kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-10-31 10:19:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

In between commit development coporate design for flock.town

Browse Source
This commit is contained in:
Kevin Veen-Birkenbach
2025-02-19 20:46:14 +01:00
parent fce9c1a72d
commit fd5c10b103
26 changed files with 222 additions and 83 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@@ -73,7 +73,7 @@ Contact me for more details:
## Showcases
The following list showcases the extensive range of solutions that CyMaIS incorporates, each playing a vital role in providing a comprehensive, efficient, and secure IT infrastructure setup:
[ELK Stack](./roles/docker-elk), [Intel Driver](./roles/driver-intel), [Nginx Docker Reverse Proxy](./roles/nginx-docker-reverse-proxy), [Sudo](./roles/sudo), [Funkwhale](./roles/docker-funkwhale), [MSI Keyboard Color Driver](./roles/driver-msi-keyboard-color), [Nginx Domain Redirect](./roles/nginx-redirect-domain), [GnuCash](./roles/pc-gnucash), [Backup Data to USB](./roles/backup-data-to-usb), [Gitea](./roles/docker-gitea), [Non-Free Driver](./roles/driver-non-free), [Nginx Homepage](./roles/nginx-static-repository), [Jrnl](./roles/pc-jrnl), [Systemd Notifier](./roles/systemd-notifier), [Backup Docker to Local](./roles/backup-docker-to-local), [Jenkins](./roles/docker-jenkins), [Git](./roles/git), [Nginx HTTPS](./roles/nginx-https), [Latex](./roles/pc-latex), [Email Notifier](./roles/systemd-notifier-email), [Remote to Local Backup Solution](./roles/backup-remote-to-local), [Joomla](./roles/docker-joomla), [Heal Defect Docker Installations](./roles/heal-docker), [Nginx Matomo Tracking](./roles/nginx-modifier-matomo), [LibreOffice](./roles/pc-libreoffice), [Telegram Notifier](./roles/systemd-notifier-telegram), [Listmonk](./roles/docker-listmonk), [Btrfs Health Check](./roles/health-btrfs), [Nginx WWW Redirect](./roles/nginx-redirect-www), [Network Analyze Tools](./roles/pc-network-analyze-tools), [System Security](./roles/system-security), [Mailu](./roles/docker-mailu), [Disc Space Health Check](./roles/health-disc-space), [Administrator Tools](./roles/pc-administrator-tools), [Nextcloud Client](./roles/pc-nextcloud), [Swapfile Setup](./roles/system-swapfile), [Backups Cleanup](./roles/cleanup-backups-service), [Mastodon](./roles/docker-mastodon), [Docker Container Health Checker](./roles/health-docker-container), [Blu-ray Player Tools](./roles/pc-bluray-player-tools), [Office](./roles/pc-office), [Update Solutions](./roles/update), [Matomo](./roles/docker-matomo), [Docker Volumes Health Checker](./roles/health-docker-volumes), [Caffeine](./roles/pc-caffeine), [Qbittorrent](./roles/pc-qbittorrent), [Update Apt](./roles/update-apt), [Disc Space Cleanup](./roles/cleanup-disc-space), [Matrix](./roles/docker-matrix), [Health Journalctl](./roles/health-journalctl), [Designer Tools](./roles/pc-designer-tools), [Security Tools](./roles/pc-security-tools), [Update Docker](./roles/update-docker), [Failed Docker Backups Cleanup](./roles/cleanup-failed-docker-backups), [MediaWiki](./roles/docker-mediawiki), [Nginx Health Checker](./roles/health-nginx), [Developer Tools](./roles/pc-developer-tools), [Spotify](./roles/pc-spotify), [Update Pacman](./roles/update-pacman), [Client Wireguard](./roles/client-wireguard), [MyBB](./roles/docker-mybb), [Developer Tools for Arduino](./roles/pc-developer-tools-arduino), [SSH](./roles/pc-ssh), [Update Yay](./roles/update-yay), [Client Setup for Wireguard Behind Firewall](./roles/client-wireguard-behind-firewall), [Nextcloud Server](./roles/docker-nextcloud), [Hunspell](./roles/hunspell), [Developer Tools for Bash](./roles/pc-developer-tools-bash), [Streaming Tools](./roles/pc-streaming-tools), [Administrator](./roles/user-administrator), [Docker](./roles/docker), [Peertube](./roles/docker-peertube), [Java](./roles/java), [Developer Tools for Java](./roles/pc-developer-tools-java), [Tor Browser](./roles/pc-torbrowser), [Video Conference](./roles/pc-video-conference), [Wireguard](./roles/wireguard), [Akaunting](./roles/docker-akaunting), [Pixelfed](./roles/docker-pixelfed), [Journalctl](./roles/journalctl), [Developer Tools for PHP](./roles/pc-developer-tools-php), [Virtual Box](./roles/pc-virtual-box), [Postfix](./roles/postfix), [Attendize](./roles/docker-attendize), [Wordpress](./roles/docker-wordpress), [Locales](./roles/locales), [Docker for End Users](./roles/pc-docker), [Games](./roles/pc-games), [Python Pip](./roles/python-pip), [Discourse](./roles/docker-discourse), [Epson Multiprinter Driver](./roles/driver-epson-multiprinter), [Nginx Certbot](./roles/nginx-certbot), [Git](./roles/pc-git), [SSHD](./roles/sshd), [YOURLS](./roles/docker-yourls), [BigBlueButton](./roles/docker-bigbluebutton),[System Maintenance Lock](./roles/system-maintenance-lock),[Open Project](./roles/docker-openproject)...
