• Add svc-ai category under roles and load it in constructor stage
• Create new 'svc-ai-ollama' role (vars, tasks, compose, meta, README) and dedicated network
• Refactor former AI stack into separate app roles: web-app-flowise and web-app-openwebui
• Add web-app-minio role; adjust config (no central DB), meta (fa-database, run_after), compose networks include, volume key
• Provide user-focused READMEs for Flowise, OpenWebUI, MinIO, Ollama
• Networks: add subnets for web-app-openwebui, web-app-flowise, web-app-minio; rename web-app-ai → svc-ai-ollama
• Ports: rename ai_* keys to web-app-openwebui / web-app-flowise; keep minio_api/minio_console
• Add group_vars/all/17_ai.yml (OLLAMA_BASE_LOCAL_URL, OLLAMA_LOCAL_ENABLED)
• Replace hardcoded include paths with path_join in multiple roles (svc-db-postgres, sys-service, sys-stk-front-proxy, sys-stk-full-stateful, sys-svc-webserver, web-svc-cdn, web-app-keycloak)
• Remove obsolete web-app-ai templates/vars/env; split Flowise into its own role
• Minor config cleanups (CSP flags to {}, central_database=false)
https://chatgpt.com/share/68d15cb8-cf18-800f-b853-78962f751f81
Details:
- NEXTCLOUD_DOCKER_CONF_DIRECTORY, NEXTCLOUD_DOCKER_CONFIG_FILE, NEXTCLOUD_DOCKER_CONF_ADD_PATH
now built with path_join instead of string concat
- NEXTCLOUD_DOCKER_EXEC_OCC now uses path_join for occ command
- makes path handling more robust and consistent
See: https://chatgpt.com/share/68d14d85-3d80-800f-9d1d-fcf6bb8ce449
- Updated GitHub Actions workflow to call `infinito make ...` inside container
- Simplified Dockerfile CMD to run `infinito --help` and keep container alive
- Adjusted docker-compose.yml to use explicit image name
See: https://chatgpt.com/share/68cde606-c3f8-800f-8ac5-fc035386da87
- Un-commented `view.bluesky.{{ PRIMARY_DOMAIN }}` in config to allow
explicit AppView domain definition.
- Reworked `03_dns.yml` to build `cloudflare_records` list programmatically,
including conditional addition of AppView records only if the domain is
not `api.bsky.app`.
- Improved AAAA handling with `| default('')` and proper ternary
expressions for `present/absent`.
- Updated `vars/main.yml` to remove default port fallback for
`BLUESKY_VIEW_PORT`.
Refs: https://chatgpt.com/share/68cdde1d-1bd4-800f-a4bb-319372752fcd
- Replaced ENTRYPOINT/CMD with a single CMD ["infinito --help"] in Dockerfile
- Added docker-compose.yml with service 'infinito', port bindings, volumes, networks
- Added env.sample for BIND_IP, SUBNET, GATEWAY defaults
See conversation: https://chatgpt.com/share/68cda4d5-1fe0-800f-a7f7-191cb8b70d84
Replaced duplicated inline build definitions in multiple docker-compose.yml.j2
templates with a shared include (roles/docker-container/templates/build.yml.j2).
This ensures consistent use of pull_policy: never and Dockerfile context across
services (Postgres, Bookwyrm, Bridgy Fed, Chess, Confluence, Jira, Moodle,
OpenProject, Pretix, Roulette Wheel, WordPress, XWiki, Simpleicons).
Conversation: https://chatgpt.com/share/68cd8f35-b764-800f-9b00-2c837103d2fb
- Added 'solo' flag support for A/AAAA, CNAME/MX/TXT, and SRV records in sys-dns-cloudflare-records.
- Simplified sys-svc-dns: removed NS management tasks and CLOUDFLARE_NAMESERVERS default.
- Renamed 03_apex.yml back to 02_apex.yml, adjusted AAAA task name.
- Updated web-app-bluesky DNS tasks: marked critical records with 'solo'.
