2025-04-22 16:02:24 +02:00
16 changed files with 19 additions and 380 deletions
--- a/docs/guides/developer/Role_Creation.md
+++ b/docs/guides/developer/Role_Creation.md
@ -1,185 +0,0 @@
 ### *Guide to Create a New Docker Role for CyMaIS
 This guide will walk you through the steps to add a new Docker role for a service (in this case, `my_service`) in **CyMaIS**. We will cover where to add the application settings, domain, and other required configuration to ensure that your new service is correctly integrated into the CyMaIS environment.
 ---
 ### **1. Define the Application Configuration in `group_vars/all/07_applications.yml`**
 First, you'll need to add the default configuration for your new service under the `defaults_applications` section in `group_vars/all/07_applications.yml`.
 #### **Steps:**
 - Open `group_vars/all/07_applications.yml`
 - Add the configuration for `my_service` under the `defaults_applications` section.
 ```yaml
 defaults_applications:
  ## My Service Configuration
  my_service:
    version: "latest"                                      # Version of the service
    matomo_tracking_enabled: true                          # Enable Matomo tracking for analytics
    css_enabled: true                                      # Enable or disable global CSS styling
    landingpage_iframe_enabled: false                      # Allow embedding the landing page in an iframe (if true)
 ```
 ---
 ### **2. Add the Domain for `my_service` in `group_vars/all/03_domains.yml`**
 Next, define the domain for your service in the `group_vars/all/03_domains.yml` file. The domain should be dynamic, using the `{{ primary_domain }}` placeholder, which will automatically resolve to the correct domain based on the primary domain used for your environment.
 #### **Steps:**
 - Open `group_vars/all/03_domains.yml`
 - Add the domain for `my_service`.
 ```yaml
 defaults_domains:
  # Other services...
  my_service:            "slides.{{ primary_domain }}"     # Domain for the new service
 ```
 ---
 ### **3. Set the Application ID in `vars/main.yml`**
 In the `vars/main.yml` file, set the `application_id` to `my_service`. This step is essential as it allows CyMaIS to correctly reference and configure the new service when deploying it via Docker.
 #### **Steps:**
 - Open `vars/main.yml`
 - Add the `application_id` for the new service.
 ```yaml
 application_id: "my_service"  # Set the application ID for the service
 ```
 ---
 ### **4. Create the Docker Role for the New Service**
 Now that you have defined the application settings, domain, and application ID, you need to create a Docker role that will build and run the containerized version of `my_service`.
 #### **Steps:**
 - Create a new directory under the `roles` directory, e.g., `roles/docker-my_service`.
 - Inside the `docker-my_service` role, create the following files:
 1. **`README.md`**:
    - Provide documentation on the new service and how it works within CyMaIS.
 2. **`tasks/main.yml`**:
    - Define the tasks for building and running the Docker container for `my_service`.
    Example `tasks/main.yml`:
    ```yaml
    ---
    # Docker Routines for my_service
    - name: "include docker-compose role"
      include_role:
        name: docker-compose
    - name: install cymais-my_service
      command:
        cmd: "pkgmgr install cymais-my_service --clone-mode https"
      notify: docker compose project build and setup
    - name: Get path of cymais-my_service using pkgmgr
      command: pkgmgr path cymais-my_service
      register: path_cymais_my_service_output
    - name: "include role nginx-domain-setup for {{ application_id }}"
      include_role:
        name: nginx-domain-setup
      vars:
        domain: "{{ domains[application_id] }}"
        http_port: "{{ ports.localhost.http[application_id] }}"
    - name: "copy docker-compose.yml and env file"
      include_tasks: copy-docker-compose-and-env.yml
    ```
 3. **`docker-compose.yml.j2`**:
    - Define the `docker-compose.yml` template for building and running the Docker container for the new service.
    Example `docker-compose.yml.j2`:
    ```yaml
    services:
      my_service:
        build:
          context: {{ path_cymais_my_service_output.stdout }}
          dockerfile: {{ path_cymais_my_service_output.stdout }}/Dockerfile
        ports:
          - "127.0.0.1:{{ ports.localhost.http[application_id] }}:5000"
        healthcheck:
          test: ["CMD", "curl", "-f", "http://127.0.0.1:5000"]
          interval: 1m
          timeout: 10s
          retries: 3
        volumes:
          - {{ path_cymais_my_service_output.stdout }}:/app
          - {{ path_cymais_output.stdout }}:/source
    ```
 4. **`vars/main.yml`**:
    - Define any specific variables for `my_service`.
