986f959696
Refactor webserver proxy variables and fix BigBlueButton deployment behavior
...
Refactor proxy/webserver configuration variables to a consistent webserver_* naming scheme across roles. Replace legacy variables like proxy_extra_configuration, client_max_body_size, vhost_flavour, location_ws and ws_port with webserver_extra_configuration, webserver_client_max_body_size, webserver_vhost_flavour, webserver_websocket_location and webserver_websocket_port. Update NGINX vhost and location templates (html, upload, ws, basic, ws_generic) as well as callers (sys-front-inj-all, sys-stk-front-proxy, various web-app-* and web-svc-* roles) to use the new naming.
Tighten docker-compose Git repository handling by making docker_git_repository_pull depend on docker_git_repository_address being defined, a string and non-empty. This avoids accidental Git operations when the repository address is unset or of the wrong type.
Refactor the BigBlueButton role structure and fix deployment bugs: introduce 01_core.yml to orchestrate docker/proxy setup, database seeding, websocket map deployment, docker-compose overrides and admin/bootstrap logic in a single once-executed entrypoint. Rename supporting task files (02_docker-compose.yml, 03_administrator.yml, 04_dependencies.yml) and update tasks/main.yml to delegate via include_tasks with run_once_web_app_bigbluebutton. Improve Greenlight admin creation behavior by treating the 'Email has already been taken' error as a non-fatal, unchanged outcome and running user:set_admin_role as a fallback, both for the primary password and the OIDC starred-password path.
Also standardize vhost flavour selection for services like Mailu, Discourse, CDN, Collabora, Coturn, OnlyOffice, Simpleicons and web-svc-logout by explicitly passing webserver_vhost_flavour where needed and aligning client_max_body_size and websocket configuration with the new webserver_* variables.
Reference: ChatGPT conversation https://chatgpt.com/share/6931c530-bba8-800f-9997-dd61dc1d497b
2025-12-04 18:31:09 +01:00
05ff3d3d61
Added matomo to roles and optimized features configuration
2025-11-27 14:46:04 +01:00
fa6bb67a66
Removed whitespaces in templates:
2025-09-22 16:28:57 +02:00
e6803e5614
refactor(ansible): normalize include_role syntax and unify host config paths via path_join
...
- Remove stray spaces after include_role: across many roles to ensure clean YAML and
consistent linting/formatting.
- Listmonk:
- Introduce LISTMONK_CONFIG_HOST = [ docker_compose.directories.config, 'config.toml' ] | path_join
- Use that var in the template task (dest) and the docker-compose volume mount
- Matrix:
- Build MATRIX_SYNAPSE_CONFIG_PATH_HOST, MATRIX_SYNAPSE_LOG_PATH_HOST, and
MATRIX_ELEMENT_CONFIG_PATH_HOST via path_join
- Mobilizon:
- Build mobilizon_host_conf_exs_file via path_join
- Keep get_app_conf strictness unchanged (defaults to True in our filter), so behavior
remains strict even though the explicit third arg was dropped
- Simpleicons:
- Build server.js and package.json host paths via path_join
- Numerous web-app roles (Confluence, Discourse, EspoCRM, Friendica, Funkwhale, Gitea,
GitLab, Jenkins, Joomla, Listmonk, Mailu, Mastodon, Matomo, Matrix, MediaWiki,
Mobilizon, Moodle, Nextcloud, OpenProject, Peertube, Pixelfed, Pretix, Roulette Wheel,
Snipe-IT, Syncope, Taiga, WordPress, XWiki, Yourls) and web-svc roles (coturn,
libretranslate, simpleicons) updated for consistent include_role formatting
Why:
- path_join avoids double slashes and missing separators across different config roots
- Consistent include_role: formatting improves readability and prevents linter noise
Ref:
- Conversation: https://chatgpt.com/share/68d14711-727c-800f-b454-7dc4c3c1f4cb
2025-09-22 14:55:25 +02:00
5e616d3962
web: general domain cleanup (canonical/aliases normalization)
...
