Finished bluesky implementation for today!

group_vars/all/07_applications.yml

@@ -36,6 +36,9 @@ defaults_applications:
     administrator_email:    "{{administrator_email}}"
     pds:
       version:              "latest"
+      #jwt_secret:                            # Needs to be defined in inventory file - Use: openssl rand -base64 64 | tr -d '\n'
+      #plc_rotation_key_k256_private_key_hex: # Needs to be defined in inventory file - Use: openssl rand -hex 32 
+      #admin_password:                        # Needs to be defined in inventory file - Use: openssl rand -base64 16
 
   ## Friendica
   friendica:

playbook.servers.yml

@@ -196,11 +196,6 @@
   become: true
   roles:
    -  role: docker-bluesky
-      vars:
-        domain_api:   "{{domains.bluesky_api}}"
-        domain_web:   "{{domains.bluesky_web}}"
-        http_port_api: 8030
-        http_port_web: 8031
 
 - name: setup keycloak
   hosts: keycloak

roles/docker-baserow/tasks/main.yml

@@ -6,16 +6,5 @@
 - name: "include tasks nginx-docker-proxy-domain.yml"
   include_tasks: nginx-docker-proxy-domain.yml
 
-- name: "create {{docker_compose.files.docker_compose}}"
+- name: "copy docker-compose.yml and env file"
-  template:
+  include_tasks: copy-docker-compose-and-env.yml
-    src:	"docker-compose.yml.j2"
-    dest:	"{{docker_compose.files.docker_compose}}"
-  notify: docker compose project setup
-
-- name: "create {{docker_compose.files.env}}"
-  template: 
-    src:  "env.j2" 
-    dest: "{{docker_compose.files.env}}"
-    mode: '770'
-    force: yes
-  notify: docker compose project setup

roles/docker-bigbluebutton/README.md

@@ -32,4 +32,5 @@ watch -n 2 "docker compose ps -a"
 - https://www.cyberciti.biz/faq/linux-restart-network-interface/
 - https://stackoverflow.com/questions/53347951/docker-network-not-found
 - https://github.com/bigbluebutton/docker/issues/325
-
+- https://mattdyson.org/blog/2024/11/self-hosting-bluesky-pds/
+- https://atproto.com/specs/handle#handle-resolution @toto micoservice für dynamische did auflösung implementieren

roles/docker-bluesky/README.md

@@ -2,19 +2,6 @@
 
 
 ## Setup 
-### Set variables
-
-#### bluesky_pds_jwt_secret
-```bash
-openssl rand -base64 64 | tr -d '\n'
-```
-for 
-
-#### bluesky_pds_plc_rotation_key_k256_private_key_hex
-openssl rand -hex 32
-
-#### bluesky_pds_admin_password
-openssl rand -base64 16
 
 ### Configure DNS
 - https://bsky.social/about/blog/4-28-2023-domain-handle-tutorial
@@ -58,4 +45,4 @@ Initial setup keine top level domain
 - https://github.com/bluesky-social/pds/issues/52
 - https://github.com/lhaig/pdsadmin
 - https://github.com/bluesky-social/pds/issues/147
-- 
+- https://docs.bsky.app/docs/advanced-guides/oauth-client

roles/docker-bluesky/tasks/main.yml

@@ -6,14 +6,14 @@
 - name: "Include tasks for API domain"
   include_tasks: nginx-docker-proxy-domain.yml
   vars:
-    domain: "{{ domain_api }}"
+    domain: "{{ domains.bluesky_api }}"
-    http_port: "{{ http_port_api }}"
+    http_port: "{{ ports.localhost.http_ports.bluesky_api }}"
 
 - name: "Include tasks for Web domain"
   include_tasks: nginx-docker-proxy-domain.yml
   vars:
-    domain: "{{ domain_web }}"
+    domain: "{{ domains.bluesky_web }}"
-    http_port: "{{ http_port_web }}" 
+    http_port: "{{ ports.localhost.http_ports.bluesky_web }}" 
 
 # The following lines should be removed when the following issue is closed:
 # https://github.com/bluesky-social/pds/issues/52
@@ -50,8 +50,5 @@
     version: "main"
   notify: docker compose project build and setup 
 