    Example `vars/main.yml`:
    ```yaml
    application_id: "my_service"
    ```
 5. **`meta/main.yml`**:
    - Add metadata for your new role.
    Example `meta/main.yml`:
    ```yaml
    galaxy_info:
      author: "Your Name"
      description: "Docker role to deploy and manage my_service within CyMaIS."
      license: "CyMaIS NonCommercial License (CNCL)"
      company: "Your Company"
      min_ansible_version: "2.9"
      platforms:
        - name: Docker
          versions:
            - all
        - name: Linux
          versions:
            - all
      repository: "https://github.com/yourrepo/my_service"
      documentation: "https://yourdocumentationlink"
    ```
 ---
 ### **5. Test the Configuration**
 Once you have defined the Docker role, configuration settings, and other necessary files, it is essential to test your changes:
 #### **Steps:**
 - Run the Ansible playbook for deploying your new service.
 - Check if `my_service` is correctly deployed and if the domain is resolving as expected.
 - Verify that the application is accessible via the assigned port (e.g., `http://slides.{{ primary_domain }}:5000`).
 ---
 ### **6. Additional Steps for Integration**
 - You can add additional configurations or adjust existing settings based on the requirements for `my_service`. For instance:
  - Modify the health check settings in the `docker-compose.yml` template.
  - Update Nginx or other web servers to properly route traffic to your new service.
 ---
 ### **Conclusion**
 By following this guide, you have successfully added a new Dockerized service (`my_service`) to the CyMaIS platform. You have:
 - Configured the service settings in `group_vars/all/07_applications.yml`
 - Added the domain for the service in `group_vars/all/03_domains.yml`
 - Set the `application_id` in `vars/main.yml`
 - Created the necessary Docker role for managing `my_service`.
 This process allows you to extend the functionality of CyMaIS with new services while maintaining a consistent and reproducible deployment workflow.
 ---
 For any further details or troubleshooting, please consult the official CyMaIS documentation or reach out to the CyMaIS community for assistance.
--- a/docs/overview/Problem_Statement.md
+++ b/docs/overview/Problem_Statement.md
@ -1,34 +0,0 @@
 # Problem Statement
 This is the Problem Statement for [CyMaIS](https://cymais.cloud), highlighting the challenges we aim to address.
 ## Short
 The problem stems from businesses and individuals being dependent on monopolistic cloud providers, losing control over their data, facing security risks, and being vulnerable to geopolitical manipulation, while small businesses struggle to set up secure, enterprise-level IT infrastructures due to lack of resources and expertise.
 ## Explanation
 In today’s digital landscape, data is predominantly stored in the cloud, controlled by large corporations such as Microsoft, AWS, and other cloud providers. This creates a dependency on these providers, leading to increasingly expensive services and a lack of control over critical business data. 
 As organizations rely on these monopolistic players for their cloud services, they surrender ownership of their data, becoming vulnerable to the whims of these companies. This dependency puts them at the mercy of cloud and software giants, who not only dictate pricing and service levels but also influence the very governance of data.
 Moreover, the ease with which governments, intelligence agencies, and private corporations can access sensitive data is a growing concern. With increasing surveillance capabilities, the privacy of users and businesses is constantly at risk, further amplifying the vulnerability of data stored in centralized cloud infrastructures.
 Additionally, the dominance of these companies in sectors like social media further exacerbates the issue, making individuals and organizations susceptible to manipulation and control.
 The problem intensifies in times of political unrest or global conflicts. As data is often centrally stored with monopolistic providers, businesses become highly dependent on these entities for accessing their data and services. This dependency increases the risk of coercion or pressure from governments or private corporations, leading to potential **extortion**. Governments may attempt to gain leverage over businesses by threatening access to critical data or services, while private companies may exploit this dependency for their own interests. 
 In essence, the lack of sovereignty over data and the increasing control of a few monopolistic entities undermine the fundamental values of privacy, security, and independence. Organizations, especially small businesses, are left vulnerable to external pressures, making them pawns in a larger game dominated by these cloud and software giants.
 Furthermore, for small businesses, setting up enterprise-level open-source infrastructure with integrated solutions such as **Single Sign-On (SSO)**, **Identity and Access Management (IAM)**, **encryption**, **backup solutions**, and other essential IT services is nearly impossible. These businesses lack the resources, both financial and human, to deploy secure IT infrastructures at an enterprise level. 
 System administrators in small companies often don’t have the specialized knowledge or the capacity to build and maintain such complex infrastructures, which further exacerbates the challenge of securing sensitive business data while ensuring compliance with industry standards.
