refactor(webserver): rename roles and update references

- Rename sys-svc-webserver -> sys-svc-webserver-core
- Rename sys-stk-front-pure -> sys-svc-webserver-https
- Update includes, run_once flags, and docs across:
  * sys-ctl-mtn-cert-renew
  * sys-front-inj-*
  * sys-stk-front-proxy
  * sys-svc-certs
  * sys-svc-cln-domains
  * web-opt-rdr-*
  * web-svc-*
- Remove redundant webserver include in web-opt-rdr-www
- Fix documentation links

Ref: ChatGPT conversation https://chatgpt.com/share/68d6cea2-3570-800f-acb3-c3277317f17b

roles/sys-ctl-mtn-cert-renew/tasks/01_core.yml

@@ -3,7 +3,7 @@
     name: '{{ item }}'
   loop:
   - sys-svc-certbot
-  - sys-svc-webserver
+  - sys-svc-webserver-core
   - sys-ctl-alm-compose
 
 - name: install certbot

roles/sys-front-inj-all/tasks/main.yml

@@ -41,9 +41,9 @@
   when: inj_enabled.logout
 
 - block:
-  - name: Include dependency 'sys-svc-webserver'
+  - name: Include dependency 'sys-svc-webserver-core'
     include_role:
-      name: sys-svc-webserver
+      name: sys-svc-webserver-core
-    when: run_once_sys_svc_webserver is not defined
+    when: run_once_sys_svc_webserver_core is not defined
   - include_tasks: utils/run_once.yml
   when: run_once_sys_front_inj_all is not defined

roles/sys-front-inj-css/tasks/01_core.yml

@@ -1,7 +1,7 @@
-- name: Include dependency 'sys-svc-webserver'
+- name: Include dependency 'sys-svc-webserver-core'
   include_role:
-    name: sys-svc-webserver
+    name: sys-svc-webserver-core
-  when: run_once_sys_svc_webserver is not defined
+  when: run_once_sys_svc_webserver_core is not defined
 
 - name: Generate color palette with colorscheme-generator
   set_fact:

roles/sys-front-inj-desktop/tasks/main.yml

@@ -1,8 +1,8 @@
 - block:
-  - name: Include dependency 'sys-svc-webserver'
+  - name: Include dependency 'sys-svc-webserver-core'
     include_role:
-      name: sys-svc-webserver
+      name: sys-svc-webserver-core
-    when: run_once_sys_svc_webserver is not defined
+    when: run_once_sys_svc_webserver_core is not defined
   - include_tasks: 01_deploy.yml
   - include_tasks: utils/run_once.yml
   when: run_once_sys_front_inj_desktop is not defined

roles/sys-front-inj-javascript/tasks/main.yml

@@ -1,9 +1,9 @@
 - block:
 
-  - name: Include dependency 'sys-svc-webserver'
+  - name: Include dependency 'sys-svc-webserver-core'
     include_role:
-      name: sys-svc-webserver
+      name: sys-svc-webserver-core
-    when: run_once_sys_svc_webserver is not defined
+    when: run_once_sys_svc_webserver_core is not defined
   - include_tasks: utils/run_once.yml
   when: run_once_sys_front_inj_javascript is not defined
 

roles/sys-front-inj-logout/tasks/01_core.yml

@@ -1,8 +1,8 @@
-- name: Include dependency 'sys-svc-webserver'
+- name: Include dependency 'sys-svc-webserver-core'
   include_role:
-    name: sys-svc-webserver
+    name: sys-svc-webserver-core
   when: 
-    - run_once_sys_svc_webserver is not defined
+    - run_once_sys_svc_webserver_core is not defined
   
