Solved Matomo domain bug and refactored

README.md

@@ -73,7 +73,7 @@ Contact me for more details:
 ## Showcases
 The following list showcases the extensive range of solutions that CyMaIS incorporates, each playing a vital role in providing a comprehensive, efficient, and secure IT infrastructure setup:
 
-[ELK Stack](./roles/docker-elk), [Intel Driver](./roles/driver-intel), [Nginx Docker Reverse Proxy](./roles/nginx-docker-reverse-proxy), [Sudo](./roles/sudo), [Funkwhale](./roles/docker-funkwhale), [MSI Keyboard Color Driver](./roles/driver-msi-keyboard-color), [Nginx Domain Redirect](./roles/nginx-domain-redirect), [GnuCash](./roles/pc-gnucash), [Backup Data to USB](./roles/backup-data-to-usb), [Gitea](./roles/docker-gitea), [Non-Free Driver](./roles/driver-non-free), [Nginx Homepage](./roles/nginx-static-repository), [Jrnl](./roles/pc-jrnl), [Systemd Notifier](./roles/systemd-notifier), [Backup Docker to Local](./roles/backup-docker-to-local), [Jenkins](./roles/docker-jenkins), [Git](./roles/git), [Nginx HTTPS](./roles/nginx-https), [Latex](./roles/pc-latex), [Email Notifier](./roles/systemd-notifier-email), [Remote to Local Backup Solution](./roles/backup-remote-to-local), [Joomla](./roles/docker-joomla), [Heal Defect Docker Installations](./roles/heal-docker), [Nginx Matomo Tracking](./roles/nginx-global-matomo), [LibreOffice](./roles/pc-libreoffice), [Telegram Notifier](./roles/systemd-notifier-telegram), [Listmonk](./roles/docker-listmonk), [Btrfs Health Check](./roles/health-btrfs), [Nginx WWW Redirect](./roles/nginx-global-www), [Network Analyze Tools](./roles/pc-network-analyze-tools), [System Security](./roles/system-security), [Mailu](./roles/docker-mailu), [Disc Space Health Check](./roles/health-disc-space), [Administrator Tools](./roles/pc-administrator-tools), [Nextcloud Client](./roles/pc-nextcloud), [Swapfile Setup](./roles/system-swapfile), [Backups Cleanup](./roles/cleanup-backups-service), [Mastodon](./roles/docker-mastodon), [Docker Container Health Checker](./roles/health-docker-container), [Blu-ray Player Tools](./roles/pc-bluray-player-tools), [Office](./roles/pc-office), [Update Solutions](./roles/update), [Matomo](./roles/docker-matomo), [Docker Volumes Health Checker](./roles/health-docker-volumes), [Caffeine](./roles/pc-caffeine), [Qbittorrent](./roles/pc-qbittorrent), [Update Apt](./roles/update-apt), [Disc Space Cleanup](./roles/cleanup-disc-space), [Matrix](./roles/docker-matrix), [Health Journalctl](./roles/health-journalctl), [Designer Tools](./roles/pc-designer-tools), [Security Tools](./roles/pc-security-tools), [Update Docker](./roles/update-docker), [Failed Docker Backups Cleanup](./roles/cleanup-failed-docker-backups), [MediaWiki](./roles/docker-mediawiki), [Nginx Health Checker](./roles/health-nginx), [Developer Tools](./roles/pc-developer-tools), [Spotify](./roles/pc-spotify), [Update Pacman](./roles/update-pacman), [Client Wireguard](./roles/client-wireguard), [MyBB](./roles/docker-mybb), [Developer Tools for Arduino](./roles/pc-developer-tools-arduino), [SSH](./roles/pc-ssh), [Update Yay](./roles/update-yay), [Client Setup for Wireguard Behind Firewall](./roles/client-wireguard-behind-firewall), [Nextcloud Server](./roles/docker-nextcloud), [Hunspell](./roles/hunspell), [Developer Tools for Bash](./roles/pc-developer-tools-bash), [Streaming Tools](./roles/pc-streaming-tools), [Administrator](./roles/user-administrator), [Docker](./roles/docker), [Peertube](./roles/docker-peertube), [Java](./roles/java), [Developer Tools for Java](./roles/pc-developer-tools-java), [Tor Browser](./roles/pc-torbrowser), [Video Conference](./roles/pc-video-conference), [Wireguard](./roles/wireguard), [Akaunting](./roles/docker-akaunting), [Pixelfed](./roles/docker-pixelfed), [Journalctl](./roles/journalctl), [Developer Tools for PHP](./roles/pc-developer-tools-php), [Virtual Box](./roles/pc-virtual-box), [Postfix](./roles/postfix), [Attendize](./roles/docker-attendize), [Wordpress](./roles/docker-wordpress), [Locales](./roles/locales), [Docker for End Users](./roles/pc-docker), [Games](./roles/pc-games), [Python Pip](./roles/python-pip), [Discourse](./roles/docker-discourse), [Epson Multiprinter Driver](./roles/driver-epson-multiprinter), [Nginx Certbot](./roles/nginx-certbot), [Git](./roles/pc-git), [SSHD](./roles/sshd), [YOURLS](./roles/docker-yourls), [BigBlueButton](./roles/docker-bigbluebutton),[System Maintenance Lock](./roles/system-maintenance-lock),[Open Project](./roles/docker-openproject)...
+[ELK Stack](./roles/docker-elk), [Intel Driver](./roles/driver-intel), [Nginx Docker Reverse Proxy](./roles/nginx-docker-reverse-proxy), [Sudo](./roles/sudo), [Funkwhale](./roles/docker-funkwhale), [MSI Keyboard Color Driver](./roles/driver-msi-keyboard-color), [Nginx Domain Redirect](./roles/nginx-redirect-domain), [GnuCash](./roles/pc-gnucash), [Backup Data to USB](./roles/backup-data-to-usb), [Gitea](./roles/docker-gitea), [Non-Free Driver](./roles/driver-non-free), [Nginx Homepage](./roles/nginx-static-repository), [Jrnl](./roles/pc-jrnl), [Systemd Notifier](./roles/systemd-notifier), [Backup Docker to Local](./roles/backup-docker-to-local), [Jenkins](./roles/docker-jenkins), [Git](./roles/git), [Nginx HTTPS](./roles/nginx-https), [Latex](./roles/pc-latex), [Email Notifier](./roles/systemd-notifier-email), [Remote to Local Backup Solution](./roles/backup-remote-to-local), [Joomla](./roles/docker-joomla), [Heal Defect Docker Installations](./roles/heal-docker), [Nginx Matomo Tracking](./roles/nginx-modifier-matomo), [LibreOffice](./roles/pc-libreoffice), [Telegram Notifier](./roles/systemd-notifier-telegram), [Listmonk](./roles/docker-listmonk), [Btrfs Health Check](./roles/health-btrfs), [Nginx WWW Redirect](./roles/nginx-redirect-www), [Network Analyze Tools](./roles/pc-network-analyze-tools), [System Security](./roles/system-security), [Mailu](./roles/docker-mailu), [Disc Space Health Check](./roles/health-disc-space), [Administrator Tools](./roles/pc-administrator-tools), [Nextcloud Client](./roles/pc-nextcloud), [Swapfile Setup](./roles/system-swapfile), [Backups Cleanup](./roles/cleanup-backups-service), [Mastodon](./roles/docker-mastodon), [Docker Container Health Checker](./roles/health-docker-container), [Blu-ray Player Tools](./roles/pc-bluray-player-tools), [Office](./roles/pc-office), [Update Solutions](./roles/update), [Matomo](./roles/docker-matomo), [Docker Volumes Health Checker](./roles/health-docker-volumes), [Caffeine](./roles/pc-caffeine), [Qbittorrent](./roles/pc-qbittorrent), [Update Apt](./roles/update-apt), [Disc Space Cleanup](./roles/cleanup-disc-space), [Matrix](./roles/docker-matrix), [Health Journalctl](./roles/health-journalctl), [Designer Tools](./roles/pc-designer-tools), [Security Tools](./roles/pc-security-tools), [Update Docker](./roles/update-docker), [Failed Docker Backups Cleanup](./roles/cleanup-failed-docker-backups), [MediaWiki](./roles/docker-mediawiki), [Nginx Health Checker](./roles/health-nginx), [Developer Tools](./roles/pc-developer-tools), [Spotify](./roles/pc-spotify), [Update Pacman](./roles/update-pacman), [Client Wireguard](./roles/client-wireguard), [MyBB](./roles/docker-mybb), [Developer Tools for Arduino](./roles/pc-developer-tools-arduino), [SSH](./roles/pc-ssh), [Update Yay](./roles/update-yay), [Client Setup for Wireguard Behind Firewall](./roles/client-wireguard-behind-firewall), [Nextcloud Server](./roles/docker-nextcloud), [Hunspell](./roles/hunspell), [Developer Tools for Bash](./roles/pc-developer-tools-bash), [Streaming Tools](./roles/pc-streaming-tools), [Administrator](./roles/user-administrator), [Docker](./roles/docker), [Peertube](./roles/docker-peertube), [Java](./roles/java), [Developer Tools for Java](./roles/pc-developer-tools-java), [Tor Browser](./roles/pc-torbrowser), [Video Conference](./roles/pc-video-conference), [Wireguard](./roles/wireguard), [Akaunting](./roles/docker-akaunting), [Pixelfed](./roles/docker-pixelfed), [Journalctl](./roles/journalctl), [Developer Tools for PHP](./roles/pc-developer-tools-php), [Virtual Box](./roles/pc-virtual-box), [Postfix](./roles/postfix), [Attendize](./roles/docker-attendize), [Wordpress](./roles/docker-wordpress), [Locales](./roles/locales), [Docker for End Users](./roles/pc-docker), [Games](./roles/pc-games), [Python Pip](./roles/python-pip), [Discourse](./roles/docker-discourse), [Epson Multiprinter Driver](./roles/driver-epson-multiprinter), [Nginx Certbot](./roles/nginx-certbot), [Git](./roles/pc-git), [SSHD](./roles/sshd), [YOURLS](./roles/docker-yourls), [BigBlueButton](./roles/docker-bigbluebutton),[System Maintenance Lock](./roles/system-maintenance-lock),[Open Project](./roles/docker-openproject)...
 