 ## Key Points
 - Dependency on monopolistic cloud providers  
 - Loss of data sovereignty and data privacy risks  
 - Geopolitical vulnerabilities (extortion risk)  
 - Lack of resources for small businesses  
 - Limited expertise for secure infrastructure  
 - Centralized data storage risks
 - Manipulation through social media dominance
--- a/docs/overview/Vision.md
+++ b/docs/overview/Vision.md
@ -0,0 +1,11 @@
 # Vision
 At the heart of our endeavor lies the creation of an unparalleled tool, designed to revolutionize the way IT infrastructure is deployed and managed in businesses of all scales and across various industries. Our vision is to develop a fully automated solution capable of establishing a secure and infinitely scalable corporate IT infrastructure.
 This tool, grounded firmly in Open Source principles, will not only champion transparency and innovation but also ensure adaptability and accessibility for every business, regardless of its size or industry. We aim to make the complex process of IT setup not just simpler but also faster.
 We envision a future where businesses are no longer constrained by the complexities of IT infrastructure setup. Instead, they will be empowered with a tool that seamlessly integrates into their operational fabric, offering a robust, secure, and scalable digital backbone. This tool will not only cater to the immediate IT needs of a company but also be agile enough to evolve with their growing demands and the ever-changing technological landscape.
 Our commitment is to break down barriers to advanced IT infrastructure, democratizing access to high-level technology solutions. By harnessing the power of Open Source, our solution will not only uphold the highest standards of security and scalability but also foster a community-driven approach to continuous improvement and innovation.
 In essence, our vision is to redefine the paradigm of IT infrastructure deployment, making it a swift, secure, and scalable journey for every business, and setting a new benchmark in the industry for efficiency and reliability.
--- a/docs/overview/Vision_Statement.md
+++ b/docs/overview/Vision_Statement.md
@ -1,32 +0,0 @@
 # Vision Statement
 This is the Vision Statement for [CyMaIS](https://cymais.cloud), outlining our future goals and direction.
 ## Short
 CyMaIS aims to empower individuals, businesses, NGOs, and enterprises with a secure, scalable, and decentralized IT infrastructure solution that ensures data sovereignty, promotes Open Source innovation, and reduces reliance on monopolistic cloud providers.
 ## Explanation
 At the core of our mission is the development of a groundbreaking tool designed to address the inherent problems in managing IT infrastructure today, for individuals, businesses, non-governmental organizations (NGOs), and large enterprises alike. From the rising costs of monopolistic cloud services to the loss of data sovereignty, security concerns, and dependency on centralized cloud providers, we aim to provide an alternative that empowers users, organizations, and businesses to regain control over their data and infrastructure.
 Our vision is to create a fully automated solution that enables all users, regardless of size or industry, to establish a secure, scalable, and self-managed IT infrastructure. This tool will break down the complexities of IT infrastructure setup, making it faster, simpler, and more secure, while being accessible to everyone—from individuals and grassroots organizations to large-scale enterprises.
 Grounded in Open Source principles, this solution will champion transparency, security, and innovation. It will be adaptable and flexible, offering a digital infrastructure that evolves alongside the diverse needs of businesses, organizations, and communities, all while maintaining a focus on usability and accessibility.
 We envision a future where users and organizations are no longer at the mercy of monopolistic cloud providers, where they can securely manage their own data and infrastructure. This future will see individuals and NGOs empowered with the same capabilities as large enterprises—ensuring that people of all scales can maintain control and sovereignty over their digital lives, free from external manipulation.
 CyMaIS will democratize access to advanced IT infrastructure solutions, providing security, flexibility, and scalability for all—from small NGOs to large multinational enterprises—without the cost and dependence on centralized, proprietary cloud services. By utilizing Open Source, our solution will meet the highest standards of security while fostering a collaborative, community-driven approach to innovation and continuous improvement.
 Moreover, our vision goes beyond just IT infrastructure; it extends to the broader goal of democratizing the internet itself. By integrating decentralized protocols like **ActivityPub**, **email**, and **Matrix**, we aim to restore the foundational principles of a decentralized, resilient internet. In today’s world, marked by political tensions, wars, and uncertainty, the importance of resilient, distributed infrastructures has never been greater. CyMaIS will enable all users—from individuals to NGOs and large enterprises—to remain independent and secure, ensuring that control over data and communications stays in their hands, not under the dominance of monopolistic entities.
