Renamed webserver roles to more speakable names

2025-08-26 21:45:20 +02:00 · 2025-08-20 08:54:17 +02:00 · 2025-08-20 08:54:17 +02:00 · a4f39ac732
commit a4f39ac732
parent 9cfb8f3a60
101 changed files with 147 additions and 147 deletions
--- a/roles/cmp-db-docker-proxy/README.md
+++ b/roles/cmp-db-docker-proxy/README.md
@ -8,4 +8,4 @@ This role builds on `cmp-db-docker` by adding a reverse-proxy frontend for HTTP
  Leverages the `cmp-db-docker` role to stand up your containerized database (PostgreSQL, MariaDB, etc.) with backups and user management.
 - **Reverse Proxy**  
-  Includes the `srv-proxy-6-6-domain` role to configure a proxy (e.g. nginx) for routing HTTP(S) traffic to your database UI or management endpoint.
+  Includes the `srv-domain-provision` role to configure a proxy (e.g. nginx) for routing HTTP(S) traffic to your database UI or management endpoint.
--- a/roles/cmp-db-docker-proxy/meta/main.yml
+++ b/roles/cmp-db-docker-proxy/meta/main.yml
@ -1,7 +1,7 @@
 galaxy_info:
  author: "Kevin Veen-Birkenbach"
  description: >
-    Extends cmp-db-docker by adding an HTTP reverse proxy via srv-proxy-6-6-domain.
+    Extends cmp-db-docker by adding an HTTP reverse proxy via srv-domain-provision.
  company: |
    Kevin Veen-Birkenbach
    Consulting & Coaching Solutions
--- a/roles/cmp-db-docker-proxy/tasks/main.yml
+++ b/roles/cmp-db-docker-proxy/tasks/main.yml
@ -8,9 +8,9 @@
  include_role:
    name: cmp-db-docker
- name: "For '{{ application_id }}': include role srv-proxy-6-6-domain"
+- name: "For '{{ application_id }}': include role srv-domain-provision"
  include_role:
-    name: srv-proxy-6-6-domain
+    name: srv-domain-provision
  vars:
    domain:     "{{ domains | get_domain(application_id) }}"
    http_port:  "{{ ports.localhost.http[application_id] }}"
--- a/roles/cmp-docker-proxy/README.md
+++ b/roles/cmp-docker-proxy/README.md
@ -8,4 +8,4 @@ This role combines the standard Docker Compose setup with a reverse-proxy for an
  Brings up containers, networks, and volumes via the `docker-compose` role.
 - **Reverse Proxy**  
-  Uses the `srv-proxy-6-6-domain` role to expose your application under a custom domain and port.
+  Uses the `srv-domain-provision` role to expose your application under a custom domain and port.
--- a/roles/cmp-docker-proxy/meta/main.yml
+++ b/roles/cmp-docker-proxy/meta/main.yml
@ -1,7 +1,7 @@
 galaxy_info:
  author: "Kevin Veen-Birkenbach"
  description: >
-    Combines the docker-compose role with srv-proxy-6-6-domain to
+    Combines the docker-compose role with srv-domain-provision to
    deploy applications behind a reverse proxy.
  company: |
    Kevin Veen-Birkenbach
--- a/roles/cmp-docker-proxy/tasks/main.yml
+++ b/roles/cmp-docker-proxy/tasks/main.yml
@ -1,9 +1,9 @@
 # run_once_cmp_docker_proxy: deactivated
 # Load the proxy first, so that openresty handlers are flushed before the main docker compose
- name: "For '{{ application_id }}': include role srv-proxy-6-6-domain"
+- name: "For '{{ application_id }}': include role srv-domain-provision"
  include_role:
-    name: srv-proxy-6-6-domain
+    name: srv-domain-provision
  vars:
    domain:   "{{ domains | get_domain(application_id) }}"
    http_port:   "{{ ports.localhost.http[application_id] }}"
--- a/roles/docker-compose/README.md
+++ b/roles/docker-compose/README.md
@ -20,7 +20,7 @@ To offer a centralized, extensible system for managing containerized application
 - **Reset Logic:** Cleans previous Compose project files and data when `MODE_RESET` is enabled.
 - **Handlers for Runtime Control:** Automatically builds, sets up, or restarts containers based on handlers.
 - **Template-ready Service Files:** Predefined service base and health check templates.
- **Integration Support:** Compatible with `srv-proxy-7-4-core` and other Infinito.Nexus service roles.
+- **Integration Support:** Compatible with `srv-proxy-core` and other Infinito.Nexus service roles.
 ## Administration Tips
--- a/roles/srv-web-7-6-composer/README.md
+++ b/roles/srv-web-7-6-composer/README.md
@ -1,10 +1,10 @@
-# Role: srv-web-7-6-composer
+# Role: srv-composer
 This Ansible role composes and orchestrates all necessary HTTPS-layer tasks and HTML-content injections for your webserver domains. It integrates two key sub-roles into a unified workflow:
 1. **`sys-srv-web-inj-compose`**
   Injects global HTML snippets (CSS, Matomo tracking, iFrame notifier, custom JavaScript) into responses using Nginx `sub_filter`.
-2. **`srv-web-6-6-tls-core`**
+2. **`srv-tls-core`**
   Handles issuing, renewing, and managing TLS certificates via ACME/Certbot.
 By combining encryption setup with content enhancements, this role streamlines domain provisioning for secure, fully-featured HTTP/HTTPS delivery.
@ -16,7 +16,7 @@ By combining encryption setup with content enhancements, this role streamlines d
 * **Content Injection**
  Adds global theming, analytics, and custom scripts before `</head>` and tracking noscript tags before `</body>`.
 * **Certificate Management**
-  Automates cert issuance and renewal via `srv-web-6-6-tls-core`.
+  Automates cert issuance and renewal via `srv-tls-core`.
 * **Idempotent Workflow**
  Ensures each component runs only once per domain.
