From fd5c10b103597408c35984619e6f8690d05cfc28 Mon Sep 17 00:00:00 2001 From: Kevin Veen-Birkenbach Date: Wed, 19 Feb 2025 20:46:14 +0100 Subject: [PATCH] In between commit development coporate design for flock.town --- README.md | 2 +- SERVER_APPLICATIONS.md | 2 +- group_vars/all/03_domains.yml | 2 + group_vars/all/05_nginx.yml | 6 +- group_vars/all/14_about.yml | 13 ++- playbook.servers.yml | 18 ++-- roles/corporate-identity/README.md | 2 + roles/corporate-identity/meta/main.yml | 3 + roles/docker-portfolio/README.md | 10 +- .../filter_plugins/list_in_filter.py | 25 +++++ .../docker-portfolio/templates/config.yaml.j2 | 94 ++++++++++--------- roles/nginx-serve-files/README.md | 6 ++ .../meta/main.yml | 0 roles/nginx-serve-files/tasks/main.yml | 5 + .../nginx-serve-files/templates/nginx.conf.j2 | 24 +++++ roles/nginx-serve-files/vars/main.yml | 1 + .../README.md | 2 +- roles/nginx-serve-html-legal/meta/main.yml | 2 + roles/nginx-serve-html-legal/tasks/main.yml | 5 + .../templates/imprint.html.j2 | 46 +++++++++ roles/nginx-serve-html/README.md | 6 ++ roles/nginx-serve-html/meta/main.yml | 3 + roles/nginx-serve-html/tasks/main.yml | 6 ++ .../templates/nginx.conf.j2} | 5 +- roles/nginx-serve-html/vars/main.yml | 1 + roles/nginx-static-repository/tasks/main.yml | 16 ---- 26 files changed, 222 insertions(+), 83 deletions(-) create mode 100644 roles/corporate-identity/README.md create mode 100644 roles/corporate-identity/meta/main.yml create mode 100644 roles/docker-portfolio/filter_plugins/list_in_filter.py create mode 100644 roles/nginx-serve-files/README.md rename roles/{nginx-static-repository => nginx-serve-files}/meta/main.yml (100%) create mode 100644 roles/nginx-serve-files/tasks/main.yml create mode 100644 roles/nginx-serve-files/templates/nginx.conf.j2 create mode 100644 roles/nginx-serve-files/vars/main.yml rename roles/{nginx-static-repository => nginx-serve-html-legal}/README.md (76%) create mode 100644 roles/nginx-serve-html-legal/meta/main.yml create mode 100644 roles/nginx-serve-html-legal/tasks/main.yml create mode 100644 roles/nginx-serve-html-legal/templates/imprint.html.j2 create mode 100644 roles/nginx-serve-html/README.md create mode 100644 roles/nginx-serve-html/meta/main.yml create mode 100644 roles/nginx-serve-html/tasks/main.yml rename roles/{nginx-static-repository/templates/static.nginx.conf.j2 => nginx-serve-html/templates/nginx.conf.j2} (80%) create mode 100644 roles/nginx-serve-html/vars/main.yml delete mode 100644 roles/nginx-static-repository/tasks/main.yml diff --git a/README.md b/README.md index 9c0359f6..82f23b0d 100644 --- a/README.md +++ b/README.md @@ -73,7 +73,7 @@ Contact me for more details: ## Showcases The following list showcases the extensive range of solutions that CyMaIS incorporates, each playing a vital role in providing a comprehensive, efficient, and secure IT infrastructure setup: -[ELK Stack](./roles/docker-elk), [Intel Driver](./roles/driver-intel), [Nginx Docker Reverse Proxy](./roles/nginx-docker-reverse-proxy), [Sudo](./roles/sudo), [Funkwhale](./roles/docker-funkwhale), [MSI Keyboard Color Driver](./roles/driver-msi-keyboard-color), [Nginx Domain Redirect](./roles/nginx-redirect-domain), [GnuCash](./roles/pc-gnucash), [Backup Data to USB](./roles/backup-data-to-usb), [Gitea](./roles/docker-gitea), [Non-Free Driver](./roles/driver-non-free), [Nginx Homepage](./roles/nginx-static-repository), [Jrnl](./roles/pc-jrnl), [Systemd Notifier](./roles/systemd-notifier), [Backup Docker to Local](./roles/backup-docker-to-local), [Jenkins](./roles/docker-jenkins), [Git](./roles/git), [Nginx HTTPS](./roles/nginx-https), [Latex](./roles/pc-latex), [Email Notifier](./roles/systemd-notifier-email), [Remote to Local Backup Solution](./roles/backup-remote-to-local), [Joomla](./roles/docker-joomla), [Heal Defect Docker Installations](./roles/heal-docker), [Nginx Matomo Tracking](./roles/nginx-modifier-matomo), [LibreOffice](./roles/pc-libreoffice), [Telegram Notifier](./roles/systemd-notifier-telegram), [Listmonk](./roles/docker-listmonk), [Btrfs Health Check](./roles/health-btrfs), [Nginx WWW Redirect](./roles/nginx-redirect-www), [Network Analyze Tools](./roles/pc-network-analyze-tools), [System Security](./roles/system-security), [Mailu](./roles/docker-mailu), [Disc Space Health Check](./roles/health-disc-space), [Administrator Tools](./roles/pc-administrator-tools), [Nextcloud