- Normalize domain blocks across apps:
- Add explicit 'aliases: []' everywhere (no implicit aliases)
- Standardize canonical subdomains for consistency:
* Bluesky: web/api under *.bluesky.<PRIMARY_DOMAIN>
* EspoCRM: espo.crm.<PRIMARY_DOMAIN>
* Gitea: tea.git.<PRIMARY_DOMAIN>
* GitLab: lab.git.<PRIMARY_DOMAIN>
* Joomla: joomla.cms.<PRIMARY_DOMAIN>
* Magento: magento.shop.<PRIMARY_DOMAIN>
* OpenProject: open.project.<PRIMARY_DOMAIN>
* Pretix: ticket.shop.<PRIMARY_DOMAIN>
* Taiga: kanban.project.<PRIMARY_DOMAIN>
- Remove legacy/duplicate aliases and use empty list instead
- Fix 'alias' -> 'aliases' where applicable
Context: preparing for AUTO_BUILD_ALIASES=False and deterministic redirect mapping.
Ref: conversation https://chatgpt.com/share/68cd512c-c878-800f-bdf2-81737adf7e0e
2025-09-19 14:51:56 +02:00
b02d88adc0
Refactored server roles for better readability
2025-09-01 18:08:35 +02:00
231fd567b3
feat(frontend): rename inj roles to sys-front-*, add sys-svc-cdn, cache-busting lookup
...
Introduce sys-svc-cdn (cdn_paths/cdn_urls/cdn_dirs) and ensure CDN directories + latest symlink.
Rename sys-srv-web-inj-* → sys-front-inj-*; update includes/templates; serve shared/per-app CSS & JS via CDN.
Add lookup_plugins/local_mtime_qs.py for mtime-based cache busting; split CSS into default.css/bootstrap.css + optional per-app style.css.
CSP: use style-src-elem; drop unsafe-inline for styles. Services: fix SYS_SERVICE_ALL_ENABLED bool and controlled flush.
BREAKING CHANGE: role names changed; replace includes and references accordingly.
Conversation: https://chatgpt.com/share/68b55494-9ec4-800f-b559-44707029141d
2025-09-01 10:10:23 +02:00
6ea8301364
Refactor: migrate cmp/* and srv/* roles into sys-stk/* and sys-svc/* namespaces
...
- Removed obsolete 'cmp' category, introduced 'stk' category (fa-bars-staggered icon).
- Renamed roles:
* cmp-db-docker → sys-stk-back-stateful
* cmp-docker-oauth2 → sys-stk-back-stateless
* srv-domain-provision → sys-stk-front
* cmp-db-docker-proxy → sys-stk-full-stateful
* cmp-docker-proxy → sys-stk-full-stateless
* cmp-rdbms → sys-svc-rdbms
- Updated all include_role references, vars, templates and README.md files.
- Adjusted run_once comments and variable paths accordingly.
- Updated all web-app roles to use new sys-stk/* and sys-svc/* roles.
Conversation: https://chatgpt.com/share/68b0ba66-09f8-800f-86fc-76c47009d431
2025-08-28 22:23:09 +02:00
7a6e273ea4
In between commit, updated matrix and optimized mailu
2025-08-20 17:51:17 +02:00
a4f39ac732
Renamed webserver roles to more speakable names
2025-08-20 08:54:17 +02:00
cc2c1dc730
Renamed injection services
2025-08-16 00:01:46 +02:00
6c966bce2e
Added health check and restart policy to openresty
2025-08-15 17:59:09 +02:00
022800425d
THE HUGE REFACTORING CALENDER WEEK 33; Optimized Matrix and during this updated variables, and implemented better reset and cleanup mode handling, also solved some initial setup bugs
2025-08-15 15:15:48 +02:00
0228014d34
Replaced .infinito.service and .infinito.timer by SOFTWARE_NAME suffix, optimized LICENSE link and update OIDC Realm and ID conf
2025-08-14 14:39:18 +02:00
db0e030900
Renamed general and mode constants and implemented a check to verify that constants are just defined ones over the whole repository
2025-08-13 19:11:14 +02:00
004507e233
Optimized handler flushing
2025-08-13 18:17:05 +02:00
4fa1c6cfbd
ansible: quote file modes; keycloak: robust LDAP bind update + config cleanup
...
Highlights
- Quote all file modes as strings ("0755"/"0770") across multiple roles to avoid YAML octal quirks and improve portability.
- Keycloak: introduce actions.{import_realm,update_ldap_bind} feature flags and wire them via vars/config.
