Solved oauth2 bug

roles/cmp-db-docker-proxy/README.md

@@ -0,0 +1,11 @@
+# Database Docker with Web Proxy
+
+This role builds on `cmp-db-docker` by adding a reverse-proxy frontend for HTTP access to your database service.
+
+## Features
+
+- **Database Composition**  
+  Leverages the `cmp-db-docker` role to stand up your containerized database (PostgreSQL, MariaDB, etc.) with backups and user management.
+
+- **Reverse Proxy**  
+  Includes the `srv-web-proxy-domain` role to configure a proxy (e.g. nginx) for routing HTTP(S) traffic to your database UI or management endpoint.

roles/cmp-db-docker-proxy/meta/main.yml

@@ -0,0 +1,15 @@
+galaxy_info:
+  author: "Kevin Veen-Birkenbach"
+  description: >
+    Extends cmp-db-docker by adding an HTTP reverse proxy via srv-web-proxy-domain.
+  company: |
+    Kevin Veen-Birkenbach
+    Consulting & Coaching Solutions
+    https://www.veen.world
+  license: "CyMaIS NonCommercial License (CNCL)"
+  license_url: "https://s.veen.world/cncl"
+  galaxy_tags:
+    - docker
+    - database
+    - proxy
+    - compose

roles/cmp-db-docker-proxy/tasks/main.yml

@@ -0,0 +1,10 @@
+- name: "load docker and db for {{application_id}}"
+  include_role: 
+    name: cmp-db-docker
+
+- name: "include role srv-web-proxy-domain for {{application_id}}"
+  include_role:
+    name: srv-web-proxy-domain
+  vars:
+    domain:   "{{ domains | get_domain(application_id) }}"
+    http_port:   "{{ ports.localhost.http[application_id] }}"

roles/cmp-docker-proxy/README.md

@@ -0,0 +1,11 @@
+# Docker Compose with Web Proxy
+
+This role combines the standard Docker Compose setup with a reverse-proxy for any application.
+
+## Features
+
+- **Docker Compose**  
+  Brings up containers, networks, and volumes via the `docker-compose` role.
+
+- **Reverse Proxy**  
+  Uses the `srv-web-proxy-domain` role to expose your application under a custom domain and port.

roles/cmp-docker-proxy/meta/main.yml

@@ -0,0 +1,15 @@
+galaxy_info:
+  author: "Kevin Veen-Birkenbach"
+  description: >
+    Combines the docker-compose role with srv-web-proxy-domain to
+    deploy applications behind a reverse proxy.
+  company: |
+    Kevin Veen-Birkenbach
+    Consulting & Coaching Solutions
+    https://www.veen.world
+  license: "CyMaIS NonCommercial License (CNCL)"
+  license_url: "https://s.veen.world/cncl"
+  galaxy_tags:
+    - docker
+    - compose
+    - proxy

roles/cmp-docker-proxy/tasks/main.yml

@@ -0,0 +1,10 @@
+- name: "include docker-compose role"
+  include_role: 
+    name: docker-compose
+
+- name: "include role srv-web-proxy-domain for {{application_id}}"
+  include_role:
+    name: srv-web-proxy-domain
+  vars:
+    domain:   "{{ domains | get_domain(application_id) }}"
+    http_port:   "{{ ports.localhost.http[application_id] }}"

roles/desk-bluray-player/meta/main.yml

@@ -1,2 +1,24 @@
+---
+galaxy_info:
+  author: "Kevin Veen-Birchenbach"
+  description: "Installs VLC, libaacs and libbluray for Blu-ray playback on Arch Linux–based systems."
+  license: "CyMaIS NonCommercial License (CNCL)"
+  license_url: "https://s.veen.world/cncl"
+  company: |
+    Kevin Veen-Birchenbach
+    Consulting & Coaching Solutions
+    https://www.veen.world
+  galaxy_tags:
+    - vlc
+    - bluray
+    - media
+  repository: "https://github.com/kevinveenbirkenbach/cymais"
+  issue_tracker_url: "https://github.com/kevinveenbirkenbach/cymais/issues"
+  documentation: "https://github.com/kevinveenbirkenbach/cymais/tree/main/roles/desk-bluray-player"
+  min_ansible_version: "2.9"
+  platforms:
+    - name: Archlinux
+      versions: [ all ]
 dependencies:
-- gen-java
+  - gen-java
+

roles/desk-qbittorrent/meta/main.yml

@@ -1,2 +1,23 @@
+---
+galaxy_info:
+  author: "Kevin Veen-Birchenbach"
+  description: "Installs the qBittorrent torrent client via AUR on Arch Linux."
+  license: "CyMaIS NonCommercial License (CNCL)"
+  license_url: "https://s.veen.world/cncl"
+  company: |
+    Kevin Veen-Birchenbach
+    Consulting & Coaching Solutions
+    https://www.veen.world
+  galaxy_tags:
+    - qbittorrent
+    - torrent
+  repository: "https://github.com/kevinveenbirkenbach/cymais"
+  issue_tracker_url: "https://github.com/kevinveenbirkenbach/cymais/issues"
+  documentation: "https://github.com/kevinveenbirkenbach/cymais/tree/main/roles/desk-qbittorrent"
+  min_ansible_version: "2.9"
+  platforms:
+    - name: Archlinux
+      versions: [ all ]
 dependencies:
-- gen-aur-helper
+  - gen-aur-helper
+

roles/desk-zoom/meta/main.yml

@@ -1,2 +1,24 @@
+---
+galaxy_info:
+  author: "Kevin Veen-Birchenbach"
+  description: "Installs the Zoom video conferencing client via AUR on Arch Linux."
+  license: "CyMaIS NonCommercial License (CNCL)"
+  license_url: "https://s.veen.world/cncl"
+  company: |
+    Kevin Veen-Birchenbach
+    Consulting & Coaching Solutions
+    https://www.veen.world
+  galaxy_tags:
+    - zoom
+    - video
+    - conferencing
+  repository: "https://github.com/kevinveenbirkenbach/cymais"
+  issue_tracker_url: "https://github.com/kevinveenbirkenbach/cymais/issues"
+  documentation: "https://github.com/kevinveenbirkenbach/cymais/tree/main/roles/desk-zoom"
+  min_ansible_version: "2.9"
+  platforms:
+    - name: Archlinux
+      versions: [ all ]
 dependencies:
-- gen-aur-helper
+  - gen-aur-helper
+

