|
|
4fa1c6cfbd
|
ansible: quote file modes; keycloak: robust LDAP bind update + config cleanup
Highlights
- Quote all file modes as strings ("0755"/"0770") across multiple roles to avoid YAML octal quirks and improve portability.
- Keycloak: introduce actions.{import_realm,update_ldap_bind} feature flags and wire them via vars/config.
- Implement idempotent LDAP bind updater (tasks/03_update-ldap-bind.yml):
* kcadm login with no_log protection,
* fetch LDAP UserStorage component by name,
* compare current bindDn/bindCredential and update only when changed.
- Keycloak realm import template: keep providerId="ldap" and set name from keycloak_ldap_component_name.
- Centralize Keycloak readiness check in tasks/main.yml; remove duplicate waits from 02_update_client_redirects.yml and 04_ssh_public_key.yml.
- 01_import.yml: fix typo (keycloak), quote modes, tidy spacing, and replace Jinja-in-Jinja fileglob with concatenation.
- 02_update_client_redirects.yml: correct assert fail_msg filename; keep login-first flow.
- Minor template/vars tidy-ups (spacing, comments, consistent variable usage).
Files touched (excerpt)
- roles/*/*: replace 0755/0770 → "0755"/"0770"
- roles/web-app-keycloak/config/main.yml: add actions map
- roles/web-app-keycloak/vars/main.yml: unify Keycloak vars and feature flags
- roles/web-app-keycloak/tasks/{01_import,02_update_client_redirects,03_update-ldap-bind,04_ssh_public_key,main}.yml
- roles/web-app-keycloak/templates/{docker-compose.yml.j2,import/realm.json.j2}
https://chatgpt.com/share/689bda16-b138-800f-8258-e13f6d7d8239
|
2025-08-13 02:20:38 +02:00 |
|
|
|
f31565e4c5
|
Optimized URLS
|
2025-08-13 00:33:47 +02:00 |
|
|
|
6e04ac58d2
|
Moved blocks to include_tasks to raise performance. Deploy was really slow
|
2025-08-11 12:28:31 +02:00 |
|
|
|
ea0149b5d4
|
Replaced nextcloud-application by nextcloud container name
|
2025-08-11 10:41:06 +02:00 |
|
|
|
fe76fe1e62
|
Added correct flush parameters for docker compose
|
2025-08-11 10:33:48 +02:00 |
|
|
|
aae69ea15b
|
Ensure that keycloak is up
|
2025-08-08 17:25:31 +02:00 |
|
|
|
7f53cc3a12
|
Replaced web_protocol by WEB_PROTOCOL
|
2025-08-07 12:31:20 +02:00 |
|
|
|
9228d51e86
|
Restructured server config
|
2025-08-07 11:31:06 +02:00 |
|
|
|
44e0fea0b2
|
Renamed cymais to infinito and did some other optimations and logout implementations
|
2025-07-29 16:35:42 +02:00 |
|
|
|
27973c2773
|
Optimized injection layer on lua base, as replace for nginx replace. Also optimized cloudflare cache deletion(no everytime for cleanup). Still CDN is required for logout mechanism via JS and Nextcloud deploy is buggy after changing from nginx to openresty. Propably some variable overwritte topic. Should be solved tomorrow.
