kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-08-16 08:56:46 +02:00
Code Issues Packages Projects Releases Wiki Activity
2,253 Commits 1 Branch 0 Tags
Commit Graph

14 Commits

Author SHA1 Message Date
Kevin Veen-Birkenbach
4fa1c6cfbd
ansible: quote file modes; keycloak: robust LDAP bind update + config cleanup 
Highlights
- Quote all file modes as strings ("0755"/"0770") across multiple roles to avoid YAML octal quirks and improve portability.
- Keycloak: introduce actions.{import_realm,update_ldap_bind} feature flags and wire them via vars/config.
- Implement idempotent LDAP bind updater (tasks/03_update-ldap-bind.yml):
  * kcadm login with no_log protection,
  * fetch LDAP UserStorage component by name,
  * compare current bindDn/bindCredential and update only when changed.
- Keycloak realm import template: keep providerId="ldap" and set name from keycloak_ldap_component_name.
- Centralize Keycloak readiness check in tasks/main.yml; remove duplicate waits from 02_update_client_redirects.yml and 04_ssh_public_key.yml.
- 01_import.yml: fix typo (keycloak), quote modes, tidy spacing, and replace Jinja-in-Jinja fileglob with concatenation.
- 02_update_client_redirects.yml: correct assert fail_msg filename; keep login-first flow.
- Minor template/vars tidy-ups (spacing, comments, consistent variable usage).

Files touched (excerpt)
- roles/*/*: replace 0755/0770 → "0755"/"0770"
- roles/web-app-keycloak/config/main.yml: add actions map
- roles/web-app-keycloak/vars/main.yml: unify Keycloak vars and feature flags
- roles/web-app-keycloak/tasks/{01_import,02_update_client_redirects,03_update-ldap-bind,04_ssh_public_key,main}.yml
- roles/web-app-keycloak/templates/{docker-compose.yml.j2,import/realm.json.j2}

https://chatgpt.com/share/689bda16-b138-800f-8258-e13f6d7d8239
 2025-08-13 02:20:38 +02:00
Kevin Veen-Birkenbach
6e04ac58d2
Moved blocks to include_tasks to raise performance. Deploy was really slow 2025-08-11 12:28:31 +02:00
Kevin Veen-Birkenbach
44e0fea0b2
Renamed cymais to infinito and did some other optimations and logout implementations 2025-07-29 16:35:42 +02:00
Kevin Veen-Birkenbach
27973c2773
Optimized injection layer on lua base, as replace for nginx replace. Also optimized cloudflare cache deletion(no everytime for cleanup). Still CDN is required for logout mechanism via JS and Nextcloud deploy is buggy after changing from nginx to openresty. Propably some variable overwritte topic. Should be solved tomorrow. 2025-07-24 19:13:13 +02:00
Kevin Veen-Birkenbach
f62355e490
Replaced nginx native with openresty for logout injection. Right now still buggy on nextcloud and espocrm 2025-07-24 03:19:16 +02:00
Kevin Veen-Birkenbach
ad449c3b6a
Adapted roles to new architecture 2025-07-17 15:39:31 +02:00
Kevin Veen-Birkenbach
af3ea9039c
Restructure and cleaned up in preparation of new backup logic 2025-07-15 23:51:51 +02:00
Kevin Veen-Birkenbach
d1c8036fa4
Implemented DB Credentials Update for Nextcloud and solved bug 2025-07-14 18:41:30 +02:00
Kevin Veen-Birkenbach
756597668c
Semi bsr for applications[] to prevent heavy to debug bugs in j2 - part 1 2025-07-13 15:11:38 +02:00
Kevin Veen-Birkenbach
96268e7161
Renamed server roles by osi they work on 2025-07-10 12:33:46 +02:00
Kevin Veen-Birkenbach
c9c73cbdb2
Decoupeld database, docker and proxy 2025-07-09 14:21:30 +02:00
Kevin Veen-Birkenbach
575df76ec3
Shortened service- to svc- 2025-07-09 05:00:41 +02:00
Kevin Veen-Birkenbach
66198ca1ec
Shortened webserver to srv-web- 2025-07-09 04:27:58 +02:00
Kevin Veen-Birkenbach
563d5fd528
Huge role refactoring/cleanup. Other commits will propably follow. Because some bugs will exist. Still important for longrun and also for auto docs/help/slideshow generation 2025-07-08 23:43:13 +02:00