 * **Simplified Playbooks**
--- a/roles/srv-web-7-6-composer/meta/main.yml
+++ b/roles/srv-web-7-6-composer/meta/main.yml
@ -27,4 +27,4 @@ galaxy_info:
    - orchestration
  repository: "https://s.infinito.nexus/code"
  issue_tracker_url: "https://s.infinito.nexus/issues"
-  documentation: "https://s.infinito.nexus/code/roles/srv-web-7-6-composer"
+  documentation: "https://s.infinito.nexus/code/roles/srv-composer"
--- a/roles/srv-composer/tasks/main.yml
+++ b/roles/srv-composer/tasks/main.yml
@ -0,0 +1,9 @@
 # run_once_srv_composer: deactivated
 - name: "include role sys-srv-web-inj-compose for '{{ domain }}'"
  include_role: 
    name: sys-srv-web-inj-compose
 - name: "include role srv-tls-core for '{{ domain }}'"
  include_role: 
    name: srv-tls-core
--- a/roles/srv-web-7-4-core/README.md
+++ b/roles/srv-web-7-4-core/README.md
--- a/roles/srv-web-7-4-core/Todo.md
+++ b/roles/srv-web-7-4-core/Todo.md
--- a/roles/srv-web-7-4-core/meta/main.yml
+++ b/roles/srv-web-7-4-core/meta/main.yml
@ -18,4 +18,4 @@ galaxy_info:
    - performance
  repository: "https://s.infinito.nexus/code"
  issue_tracker_url: "https://s.infinito.nexus/issues"
-  documentation: "https://s.infinito.nexus/code/roles/srv-web-7-4-core"
+  documentation: "https://s.infinito.nexus/code/roles/srv-core"
--- a/roles/srv-web-7-4-core/tasks/01_core.yml
+++ b/roles/srv-web-7-4-core/tasks/01_core.yml
--- a/roles/srv-web-7-4-core/tasks/02_cleanup.yml
+++ b/roles/srv-web-7-4-core/tasks/02_cleanup.yml
--- a/roles/srv-web-7-4-core/tasks/03_reset.yml
+++ b/roles/srv-web-7-4-core/tasks/03_reset.yml
--- a/roles/srv-web-7-4-core/tasks/04_directories.yml
+++ b/roles/srv-web-7-4-core/tasks/04_directories.yml
--- a/roles/srv-web-7-4-core/tasks/main.yml
+++ b/roles/srv-web-7-4-core/tasks/main.yml
@ -2,4 +2,4 @@
 - block:
  - include_tasks: 01_core.yml
  - include_tasks: utils/run_once.yml
-  when: run_once_srv_web_7_4_core is not defined
+  when: run_once_srv_core is not defined
--- a/roles/srv-web-7-4-core/templates/nginx.conf.j2
+++ b/roles/srv-web-7-4-core/templates/nginx.conf.j2
--- a/roles/srv-domain-provision/README.md
+++ b/roles/srv-domain-provision/README.md
@ -6,11 +6,11 @@ This role bootstraps **per-domain Nginx configuration**: it requests TLS certifi
 ## Overview
-A higher-level orchestration wrapper, *srv-proxy-6-6-domain* ties together several lower-level roles:
+A higher-level orchestration wrapper, *srv-domain-provision* ties together several lower-level roles:
 1. **`sys-srv-web-inj-compose`** – applies global tweaks and includes.  
-2. **`srv-web-6-6-tls-core`** – obtains Let’s Encrypt certificates.  
+2. **`srv-tls-core`** – obtains Let’s Encrypt certificates.  
-3. **Domain template deployment** – copies a Jinja2 vHost from *srv-proxy-7-4-core*.  
+3. **Domain template deployment** – copies a Jinja2 vHost from *srv-proxy-core*.  
 4. **`web-app-oauth2-proxy`** *(optional)* – protects the site with OAuth2.
 The result is a complete, reproducible domain rollout in a single playbook task.
--- a/roles/srv-domain-provision/defaults/main.yml
+++ b/roles/srv-domain-provision/defaults/main.yml
@ -2,4 +2,4 @@
 vhost_flavour:        "basic"               # valid: basic | ws_generic
 # build the full template path from the flavour
-vhost_template_src:   "roles/srv-proxy-7-4-core/templates/vhost/{{ vhost_flavour }}.conf.j2"
+vhost_template_src:   "roles/srv-proxy-core/templates/vhost/{{ vhost_flavour }}.conf.j2"
--- a/roles/srv-domain-provision/meta/main.yml
+++ b/roles/srv-domain-provision/meta/main.yml
--- a/roles/srv-domain-provision/tasks/01_cloudflare.yml
+++ b/roles/srv-domain-provision/tasks/01_cloudflare.yml
--- a/roles/srv-domain-provision/tasks/cloudflare/01_cleanup.yml
+++ b/roles/srv-domain-provision/tasks/cloudflare/01_cleanup.yml
--- a/roles/srv-domain-provision/tasks/cloudflare/02_enable_cf_dev_mode.yml
+++ b/roles/srv-domain-provision/tasks/cloudflare/02_enable_cf_dev_mode.yml
@ -1,4 +1,4 @@
-# roles/srv-proxy-6-6-domain/tasks/02_enable_cf_dev_mode.yml
+# roles/srv-domain-provision/tasks/02_enable_cf_dev_mode.yml
 ---
 # Enables Cloudflare Development Mode (bypasses cache for ~3 hours).
 # Uses the same auth token as in 01_cleanup.yml: CLOUDFLARE_API_TOKEN
--- a/roles/srv-domain-provision/tasks/main.yml
+++ b/roles/srv-domain-provision/tasks/main.yml
@ -1,10 +1,10 @@
 - block:
-  - name: Include dependency 'srv-proxy-7-4-core'
+  - name: Include dependency 'srv-proxy-core'
    include_role:
-      name: srv-proxy-7-4-core
+      name: srv-proxy-core
-    when: run_once_srv_proxy_7_4_core is not defined
+    when: run_once_srv_proxy_core is not defined
  - include_tasks: utils/run_once.yml
-  when: run_once_srv_proxy_6_6_domain is not defined
+  when: run_once_srv_domain_provision is not defined
 - include_tasks: "01_cloudflare.yml"
  when: DNS_PROVIDER == "cloudflare"
@ -15,7 +15,7 @@
 - name: "include role for {{ domain }} to receive certificates and do the modification routines"
  include_role:
-    name: srv-web-7-6-composer
+    name: srv-composer
 - name: "Copy nginx config to {{ configuration_destination }}"
  template:
--- a/roles/srv-domain-provision/vars/main.yml
+++ b/roles/srv-domain-provision/vars/main.yml
--- a/roles/srv-web-7-6-https/README.md
+++ b/roles/srv-web-7-6-https/README.md
@ -1,23 +1,23 @@
 # Webserver HTTPS Provisioning 🚀
 ## Description
-The **srv-web-7-6-https** role extends a basic Nginx installation by wiring in everything you need to serve content over HTTPS:
+The **srv-https-stack** role extends a basic Nginx installation by wiring in everything you need to serve content over HTTPS:
 1. Ensures your Nginx server is configured for SSL/TLS.
 2. Pulls in Let’s Encrypt ACME challenge handling.
 3. Applies global cleanup of unused domain configs.
-This role is built on top of your existing `srv-web-7-4-core` role, and it automates the end-to-end process of turning HTTP sites into secure HTTPS sites.
+This role is built on top of your existing `srv-core` role, and it automates the end-to-end process of turning HTTP sites into secure HTTPS sites.