- Updated web-app-mailu DNS tasks: removed cleanup block, enforced 'solo' on all records.
- Adjusted constructor stage to call domain_mappings with AUTO_BUILD_ALIASES parameter.
Conversation: https://chatgpt.com/share/68cd20d8-9ba8-800f-b070-f7294f072c40
- Extend filter signature with auto_build_alias flag to control automatic
default→canonical alias creation
- group_vars/all: introduce AUTO_BUILD_ALIASES variable for global toggle
- Update unit tests: adjust calls to new signature and add dedicated
test cases for auto_build_aliases=False
Ref: conversation https://chatgpt.com/share/68cd512c-c878-800f-bdf2-81737adf7e0e
- Added regex masking to skip {{ var }} usages inside {% raw %}…{% endraw %} blocks.
- Simplified code by removing redundant comments.
- Cleaned up task file for XWiki role by removing outdated note.
Ref: https://chatgpt.com/share/68cd2558-e92c-800f-a80a-a79d3c81476e
- Switch certbot flag from MODE_TEST → MODE_DUMMY in dedicated certs
- Add sys-svc-dns defaults for CLOUDFLARE_NAMESERVERS
- Introduce 02_nameservers.yml for NS cleanup + enforce, adjust task ordering (apex now 03_apex.yml)
- Enforce quoting for Bluesky and Mailu TXT records
- Add cleanup of MX/TXT/DMARC/DKIM in Mailu role
- Normalize no_log handling in Nextcloud plugin
- Simplify async conditionals in Collabora role
Conversation: https://chatgpt.com/share/68cd20d8-9ba8-800f-b070-f7294f072c40
Replaced hardcoded path to src/state/geolocation.tsx with variable BLUESKY_GEOLOCATION_PATH pointing to src/state/geolocation/index.tsx.
This ensures BAPP_CONFIG_URL and IPCC_URL replacements work with the updated Bluesky code structure.
Ref: https://chatgpt.com/share/68cb16d5-d698-800f-97e5-cc7d9016f27c
Ensure that the database host alias is only attached to the database
containers themselves, not to dependent application containers. This
avoids DNS collisions where multiple containers expose the same alias
(e.g. 'postgres') on the same network, which led to connection refused
errors in XWiki.
See conversation: https://chatgpt.com/share/68cae4e5-94e4-800f-b291-d2acdb36af21
Added explicit aliases in the networks configuration for database containers
(Postgres/MariaDB). This guarantees that the configured 'database_host' is always
resolvable across external networks, fixing intermittent 'UnknownHostException'
issues when restarting dependent services (e.g., Confluence).
Ref: https://chatgpt.com/share/68cabfac-8618-800f-bcf4-609fdff432ed
oidc.php: autologin/localLogin templated via vars; optionally disable wgPasswordAttemptThrottle when 'web-svc-logout' present
vars: set defaults (AUTOLOGIN=true, LOCALLOGIN=false); use path_join/url_join for clean paths/URLs
Context: https://chatgpt.com/share/68caaf41-d098-800f-beb0-a473ff08c9c5
- Added 'plugins' section in config/main.yml to declare enabled extensions in a structured way
- Introduced new static file 'files/extension_installer_b64.groovy' that decodes Base64 JSON of requested plugins
- Simplified 04_extensions.yml: now builds installer code from static file and removed hardcoded OIDC/LDAP checks
- Dropped redundant XWIKI_EXT_* variables in vars/main.yml
- Added XWIKI_PLUGINS fact to collect enabled plugin items from config/main.yml
This refactor makes extension installation more generic, easier to unit test, and extendable beyond OIDC/LDAP.
See: https://chatgpt.com/share/68ca25e3-cbc4-800f-a45e-2b152369811a
The task 'XWIKI | Execute installer page' now uses:
- timeout: 300 (allow up to 5 min per request)
- retries: 20
- delay: 15
- until: condition
This prevents early failures during the first Distribution Wizard bootstrap when hundreds of extensions are still being installed.
Context: https://chatgpt.com/share/68ca0f18-2124-800f-a70d-df1811966107