 ## License
 

SERVER_APPLICATIONS.md

@@ -21,9 +21,9 @@ Focuses on web server roles and applications, covering SSL certificates, Nginx c
 - **[Nginx-Docker-Reverse-Proxy](./roles/nginx-docker-reverse-proxy/)**: Sets up a reverse proxy for Docker containers.
 - **[nginx-static-repository](./roles/nginx-static-repository/)**: Configures a homepage for Nginx.
 - **[Nginx-Https](./roles/nginx-https/)**: Enables HTTPS configuration for Nginx.
-- **[nginx-global-matomo](./roles/nginx-global-matomo/)**: Integrates Matomo tracking with Nginx.
-- **[Nginx-Domain-Redirect](./roles/nginx-domain-redirect/)**: Manages URL redirects in Nginx.
-- **[nginx-global-www](./roles/nginx-global-www/)**: Redirects all domains with the prefix www. from www.domain.tld to domain.tld
+- **[nginx-modifier-matomo](./roles/nginx-modifier-matomo/)**: Integrates Matomo tracking with Nginx.
+- **[nginx-redirect-domain](./roles/nginx-redirect-domain/)**: Manages URL redirects in Nginx.
+- **[nginx-redirect-www](./roles/nginx-redirect-www/)**: Redirects all domains with the prefix www. from www.domain.tld to domain.tld
 - **[Nginx-Certbot](./roles/nginx-certbot/)**: Integrates Certbot with Nginx for SSL certificates.
 - **[Postfix](./roles/postfix/)**: Setup for the Postfix mail transfer agent.
 

group_vars/all/03_domains.yml

@@ -19,6 +19,7 @@ defaults_domains:
   listmonk:                "newsletter.{{primary_domain}}"
   mailu:                   "{{system_email.host}}"
   mastodon:                "microblog.{{primary_domain}}"
+  # ATTENTION: Will be owerwritten by the values in domains. Not merged.
   mastodon_alternates:    ["mastodon.{{primary_domain}}"]
   matomo:                  "matomo.{{primary_domain}}"
   matrix_synapse:          "matrix.{{primary_domain}}"
@@ -28,6 +29,7 @@ defaults_domains:
   nextcloud:               "cloud.{{primary_domain}}"
   openproject:             "project.{{primary_domain}}"
   peertube:                "video.{{primary_domain}}"
+  # ATTENTION: Will be owerwritten by the values in domains. Not merged.
   peertube_alternates:     []
   phpmyadmin:              "phpmyadmin.{{primary_domain}}"
   pixelfed:                "picture.{{primary_domain}}"
@@ -36,7 +38,10 @@ defaults_domains:
   snipe_it:                "inventory.{{primary_domain}}"
   taiga:                   "kanban.{{primary_domain}}"
   yourls:                  "s.{{primary_domain}}"
-  wordpress:              ["wordpress.{{primary_domain}}","blog.{{primary_domain}}"]
+  # ATTENTION: Will be owerwritten by the values in domains. Not merged.
+  wordpress:              
+    - "wordpress.{{primary_domain}}"
+    - "blog.{{primary_domain}}"
 