 Ultimately, our vision is to redefine the way IT infrastructure is deployed and managed, offering a solution that is swift, secure, and scalable, capable of meeting the needs of businesses, individuals, NGOs, and large enterprises. CyMaIS will empower all stakeholders by providing a foundation for a decentralized, transparent, and resilient digital future—setting a new benchmark for security, reliability, and sovereignty in the digital age.
 ## Key Points
 1. Empowerment for individuals, businesses, NGOs, and enterprises  
 2. Data sovereignty and control over infrastructure  
 3. Automated and simplified IT infrastructure setup  
 4. Open Source transparency, security, and innovation  
 5. Decentralized internet using ActivityPub, email, and Matrix  
 6. Scalability for small to large organizations  
 7. Global resilience and security in uncertain political climates
--- a/group_vars/all/03_domains.yml
+++ b/group_vars/all/03_domains.yml
@ -39,7 +39,6 @@ defaults_domains:
  phpmyldap:               "phpmyldap.{{primary_domain}}"
  pixelfed:                "picture.{{primary_domain}}"
  portfolio:               "{{primary_domain}}"
  presentation:            "slides.{{primary_domain}}"
  roulette-wheel:          "roulette.{{primary_domain}}"
  snipe_it:                "inventory.{{primary_domain}}"
  sphinx:                  "docs.{{primary_domain}}"
--- a/group_vars/all/07_applications.yml
+++ b/group_vars/all/07_applications.yml
@ -703,12 +703,6 @@ defaults_applications:
    css_enabled:                  "{{css_enabled_default}}"                 # Enables\Disables Global CSS Style
    landingpage_iframe_enabled:   false                                     # Doesn't make sense to load landingpage in landingpage
  ## Presentation
  presentation:
    matomo_tracking_enabled:      "{{matomo_tracking_enabled_default}}"     # Enables\Disables Matomo Tracking
    css_enabled:                  "{{css_enabled_default}}"                 # Enables\Disables Global CSS Style
    landingpage_iframe_enabled:   False                                     # Makes sense to make the documentary allways in iframe available
  # Snipe-IT
  snipe_it:
    version:                      "latest"
--- a/group_vars/all/09_ports.yml
+++ b/group_vars/all/09_ports.yml
@ -52,7 +52,6 @@ ports:
      sphinx:           8036
      phpldapadmin:     8037
      fusiondirectory:  8038
      presentation:     8039
      bigbluebutton:    48087 # This port is predefined by bbb. @todo Try to change this to a 8XXX port
  # Ports which are exposed to the World Wide Web
  public:
--- a/group_vars/all/10_networks.yml
+++ b/group_vars/all/10_networks.yml
@ -78,8 +78,6 @@ defaults_networks:
      subnet: 192.168.103.16/28
    fusiondirectory:
      subnet: 192.168.103.32/28
    presentation:
      subnet: 192.168.103.48/28
    # /24 Networks / 254 Usable Clients
    bigbluebutton:
--- a/roles/docker-presentation/README.md
+++ b/roles/docker-presentation/README.md
@ -1,32 +0,0 @@
 # CyMaIS Presentation 🚀
 ## Description
 This **CyMaIS Presentation** is a powerful tool designed for showcasing the CyMaIS platform to various audiences, including **Administrators**, **Developers**, **End-Users**, **Businesses**, and **Investors**. The presentation leverages **Reveal.js** to create an interactive, engaging, and fully containerized experience that can be easily deployed with Docker.
 This role automates the process of setting up and running the CyMaIS presentation in a Docker container, ensuring a reproducible and isolated environment for displaying the content.
 ## Overview
 The **CyMaIS Presentation** role automates the setup of an environment using Docker, providing a seamless process for pulling your source repository, building the presentation, and serving the slides through a lightweight HTTP server. It uses **[Reveal.js](https://revealjs.com/)** for building and serving the presentation slides and can be deployed with **Kevin's Package Manager**.
 ### Features
 - **Fully Automated Setup**: The role handles all tasks, including pulling the source repository, building the Docker image, and serving the presentation through a web server.
 - **Dockerized Environment**: The entire process is contained within Docker, ensuring consistent builds and easy deployment.
 - **Interactive Slides**: The presentation is built with **Reveal.js**, allowing for interactive slides with advanced features like fragments, transitions, and more.
 - **Customizable**: Easily configurable to point to your own source code or documentation.
 ## Further Resources
 For more information about the **CyMaIS Presentation**, check out the GitHub repository: [CyMaIS Presentation](https://github.com/kevinveenbirkenbach/cymais-presentation)
 For more about **Reveal.js**, visit: [Reveal.js](https://revealjs.com/)
 ## License 📄
 This project is licensed under the **CyMaIS NonCommercial License (CNCL)** - see the [LICENSE](LICENSE) file for details.