 - name: "deploy the logout.js"
   include_tasks: "02_deploy.yml"

roles/sys-front-inj-matomo/tasks/main.yml

@@ -1,8 +1,8 @@
 - block:
-  - name: Include dependency 'sys-svc-webserver'
+  - name: Include dependency 'sys-svc-webserver-core'
     include_role:
-      name: sys-svc-webserver
+      name: sys-svc-webserver-core
-    when: run_once_sys_svc_webserver is not defined
+    when: run_once_sys_svc_webserver_core is not defined
   - include_tasks: utils/run_once.yml
   when: run_once_sys_front_inj_matomo is not defined
 

roles/sys-stk-front-proxy/tasks/01_base.yml

@@ -1,8 +1,8 @@
 - block:
-  - name: Include dependency 'sys-stk-front-pure'
+  - name: Include dependency 'sys-svc-webserver-https'
     include_role:
-      name: sys-stk-front-pure
+      name: sys-svc-webserver-https
-    when: run_once_sys_stk_front_pure is not defined
+    when: run_once_sys_svc_webserver_https is not defined
   - include_tasks: utils/run_once.yml
   when: run_once_sys_stk_front_proxy is not defined
 

roles/sys-svc-certs/tasks/main.yml

@@ -1,8 +1,8 @@
 - block:
-  - name: Include dependency 'sys-stk-front-pure'
+  - name: Include dependency 'sys-svc-webserver-https'
     include_role:
-      name: sys-stk-front-pure
+      name: sys-svc-webserver-https
-    when: run_once_sys_stk_front_pure is not defined
+    when: run_once_sys_svc_webserver_https is not defined
   - include_tasks: utils/run_once.yml
   when: run_once_sys_svc_certs is not defined
 

roles/sys-svc-cln-domains/tasks/main.yml

@@ -3,7 +3,7 @@
     include_role:
       name: '{{ item }}'
     loop:
-    - sys-svc-webserver
+    - sys-svc-webserver-core
 
   - name: Include task to remove deprecated nginx configs
     include_tasks: remove_deprecated_nginx_configs.yml

roles/sys-svc-proxy/README.md

@@ -16,7 +16,7 @@ The goal of this role is to deliver a **hassle-free, production-ready reverse pr
 
 ## Features
 
-- **Automatic TLS & HSTS** — integrates with the *sys-stk-front-pure* role for certificate management.  
+- **Automatic TLS & HSTS** — integrates with the *sys-svc-webserver-https* role for certificate management.  
 - **Flexible vHost templates** — *basic* and *ws_generic* flavours cover standard HTTP and WebSocket applications.  
 - **Security headers** — sensible defaults plus optional X-Frame-Options / CSP based on application settings.  
 - **WebSocket & HTTP/2 aware** — upgrades, keep-alive tuning, and gzip already configured.  

roles/sys-svc-proxy/TODO.md

@@ -2,4 +2,4 @@
 - Optimize buffering
 - Optimize caching
 - Make 'proxy_hide_header Content-Security-Policy' optional by using more_header option. See [ChatGPT Conversation](https://chatgpt.com/share/6825cb39-8db8-800f-8886-0cebdfad575a)
-- Refactor this role - It seems like it's just an wrapper for 'sys-stk-front-pure' which doesn't add any additional logic
+- Refactor this role - It seems like it's just an wrapper for 'sys-svc-webserver-https' which doesn't add any additional logic

roles/sys-svc-webserver-core/meta/main.yml

@@ -18,4 +18,4 @@ galaxy_info:
     - performance
   repository: "https://s.infinito.nexus/code"
   issue_tracker_url: "https://s.infinito.nexus/issues"
-  documentation: "https://s.infinito.nexus/code/roles/sys-svc-webserver"
+  documentation: "https://s.infinito.nexus/code/roles/sys-svc-webserver-core"

roles/sys-svc-webserver-core/tasks/main.yml

@@ -0,0 +1,4 @@
+---
+- block:
+  - include_tasks: 01_core.yml
+  when: run_once_sys_svc_webserver_core is not defined

roles/sys-svc-webserver-https/README.md

@@ -1,21 +1,21 @@
 # Webserver HTTPS Provisioning 🚀
 
 ## Description
-The **sys-stk-front-pure** role extends a basic Nginx installation by wiring in everything you need to serve content over HTTPS:
+The **sys-svc-webserver-https** role extends a basic Nginx installation by wiring in everything you need to serve content over HTTPS:
 
 1. Ensures your Nginx server is configured for SSL/TLS.
 2. Pulls in Let’s Encrypt ACME challenge handling.
 3. Applies global cleanup of unused domain configs.
 