roles/docker-compose/defaults/main.yml

@@ -1,2 +1,3 @@
 docker_compose_skipp_file_creation: false # If set to true the file creation will be skipped
 docker_repository:                  false # Activates docker repository download and routine
+docker_compose_flush_handlers:      false # Set to true in the vars/main.yml of the including role to autoflush after docker compose routine

roles/docker-compose/tasks/main.yml

@@ -7,7 +7,7 @@
 
 # This could lead to problems in docker-compose directories which are based on a git repository
 # @todo Verify that this isn't the case. E.g. in accounting
-- name: "Create all docker-compose directories (including parent directories)"
+- name: "Create all docker-compose directories (including parent directories) for '{{ application_id }}'"
   file:
     path: "{{ item.value }}"
     state: directory
@@ -19,3 +19,7 @@
 
 - include_tasks: "files.yml"
   when: not docker_compose_skipp_file_creation | bool
+
+- name: "flush database, docker and proxy for '{{ application_id }}'" 
+  meta: flush_handlers
+  when: docker_compose_flush_handlers | bool

roles/docker-container/meta/main.yml

@@ -1,2 +1,24 @@
+---
+galaxy_info:
+  author: "Kevin Veen-Birchenbach"
+  description: "Provides shared Jinja2 snippets for Docker Compose service definitions (base, networks, healthchecks, depends_on)."
+  license: "CyMaIS NonCommercial License (CNCL)"
+  license_url: "https://s.veen.world/cncl"
+  company: |
+    Kevin Veen-Birchenbach
+    Consulting & Coaching Solutions
+    https://www.veen.world
+  galaxy_tags:
+    - docker
+    - compose
+    - jinja2
+  repository: "https://github.com/kevinveenbirkenbach/cymais"
+  issue_tracker_url: "https://github.com/kevinveenbirkenbach/cymais/issues"
+  documentation: "https://github.com/kevinveenbirkenbach/cymais/tree/main/roles/docker-container"
+  min_ansible_version: "2.9"
+  platforms:
+    - name: Any
+      versions: [ all ]
 dependencies:
-- docker-core
+  - docker-core
+

roles/drv-epson-multiprinter/meta/main.yml

@@ -1,2 +1,24 @@
+---
+galaxy_info:
+  author: "Kevin Veen-Birchenbach"
+  description: "Installs Epson multifunction printer drivers and scanning utilities (escpr, imagescan) via Pacman and AUR on Arch Linux."
+  license: "CyMaIS NonCommercial License (CNCL)"
+  license_url: "https://s.veen.world/cncl"
+  company: |
+    Kevin Veen-Birchenbach
+    Consulting & Coaching Solutions
+    https://www.veen.world
+  galaxy_tags:
+    - epson
+    - printer
+    - scanner
+  repository: "https://github.com/kevinveenbirkenbach/cymais"
+  issue_tracker_url: "https://github.com/kevinveenbirkenbach/cymais/issues"
+  documentation: "https://github.com/kevinveenbirkenbach/cymais/tree/main/roles/drv-epson-multiprinter"
+  min_ansible_version: "2.9"
+  platforms:
+    - name: Archlinux
+      versions: [ all ]
 dependencies:
-- gen-aur-helper
+  - gen-aur-helper
+

roles/srv-web-injector-matomo/meta/main.yml

@@ -1,3 +1,24 @@
+---
+galaxy_info:
+  author: "Kevin Veen-Birchenbach"
+  description: "Injects Matomo analytics tracking code and noscript image tracker into Nginx-served HTML pages."
+  license: "CyMaIS NonCommercial License (CNCL)"
+  license_url: "https://s.veen.world/cncl"
+  company: |
+    Kevin Veen-Birchenbach
+    Consulting & Coaching Solutions
+    https://www.veen.world
+  galaxy_tags:
+    - nginx
+    - matomo
+    - analytics
+  repository: "https://github.com/kevinveenbirkenbach/cymais"
+  issue_tracker_url: "https://github.com/kevinveenbirkenbach/cymais/issues"
+  documentation: "https://github.com/kevinveenbirkenbach/cymais/tree/main/roles/srv-web-injector-matomo"
+  min_ansible_version: "2.9"
+  platforms:
+    - name: Any
+      versions: [ all ]
 dependencies:
-  # - web-app-matomo Don't activate this otherwise the plays take super long
   - srv-web-core
+

roles/srv-web-proxy-core/templates/vhost/basic.conf.j2

@@ -8,9 +8,9 @@ server
 
   {% include 'roles/srv-web-injector-compose/templates/global.includes.conf.j2'%}
   
-  {% if nginx_docker_reverse_proxy_extra_configuration is defined %}
+  {% if proxy_extra_configuration is defined %}
     {# Additional Domain Specific Configuration #}
-    {{nginx_docker_reverse_proxy_extra_configuration}}
+    {{ proxy_extra_configuration }}
   {% endif %}
 
   {% include 'roles/net-letsencrypt/templates/ssl_header.j2' %}

roles/srv-web-proxy-domain/tasks/main.yml

@@ -32,6 +32,5 @@
   when: applications | is_feature_enabled('oauth2',application_id)
 