 ---
 ## Overview
-When you apply **srv-web-7-6-https**, it will:
+When you apply **srv-https-stack**, it will:
-1. **Include** the `srv-web-7-4-core` role to install and configure Nginx.  
+1. **Include** the `srv-core` role to install and configure Nginx.  
 2. **Clean up** any stale vHost files under `sys-svc-cln-domains`.  
-3. **Deploy** the Let’s Encrypt challenge-and-redirect snippet from `srv-web-7-7-letsencrypt`.  
+3. **Deploy** the Let’s Encrypt challenge-and-redirect snippet from `srv-letsencrypt`.  
 4. **Reload** Nginx automatically when any template changes.
 All tasks are idempotent—once your certificates are in place and your configuration is set, Ansible will skip unchanged steps on subsequent runs.
@ -42,7 +42,7 @@ All tasks are idempotent—once your certificates are in place and your configur
 ## Requirements
- A working `srv-web-7-4-core` setup.
+- A working `srv-core` setup.
 - DNS managed via Cloudflare (for CAA record tasks) or equivalent ACME DNS flow.
 - Variables:
  - `LETSENCRYPT_WEBROOT_PATH`  
--- a/roles/srv-web-7-6-https/meta/main.yml
+++ b/roles/srv-web-7-6-https/meta/main.yml
--- a/roles/srv-web-7-6-https/tasks/main.yml
+++ b/roles/srv-web-7-6-https/tasks/main.yml
@ -3,8 +3,8 @@
    include_role:
      name: '{{ item }}'
    loop:
-    - srv-web-7-4-core
+    - srv-core
    - sys-svc-cln-domains
-    - srv-web-7-7-letsencrypt
+    - srv-letsencrypt
  - include_tasks: utils/run_once.yml
-  when: run_once_srv_web_7_6_https is not defined
+  when: run_once_srv_https_stack is not defined
--- a/roles/srv-web-7-7-letsencrypt/README.md
+++ b/roles/srv-web-7-7-letsencrypt/README.md
--- a/roles/srv-web-7-7-letsencrypt/TODO.md
+++ b/roles/srv-web-7-7-letsencrypt/TODO.md
--- a/roles/srv-web-7-7-letsencrypt/meta/main.yml
+++ b/roles/srv-web-7-7-letsencrypt/meta/main.yml
--- a/roles/srv-web-7-7-letsencrypt/tasks/01_core.yml
+++ b/roles/srv-web-7-7-letsencrypt/tasks/01_core.yml
--- a/roles/srv-web-7-7-letsencrypt/tasks/01_set-caa-records.yml
+++ b/roles/srv-web-7-7-letsencrypt/tasks/01_set-caa-records.yml
--- a/roles/srv-web-7-7-letsencrypt/tasks/main.yml
+++ b/roles/srv-web-7-7-letsencrypt/tasks/main.yml
@ -1,4 +1,4 @@
 - block:
  - include_tasks: 01_core.yml
  - include_tasks: utils/run_once.yml
-  when: run_once_srv_web_7_7_letsencrypt is not defined
+  when: run_once_srv_letsencrypt is not defined
--- a/roles/srv-web-7-7-letsencrypt/templates/letsencrypt.conf.j2
+++ b/roles/srv-web-7-7-letsencrypt/templates/letsencrypt.conf.j2
--- a/roles/srv-web-7-7-letsencrypt/templates/ssl_credentials.j2
+++ b/roles/srv-web-7-7-letsencrypt/templates/ssl_credentials.j2
--- a/roles/srv-web-7-7-letsencrypt/templates/ssl_header.j2
+++ b/roles/srv-web-7-7-letsencrypt/templates/ssl_header.j2
@ -12,4 +12,4 @@ ssl_session_tickets on;
 add_header Strict-Transport-Security max-age=15768000;
 ssl_stapling on;
 ssl_stapling_verify on;
-{% include 'roles/srv-web-7-7-letsencrypt/templates/ssl_credentials.j2' %}
+{% include 'roles/srv-letsencrypt/templates/ssl_credentials.j2' %}
--- a/roles/srv-web-7-7-letsencrypt/vars/main.yml
+++ b/roles/srv-web-7-7-letsencrypt/vars/main.yml
--- a/roles/srv-proxy-7-4-core/README.md
+++ b/roles/srv-proxy-7-4-core/README.md
@ -16,7 +16,7 @@ The goal of this role is to deliver a **hassle-free, production-ready reverse pr
 ## Features
- **Automatic TLS & HSTS** — integrates with the *srv-web-7-6-https* role for certificate management.  
+- **Automatic TLS & HSTS** — integrates with the *srv-https-stack* role for certificate management.  
 - **Flexible vHost templates** — *basic* and *ws_generic* flavours cover standard HTTP and WebSocket applications.  
 - **Security headers** — sensible defaults plus optional X-Frame-Options / CSP based on application settings.  
 - **WebSocket & HTTP/2 aware** — upgrades, keep-alive tuning, and gzip already configured.  
--- a/roles/srv-proxy-7-4-core/Todo.md
+++ b/roles/srv-proxy-7-4-core/Todo.md
--- a/roles/srv-proxy-7-4-core/meta/main.yml
+++ b/roles/srv-proxy-7-4-core/meta/main.yml
--- a/roles/srv-proxy-7-4-core/tasks/main.yml
+++ b/roles/srv-proxy-7-4-core/tasks/main.yml
@ -3,7 +3,7 @@
    include_role:
      name: '{{ item }}'
    loop:
-    - srv-web-7-6-https
+    - srv-https-stack
-    - srv-web-7-4-core
+    - srv-core
  - include_tasks: utils/run_once.yml
-  when: run_once_srv_proxy_7_4_core is not defined
+  when: run_once_srv_proxy_core is not defined
--- a/roles/srv-proxy-7-4-core/templates/headers/content_security_policy.conf.j2
+++ b/roles/srv-proxy-7-4-core/templates/headers/content_security_policy.conf.j2
--- a/roles/srv-proxy-7-4-core/templates/location/README.md
+++ b/roles/srv-proxy-7-4-core/templates/location/README.md
@ -1,6 +1,6 @@
 # Nginx Location Templates
-This directory contains Jinja2 templates for different Nginx `location` blocks, each designed to proxy and optimize different types of web traffic. These templates are used by the `srv-proxy-7-4-core` role to modularize and standardize reverse proxy configuration across a wide variety of applications.
+This directory contains Jinja2 templates for different Nginx `location` blocks, each designed to proxy and optimize different types of web traffic. These templates are used by the `srv-proxy-core` role to modularize and standardize reverse proxy configuration across a wide variety of applications.
