5287bb4d74
Refactor Akaunting role and CSP handling
...
- Improved CSP filter to properly include web-svc-cdn and use protocol-aware domains
- Added Todo.md with redis and OIDC notes
- Enhanced Akaunting role config with CSP flags and redis option
- Updated schema to include app_key validation
- Reworked tasks to handle first-run marker logic cleanly
- Fixed docker-compose template (marker, healthcheck, setup flag)
- Expanded env.j2 with cache, email, proxy, and redis options
- Added javascript.js.j2 template for SSO warning
- Introduced structured vars for Akaunting role
- Removed deprecated update-repository-with-files.yml task
See conversation: https://chatgpt.com/share/68af00df-2c74-800f-90b6-6ac5b29acdcb
2025-08-27 14:58:44 +02:00
a57fe718de
Optimized spacinbg
2025-08-20 05:49:35 +02:00
3ac9bd9f90
Optimized variable typos
2025-08-15 18:43:42 +02:00
6c966bce2e
Added health check and restart policy to openresty
2025-08-15 17:59:09 +02:00
022800425d
THE HUGE REFACTORING CALENDER WEEK 33; Optimized Matrix and during this updated variables, and implemented better reset and cleanup mode handling, also solved some initial setup bugs
2025-08-15 15:15:48 +02:00
0228014d34
Replaced .infinito.service and .infinito.timer by SOFTWARE_NAME suffix, optimized LICENSE link and update OIDC Realm and ID conf
2025-08-14 14:39:18 +02:00
4a65a254ae
replaced port-ui-desktop with desktop to make it more speakable
2025-08-14 11:45:08 +02:00
db0e030900
Renamed general and mode constants and implemented a check to verify that constants are just defined ones over the whole repository
2025-08-13 19:11:14 +02:00
4fa1c6cfbd
ansible: quote file modes; keycloak: robust LDAP bind update + config cleanup
...
Highlights
- Quote all file modes as strings ("0755"/"0770") across multiple roles to avoid YAML octal quirks and improve portability.
- Keycloak: introduce actions.{import_realm,update_ldap_bind} feature flags and wire them via vars/config.
- Implement idempotent LDAP bind updater (tasks/03_update-ldap-bind.yml):
* kcadm login with no_log protection,
* fetch LDAP UserStorage component by name,
* compare current bindDn/bindCredential and update only when changed.
- Keycloak realm import template: keep providerId="ldap" and set name from keycloak_ldap_component_name.
- Centralize Keycloak readiness check in tasks/main.yml; remove duplicate waits from 02_update_client_redirects.yml and 04_ssh_public_key.yml.
- 01_import.yml: fix typo (keycloak), quote modes, tidy spacing, and replace Jinja-in-Jinja fileglob with concatenation.
- 02_update_client_redirects.yml: correct assert fail_msg filename; keep login-first flow.
- Minor template/vars tidy-ups (spacing, comments, consistent variable usage).
Files touched (excerpt)
- roles/*/*: replace 0755/0770 → "0755"/"0770"
- roles/web-app-keycloak/config/main.yml: add actions map
- roles/web-app-keycloak/vars/main.yml: unify Keycloak vars and feature flags
- roles/web-app-keycloak/tasks/{01_import,02_update_client_redirects,03_update-ldap-bind,04_ssh_public_key,main}.yml
- roles/web-app-keycloak/templates/{docker-compose.yml.j2,import/realm.json.j2}
https://chatgpt.com/share/689bda16-b138-800f-8258-e13f6d7d8239
2025-08-13 02:20:38 +02:00
f31565e4c5
Optimized URLS
2025-08-13 00:33:47 +02:00
7f53cc3a12
Replaced web_protocol by WEB_PROTOCOL
2025-08-07 12:31:20 +02:00
9228d51e86
Restructured server config
2025-08-07 11:31:06 +02:00
44e0fea0b2
Renamed cymais to infinito and did some other optimations and logout implementations
2025-07-29 16:35:42 +02:00
f62355e490
Replaced nginx native with openresty for logout injection. Right now still buggy on nextcloud and espocrm
2025-07-24 03:19:16 +02:00
4b9e7dd3b7
Implemented universal logout
2025-07-22 13:14:06 +02:00
bfc42ce2ac
Different little optimations
2025-07-17 04:23:05 +02:00
169493179e
Restructuring for new backup solution
2025-07-16 19:09:31 +02:00
f9426cfb74
Optimized role structure in preparation for new backup script
2025-07-16 12:31:01 +02:00
af3ea9039c
Restructure and cleaned up in preparation of new backup logic
2025-07-15 23:51:51 +02:00
a98332bfb9
Semi bsr replace part two
2025-07-13 15:35:55 +02:00
756597668c
Semi bsr for applications[] to prevent heavy to debug bugs in j2 - part 1
2025-07-13 15:11:38 +02:00
78031855b9
Replaced portfolio_iframe by port-ui-desktop
2025-07-13 14:22:36 +02:00
3b03c5171d
Renamed the mariadb, openldap and postgres database
2025-07-12 16:06:13 +02:00
3c63936970
Different optimations
2025-07-11 05:29:06 +02:00
7a38241485
Made code more modular and refactored to cmp roles
2025-07-09 20:15:32 +02:00
c9c73cbdb2
Decoupeld database, docker and proxy
2025-07-09 14:21:30 +02:00
e7322a239e
Solved different bugs
2025-07-09 11:51:42 +02:00
575df76ec3
Shortened service- to svc-
2025-07-09 05:00:41 +02:00
66198ca1ec
Shortened webserver to srv-web-
2025-07-09 04:27:58 +02:00
22b4342300
Implemented schema/main.yml und config/main.yml file
2025-07-09 02:03:32 +02:00
563d5fd528
Huge role refactoring/cleanup. Other commits will propably follow. Because some bugs will exist. Still important for longrun and also for auto docs/help/slideshow generation
2025-07-08 23:43:13 +02:00