[ELK Stack](./roles/docker-elk), [Intel Driver](./roles/driver-intel), [Nginx Docker Reverse Proxy](./roles/nginx-docker-reverse-proxy), [Sudo](./roles/sudo), [Funkwhale](./roles/docker-funkwhale), [MSI Keyboard Color Driver](./roles/driver-msi-keyboard-color), [Nginx Domain Redirect](./roles/nginx-redirect-domain), [GnuCash](./roles/pc-gnucash), [Backup Data to USB](./roles/backup-data-to-usb), [Gitea](./roles/docker-gitea), [Non-Free Driver](./roles/driver-non-free), [Nginx Homepage](./roles/nginx-serve-html), [Jrnl](./roles/pc-jrnl), [Systemd Notifier](./roles/systemd-notifier), [Backup Docker to Local](./roles/backup-docker-to-local), [Jenkins](./roles/docker-jenkins), [Git](./roles/git), [Nginx HTTPS](./roles/nginx-https), [Latex](./roles/pc-latex), [Email Notifier](./roles/systemd-notifier-email), [Remote to Local Backup Solution](./roles/backup-remote-to-local), [Joomla](./roles/docker-joomla), [Heal Defect Docker Installations](./roles/heal-docker), [Nginx Matomo Tracking](./roles/nginx-modifier-matomo), [LibreOffice](./roles/pc-libreoffice), [Telegram Notifier](./roles/systemd-notifier-telegram), [Listmonk](./roles/docker-listmonk), [Btrfs Health Check](./roles/health-btrfs), [Nginx WWW Redirect](./roles/nginx-redirect-www), [Network Analyze Tools](./roles/pc-network-analyze-tools), [System Security](./roles/system-security), [Mailu](./roles/docker-mailu), [Disc Space Health Check](./roles/health-disc-space), [Administrator Tools](./roles/pc-administrator-tools), [Nextcloud Client](./roles/pc-nextcloud), [Swapfile Setup](./roles/system-swapfile), [Backups Cleanup](./roles/cleanup-backups-service), [Mastodon](./roles/docker-mastodon), [Docker Container Health Checker](./roles/health-docker-container), [Blu-ray Player Tools](./roles/pc-bluray-player-tools), [Office](./roles/pc-office), [Update Solutions](./roles/update), [Matomo](./roles/docker-matomo), [Docker Volumes Health Checker](./roles/health-docker-volumes), [Caffeine](./roles/pc-caffeine), [Qbittorrent](./roles/pc-qbittorrent), [Update Apt](./roles/update-apt), [Disc Space Cleanup](./roles/cleanup-disc-space), [Matrix](./roles/docker-matrix), [Health Journalctl](./roles/health-journalctl), [Designer Tools](./roles/pc-designer-tools), [Security Tools](./roles/pc-security-tools), [Update Docker](./roles/update-docker), [Failed Docker Backups Cleanup](./roles/cleanup-failed-docker-backups), [MediaWiki](./roles/docker-mediawiki), [Nginx Health Checker](./roles/health-nginx), [Developer Tools](./roles/pc-developer-tools), [Spotify](./roles/pc-spotify), [Update Pacman](./roles/update-pacman), [Client Wireguard](./roles/client-wireguard), [MyBB](./roles/docker-mybb), [Developer Tools for Arduino](./roles/pc-developer-tools-arduino), [SSH](./roles/pc-ssh), [Update Yay](./roles/update-yay), [Client Setup for Wireguard Behind Firewall](./roles/client-wireguard-behind-firewall), [Nextcloud Server](./roles/docker-nextcloud), [Hunspell](./roles/hunspell), [Developer Tools for Bash](./roles/pc-developer-tools-bash), [Streaming Tools](./roles/pc-streaming-tools), [Administrator](./roles/user-administrator), [Docker](./roles/docker), [Peertube](./roles/docker-peertube), [Java](./roles/java), [Developer Tools for Java](./roles/pc-developer-tools-java), [Tor Browser](./roles/pc-torbrowser), [Video Conference](./roles/pc-video-conference), [Wireguard](./roles/wireguard), [Akaunting](./roles/docker-akaunting), [Pixelfed](./roles/docker-pixelfed), [Journalctl](./roles/journalctl), [Developer Tools for PHP](./roles/pc-developer-tools-php), [Virtual Box](./roles/pc-virtual-box), [Postfix](./roles/postfix), [Attendize](./roles/docker-attendize), [Wordpress](./roles/docker-wordpress), [Locales](./roles/locales), [Docker for End Users](./roles/pc-docker), [Games](./roles/pc-games), [Python Pip](./roles/python-pip), [Discourse](./roles/docker-discourse), [Epson Multiprinter Driver](./roles/driver-epson-multiprinter), [Nginx Certbot](./roles/nginx-certbot), [Git](./roles/pc-git), [SSHD](./roles/sshd), [YOURLS](./roles/docker-yourls), [BigBlueButton](./roles/docker-bigbluebutton),[System Maintenance Lock](./roles/system-maintenance-lock),[Open Project](./roles/docker-openproject)...
## License