Client](./roles/pc-nextcloud), [Swapfile Setup](./roles/system-swapfile), [Backups Cleanup](./roles/cleanup-backups-service), [Mastodon](./roles/docker-mastodon), [Docker Container Health Checker](./roles/health-docker-container), [Blu-ray Player Tools](./roles/pc-bluray-player-tools), [Office](./roles/pc-office), [Update Solutions](./roles/update), [Matomo](./roles/docker-matomo), [Docker Volumes Health Checker](./roles/health-docker-volumes), [Caffeine](./roles/pc-caffeine), [Qbittorrent](./roles/pc-qbittorrent), [Update Apt](./roles/update-apt), [Disc Space Cleanup](./roles/cleanup-disc-space), [Matrix](./roles/docker-matrix), [Health Journalctl](./roles/health-journalctl), [Designer Tools](./roles/pc-designer-tools), [Security Tools](./roles/pc-security-tools), [Update Docker](./roles/update-docker), [Failed Docker Backups Cleanup](./roles/cleanup-failed-docker-backups), [MediaWiki](./roles/docker-mediawiki), [Nginx Health Checker](./roles/health-nginx), [Developer Tools](./roles/pc-developer-tools), [Spotify](./roles/pc-spotify), [Update Pacman](./roles/update-pacman), [Client Wireguard](./roles/client-wireguard), [MyBB](./roles/docker-mybb), [Developer Tools for Arduino](./roles/pc-developer-tools-arduino), [SSH](./roles/pc-ssh), [Update Yay](./roles/update-yay), [Client Setup for Wireguard Behind Firewall](./roles/client-wireguard-behind-firewall), [Nextcloud Server](./roles/docker-nextcloud), [Hunspell](./roles/hunspell), [Developer Tools for Bash](./roles/pc-developer-tools-bash), [Streaming Tools](./roles/pc-streaming-tools), [Administrator](./roles/user-administrator), [Docker](./roles/docker), [Peertube](./roles/docker-peertube), [Java](./roles/java), [Developer Tools for Java](./roles/pc-developer-tools-java), [Tor Browser](./roles/pc-torbrowser), [Video Conference](./roles/pc-video-conference), [Wireguard](./roles/wireguard), [Akaunting](./roles/docker-akaunting), [Pixelfed](./roles/docker-pixelfed), [Journalctl](./roles/journalctl), [Developer Tools for PHP](./roles/pc-developer-tools-php), [Virtual Box](./roles/pc-virtual-box), [Postfix](./roles/postfix), [Attendize](./roles/docker-attendize), [Wordpress](./roles/docker-wordpress), [Locales](./roles/locales), [Docker for End Users](./roles/pc-docker), [Games](./roles/pc-games), [Python Pip](./roles/python-pip), [Discourse](./roles/docker-discourse), [Epson Multiprinter Driver](./roles/driver-epson-multiprinter), [Nginx Certbot](./roles/nginx-certbot), [Git](./roles/pc-git), [SSHD](./roles/sshd), [YOURLS](./roles/docker-yourls), [BigBlueButton](./roles/docker-bigbluebutton),[System Maintenance Lock](./roles/system-maintenance-lock),[Open Project](./roles/docker-openproject)... +[ELK Stack](./roles/docker-elk), [Intel Driver](./roles/driver-intel), [Nginx Docker Reverse Proxy](./roles/nginx-docker-reverse-proxy), [Sudo](./roles/sudo), [Funkwhale](./roles/docker-funkwhale), [MSI Keyboard Color Driver](./roles/driver-msi-keyboard-color), [Nginx Domain Redirect](./roles/nginx-redirect-domain), [GnuCash](./roles/pc-gnucash), [Backup Data to USB](./roles/backup-data-to-usb), [Gitea](./roles/docker-gitea), [Non-Free Driver](./roles/driver-non-free), [Nginx Homepage](./roles/nginx-serve-html), [Jrnl](./roles/pc-jrnl), [Systemd Notifier](./roles/systemd-notifier), [Backup Docker to Local](./roles/backup-docker-to-local), [Jenkins](./roles/docker-jenkins), [Git](./roles/git), [Nginx HTTPS](./roles/nginx-https), [Latex](./roles/pc-latex), [Email Notifier](./roles/systemd-notifier-email), [Remote to Local Backup Solution](./roles/backup-remote-to-local), [Joomla](./roles/docker-joomla), [Heal Defect Docker Installations](./roles/heal-docker), [Nginx Matomo Tracking](./roles/nginx-modifier-matomo), [LibreOffice](./roles/pc-libreoffice), [Telegram Notifier](./roles/systemd-notifier-telegram), [Listmonk](./roles/docker-listmonk), [Btrfs Health Check](./roles/health-btrfs), [Nginx WWW Redirect](./roles/nginx-redirect-www), [Network Analyze Tools](./roles/pc-network-analyze-tools), [System Security](./roles/system-security), [Mailu](./roles/docker-mailu), [Disc Space Health Check](./roles/health-disc-space), [Administrator Tools](./roles/pc-administrator-tools), [Nextcloud Client](./roles/pc-nextcloud), [Swapfile Setup](./roles/system-swapfile), [Backups Cleanup](./roles/cleanup-backups-service), [Mastodon](./roles/docker-mastodon), [Docker Container Health Checker](./roles/health-docker-container), [Blu-ray