 - name: "include the web-app-oauth2-proxy role {{domain}}"
-  include_role:
+  include_tasks: "{{ playbook_dir }}/roles/web-app-oauth2-proxy/tasks/main.yml"
-    name: web-app-oauth2-proxy
   when: applications | is_feature_enabled('oauth2',application_id)

roles/srv-web-proxy-tls-deploy/meta/main.yml

@@ -1,2 +1,25 @@
+---
+galaxy_info:
+  author: "Kevin Veen-Birchenbach"
+  description: "Deploys Let’s Encrypt certificates into Docker Compose Nginx setups via systemd service and timer."
+  license: "CyMaIS NonCommercial License (CNCL)"
+  license_url: "https://s.veen.world/cncl"
+  company: |
+    Kevin Veen-Birchenbach
+    Consulting & Coaching Solutions
+    https://www.veen.world
+  galaxy_tags:
+    - nginx
+    - letsencrypt
+    - docker
+    - systemd
+  repository: "https://github.com/kevinveenbirkenbach/cymais"
+  issue_tracker_url: "https://github.com/kevinveenbirkenbach/cymais/issues"
+  documentation: "https://github.com/kevinveenbirkenbach/cymais/tree/main/roles/srv-web-proxy-tls-deploy"
+  min_ansible_version: "2.9"
+  platforms:
+    - name: Any
+      versions: [ all ]
 dependencies:
-- alert-compose
+  - alert-compose
+

roles/utils-desk-browser-firefox/meta/main.yml

@@ -0,0 +1,23 @@
+---
+galaxy_info:
+  author: "Kevin Veen-Birchenbach"
+  description: "Automates Firefox installation and enforces Enterprise Policies (auto-install extensions) on Arch Linux."
+  license: "CyMaIS NonCommercial License (CNCL)"
+  license_url: "https://s.veen.world/cncl"
+  company: |
+    Kevin Veen-Birchenbach
+    Consulting & Coaching Solutions
+    https://www.veen.world
+  galaxy_tags:
+    - firefox
+    - enterprise-policy
+    - browser
+  repository: "https://github.com/kevinveenbirkenbach/cymais"
+  issue_tracker_url: "https://github.com/kevinveenbirkenbach/cymais/issues"
+  documentation: "https://github.com/kevinveenbirkenbach/cymais/tree/main/roles/utils-desk-browser-firefox"
+  min_ansible_version: "2.9"
+  platforms:
+    - name: Archlinux
+      versions: [ rolling ]
+dependencies: []
+

roles/utils-desk-design/meta/main.yml

@@ -1,2 +1,25 @@
+---
+galaxy_info:
+  author: "Kevin Veen-Birchenbach"
+  description: "Installs designer tools such as GIMP, Blender, and Draw.io via AUR on Arch Linux."
+  license: "CyMaIS NonCommercial License (CNCL)"
+  license_url: "https://s.veen.world/cncl"
+  company: |
+    Kevin Veen-Birchenbach
+    Consulting & Coaching Solutions
+    https://www.veen.world
+  galaxy_tags:
+    - gimp
+    - blender
+    - drawio
+    - design
+  repository: "https://github.com/kevinveenbirkenbach/cymais"
+  issue_tracker_url: "https://github.com/kevinveenbirkenbach/cymais/issues"
+  documentation: "https://github.com/kevinveenbirkenbach/cymais/tree/main/roles/utils-desk-design"
+  min_ansible_version: "2.9"
+  platforms:
+    - name: Archlinux
+      versions: [ all ]
 dependencies:
-- gen-aur-helper
+  - gen-aur-helper
+

roles/web-app-akaunting/tasks/main.yml

@@ -1,14 +1,7 @@
 ---
-- name: "load docker and db for {{application_id}}"
+- name: "load docker, db and proxy for {{application_id}}"
   include_role: 
-    name: cmp-db-docker
+    name: cmp-db-docker-proxy
-
-- name: "include role srv-web-proxy-domain for {{application_id}}"
-  include_role:
-    name: srv-web-proxy-domain
-  vars:
-    domain:   "{{ domains | get_domain(application_id) }}"
-    http_port:   "{{ ports.localhost.http[application_id] }}"
 
 - name: "include tasks update-repository-with-files.yml"
   include_tasks: utils/update-repository-with-files.yml

roles/web-app-baserow/tasks/main.yml

@@ -1,11 +1,4 @@
 ---
-- name: "load docker and db for {{application_id}}"
+- name: "load docker, db and proxy for {{application_id}}"
   include_role: 
-    name: cmp-db-docker
+    name: cmp-db-docker-proxy
-
-- name: "include role srv-web-proxy-domain for {{application_id}}"
-  include_role:
-    name: srv-web-proxy-domain
-  vars:
-    domain:   "{{ domains | get_domain(application_id) }}"
-    http_port:   "{{ ports.localhost.http[application_id] }}"

roles/web-app-baserow/vars/main.yml

@@ -1,5 +1,3 @@
 application_id:     "baserow"
 database_password:  "{{ baserow_database_password }}"
 database_type:      "postgres"
-domain:             "{{ domains | get_domain(application_id) }}"
-http_port:          "{{ ports.localhost.http[application_id] }}"

roles/web-app-chess/meta/main.yml

@@ -0,0 +1,22 @@
+---
+galaxy_info:
+  author: "Kevin Veen-Birchenbach"
+  description: "Stub role for deploying a Chess web application via Docker Compose (implementation pending)."
+  license: "CyMaIS NonCommercial License (CNCL)"
+  license_url: "https://s.veen.world/cncl"
+  company: |
+    Kevin Veen-Birchenbach
+    Consulting & Coaching Solutions
+    https://www.veen.world
+  galaxy_tags:
+    - chess
+    - docker
+  repository: "https://github.com/kevinveenbirkenbach/cymais"
+  issue_tracker_url: "https://github.com/kevinveenbirkenbach/cymais/issues"
+  documentation: "https://github.com/kevinveenbirkenbach/cymais/tree/main/roles/web-app-chess"
+  min_ansible_version: "2.9"
+  platforms:
+    - name: Any
+      versions: [ all ]
+dependencies: []
+

roles/web-app-coturn/tasks/main.yml

@@ -1,11 +1,4 @@
 ---
-- name: "load docker and db for {{application_id}}"
+- name: "load docker, db and proxy for {{application_id}}"
   include_role: 
-    name: cmp-db-docker
+    name: cmp-db-docker-proxy
-
-- name: "include role srv-web-proxy-domain for {{application_id}}"
-  include_role:
-    name: srv-web-proxy-domain
-  vars:
-    domain:   "{{ domains | get_domain(application_id) }}"
-    http_port:   "{{ ports.localhost.http[application_id] }}"

roles/web-app-discourse/tasks/main.yml

@@ -10,29 +10,9 @@
     state: present
   when: run_once_docker_discourse is not defined
 
