kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-10-31 10:19:09 +00:00
Code Issues Packages Projects Releases Wiki Activity
2,593 Commits 3 Branches 0 Tags
486729d57de28378f9079cf4ed63f3c0d6bd560b
Commit Graph

40 Commits

Author SHA1 Message Date
Kevin Veen-Birkenbach
5dfc2efb5a Used port variable 2025-09-02 11:59:50 +02:00
Kevin Veen-Birkenbach
ce3fe1cd51 Nextcloud: integrate Talk & Whiteboard; adjust ports & healthchecks 
- Enable Spreed (Talk); signaling via /standalone-signaling/
- STUN/TURN: move STUN to 3480 (3479 occupied by BBB), keep TURN 5350 reserved
- docker-compose: expose internal WS ports; explicit TURN port mapping
- Healthchecks: add nc-based TCP checks (roles/docker-container/templates/healthcheck/nc.yml.j2)
- Nginx: location proxy to talk:8081
- Schema: add talk_* secrets (turn/signaling/internal)
- Plugins: configure spreed/whiteboard via vars/*; remove old task files
- Ports matrix (group_vars/all/09_ports.yml) updated/commented

Conversation: https://chatgpt.com/share/68b61a6a-e1dc-800f-b793-4aa600bc0166
 2025-09-02 00:13:23 +02:00
Kevin Veen-Birkenbach
7ca8b7c71d feat(nextcloud): integrate Talk & Whiteboard; refactor to NEXTCLOUD_* vars; full-stack setup 
config(ports): add Nextcloud websocket port (4003); canonical domains (nextcloud/talk/whiteboard)

refactor: unify get_app_conf usage & Jinja spacing; migrate paths/handlers to new NEXTCLOUD_* vars

feat(plugins): split plugin routines; configure Whiteboard via occ (URL + JWT)

fix(oidc): use NEXTCLOUD_URL for logout; correct LDAP attribute mappings; add OIDC flavor switch

feat: Whiteboard container & reverse-proxy location; Talk STUN/WS ports; Redis URL for Whiteboard

chore: drop obsolete TODO; minor cleanups in oauth2-proxy, matrix, peertube, pgadmin, phpldapadmin, pixelfed, phpmyadmin

security(schema): Bluesky jwt_secret now base64_prefixed_32; add Nextcloud whiteboard_jwt_secret

db: normalize postgres image tag templating; central DB host checks spacing fixes

ops: add full-stack bootstrap (certs, proxy, volumes); internal nginx config reload handler update

refs: https://chatgpt.com/share/68b5f5b7-8d64-800f-b001-1241f818dc0e
 2025-09-01 21:37:02 +02:00
Kevin Veen-Birkenbach
b02d88adc0 Refactored server roles for better readability 2025-09-01 18:08:35 +02:00
Kevin Veen-Birkenbach
231fd567b3 feat(frontend): rename inj roles to sys-front-*, add sys-svc-cdn, cache-busting lookup 
Introduce sys-svc-cdn (cdn_paths/cdn_urls/cdn_dirs) and ensure CDN directories + latest symlink.

Rename sys-srv-web-inj-* → sys-front-inj-*; update includes/templates; serve shared/per-app CSS & JS via CDN.

Add lookup_plugins/local_mtime_qs.py for mtime-based cache busting; split CSS into default.css/bootstrap.css + optional per-app style.css.

CSP: use style-src-elem; drop unsafe-inline for styles. Services: fix SYS_SERVICE_ALL_ENABLED bool and controlled flush.

BREAKING CHANGE: role names changed; replace includes and references accordingly.