Player Tools](./roles/pc-bluray-player-tools), [Office](./roles/pc-office), [Update Solutions](./roles/update), [Matomo](./roles/docker-matomo), [Docker Volumes Health Checker](./roles/health-docker-volumes), [Caffeine](./roles/pc-caffeine), [Qbittorrent](./roles/pc-qbittorrent), [Update Apt](./roles/update-apt), [Disc Space Cleanup](./roles/cleanup-disc-space), [Matrix](./roles/docker-matrix), [Health Journalctl](./roles/health-journalctl), [Designer Tools](./roles/pc-designer-tools), [Security Tools](./roles/pc-security-tools), [Update Docker](./roles/update-docker), [Failed Docker Backups Cleanup](./roles/cleanup-failed-docker-backups), [MediaWiki](./roles/docker-mediawiki), [Nginx Health Checker](./roles/health-nginx), [Developer Tools](./roles/pc-developer-tools), [Spotify](./roles/pc-spotify), [Update Pacman](./roles/update-pacman), [Client Wireguard](./roles/client-wireguard), [MyBB](./roles/docker-mybb), [Developer Tools for Arduino](./roles/pc-developer-tools-arduino), [SSH](./roles/pc-ssh), [Update Yay](./roles/update-yay), [Client Setup for Wireguard Behind Firewall](./roles/client-wireguard-behind-firewall), [Nextcloud Server](./roles/docker-nextcloud), [Hunspell](./roles/hunspell), [Developer Tools for Bash](./roles/pc-developer-tools-bash), [Streaming Tools](./roles/pc-streaming-tools), [Administrator](./roles/user-administrator), [Docker](./roles/docker), [Peertube](./roles/docker-peertube), [Java](./roles/java), [Developer Tools for Java](./roles/pc-developer-tools-java), [Tor Browser](./roles/pc-torbrowser), [Video Conference](./roles/pc-video-conference), [Wireguard](./roles/wireguard), [Akaunting](./roles/docker-akaunting), [Pixelfed](./roles/docker-pixelfed), [Journalctl](./roles/journalctl), [Developer Tools for PHP](./roles/pc-developer-tools-php), [Virtual Box](./roles/pc-virtual-box), [Postfix](./roles/postfix), [Attendize](./roles/docker-attendize), [Wordpress](./roles/docker-wordpress), [Locales](./roles/locales), [Docker for End Users](./roles/pc-docker), [Games](./roles/pc-games), [Python Pip](./roles/python-pip), [Discourse](./roles/docker-discourse), [Epson Multiprinter Driver](./roles/driver-epson-multiprinter), [Nginx Certbot](./roles/nginx-certbot), [Git](./roles/pc-git), [SSHD](./roles/sshd), [YOURLS](./roles/docker-yourls), [BigBlueButton](./roles/docker-bigbluebutton),[System Maintenance Lock](./roles/system-maintenance-lock),[Open Project](./roles/docker-openproject)... ## License diff --git a/SERVER_APPLICATIONS.md b/SERVER_APPLICATIONS.md index 954b1e11..84647fe4 100644 --- a/SERVER_APPLICATIONS.md +++ b/SERVER_APPLICATIONS.md @@ -19,7 +19,7 @@ Focuses on web server roles and applications, covering SSL certificates, Nginx c - **[Letsencrypt](./roles/letsencrypt/)**: Configures Let's Encrypt for SSL certificates. - **[Nginx](./roles/nginx/)**: Installs and configures Nginx web server. - **[Nginx-Docker-Reverse-Proxy](./roles/nginx-docker-reverse-proxy/)**: Sets up a reverse proxy for Docker containers. -- **[nginx-static-repository](./roles/nginx-static-repository/)**: Configures a homepage for Nginx. +- **[nginx-serve-html](./roles/nginx-serve-html/)**: Configures a homepage for Nginx. - **[Nginx-Https](./roles/nginx-https/)**: Enables HTTPS configuration for Nginx. - **[nginx-modifier-matomo](./roles/nginx-modifier-matomo/)**: Integrates Matomo tracking with Nginx. - **[nginx-redirect-domain](./roles/nginx-redirect-domain/)**: Manages URL redirects in Nginx. diff --git a/group_vars/all/03_domains.yml b/group_vars/all/03_domains.yml index fe4bd0b1..4e46a5b9 100644 --- a/group_vars/all/03_domains.yml +++ b/group_vars/all/03_domains.yml @@ -10,10 +10,12 @@ defaults_domains: bluesky_web: "bskyweb.{{primary_domain}}" discourse: "forum.{{primary_domain}}" elk: "elk.{{primary_domain}}" + file_server: "files.{{primary_domain}}" friendica: "friendica.{{primary_domain}}" funkwhale: "music.{{primary_domain}}" gitea: "git.{{primary_domain}}" gitlab: "gitlab.{{primary_domain}}" + html_server: "html.{{primary_domain}}" keycloak: "auth.{{primary_domain}}" ldap: "ldap.{{primary_domain}}" listmonk: "newsletter.