-- name: "load docker and db for {{application_id}}"
+- name: "load docker, db and proxy for {{application_id}}"
   include_role: 
-    name: cmp-db-docker
+    name: cmp-db-docker-proxy
-  when: run_once_docker_discourse is not defined
-
-- name: "include role srv-web-proxy-domain for {{application_id}}"
-  include_role:
-    name: srv-web-proxy-domain
-  vars:
-    domain:   "{{ domains | get_domain(application_id) }}"
-    http_port:   "{{ ports.localhost.http[application_id] }}"
-  when: run_once_docker_discourse is not defined
-
-- name: add docker-compose.yml
-  template: 
-    src:  docker-compose.yml.j2 
-    dest: "{{docker_compose.directories.instance}}docker-compose.yml"
-  notify:
-    - docker compose up
-  when: run_once_docker_discourse is not defined
-
-- name: flush, to recreate discourse docker compose
-  meta: flush_handlers
   when: run_once_docker_discourse is not defined
 
 - name: pull docker repository

roles/web-app-discourse/vars/main.yml

@@ -3,3 +3,4 @@ database_password:                      "{{ applications[application_id].credent
 database_type:                          "postgres"
 docker_repository_directory :           "{{docker_compose.directories.services}}{{applications[application_id].repository}}/"
 discourse_application_yml_destination:  "{{docker_repository_directory }}containers/{{applications[application_id].container}}.yml"
+docker_compose_flush_handlers:          false

roles/web-app-espocrm/tasks/main.yml

@@ -1,18 +1,7 @@
 ---
-- name: "load docker and db for {{application_id}}"
+- name: "load docker, db and proxy for {{application_id}}"
   include_role: 
-    name: cmp-db-docker
+    name: cmp-db-docker-proxy
-
-- name: "Include setup for domain '{{ domain }}'"
-  include_role: 
-    name: srv-web-proxy-domain
-  vars:
-    ws_path:              "/ws"
-    ws_port:              "{{ ports.localhost.websocket[application_id] }}"
-    client_max_body_size: "100m"
-    vhost_flavour:        "ws_generic"
-    domain:               "{{ domains | get_domain(application_id) }}"
-    http_port:            "{{ ports.localhost.http[application_id] }}"
 
 - name: Set OIDC scopes in EspoCRM config (inside web container)
   ansible.builtin.shell: |

roles/web-app-espocrm/vars/main.yml

@@ -1,3 +1,6 @@
 application_id:       "espocrm"
-# EspoCRM uses MySQL/MariaDB
 database_type:        "mariadb"
+ws_path:              "/ws"
+ws_port:              "{{ ports.localhost.websocket[application_id] }}"
+client_max_body_size: "100m"
+vhost_flavour:        "ws_generic"

roles/web-app-friendica/tasks/main.yml

@@ -1,7 +1,7 @@
 ---
-- name: "load docker and db for {{application_id}}"
+- name: "load docker, db and proxy for {{application_id}}"
   include_role: 
-    name: cmp-db-docker
+    name: cmp-db-docker-proxy
 
 - name: "create {{ friendica_host_ldap_config }}"
   template: 
@@ -14,13 +14,6 @@
   notify: docker compose up
   when: applications | is_feature_enabled('ldap',application_id)
 
-- name: "include role srv-web-proxy-domain for {{application_id}}"
-  include_role:
-    name: srv-web-proxy-domain
-  vars:
-    domain:   "{{ domains | get_domain(application_id) }}"
-    http_port:   "{{ ports.localhost.http[application_id] }}"
-
 - name: Build friendica_addons based on features
   set_fact:
     friendica_addons: >-

roles/web-app-funkwhale/tasks/main.yml

@@ -1,13 +1,6 @@
 ---
-- name: "load docker and db for {{application_id}}"
+- name: "load docker, db and proxy for {{application_id}}"
   include_role: 
-    name: cmp-db-docker
+    name: cmp-db-docker-proxy
-
-- name: "include role srv-web-proxy-domain for {{application_id}}"
-  include_role:
-    name: srv-web-proxy-domain
-  vars:
-    domain:   "{{ domains | get_domain(application_id) }}"
-    http_port:   "{{ ports.localhost.http[application_id] }}"
 
 

roles/web-app-funkwhale/vars/main.yml

@@ -1,5 +1,5 @@
 application_id:                   "funkwhale"
-nginx_docker_reverse_proxy_extra_configuration: "client_max_body_size 512M;"
+proxy_extra_configuration:        "client_max_body_size 512M;"
 database_type:                    "postgres"
 funkwhale_media_root:             "/srv/funkwhale/data/"
 funkwhale_static_root:            "{{funkwhale_media_root}}static"

roles/web-app-fusiondirectory/tasks/main.yml

@@ -1,10 +1,3 @@
-- name: "include docker-compose role"
+- name: "load docker, db and proxy for {{application_id}}"
   include_role: 
-    name: docker-compose
+    name: cmp-db-docker-proxy
-
-- name: "include role srv-web-proxy-domain for {{application_id}}"
-  include_role:
-    name: srv-web-proxy-domain
-  vars:
-    domain:   "{{ domains | get_domain(application_id) }}"
-    http_port:   "{{ ports.localhost.http[application_id] }}"

roles/web-app-gitea/tasks/main.yml

@@ -1,14 +1,7 @@
 ---
-- name: "load docker and db for {{application_id}}"
+- name: "load docker, db and proxy for {{application_id}}"
   include_role: 
-    name: cmp-db-docker
+    name: cmp-db-docker-proxy
-
-- name: "include role srv-web-proxy-domain for {{application_id}}"
-  include_role:
-    name: srv-web-proxy-domain
-  vars:
-    domain:   "{{ domains | get_domain(application_id) }}"
-    http_port:   "{{ ports.localhost.http[application_id] }}"
 