 ---
--- a/roles/srv-proxy-7-4-core/templates/location/Todo.md
+++ b/roles/srv-proxy-7-4-core/templates/location/Todo.md
--- a/roles/srv-proxy-7-4-core/templates/location/html.conf.j2
+++ b/roles/srv-proxy-7-4-core/templates/location/html.conf.j2
@ -16,7 +16,7 @@ location {{location}}
  proxy_set_header X-Forwarded-Proto $scheme;
  proxy_set_header X-Forwarded-Port {{ WEB_PORT }};
-  {% include 'roles/srv-proxy-7-4-core/templates/headers/content_security_policy.conf.j2' %}
+  {% include 'roles/srv-proxy-core/templates/headers/content_security_policy.conf.j2' %}
  # WebSocket specific header
  proxy_http_version 1.1;
--- a/roles/srv-proxy-7-4-core/templates/location/media.conf.j2
+++ b/roles/srv-proxy-7-4-core/templates/location/media.conf.j2
--- a/roles/srv-proxy-7-4-core/templates/location/upload.conf.j2
+++ b/roles/srv-proxy-7-4-core/templates/location/upload.conf.j2
--- a/roles/srv-proxy-7-4-core/templates/location/ws.conf.j2
+++ b/roles/srv-proxy-7-4-core/templates/location/ws.conf.j2
--- a/roles/srv-proxy-7-4-core/templates/vhost/README.md
+++ b/roles/srv-proxy-7-4-core/templates/vhost/README.md
--- a/roles/srv-proxy-7-4-core/templates/vhost/basic.conf.j2
+++ b/roles/srv-proxy-7-4-core/templates/vhost/basic.conf.j2
@ -13,7 +13,7 @@ server
    {{ proxy_extra_configuration }}
  {% endif %}
-  {% include 'roles/srv-web-7-7-letsencrypt/templates/ssl_header.j2' %}
+  {% include 'roles/srv-letsencrypt/templates/ssl_header.j2' %}
  {% if applications | get_app_conf(application_id, 'features.oauth2', False) %}
    {% set acl = applications | get_app_conf(application_id, 'oauth2_proxy.acl', False, {}) %}
@ -22,38 +22,38 @@ server
      {# 1. Expose everything by default, then protect blacklisted paths #}
      {% set oauth2_proxy_enabled = false %}
      {% set location = "/" %}
-      {% include 'roles/srv-proxy-7-4-core/templates/location/html.conf.j2' %}
+      {% include 'roles/srv-proxy-core/templates/location/html.conf.j2' %}
      {% for loc in acl.blacklist %}
        {% set oauth2_proxy_enabled = true %}
        {% set location = loc %}
-        {% include 'roles/srv-proxy-7-4-core/templates/location/html.conf.j2' %}
+        {% include 'roles/srv-proxy-core/templates/location/html.conf.j2' %}
      {% endfor %}
    {% elif acl.whitelist is defined %}
      {# 2. Protect everything by default, then expose whitelisted paths #}
      {% set oauth2_proxy_enabled = true %}
      {% set location = "/" %}
-      {% include 'roles/srv-proxy-7-4-core/templates/location/html.conf.j2' %}
+      {% include 'roles/srv-proxy-core/templates/location/html.conf.j2' %}
      {% for loc in acl.whitelist %}
        {% set oauth2_proxy_enabled = false %}
        {% set location = loc %}
-        {% include 'roles/srv-proxy-7-4-core/templates/location/html.conf.j2' %}
+        {% include 'roles/srv-proxy-core/templates/location/html.conf.j2' %}
      {% endfor %}
    {% else %}
      {# 3. OAuth2 enabled but no (or empty) ACL — protect all #}
      {% set oauth2_proxy_enabled = true %}
      {% set location = "/" %}
-      {% include 'roles/srv-proxy-7-4-core/templates/location/html.conf.j2' %}
+      {% include 'roles/srv-proxy-core/templates/location/html.conf.j2' %}
    {% endif %}
  {% else %}
    {# 4. OAuth2 completely disabled — expose all #}
    {% set oauth2_proxy_enabled = false %}
    {% set location = "/" %}
-    {% include 'roles/srv-proxy-7-4-core/templates/location/html.conf.j2' %}
+    {% include 'roles/srv-proxy-core/templates/location/html.conf.j2' %}
  {% endif %}
 }
--- a/roles/srv-proxy-7-4-core/templates/vhost/ws_generic.conf.j2
+++ b/roles/srv-proxy-7-4-core/templates/vhost/ws_generic.conf.j2
@ -6,7 +6,7 @@ map $http_upgrade $connection_upgrade {
 server {
  server_name {{ domain }};
-  {% include 'roles/srv-web-7-7-letsencrypt/templates/ssl_header.j2' %}
+  {% include 'roles/srv-letsencrypt/templates/ssl_header.j2' %}
  {% include 'roles/sys-srv-web-inj-compose/templates/server.conf.j2' %}
@ -25,10 +25,10 @@ server {
  add_header Strict-Transport-Security "max-age=31536000";
-  {% include 'roles/srv-proxy-7-4-core/templates/location/html.conf.j2' %}
+  {% include 'roles/srv-proxy-core/templates/location/html.conf.j2' %}
  {% if location_ws is defined %}
-    {% include 'roles/srv-proxy-7-4-core/templates/location/ws.conf.j2' %}
+    {% include 'roles/srv-proxy-core/templates/location/ws.conf.j2' %}
  {% endif %}
  error_page 500 501 502 503 504 /500.html;
--- a/roles/srv-web-6-6-tls-core/README.md
+++ b/roles/srv-web-6-6-tls-core/README.md
--- a/roles/srv-web-6-6-tls-core/meta/main.yml
+++ b/roles/srv-web-6-6-tls-core/meta/main.yml
--- a/roles/srv-web-6-6-tls-core/tasks/flavors/dedicated.yml
+++ b/roles/srv-web-6-6-tls-core/tasks/flavors/dedicated.yml
--- a/roles/srv-web-6-6-tls-core/tasks/flavors/san.yml
+++ b/roles/srv-web-6-6-tls-core/tasks/flavors/san.yml
--- a/roles/srv-web-6-6-tls-core/tasks/flavors/wildcard.yml
+++ b/roles/srv-web-6-6-tls-core/tasks/flavors/wildcard.yml
--- a/roles/srv-web-6-6-tls-core/tasks/main.yml
+++ b/roles/srv-web-6-6-tls-core/tasks/main.yml
@ -1,10 +1,10 @@