{{primary_domain}}" diff --git a/group_vars/all/05_nginx.yml b/group_vars/all/05_nginx.yml index 533f6f78..eca4d000 100644 --- a/group_vars/all/05_nginx.yml +++ b/group_vars/all/05_nginx.yml @@ -10,12 +10,10 @@ nginx: maps: "/etc/nginx/conf.d/http/maps/" # Contains mappings streams: "/etc/nginx/conf.d/streams/" # Contains streams configuration e.g. for ldaps well_known: "/usr/share/nginx/well-known/" # Path where well-known files are stored - homepage: "/usr/share/nginx/homepage/" # Path where the static homepage files are stored. @todo Move this variable to the role + html: "/var/www/public_html/" # Path where the static homepage files are stored + files: "/var/www/public_files/" # Path where the web accessable files are stored global: "/var/www/global/" # Directory containing files which will be globaly accessable user: "http" # Default nginx user in ArchLinux -## Nginx static repository -nginx_static_repository_address: NULL # This should contain the url to an git repository which has a static homepage included and an index.html file. @todo move this variable to the role - # @todo Move this to the dedicated role configuration ## Matomo Tracking global_matomo_tracking_enabled: false # Activates matomo tracking on all html pages. Change this in inventory. \ No newline at end of file diff --git a/group_vars/all/14_about.yml b/group_vars/all/14_about.yml index a6378f86..c52e1f22 100644 --- a/group_vars/all/14_about.yml +++ b/group_vars/all/14_about.yml @@ -4,9 +4,9 @@ person: type: "legal" # Accepted Values: natural, legal name: "CyMaIS Demo Instance" description: - subtitel: "Infrastructure Demo solutions" # Should be the length of su - summary: "We offer infrastructure solutions for the world" - detailed: "" + subtitel: "Infrastructure Demo solutions" + summary: "We offer infrastructure solutions for the world" + detailed: "" address: street: "Binary Avenue 01" city: "Cybertown" @@ -20,5 +20,8 @@ person: peertube: "@{{administrator_username}}@{{domains.peertube}}" pixelfed: "@{{administrator_username}}@{{domains.pixelfed}}" phone: "+0 000 000 404" - wordpress: "@{{administrator_username}}@{{domains.wordpress}}[0]" - code: "https://github.com/kevinveenbirkenbach/cymais" \ No newline at end of file + wordpress: "@{{administrator_username}}@{{domains.wordpress[0]}}" + legal: + editorial_responsible: "Johannes Gutenberg" + source_code: "https://github.com/kevinveenbirkenbach/cymais" + imprint: "https://{{domains.html_server}}/imprint.html" \ No newline at end of file diff --git a/playbook.servers.yml b/playbook.servers.yml index 0b045d93..45a961e0 100644 --- a/playbook.servers.yml +++ b/playbook.servers.yml @@ -13,28 +13,28 @@ - health-btrfs - system-btrfs-auto-balancer +- name: "setup corporate identity" + hosts: corporate_identity + become: true + roles: + - role: corporate-identity + ######################################################################### ### Docker Roles ### ######################################################################### -# Priority: 1 -# Almost all other roles depend on the Matomo tracking - name: "setup matomo" hosts: matomo become: true roles: - role: docker-matomo -# Priority: 2 -# Much other roles rely on a working ldap setup - name: setup ldap hosts: ldap become: true roles: - role: docker-ldap -# Priority: 3 -# Much other roles use OICD via Keycloak - name: setup keycloak hosts: keycloak become: true @@ -231,11 +231,11 @@ - role: docker-snipe_it # Native Webserver Roles -- name: setup nginx-static-repositorys - hosts: nginx-static-repositorys +- name: setup nginx-serve-htmls + hosts: nginx-serve-htmls become: true roles: - - role: nginx-static-repository + - role: nginx-serve-html vars: domain: "{{primary_domain}}" diff --git a/roles/corporate-identity/README.md b/roles/corporate-identity/README.md new file mode 100644 index 00000000..07945a35 --- /dev/null +++ b/roles/corporate-identity/README.md @@ -0,0 +1,2 @@ +# Corporate Identity +Loads the roles to setup a corporate identity \ No newline at end of file diff --git a/roles/corporate-identity/meta/main.yml b/roles/corporate-identity/meta/main.yml new file mode 100644 index 00000000..db69584e --- /dev/null +++ b/roles/corporate-identity/meta/main.yml @@ -0,0 +1,3 @@ +dependencies: +- nginx-serve-html-legal +- docker-portfolio diff --git a/roles/docker-portfolio/README.md b/roles/docker-portfolio/README.md index 8b1fdc18..c6958936 100644 --- a/roles/docker-portfolio/README.md +++ b/roles/docker-portfolio/README.md @@ -2,10 +2,18 @@ This Ansible role facilitates setting up a Flask-based [portfolio application](https://github.com/kevinveenbirkenbach/portfolio) in a Docker container. It allows you to showcase