 - name: Wait for Gitea HTTP endpoint
   wait_for:

roles/web-app-gitlab/tasks/main.yml

@@ -1,11 +1,4 @@
 ---
-- name: "load docker and db for {{application_id}}"
+- name: "load docker, db and proxy for {{application_id}}"
   include_role: 
-    name: cmp-db-docker
+    name: cmp-db-docker-proxy
-
-- name: "include role srv-web-proxy-domain for {{application_id}}"
-  include_role:
-    name: srv-web-proxy-domain
-  vars:
-    domain:   "{{ domains | get_domain(application_id) }}"
-    http_port:   "{{ ports.localhost.http[application_id] }}"

roles/web-app-jenkins/tasks/main.yml

@@ -1,11 +1,4 @@
-- name: "load docker and db for {{application_id}}"
+- name: "load docker, db and proxy for {{application_id}}"
   include_role: 
-    name: cmp-db-docker
+    name: cmp-db-docker-proxy
-
-- name: "include role srv-web-proxy-domain for {{application_id}}"
-  include_role:
-    name: srv-web-proxy-domain
-  vars:
-    domain:   "{{ domains | get_domain(application_id) }}"
-    http_port:   "{{ ports.localhost.http[application_id] }}"
 

roles/web-app-joomla/tasks/main.yml

@@ -1,14 +1,7 @@
 ---
-- name: "load docker and db for {{application_id}}"
+- name: "load docker, db and proxy for {{application_id}}"
   include_role: 
-    name: cmp-db-docker
+    name: cmp-db-docker-proxy
-
-- name: "include role srv-web-proxy-domain for {{application_id}}"
-  include_role:
-    name: srv-web-proxy-domain
-  vars:
-    domain:   "{{ domains | get_domain(application_id) }}"
-    http_port:   "{{ ports.localhost.http[application_id] }}"
   loop: "{{ domains }}"
   loop_control:
     loop_var: domain

roles/web-app-keycloak/tasks/main.yml

@@ -1,14 +1,7 @@
 ---
-- name: "load docker and db for {{application_id}}"
+- name: "load docker, db and proxy for {{application_id}}"
   include_role: 
-    name: cmp-db-docker
+    name: cmp-db-docker-proxy
-
-- name: "include role srv-web-proxy-domain for {{application_id}}"
-  include_role:
-    name: srv-web-proxy-domain
-  vars:
-    domain:   "{{ domains | get_domain(application_id) }}"
-    http_port:   "{{ ports.localhost.http[application_id] }}"
 
 - name: "create directory {{import_directory_host}}"
   file:

roles/web-app-lam/tasks/main.yml

@@ -1,10 +1,3 @@
-- name: "include docker-compose role"
+- name: "include docker and reverse proxy for {{ application_id }} "
   include_role: 
-    name: docker-compose
+    name: cmp-docker-proxy
-
-- name: "include role srv-web-proxy-domain for {{application_id}}"
-  include_role:
-    name: srv-web-proxy-domain
-  vars:
-    domain:   "{{ domains | get_domain(application_id) }}"
-    http_port:   "{{ ports.localhost.http[application_id] }}"

roles/web-app-libretranslate/tasks/main.yml

@@ -1,24 +1,6 @@
----
+- name: "load docker, db and proxy for {{application_id}}"
-
-
-
-
-- name: "include docker-compose role"
   include_role: 
-    name: docker-compose
+    name: cmp-db-docker-proxy
-  when: run_once_docker_libretranslate is not defined
-
-
-
-
-
-
-- name: "include role srv-web-proxy-domain for {{application_id}}"
-  include_role:
-    name: srv-web-proxy-domain
-  vars:
-    domain:   "{{ domains | get_domain(application_id) }}"
-    http_port:   "{{ ports.localhost.http[application_id] }}"
   when: run_once_docker_libretranslate is not defined
 
 - name: run the libretranslate tasks once

roles/web-app-listmonk/tasks/main.yml

@@ -1,23 +1,16 @@
 ---
-- name: "load docker and db for {{application_id}}"
+- name: Set proxy_extra_configuration based on applications[application_id].public_api_activated
-  include_role: 
-    name: cmp-db-docker
-
-- name: Set nginx_docker_reverse_proxy_extra_configuration based on applications[application_id].public_api_activated
   set_fact:
-    nginx_docker_reverse_proxy_extra_configuration: >-
+    proxy_extra_configuration: >-
       {% if not applications[application_id].public_api_activated %}
       {{ lookup('file', '{{ role_path }}/files/deactivate-public-api.conf') }}
       {% else %}
       ""
       {% endif %}
 
-- name: "include role srv-web-proxy-domain for {{application_id}}"
+- name: "load docker, db and proxy for {{application_id}}"
   include_role: 
-    name: srv-web-proxy-domain
+    name: cmp-db-docker-proxy
-  vars:
-    domain:   "{{ domains | get_domain(application_id) }}"
-    http_port:   "{{ ports.localhost.http[application_id] }}"
 
 - name: add config.toml
   template: 
@@ -25,6 +18,8 @@
     dest: "{{docker_compose.directories.config}}config.toml"
   notify: docker compose up
 
+- meta: flush_handlers
+
 - name: Check if listmonk database is already initialized
   command: docker compose exec -T {{database_host}} psql -U {{database_username}} -d {{database_name}} -c "\dt"
   register: db_tables

roles/web-app-mailu/tasks/main.yml

@@ -1,16 +1,7 @@
 ---
-- name: "load docker and db for {{application_id}}"
+- name: "load docker, db and proxy for {{application_id}}"
   include_role: 
-    name: cmp-db-docker
+    name: cmp-db-docker-proxy
-  when: run_once_docker_mailu is not defined
-
-- name: "Include role srv-web-proxy-domain for {{ application_id }}"
-  include_role:
-    name: srv-web-proxy-domain
-  vars:
-    domain: "{{ domains | get_domain(application_id) }}"
-    http_port: "{{ ports.localhost.http[application_id] }}"
-    nginx_docker_reverse_proxy_extra_configuration: "client_max_body_size 31M;"
   when: run_once_docker_mailu is not defined
 
 - name: "Include the srv-web-proxy-tls-deploy role"

roles/web-app-mailu/vars/main.yml

@@ -12,3 +12,4 @@ docker_source:            "{{ 'ghcr.io/heviat' if applications | is_feature_enab
 
 domain:                    "{{ domains | get_domain(application_id) }}"
 http_port:                 "{{ ports.localhost.http[application_id] }}"
+proxy_extra_configuration: "client_max_body_size 31M;"

roles/web-app-matomo/tasks/constructor.yml

@@ -1,13 +1,6 @@
-- name: "load docker and db for {{application_id}}"
+- name: "load docker, db and proxy for {{application_id}}"
   include_role: 
-    name: cmp-db-docker
+    name: cmp-db-docker-proxy
-
-- name: "include role srv-web-proxy-domain for {{application_id}}"
-  include_role:
-    name: srv-web-proxy-domain
-  vars:
-    domain:   "{{ domains | get_domain(application_id) }}"
-    http_port:   "{{ ports.localhost.http[application_id] }}"
 