2
SERVER_APPLICATIONS.md
View File

@@ -19,7 +19,7 @@ Focuses on web server roles and applications, covering SSL certificates, Nginx c
- **[Letsencrypt](./roles/letsencrypt/)**: Configures Let's Encrypt for SSL certificates.
- **[Nginx](./roles/nginx/)**: Installs and configures Nginx web server.
- **[Nginx-Docker-Reverse-Proxy](./roles/nginx-docker-reverse-proxy/)**: Sets up a reverse proxy for Docker containers.
- **[nginx-static-repository](./roles/nginx-static-repository/)**: Configures a homepage for Nginx.
- **[nginx-serve-html](./roles/nginx-serve-html/)**: Configures a homepage for Nginx.
- **[Nginx-Https](./roles/nginx-https/)**: Enables HTTPS configuration for Nginx.
- **[nginx-modifier-matomo](./roles/nginx-modifier-matomo/)**: Integrates Matomo tracking with Nginx.
- **[nginx-redirect-domain](./roles/nginx-redirect-domain/)**: Manages URL redirects in Nginx.

2
group_vars/all/03_domains.yml
View File

@@ -10,10 +10,12 @@ defaults_domains:
bluesky_web: "bskyweb.{{primary_domain}}"
discourse: "forum.{{primary_domain}}"
elk: "elk.{{primary_domain}}"
file_server: "files.{{primary_domain}}"
friendica: "friendica.{{primary_domain}}"
funkwhale: "music.{{primary_domain}}"
gitea: "git.{{primary_domain}}"
gitlab: "gitlab.{{primary_domain}}"
html_server: "html.{{primary_domain}}"
keycloak: "auth.{{primary_domain}}"
ldap: "ldap.{{primary_domain}}"
listmonk: "newsletter.{{primary_domain}}"

6
group_vars/all/05_nginx.yml
View File

@@ -10,12 +10,10 @@ nginx:
maps: "/etc/nginx/conf.d/http/maps/" # Contains mappings
streams: "/etc/nginx/conf.d/streams/" # Contains streams configuration e.g. for ldaps
well_known: "/usr/share/nginx/well-known/" # Path where well-known files are stored
homepage: "/usr/share/nginx/homepage/" # Path where the static homepage files are stored. @todo Move this variable to the role
html: "/var/www/public_html/" # Path where the static homepage files are stored
files: "/var/www/public_files/" # Path where the web accessable files are stored
global: "/var/www/global/" # Directory containing files which will be globaly accessable
user: "http" # Default nginx user in ArchLinux
## Nginx static repository
nginx_static_repository_address: NULL # This should contain the url to an git repository which has a static homepage included and an index.html file. @todo move this variable to the role
# @todo Move this to the dedicated role configuration
## Matomo Tracking
global_matomo_tracking_enabled: false # Activates matomo tracking on all html pages. Change this in inventory.

13
group_vars/all/14_about.yml
View File

@@ -4,9 +4,9 @@ person:
type: "legal" # Accepted Values: natural, legal
name: "CyMaIS Demo Instance"
description:
subtitel: "Infrastructure Demo solutions" # Should be the length of su
summary: "We offer infrastructure solutions for the world"
detailed: ""
subtitel: "Infrastructure Demo solutions"
summary: "We offer infrastructure solutions for the world"
detailed: ""
address:
street: "Binary Avenue 01"
city: "Cybertown"
@@ -20,5 +20,8 @@ person:
peertube: "@{{administrator_username}}@{{domains.peertube}}"
pixelfed: "@{{administrator_username}}@{{domains.pixelfed}}"
phone: "+0 000 000 404"
wordpress: "@{{administrator_username}}@{{domains.wordpress}}[0]"
code: "https://github.com/kevinveenbirkenbach/cymais"
wordpress: "@{{administrator_username}}@{{domains.wordpress[0]}}"
legal:
editorial_responsible: "Johannes Gutenberg"
source_code: "https://github.com/kevinveenbirkenbach/cymais"
imprint: "https://{{domains.html_server}}/imprint.html"

18
playbook.servers.yml
View File

@@ -13,28 +13,28 @@
- health-btrfs
- system-btrfs-auto-balancer
- name: "setup corporate identity"
hosts: corporate_identity
become: true
roles:
- role: corporate-identity
#########################################################################
### Docker Roles ###
#########################################################################
# Priority: 1
# Almost all other roles depend on the Matomo tracking
- name: "setup matomo"
hosts: matomo
become: true
roles:
- role: docker-matomo
# Priority: 2
# Much other roles rely on a working ldap setup
- name: setup ldap
hosts: ldap
become: true
roles:
- role: docker-ldap
# Priority: 3
# Much other roles use OICD via Keycloak
- name: setup keycloak
hosts: keycloak
become: true
@@ -231,11 +231,11 @@
- role: docker-snipe_it
# Native Webserver Roles
- name: setup nginx-static-repositorys
hosts: nginx-static-repositorys
- name: setup nginx-serve-htmls
hosts: nginx-serve-htmls
become: true
roles:
- role: nginx-static-repository
- role: nginx-serve-html
vars:
domain: "{{primary_domain}}"

2
roles/corporate-identity/README.md Normal file
View File

@@ -0,0 +1,2 @@
# Corporate Identity
Loads the roles to setup a corporate identity