Conversation: https://chatgpt.com/share/68b55494-9ec4-800f-b559-44707029141d
 2025-09-01 10:10:23 +02:00
Kevin Veen-Birkenbach
dece6228a4 Refactor docker-compose build logic and pull policy 
- Added conditional '--pull' flag on retry in docker-compose build handler, tied to MODE_UPDATE
- Added 'pull_policy: never' to multiple docker-compose service templates to prevent unwanted image pulls
- Fixed minor formatting issues (e.g. Nextcloud volume spacing, WordPress desktop alignment)

Reference: https://chatgpt.com/share/68b0207a-4d9c-800f-b76f-9515885e5183
 2025-08-28 11:25:35 +02:00
Kevin Veen-Birkenbach
cb66fb2978 Refactor LDAP variable schema to use top-level constant LDAP and nested ALL-CAPS keys. 
- Converted group_vars/all/13_ldap.yml from lower-case to ALL-CAPS nested keys.
- Updated all roles, tasks, templates, and filter_plugins to reference LDAP.* instead of ldap.*.
- Fixed Keycloak JSON templates to properly quote Jinja variables.
- Adjusted svc-db-openldap filter plugins and unit tests to handle new LDAP structure.
- Updated integration test to only check uniqueness of TOP-LEVEL ALL-CAPS constants, ignoring nested keys.

See: https://chatgpt.com/share/68b01017-efe0-800f-a508-7d7e2f1c8c8d
 2025-08-28 10:15:48 +02:00
Kevin Veen-Birkenbach
9180182d5b Optimized variables 2025-08-21 16:27:10 +02:00
Kevin Veen-Birkenbach
7a6e273ea4 In between commit, updated matrix and optimized mailu 2025-08-20 17:51:17 +02:00
Kevin Veen-Birkenbach
a4f39ac732 Renamed webserver roles to more speakable names 2025-08-20 08:54:17 +02:00
Kevin Veen-Birkenbach
39a54294dd Moved update commands to nextcloud role 2025-08-20 06:07:33 +02:00
Kevin Veen-Birkenbach
7019b307c5 Optimized collabora draft 2025-08-20 01:00:20 +02:00
Kevin Veen-Birkenbach
d3cc187c3b Made System Email Variables UPPER 2025-08-19 09:34:18 +02:00
Kevin Veen-Birkenbach
a5941763ff refactor: normalize Jinja2 spacing in volume paths and add async support in backup task 
- Standardized spacing in {{ docker_compose.directories.volumes }} across multiple roles
- Added async and poll support to sys-bkp-docker-2-loc database seeding and file permission tasks
- Moved Installation.md for web-app-matrix into docs/ for better structure
 2025-08-18 01:05:01 +02:00
Kevin Veen-Birkenbach
0de26fa6c7 Solved bug existed due to difference between mailu domain and hostname difference. also refactored during this to find the bug 2025-08-16 14:29:07 +02:00
Kevin Veen-Birkenbach
cc2c1dc730 Renamed injection services 2025-08-16 00:01:46 +02:00
Kevin Veen-Birkenbach
03564b34bb Optimized reset routine for docker images and specially discourse 2025-08-15 21:35:45 +02:00
Kevin Veen-Birkenbach
3ac9bd9f90 Optimized variable typos 2025-08-15 18:43:42 +02:00
Kevin Veen-Birkenbach
022800425d THE HUGE REFACTORING CALENDER WEEK 33; Optimized Matrix and during this updated variables, and implemented better reset and cleanup mode handling, also solved some initial setup bugs 2025-08-15 15:15:48 +02:00
Kevin Veen-Birkenbach
db0e030900 Renamed general and mode constants and implemented a check to verify that constants are just defined ones over the whole repository 2025-08-13 19:11:14 +02:00
Kevin Veen-Birkenbach
567b1365c0 Nextcloud: async overhaul & task refactor (conditional wait, faster polling) 
• Add config.performance.async.wait_for and expose as nextcloud_wait_for_async_enabled to toggle waiting for async jobs.

• Split system/admin/index maintenance into separate tasks: 02_add_missing_indices.yml, 03_admin.yml, 04_system_config.yml.

