.yml +++ b/roles/web-svc-html/meta/main.yml @@ -29,5 +29,5 @@ galaxy_info: run_after: - web-app-matomo dependencies: - - srv-web-https + - srv-web-7-6-https - gen-git diff --git a/roles/web-svc-html/tasks/main.yml b/roles/web-svc-html/tasks/main.yml index 8f7ba7af..a94824da 100644 --- a/roles/web-svc-html/tasks/main.yml +++ b/roles/web-svc-html/tasks/main.yml @@ -1,7 +1,7 @@ --- - name: "include role for {{application_id}} to receive certs & do modification routines" include_role: - name: srv-web-composer + name: srv-web-7-6-composer vars: domain: "{{domains | get_domain(application_id)}}" http_port: "{{ ports.localhost.http[application_id] }}" diff --git a/roles/web-svc-html/templates/nginx.conf.j2 b/roles/web-svc-html/templates/nginx.conf.j2 index 41ad3b0c..aa631fb8 100644 --- a/roles/web-svc-html/templates/nginx.conf.j2 +++ b/roles/web-svc-html/templates/nginx.conf.j2 @@ -4,9 +4,9 @@ server {% include 'roles/net-letsencrypt/templates/ssl_header.j2' %} - {% include 'roles/srv-web-injector-compose/templates/global.includes.conf.j2'%} + {% include 'roles/srv-web-7-7-inj-compose/templates/global.includes.conf.j2'%} - {% include 'roles/srv-web-proxy-core/templates/headers/content_security_policy.conf.j2' %} + {% include 'roles/srv-proxy-7-4-core/templates/headers/content_security_policy.conf.j2' %} charset utf-8; location /