Refactor JVM memory filters, add Redis sizing and Docker cleanup service

- Replace jvm_filters with unified memory_filters (JVM + Redis helpers)
- Add redis_maxmemory_mb filter and unit tests
- Introduce sys-ctl-cln-docker role (systemd-based Docker prune + anon volumes)
- Refactor disk space health check to Python script and wire SIZE_PERCENT_CLEANUP_DISC_SPACE
- Adjust schedules and services for Docker cleanup and disk space health

See discussion: https://chatgpt.com/share/6925c1c5-ee38-800f-84b6-da29ccfa7537

roles/sys-ctl-cln-docker/README.md

@@ -0,0 +1,47 @@
+# Cleanup Docker Resources
+
+## Description
+
+This role performs a complete cleanup of Docker resources by invoking a systemd-managed script.
+It removes unused Docker images, stopped containers, networks, build cache, and anonymous volumes.
+The cleanup is fully automated and can run on a schedule or be triggered manually.
+
+## Overview
+
+Optimized for maintaining a clean and efficient Docker environment, this role:
+
+* Loads and triggers the anonymous volume cleanup role.
+* Installs a systemd service and timer for Docker pruning.
+* Deploys a cleanup script that invokes:
+
+  * The anonymous volume cleanup service.
+  * `docker system prune -a -f` to remove unused Docker resources.
+* Allows forced execution during maintenance runs (`MODE_CLEANUP`).
+
+## Purpose
+
+The primary purpose of this role is to prevent storage bloat caused by unused Docker images, volumes, and build artifacts.
+Regular pruning ensures:
+
+* Reduced disk usage
+* Improved system performance
+* Faster CI/CD and container deployments
+* More predictable Docker engine behavior
+
+## Features
+
+* **Anonymous Volume Cleanup:** Integrates with `sys-ctl-cln-anon-volumes` to remove stale volumes.
+* **Full Docker Prune:** Executes `docker system prune -a -f` to reclaim space.
+* **Systemd Integration:** Registers a systemd unit and timer for automated cleanup.
+* **Scheduled Execution:** Runs daily (or as configured) based on `SYS_SCHEDULE_CLEANUP_DOCKER`.
+* **Force Execution Mode:** When `MODE_CLEANUP=true`, cleanup is executed immediately.
+* **Safe Execution:** Includes validation for missing services and Docker availability.
+
+## Script Behavior
+
+The cleanup script:
+
+1. Checks whether the anonymous volume cleanup service is defined and available.
+2. Starts the service if present.
+3. Runs `docker system prune -a -f` if Docker is installed.
+4. Stops execution immediately on errors (`set -e` behavior).

roles/sys-ctl-cln-docker/meta/main.yml

@@ -0,0 +1,27 @@
+---
+galaxy_info:
+  author: "Kevin Veen-Birkenbach"
+  description: >
+    Cleans up anonymous Docker volumes and performs a full `docker system prune -a -f`
+    via a dedicated systemd service.
+  license: "Infinito.Nexus NonCommercial License"
+  license_url: "https://s.infinito.nexus/license"
+  company: |
+    Kevin Veen-Birkenbach
+    Consulting & Coaching Solutions
+    https://www.veen.world
+  min_ansible_version: "2.9"
+  platforms:
+    - name: Linux
+      versions:
+        - all
+  galaxy_tags:
+    - docker
+    - cleanup
+    - prune
+    - automation
+    - maintenance
+    - system
+  repository: "https://s.infinito.nexus/code"
+  issue_tracker_url: "https://s.infinito.nexus/issues"
+  documentation: "https://docs.infinito.nexus"

roles/sys-ctl-cln-docker/tasks/main.yml

@@ -0,0 +1,23 @@
+- block:
+    - name: Load role to delete anonymous volumes
+      include_role:
+        name: sys-ctl-cln-anon-volumes
+      vars: 
+        system_service_force_flush: true
+      when: run_once_sys_ctl_cln_anon_volumes is not defined
+    
+    - name: "Register Docker prune system service"
+      include_role:
+        name: sys-service
+      vars:
+        system_service_timer_enabled:       true
+        system_service_on_calendar:         "{{ SYS_SCHEDULE_CLEANUP_DOCKER }}"
+        system_service_copy_files:          true
+        system_service_tpl_exec_start:      "{{ system_service_script_exec }}"
+        system_service_tpl_exec_start_pre:  ""
+        system_service_tpl_on_failure:      "{{ SYS_SERVICE_ON_FAILURE_COMPOSE }}"
+        system_service_force_linear_sync:   false
+        system_service_force_flush:         "{{ MODE_CLEANUP }}"
+
+    - include_tasks: utils/run_once.yml
+  when: run_once_sys_ctl_cln_docker is not defined

roles/sys-ctl-cln-docker/templates/script.sh.j2

@@ -0,0 +1,10 @@
+#!/bin/sh
+# Cleans up anonymous Docker volumes and performs a full Docker system prune.
+
+set -e
+
+echo "Cleaning up anonymous Docker volumes via systemd service..."
+systemctl start {{ SYS_SERVICE_CLEANUP_ANONYMOUS_VOLUMES }} || exit 1
+echo "Pruning Docker system resources (images, containers, networks, build cache)..."
+docker system prune -a -f || exit 2
+echo "Docker prune cleanup finished."

roles/sys-ctl-cln-docker/vars/main.yml

@@ -0,0 +1 @@
+system_service_id: "sys-ctl-cln-docker"