 - block:
-  - name: Include dependency 'srv-web-7-6-https'
+  - name: Include dependency 'srv-https-stack'
    include_role:
-      name: srv-web-7-6-https
+      name: srv-https-stack
-    when: run_once_srv_web_7_6_https is not defined
+    when: run_once_srv_https_stack is not defined
  - include_tasks: utils/run_once.yml
-  when: run_once_srv_web_6_6_tls_core is not defined
+  when: run_once_srv_tls_core is not defined
 - name: "Include flavor '{{ CERTBOT_FLAVOR }}' for '{{ domain }}'"
  include_tasks: "{{ role_path }}/tasks/flavors/{{ CERTBOT_FLAVOR }}.yml"
--- a/roles/srv-web-7-6-composer/tasks/main.yml
+++ b/roles/srv-web-7-6-composer/tasks/main.yml
@ -1,9 +0,0 @@
 # run_once_srv_web_7_6_composer: deactivated
 - name: "include role sys-srv-web-inj-compose for '{{ domain }}'"
  include_role: 
    name: sys-srv-web-inj-compose
 - name: "include role srv-web-6-6-tls-core for '{{ domain }}'"
  include_role: 
    name: srv-web-6-6-tls-core
--- a/roles/svc-db-openldap/templates/nginx.stream.conf.j2
+++ b/roles/svc-db-openldap/templates/nginx.stream.conf.j2
@ -2,5 +2,5 @@ server {
    listen {{ ports.public.ldaps['svc-db-openldap'] }}ssl;
    proxy_pass 127.0.0.1:{{ ports.localhost.ldap['svc-db-openldap'] }};
-    {% include 'roles/srv-web-7-7-letsencrypt/templates/ssl_credentials.j2' %}
+    {% include 'roles/srv-letsencrypt/templates/ssl_credentials.j2' %}
 }
--- a/roles/sys-ctl-mtn-cert-renew/tasks/01_core.yml
+++ b/roles/sys-ctl-mtn-cert-renew/tasks/01_core.yml
@ -3,7 +3,7 @@
    name: '{{ item }}'
  loop:
  - sys-svc-certbot
-  - srv-web-7-4-core
+  - srv-core
  - sys-ctl-alm-compose
 - name: install certbot
--- a/roles/sys-srv-web-inj-compose/tasks/main.yml
+++ b/roles/sys-srv-web-inj-compose/tasks/main.yml
@ -3,10 +3,10 @@
    inj_enabled: "{{ applications | inj_enabled(application_id, SRV_WEB_INJ_COMP_FEATURES_ALL) }}"
 - block:
-  - name: Include dependency 'srv-web-7-4-core'
+  - name: Include dependency 'srv-core'
    include_role:
-      name: srv-web-7-4-core
+      name: srv-core
-    when: run_once_srv_web_7_4_core is not defined
+    when: run_once_srv_core is not defined
  - include_tasks: utils/run_once.yml
  when: run_once_sys_srv_web_inj_compose is not defined
--- a/roles/sys-srv-web-inj-css/tasks/01_core.yml
+++ b/roles/sys-srv-web-inj-css/tasks/01_core.yml
@ -1,7 +1,7 @@
- name: Include dependency 'srv-web-7-4-core'
+- name: Include dependency 'srv-core'
  include_role:
-    name: srv-web-7-4-core
+    name: srv-core
-  when: run_once_srv_web_7_4_core is not defined
+  when: run_once_srv_core is not defined
 - name: Generate color palette with colorscheme-generator
  set_fact:
--- a/roles/sys-srv-web-inj-desktop/tasks/main.yml
+++ b/roles/sys-srv-web-inj-desktop/tasks/main.yml
@ -1,8 +1,8 @@
 - block:
-  - name: Include dependency 'srv-web-7-4-core'
+  - name: Include dependency 'srv-core'
    include_role:
-      name: srv-web-7-4-core
+      name: srv-core
-    when: run_once_srv_web_7_4_core is not defined
+    when: run_once_srv_core is not defined
  - include_tasks: 01_deploy.yml
  - include_tasks: utils/run_once.yml
  when: run_once_sys_srv_web_inj_desktop is not defined
--- a/roles/sys-srv-web-inj-javascript/tasks/main.yml
+++ b/roles/sys-srv-web-inj-javascript/tasks/main.yml
@ -1,9 +1,9 @@
 - block:
-  - name: Include dependency 'srv-web-7-4-core'
+  - name: Include dependency 'srv-core'
    include_role:
-      name: srv-web-7-4-core
+      name: srv-core
-    when: run_once_srv_web_7_4_core is not defined
+    when: run_once_srv_core is not defined
  - include_tasks: utils/run_once.yml
  when: run_once_sys_srv_web_inj_javascript is not defined
--- a/roles/sys-srv-web-inj-logout/tasks/01_core.yml
+++ b/roles/sys-srv-web-inj-logout/tasks/01_core.yml
@ -1,8 +1,8 @@
- name: Include dependency 'srv-web-7-4-core'
+- name: Include dependency 'srv-core'
  include_role:
-    name: srv-web-7-4-core
+    name: srv-core
  when: 
-    - run_once_srv_web_7_4_core is not defined
+    - run_once_srv_core is not defined
 - name: "deploy the logout.js"
  include_tasks: "02_deploy.yml"
--- a/roles/sys-srv-web-inj-matomo/tasks/main.yml
+++ b/roles/sys-srv-web-inj-matomo/tasks/main.yml
@ -1,8 +1,8 @@
 - block:
-  - name: Include dependency 'srv-web-7-4-core'
+  - name: Include dependency 'srv-core'
    include_role:
-      name: srv-web-7-4-core
+      name: srv-core
-    when: run_once_srv_web_7_4_core is not defined
+    when: run_once_srv_core is not defined
  - include_tasks: utils/run_once.yml
  when: run_once_sys_srv_web_inj_matomo is not defined
--- a/roles/sys-svc-cln-domains/tasks/main.yml
+++ b/roles/sys-svc-cln-domains/tasks/main.yml
@ -3,7 +3,7 @@
    include_role:
      name: '{{ item }}'
    loop:
-    - srv-web-7-4-core
+    - srv-core
  - name: Include task to remove deprecated nginx configs
    include_tasks: remove_deprecated_nginx_configs.yml
--- a/roles/web-app-attendize/tasks/main.yml
+++ b/roles/web-app-attendize/tasks/main.yml
@ -1,7 +1,7 @@
 ---
 - name: "For '{{ application_id }}': include role to receive certs & do modification routines"
  include_role:
