cbfb096cdb
Refactor web health checker & domain expectations (filter-based)
...
- Move all domain→expected-status mapping to filter `web_health_expectations`.
- Require explicit app selection via non-empty `group_names`; only those apps are included.
- Add `www_enabled` flag (wired via `WWW_REDIRECT_ENABLED`) to generate/force www.* → 301.
- Support `redirect_maps` to include manual redirects (sources forced to 301), independent of app selection.
- Aliases always 301; canonicals use per-key override or `server.status_codes.default`, else [200,302,301].
- Remove legacy fallbacks (`server.status_codes.home` / `landingpage`).
- Wire filter output into systemd ExecStart script as JSON expectations.
- Normalize various templates to use `to_json` and minor spacing fixes.
- Update app configs (e.g., YOURLS default=301; Confluence default=302; Bluesky web=405; MediaWiki/Confluence canonical/aliases).
- Constructor now uses `WWW_REDIRECT_ENABLED` for domain generation.
Tests:
- Add comprehensive unit tests for filter: selection by group, keyed/default codes, aliases, www handling, redirect_maps, input sanitization.
- Add unit tests for the standalone checker script (JSON parsing, OK/mismatch counting, sanitization).
See conversation: https://chatgpt.com/share/68c2b93e-de58-800f-8c16-ea05755ba776
2025-09-11 13:58:16 +02:00
7ca8b7c71d
feat(nextcloud): integrate Talk & Whiteboard; refactor to NEXTCLOUD_* vars; full-stack setup
...
config(ports): add Nextcloud websocket port (4003); canonical domains (nextcloud/talk/whiteboard)
refactor: unify get_app_conf usage & Jinja spacing; migrate paths/handlers to new NEXTCLOUD_* vars
feat(plugins): split plugin routines; configure Whiteboard via occ (URL + JWT)
fix(oidc): use NEXTCLOUD_URL for logout; correct LDAP attribute mappings; add OIDC flavor switch
feat: Whiteboard container & reverse-proxy location; Talk STUN/WS ports; Redis URL for Whiteboard
chore: drop obsolete TODO; minor cleanups in oauth2-proxy, matrix, peertube, pgadmin, phpldapadmin, pixelfed, phpmyadmin
security(schema): Bluesky jwt_secret now base64_prefixed_32; add Nextcloud whiteboard_jwt_secret
db: normalize postgres image tag templating; central DB host checks spacing fixes
ops: add full-stack bootstrap (certs, proxy, volumes); internal nginx config reload handler update
refs: https://chatgpt.com/share/68b5f5b7-8d64-800f-b001-1241f818dc0e
2025-09-01 21:37:02 +02:00
b02d88adc0
Refactored server roles for better readability
2025-09-01 18:08:35 +02:00
5f66c1a622
feat(postgres): add split_postgres_connections filter and average pool fact
...
Compute POSTGRES_ALLOWED_AVG_CONNECTIONS once and propagate to app roles (gitlab, mastodon, listmonk, matrix, pretix, mobilizon, openproject, discourse). Fix docker-compose postgres command (-c flags split). Add unit tests. Minor env/locale tweaks and includes.
Conversation: https://chatgpt.com/share/68b48e72-cc28-800f-9c21-270cbc17d82a
2025-08-31 20:04:14 +02:00
12a267827d
Refactor websocket and Taiga variables
...
- Introduce WEBSOCKET_PROTOCOL derived from WEB_PROTOCOL (wss if https, else ws).
- Replace hardcoded websocket URLs in EspoCRM, Nextcloud and Taiga with {{ WEBSOCKET_PROTOCOL }}.
- Fix mautrix-imessage to use ws:// for internal synapse:8008.
- Standardize Pixelfed OIDC env spacing.
- Refactor Taiga variables to TAIGA_* naming convention and clean up EMAIL_BACKEND definition.
