009bee531b
Refactor role naming for TLS and proxy stack
...
- Renamed role `srv-tls-core` → `sys-svc-certs`
- Renamed role `srv-https-stack` → `sys-stk-front-pure`
- Renamed role `sys-stk-front` → `sys-stk-front-proxy`
- Updated all includes, READMEs, meta, and dependent roles accordingly
This improves clarity and consistency of naming conventions for certificate management and proxy orchestration.
See: https://chatgpt.com/share/68b19f2c-22b0-800f-ba9b-3f2c8fd427b0
2025-08-29 14:38:20 +02:00
6ea8301364
Refactor: migrate cmp/* and srv/* roles into sys-stk/* and sys-svc/* namespaces
...
- Removed obsolete 'cmp' category, introduced 'stk' category (fa-bars-staggered icon).
- Renamed roles:
* cmp-db-docker → sys-stk-back-stateful
* cmp-docker-oauth2 → sys-stk-back-stateless
* srv-domain-provision → sys-stk-front
* cmp-db-docker-proxy → sys-stk-full-stateful
* cmp-docker-proxy → sys-stk-full-stateless
* cmp-rdbms → sys-svc-rdbms
- Updated all include_role references, vars, templates and README.md files.
- Adjusted run_once comments and variable paths accordingly.
- Updated all web-app roles to use new sys-stk/* and sys-svc/* roles.
Conversation: https://chatgpt.com/share/68b0ba66-09f8-800f-86fc-76c47009d431
2025-08-28 22:23:09 +02:00
a4f39ac732
Renamed webserver roles to more speakable names
2025-08-20 08:54:17 +02:00
3a839cfe37
Refactor systemctl services and categories due to alarm bugs
...
This commit restructures systemctl service definitions and category mappings.
Motivation: Alarm-related bugs revealed inconsistencies in service and role handling.
Preparation step: lays the groundwork for fixing the alarm issues by aligning categories, roles, and service templates.
2025-08-18 13:35:43 +02:00
5c9ca20e04
Optimized keycloak variables
2025-08-17 11:40:15 +02:00
3ac9bd9f90
Optimized variable typos
2025-08-15 18:43:42 +02:00
85a2f4b3d2
Solved matrix federation port bug
2025-08-15 18:37:18 +02:00
012426cf3b
Added more matrix constants for easier debugging and readability
2025-08-15 18:15:58 +02:00
022800425d
THE HUGE REFACTORING CALENDER WEEK 33; Optimized Matrix and during this updated variables, and implemented better reset and cleanup mode handling, also solved some initial setup bugs
2025-08-15 15:15:48 +02:00
db0e030900
Renamed general and mode constants and implemented a check to verify that constants are just defined ones over the whole repository
2025-08-13 19:11:14 +02:00
004507e233
Optimized handler flushing
2025-08-13 18:17:05 +02:00
4fa1c6cfbd
ansible: quote file modes; keycloak: robust LDAP bind update + config cleanup
...
Highlights
- Quote all file modes as strings ("0755"/"0770") across multiple roles to avoid YAML octal quirks and improve portability.
- Keycloak: introduce actions.{import_realm,update_ldap_bind} feature flags and wire them via vars/config.
- Implement idempotent LDAP bind updater (tasks/03_update-ldap-bind.yml):
* kcadm login with no_log protection,
* fetch LDAP UserStorage component by name,
* compare current bindDn/bindCredential and update only when changed.
- Keycloak realm import template: keep providerId="ldap" and set name from keycloak_ldap_component_name.
- Centralize Keycloak readiness check in tasks/main.yml; remove duplicate waits from 02_update_client_redirects.yml and 04_ssh_public_key.yml.
- 01_import.yml: fix typo (keycloak), quote modes, tidy spacing, and replace Jinja-in-Jinja fileglob with concatenation.
- 02_update_client_redirects.yml: correct assert fail_msg filename; keep login-first flow.
- Minor template/vars tidy-ups (spacing, comments, consistent variable usage).
Files touched (excerpt)
- roles/*/*: replace 0755/0770 → "0755"/"0770"
- roles/web-app-keycloak/config/main.yml: add actions map
- roles/web-app-keycloak/vars/main.yml: unify Keycloak vars and feature flags
- roles/web-app-keycloak/tasks/{01_import,02_update_client_redirects,03_update-ldap-bind,04_ssh_public_key,main}.yml
- roles/web-app-keycloak/templates/{docker-compose.yml.j2,import/realm.json.j2}
https://chatgpt.com/share/689bda16-b138-800f-8258-e13f6d7d8239
2025-08-13 02:20:38 +02:00
6e04ac58d2
Moved blocks to include_tasks to raise performance. Deploy was really slow
2025-08-11 12:28:31 +02:00
149c563831
Optimized logic for database backups and integrated test to verify that database feature is used correct
2025-08-10 15:06:37 +02:00
f62355e490
Replaced nginx native with openresty for logout injection. Right now still buggy on nextcloud and espocrm
2025-07-24 03:19:16 +02:00
6e2e3e45a7
Solved matrix bug
2025-07-21 01:36:10 +02:00
af3ea9039c
Restructure and cleaned up in preparation of new backup logic
2025-07-15 23:51:51 +02:00
f02ca50f88
Renamed backup roles
2025-07-14 19:04:30 +02:00
ad60f5fb37
Rmeoved is_feature_enabled function
2025-07-13 17:54:09 +02:00
756597668c
Semi bsr for applications[] to prevent heavy to debug bugs in j2 - part 1
2025-07-13 15:11:38 +02:00
ead60dab84
Fail safed more parts of the code
2025-07-12 21:35:33 +02:00
3b03c5171d
Renamed the mariadb, openldap and postgres database
2025-07-12 16:06:13 +02:00
e14e6b96e9
Renamed Database roles
2025-07-12 10:11:52 +02:00
168c5c0da6
Another big round of refactoring and cleaning...
2025-07-11 17:55:26 +02:00
96268e7161
Renamed server roles by osi they work on
2025-07-10 12:33:46 +02:00
c9c73cbdb2
Decoupeld database, docker and proxy
2025-07-09 14:21:30 +02:00
575df76ec3
Shortened service- to svc-
2025-07-09 05:00:41 +02:00
66198ca1ec
Shortened webserver to srv-web-
2025-07-09 04:27:58 +02:00
9668e74139
Shorted backup- to bkp-
2025-07-09 03:36:44 +02:00
563d5fd528
Huge role refactoring/cleanup. Other commits will propably follow. Because some bugs will exist. Still important for longrun and also for auto docs/help/slideshow generation
2025-07-08 23:43:13 +02:00