3
roles/corporate-identity/meta/main.yml Normal file
View File

@@ -0,0 +1,3 @@
dependencies:
- nginx-serve-html-legal
- docker-portfolio

10
roles/docker-portfolio/README.md
View File

@@ -2,10 +2,18 @@
This Ansible role facilitates setting up a Flask-based [portfolio application](https://github.com/kevinveenbirkenbach/portfolio) in a Docker container. It allows you to showcase your projects, services, or online presence using a customizable YAML configuration file.
## Attention
The default template creates the links based on ``group_names``. If you run this script seperate, may not all necessary menu items are generated.
## Features ✨
- **Automated Setup**: Quickly deploy a portfolio using Docker.
- **Customizable Content**: Modify the portfolio using a YAML file.
- **Responsive Design**: Built with Bootstrap for optimal viewing on any device.
- **Dynamic Navigation**: Multi-level menus using nested YAML configurations.
- **Cache Management**: Efficient asset caching for improved performance.
- **Cache Management**: Efficient asset caching for improved performance.
## Author
This role was developed by [Kevin Veen-Birkenbach](https://www.veen.world).

25
roles/docker-portfolio/filter_plugins/list_in_filter.py Normal file
View File

@@ -0,0 +1,25 @@
class FilterModule(object):
'''Custom filters for Ansible'''
def filters(self):
return {
'any_in': self.any_in,
}
def any_in(self, list1, list2):
"""
Checks if at least one element from list1 is found in list2.
:param list1: List of elements to check.
:param list2: Target list in which to search for elements.
:return: True if at least one element is found, otherwise False.
"""
# If either parameter is not a list, return False.
if not isinstance(list1, list) or not isinstance(list2, list):
return False
# Iterate over list1 and check if an element exists in list2.
for element in list1:
if element in list2:
return True
return False