-- name: add docker-compose.yml
+- name: "copy docker-compose.yml and env file"
-  template: 
+  include_tasks: copy-docker-compose-and-env.yml
-    src:  docker-compose.yml.j2
-    dest: "{{docker_compose.directories.instance}}docker-compose.yml"
-  notify: docker compose project build and setup

roles/docker-bluesky/templates/docker-compose.yml.j2

@@ -1,35 +1,12 @@
 services:
   pds:
     image: "ghcr.io/bluesky-social/pds:{{applications.bluesky.pds.version}}"
-    restart: {{docker_restart_policy}}
+{% include 'roles/docker-compose/templates/services/base.yml.j2' %}
     volumes:
-        - pds_data:/pds
+        - pds_data:/opt/pds
         - {{pdsadmin_file_path}}:/usr/local/bin/pdsadmin:ro
-    environment:
-      # Geben Sie hier Ihre Domain und Konfigurationsdetails an
-      PDS_HOSTNAME: "{{domains.api}}"
-      PDS_ADMIN_EMAIL: "{{applications.bluesky.administrator_email}}"
-      PDS_SERVICE_DID: "did:web:{{domain_api}}"
-      # See https://mattdyson.org/blog/2024/11/self-hosting-bluesky-pds/
-      PDS_SERVICE_HANDLE_DOMAINS: ".{{primary_domain}}"
-      PDS_JWT_SECRET: "{{bluesky_pds_jwt_secret}}"
-      PDS_ADMIN_PASSWORD: "{{bluesky_pds_admin_password}}"
-      PDS_PLC_ROTATION_KEY_K256_PRIVATE_KEY_HEX: "{{bluesky_pds_plc_rotation_key_k256_private_key_hex}}"
-      PDS_CRAWLERS: https://bsky.network
-      PDS_EMAIL_SMTP_URL: smtps://{{system_email.username}}:{{system_email.password}}@{{system_email.host}}:{{system_email.port}}/
-      PDS_EMAIL_FROM_ADDRESS: {{system_email.from}}
-      LOG_ENABLED: true
-      PDS_BLOBSTORE_DISK_LOCATION: /opt/pds/blocks
-      # -- DEFAULT VALUES ---
-      # PDS_DATA_DIRECTORY: /opt/pds
-      # PDS_BLOB_UPLOAD_LIMIT: 52428800
-      # PDS_DID_PLC_URL=https://plc.directory
-      # PDS_BSKY_APP_VIEW_URL=https://api.bsky.app
-      # PDS_BSKY_APP_VIEW_DID=did:web:api.bsky.app
-      # PDS_REPORT_SERVICE_URL=https://mod.bsky.app
-      # PDS_REPORT_SERVICE_DID=did:plc:ar7c4by46qjdydhdevvrndac
     ports:
-      - "127.0.0.1:{{http_port_api}}:3000"
+      - "127.0.0.1:{{ports.localhost.http_ports.bluesky_api}}:3000"
     healthcheck:
       test: ["CMD", "wget", "--spider", "http://127.0.0.1:3000/xrpc/_health"]
       interval: 1m
@@ -45,21 +22,18 @@ services:
       dockerfile: Dockerfile 
       # It doesn't compile yet with this parameters. @todo Fix it
       args:
-        REACT_APP_PDS_URL: "http://{{domain_api}}" # URL des PDS
+        REACT_APP_PDS_URL: "https://{{domains.bluesky_api}}" # URL des PDS
-        REACT_APP_API_URL: "http://{{domain_api}}" # API-URL des PDS
+        REACT_APP_API_URL: "https://{{domains.bluesky_api}}" # API-URL des PDS
         REACT_APP_SITE_NAME: "{{primary_domain | upper}} - Bluesky"
         REACT_APP_SITE_DESCRIPTION: "Decentral Social "
-    restart: {{docker_restart_policy}}
     ports:
-      - "127.0.0.1:{{http_port_web}}:8100"
+      - "127.0.0.1:{{ports.localhost.http_ports.bluesky_web}}:8100"
-    # Start already parallel to pds
-    #depends_on:
-    #  - None
     healthcheck:
       test: ["CMD", "sh", "-c", "for pid in $(ls /proc | grep -E '^[0-9]+$'); do if cat /proc/$pid/cmdline 2>/dev/null | grep -q 'bskywebserve'; then exit 0; fi; done; exit 1"]
       interval: 30s
       timeout: 10s
       retries: 3
+{% include 'templates/docker/container/networks.yml.j2' %}
 