 - name: flush docker service
   meta: flush_handlers

roles/web-app-mediawiki/tasks/main.yml

@@ -1,14 +1,7 @@
 ---
-- name: "load docker and db for {{application_id}}"
+- name: "load docker, db and proxy for {{application_id}}"
   include_role: 
-    name: cmp-db-docker
+    name: cmp-db-docker-proxy
-
-- name: "include role srv-web-proxy-domain for {{application_id}}"
-  include_role:
-    name: srv-web-proxy-domain
-  vars:
-    domain:   "{{ domains | get_domain(application_id) }}"
-    http_port:   "{{ ports.localhost.http[application_id] }}"
 
 - name: add docker-compose.yml
   template: src=docker-compose.yml.j2 dest={{docker_compose.directories.instance}}docker-compose.yml

roles/web-app-mobilizon/tasks/main.yml

@@ -1,14 +1,7 @@
 ---
-- name: "load docker and db for {{application_id}}"
+- name: "load docker, db and proxy for {{application_id}}"
   include_role: 
-    name: cmp-db-docker
+    name: cmp-db-docker-proxy
-
-- name: "include role srv-web-proxy-domain for {{application_id}}"
-  include_role:
-    name: srv-web-proxy-domain
-  vars:
-    domain:   "{{ domains | get_domain(application_id) }}"
-    http_port:   "{{ ports.localhost.http[application_id] }}"
 
 - name: add config.exs
   template:

roles/web-app-moodle/tasks/main.yml

@@ -1,14 +1,7 @@
 ---
-- name: "load docker and db for {{application_id}}"
+- name: "load docker, db and proxy for {{application_id}}"
   include_role: 
-    name: cmp-db-docker
+    name: cmp-db-docker-proxy
-
-- name: "include role srv-web-proxy-domain for {{application_id}}"
-  include_role:
-    name: srv-web-proxy-domain
-  vars:
-    domain:   "{{ domains | get_domain(application_id) }}"
-    http_port:   "{{ ports.localhost.http[application_id] }}"
 
 - name: Wait until the Moodle container is healthy
   shell: docker inspect --format '{% raw %}{{.State.Health.Status}}{% endraw %}' {{ container_name }}

roles/web-app-mybb/tasks/setup-domain.yml

@@ -10,4 +10,4 @@
     dest: "{{nginx.directories.http.servers}}{{domains | get_domain(application_id)}}.conf"
   notify: restart nginx
   vars: 
-    nginx_docker_reverse_proxy_extra_configuration: "sub_filter '{{source_domain}}' '{{domains | get_domain(application_id)}}';"
+    proxy_extra_configuration: "sub_filter '{{source_domain}}' '{{domains | get_domain(application_id)}}';"

roles/web-app-oauth2-proxy/tasks/main.yml

@@ -1,6 +1,6 @@
-- name: "Transfering oauth2-proxy-keycloak.cfg.j2 to {{(path_docker_compose_instances | get_docker_compose(oauth2_proxy_application_id)).directories.volumes}}"
+- name: "Transfering oauth2-proxy-keycloak.cfg.j2 to {{(path_docker_compose_instances | get_docker_compose(application_id)).directories.volumes}}"
   template:
-    src: oauth2-proxy-keycloak.cfg.j2
+    src:  "{{ playbook_dir }}/roles/web-app-oauth2-proxy/templates/oauth2-proxy-keycloak.cfg.j2"
-    dest: "{{(path_docker_compose_instances | get_docker_compose(oauth2_proxy_application_id)).directories.volumes}}{{applications[application_id].configuration_file}}"
+    dest: "{{(path_docker_compose_instances | get_docker_compose(application_id)).directories.volumes}}{{applications['oauth2-proxy'].configuration_file}}"
   notify:
     - docker compose up

roles/web-app-openproject/tasks/main.yml

@@ -1,14 +1,7 @@
 ---
-- name: "load docker and db for {{application_id}}"
+- name: "load docker, db and proxy for {{application_id}}"
   include_role: 
-    name: cmp-db-docker
+    name: cmp-db-docker-proxy
-
-- name: "include role srv-web-proxy-domain for {{application_id}}"
-  include_role:
-    name: srv-web-proxy-domain
-  vars:
-    domain:   "{{ domains | get_domain(application_id) }}"
-    http_port:   "{{ ports.localhost.http[application_id] }}"
 
 - name: "Create {{openproject_plugins_folder}}"
   file:

roles/web-app-pgadmin/tasks/main.yml

@@ -1,14 +1,7 @@
 ---
-- name: "include docker-compose role"
+- name: "include docker and reverse proxy for '{{ application_id }}'"
   include_role: 
-    name: docker-compose
+    name: cmp-docker-proxy
-
-- name: "include role srv-web-proxy-domain for {{application_id}}"
-  include_role:
-    name: srv-web-proxy-domain
-  vars:
-    domain:     "{{ domains | get_domain(application_id) }}"
-    http_port:  "{{ ports.localhost.http[application_id] }}"
 
 - name: "configure pgadmin servers"
   include_tasks: configuration.yml

roles/web-app-phpldapadmin/tasks/main.yml

@@ -1,10 +1,3 @@
-- name: "include docker-compose role"
+- name: "include docker and reverse proxy for '{{ application_id }}'"
   include_role: 
-    name: docker-compose
+    name: cmp-docker-proxy
-
-- name: "include role srv-web-proxy-domain for {{application_id}}"
-  include_role:
-    name: srv-web-proxy-domain
-  vars:
-    domain:   "{{ domains | get_domain(application_id) }}"
-    http_port:   "{{ ports.localhost.http[application_id] }}"

roles/web-app-phpmyadmin/tasks/main.yml

@@ -1,11 +1,4 @@
 ---
-- name: "include docker-compose role"
+- name: "include docker and reverse proxy for '{{ application_id }}'"
   include_role: 
-    name: docker-compose
+    name: cmp-docker-proxy
-
-- name: "include role srv-web-proxy-domain for {{application_id}}"
-  include_role:
-    name: srv-web-proxy-domain
-  vars:
-    domain:   "{{ domains | get_domain(application_id) }}"
-    http_port:   "{{ ports.localhost.http[application_id] }}"