 ## Domain Redirects
 defaults_redirect_domain_mappings:

group_vars/all/05_nginx.yml

@@ -3,18 +3,19 @@
 ## Nginx-Specific Path Configurations
 nginx:
   directories:
-    configuration:  "/etc/nginx/conf.d/"              # Configuration directory
+    configuration:                "/etc/nginx/conf.d/"              # Configuration directory
     http:
-      global:       "/etc/nginx/conf.d/http/global/"  # Contains global configurations which will be loaded into the http block
-      servers:      "/etc/nginx/conf.d/http/servers/" # Contains one configuration per domain
-      maps:         "/etc/nginx/conf.d/http/maps/"    # Contains mappings
-    streams:        "/etc/nginx/conf.d/streams/"      # Contains streams configuration e.g. for ldaps
-    well_known:     "/usr/share/nginx/well-known/"    # Path where well-known files are stored
-    homepage:       "/usr/share/nginx/homepage/"      # Path where the static homepage files are stored. @todo Move this variable to the role
-    global:         "/var/www/global/"                # Directory containing files which will be globaly accessable
-  user:             "http"                            # Default nginx user in ArchLinux
+      global:                     "/etc/nginx/conf.d/http/global/"  # Contains global configurations which will be loaded into the http block
+      servers:                    "/etc/nginx/conf.d/http/servers/" # Contains one configuration per domain
+      maps:                       "/etc/nginx/conf.d/http/maps/"    # Contains mappings
+    streams:                      "/etc/nginx/conf.d/streams/"      # Contains streams configuration e.g. for ldaps
+    well_known:                   "/usr/share/nginx/well-known/"    # Path where well-known files are stored
+    homepage:                     "/usr/share/nginx/homepage/"      # Path where the static homepage files are stored. @todo Move this variable to the role
+    global:                       "/var/www/global/"                # Directory containing files which will be globaly accessable
+  user:                           "http"                            # Default nginx user in ArchLinux
 
 ## Nginx static repository
-nginx_static_repository_address: NULL #This should contain the url to an git repository which has a static homepage included and an index.html file. @todo move this variable to the role
-
-global_matomo_tracking_enabled:                false   # Activates matomo tracking on all html pages
+nginx_static_repository_address:  NULL                              # This should contain the url to an git repository which has a static homepage included and an index.html file. @todo move this variable to the role
+                                                                    # @todo Move this to the dedicated role configuration
+## Matomo Tracking
+global_matomo_tracking_enabled:   false                             # Activates matomo tracking on all html pages. Change this in inventory.

playbook.servers.yml

@@ -245,7 +245,7 @@
   hosts: redirect
   become: true
   roles:
-   -  role: nginx-domain-redirect
+   -  role: nginx-redirect-domain
       vars:
         domain_mappings: "{{redirect_domain_mappings}}"
 
@@ -253,13 +253,13 @@
   hosts: www_redirect
   become: true
   roles:
-   -  role: nginx-global-www
+   -  role: nginx-redirect-www
 
 # Helper Roles for partial deployment
 - name: Copy global css 
-  hosts: nginx-global-css
+  hosts: nginx-modifier-css
   become: true
   roles:
-   -  role: nginx-global-css
+   -  role: nginx-modifier-css
 
 - import_playbook: playbook.destructor.yml

roles/docker-akaunting/tasks/main.yml

@@ -3,8 +3,9 @@
   include_role: 
     name: docker-central-database
 
-- name: "include tasks nginx-docker-proxy-domain.yml"
-  include_tasks: nginx-docker-proxy-domain.yml
+- name: "include role nginx-domain-setup for {{application_id}}"
+  include_role: 
+    name: nginx-domain-setup
 
 - name: "include tasks update-repository-with-files.yml"
   include_tasks: update-repository-with-files.yml

roles/docker-baserow/tasks/main.yml

@@ -3,8 +3,9 @@
   include_role: 
     name: docker-central-database
 
-- name: "include tasks nginx-docker-proxy-domain.yml"
-  include_tasks: nginx-docker-proxy-domain.yml
+- name: "include role nginx-domain-setup for {{application_id}}"
+  include_role: 
+    name: nginx-domain-setup
 
 - name: "copy docker-compose.yml and env file"
   include_tasks: copy-docker-compose-and-env.yml

roles/docker-bigbluebutton/tasks/main.yml

@@ -15,8 +15,9 @@
 #    dest: "{{nginx.directories.http.servers}}{{domain}}.conf"
 #  notify: restart nginx
 
-- name: "include tasks nginx-docker-proxy-domain.yml"
-  include_tasks: nginx-docker-proxy-domain.yml
+- name: "include role nginx-domain-setup for {{application_id}}"
+  include_role: 
+    name: nginx-domain-setup
 
 - name: configure websocket_upgrade.conf
   copy: 

roles/docker-bluesky/tasks/main.yml

@@ -3,17 +3,15 @@
   include_role: 
     name: docker-compose
 
-- name: "Include tasks for API domain"
-  include_tasks: nginx-docker-proxy-domain.yml
+- name: "include role nginx-domain-setup for {{application_id}}"
+  include_role:
+    name: nginx-domain-setup
   vars:
-    domain: "{{ domains.bluesky_api }}"
-    http_port: "{{ ports.localhost.http.bluesky_api }}"
-
-- name: "Include tasks for Web domain"
-  include_tasks: nginx-docker-proxy-domain.yml
-  vars:
-    domain: "{{ domains.bluesky_web }}"
-    http_port: "{{ ports.localhost.http.bluesky_web }}" 
+    domain: "{{ item.domain }}"
+    http_port: "{{ item.http_port }}"
+  loop:
+    - { domain: domains.bluesky_api, http_port: ports.localhost.http.bluesky_api }
+    - { domain: domains.bluesky_web, http_port: ports.localhost.http.bluesky_web }
 
 # The following lines should be removed when the following issue is closed:
 # https://github.com/bluesky-social/pds/issues/52

roles/docker-compose/tasks/main.yml

@@ -3,7 +3,10 @@
 
 - name: "Set global domain based on application_id"
   set_fact:
-    domain: "{{ domains[application_id] if application_id in domains else None }}"
+    domain: "{{ domains[application_id] }}"
+  when:
+    - application_id in domains
+    - domains[application_id] is string
   # Default case: One domain exists. Some applications like matrix don't have an default domain
 
 - name: "Set global http_port to {{ ports.localhost.http[application_id] }}"

roles/docker-discourse/tasks/main.yml

@@ -10,8 +10,9 @@
   include_role: 
     name: docker-central-database
 
-- name: "include tasks nginx-docker-proxy-domain.yml"
-  include_tasks: nginx-docker-proxy-domain.yml
+- name: "include role nginx-domain-setup for {{application_id}}"
+  include_role: 
+    name: nginx-domain-setup
 
 - name: "cleanup central database from {{application_id}}_default network"
   command:

roles/docker-elk/tasks/main.yml

@@ -1,7 +1,8 @@
 ---
 
-- name: "include tasks nginx-docker-proxy-domain.yml"
-  include_tasks: nginx-docker-proxy-domain.yml
+- name: "include role nginx-domain-setup for {{application_id}}"
+  include_role: 
+    name: nginx-domain-setup
 
 - name: create elasticsearch-sysctl.conf
   copy:

roles/docker-friendica/tasks/main.yml

@@ -3,8 +3,9 @@
   include_role: 
     name: docker-central-database
 
-- name: "include tasks nginx-docker-proxy-domain.yml"
-  include_tasks: nginx-docker-proxy-domain.yml
+- name: "include role nginx-domain-setup for {{application_id}}"
+  include_role: 
+    name: nginx-domain-setup
 
