- Added vars/main.yml to define iframe-handler.js file name and destination
- Implemented 01_deploy.yml to deploy iframe-handler.js to CDN and set mtime-based version fact
- Split original iframe logic into:
• iframe-handler.js (full logic, served from CDN)
• iframe-init_one_liner.js.j2 (small inline bootstrap, CSP-hashed)
- Updated head_sub.j2 to load script from CDN instead of embedding full code
- Added body_sub.j2 for inline init code
- Updated iframe-handler.js.j2 with initIframeHandler() function and global exposure
- Activated role earlier in inj-compose with public: true so vars are available for templates
- Included 'port-ui-desktop' in body_snippets loop in location.lua.j2
- Disabled 'port-ui-desktop' feature in web-svc-cdn config by default
https://chatgpt.com/share/689d03a8-4c28-800f-8b06-58ce2807b075
- Standardize async/poll usage with 'ASYNC_ENABLED | bool'
- Add async/poll parameters to Cloudflare, Nginx, Mailu, MIG, Nextcloud, and OpenLDAP tasks
- Update async configuration in 'group_vars/all/00_general.yml' to ensure boolean evaluation
- Allow CAA, cache, and DNS tasks to run asynchronously when enabled
https://chatgpt.com/share/689cd8cc-7fbc-800f-bd06-a667561573bf
- Introduce global async configuration in group_vars/all/00_general.yml:
- ASYNC_ENABLED (disabled in debug mode)
- ASYNC_TIME (default 300s, omitted if async disabled)
- ASYNC_POLL (0 for async fire-and-forget, 10 for sync mode)
- Replace hardcoded async/poll values with global vars in:
- svc-db-openldap (03_users.yml, 04_update.yml)
- web-app-mig (02_build_data.yml)
- web-app-nextcloud (03_admin.yml, 04_system_config.yml, 05_plugin.yml,
06_plugin_routines.yml, 07_plugin_enable_and_configure.yml)
- Guard changed_when and failed_when conditions to only evaluate in synchronous
mode to avoid accessing undefined rc/stdout/stderr in async runs
https://chatgpt.com/share/689cd8cc-7fbc-800f-bd06-a667561573bf
• Add config.performance.async.wait_for and expose as nextcloud_wait_for_async_enabled to toggle waiting for async jobs.
• Split system/admin/index maintenance into separate tasks: 02_add_missing_indices.yml, 03_admin.yml, 04_system_config.yml.
• Refactor plugin flow: rename 02_plugin→05_plugin, 03_plugin_routines→06_plugin_routines, 04_plugin_enable_and_configure→07_plugin_enable_and_configure; remove old 03_plugin_routines and 05_system.
• Harden async handling: filter async_status loops by ansible_job_id; conditionally wait only when nextcloud_wait_for_async_enabled; reduce delay to 1s.
• Reorder main.yml to run system steps before plugin setup; keep handlers flush earlier.
• env.j2: simplify get_app_conf lookups (drop extra True flag).
• vars/main.yml: add nextcloud_host_nginx_path and nextcloud_wait_for_async_enabled.
https://chatgpt.com/share/689c9d4a-1748-800f-b490-06a5a48dd831
Switch to command:argv to avoid shell quoting and argument splitting issues.
Pass -s config values as JSON arrays via to_json, fixing previous errors: Cannot parse the JSON / failed at splitting arguments.
Also reconcile config.connectionUrl from ldap.server.uri.
Source desired values strictly from ldap.* (no computed defaults) and assert their presence.
Keep operation idempotent by reading current values and updating only on change.
Minor refactor: build reusable kcadm_argv_base and expand client state extraction.
Touch: roles/web-app-keycloak/tasks/03_update-ldap-bind.yml
https://chatgpt.com/share/689bea84-7188-800f-ba51-830a0735f24c
Use EspoCRM's ConfigWriter API to patch the 'siteUrl' setting during updates.
This makes the process idempotent, avoids brittle regex replacements, and
ensures the running configuration stays in sync with the deployment domain.
https://chatgpt.com/share/689bb860-ba90-800f-adb5-4fa5a992b267
- New task 04_update_domain.yml updates home/siteurl only when needed
- DB-wide search-replace (old → new), GUID-safe, precise, tables-with-prefix
- Normalizes http→https, strips trailing slashes, then flushes cache/rewrites
- Guarded by is_multisite()==0; multisite untouched
- Wired into main.yml with auto target URL via domains|get_url
Fixes post-domain-change mixed/CSP issues due to hard-coded old URLs.
https://chatgpt.com/share/689bac2d-3610-800f-b6f0-41dc79d13a14
Fix a templating crash during docker-compose.yml rendering when a role sets database_type to an empty string or does not expose it (e.g., svc-prx-openresty). Previously _database_id resolved to 'svc-db-' and get_app_conf attempted to read 'docker.services..name', raising AppConfigKeyError: Application ID 'svc-db-' not found.
Changes:
- Introduce _dbtype = (database_type | d('') | trim) and build _database_id only if _dbtype is non-empty.
- Guard central DB lookups: use get_app_conf(..., strict=False, default='') and only when _dbtype is set.
- Default _database_consumer_entity_name to get_entity_name of database_application_id or fallback to application_id.
- Only resolve database_port when _dbtype is set; otherwise empty.
- Minor formatting fixes for env and URL strings.
Impact:
- Prevents failures in roles without a DB or with database_type=''.
- Keeps previous behavior intact for apps with a valid database_type (mariadb/postgres).
- Eliminates 'config_path: docker.services..name' errors while keeping compose templates stable.
https://chatgpt.com/share/689b9d11-6308-800f-b20c-2d9f18d832f1
- Patch local.config.php in one sed exec:
* hostname, database, username, password
* system.url via '#' delimiter to avoid URL slash escaping
* Single notify: docker compose up
- env.j2:
* FRIENDICA_URL now uses domains|get_url(application_id, WEB_PROTOCOL)
* Simplify FRIENDICA_DEBUGGING with |lower
* Normalize spacing for readability
- vars/main.yml:
* Minor cleanups (comment header, spacing)
* Consistent friendica_docker_ldap_config path construction
Why: fewer container execs ⇒ faster runs; idempotent key updates; consistent URL configuration across env and PHP config.
Risk: requires WEB_PROTOCOL and domains|get_url to be defined in inventory/vars as elsewhere in the project.
https://chatgpt.com/share/689b92af-b184-800f-9664-2450e00b29d6
- Moved MIG data build commands into a dedicated 02_build_data.yml task file.
- Added async execution (async: 3600, poll: 0) for non-blocking build.
- Introduced mig_wait_for_build variable to optionally wait for completion.
- Added debug message to inform how to disable waiting via build_data.wait_for=false for performance.
- Updated config to use nested build_data.enabled and build_data.wait_for structure.
- Adjusted variable lookups accordingly.
https://chatgpt.com/share/689b54d2-e3b0-800f-91df-939ebc5e12ef
- Added register, until, retries, and delay to all PostgreSQL-related tasks
in 02_init.yml to handle transient 'tuple concurrently updated' and similar errors.
- Changed 'when: "{{ postgres_init }}"' to 'when: postgres_init | bool' in main.yml
for correct boolean evaluation.
- Switched 'role' to 'roles' in postgresql_privs tasks for forward compatibility.
- Added postgres_retry_retries and postgres_retry_delay defaults in vars/main.yml
to centralize retry configuration.
https://chatgpt.com/share/689b2360-a8a4-800f-9acb-6d88d6aa5cb7