-    name: srv-web-7-6-composer
+    name: srv-composer
  vars:
    domain: "{{ item }}"
    http_port:   "{{ ports.localhost.http[application_id] }}"
@ -17,7 +17,7 @@
 - name: "For '{{ application_id }}': configure {{ domains | get_domain(application_id) }}.conf"
  template: 
-    src: roles/srv-proxy-7-4-core/templates/vhost/basic.conf.j2 
+    src: roles/srv-proxy-core/templates/vhost/basic.conf.j2 
    dest: "{{ NGINX.DIRECTORIES.HTTP.SERVERS }}{{ domains | get_domain(application_id) }}.conf"
  notify: restart openresty
--- a/roles/web-app-bigbluebutton/README.md
+++ b/roles/web-app-bigbluebutton/README.md
@ -35,7 +35,7 @@ By default, BigBlueButton is deployed with best-practice hardening, modular secr
 ## System Requirements
 - Arch Linux with Docker, Compose, and Nginx roles pre-installed
- DNS and reverse proxy configuration using `srv-proxy-7-4-core`
+- DNS and reverse proxy configuration using `srv-proxy-core`
 - Functional email system for Greenlight SMTP
 ## Important Resources
--- a/roles/web-app-bigbluebutton/tasks/main.yml
+++ b/roles/web-app-bigbluebutton/tasks/main.yml
@ -3,7 +3,7 @@
  set_fact:
    proxy_extra_configuration: >-
      {{ lookup('ansible.builtin.template',
-                playbook_dir ~ '/roles/srv-proxy-7-4-core/templates/location/html.conf.j2') | trim }}
+                playbook_dir ~ '/roles/srv-proxy-core/templates/location/html.conf.j2') | trim }}
  vars:
    location: '^~ /html5client'
    oauth2_proxy_enabled: false
--- a/roles/web-app-bluesky/tasks/main.yml
+++ b/roles/web-app-bluesky/tasks/main.yml
@ -2,9 +2,9 @@
  include_role: 
    name: docker-compose
- name: "include role srv-proxy-6-6-domain for {{ application_id }}"
+- name: "include role srv-domain-provision for {{ application_id }}"
  include_role:
-    name: srv-proxy-6-6-domain
+    name: srv-domain-provision
  vars:
    domain: "{{ item.domain }}"
    http_port: "{{ item.http_port }}"
--- a/roles/web-app-elk/tasks/main.yml
+++ b/roles/web-app-elk/tasks/main.yml
@ -1,8 +1,8 @@
 ---
- name: "include role srv-proxy-6-6-domain for {{ application_id }}"
+- name: "include role srv-domain-provision for {{ application_id }}"
  include_role:
-    name: srv-proxy-6-6-domain
+    name: srv-domain-provision
  vars:
    domain:   "{{ domains | get_domain(application_id) }}"
    http_port:   "{{ ports.localhost.http[application_id] }}"
--- a/roles/web-app-fusiondirectory/README.md
+++ b/roles/web-app-fusiondirectory/README.md
@ -9,7 +9,7 @@ This Ansible role deploys and configures [FusionDirectory](https://www.fusiondir
 - Loads and templating of FusionDirectory-specific variables  
 - Generates a `.env` file for the container environment  
 - Deploys the FusionDirectory container via Docker Compose  
- Configures NGINX (via the `srv-proxy-6-6-domain` role) to expose the service  
+- Configures NGINX (via the `srv-domain-provision` role) to expose the service  
 - Integrates with your central LDAP server for authentication  
 ## Features
--- a/roles/web-app-mastodon/tasks/main.yml
+++ b/roles/web-app-mastodon/tasks/main.yml
@ -1,7 +1,7 @@
 ---
 - name: "Include setup for domain '{{ domain }}'"
  include_role: 
-    name: srv-proxy-6-6-domain
+    name: srv-domain-provision
  loop: "{{ domains['web-app-mastodon'] }}"
  loop_control:
    loop_var: domain
--- a/roles/web-app-matrix/tasks/03_webserver.yml
+++ b/roles/web-app-matrix/tasks/03_webserver.yml
@ -9,16 +9,16 @@
    src:  "well-known.j2" 
    dest: "{{ MATRIX_WELL_KNOWN_FILE }}"
- name: "include role srv-proxy-6-6-domain for {{ MATRIX_ELEMENT_DOMAIN }}"
+- name: "include role srv-domain-provision for {{ MATRIX_ELEMENT_DOMAIN }}"
  include_role: 
-    name: srv-proxy-6-6-domain
+    name: srv-domain-provision
  vars:        
    domain:     "{{ MATRIX_ELEMENT_DOMAIN }}"
    http_port:  "{{ MATRIX_ELEMENT_PORT }}"
 - name: "include role for {{ application_id }} to receive certs & do modification routines for {{ MATRIX_SYNAPSE_DOMAIN }}"
  include_role:
-    name: srv-web-7-6-composer
+    name: srv-composer
  vars:
    domain:     "{{ MATRIX_SYNAPSE_DOMAIN }}"
    http_port:  "{{ MATRIX_SYNAPSE_PORT }}"
--- a/roles/web-app-matrix/templates/nginx.conf.j2
+++ b/roles/web-app-matrix/templates/nginx.conf.j2
@ -1,6 +1,6 @@
 server {
    server_name {{ domain }};
-    {% include 'roles/srv-web-7-7-letsencrypt/templates/ssl_header.j2' %}
+    {% include 'roles/srv-letsencrypt/templates/ssl_header.j2' %}
    # For the federation port
    listen {{ FEDERATION_PORT }} ssl default_server;
@ -8,7 +8,7 @@ server {
    {% include 'roles/sys-srv-web-inj-compose/templates/server.conf.j2'%}
-    {% include 'roles/srv-proxy-7-4-core/templates/location/html.conf.j2' %}
+    {% include 'roles/srv-proxy-core/templates/location/html.conf.j2' %}
-    {% include 'roles/srv-proxy-7-4-core/templates/location/upload.conf.j2' %}
+    {% include 'roles/srv-proxy-core/templates/location/upload.conf.j2' %}
 }
--- a/roles/web-app-mybb/tasks/main.yml
+++ b/roles/web-app-mybb/tasks/main.yml
@ -1,8 +1,8 @@
 - block:
-  - name: Include dependency 'srv-proxy-7-4-core'
+  - name: Include dependency 'srv-proxy-core'