 - name: "copy docker-compose.yml and env file"
   include_tasks: copy-docker-compose-and-env.yml

roles/docker-funkwhale/tasks/main.yml

@@ -3,8 +3,9 @@
   include_role: 
     name: docker-central-database
 
-- name: "include tasks nginx-docker-proxy-domain.yml"
-  include_tasks: nginx-docker-proxy-domain.yml
+- name: "include role nginx-domain-setup for {{application_id}}"
+  include_role: 
+    name: nginx-domain-setup
 
 - name: "copy docker-compose.yml and env file"
   include_tasks: copy-docker-compose-and-env.yml

roles/docker-gitea/tasks/main.yml

@@ -3,8 +3,9 @@
   include_role: 
     name: docker-central-database
 
-- name: "include tasks nginx-docker-proxy-domain.yml"
-  include_tasks: nginx-docker-proxy-domain.yml
+- name: "include role nginx-domain-setup for {{application_id}}"
+  include_role: 
+    name: nginx-domain-setup
 
 - name: "copy docker-compose.yml and env file"
   include_tasks: copy-docker-compose-and-env.yml

roles/docker-gitlab/tasks/main.yml

@@ -3,8 +3,9 @@
   include_role: 
     name: docker-central-database
 
-- name: "include tasks nginx-docker-proxy-domain.yml"
-  include_tasks: nginx-docker-proxy-domain.yml
+- name: "include role nginx-domain-setup for {{application_id}}"
+  include_role: 
+    name: nginx-domain-setup
 
 - name: "copy docker-compose.yml and env file"
   include_tasks: copy-docker-compose-and-env.yml

roles/docker-jenkins/tasks/main.yml

@@ -1,5 +1,6 @@
-- name: "include tasks nginx-docker-proxy-domain.yml"
-  include_tasks: nginx-docker-proxy-domain.yml
+- name: "include role nginx-domain-setup for {{application_id}}"
+  include_role: 
+    name: nginx-domain-setup
 
 - name: "docker jenkins"
   docker_compose:

roles/docker-joomla/tasks/main.yml

@@ -3,8 +3,9 @@
   include_role: 
     name: docker-central-database
 
-- name: "include tasks nginx-docker-proxy-domain.yml"
-  include_tasks: nginx-docker-proxy-domain.yml
+- name: "include role nginx-domain-setup for {{application_id}}"
+  include_role: 
+    name: nginx-domain-setup
   loop: "{{ domains }}"
   loop_control:
     loop_var: domain

roles/docker-keycloak/tasks/main.yml

@@ -3,8 +3,9 @@
   include_role: 
     name: docker-central-database
 
-- name: "include tasks nginx-docker-proxy-domain.yml"
-  include_tasks: nginx-docker-proxy-domain.yml
+- name: "include role nginx-domain-setup for {{application_id}}"
+  include_role: 
+    name: nginx-domain-setup
 
 - name: "copy docker-compose.yml and env file"
   include_tasks: copy-docker-compose-and-env.yml

roles/docker-keycloak/templates/import/realm.json.j2

@@ -825,9 +825,9 @@
       "clientId": "{{realm}}",
       "name": "",
       "description": "",
-      "rootUrl": "https://{{realm}}/",
+      "rootUrl":  "https://{{realm}}/",
       "adminUrl": "https://{{realm}}/",
-      "baseUrl": "https://{{realm}}/",
+      "baseUrl":  "https://{{realm}}/",
       "surrogateAuthRequired": false,
       "enabled": true,
       "alwaysDisplayInConsole": false,
@@ -865,7 +865,7 @@
       "attributes": {
         "realm_client": "false",
         "oidc.ciba.grant.enabled": "false",
-        "client.secret.creation.time": "{{ ansible_date_time.epoch | int }}",
+        "client.secret.creation.time": "0",
         "backchannel.logout.session.required": "true",
         "post.logout.redirect.uris": "https://{{primary_domain}}/*##+",
         "frontchannel.logout.session.required": "true",

roles/docker-ldap/tasks/main.yml

@@ -3,8 +3,9 @@
   include_role: 
     name: docker-compose
 
-- name: "include tasks nginx-docker-proxy-domain.yml"
-  include_tasks: nginx-docker-proxy-domain.yml
+- name: "include role nginx-domain-setup for {{application_id}}"
+  include_role: 
+    name: nginx-domain-setup
 
 - name: Create {{domain}}.conf if LDAP is exposed to internet
   template: 

roles/docker-listmonk/tasks/main.yml

@@ -12,8 +12,9 @@
       ""
       {% endif %}
 
-- name: "include tasks nginx-docker-proxy-domain.yml"
-  include_tasks: nginx-docker-proxy-domain.yml
+- name: "include role nginx-domain-setup for {{application_id}}"
+  include_role: 
+    name: nginx-domain-setup
 
 - name: "copy docker-compose.yml and env file"
   include_tasks: copy-docker-compose-and-env.yml

roles/docker-mailu/tasks/main.yml

@@ -3,8 +3,9 @@
   include_role: 
     name: docker-central-database
 
-- name: "include tasks nginx-docker-proxy-domain.yml"
-  include_tasks: nginx-docker-proxy-domain.yml
+- name: "include role nginx-domain-setup for {{application_id}}"
+  include_role: 
+    name: nginx-domain-setup
   vars:
     nginx_docker_reverse_proxy_extra_configuration: "client_max_body_size 31M;"
 

roles/docker-mastodon/templates/mastodon.conf.j2

@@ -8,7 +8,7 @@ server {
 
   {% include 'roles/letsencrypt/templates/ssl_header.j2' %}
 
-  {% include 'roles/nginx-global/templates/global.includes.conf.j2'%}
+  {% include 'roles/nginx-modifier-all/templates/global.includes.conf.j2'%}
 
   keepalive_timeout    70;
   sendfile             on;

roles/docker-matomo/tasks/main.yml

@@ -18,8 +18,9 @@
   include_role: 
     name: docker-central-database
 
-- name: "include tasks nginx-docker-proxy-domain.yml"
-  include_tasks: nginx-docker-proxy-domain.yml
+- name: "include role nginx-domain-setup for {{application_id}}"
+  include_role: 
+    name: nginx-domain-setup
 
 - name: "copy docker-compose.yml and env file"
   include_tasks: copy-docker-compose-and-env.yml

roles/docker-matomo/vars/main.yml

@@ -1,8 +1,8 @@
 ---
-application_id:  	              "matomo"
-database_type:                  "mariadb"
-database_password:              "{{matomo_database_password}}"
-domain:                         "{{domains.matomo}}"
+application_id:  	  "matomo"
+database_type:      "mariadb"
+database_password:  "{{matomo_database_password}}"
+domain:             "{{domains.matomo}}"            # Don't know if this is still necessary
 