94
roles/docker-portfolio/templates/config.yaml.j2
View File

@@ -52,26 +52,26 @@ accounts:
- name: Blog
description: Read {{ 'our' if person.type == 'legal' else 'my' }} articles and stories.
icon:
class: fa-solid fa-blog
class: fa-solid fa-blog
identifier: "{{person.contact.wordpress}}"
url: "https://{{ person.contact.wordpress.split('@')[2] }}/@{{ person.contact.wordpress.split('@')[1] }}"
{% endif %}
{% if person.contact.code is defined %}
- name: Code
{% if person.legal.source_code is defined %}
- name: Our Code
description: Explore {{ 'our' if person.type == 'legal' else 'my' }} code.
icon:
class: fa-solid fa-code
url: "{{person.code}}"
url: "{{person.legal.source_code}}"
{% endif %}
{% if person.contact.friendica is defined %}
- name: Social Networks
- name: Social Network
description: Visit {{ 'our' if person.type == 'legal' else 'my' }} friendica profile
icon:
class: fas fa-network-wired
identifier: "{{person.contact.friendica}}"
url: "https://{{ person.contact.friendica.split('@')[2] }}/@{{ person.contact.friendica.split('@')[1] }}"
{% endif %}
- link: navigation.header.contact.messenger
- link: navigation.header.contact
cards:
- icon:
@@ -114,13 +114,12 @@ company:
favicon:
source: https://cloud.veen.world/s/veen_world_favicon/download
address:
{{ person.address | to_nice_yaml(indent=4) | indent(2) }}
{{ person.address | to_nice_yaml(indent=4) | indent(4, true) }}
imprint_url: https://s.veen.world/imprint
navigation:
header:
children:
- link: accounts.publishingchannels.children
- link: accounts.socialnetworks
- name: Contact
description: Get in touch with {{ 'us' if person.type == 'legal' else 'me' }}
icon:
@@ -133,8 +132,6 @@ navigation:
class: fa-solid fa-envelope
url: mailto:{{person.contact.email}}
identifier: {{person.contact.email}}
alternatives:
- link: navigation.header.contact.messenger.matrix
{% endif %}
{% if person.contact.phone is defined %}
- name: Mobile
@@ -155,149 +152,162 @@ navigation:
footer:
children:
- link: accounts
{% if ["discourse","moodle","listmonk","openproject","taiga","snipe_it","matrix","bigbluebutton","mailu", "matomo","phpadmin","keycloak", "ldap", "baserow","yourls","nextcloud"] | any_in(group_names) %}
- name: Solution Hub
description: Curated collection of self hosted tools
icon:
class: fa-solid fa-network-wired
url:
children:
{% if ["discourse","moodle","listmonk"] | any_in(group_names) %}
- name: Community
description: Tools to manage the community
icon:
class: fa-solid fa-users
children:
{% if "discourse" in group_names %}
{% if "discourse" in group_names %}
- name: Forum
description: Join the discussion
icon:
class: fa-brands fa-discourse
url: https://{{domains.discourse}}/
{% endif %}
{% if "moodle" in group_names %}
{% endif %}
{% if "moodle" in group_names %}
- name: Learning Platform
description: Learn with {{ 'our' if person.type == 'legal' else 'my' }} academy
icon:
class: fa-solid fa-graduation-cap
url: https://{{domains.moodle}}/
{% endif %}
{% if "listmonk" in group_names %}
{% endif %}
{% if "listmonk" in group_names %}
- name: Newsletter
description: Subscribe to {{ 'our' if person.type == 'legal' else 'my' }} newsletter
icon:
class: fa-solid fa-envelope-open-text
url: https://{{domains.listmonk}}/subscription/form
{% endif %}
{% endif %}
{% endif %}
{% if ["openproject","taiga","snipe_it"] | any_in(group_names) %}
- name: Project Management
description: Project Management Tools
icon:
class: fa-solid fa-chart-line
children:
{% if "openproject" in group_names %}