• Refactor plugin flow: rename 02_plugin→05_plugin, 03_plugin_routines→06_plugin_routines, 04_plugin_enable_and_configure→07_plugin_enable_and_configure; remove old 03_plugin_routines and 05_system.

• Harden async handling: filter async_status loops by ansible_job_id; conditionally wait only when nextcloud_wait_for_async_enabled; reduce delay to 1s.

• Reorder main.yml to run system steps before plugin setup; keep handlers flush earlier.

• env.j2: simplify get_app_conf lookups (drop extra True flag).

• vars/main.yml: add nextcloud_host_nginx_path and nextcloud_wait_for_async_enabled.

https://chatgpt.com/share/689c9d4a-1748-800f-b490-06a5a48dd831
 2025-08-13 16:13:00 +02:00
Kevin Veen-Birkenbach
aae69ea15b Ensure that keycloak is up 2025-08-08 17:25:31 +02:00
Kevin Veen-Birkenbach
7f53cc3a12 Replaced web_protocol by WEB_PROTOCOL 2025-08-07 12:31:20 +02:00
Kevin Veen-Birkenbach
44e0fea0b2 Renamed cymais to infinito and did some other optimations and logout implementations 2025-07-29 16:35:42 +02:00
Kevin Veen-Birkenbach
27973c2773 Optimized injection layer on lua base, as replace for nginx replace. Also optimized cloudflare cache deletion(no everytime for cleanup). Still CDN is required for logout mechanism via JS and Nextcloud deploy is buggy after changing from nginx to openresty. Propably some variable overwritte topic. Should be solved tomorrow. 2025-07-24 19:13:13 +02:00
Kevin Veen-Birkenbach
f62355e490 Replaced nginx native with openresty for logout injection. Right now still buggy on nextcloud and espocrm 2025-07-24 03:19:16 +02:00
Kevin Veen-Birkenbach
c8be88e3b1 Activated redis for oauth2 for large cookies 2025-07-22 22:00:11 +02:00
Kevin Veen-Birkenbach
3bc64023af Added logout pages to some applications 2025-07-22 18:49:23 +02:00
Kevin Veen-Birkenbach
ad449c3b6a Adapted roles to new architecture 2025-07-17 15:39:31 +02:00
Kevin Veen-Birkenbach
af3ea9039c Restructure and cleaned up in preparation of new backup logic 2025-07-15 23:51:51 +02:00
Kevin Veen-Birkenbach
d1c8036fa4 Implemented DB Credentials Update for Nextcloud and solved bug 2025-07-14 18:41:30 +02:00
Kevin Veen-Birkenbach
ad60f5fb37 Rmeoved is_feature_enabled function 2025-07-13 17:54:09 +02:00
Kevin Veen-Birkenbach
756597668c Semi bsr for applications[] to prevent heavy to debug bugs in j2 - part 1 2025-07-13 15:11:38 +02:00
Kevin Veen-Birkenbach
aa61bf2a44 Removed unecessary application_id s 2025-07-11 15:25:58 +02:00
Kevin Veen-Birkenbach
96268e7161 Renamed server roles by osi they work on 2025-07-10 12:33:46 +02:00
Kevin Veen-Birkenbach
944707ec41 Solved dependency bug which appeared due to autogeneration of meta/main.yml files 2025-07-09 18:01:58 +02:00
Kevin Veen-Birkenbach
2108702a2b Shortened network- to net- 2025-07-09 04:35:21 +02:00
Kevin Veen-Birkenbach
66198ca1ec Shortened webserver to srv-web- 2025-07-09 04:27:58 +02:00
Kevin Veen-Birkenbach
8da2e41463 Solved letsencrypt reference bugs 2025-07-09 00:07:12 +02:00
Kevin Veen-Birkenbach
563d5fd528 Huge role refactoring/cleanup. Other commits will propably follow. Because some bugs will exist. Still important for longrun and also for auto docs/help/slideshow generation 2025-07-08 23:43:13 +02:00