 # Disable matomo tracking for matomo, because otherwise recursiv loading technics would be neccessary
-# global_matomo_tracking_enabled: false 
+global_matomo_tracking_enabled: false 

roles/docker-matrix-ansible/tasks/main.yml

@@ -1,6 +1,7 @@
 ---
-- name: "include tasks nginx-docker-proxy-domain.yml"
-  include_tasks: nginx-docker-proxy-domain.yml
+- name: "include role nginx-domain-setup for {{application_id}}"
+  include_role: 
+    name: nginx-domain-setup
   loop:
     - "{{domains.matrix_element}}"
     - "{{domains.matrix_synapse}}"

roles/docker-matrix-compose/tasks/main.yml

@@ -30,8 +30,9 @@
     http_port:  "{{ports.localhost.http.matrix_synapse}}"
   notify: restart nginx
         
-- name: "include tasks nginx-docker-proxy-domain.yml for element"
-  include_tasks: nginx-docker-proxy-domain.yml
+- name: "include role nginx-domain-setup for {{application_id}}"
+  include_role: 
+    name: nginx-domain-setup
   vars:        
     domain:     "{{domains.matrix_element}}"
     http_port:  "{{ports.localhost.http.matrix_element}}"

roles/docker-matrix-compose/templates/nginx.conf.j2

@@ -10,6 +10,6 @@ server {
     listen 8448 ssl default_server;
     listen [::]:8448 ssl default_server;
 
-    {% include 'roles/nginx-global/templates/global.includes.conf.j2'%}
+    {% include 'roles/nginx-modifier-all/templates/global.includes.conf.j2'%}
     {% include 'roles/nginx-docker-reverse-proxy/templates/proxy_pass.conf.j2' %}
 }

roles/docker-mediawiki/tasks/main.yml

@@ -3,8 +3,9 @@
   include_role: 
     name: docker-central-database
 
-- name: "include tasks nginx-docker-proxy-domain.yml"
-  include_tasks: nginx-docker-proxy-domain.yml
+- name: "include role nginx-domain-setup for {{application_id}}"
+  include_role: 
+    name: nginx-domain-setup
 
 - name: add docker-compose.yml
   template: src=docker-compose.yml.j2 dest={{docker_compose.directories.instance}}docker-compose.yml

roles/docker-moodle/tasks/main.yml

@@ -3,8 +3,9 @@
   include_role: 
     name: docker-central-database
 
-- name: "include tasks nginx-docker-proxy-domain.yml"
-  include_tasks: nginx-docker-proxy-domain.yml
+- name: "include role nginx-domain-setup for {{application_id}}"
+  include_role: 
+    name: nginx-domain-setup
 
 - name: "copy docker-compose.yml and env file"
   include_tasks: copy-docker-compose-and-env.yml

roles/docker-nextcloud/templates/proxy-nginx.conf.j2

@@ -6,7 +6,7 @@ server
 
   {% include 'roles/letsencrypt/templates/ssl_header.j2' %}
 
-  {% include 'roles/nginx-global/templates/global.includes.conf.j2'%}
+  {% include 'roles/nginx-modifier-all/templates/global.includes.conf.j2'%}
   # Remove X-Powered-By, which is an information leak
   fastcgi_hide_header X-Powered-By;
 

roles/docker-openproject/tasks/main.yml

@@ -3,8 +3,9 @@
   include_role: 
     name: docker-central-database
 
-- name: "include tasks nginx-docker-proxy-domain.yml"
-  include_tasks: nginx-docker-proxy-domain.yml
+- name: "include role nginx-domain-setup for {{application_id}}"
+  include_role: 
+    name: nginx-domain-setup
 
 #- name: "include tasks update-repository-with-files.yml"
 #  include_tasks: update-repository-with-files.yml

roles/docker-peertube/templates/peertube.conf.j2

@@ -3,7 +3,7 @@ server {
 
   {% include 'roles/letsencrypt/templates/ssl_header.j2' %}
 
-  {% include 'roles/nginx-global/templates/global.includes.conf.j2'%}
+  {% include 'roles/nginx-modifier-all/templates/global.includes.conf.j2'%}
   ##
   # Application
   ##

roles/docker-phpmyadmin/tasks/main.yml

@@ -3,8 +3,9 @@
   include_role: 
     name: docker-compose
 
-- name: "include tasks nginx-docker-proxy-domain.yml"
-  include_tasks: nginx-docker-proxy-domain.yml
+- name: "include role nginx-domain-setup for {{application_id}}"
+  include_role: 
+    name: nginx-domain-setup
 
 - name: "copy docker-compose.yml and env file"
   include_tasks: copy-docker-compose-and-env.yml

roles/docker-pixelfed/tasks/main.yml

@@ -3,8 +3,9 @@
   include_role: 
     name: docker-central-database
 
-- name: "include tasks nginx-docker-proxy-domain.yml"
-  include_tasks: nginx-docker-proxy-domain.yml
+- name: "include role nginx-domain-setup for {{application_id}}"
+  include_role: 
+    name: nginx-domain-setup
 
 - name: "copy docker-compose.yml and env file"
   include_tasks: copy-docker-compose-and-env.yml

roles/docker-portfolio/tasks/main.yml

@@ -3,8 +3,9 @@
   include_role: 
     name: docker-compose
 
-- name: "include tasks nginx-docker-proxy-domain.yml"
-  include_tasks: nginx-docker-proxy-domain.yml
+- name: "include role nginx-domain-setup for {{application_id}}"
+  include_role: 
+    name: nginx-domain-setup
 
 - name: "include tasks update-repository-with-files.yml"
   include_tasks: update-repository-with-files.yml

roles/docker-snipe_it/README.md

@@ -1,9 +1,6 @@
-# CyMaIS Role
+# Docker Snipe-IT
 
-🚀 **CyMaIS** - Centralized Management and Integration System for **[Snipe-IT](https://github.com/snipe/snipe-it)**
-
-## About 📖
-This role provides an automated deployment and configuration for **Snipe-IT**, an open-source asset management system. It leverages **Docker Compose**, **Ansible**, and **centralized database integration** to streamline deployment and maintenance.
+This 🚀 **CyMaIS** role provides an automated deployment and configuration for **[Snipe-IT](https://github.com/snipe/snipe-it)**, an open-source asset management system. It leverages **Docker Compose**, **Ansible**, and **centralized database integration** to streamline deployment and maintenance.
 