- Implement idempotent LDAP bind updater (tasks/03_update-ldap-bind.yml):
* kcadm login with no_log protection,
* fetch LDAP UserStorage component by name,
* compare current bindDn/bindCredential and update only when changed.
- Keycloak realm import template: keep providerId="ldap" and set name from keycloak_ldap_component_name.
- Centralize Keycloak readiness check in tasks/main.yml; remove duplicate waits from 02_update_client_redirects.yml and 04_ssh_public_key.yml.
- 01_import.yml: fix typo (keycloak), quote modes, tidy spacing, and replace Jinja-in-Jinja fileglob with concatenation.
- 02_update_client_redirects.yml: correct assert fail_msg filename; keep login-first flow.
- Minor template/vars tidy-ups (spacing, comments, consistent variable usage).
Files touched (excerpt)
- roles/*/*: replace 0755/0770 → "0755"/"0770"
- roles/web-app-keycloak/config/main.yml: add actions map
- roles/web-app-keycloak/vars/main.yml: unify Keycloak vars and feature flags
- roles/web-app-keycloak/tasks/{01_import,02_update_client_redirects,03_update-ldap-bind,04_ssh_public_key,main}.yml
- roles/web-app-keycloak/templates/{docker-compose.yml.j2,import/realm.json.j2}
https://chatgpt.com/share/689bda16-b138-800f-8258-e13f6d7d8239
2025-08-13 02:20:38 +02:00
f31565e4c5
Optimized URLS
2025-08-13 00:33:47 +02:00
7f53cc3a12
Replaced web_protocol by WEB_PROTOCOL
2025-08-07 12:31:20 +02:00
9228d51e86
Restructured server config
2025-08-07 11:31:06 +02:00
44e0fea0b2
Renamed cymais to infinito and did some other optimations and logout implementations
2025-07-29 16:35:42 +02:00
27973c2773
Optimized injection layer on lua base, as replace for nginx replace. Also optimized cloudflare cache deletion(no everytime for cleanup). Still CDN is required for logout mechanism via JS and Nextcloud deploy is buggy after changing from nginx to openresty. Propably some variable overwritte topic. Should be solved tomorrow.
2025-07-24 19:13:13 +02:00
f62355e490
Replaced nginx native with openresty for logout injection. Right now still buggy on nextcloud and espocrm
2025-07-24 03:19:16 +02:00
bba663f95d
Added missing canonicals
2025-07-22 19:20:29 +02:00
4b9e7dd3b7
Implemented universal logout
2025-07-22 13:14:06 +02:00
aeeae776c7
Finished implementation of correct application id
2025-07-21 11:33:35 +02:00
ad60f5fb37
Rmeoved is_feature_enabled function
2025-07-13 17:54:09 +02:00
756597668c
Semi bsr for applications[] to prevent heavy to debug bugs in j2 - part 1
2025-07-13 15:11:38 +02:00
aa61bf2a44
Removed unecessary application_id s
2025-07-11 15:25:58 +02:00
96268e7161
Renamed server roles by osi they work on
2025-07-10 12:33:46 +02:00
f3439861bb
minor improvements
2025-07-09 20:28:58 +02:00
7a38241485
Made code more modular and refactored to cmp roles
2025-07-09 20:15:32 +02:00
944707ec41
Solved dependency bug which appeared due to autogeneration of meta/main.yml files
2025-07-09 18:01:58 +02:00
c9c73cbdb2
Decoupeld database, docker and proxy
2025-07-09 14:21:30 +02:00
575df76ec3
Shortened service- to svc-
2025-07-09 05:00:41 +02:00
2108702a2b
Shortened network- to net-
2025-07-09 04:35:21 +02:00
66198ca1ec
Shortened webserver to srv-web-
2025-07-09 04:27:58 +02:00
22b4342300
Implemented schema/main.yml und config/main.yml file
2025-07-09 02:03:32 +02:00
8da2e41463
Solved letsencrypt reference bugs
2025-07-09 00:07:12 +02:00
563d5fd528
Huge role refactoring/cleanup. Other commits will propably follow. Because some bugs will exist. Still important for longrun and also for auto docs/help/slideshow generation
2025-07-08 23:43:13 +02:00
