5cdcc18a99
Fix PeerTube OIDC plugin automation
...
- Store oidc_settings as proper YAML dict with correct keys
- Ensure plugin is installed only if missing
- Update DB settings as jsonb and enforce enabled/uninstalled state
- Add CLI enforcement for plugin activation
- Correct task conditions (enable/disable logic) with boolean filters
Ref: https://chatgpt.com/share/68dd1d16-9b34-800f-b2bf-a3fe058f25b1
2025-10-01 14:23:07 +02:00
09a4c243d7
Add centralized include for Access-Control-Allow headers across proxy/service Nginx templates and align ACA vars for simpleicons task.
...
Ref: https://chatgpt.com/share/68dbf59c-f424-800f-aa27-787db52e260f
2025-09-30 17:22:28 +02:00
fa6bb67a66
Removed whitespaces in templates:
2025-09-22 16:28:57 +02:00
e6803e5614
refactor(ansible): normalize include_role syntax and unify host config paths via path_join
...
- Remove stray spaces after include_role: across many roles to ensure clean YAML and
consistent linting/formatting.
- Listmonk:
- Introduce LISTMONK_CONFIG_HOST = [ docker_compose.directories.config, 'config.toml' ] | path_join
- Use that var in the template task (dest) and the docker-compose volume mount
- Matrix:
- Build MATRIX_SYNAPSE_CONFIG_PATH_HOST, MATRIX_SYNAPSE_LOG_PATH_HOST, and
MATRIX_ELEMENT_CONFIG_PATH_HOST via path_join
- Mobilizon:
- Build mobilizon_host_conf_exs_file via path_join
- Keep get_app_conf strictness unchanged (defaults to True in our filter), so behavior
remains strict even though the explicit third arg was dropped
- Simpleicons:
- Build server.js and package.json host paths via path_join
- Numerous web-app roles (Confluence, Discourse, EspoCRM, Friendica, Funkwhale, Gitea,
GitLab, Jenkins, Joomla, Listmonk, Mailu, Mastodon, Matomo, Matrix, MediaWiki,
Mobilizon, Moodle, Nextcloud, OpenProject, Peertube, Pixelfed, Pretix, Roulette Wheel,
Snipe-IT, Syncope, Taiga, WordPress, XWiki, Yourls) and web-svc roles (coturn,
libretranslate, simpleicons) updated for consistent include_role formatting
Why:
- path_join avoids double slashes and missing separators across different config roots
- Consistent include_role: formatting improves readability and prevents linter noise
Ref:
- Conversation: https://chatgpt.com/share/68d14711-727c-800f-b454-7dc4c3c1f4cb
2025-09-22 14:55:25 +02:00
5e616d3962
web: general domain cleanup (canonical/aliases normalization)
...
- Normalize domain blocks across apps:
- Add explicit 'aliases: []' everywhere (no implicit aliases)
- Standardize canonical subdomains for consistency:
* Bluesky: web/api under *.bluesky.<PRIMARY_DOMAIN>
* EspoCRM: espo.crm.<PRIMARY_DOMAIN>
* Gitea: tea.git.<PRIMARY_DOMAIN>
* GitLab: lab.git.<PRIMARY_DOMAIN>
* Joomla: joomla.cms.<PRIMARY_DOMAIN>
* Magento: magento.shop.<PRIMARY_DOMAIN>
* OpenProject: open.project.<PRIMARY_DOMAIN>
* Pretix: ticket.shop.<PRIMARY_DOMAIN>
* Taiga: kanban.project.<PRIMARY_DOMAIN>
- Remove legacy/duplicate aliases and use empty list instead
- Fix 'alias' -> 'aliases' where applicable
Context: preparing for AUTO_BUILD_ALIASES=False and deterministic redirect mapping.