roles/web-app-pixelfed/tasks/main.yml

@@ -1,11 +1,4 @@
 ---
-- name: "load docker and db for {{application_id}}"
+- name: "load docker, db and proxy for {{application_id}}"
   include_role: 
-    name: cmp-db-docker
+    name: cmp-db-docker-proxy
-
-- name: "include role srv-web-proxy-domain for {{application_id}}"
-  include_role:
-    name: srv-web-proxy-domain
-  vars:
-    domain:   "{{ domains | get_domain(application_id) }}"
-    http_port:   "{{ ports.localhost.http[application_id] }}"

roles/web-app-pixelfed/vars/main.yml

@@ -1,3 +1,3 @@
 application_id:                                 "pixelfed"
-nginx_docker_reverse_proxy_extra_configuration: "client_max_body_size 512M;"
+proxy_extra_configuration: "client_max_body_size 512M;"
 database_type:                                  "mariadb"

roles/web-app-portfolio/tasks/main.yml

@@ -1,16 +1,8 @@
 ---
 
-- name: "include docker-compose role"
+- name: "include docker and reverse proxy for '{{ application_id }}'"
   include_role: 
-    name: docker-compose
+    name: cmp-docker-proxy
-  when: run_once_docker_portfolio is not defined
-
-- name: "include role srv-web-proxy-domain for {{application_id}}"
-  include_role:
-    name: srv-web-proxy-domain
-  vars:
-    domain:   "{{ domains | get_domain(application_id) }}"
-    http_port:   "{{ ports.localhost.http[application_id] }}"
   when: run_once_docker_portfolio is not defined
 
 - name: "Check if host-specific config.yaml exists in {{ config_inventory_path }}"

roles/web-app-presentation/tasks/main.yml

@@ -14,16 +14,9 @@
   command: pkgmgr path cymais
   register: path_cymais_output
 
-- name: "include docker-compose role"
+- name: "include docker and reverse proxy for '{{ application_id }}'"
   include_role: 
-    name: docker-compose
+    name: cmp-docker-proxy
-
-- name: "include role srv-web-proxy-domain for {{application_id}}"
-  include_role:
-    name: srv-web-proxy-domain
-  vars:
-    domain:     "{{ domains | get_domain(application_id) }}"
-    http_port:   "{{ ports.localhost.http[application_id] }}"
 
 # Hack because it wasn't possible to fix an handler bug in pkgmgr install
 - name: „Trigger“ docker compose up

roles/web-app-pretix/tasks/main.yml

@@ -1,24 +1,7 @@
 ---
-
+- name: "load docker and db for {{application_id}}"
-
-
-
-- name: "include docker-compose role"
   include_role: 
-    name: docker-compose
+    name: cmp-db-docker
-  when: run_once_docker_pretix is not defined
-
-
-
-
-
-
-- name: "include role srv-web-proxy-domain for {{application_id}}"
-  include_role:
-    name: srv-web-proxy-domain
-  vars:
-    domain:   "{{ domains | get_domain(application_id) }}"
-    http_port:   "{{ ports.localhost.http[application_id] }}"
   when: run_once_docker_pretix is not defined
 
 - name: run the pretix tasks once

roles/web-app-redis/meta/main.yml

@@ -0,0 +1,23 @@
+---
+galaxy_info:
+  author: "Kevin Veen-Birchenbach"
+  description: "Provides a Docker Compose snippet for a Redis service (redis:alpine) with volume, healthcheck and logging."
+  license: "CyMaIS NonCommercial License (CNCL)"
+  license_url: "https://s.veen.world/cncl"
+  company: |
+    Kevin Veen-Birchenbach
+    Consulting & Coaching Solutions
+    https://www.veen.world
+  galaxy_tags:
+    - redis
+    - docker
+    - cache
+  repository: "https://github.com/kevinveenbirkenbach/cymais"
+  issue_tracker_url: "https://github.com/kevinveenbirkenbach/cymais/issues"
+  documentation: "https://github.com/kevinveenbirkenbach/cymais/tree/main/roles/web-app-redis"
+  min_ansible_version: "2.9"
+  platforms:
+    - name: Any
+      versions: [ all ]
+dependencies: []
+

roles/web-app-snipe-it/tasks/main.yml

@@ -1,14 +1,7 @@
 ---
-- name: "load docker and db for {{application_id}}"
+- name: "load docker, db and proxy for {{application_id}}"
   include_role: 
-    name: cmp-db-docker
+    name: cmp-db-docker-proxy
-
-- name: "include role srv-web-proxy-domain for {{application_id}}"
-  include_role:
-    name: srv-web-proxy-domain
-  vars:
-    domain:   "{{ domains | get_domain(application_id) }}"
-    http_port:   "{{ ports.localhost.http[application_id] }}"
 
 
 - name: "Configure Snipe-IT LDAP settings"

roles/web-app-sphinx/tasks/main.yml

@@ -11,16 +11,9 @@
   command: pkgmgr path cymais-sphinx
   register: path_cymais_sphinx_output
 
-- name: "include docker-compose role"
+- name: "include docker and reverse proxy for '{{ application_id }}'"
   include_role: 
-    name: docker-compose
+    name: cmp-docker-proxy
-
-- name: "include role srv-web-proxy-domain for {{application_id}}"
-  include_role:
-    name: srv-web-proxy-domain
-  vars:
-    domain:     "{{ domains | get_domain(application_id) }}"
-    http_port:   "{{ ports.localhost.http[application_id] }}"
 
 # Hack because it wasn't possible to fix an handler bug in pkgmgr install
 - name: „Trigger“ docker compose up

roles/web-app-syncope/templates/proxy.conf

@@ -8,9 +8,9 @@ server
 
   {% include 'roles/srv-web-injector-compose/templates/global.includes.conf.j2'%}
   
-  {% if nginx_docker_reverse_proxy_extra_configuration is defined %}
+  {% if proxy_extra_configuration is defined %}
     {# Additional Domain Specific Configuration #}
-    {{nginx_docker_reverse_proxy_extra_configuration}}
+    {{ proxy_extra_configuration }}
   {% endif %}
 