your projects, services, or online presence using a customizable YAML configuration file. +## Attention + +The default template creates the links based on ``group_names``. If you run this script seperate, may not all necessary menu items are generated. + ## Features ✨ - **Automated Setup**: Quickly deploy a portfolio using Docker. - **Customizable Content**: Modify the portfolio using a YAML file. - **Responsive Design**: Built with Bootstrap for optimal viewing on any device. - **Dynamic Navigation**: Multi-level menus using nested YAML configurations. -- **Cache Management**: Efficient asset caching for improved performance. \ No newline at end of file +- **Cache Management**: Efficient asset caching for improved performance. + +## Author + +This role was developed by [Kevin Veen-Birkenbach](https://www.veen.world). \ No newline at end of file diff --git a/roles/docker-portfolio/filter_plugins/list_in_filter.py b/roles/docker-portfolio/filter_plugins/list_in_filter.py new file mode 100644 index 00000000..0ab5189a --- /dev/null +++ b/roles/docker-portfolio/filter_plugins/list_in_filter.py @@ -0,0 +1,25 @@ +class FilterModule(object): + '''Custom filters for Ansible''' + def filters(self): + return { + 'any_in': self.any_in, + } + + def any_in(self, list1, list2): + """ + Checks if at least one element from list1 is found in list2. + + :param list1: List of elements to check. + :param list2: Target list in which to search for elements. + :return: True if at least one element is found, otherwise False. + """ + # If either parameter is not a list, return False. + if not isinstance(list1, list) or not isinstance(list2, list): + return False + + # Iterate over list1 and check if an element exists in list2. + for element in list1: + if element in list2: + return True + + return False diff --git a/roles/docker-portfolio/templates/config.yaml.j2 b/roles/docker-portfolio/templates/config.yaml.j2 index 1b1ce804..0529951e 100644 --- a/roles/docker-portfolio/templates/config.yaml.j2 +++ b/roles/docker-portfolio/templates/config.yaml.j2 @@ -52,26 +52,26 @@ accounts: - name: Blog description: Read {{ 'our' if person.type == 'legal' else 'my' }} articles and stories. icon: - class: fa-solid fa-blog + class: fa-solid fa-blog identifier: "{{person.contact.wordpress}}" url: "https://{{ person.contact.wordpress.split('@')[2] }}/@{{ person.contact.wordpress.split('@')[1] }}" {% endif %} -{% if person.contact.code is defined %} - - name: Code +{% if person.legal.source_code is defined %} + - name: Our Code description: Explore {{ 'our' if person.type == 'legal' else 'my' }} code. icon: class: fa-solid fa-code - url: "{{person.code}}" + url: "{{person.legal.source_code}}" {% endif %} {% if person.contact.friendica is defined %} - - name: Social Networks + - name: Social Network description: Visit {{ 'our' if person.type == 'legal' else 'my' }} friendica profile icon: class: fas fa-network-wired identifier: "{{person.contact.friendica}}" url: "https://{{ person.contact.friendica.split('@')[2] }}/@{{ person.contact.friendica.split('@')[1] }}" {% endif %} - - link: navigation.header.contact.messenger + - link: navigation.header.contact cards: - icon: @@ -114,13 +114,12 @@ company: favicon: source: https://cloud.veen.world/s/veen_world_favicon/download address: -{{ person.address | to_nice_yaml(indent=4) | indent(2) }} +{{ person.address | to_nice_yaml(indent=4) | indent(4, true) }} imprint_url: https://s.veen.world/imprint navigation: header: children: - link: accounts.publishingchannels.children - - link: accounts.socialnetworks - name: Contact description: Get in touch with {{ 'us' if person.type == 'legal' else 'me' }} icon: @@ -133,8 +132,6 @@ navigation: class: fa-solid fa-envelope url: mailto:{{person.contact.email}} identifier: {{person.contact.email}} - alternatives: - - link: navigation.header.contact.messenger.matrix {% endif %} {% if person.contact.phone is defined %} - name: Mobile @@ -155,149 +152,162 @@ navigation: footer: children: - link: accounts +{% if ["discourse","moodle","listmonk","openproject","taiga","snipe_it","matrix","bigbluebutton","mailu", "matomo","phpadmin","keycloak", "ldap", "baserow","yourls","nextcloud"] | any_in(group_names) %} - name: Solution Hub description: Curated collection of self hosted tools icon: class: fa-solid fa-network-wired url: children: + {% if ["discourse","moodle","listmonk"] | any_in(group_names) %} - name: Community description: Tools to manage the community icon: class: fa-solid fa-users children: -{% if "discourse" in group_names %} + {% if "discourse" in group_names %} - name: Forum description: Join the discussion icon: class: fa-brands fa-discourse url: https://{{domains.discourse}}/ -{% endif %} -{% if "moodle" in group_names %} + {% endif %} + {% if "moodle" in group_names %} - name: Learning Platform description: Learn with {{ 'our' if person.type == 'legal' else 'my' }} academy icon: class: fa-solid fa-graduation-cap url: https://{{domains.moodle}}/ -{% endif %} -{% if "listmonk" in group_names %} + {% endif %} + {% if "listmonk" in group_names %} - name: Newsletter description: Subscribe to {{ 'our' if person.type == 'legal' else 'my' }} newsletter icon: class: fa-solid fa-envelope-open-text url: https://{{domains.listmonk}}/subscription/form -{% endif %} + {% endif %} + {% endif %} + {% if ["openproject","taiga","snipe_it"] | any_in(group_names) %} - name: Project Management description: Project Management Tools icon: class: fa-solid fa-chart-line children: -{% if "openproject" in group_names %} + {% if "openproject" in group_names %} - name: Open Project description: Explore {{ 'our' if person.type == 'legal' else 'my' }} projects icon: class: fa-solid fa-tasks url: https://{{domains.openproject}}/ -{% endif %} -{% if "taiga" in group_names %} + {% endif %} + {% if "taiga" in group_names %} - name: Taiga description: View {{ 'our' if person.type == 'legal' else 'my' }} Kanban board icon: class: bi bi-clipboard2-check-fill url: https://{{domains.taiga}}/ -{% endif %} -{% if "snipe_it" in group_names %} + {% endif %} + {% if "snipe_it" in group_names %} - name: Snipe IT description: Manage {{ 'our' if person.type == 'legal' else 'my' }} inventory icon: class: fas fa-box-open url: https://{{domains.snipe_it}}/ -{% endif %} + {% endif %} + {% endif %} + {% if ["matrix","bigbluebutton","mailu"] | any_in(group_names) %} - name: Communication icon: class: fa-solid fa-comments children: -{% if "matrix" in group_names %} + {% if "matrix" in group_names %} - name: Elements description: Chat with the world icon: class: fa-solid fa-comment url: https://{{domains.matrix_element}}/ -{% endif %} -{% if "bigbluebutton" in group_names %} + {% endif %} + {% if "bigbluebutton" in group_names %} - name: Big Blue Button description: Join live events icon: class: fa-solid fa-video url: https://{{domains.bigbluebutton}}/ -{% endif %} -{% if "mailu" in group_names %} + {% endif %} + {% if "mailu" in group_names %} - name: Mailu description: Send{{ 'our' if person.type == 'legal' else 'my' }}a mail icon: class: fa-solid fa-envelope url: https://{{domains.mailu}}/ -{% endif %} + {% endif %} + {% endif %} + {% if ["matomo","phpadmin","keycloak", "ldap"] | any_in(group_names) %} - name: Administration icon: class: fas fa-building children: -{% if "matomo" in group_names %} + {% if "matomo" in group_names %} - name: Matomo description: Analyze with Matomo icon: class: fa-solid fa-chart-simple url: https://{{domains.matomo}}/ -{% endif %} -{% if "phpmyadmin" in group_names %} + {% endif %} + {% if "phpmyadmin" in group_names %} - name: phpMyAdmin description: Administrate MySQL and MariaDB databases icon: class: fas fa-database url: https://{{domains.phpmyadmin}}/ -{% endif %} -{% if "keycloak" in group_names %} + {% endif %} + {% if "keycloak" in group_names %} - name: Keycloak description: Manage User via Keycloak icon: class: fas fa-user-shield url: https://{{domains.keycloak}}/admin -{% endif %} -{% if "ldap" in group_names %} + {% endif %} + {% if "ldap" in group_names %} - name: LDAP description: Manage LDAP icon: class: fas fa-key url: https://{{domains.ldap}}/ -{% endif %} + {% endif %} + {% endif %} + {% if ["baserow","yourls","nextcloud"] | any_in(group_names) %} - name: Tools icon: class: fas fa-tools children: -{% if "baserow" in group_names %} + {% if "baserow" in group_names %} - name: Baserow description: Organize with Baserow icon: class: fa-solid fa-table url: https://{{domains.baserow}}/ -{% endif %} -{% if "yourls" in group_names %} + {% endif %} + {% if "yourls" in group_names %} - name: Yourls description: Create Shortlinks icon: class: bi bi-link url: https://{{domains.yourls}}/admin/ -{% endif %} -{% if "nextcloud" in group_names %} + {% endif %} + {% if "nextcloud" in group_names %} - name: Nextcloud