Ref: conversation https://chatgpt.com/share/68cd512c-c878-800f-bdf2-81737adf7e0e
2025-09-19 14:51:56 +02:00
7ca8b7c71d
feat(nextcloud): integrate Talk & Whiteboard; refactor to NEXTCLOUD_* vars; full-stack setup
...
config(ports): add Nextcloud websocket port (4003); canonical domains (nextcloud/talk/whiteboard)
refactor: unify get_app_conf usage & Jinja spacing; migrate paths/handlers to new NEXTCLOUD_* vars
feat(plugins): split plugin routines; configure Whiteboard via occ (URL + JWT)
fix(oidc): use NEXTCLOUD_URL for logout; correct LDAP attribute mappings; add OIDC flavor switch
feat: Whiteboard container & reverse-proxy location; Talk STUN/WS ports; Redis URL for Whiteboard
chore: drop obsolete TODO; minor cleanups in oauth2-proxy, matrix, peertube, pgadmin, phpldapadmin, pixelfed, phpmyadmin
security(schema): Bluesky jwt_secret now base64_prefixed_32; add Nextcloud whiteboard_jwt_secret
db: normalize postgres image tag templating; central DB host checks spacing fixes
ops: add full-stack bootstrap (certs, proxy, volumes); internal nginx config reload handler update
refs: https://chatgpt.com/share/68b5f5b7-8d64-800f-b001-1241f818dc0e
2025-09-01 21:37:02 +02:00
110381e80c
Refactored peertube role and implemented config volume
2025-09-01 18:19:50 +02:00
b02d88adc0
Refactored server roles for better readability
2025-09-01 18:08:35 +02:00
231fd567b3
feat(frontend): rename inj roles to sys-front-*, add sys-svc-cdn, cache-busting lookup
...
Introduce sys-svc-cdn (cdn_paths/cdn_urls/cdn_dirs) and ensure CDN directories + latest symlink.
Rename sys-srv-web-inj-* → sys-front-inj-*; update includes/templates; serve shared/per-app CSS & JS via CDN.
Add lookup_plugins/local_mtime_qs.py for mtime-based cache busting; split CSS into default.css/bootstrap.css + optional per-app style.css.
CSP: use style-src-elem; drop unsafe-inline for styles. Services: fix SYS_SERVICE_ALL_ENABLED bool and controlled flush.
BREAKING CHANGE: role names changed; replace includes and references accordingly.
Conversation: https://chatgpt.com/share/68b55494-9ec4-800f-b559-44707029141d
2025-09-01 10:10:23 +02:00
2fccebbd1f
Enforce uppercase README.md and TODO.md filenames
...
- Renamed all Readme.md → README.md
- Renamed all Todo.md → TODO.md
- Added integration test (tests/integration/test_filename_conventions.py) to automatically check naming convention.
Background:
Consistency in file naming (uppercase README.md and TODO.md) avoids issues with case-sensitive filesystems and ensures desktop cards (e.g. Pretix) are properly included.
Ref: https://chatgpt.com/share/68b1d135-c688-800f-9441-46a3cbfee175
2025-08-29 18:11:53 +02:00
6ea8301364
Refactor: migrate cmp/* and srv/* roles into sys-stk/* and sys-svc/* namespaces
...
- Removed obsolete 'cmp' category, introduced 'stk' category (fa-bars-staggered icon).
- Renamed roles:
* cmp-db-docker → sys-stk-back-stateful
* cmp-docker-oauth2 → sys-stk-back-stateless
* srv-domain-provision → sys-stk-front
* cmp-db-docker-proxy → sys-stk-full-stateful
* cmp-docker-proxy → sys-stk-full-stateless
* cmp-rdbms → sys-svc-rdbms
- Updated all include_role references, vars, templates and README.md files.
- Adjusted run_once comments and variable paths accordingly.
- Updated all web-app roles to use new sys-stk/* and sys-svc/* roles.
