Refactored server roles for better readability

roles/sys-util-csp-cert/README.md

@@ -0,0 +1,23 @@
+# Role: sys-util-csp-cert
+
+This Ansible role composes and orchestrates all necessary HTTPS-layer tasks and HTML-content injections for your webserver domains. It integrates two key sub-roles into a unified workflow:
+
+1. **`sys-front-inj-all`**
+   Injects global HTML snippets (CSS, Matomo tracking, iFrame notifier, custom JavaScript) into responses using Nginx `sub_filter`.
+2. **`sys-svc-certs`**
+   Handles issuing, renewing, and managing TLS certificates via ACME/Certbot.
+
+By combining encryption setup with content enhancements, this role streamlines domain provisioning for secure, fully-featured HTTP/HTTPS delivery.
+
+## Features
+
+* **Unified HTTPS Orchestration**
+  Seamlessly sets up TLS and performs HTML-level content injections in one role.
+* **Content Injection**
+  Adds global theming, analytics, and custom scripts before `</head>` and tracking noscript tags before `</body>`.
+* **Certificate Management**
+  Automates cert issuance and renewal via `sys-svc-certs`.
+* **Idempotent Workflow**
+  Ensures each component runs only once per domain.
+* **Simplified Playbooks**
+  Call a single role to handle both security (TLS) and user-experience (injections).

roles/sys-util-csp-cert/meta/main.yml

@@ -0,0 +1,30 @@
+galaxy_info:
+  author: "Kevin Veen-Birkenbach"
+  description: "Composes HTTPS setup and HTML-content injections (CSS, Matomo, iFrame, JS) for webserver domains."
+  license: "Infinito.Nexus NonCommercial License"
+  license_url: "https://s.infinito.nexus/license"
+  company: |
+    Kevin Veen-Birkenbach
+    Consulting & Coaching Solutions
+    https://www.veen.world
+  min_ansible_version: "2.9"
+  platforms:
+    - name: Archlinux
+      versions:
+        - rolling
+    - name: Ubuntu
+      versions:
+        - all
+  galaxy_tags:
+    - webserver
+    - https
+    - tls
+    - injection
+    - css
+    - matomo
+    - iframe
+    - javascript
+    - orchestration
+  repository: "https://s.infinito.nexus/code"
+  issue_tracker_url: "https://s.infinito.nexus/issues"
+  documentation: "https://s.infinito.nexus/code/roles/sys-util-csp-cert"

roles/sys-util-csp-cert/tasks/main.yml

@@ -0,0 +1,9 @@
+# run_once_sys_util_csp_cert: deactivated
+
+- name: "include role sys-front-inj-all for '{{ domain }}'"
+  include_role: 
+    name: sys-front-inj-all
+
+- name: "include role sys-svc-certs for '{{ domain }}'"
+  include_role: 
+    name: sys-svc-certs