description: Access your cloud storage icon: class: fa-solid fa-cloud url: https://{{domains.nextcloud}}/ + {% endif %} + {% endif %} {% endif %} + - name: Imprint description: Check out the imprint information icon: class: fa-solid fa-scale-balanced - url: https://s.veen.world/imprint + url: "{{person.legal.imprint}}" \ No newline at end of file diff --git a/roles/nginx-serve-files/README.md b/roles/nginx-serve-files/README.md new file mode 100644 index 00000000..6e3e634d --- /dev/null +++ b/roles/nginx-serve-files/README.md @@ -0,0 +1,6 @@ +# Nginx Homepage Role + +This Ansible role configures an Nginx server to serve files. It handles domain configuration, SSL certificate retrieval with Let's Encrypt. + +## Author Information +This role was created in 2023 by [Kevin Veen Birkenbach](https://www.veen.world/). \ No newline at end of file diff --git a/roles/nginx-static-repository/meta/main.yml b/roles/nginx-serve-files/meta/main.yml similarity index 100% rename from roles/nginx-static-repository/meta/main.yml rename to roles/nginx-serve-files/meta/main.yml diff --git a/roles/nginx-serve-files/tasks/main.yml b/roles/nginx-serve-files/tasks/main.yml new file mode 100644 index 00000000..fc9d09f9 --- /dev/null +++ b/roles/nginx-serve-files/tasks/main.yml @@ -0,0 +1,5 @@ +--- +- name: generate {{domains[application_id]}}.conf + template: + src: "nginx.conf.j2" + dest: "{{nginx.directories.http.servers}}{{domains[application_id]}}.conf" \ No newline at end of file diff --git a/roles/nginx-serve-files/templates/nginx.conf.j2 b/roles/nginx-serve-files/templates/nginx.conf.j2 new file mode 100644 index 00000000..f8bb5cc4 --- /dev/null +++ b/roles/nginx-serve-files/templates/nginx.conf.j2 @@ -0,0 +1,24 @@ +server +{ + server_name {{domains[application_id]}}; + + {% include 'roles/letsencrypt/templates/ssl_header.j2' %} + + {% include 'roles/nginx-modifier-all/templates/global.includes.conf.j2'%} + charset utf-8; + + location / + { + alias {{nginx.directories.homepage.files}}; {# Path to your file directory #} + autoindex on; {# Enable directory listing #} + autoindex_exact_size off; {# Display sizes in a human-readable format #} + autoindex_localtime on; {# Show local time #} + } + + location /.well-known/ { + alias {{nginx.directories.well_known}}; + allow all; + default_type "text/plain"; + autoindex on; + } +} diff --git a/roles/nginx-serve-files/vars/main.yml b/roles/nginx-serve-files/vars/main.yml new file mode 100644 index 00000000..2c70db30 --- /dev/null +++ b/roles/nginx-serve-files/vars/main.yml @@ -0,0 +1 @@ +application_id: "file_server" \ No newline at end of file diff --git a/roles/nginx-static-repository/README.md b/roles/nginx-serve-html-legal/README.md similarity index 76% rename from roles/nginx-static-repository/README.md rename to roles/nginx-serve-html-legal/README.md index 5ddf598a..1a752fa0 100644 --- a/roles/nginx-static-repository/README.md +++ b/roles/nginx-serve-html-legal/README.md @@ -1,6 +1,6 @@ # Nginx Homepage Role -This Ansible role configures an Nginx server to serve a static homepage. It handles domain configuration, SSL certificate retrieval with Let's Encrypt, and cloning the homepage content from a Git repository. +This Ansible role configures an Nginx server to serve a static homepage. It handles domain configuration, SSL certificate retrieval with Let's Encrypt. ## Author Information This role was created in 2023 by [Kevin Veen Birkenbach](https://www.veen.world/). \ No newline at end of file diff --git a/roles/nginx-serve-html-legal/meta/main.yml b/roles/nginx-serve-html-legal/meta/main.yml new file mode 100644 index 00000000..032e17bc --- /dev/null +++ b/roles/nginx-serve-html-legal/meta/main.yml @@ -0,0 +1,2 @@ +dependencies: +- nginx-serve-html diff --git a/roles/nginx-serve-html-legal/tasks/main.yml b/roles/nginx-serve-html-legal/tasks/main.yml new file mode 100644 index 00000000..cbba4e6b --- /dev/null +++ b/roles/nginx-serve-html-legal/tasks/main.yml @@ -0,0 +1,5 @@ +--- +- name: copy imprint.html + template: + src: "imprint.html.j2" + dest: "{{nginx.directories.html}}imprint.html" \ No newline at end of file diff --git a/roles/nginx-serve-html-legal/templates/imprint.html.j2 b/roles/nginx-serve-html-legal/templates/imprint.html.j2 new file mode 100644 index 00000000..01630ca2 --- /dev/null +++ b/roles/nginx-serve-html-legal/templates/imprint.html.j2 @@ -0,0 +1,46 @@ + + + + + + Imprint + + +