|
2025-07-24 19:13:13 +02:00 |
|
|
|
f62355e490
|
Replaced nginx native with openresty for logout injection. Right now still buggy on nextcloud and espocrm
|
2025-07-24 03:19:16 +02:00 |
|
|
|
c8be88e3b1
|
Activated redis for oauth2 for large cookies
|
2025-07-22 22:00:11 +02:00 |
|
|
|
3bc64023af
|
Added logout pages to some applications
|
2025-07-22 18:49:23 +02:00 |
|
|
|
4b9e7dd3b7
|
Implemented universal logout
|
2025-07-22 13:14:06 +02:00 |
|
|
|
4717e33649
|
Renamed multiple roles incl. gitlab to to web-app-*
|
2025-07-21 11:25:24 +02:00 |
|
|
|
e6db73c02a
|
Changed taiga to web-app-taiga
|
2025-07-21 10:47:45 +02:00 |
|
|
|
6a1a83432f
|
Different optimations and mig integration. test will fail due to strickter validation checks. need to be cleaned up tomorrow
|
2025-07-18 20:08:20 +02:00 |
|
|
|
9a8ef5e047
|
Implemented new appid for bbb
|
2025-07-17 16:04:05 +02:00 |
|
|
|
ad449c3b6a
|
Adapted roles to new architecture
|
2025-07-17 15:39:31 +02:00 |
|
|
|
a04a1710d3
|
Changed keycloak application id
|
2025-07-17 07:16:38 +02:00 |
|
|
|
1bdfb71f2f
|
Finished backup update
|
2025-07-17 00:34:54 +02:00 |
|
|
|
2f45038bef
|
Solved variable bugs
|
2025-07-16 23:01:25 +02:00 |
|
|
|
3b2190f7ab
|
Replaced by loading of default values
|
2025-07-16 21:46:44 +02:00 |
|
|
|
f9426cfb74
|
Optimized role structure in preparation for new backup script
|
2025-07-16 12:31:01 +02:00 |
|
|
|
af3ea9039c
|
Restructure and cleaned up in preparation of new backup logic
|
2025-07-15 23:51:51 +02:00 |
|
|
|
f02ca50f88
|
Renamed backup roles
|
2025-07-14 19:04:30 +02:00 |
|
|
|
d1c8036fa4
|
Implemented DB Credentials Update for Nextcloud and solved bug
|
2025-07-14 18:41:30 +02:00 |
|
|
|
ad60f5fb37
|
Rmeoved is_feature_enabled function
|
2025-07-13 17:54:09 +02:00 |
|
|
|
756597668c
|
Semi bsr for applications[] to prevent heavy to debug bugs in j2 - part 1
|
2025-07-13 15:11:38 +02:00 |
|
|
|
78031855b9
|
Replaced portfolio_iframe by port-ui-desktop
|
2025-07-13 14:22:36 +02:00 |
|
|
|
3b03c5171d
|
Renamed the mariadb, openldap and postgres database
|
2025-07-12 16:06:13 +02:00 |
|
|
|
168c5c0da6
|
Another big round of refactoring and cleaning...
|
2025-07-11 17:55:26 +02:00 |
|
|
|
aa61bf2a44
|
Removed unecessary application_id s
|
2025-07-11 15:25:58 +02:00 |
|
|
|
5a3535187a
|
Restructured service und web role naming in inventor
|
2025-07-10 14:01:12 +02:00 |
|
|
|
96268e7161
|
Renamed server roles by osi they work on
|
2025-07-10 12:33:46 +02:00 |
|
|
|
944707ec41
|
Solved dependency bug which appeared due to autogeneration of meta/main.yml files
|
2025-07-09 18:01:58 +02:00 |
|
|
|
c9c73cbdb2
|
Decoupeld database, docker and proxy
|
2025-07-09 14:21:30 +02:00 |
|
|
|
e7322a239e
|
Solved different bugs
|
2025-07-09 11:51:42 +02:00 |
|
|
|
575df76ec3
|
Shortened service- to svc-
|
2025-07-09 05:00:41 +02:00 |
|
|
|
2108702a2b
|
Shortened network- to net-
|
2025-07-09 04:35:21 +02:00 |
|
|
|
66198ca1ec
|
Shortened webserver to srv-web-
|
2025-07-09 04:27:58 +02:00 |
|
|
|
9668e74139
|
Shorted backup- to bkp-
|
2025-07-09 03:36:44 +02:00 |
|
|
|
ed0cd9b8c0
|
Restructured users
|
2025-07-09 02:26:50 +02:00 |
|
|
|
22b4342300
|
Implemented schema/main.yml und config/main.yml file
|
2025-07-09 02:03:32 +02:00 |
|
|
|
8da2e41463
|
Solved letsencrypt reference bugs
|
2025-07-09 00:07:12 +02:00 |
|
|
|
563d5fd528
|
Huge role refactoring/cleanup. Other commits will propably follow. Because some bugs will exist. Still important for longrun and also for auto docs/help/slideshow generation
|
2025-07-08 23:43:13 +02:00 |
|