See: https://chatgpt.com/share/68af62fa-4dcc-800f-9aaf-cff746daab1e
2025-08-27 21:57:04 +02:00
9180182d5b
Optimized variables
2025-08-21 16:27:10 +02:00
7a6e273ea4
In between commit, updated matrix and optimized mailu
2025-08-20 17:51:17 +02:00
a4f39ac732
Renamed webserver roles to more speakable names
2025-08-20 08:54:17 +02:00
d3cc187c3b
Made System Email Variables UPPER
2025-08-19 09:34:18 +02:00
0de26fa6c7
Solved bug existed due to difference between mailu domain and hostname difference. also refactored during this to find the bug
2025-08-16 14:29:07 +02:00
cc2c1dc730
Renamed injection services
2025-08-16 00:01:46 +02:00
3ac9bd9f90
Optimized variable typos
2025-08-15 18:43:42 +02:00
85a2f4b3d2
Solved matrix federation port bug
2025-08-15 18:37:18 +02:00
012426cf3b
Added more matrix constants for easier debugging and readability
2025-08-15 18:15:58 +02:00
022800425d
THE HUGE REFACTORING CALENDER WEEK 33; Optimized Matrix and during this updated variables, and implemented better reset and cleanup mode handling, also solved some initial setup bugs
2025-08-15 15:15:48 +02:00
0228014d34
Replaced .infinito.service and .infinito.timer by SOFTWARE_NAME suffix, optimized LICENSE link and update OIDC Realm and ID conf
2025-08-14 14:39:18 +02:00
db0e030900
Renamed general and mode constants and implemented a check to verify that constants are just defined ones over the whole repository
2025-08-13 19:11:14 +02:00
aae69ea15b
Ensure that keycloak is up
2025-08-08 17:25:31 +02:00
7f53cc3a12
Replaced web_protocol by WEB_PROTOCOL
2025-08-07 12:31:20 +02:00
a9e7ed3605
Implemented flexible upload limits for wordpress and matrix :)
2025-07-26 11:22:01 +02:00
27973c2773
Optimized injection layer on lua base, as replace for nginx replace. Also optimized cloudflare cache deletion(no everytime for cleanup). Still CDN is required for logout mechanism via JS and Nextcloud deploy is buggy after changing from nginx to openresty. Propably some variable overwritte topic. Should be solved tomorrow.
2025-07-24 19:13:13 +02:00
f62355e490
Replaced nginx native with openresty for logout injection. Right now still buggy on nextcloud and espocrm
2025-07-24 03:19:16 +02:00
3bc64023af
Added logout pages to some applications
2025-07-22 18:49:23 +02:00
af3ea9039c
Restructure and cleaned up in preparation of new backup logic
2025-07-15 23:51:51 +02:00
bbabc58cf9
Optimized webport and certbot_dns_api_token
2025-07-15 15:04:27 +02:00
33d14741e2
Added j2 sniffer and solved syntax bugs
2025-07-13 21:20:23 +02:00
ad60f5fb37
Rmeoved is_feature_enabled function
2025-07-13 17:54:09 +02:00
756597668c
Semi bsr for applications[] to prevent heavy to debug bugs in j2 - part 1
2025-07-13 15:11:38 +02:00
ead60dab84
Fail safed more parts of the code
2025-07-12 21:35:33 +02:00
aa61bf2a44
Removed unecessary application_id s
2025-07-11 15:25:58 +02:00
96268e7161
Renamed server roles by osi they work on
2025-07-10 12:33:46 +02:00
944707ec41
Solved dependency bug which appeared due to autogeneration of meta/main.yml files
2025-07-09 18:01:58 +02:00
2108702a2b
Shortened network- to net-
2025-07-09 04:35:21 +02:00
66198ca1ec
Shortened webserver to srv-web-
2025-07-09 04:27:58 +02:00
8da2e41463
Solved letsencrypt reference bugs
2025-07-09 00:07:12 +02:00
563d5fd528
Huge role refactoring/cleanup. Other commits will propably follow. Because some bugs will exist. Still important for longrun and also for auto docs/help/slideshow generation
2025-07-08 23:43:13 +02:00