-This role is built on top of your existing `sys-svc-webserver` role, and it automates the end-to-end process of turning HTTP sites into secure HTTPS sites.
+This role is built on top of your existing `sys-svc-webserver-core` role, and it automates the end-to-end process of turning HTTP sites into secure HTTPS sites.
 
 ---
 
 ## Overview
 
-When you apply **sys-stk-front-pure**, it will:
+When you apply **sys-svc-webserver-https**, it will:
 
-1. **Include** the `sys-svc-webserver` role to install and configure Nginx.  
+1. **Include** the `sys-svc-webserver-core` role to install and configure Nginx.  
 2. **Clean up** any stale vHost files under `sys-svc-cln-domains`.  
 3. **Deploy** the Let’s Encrypt challenge-and-redirect snippet from `sys-svc-letsencrypt`.  
 4. **Reload** Nginx automatically when any template changes.
@@ -40,17 +40,6 @@ All tasks are idempotent—once your certificates are in place and your configur
 
 ---
 
-## Requirements
-
-- A working `sys-svc-webserver` setup.
-- DNS managed via Cloudflare (for CAA record tasks) or equivalent ACME DNS flow.
-- Variables:
-  - `LETSENCRYPT_WEBROOT_PATH`  
-  - `LETSENCRYPT_LIVE_PATH`  
-  - `on_calendar_renew_lets_encrypt_certificates`
-
----
-
 ## License
 
 This role is released under the **Infinito.Nexus NonCommercial License**.

roles/sys-svc-webserver-https/tasks/main.yml

@@ -3,9 +3,9 @@
     include_role:
       name: '{{ item }}'
     loop:
-    - sys-svc-webserver
+    - sys-svc-webserver-core
     - sys-svc-cln-domains
     - sys-svc-letsencrypt
     - sys-svc-dns
   - include_tasks: utils/run_once.yml
-  when: run_once_sys_stk_front_pure is not defined
+  when: run_once_sys_svc_webserver_https is not defined

roles/sys-svc-webserver/tasks/main.yml

@@ -1,4 +0,0 @@
----
-- block:
-  - include_tasks: 01_core.yml
-  when: run_once_sys_svc_webserver is not defined

roles/web-opt-rdr-domains/tasks/main.yml

@@ -1,8 +1,8 @@
 - block:
-  - name: Include dependency 'sys-stk-front-pure'
+  - name: Include dependency 'sys-svc-webserver-https'
     include_role:
-      name: sys-stk-front-pure
+      name: sys-svc-webserver-https
-    when: run_once_sys_stk_front_pure is not defined
+    when: run_once_sys_svc_webserver_https is not defined
   - include_tasks: utils/run_once.yml
   when: run_once_web_opt_rdr_domains is not defined
 

roles/web-opt-rdr-www/tasks/main.yml

@@ -1,10 +1,4 @@
 - block:
-  - name: Include dependency 'sys-svc-webserver'
-    include_role:
-      name: sys-svc-webserver
-    when: run_once_sys_svc_webserver is not defined
-  - include_tasks: utils/run_once.yml
-  when: run_once_web_opt_rdr_www is not defined
 
 - name: Include web-opt-rdr-domains role for www-to-bare redirects
   include_role:

roles/web-svc-cdn/tasks/01_core.yml

@@ -2,7 +2,7 @@
   include_role:
     name: '{{ item }}'
   loop:
-  - sys-stk-front-pure
+  - sys-svc-webserver-https
   - dev-git
   
 - name: "include role for {{ application_id }} to receive certs & do modification routines"

roles/web-svc-file/tasks/main.yml

@@ -3,7 +3,7 @@
     include_role:
       name: '{{ item }}'
     loop:
-    - sys-stk-front-pure
+    - sys-svc-webserver-https
     - dev-git
   - include_tasks: utils/run_once.yml
   when: run_once_web_svc_file is not defined

roles/web-svc-html/tasks/main.yml

@@ -3,7 +3,7 @@
     include_role:
       name: '{{ item }}'
     loop:
-    - sys-stk-front-pure
+    - sys-svc-webserver-https
     - dev-git
   - include_tasks: utils/run_once.yml
   when: run_once_web_svc_html is not defined