 👤 **Author:** Kevin Veen-Birkenbach  
 🔗 **Website:** [veen.world](https://veen.world)
@@ -24,11 +21,6 @@ docker-compose exec application php artisan cache:clear
 docker-compose restart application
 ```
 
-## Configuration
-- **Database:** The role supports **MariaDB** as the primary database.
-- **Environment Variables:** Defined in `templates/env.j2`.
-- **Nginx Proxy Support:** Automated through `nginx-docker-proxy-domain.yml`.
-
 ## Pending Issue 🚧
 To ensure full **SAML authentication integration**, this issue still needs to be resolved:  
 🔗 [GitHub Issue #16186](https://github.com/snipe/snipe-it/issues/16186)

roles/docker-snipe_it/tasks/main.yml

@@ -3,8 +3,9 @@
   include_role: 
     name: docker-central-database
 
-- name: "include tasks nginx-docker-proxy-domain.yml"
-  include_tasks: nginx-docker-proxy-domain.yml
+- name: "include role nginx-domain-setup for {{application_id}}"
+  include_role: 
+    name: nginx-domain-setup
 
 - name: "copy docker-compose.yml and env file"
   include_tasks: copy-docker-compose-and-env.yml

roles/docker-taiga/tasks/main.yml

@@ -3,8 +3,9 @@
   include_role: 
     name: docker-central-database
 
-- name: "include tasks nginx-docker-proxy-domain.yml"
-  include_tasks: nginx-docker-proxy-domain.yml
+- name: "include role nginx-domain-setup for {{application_id}}"
+  include_role: 
+    name: nginx-domain-setup
 
 - name: pull docker repository
   git:

roles/docker-wordpress/tasks/main.yml

@@ -3,8 +3,9 @@
   include_role: 
     name: docker-central-database
   
-- name: "include tasks nginx-docker-proxy-domain.yml"
-  include_tasks: nginx-docker-proxy-domain.yml
+- name: "include role nginx-domain-setup for {{application_id}}"
+  include_role: 
+    name: nginx-domain-setup
   loop: "{{ domains.wordpress }}"
   loop_control:
     loop_var: domain

roles/docker-yourls/tasks/main.yml

@@ -3,8 +3,9 @@
   include_role: 
     name: docker-central-database
 
-- name: "include tasks nginx-docker-proxy-domain.yml"
-  include_tasks: nginx-docker-proxy-domain.yml
+- name: "include role nginx-domain-setup for {{application_id}}"
+  include_role: 
+    name: nginx-domain-setup
 
 - name: "copy docker-compose.yml and env file"
   include_tasks: copy-docker-compose-and-env.yml

roles/nginx-docker-reverse-proxy/templates/domain.conf.j2

@@ -21,7 +21,7 @@ server
   }
   {% endif %}
 
-  {% include 'roles/nginx-global/templates/global.includes.conf.j2'%}
+  {% include 'roles/nginx-modifier-all/templates/global.includes.conf.j2'%}
   
   {% if nginx_docker_reverse_proxy_extra_configuration is defined %}
     # Additional Domain Specific Configuration

roles/nginx-domain-setup/README.md

@@ -0,0 +1,16 @@
+# Nginx Domain Setup Role 🚀
+
+This role streamlines your Nginx configuration by performing several essential tasks:
+
+- **Modify Nginx configuration** with the `nginx-modifier-all` role.
+- **Request and receive HTTPS certificates** using the `nginx-https-recieve-certificate` role.
+- **Deploy a domain configuration file** from a Jinja2 template.
+- **Optionally secure your domain** with OAuth2 via the `docker-oauth2-proxy` role if enabled.
+
+## Author
+
+Developed by [Kevin Veen-Birkenbach](https://www.veen.world) 😎
+
+---
+
+Happy automating! 🎉

roles/nginx-domain-setup/tasks/main.yml

@@ -1,4 +1,8 @@
-- name: "include role receive certbot certificate"
+- name: "include role nginx-modifier-all for {{domain}}"
+  include_role: 
+    name: nginx-modifier-all
+
+- name: "include role nginx-https-recieve-certificate for {{domain}}"
   include_role: 
     name: nginx-https-recieve-certificate
 
@@ -8,7 +12,7 @@
     dest: "{{nginx.directories.http.servers}}{{domain}}.conf"
   notify: restart nginx
   
-- name: include the docker-oauth2-proxy role
+- name: "include the docker-oauth2-proxy role {{domain}}"
   include_role:
     name: docker-oauth2-proxy
   when: oauth2_proxy_active | bool

roles/nginx-global-matomo/vars/main.yml

@@ -1 +0,0 @@
-base_domain: "{{ domain | regex_replace('^(?:.*\\.)?(.+\\..+)$', '\\1') }}"

roles/nginx-global-www/README.md

@@ -1,37 +0,0 @@
-# README.md for nginx-global-www Role
-
-## Overview
-The `nginx-global-www` role is designed to automate the process of setting up redirects from `www.domain.tld` to `domain.tld` for all domains and subdomains configured within the `{{nginx.directories.http.servers}}` directory. This role dynamically identifies configuration files following the pattern `*domain.tld.conf` and creates corresponding redirection rules.
-
-## Role Description
-This role performs several key tasks:
-1. **Find Configuration Files**: Locates all `.conf` files in the `{{nginx.directories.http.servers}}` directory that match the `*.*.conf` pattern, ensuring that only domain and subdomain configurations are selected.
-   
-2. **Filter Domain Names**: Processes each configuration file, extracting the domain names and removing both the `.conf` extension and the `{{nginx.directories.http.servers}}` path.
-
-3. **Prepare Redirect Domain Mappings**: Transforms the filtered domain names into a source-target mapping format, where `source` is `www.domain.tld` and `target` is `domain.tld`.
-
-4. **Include nginx-domain-redirect Role**: Applies the redirection configuration using the `nginx-domain-redirect` role with the dynamically generated domain mappings.
-
-## Usage
-To use this role, include it in your playbook and ensure that the `nginx-domain-redirect` role is available in your Ansible environment. No additional configuration is required as the role is designed to dynamically identify and process the domain configurations.
-
-Example playbook:
-```yaml
-- hosts: web-servers
-  roles:
-    - nginx-global-www
-```
-
-## Requirements
-- Ansible environment set up and configured to run roles.
-- Access to the `{{nginx.directories.http.servers}}` directory on the target hosts.
-- The `nginx-domain-redirect` role must be present and properly configured to handle the redirection mappings.
-
-## Notes
-- This role is designed to work in environments where domain and subdomain configurations follow the naming pattern `*domain.tld.conf`.
-- It automatically excludes any configurations that begin with `www.`, preventing duplicate redirects.
-
----
-
-This `nginx-global-www` role was crafted by [Kevin Veen-Birkenbach](https://www.veen.world) with insights and guidance provided by ChatGPT, an advanced AI language model from OpenAI. The development process, including the discussions with ChatGPT that shaped this role, can be [here](https://chat.openai.com/share/a68e3574-f543-467d-aea7-0895f0e00bbb) explored in detail.

roles/nginx-global/tasks/main.yml

@@ -1,13 +0,0 @@
-- name: Activate Global Matomo tracking
-  include_role:
-    name: nginx-global-matomo
-  when: global_matomo_tracking_enabled | bool and domain is defined # @todo: Do I try run without is defined checking for domain
-
-- name: Activate Global CSS
-  include_role:
-    name: nginx-global-css
-  when:
-    - global_theming_enabled | bool 
-    - run_once_nginx_global_css is not defined
-# - nginx-global-www Has to be loaded somehow different
-#  @todo implement better loading

roles/nginx-https/README.md

@@ -0,0 +1 @@
+This role loads the components to create an nginx server with https

roles/nginx-https/meta/main.yml

@@ -1,3 +1,3 @@
 dependencies:
 - nginx
-- letsencrypt
+- letsencrypt

roles/nginx-modifier-all/README.md

@@ -0,0 +1,29 @@
+# Nginx Global Matomo & Theming Modifier Role 🚀
+
+This role enhances your Nginx configuration by conditionally injecting global Matomo tracking and theming elements into your HTML responses. It uses Nginx sub-filters to seamlessly add tracking scripts and CSS links to your web pages.
+
+---
+
+## Features
+
+- **Global Matomo Tracking**  
+  When enabled (`global_matomo_tracking_enabled` is `true`), the role includes Matomo tracking configuration and injects the corresponding tracking script into your HTML.
+
+- **Global Theming**  
+  When enabled (`global_theming_enabled` is `true`), the role injects a global CSS link for consistent theming across your site.
+
+- **Smart Injection**  
+  Uses Nginx's `sub_filter` to insert the tracking and theming snippets right before the closing `</head>` tag of your HTML documents.
+
+
+This will automatically activate Matomo tracking and/or global theming based on your configuration.
+
+---
+
+## Author
+
+Developed by [Kevin Veen-Birkenbach](https://www.veen.world) 😎
+
+---
+
+Happy automating! 🎉

roles/nginx-modifier-all/meta/main.yml

@@ -0,0 +1,2 @@
+dependencies:
+  - nginx-modifier-css # Just required to load once

roles/nginx-modifier-all/tasks/main.yml

@@ -0,0 +1,4 @@
+- name: "Activate Global Matomo Tracking for {{domain}}"
+  include_role:
+    name: nginx-modifier-matomo
+  when: global_matomo_tracking_enabled | bool

roles/nginx-modifier-all/templates/global.includes.conf.j2

@@ -4,14 +4,14 @@ sub_filter_types text/html;
 
 {% if global_matomo_tracking_enabled | bool %}
   # Include Global Matomo Tracking
-  {% include 'roles/nginx-global-matomo/templates/matomo-tracking.conf.j2' %}
+  {% include 'roles/nginx-modifier-matomo/templates/matomo-tracking.conf.j2' %}
 {% endif %}
 
 {% if global_theming_enabled | bool or global_matomo_tracking_enabled | bool%}
-  sub_filter '</head>' '{% if global_matomo_tracking_enabled | bool %}{% include 'roles/nginx-global-matomo/templates/script.j2' %}{% endif %}{% if global_theming_enabled | bool %}{% include 'roles/nginx-global-css/templates/link.j2' %}{% endif %}</head>';
+  sub_filter '</head>' '{% if global_matomo_tracking_enabled | bool %}{% include 'roles/nginx-modifier-matomo/templates/script.j2' %}{% endif %}{% if global_theming_enabled | bool %}{% include 'roles/nginx-modifier-css/templates/link.j2' %}{% endif %}</head>';
 {% endif %}
 
 {% if global_theming_enabled | bool %}
   # Include Global CSS Location
-  {% include 'roles/nginx-global-css/templates/location.conf.j2' %}
+  {% include 'roles/nginx-modifier-css/templates/location.conf.j2' %}
 {% endif %}

roles/nginx-modifier-css/README.md

@@ -13,23 +13,6 @@ This **Ansible role** provides a **global theming solution** for Nginx-based web
 
 ---
 
-## 📂 File Structure
-
-```
-.
-├── tasks/
-│   ├── main.yml        # Main Ansible tasks for deploying the global CSS
-├── vars/
-│   ├── main.yml        # Global variables (CSS paths, file names, etc.)
-├── templates/
-│   ├── global.css.j2   # Jinja2 template for generating the global CSS
-│   ├── location.conf.j2     # Nginx configuration for serving global.css
-│   ├── sub_filter.conf.j2   # Injects the global CSS link into served pages
-└── README.md           # You are here 🚀
-```
-
----
-
 ## 🎨 Theming Details
 
 The **CSS template (`global.css.j2`)** dynamically applies the defined theme colors and ensures **Bootstrap, buttons, alerts, forms, and other UI elements** follow the **unified design**.

roles/nginx-modifier-css/meta/main.yml

@@ -0,0 +1,2 @@
+dependencies:
+  - nginx

roles/nginx-modifier-css/tasks/main.yml

@@ -5,7 +5,7 @@
     owner: "{{nginx.user}}"
     group: "{{nginx.user}}"
     mode: '0755'
-  when: run_once_nginx_global_css is not defined
+  when: run_once_nginx_global_css is not defined and global_theming_enabled | bool
 
 - name: Deploy global.css from template
   template:
@@ -14,18 +14,18 @@
     owner: "{{nginx.user}}"
     group: "{{nginx.user}}"
     mode: '0644'
-  when: run_once_nginx_global_css is not defined
+  when: run_once_nginx_global_css is not defined and global_theming_enabled | bool
 
 - name: Get stat for global.css destination file
   stat:
     path: "{{ global_css_destination }}"
   register: global_css_stat
-  when: run_once_nginx_global_css is not defined
+  when: run_once_nginx_global_css is not defined and global_theming_enabled | bool
 
 - name: Set global_css_version to file modification time
   set_fact:
     global_css_version: "{{ global_css_stat.stat.mtime }}"
-  when: run_once_nginx_global_css is not defined
+  when: run_once_nginx_global_css is not defined and global_theming_enabled | bool
 
 - name: Mark global css tasks as run once
   set_fact:

roles/nginx-modifier-matomo/meta/main.yml

@@ -0,0 +1,3 @@
+dependencies:
+  - docker-matomo
+  - nginx

roles/nginx-modifier-matomo/tasks/main.yml

@@ -1,11 +1,23 @@
-- name: Check if site already exists in Matomo
+- name: "Relevant variables for role: {{ role_path | basename }}"
+  debug:
+    msg:
+      domain: "{{ domain }}"
+      base_domain: "{{ base_domain }}"
+      verification_url: "{{ verification_url }}"
+  when: enable_debug | bool
+
+- name: Check if site {{ domain }} is allready registered at Matomo
   uri:
-    url: "https://{{domains.matomo}}/index.php?module=API&method=SitesManager.getSitesIdFromSiteUrl&url=https://{{base_domain}}&format=json&token_auth={{matomo_auth_token}}"
-    method: GET
+    url:            "{{verification_url}}"
+    method:         GET
     return_content: yes
-    status_code: 200
+    status_code:    200
     validate_certs: yes
-  register: site_check
+  register:         site_check
+
+- name: Set matomo_site_id to Null
+  set_fact:
+    matomo_site_id: Null
 
 - name: Set fact for site ID if site already exists
   set_fact:
@@ -22,12 +34,12 @@
     return_content: yes
     validate_certs: yes
   register: add_site
-  when: "matomo_site_id is not defined"
+  when: "matomo_site_id is not defined or matomo_site_id is none"
 
 - name: Set fact for site ID if site was added
   set_fact:
     matomo_site_id: "{{ add_site.json.value }}"
-  when: "matomo_site_id is not defined"
+  when: "matomo_site_id is not defined or matomo_site_id is none"
 
 - name: Set the Matomo tracking code from a template file
   set_fact:

roles/nginx-modifier-matomo/vars/main.yml

@@ -0,0 +1,2 @@
+base_domain:      "{{ domain | regex_replace('^(?:.*\\.)?(.+\\..+)$', '\\1') }}"
