Refactor and cleanup OIDC, desktop, and web-app roles

- Improved OIDC variable definitions (12_oidc.yml)
- Added account/security/profile URLs
- Restructured web-app-desktop tasks and JS handling
- Introduced oidc.js and iframe.js with runtime loader
- Fixed nginx.conf, LDAP, and healthcheck templates spacing
- Improved Lua injection for CSP and snippets
- Fixed typos (WordPress, receive, etc.)
- Added silent-check-sso nginx location

Conversation: https://chatgpt.com/share/68ae0060-4fac-800f-9f02-22592a4087d3

roles/web-app-desktop/templates/menu/applications.yml.j2

@@ -24,31 +24,7 @@ applications:
             icon: {{ app.icon }}
             url: {{ app.url }}
             iframe: {{ app.iframe }}
-            {% if app.title == 'Keycloak' %}
-            {% set keycloak_url = domains | get_url('web-app-keycloak', WEB_PROTOCOL) %}
-            {{ domains | get_url(application_id, WEB_PROTOCOL) }}
-            children:
-              - name: Administration
-                description: Access the central admin console
-                icon:
-                  class: fa-solid fa-shield-halved
-                url: {{ keycloak_url }}/admin
-                iframe: {{ applications | get_app_conf( 'web-app-keycloak', 'features.desktop', False) }}
-              - name: Profile
-                description: Update your personal admin settings
-                icon:
-                  class: fa-solid fa-user-gear
-                url: {{ keycloak_url }}/realms/{{ OIDC.CLIENT.ID }}/account
-                iframe: {{ applications | get_app_conf( 'web-app-keycloak', 'features.desktop', False) }}
-              - name: Logout
-                description: End your admin session securely
-                icon:
-                  class: fa-solid fa-right-from-bracket
-                url: {{ keycloak_url }}/realms/{{ OIDC.CLIENT.ID }}/protocol/openid-connect/logout
-                iframe: false
-
-            {% endif %}
-
+            
         {% endfor %}
 
     {% endfor %}

roles/web-app-desktop/templates/menu/followus.yml.j2

@@ -1,6 +1,6 @@
 followus:
   name: Follow Us
-  description: Follow us to stay up to recieve the newest {{ SOFTWARE_NAME }} updates 
+  description: Follow us to stay up to receive the newest {{ SOFTWARE_NAME }} updates 
   icon:
     class: fas fa-newspaper
 {% if ["web-app-mastodon", "web-app-bluesky"] | any_in(group_names) %}
@@ -43,7 +43,7 @@ followus:
       iframe: {{ applications | get_app_conf('web-app-peertube','features.desktop',True) }}
 {% endif %}
 {% if service_provider.contact.wordpress is defined and service_provider.contact.wordpress != "" %}
-    - name: Wordpress
+    - name: WordPress
       description: Read {{ 'our' if service_provider.type == 'legal' else 'my' }} articles and stories.
       icon:
         class: fa-solid fa-blog
@@ -55,7 +55,7 @@ followus:
     - name: Friendica
       description: Visit {{ 'our' if service_provider.type == 'legal' else 'my' }} friendica profile
       icon:
-        class: fas fa-net-wired
+        class: fa-solid fa-network-wired
       identifier: "{{service_provider.contact.friendica}}"
       url: "{{ WEB_PROTOCOL }}://{{ service_provider.contact.friendica.split('@')[2] }}/@{{ service_provider.contact.friendica.split('@')[1] }}"
       iframe: {{ applications | get_app_conf('web-app-friendica','features.desktop',True) }}

roles/web-app-desktop/templates/menu/footer.yml.j2

@@ -9,8 +9,8 @@
       description: Access our comprehensive documentation and support resources to help you get the most out of the software.
       icon:
         class: fas fa-book
-      url: https://{{domains | get_domain('web-app-sphinx')}}
-      iframe: {{ applications | get_app_conf('web-app-sphinx','features.desktop',True) }}
+      url: {{ domains | get_url('web-app-sphinx', WEB_PROTOCOL) }}
+      iframe: {{ applications | get_app_conf('web-app-sphinx','features.desktop') }}
 
 {% endif %}
 
@@ -20,8 +20,8 @@
       description: Checkout the presentation
       icon:
         class: "fas fa-chalkboard-teacher"
-      url: https://{{domains | get_domain('web-app-navigator')}}
-      iframe: {{ applications | get_app_conf('web-app-navigator','features.desktop',True) }}
+      url: {{ domains | get_url('web-app-navigator', WEB_PROTOCOL) }}
+      iframe: {{ applications | get_app_conf('web-app-navigator','features.desktop') }}
 
 {% endif %}
     - name: Solutions

roles/web-app-desktop/templates/menu/header.yml.j2

@@ -17,4 +17,39 @@
       description: Reload the application
       icon:
         class: fa-solid fa-rotate-right
-      url:   "{{ WEB_PROTOCOL }}://{{ domains | get_domain('web-app-desktop') }}"
+      url:   "{{ domains | get_url('web-app-desktop', WEB_PROTOCOL) }}"
+
+{% if DESKTOP_OIDC_ENABLED | bool %}
+
+    - name: Account
+      description: Manage your Account
+      icon:
+        class: fa-solid fa-user
+      children:
+        - name: Profile
+          description: Manage your profile
+          icon:
+            class: fa-solid fa-id-card
+          url: {{ OIDC.CLIENT.ACCOUNT.PROFILE_URL }}
+          iframe: {{ DESKTOP_KEYCLOAK_IFRAME_ENABLED }}
+        - name: Security
+          description: Manage your security settings
+          icon:
+            class: fa-solid fa-user-gear
+          url: {{ OIDC.CLIENT.ACCOUNT.SECURITY_URL }}
+          iframe: {{ DESKTOP_KEYCLOAK_IFRAME_ENABLED }}
+        - name: Logout
+          description: "Logout from {{ SOFTWARE_NAME }} on {{ PRIMARY_DOMAIN }}"
+          target: "_top"  
+          icon:
+            class: fa-solid fa-right-from-bracket
+          url: {{ OIDC.CLIENT.LOGOUT_URL }}
+          iframe: false # Neccesary to refresh desktop page after logout
+    - name: Login
+      description: "Login to {{ SOFTWARE_NAME }} on {{ PRIMARY_DOMAIN }}"
+      target: "_top"
+      icon:
+        class: fa-solid fa-right-to-bracket
+      url: {{ DESKTOP_KEYCLOAK_LOGIN_URL }}
+      iframe: false # Neccesary to refresh desktop page after login
+{% endif %}