|
|
4fa1c6cfbd
|
ansible: quote file modes; keycloak: robust LDAP bind update + config cleanup
Highlights
- Quote all file modes as strings ("0755"/"0770") across multiple roles to avoid YAML octal quirks and improve portability.
- Keycloak: introduce actions.{import_realm,update_ldap_bind} feature flags and wire them via vars/config.
- Implement idempotent LDAP bind updater (tasks/03_update-ldap-bind.yml):
* kcadm login with no_log protection,
* fetch LDAP UserStorage component by name,
* compare current bindDn/bindCredential and update only when changed.
- Keycloak realm import template: keep providerId="ldap" and set name from keycloak_ldap_component_name.
- Centralize Keycloak readiness check in tasks/main.yml; remove duplicate waits from 02_update_client_redirects.yml and 04_ssh_public_key.yml.
- 01_import.yml: fix typo (keycloak), quote modes, tidy spacing, and replace Jinja-in-Jinja fileglob with concatenation.
- 02_update_client_redirects.yml: correct assert fail_msg filename; keep login-first flow.
- Minor template/vars tidy-ups (spacing, comments, consistent variable usage).
Files touched (excerpt)
- roles/*/*: replace 0755/0770 → "0755"/"0770"
- roles/web-app-keycloak/config/main.yml: add actions map
- roles/web-app-keycloak/vars/main.yml: unify Keycloak vars and feature flags
- roles/web-app-keycloak/tasks/{01_import,02_update_client_redirects,03_update-ldap-bind,04_ssh_public_key,main}.yml
- roles/web-app-keycloak/templates/{docker-compose.yml.j2,import/realm.json.j2}
https://chatgpt.com/share/689bda16-b138-800f-8258-e13f6d7d8239
|
2025-08-13 02:20:38 +02:00 |
|
|
|
f31565e4c5
|
Optimized URLS
|
2025-08-13 00:33:47 +02:00 |
|
|
|
84de85d905
|
Solved matrix flush handler bug
|
2025-08-12 12:54:27 +02:00 |
|
|
|
6e04ac58d2
|
Moved blocks to include_tasks to raise performance. Deploy was really slow
|
2025-08-11 12:28:31 +02:00 |
|
|
|
149c563831
|
Optimized logic for database backups and integrated test to verify that database feature is used correct
|
2025-08-10 15:06:37 +02:00 |
|
|
|
aae69ea15b
|
Ensure that keycloak is up
|
2025-08-08 17:25:31 +02:00 |
|
|
|
7f53cc3a12
|
Replaced web_protocol by WEB_PROTOCOL
|
2025-08-07 12:31:20 +02:00 |
|
|
|
9228d51e86
|
Restructured server config
|
2025-08-07 11:31:06 +02:00 |
|
|
|
44e0fea0b2
|
Renamed cymais to infinito and did some other optimations and logout implementations
|
2025-07-29 16:35:42 +02:00 |
|
|
|
a9e7ed3605
|
Implemented flexible upload limits for wordpress and matrix :)
|
2025-07-26 11:22:01 +02:00 |
|
|
|
27973c2773
|
Optimized injection layer on lua base, as replace for nginx replace. Also optimized cloudflare cache deletion(no everytime for cleanup). Still CDN is required for logout mechanism via JS and Nextcloud deploy is buggy after changing from nginx to openresty. Propably some variable overwritte topic. Should be solved tomorrow.
|
2025-07-24 19:13:13 +02:00 |
|
|
|
f62355e490
|
Replaced nginx native with openresty for logout injection. Right now still buggy on nextcloud and espocrm
|
2025-07-24 03:19:16 +02:00 |
|
|
|
3bc64023af
|
Added logout pages to some applications
|
2025-07-22 18:49:23 +02:00 |
|
|
|
4b9e7dd3b7
|
Implemented universal logout
|
2025-07-22 13:14:06 +02:00 |
|
|
|
6e2e3e45a7
|
Solved matrix bug
|
2025-07-21 01:36:10 +02:00 |
|
|
|
f9426cfb74
|
Optimized role structure in preparation for new backup script
|
2025-07-16 12:31:01 +02:00 |
|
|
|
af3ea9039c
|
Restructure and cleaned up in preparation of new backup logic
|
2025-07-15 23:51:51 +02:00 |
|
|
|
bbabc58cf9
|
Optimized webport and certbot_dns_api_token
|
2025-07-15 15:04:27 +02:00 |
|
|
|
f02ca50f88
|
Renamed backup roles
|
2025-07-14 19:04:30 +02:00 |
|
|
|
33d14741e2
|
Added j2 sniffer and solved syntax bugs
|
2025-07-13 21:20:23 +02:00 |
|
|
|
ad60f5fb37
|
Rmeoved is_feature_enabled function
|
2025-07-13 17:54:09 +02:00 |
|
|
|
756597668c
|
Semi bsr for applications[] to prevent heavy to debug bugs in j2 - part 1
|
2025-07-13 15:11:38 +02:00 |
|
|
|
78031855b9
|
Replaced portfolio_iframe by port-ui-desktop
|
2025-07-13 14:22:36 +02:00 |
|
|
|
ead60dab84
|
Fail safed more parts of the code
|
2025-07-12 21:35:33 +02:00 |
|
|
|
3b03c5171d
|
Renamed the mariadb, openldap and postgres database
|
2025-07-12 16:06:13 +02:00 |
|
|
|
e14e6b96e9
|
Renamed Database roles
|
2025-07-12 10:11:52 +02:00 |
|
|
|
168c5c0da6
|
Another big round of refactoring and cleaning...
|
2025-07-11 17:55:26 +02:00 |
|
|
|
aa61bf2a44
|
Removed unecessary application_id s
|
2025-07-11 15:25:58 +02:00 |
|
|
|
96268e7161
|
Renamed server roles by osi they work on
|
2025-07-10 12:33:46 +02:00 |
|
|
|
944707ec41
|
Solved dependency bug which appeared due to autogeneration of meta/main.yml files
|
2025-07-09 18:01:58 +02:00 |
|
|
|
c9c73cbdb2
|
Decoupeld database, docker and proxy
|
2025-07-09 14:21:30 +02:00 |
|
|
|
575df76ec3
|
Shortened service- to svc-
|
2025-07-09 05:00:41 +02:00 |
|
|
|
2108702a2b
|
Shortened network- to net-
|
2025-07-09 04:35:21 +02:00 |
|
|
|
66198ca1ec
|
Shortened webserver to srv-web-
|
2025-07-09 04:27:58 +02:00 |
|
|
|
9668e74139
|
Shorted backup- to bkp-
|
2025-07-09 03:36:44 +02:00 |
|
|
|
ed0cd9b8c0
|
Restructured users
|
2025-07-09 02:26:50 +02:00 |
|
|
|
22b4342300
|
Implemented schema/main.yml und config/main.yml file
|
2025-07-09 02:03:32 +02:00 |
|
|
|
8da2e41463
|
Solved letsencrypt reference bugs
|
2025-07-09 00:07:12 +02:00 |
|
|
|
563d5fd528
|
Huge role refactoring/cleanup. Other commits will propably follow. Because some bugs will exist. Still important for longrun and also for auto docs/help/slideshow generation
|
2025-07-08 23:43:13 +02:00 |
|