Conversation: https://chatgpt.com/share/68b0ba66-09f8-800f-86fc-76c47009d431
2025-08-28 22:23:09 +02:00
a4f39ac732
Renamed webserver roles to more speakable names
2025-08-20 08:54:17 +02:00
a57fe718de
Optimized spacinbg
2025-08-20 05:49:35 +02:00
79517b2fe9
Optimized spacing
2025-08-20 01:01:32 +02:00
d3cc187c3b
Made System Email Variables UPPER
2025-08-19 09:34:18 +02:00
0de26fa6c7
Solved bug existed due to difference between mailu domain and hostname difference. also refactored during this to find the bug
2025-08-16 14:29:07 +02:00
cc2c1dc730
Renamed injection services
2025-08-16 00:01:46 +02:00
3ac9bd9f90
Optimized variable typos
2025-08-15 18:43:42 +02:00
022800425d
THE HUGE REFACTORING CALENDER WEEK 33; Optimized Matrix and during this updated variables, and implemented better reset and cleanup mode handling, also solved some initial setup bugs
2025-08-15 15:15:48 +02:00
0228014d34
Replaced .infinito.service and .infinito.timer by SOFTWARE_NAME suffix, optimized LICENSE link and update OIDC Realm and ID conf
2025-08-14 14:39:18 +02:00
4a65a254ae
replaced port-ui-desktop with desktop to make it more speakable
2025-08-14 11:45:08 +02:00
db0e030900
Renamed general and mode constants and implemented a check to verify that constants are just defined ones over the whole repository
2025-08-13 19:11:14 +02:00
004507e233
Optimized handler flushing
2025-08-13 18:17:05 +02:00
f31565e4c5
Optimized URLS
2025-08-13 00:33:47 +02:00
457f3659fa
Solved mobilizon flush docker handler bug
2025-08-12 12:03:53 +02:00
9228d51e86
Restructured server config
2025-08-07 11:31:06 +02:00
44e0fea0b2
Renamed cymais to infinito and did some other optimations and logout implementations
2025-07-29 16:35:42 +02:00
f9f76892af
Solved peertube bugs
2025-07-26 08:08:51 +02:00
27973c2773
Optimized injection layer on lua base, as replace for nginx replace. Also optimized cloudflare cache deletion(no everytime for cleanup). Still CDN is required for logout mechanism via JS and Nextcloud deploy is buggy after changing from nginx to openresty. Propably some variable overwritte topic. Should be solved tomorrow.
2025-07-24 19:13:13 +02:00
f62355e490
Replaced nginx native with openresty for logout injection. Right now still buggy on nextcloud and espocrm
2025-07-24 03:19:16 +02:00
c8be88e3b1
Activated redis for oauth2 for large cookies
2025-07-22 22:00:11 +02:00
3bc64023af
Added logout pages to some applications
2025-07-22 18:49:23 +02:00
4b9e7dd3b7
Implemented universal logout
2025-07-22 13:14:06 +02:00
6a1a83432f
Different optimations and mig integration. test will fail due to strickter validation checks. need to be cleaned up tomorrow
2025-07-18 20:08:20 +02:00
169493179e
Restructuring for new backup solution
2025-07-16 19:09:31 +02:00
f9426cfb74
Optimized role structure in preparation for new backup script
2025-07-16 12:31:01 +02:00
af3ea9039c
Restructure and cleaned up in preparation of new backup logic
2025-07-15 23:51:51 +02:00
ad60f5fb37
Rmeoved is_feature_enabled function
2025-07-13 17:54:09 +02:00
756597668c
Semi bsr for applications[] to prevent heavy to debug bugs in j2 - part 1
2025-07-13 15:11:38 +02:00
78031855b9
Replaced portfolio_iframe by port-ui-desktop
2025-07-13 14:22:36 +02:00
aa61bf2a44
Removed unecessary application_id s
2025-07-11 15:25:58 +02:00
96268e7161
Renamed server roles by osi they work on
2025-07-10 12:33:46 +02:00
944707ec41
Solved dependency bug which appeared due to autogeneration of meta/main.yml files
2025-07-09 18:01:58 +02:00
c9c73cbdb2
Decoupeld database, docker and proxy
2025-07-09 14:21:30 +02:00
575df76ec3
Shortened service- to svc-
2025-07-09 05:00:41 +02:00
2108702a2b
Shortened network- to net-
2025-07-09 04:35:21 +02:00
66198ca1ec
Shortened webserver to srv-web-
2025-07-09 04:27:58 +02:00
dd1aab70fb
Shortend desktop to desk
2025-07-09 03:18:07 +02:00
22b4342300
Implemented schema/main.yml und config/main.yml file
2025-07-09 02:03:32 +02:00
8da2e41463
Solved letsencrypt reference bugs
2025-07-09 00:07:12 +02:00
