kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-11-08 06:08:05 +00:00
Code Issues Packages Projects Releases Wiki Activity
2,900 Commits 5 Branches 0 Tags
0c16f9c43c00b083dc9d68766f923cb3c9c87518
Commit Graph

14 Commits

Author SHA1 Message Date
Kevin Veen-Birkenbach
7330aeb8ec feat(web-app-peertube): add dynamic performance tuning for heap and transcoding concurrency 
- Dynamically calculate PEERTUBE_MAX_OLD_SPACE_SIZE (~35% of container RAM, clamped between 768–3072 MB)
- Dynamically calculate PEERTUBE_TRANSCODING_CONCURRENCY (~½ vCPUs, min 1, max 8)
- Added default resource limits for Redis and Peertube containers
- Updated test suite to include human_to_bytes filter in built-in filter list

https://chatgpt.com/share/690914d2-6100-800f-a850-94e6d226e7c9
 2025-11-03 21:47:38 +01:00
Kevin Veen-Birkenbach
57d5269b07 CSP (Safari-safe): merge -elem/-attr into base; respect explicit disables; no mirror-back; header only for documents/workers 
- Add CSP3 support for style/script: include -elem and -attr directives
- Base (style-src, script-src) now unions elem/attr (CSP2/Safari fallback)
- Respect explicit base disables (e.g. style-src.unsafe-inline: false)
- Hashes only when 'unsafe-inline' absent in the final base tokens
- Nginx: set CSP only for HTML/worker via header_filter_by_lua_block; drop for subresources
- Remove per-location header_filter; keep body_filter only
- Update app role flags to *-attr where appropriate; extend desktop CSS sources
- Add comprehensive unit tests for union/explicit-disable/no-mirror-back

Ref: https://chatgpt.com/share/68f87a0a-cebc-800f-bb3e-8c8ab4dee8ee
 2025-10-22 13:53:06 +02:00
Kevin Veen-Birkenbach
5e616d3962 web: general domain cleanup (canonical/aliases normalization) 
- Normalize domain blocks across apps:
  - Add explicit 'aliases: []' everywhere (no implicit aliases)
  - Standardize canonical subdomains for consistency:
    * Bluesky: web/api under *.bluesky.<PRIMARY_DOMAIN>
    * EspoCRM: espo.crm.<PRIMARY_DOMAIN>
    * Gitea:   tea.git.<PRIMARY_DOMAIN>
    * GitLab:  lab.git.<PRIMARY_DOMAIN>
    * Joomla:  joomla.cms.<PRIMARY_DOMAIN>
    * Magento: magento.shop.<PRIMARY_DOMAIN>
    * OpenProject: open.project.<PRIMARY_DOMAIN>
    * Pretix:  ticket.shop.<PRIMARY_DOMAIN>
    * Taiga:   kanban.project.<PRIMARY_DOMAIN>
  - Remove legacy/duplicate aliases and use empty list instead
  - Fix 'alias' -> 'aliases' where applicable

Context: preparing for AUTO_BUILD_ALIASES=False and deterministic redirect mapping.

Ref: conversation https://chatgpt.com/share/68cd512c-c878-800f-bdf2-81737adf7e0e
 2025-09-19 14:51:56 +02:00
Kevin Veen-Birkenbach
110381e80c Refactored peertube role and implemented config volume 2025-09-01 18:19:50 +02:00
Kevin Veen-Birkenbach
a57fe718de Optimized spacinbg 2025-08-20 05:49:35 +02:00
Kevin Veen-Birkenbach
4a65a254ae replaced port-ui-desktop with desktop to make it more speakable 2025-08-14 11:45:08 +02:00
Kevin Veen-Birkenbach
db0e030900 Renamed general and mode constants and implemented a check to verify that constants are just defined ones over the whole repository 2025-08-13 19:11:14 +02:00
Kevin Veen-Birkenbach
9228d51e86 Restructured server config 2025-08-07 11:31:06 +02:00
Kevin Veen-Birkenbach
f62355e490 Replaced nginx native with openresty for logout injection. Right now still buggy on nextcloud and espocrm 2025-07-24 03:19:16 +02:00
Kevin Veen-Birkenbach
4b9e7dd3b7 Implemented universal logout 2025-07-22 13:14:06 +02:00
Kevin Veen-Birkenbach
f9426cfb74 Optimized role structure in preparation for new backup script 2025-07-16 12:31:01 +02:00
Kevin Veen-Birkenbach
af3ea9039c Restructure and cleaned up in preparation of new backup logic 2025-07-15 23:51:51 +02:00
Kevin Veen-Birkenbach
78031855b9 Replaced portfolio_iframe by port-ui-desktop 2025-07-13 14:22:36 +02:00
Kevin Veen-Birkenbach
22b4342300 Implemented schema/main.yml und config/main.yml file 2025-07-09 02:03:32 +02:00