{% if "openproject" in group_names %}
- name: Open Project
description: Explore {{ 'our' if person.type == 'legal' else 'my' }} projects
icon:
class: fa-solid fa-tasks
url: https://{{domains.openproject}}/
{% endif %}
{% if "taiga" in group_names %}
{% endif %}
{% if "taiga" in group_names %}
- name: Taiga
description: View {{ 'our' if person.type == 'legal' else 'my' }} Kanban board
icon:
class: bi bi-clipboard2-check-fill
url: https://{{domains.taiga}}/
{% endif %}
{% if "snipe_it" in group_names %}
{% endif %}
{% if "snipe_it" in group_names %}
- name: Snipe IT
description: Manage {{ 'our' if person.type == 'legal' else 'my' }} inventory
icon:
class: fas fa-box-open
url: https://{{domains.snipe_it}}/
{% endif %}
{% endif %}
{% endif %}
{% if ["matrix","bigbluebutton","mailu"] | any_in(group_names) %}
- name: Communication
icon:
class: fa-solid fa-comments
children:
{% if "matrix" in group_names %}
{% if "matrix" in group_names %}
- name: Elements
description: Chat with the world
icon:
class: fa-solid fa-comment
url: https://{{domains.matrix_element}}/
{% endif %}
{% if "bigbluebutton" in group_names %}
{% endif %}
{% if "bigbluebutton" in group_names %}
- name: Big Blue Button
description: Join live events
icon:
class: fa-solid fa-video
url: https://{{domains.bigbluebutton}}/
{% endif %}
{% if "mailu" in group_names %}
{% endif %}
{% if "mailu" in group_names %}
- name: Mailu
description: Send{{ 'our' if person.type == 'legal' else 'my' }}a mail
icon:
class: fa-solid fa-envelope
url: https://{{domains.mailu}}/
{% endif %}
{% endif %}
{% endif %}
{% if ["matomo","phpadmin","keycloak", "ldap"] | any_in(group_names) %}
- name: Administration
icon:
class: fas fa-building
children:
{% if "matomo" in group_names %}
{% if "matomo" in group_names %}
- name: Matomo
description: Analyze with Matomo
icon:
class: fa-solid fa-chart-simple
url: https://{{domains.matomo}}/
{% endif %}
{% if "phpmyadmin" in group_names %}
{% endif %}
{% if "phpmyadmin" in group_names %}
- name: phpMyAdmin
description: Administrate MySQL and MariaDB databases
icon:
class: fas fa-database
url: https://{{domains.phpmyadmin}}/
{% endif %}
{% if "keycloak" in group_names %}
{% endif %}
{% if "keycloak" in group_names %}
- name: Keycloak
description: Manage User via Keycloak
icon:
class: fas fa-user-shield
url: https://{{domains.keycloak}}/admin
{% endif %}
{% if "ldap" in group_names %}
{% endif %}
{% if "ldap" in group_names %}
- name: LDAP
description: Manage LDAP
icon:
class: fas fa-key
url: https://{{domains.ldap}}/
{% endif %}
{% endif %}
{% endif %}
{% if ["baserow","yourls","nextcloud"] | any_in(group_names) %}
- name: Tools
icon:
class: fas fa-tools
children:
{% if "baserow" in group_names %}
{% if "baserow" in group_names %}
- name: Baserow
description: Organize with Baserow
icon:
class: fa-solid fa-table
url: https://{{domains.baserow}}/
{% endif %}
{% if "yourls" in group_names %}
{% endif %}
{% if "yourls" in group_names %}
- name: Yourls
description: Create Shortlinks
icon:
class: bi bi-link
url: https://{{domains.yourls}}/admin/
{% endif %}
{% if "nextcloud" in group_names %}
{% endif %}
{% if "nextcloud" in group_names %}
- name: Nextcloud
description: Access your cloud storage
icon:
class: fa-solid fa-cloud
url: https://{{domains.nextcloud}}/
{% endif %}
{% endif %}
{% endif %}
- name: Imprint
description: Check out the imprint information
icon:
class: fa-solid fa-scale-balanced
url: https://s.veen.world/imprint
url: "{{person.legal.imprint}}"