+verification_url: "https://{{domains.matomo}}/index.php?module=API&method=SitesManager.getSitesIdFromSiteUrl&url=https://{{base_domain}}&format=json&token_auth={{matomo_auth_token}}"

roles/nginx-redirect-domain/README.md

@@ -2,12 +2,6 @@
 
 This Ansible role configures Nginx to perform 301 redirects from one domain to another. It handles SSL certificate retrieval for the source domains and sets up the Nginx configuration to redirect to the specified target domains.
 
-## Requirements
-
-- Ansible 2.9 or higher
-- Nginx installed on the target machine
-- Let's Encrypt for SSL certificate management
-
 ## Role Variables
 
 - `domain_mappings`: A list of objects with `source` and `target` properties specifying the domains to redirect from and to.
@@ -18,13 +12,5 @@ This Ansible role configures Nginx to perform 301 redirects from one domain to a
 - `nginx-https`: A role for setting up HTTPS for Nginx
 - `letsencrypt`: A role for managing SSL certificates with Let's Encrypt
 
-## Example Playbook
-
-```yaml
-- hosts: servers
-  roles:
-    - { role: nginx-domain-redirect, domain_mappings: [ {source: 'example.com', target: 'newdomain.com'} ] }
-``````
-
 ## Author Information
-This role was created in 2023 by Kevin Veen Birkenbach.
+This role was created in 2023 by [Kevin Veen-Birkenbach](https://www.veen.world/).

roles/nginx-redirect-www/README.md

@@ -0,0 +1,22 @@
+# nginx-redirect-www
+
+## Overview
+The `nginx-redirect-www` role is designed to automate the process of setting up redirects from `www.domain.tld` to `domain.tld` for all domains and subdomains configured within the `{{nginx.directories.http.servers}}` directory. This role dynamically identifies configuration files following the pattern `*domain.tld.conf` and creates corresponding redirection rules.
+
+## Role Description
+This role performs several key tasks:
+1. **Find Configuration Files**: Locates all `.conf` files in the `{{nginx.directories.http.servers}}` directory that match the `*.*.conf` pattern, ensuring that only domain and subdomain configurations are selected.
+   
+2. **Filter Domain Names**: Processes each configuration file, extracting the domain names and removing both the `.conf` extension and the `{{nginx.directories.http.servers}}` path.
+
+3. **Prepare Redirect Domain Mappings**: Transforms the filtered domain names into a source-target mapping format, where `source` is `www.domain.tld` and `target` is `domain.tld`.
+
+4. **Include nginx-redirect-domain Role**: Applies the redirection configuration using the `nginx-redirect-domain` role with the dynamically generated domain mappings.
+
+## Notes
+- This role is designed to work in environments where domain and subdomain configurations follow the naming pattern `*domain.tld.conf`.
+- It automatically excludes any configurations that begin with `www.`, preventing duplicate redirects.
+
+---
+
+This `nginx-redirect-www` role was crafted by [Kevin Veen-Birkenbach](https://www.veen.world) with insights and guidance provided by ChatGPT, an advanced AI language model from OpenAI. The development process, including the discussions with ChatGPT that shaped this role, can be [here](https://chat.openai.com/share/a68e3574-f543-467d-aea7-0895f0e00bbb) explored in detail.

roles/nginx-redirect-www/tasks/main.yml

@@ -30,9 +30,9 @@
     var: filtered_domains_with_primary_domain
   when: enable_debug | bool
 
-- name: Include nginx-domain-redirect role with dynamic domain mappings for domains with {{primary_domain}} included
+- name: Include nginx-redirect-domain role with dynamic domain mappings for domains with {{primary_domain}} included
   include_role:
-    name: nginx-domain-redirect
+    name: nginx-redirect-domain
   vars:
     domain_mappings: "{{ filtered_domains_with_primary_domain | map('regex_replace', '^(.*)$', '{ source: \"www.\\1\", target: \"\\1\" }') | map('from_yaml') | list }}"
   when: not enable_wildcard_certificate | bool
@@ -57,9 +57,9 @@
     var: filtered_domains_without_primary_domain
   when: enable_debug | bool
 
-- name: Include nginx-domain-redirect role with dynamic domain mappings for domains without primary domain
+- name: Include nginx-redirect-domain role with dynamic domain mappings for domains without primary domain
   include_role:
-    name: nginx-domain-redirect
+    name: nginx-redirect-domain
   vars:
     domain_mappings: "{{ filtered_domains_without_primary_domain | map('regex_replace', '^(.*)$', '{ source: \"www.\\1\", target: \"\\1\" }') | map('from_yaml') | list }}"
 

roles/nginx-static-repository/README.md

@@ -2,32 +2,5 @@
 
 This Ansible role configures an Nginx server to serve a static homepage. It handles domain configuration, SSL certificate retrieval with Let's Encrypt, and cloning the homepage content from a Git repository.
 
-## Requirements
-
-- Ansible 2.9 or higher
-- Nginx installed on the target machine
-- Git installed on the target machine (if cloning a repo)
-- `nginx-https` and `git` roles available or configured if they are used as dependencies
-
-## Role Variables
-
-- `nginx.directories.homepage`: The directory where the homepage content will be stored (default: `/usr/share/nginx/homepage`)
-- `domain`: The domain name for the Nginx server configuration
-- `administrator_email`: The email used for SSL certificate registration with Let's Encrypt
-- `nginx_static_repository_address`: The Git repository address containing the homepage content
-
-## Dependencies
-
-- `nginx-https`: A role for setting up an HTTPS server
-- `git`: A role for installing Git
-
-## Example Playbook
-
-```yaml
-- hosts: servers
-  roles:
-     - { role: nginx-static-repository, domain: 'example.com', administrator_email: 'admin@example.com' }
-```
-
 ## Author Information
-This role was created in 2023 by Kevin Veen Birkenbach.
+This role was created in 2023 by [Kevin Veen Birkenbach](https://www.veen.world/).

roles/nginx-static-repository/templates/static.nginx.conf.j2

@@ -5,7 +5,7 @@ server
   
   {% include 'roles/letsencrypt/templates/ssl_header.j2' %}
 
-  {% include 'roles/nginx-global/templates/global.includes.conf.j2'%}
+  {% include 'roles/nginx-modifier-all/templates/global.includes.conf.j2'%}
   charset utf-8;
   
   location /

roles/nginx/meta/main.yml

@@ -1,3 +1,2 @@
 dependencies:
-  - health-nginx
-  - nginx-global
+  - health-nginx

roles/nginx/tasks/main.yml

@@ -33,16 +33,6 @@
   notify: restart nginx
   when: run_once_nginx is not defined
 
-# Activated due to the reason that certificate management should be part of role nginx-https
-# I don't know why this is activated here. 
-# Propably solved on 2025-02-15 . Please remove latest on 2025-12-31 if no errors appear or earlier
-#
-#- name: "include task certbot-and-globals.yml"
-#  include_tasks: certbot-and-globals.yml
-#  vars:
-#    domain: "{{primary_domain}}"
-#  when: run_once_nginx is not defined
-
 - name: flush nginx service
   meta: flush_handlers
   when: run_once_nginx is not defined