   {% include 'roles/net-letsencrypt/templates/ssl_header.j2' %}

roles/web-app-taiga/tasks/main.yml

@@ -1,14 +1,7 @@
 ---
-- name: "load docker and db for {{application_id}}"
+- name: "load docker, db and proxy for {{application_id}}"
   include_role: 
-    name: cmp-db-docker
+    name: cmp-db-docker-proxy
-
-- name: "include role srv-web-proxy-domain for {{application_id}}"
-  include_role:
-    name: srv-web-proxy-domain
-  vars:
-    domain:   "{{ domains | get_domain(application_id) }}"
-    http_port:   "{{ ports.localhost.http[application_id] }}"
 
 - name: "copy templates {{ settings_files }} for taiga-contrib-oidc-auth"
   template:

roles/web-app-wordpress/tasks/main.yml

@@ -10,7 +10,7 @@
   loop_control:
     loop_var: domain
   vars:
-    nginx_docker_reverse_proxy_extra_configuration: "client_max_body_size {{ wordpress_max_upload_size }};"
+    proxy_extra_configuration: "client_max_body_size {{ wordpress_max_upload_size }};"
     http_port: "{{ ports.localhost.http[application_id] }}"
 
 - name: "Transfering upload.ini to {{ docker_compose.directories.instance }}"

roles/web-app-yourls/tasks/main.yml

@@ -1,12 +1,5 @@
 ---
-- name: "load docker and db for {{application_id}}"
+- name: "load docker, db and proxy for {{application_id}}"
   include_role: 
-    name: cmp-db-docker
+    name: cmp-db-docker-proxy
-
-- name: "include role srv-web-proxy-domain for {{application_id}}"
-  include_role:
-    name: srv-web-proxy-domain
-  vars:
-    domain:   "{{ domains | get_domain(application_id) }}"
-    http_port:   "{{ ports.localhost.http[application_id] }}"
 

roles/web-redirect-domains/meta/main.yml

@@ -1,2 +1,24 @@
+---
+galaxy_info:
+  author: "Kevin Veen-Birchenbach"
+  description: "Configures Nginx to perform 301 redirects based on a list of source→target domain mappings."
+  license: "CyMaIS NonCommercial License (CNCL)"
+  license_url: "https://s.veen.world/cncl"
+  company: |
+    Kevin Veen-Birchenbach
+    Consulting & Coaching Solutions
+    https://www.veen.world
+  galaxy_tags:
+    - nginx
+    - redirect
+    - domains
+  repository: "https://github.com/kevinveenbirkenbach/cymais"
+  issue_tracker_url: "https://github.com/kevinveenbirkenbach/cymais/issues"
+  documentation: "https://github.com/kevinveenbirkenbach/cymais/tree/main/roles/web-redirect-domains"
+  min_ansible_version: "2.9"
+  platforms:
+    - name: Any
+      versions: [ all ]
 dependencies:
-- srv-web-https
+  - srv-web-https
+

roles/web-svc-legal/meta/main.yml

@@ -1,2 +1,24 @@
+---
+galaxy_info:
+  author: "Kevin Veen-Birchenbach"
+  description: "Deploys a legal imprint (Impressum) page in Nginx from a Jinja2 template."
+  license: "CyMaIS NonCommercial License (CNCL)"
+  license_url: "https://s.veen.world/cncl"
+  company: |
+    Kevin Veen-Birchenbach
+    Consulting & Coaching Solutions
+    https://www.veen.world
+  galaxy_tags:
+    - nginx
+    - legal
+    - imprint
+  repository: "https://github.com/kevinveenbirkenbach/cymais"
+  issue_tracker_url: "https://github.com/kevinveenbirkenbach/cymais/issues"
+  documentation: "https://github.com/kevinveenbirkenbach/cymais/tree/main/roles/web-svc-legal"
+  min_ansible_version: "2.9"
+  platforms:
+    - name: Any
+      versions: [ all ]
 dependencies:
-- web-svc-html
+  - web-svc-html
+

roles/web-svc-simpleicons/tasks/main.yml

@@ -1,15 +1,7 @@
 ---
-- name: "include docker-compose role"
+- name: "include docker and reverse proxy for '{{ application_id }}'"
   include_role: 
-    name: docker-compose
+    name: cmp-docker-proxy
-  when: run_once_docker_simpleicons is not defined
-
-- name: "include role srv-web-proxy-domain for {{application_id}}"
-  include_role:
-    name: srv-web-proxy-domain
-  vars:
-    domain:   "{{ domains | get_domain(application_id) }}"
-    http_port:   "{{ ports.localhost.http[application_id] }}"
   when: run_once_docker_simpleicons is not defined
 
 - name: "Copy '{{ application_id }}' files"

templates/roles/web-app/tasks/main.yml.j2

@@ -1,36 +1,21 @@
 ---
-
 {% if database_type | bool %}
-
 {% raw %}
-- name: "load docker and db for {{application_id}}"
+# Default: Loading; Docker, Database and Reverse Proxy
+- name: "load docker, db and proxy for '{{application_id}}'"
   include_role: 
-    name: cmp-db-docker
+    name: cmp-db-docker-proxy
   when: run_once_docker_{% endraw %}{{ application_id }}{% raw %} is not defined
-
 {% endraw %}
-
 {% else %}
-
 {% raw %}
-- name: "include docker-compose role"
+- name: "load docker, proxy for '{{application_id}}'"
   include_role: 
-    name: docker-compose
+    name: cmp-db-docker-proxy
   when: run_once_docker_{% endraw %}{{ application_id }}{% raw %} is not defined
 {% endraw %}
-
 {% endif %}
-
 {% raw %}
-
-- name: "include role srv-web-proxy-domain for {{application_id}}"
-  include_role:
-    name: srv-web-proxy-domain
-  vars:
-    domain:   "{{ domains | get_domain(application_id) }}"
-    http_port:   "{{ ports.localhost.http[application_id] }}"
-  when: run_once_docker_{% endraw %}{{ application_id }}{% raw %} is not defined
-
 - name: run the {% endraw %}{{ application_id }}{% raw %} tasks once
   set_fact:
     run_once_docker_{% endraw %}{{ application_id }}{% raw %}: true