    include_role:
-      name: srv-proxy-7-4-core
+      name: srv-proxy-core
-    when: run_once_srv_proxy_7_4_core is not defined
+    when: run_once_srv_proxy_core is not defined
  - include_tasks: utils/run_once.yml
  when: run_once_web_app_mybb is not defined
--- a/roles/web-app-mybb/tasks/setup-domain.yml
+++ b/roles/web-app-mybb/tasks/setup-domain.yml
@ -1,12 +1,12 @@
 - name: "include role receive certbot certificate"
  include_role: 
-    name: srv-web-6-6-tls-core
+    name: srv-tls-core
  vars:
    domain: "{{ domains | get_domain(application_id) }}"
 - name: configure {{ domains | get_domain(application_id) }}.conf
  template: 
-    src:  "roles/srv-proxy-7-4-core/templates/vhost/basic.conf.j2" 
+    src:  "roles/srv-proxy-core/templates/vhost/basic.conf.j2" 
    dest: "{{ NGINX.DIRECTORIES.HTTP.SERVERS }}{{ domains | get_domain(application_id) }}.conf"
  notify: restart openresty
  vars: 
--- a/roles/web-app-nextcloud/tasks/main.yml
+++ b/roles/web-app-nextcloud/tasks/main.yml
@ -11,7 +11,7 @@
 - name: "include role for {{ application_id }} to receive certs & do modification routines"
  include_role:
-    name: srv-web-7-6-composer
+    name: srv-composer
 - name: create nextcloud proxy configuration file
  template: 
--- a/roles/web-app-nextcloud/templates/nginx/host.conf.j2
+++ b/roles/web-app-nextcloud/templates/nginx/host.conf.j2
@ -4,7 +4,7 @@ server
 {
  server_name {{ domain }};
-  {% include 'roles/srv-web-7-7-letsencrypt/templates/ssl_header.j2' %}
+  {% include 'roles/srv-letsencrypt/templates/ssl_header.j2' %}
  {% include 'roles/sys-srv-web-inj-compose/templates/server.conf.j2'%}
@ -19,7 +19,7 @@ server
  client_body_buffer_size 400M;
  fastcgi_buffers 64 4K;
-  {% include 'roles/srv-proxy-7-4-core/templates/location/html.conf.j2' %}
+  {% include 'roles/srv-proxy-core/templates/location/html.conf.j2' %}
  location ^~ /.well-known {
    rewrite ^/\.well-known/host-meta\.json  /public.php?service=host-meta-json  last;
--- a/roles/web-app-peertube/tasks/create-domains.yml
+++ b/roles/web-app-peertube/tasks/create-domains.yml
@ -1,6 +1,6 @@
 - name: "include role for {{ application_id }} to receive certs & do modification routines"
  include_role:
-    name: srv-web-7-6-composer
+    name: srv-composer
 - name: configure {{ domain }}.conf
  template: 
--- a/roles/web-app-peertube/templates/peertube.conf.j2
+++ b/roles/web-app-peertube/templates/peertube.conf.j2
@ -1,18 +1,18 @@
 server {
  server_name {{ domain }};
-  {% include 'roles/srv-web-7-7-letsencrypt/templates/ssl_header.j2' %}
+  {% include 'roles/srv-letsencrypt/templates/ssl_header.j2' %}
  {% include 'roles/sys-srv-web-inj-compose/templates/server.conf.j2'%}
-  {% include 'roles/srv-proxy-7-4-core/templates/headers/content_security_policy.conf.j2' %}
+  {% include 'roles/srv-proxy-core/templates/headers/content_security_policy.conf.j2' %}
  ##
  # Application
  ##
  {% set location = "@html" %}
-  {% include 'roles/srv-proxy-7-4-core/templates/location/html.conf.j2' %}
+  {% include 'roles/srv-proxy-core/templates/location/html.conf.j2' %}
  location / {
    try_files /dev/null {{ location }};
@ -45,7 +45,7 @@ server {
  ##
  {% set location_ws = "@websocket" %}
-  {% include 'roles/srv-proxy-7-4-core/templates/location/ws.conf.j2' %}
+  {% include 'roles/srv-proxy-core/templates/location/ws.conf.j2' %}
  location /socket.io {
    try_files /dev/null {{ location_ws }};
--- a/roles/web-app-syncope/tasks/main.yml
+++ b/roles/web-app-syncope/tasks/main.yml
@ -1,7 +1,7 @@
 ---
 - name: "include role for {{ application_id }} to receive certs & do modification routines"
  include_role:
-    name: srv-web-7-6-composer
+    name: srv-composer
 - name: "load docker and db for {{ application_id }}"
  include_role: 
--- a/roles/web-app-syncope/templates/proxy.conf
+++ b/roles/web-app-syncope/templates/proxy.conf
@ -13,10 +13,10 @@ server
    {{ proxy_extra_configuration }}
  {% endif %}
-  {% include 'roles/srv-web-7-7-letsencrypt/templates/ssl_header.j2' %}
+  {% include 'roles/srv-letsencrypt/templates/ssl_header.j2' %}
  {% for path in syncope_paths.values() %}
    {% set location =  WEB_PROTOCOL ~ '://' ~ domains | get_domain(application_id) ~ '/' ~ path ~ '/' %}
-    {% include 'roles/srv-proxy-7-4-core/templates/location/html.conf.j2'%}
+    {% include 'roles/srv-proxy-core/templates/location/html.conf.j2'%}
  {% endfor %}
 }
--- a/roles/web-app-taiga/README.md
+++ b/roles/web-app-taiga/README.md
@ -39,7 +39,7 @@ By using this role, teams can set up Taiga in minutes on Arch Linux systems —
    - [taiga-contrib-oidc-auth (official)](https://github.com/taigaio/taiga-contrib-oidc-auth)
 - 📨 **Email Backend:** Supports SMTP and console backends for development.
 - 🔁 **Async & Realtime Events:** Includes RabbitMQ and support for Taiga’s event system.
- 🌐 **Reverse Proxy Ready:** Integrates with Nginx using the `srv-proxy-6-6-domain` role.
+- 🌐 **Reverse Proxy Ready:** Integrates with Nginx using the `srv-domain-provision` role.
 - 🧩 **Composable Design:** Integrates cleanly with other Infinito.Nexus infrastructure roles.