6
roles/nginx-serve-files/README.md Normal file
View File

@@ -0,0 +1,6 @@
# Nginx Homepage Role
This Ansible role configures an Nginx server to serve files. It handles domain configuration, SSL certificate retrieval with Let's Encrypt.
## Author Information
This role was created in 2023 by [Kevin Veen Birkenbach](https://www.veen.world/).

0
roles/nginx-static-repository/meta/main.yml → roles/nginx-serve-files/meta/main.yml
View File

5
roles/nginx-serve-files/tasks/main.yml Normal file
View File

@@ -0,0 +1,5 @@
---
- name: generate {{domains[application_id]}}.conf
template:
src: "nginx.conf.j2"
dest: "{{nginx.directories.http.servers}}{{domains[application_id]}}.conf"

24
roles/nginx-serve-files/templates/nginx.conf.j2 Normal file
View File

@@ -0,0 +1,24 @@
server
{
server_name {{domains[application_id]}};
{% include 'roles/letsencrypt/templates/ssl_header.j2' %}
{% include 'roles/nginx-modifier-all/templates/global.includes.conf.j2'%}
charset utf-8;
location /
{
alias {{nginx.directories.homepage.files}}; {# Path to your file directory #}
autoindex on; {# Enable directory listing #}
autoindex_exact_size off; {# Display sizes in a human-readable format #}
autoindex_localtime on; {# Show local time #}
}
location /.well-known/ {
alias {{nginx.directories.well_known}};
allow all;
default_type "text/plain";
autoindex on;
}
}

1
roles/nginx-serve-files/vars/main.yml Normal file
View File

@@ -0,0 +1 @@
application_id: "file_server"

2
roles/nginx-static-repository/README.md → roles/nginx-serve-html-legal/README.md
View File

@@ -1,6 +1,6 @@
# Nginx Homepage Role
This Ansible role configures an Nginx server to serve a static homepage. It handles domain configuration, SSL certificate retrieval with Let's Encrypt, and cloning the homepage content from a Git repository.
This Ansible role configures an Nginx server to serve a static homepage. It handles domain configuration, SSL certificate retrieval with Let's Encrypt.
## Author Information
This role was created in 2023 by [Kevin Veen Birkenbach](https://www.veen.world/).