 ---
 For additional details about CyMaIS, visit: [cymais.cloud](https://cymais.cloud)
--- a/roles/docker-presentation/meta/main.yml
+++ b/roles/docker-presentation/meta/main.yml
@ -1,30 +0,0 @@
 galaxy_info:
  author: "Kevin Veen-Birkenbach"
  description: "Automates the process of presenting CyMaIS using Reveal.js in a containerized environment. Ideal for administrators, developers, end-users, businesses, and investors."
  license: "CyMaIS NonCommercial License (CNCL)"
  license_url: "https://s.veen.world/cncl"
  company: |
    Kevin Veen-Birkenbach
    Consulting & Coaching Solutions
    https://www.veen.world
  min_ansible_version: "2.9"
  platforms:
    - name: Docker
      versions:
        - all
    - name: Linux
      versions:
        - all
  galaxy_tags:
    - presentation
    - revealjs
    - docker
    - automation
    - deployment
  repository: "https://github.com/kevinveenbirkenbach/cymais-presentation"
  issue_tracker_url: "https://s.veen.world/cymaisissues"
  documentation: "https://s.veen.world/cymais"
  logo:
    class: "fa-solid fa-presentation-screen"
 dependencies:
  - package-manager
--- a/roles/docker-presentation/tasks/main.yml
+++ b/roles/docker-presentation/tasks/main.yml
@ -1,28 +0,0 @@
 ---
 # Docker Routines
 - name: "include docker-compose role"
  include_role: 
    name: docker-compose
 - name: install cymais-presentation
  command:
    cmd: "pkgmgr install cymais-presentation --clone-mode https"
  notify: docker compose project build and setup
 - name: Get path of cymais-presentation using pkgmgr
  command: pkgmgr path cymais-presentation
  register: path_cymais_presentation_output
 - name: Get path of cymais using pkgmgr
  command: pkgmgr path cymais
  register: path_cymais_output
 - name: "include role nginx-domain-setup for {{application_id}}"
  include_role:
    name: nginx-domain-setup
  vars:
    domain:     "{{ domains[application_id] }}"
    http_port: 	"{{ ports.localhost.http[application_id] }}"
 - name: "copy docker-compose.yml and env file"
  include_tasks: copy-docker-compose-and-env.yml
--- a/roles/docker-presentation/templates/docker-compose.yml.j2
+++ b/roles/docker-presentation/templates/docker-compose.yml.j2
@ -1,20 +0,0 @@
 services:
  cymais-presentation:
    build:
      context:    {{ path_cymais_presentation_output.stdout }}
      dockerfile: {{ path_cymais_presentation_output.stdout }}/Dockerfile
    ports:
      - "127.0.0.1:{{ports.localhost.http[application_id]}}:5000"
    healthcheck:
      test: ["CMD", "curl", "-f", "http://127.0.0.1:5000"]
      interval: 1m
      timeout: 10s
      retries: 3
    volumes:
      - {{ path_cymais_presentation_output.stdout }}:/app
      - {{ path_cymais_output.stdout }}:/source
 {% include 'roles/docker-compose/templates/services/base.yml.j2' %}
 {% include 'templates/docker/container/networks.yml.j2' %}
 {% include 'templates/docker/compose/networks.yml.j2' %}
--- a/roles/docker-presentation/templates/env.j2
+++ b/roles/docker-presentation/templates/env.j2
--- a/roles/docker-presentation/vars/main.yml
+++ b/roles/docker-presentation/vars/main.yml
@ -1 +0,0 @@
 application_id: "presentation"
--- a/roles/docker-sphinx/tasks/main.yml
+++ b/roles/docker-sphinx/tasks/main.yml
@ -9,6 +9,11 @@
    cmd: "pkgmgr install cymais-sphinx --clone-mode https"
  notify: docker compose project build and setup
 - name: update cymais for up to date docs
  command:
    cmd: "pkgmgr update cymais"
  notify: docker compose project build and setup
 - name: Get path of cymais-sphinx using pkgmgr
  command: pkgmgr path cymais-sphinx
  register: path_cymais_sphinx_output
--- a/tasks/server.yml
+++ b/tasks/server.yml
@ -211,11 +211,6 @@
  include_role:
    name: docker-pgadmin
 - name: setup presentation
  when: ("presentation" in group_names)
  include_role:
    name: docker-presentation
 # Native Webserver Roles
 - name: setup nginx-serve-htmls
  when: ("nginx-serve-htmls" in group_names)