Imprint

+ +

Information in accordance with § 5 TMG

+

+ {{ person.name }}
+ {{ person.description.subtitel }}
+
+ Address:
+ {{ person.address.street }}
+ {{ person.address.postal_code }} {{ person.address.city }}
+ {{ person.address.country }} +

+ +

Contact

+

+ Telephone: {{ person.contact.phone }}
+ Email: {{ person.contact.email }} +

+ +

Editorial Responsibility

+

+ {{ person.legal.editorial_responsible }} +

+ +

Source Code

+

+ Code repository available at: {{ person.legal.source_code }} +

+ +

Consumer Dispute Resolution / Universal Arbitration Board

+

+ Federal Universal Arbitration Board
+ Center for Arbitration e.V.
+ Straßburger Straße 8
+ 77694 Kehl am Rhein +

+ + \ No newline at end of file diff --git a/roles/nginx-serve-html/README.md b/roles/nginx-serve-html/README.md new file mode 100644 index 00000000..1a752fa0 --- /dev/null +++ b/roles/nginx-serve-html/README.md @@ -0,0 +1,6 @@ +# Nginx Homepage Role + +This Ansible role configures an Nginx server to serve a static homepage. It handles domain configuration, SSL certificate retrieval with Let's Encrypt. + +## Author Information +This role was created in 2023 by [Kevin Veen Birkenbach](https://www.veen.world/). \ No newline at end of file diff --git a/roles/nginx-serve-html/meta/main.yml b/roles/nginx-serve-html/meta/main.yml new file mode 100644 index 00000000..a78596a0 --- /dev/null +++ b/roles/nginx-serve-html/meta/main.yml @@ -0,0 +1,3 @@ +dependencies: +- nginx-https +- git diff --git a/roles/nginx-serve-html/tasks/main.yml b/roles/nginx-serve-html/tasks/main.yml new file mode 100644 index 00000000..ecffd9af --- /dev/null +++ b/roles/nginx-serve-html/tasks/main.yml @@ -0,0 +1,6 @@ +--- +- name: generate {{domains[application_id]}}.conf + template: + src: "nginx.conf.j2" + dest: "{{nginx.directories.http.servers}}{{domains[application_id]}}.conf" + notify: restart nginx \ No newline at end of file diff --git a/roles/nginx-static-repository/templates/static.nginx.conf.j2 b/roles/nginx-serve-html/templates/nginx.conf.j2 similarity index 80% rename from roles/nginx-static-repository/templates/static.nginx.conf.j2 rename to roles/nginx-serve-html/templates/nginx.conf.j2 index 3b40348c..4f0fb588 100644 --- a/roles/nginx-static-repository/templates/static.nginx.conf.j2 +++ b/roles/nginx-serve-html/templates/nginx.conf.j2 @@ -1,7 +1,6 @@ -#default server { - server_name {{domain}}; + server_name {{domains[application_id]}}; {% include 'roles/letsencrypt/templates/ssl_header.j2' %} @@ -10,7 +9,7 @@ server location / { - root {{nginx.directories.homepage}}; + root {{nginx.directories.homepage.html}}; index index.html index.htm; } diff --git a/roles/nginx-serve-html/vars/main.yml b/roles/nginx-serve-html/vars/main.yml new file mode 100644 index 00000000..c9101363 --- /dev/null +++ b/roles/nginx-serve-html/vars/main.yml @@ -0,0 +1 @@ +application_id: "html_server" \ No newline at end of file diff --git a/roles/nginx-static-repository/tasks/main.yml b/roles/nginx-static-repository/tasks/main.yml deleted file mode 100644 index babeaab1..00000000 --- a/roles/nginx-static-repository/tasks/main.yml +++ /dev/null @@ -1,16 +0,0 @@ ---- -- name: "pull homepage from {{nginx_static_repository_address}}" - git: - repo: "{{nginx_static_repository_address}}" - dest: "{{nginx.directories.homepage}}" - update: yes - ignore_errors: true - -- name: configure {{primary_domain}}.conf - template: - src: "static.nginx.conf.j2" - dest: "{{nginx.directories.http.servers}}{{primary_domain}}.conf" - vars: - domain: "{{primary_domain}}" - notify: restart nginx - when: run_once_nginx is not defined \ No newline at end of file