2
roles/nginx-serve-html-legal/meta/main.yml Normal file
View File

@@ -0,0 +1,2 @@
dependencies:
- nginx-serve-html

5
roles/nginx-serve-html-legal/tasks/main.yml Normal file
View File

@@ -0,0 +1,5 @@
---
- name: copy imprint.html
template:
src: "imprint.html.j2"
dest: "{{nginx.directories.html}}imprint.html"

46
roles/nginx-serve-html-legal/templates/imprint.html.j2 Normal file
View File

@@ -0,0 +1,46 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>Imprint</title>
</head>
<body>
<h1>Imprint</h1>
<h2>Information in accordance with § 5 TMG</h2>
<p>
<strong>{{ person.name }}</strong><br>
{{ person.description.subtitel }}<br>
<br>
<strong>Address:</strong><br>
{{ person.address.street }}<br>
{{ person.address.postal_code }} {{ person.address.city }}<br>
{{ person.address.country }}
</p>
<h2>Contact</h2>
<p>
Telephone: {{ person.contact.phone }}<br>
Email: <a href="mailto:{{ person.contact.email }}">{{ person.contact.email }}</a>
</p>
<h2>Editorial Responsibility</h2>
<p>
{{ person.legal.editorial_responsible }}
</p>
<h2>Source Code</h2>
<p>
Code repository available at: <a href="{{ person.legal.source_code }}">{{ person.legal.source_code }}</a>
</p>
<h2>Consumer Dispute Resolution / Universal Arbitration Board</h2>
<p>
Federal Universal Arbitration Board<br>
Center for Arbitration e.V.<br>
Straßburger Straße 8<br>
77694 Kehl am Rhein
</p>
</body>
</html>

6
roles/nginx-serve-html/README.md Normal file
View File

@@ -0,0 +1,6 @@
# Nginx Homepage Role
This Ansible role configures an Nginx server to serve a static homepage. It handles domain configuration, SSL certificate retrieval with Let's Encrypt.
## Author Information
This role was created in 2023 by [Kevin Veen Birkenbach](https://www.veen.world/).

3
roles/nginx-serve-html/meta/main.yml Normal file
View File

@@ -0,0 +1,3 @@
dependencies:
- nginx-https
- git

6
roles/nginx-serve-html/tasks/main.yml Normal file
View File

@@ -0,0 +1,6 @@
---
- name: generate {{domains[application_id]}}.conf
template:
src: "nginx.conf.j2"
dest: "{{nginx.directories.http.servers}}{{domains[application_id]}}.conf"
notify: restart nginx

5
roles/nginx-static-repository/templates/static.nginx.conf.j2 → roles/nginx-serve-html/templates/nginx.conf.j2
View File

@@ -1,7 +1,6 @@
#default
server
{
server_name {{domain}};
server_name {{domains[application_id]}};
{% include 'roles/letsencrypt/templates/ssl_header.j2' %}
@@ -10,7 +9,7 @@ server
location /
{
root {{nginx.directories.homepage}};
root {{nginx.directories.homepage.html}};
index index.html index.htm;
}

1
roles/nginx-serve-html/vars/main.yml Normal file
View File

@@ -0,0 +1 @@
application_id: "html_server"

16
roles/nginx-static-repository/tasks/main.yml
View File

@@ -1,16 +0,0 @@
---
- name: "pull homepage from {{nginx_static_repository_address}}"
git:
repo: "{{nginx_static_repository_address}}"
dest: "{{nginx.directories.homepage}}"
update: yes
ignore_errors: true
- name: configure {{primary_domain}}.conf
template:
src: "static.nginx.conf.j2"
dest: "{{nginx.directories.http.servers}}{{primary_domain}}.conf"
vars:
domain: "{{primary_domain}}"
notify: restart nginx
when: run_once_nginx is not defined