 ---
--- a/roles/web-app-wordpress/tasks/main.yml
+++ b/roles/web-app-wordpress/tasks/main.yml
@ -1,7 +1,7 @@
 ---
- name: "Include role srv-proxy-6-6-domain for {{ application_id }}"
+- name: "Include role srv-domain-provision for {{ application_id }}"
  include_role:
-    name: srv-proxy-6-6-domain
+    name: srv-domain-provision
  loop: "{{ wordpress_domains }}"
  loop_control:
    loop_var: domain
--- a/roles/web-opt-rdr-domains/README.md
+++ b/roles/web-opt-rdr-domains/README.md
@ -9,7 +9,7 @@ This Ansible role configures Nginx to perform 301 redirects from one domain to a
 ## Dependencies
- `srv-web-7-6-https`: A role for setting up HTTPS for Nginx
+- `srv-https-stack`: A role for setting up HTTPS for Nginx
 - `letsencrypt`: A role for managing SSL certificates with Let's Encrypt
 ## Author Information
--- a/roles/web-opt-rdr-domains/tasks/main.yml
+++ b/roles/web-opt-rdr-domains/tasks/main.yml
@ -1,8 +1,8 @@
 - block:
-  - name: Include dependency 'srv-web-7-6-https'
+  - name: Include dependency 'srv-https-stack'
    include_role:
-      name: srv-web-7-6-https
+      name: srv-https-stack
-    when: run_once_srv_web_7_6_https is not defined
+    when: run_once_srv_https_stack is not defined
  - include_tasks: utils/run_once.yml
  when: run_once_web_opt_rdr_domains is not defined
--- a/roles/web-opt-rdr-domains/tasks/redirect-domain.yml
+++ b/roles/web-opt-rdr-domains/tasks/redirect-domain.yml
@ -1,6 +1,6 @@
 - name: "include task receive certbot certificate"
  include_role: 
-    name: srv-web-6-6-tls-core
+    name: srv-tls-core
 - name: "Deploying NGINX redirect configuration for '{{ domain }}'"
  template:
--- a/roles/web-opt-rdr-domains/templates/redirect.domain.nginx.conf.j2
+++ b/roles/web-opt-rdr-domains/templates/redirect.domain.nginx.conf.j2
@ -1,6 +1,6 @@
 server {
  server_name {{ domain }};
-  {% include 'roles/srv-web-7-7-letsencrypt/templates/ssl_header.j2' %}
+  {% include 'roles/srv-letsencrypt/templates/ssl_header.j2' %}
  return 301 https://{{ target }}$request_uri;
 }
--- a/roles/web-opt-rdr-www/tasks/main.yml
+++ b/roles/web-opt-rdr-www/tasks/main.yml
@ -1,8 +1,8 @@
 - block:
-  - name: Include dependency 'srv-web-7-4-core'
+  - name: Include dependency 'srv-core'
    include_role:
-      name: srv-web-7-4-core
+      name: srv-core
-    when: run_once_srv_web_7_4_core is not defined
+    when: run_once_srv_core is not defined
  - include_tasks: utils/run_once.yml
  when: run_once_web_opt_rdr_www is not defined
--- a/roles/web-svc-cdn/tasks/01_core.yml
+++ b/roles/web-svc-cdn/tasks/01_core.yml
@ -2,12 +2,12 @@
  include_role:
    name: '{{ item }}'
  loop:
-  - srv-web-7-6-https
+  - srv-https-stack
  - dev-git
 - name: "include role for {{ application_id }} to receive certs & do modification routines"
  include_role:
-    name: srv-web-7-6-composer
+    name: srv-composer
  vars:
    http_port: "{{ ports.localhost.http[application_id] }}"
--- a/roles/web-svc-cdn/templates/nginx.conf.j2
+++ b/roles/web-svc-cdn/templates/nginx.conf.j2
@ -2,11 +2,11 @@ server
 {
  server_name {{ domains | get_domain(application_id) }};
-  {% include 'roles/srv-web-7-7-letsencrypt/templates/ssl_header.j2' %}
+  {% include 'roles/srv-letsencrypt/templates/ssl_header.j2' %}
  {% include 'roles/sys-srv-web-inj-compose/templates/server.conf.j2'%}
-  {% include 'roles/srv-proxy-7-4-core/templates/headers/content_security_policy.conf.j2' %}
+  {% include 'roles/srv-proxy-core/templates/headers/content_security_policy.conf.j2' %}
  charset utf-8;
--- a/roles/web-svc-collabora/templates/nginx.conf.j2
+++ b/roles/web-svc-collabora/templates/nginx.conf.j2
@ -1,22 +1,22 @@
 server {
  server_name {{ domain }};
-  {% include 'roles/srv-web-7-7-letsencrypt/templates/ssl_header.j2' %}
+  {% include 'roles/srv-letsencrypt/templates/ssl_header.j2' %}
  {% include 'roles/sys-srv-web-inj-compose/templates/server.conf.j2'%}
-  {% include 'roles/srv-proxy-7-4-core/templates/headers/content_security_policy.conf.j2' %}
+  {% include 'roles/srv-proxy-core/templates/headers/content_security_policy.conf.j2' %}
  {# Normal HTTP routes (discovery, browser, assets) – no Lua injection #}
  {% set proxy_lua_enabled = false %}
  {% set location = "/" %}
-  {% include 'roles/srv-proxy-7-4-core/templates/location/html.conf.j2' %}
+  {% include 'roles/srv-proxy-core/templates/location/html.conf.j2' %}
  {# Optional explicit fast path for discovery #}
  {% set location = "= " ~ container_healthcheck %}
-  {% include 'roles/srv-proxy-7-4-core/templates/location/html.conf.j2' %}
+  {% include 'roles/srv-proxy-core/templates/location/html.conf.j2' %}
  {# WebSocket handling for Collabora #}
  {% set location_ws = '^~ /cool/' %}
  {% set ws_port = http_port %}
-  {% include 'roles/srv-proxy-7-4-core/templates/location/ws.conf.j2' %}
+  {% include 'roles/srv-proxy-core/templates/location/ws.conf.j2' %}
 }
--- a/roles/web-svc-file/tasks/main.yml
+++ b/roles/web-svc-file/tasks/main.yml
@ -3,14 +3,14 @@
    include_role:
      name: '{{ item }}'
    loop:
-    - srv-web-7-6-https
+    - srv-https-stack
    - dev-git
  - include_tasks: utils/run_once.yml
  when: run_once_web_svc_file is not defined
 - name: "include role for {{ application_id }} to receive certs & do modification routines"
  include_role:
-    name: srv-web-7-6-composer
+    name: srv-composer
  vars:
    domain: "{{ domains | get_domain(application_id) }}"
    http_port: "{{ ports.localhost.http[application_id] }}"
--- a/roles/web-svc-file/templates/nginx.conf.j2
+++ b/roles/web-svc-file/templates/nginx.conf.j2
@ -2,11 +2,11 @@ server
 {
  server_name {{ domains | get_domain(application_id) }};
-  {% include 'roles/srv-web-7-7-letsencrypt/templates/ssl_header.j2' %}
+  {% include 'roles/srv-letsencrypt/templates/ssl_header.j2' %}
  {% include 'roles/sys-srv-web-inj-compose/templates/server.conf.j2'%}
-  {% include 'roles/srv-proxy-7-4-core/templates/headers/content_security_policy.conf.j2' %}
+  {% include 'roles/srv-proxy-core/templates/headers/content_security_policy.conf.j2' %}
  charset utf-8;
--- a/roles/web-svc-html/tasks/main.yml
+++ b/roles/web-svc-html/tasks/main.yml
@ -3,14 +3,14 @@
    include_role:
      name: '{{ item }}'
    loop:
-    - srv-web-7-6-https
+    - srv-https-stack
    - dev-git
  - include_tasks: utils/run_once.yml
  when: run_once_web_svc_html is not defined
 - name: "include role for {{ application_id }} to receive certs & do modification routines"
  include_role:
-    name: srv-web-7-6-composer
+    name: srv-composer
  vars:
    domain: "{{ domains | get_domain(application_id) }}"
    http_port: "{{ ports.localhost.http[application_id] }}"
--- a/Show More
+++ b/Show More