 {% include 'templates/docker/compose/volumes.yml.j2' %}
   pds_data:

roles/docker-bluesky/templates/env.j2

@@ -0,0 +1,21 @@
+PDS_HOSTNAME="{{domains.bluesky_api}}"
+PDS_ADMIN_EMAIL="{{applications.bluesky.administrator_email}}"
+PDS_SERVICE_DID="did:web:{{domains.bluesky_api}}"
+
+# See https://mattdyson.org/blog/2024/11/self-hosting-bluesky-pds/
+PDS_SERVICE_HANDLE_DOMAINS=".{{primary_domain}}"
+PDS_JWT_SECRET="{{applications.bluesky.pds.jwt_secret}}"
+PDS_ADMIN_PASSWORD="{{applications.bluesky.pds.admin_password}}"
+PDS_PLC_ROTATION_KEY_K256_PRIVATE_KEY_HEX="{{applications.bluesky.pds.plc_rotation_key_k256_private_key_hex}}"
+PDS_CRAWLERS=https://bsky.network
+PDS_EMAIL_SMTP_URL=smtps://{{system_email.username}}:{{system_email.password}}@{{system_email.host}}:{{system_email.port}}/
+PDS_EMAIL_FROM_ADDRESS={{system_email.from}}
+LOG_ENABLED=true
+PDS_BLOBSTORE_DISK_LOCATION=/opt/pds/blocks
+PDS_DATA_DIRECTORY: /opt/pds
+PDS_BLOB_UPLOAD_LIMIT: 52428800
+PDS_DID_PLC_URL=https://plc.directory
+PDS_BSKY_APP_VIEW_URL=https://{{domains.bluesky_web}}
+PDS_BSKY_APP_VIEW_DID=did:web:{{domains.bluesky_web}}
+PDS_REPORT_SERVICE_URL=https://mod.bsky.app
+PDS_REPORT_SERVICE_DID=did:plc:ar7c4by46qjdydhdevvrndac

roles/docker-bluesky/vars/main.yml

@@ -1,8 +1,8 @@
 application_id:               "bluesky"
-social_app_path:              "{{ docker_compose.directories.instance }}/social-app"
+social_app_path:              "{{ docker_compose.directories.services }}/social-app"
 
 # This should be removed when the following issue is closed:
 # https://github.com/bluesky-social/pds/issues/52
-pdsadmin_folder_path:         "{{ docker_compose.directories.instance }}/pdsadmin"
+pdsadmin_folder_path:         "{{ docker_compose.directories.volumes }}/pdsadmin"
 pdsadmin_file_path:           "{{pdsadmin_folder_path}}/pdsadmin"
 pdsadmin_temporary_tar_path:  "/tmp/pdsadmin.tar.gz"

roles/docker-friendica/tasks/main.yml

@@ -6,16 +6,5 @@
 - name: "include tasks nginx-docker-proxy-domain.yml"
   include_tasks: nginx-docker-proxy-domain.yml
 
-- name: "create {{docker_compose.files.docker_compose}}"
+- name: "copy docker-compose.yml and env file"
-  template:
+  include_tasks: copy-docker-compose-and-env.yml
-    src:	"docker-compose.yml.j2"
-    dest:	"{{docker_compose.files.docker_compose}}"
-  notify: docker compose project setup
-
-- name: "create {{docker_compose.files.env}}"
-  template: 
-    src:  "env.j2" 
-    dest: "{{docker_compose.files.env}}"
-    mode: '770'
-    force: yes
-  notify: docker compose project setup

roles/docker-funkwhale/tasks/main.yml

@@ -6,19 +6,7 @@
 - name: "include tasks nginx-docker-proxy-domain.yml"
   include_tasks: nginx-docker-proxy-domain.yml
 
-
+- name: "copy docker-compose.yml and env file"
-- name: "create {{docker_compose.files.docker_compose}}"
+  include_tasks: copy-docker-compose-and-env.yml
-  template:
-    src:	"docker-compose.yml.j2"
-    dest:	"{{docker_compose.files.docker_compose}}"
-  notify: docker compose project setup
-
-- name: "create {{docker_compose.files.env}}"
-  template: 
-    src:  "env.j2" 
-    dest: "{{docker_compose.files.env}}"
-    mode: '770'
-    force: yes
-  notify: docker compose project setup
 
 

roles/docker-gitea/tasks/main.yml

@@ -6,16 +6,5 @@
 - name: "include tasks nginx-docker-proxy-domain.yml"
   include_tasks: nginx-docker-proxy-domain.yml
 
-- name: "create {{docker_compose.files.docker_compose}}"
+- name: "copy docker-compose.yml and env file"
-  template:
+  include_tasks: copy-docker-compose-and-env.yml
-    src:	"docker-compose.yml.j2"
-    dest:	"{{docker_compose.files.docker_compose}}"
-  notify: docker compose project setup
-
-- name: "create {{docker_compose.files.env}}"
-  template: 
-    src:  "env.j2" 
-    dest: "{{docker_compose.files.env}}"
-    mode: '770'
-    force: yes
-  notify: docker compose project setup

roles/docker-gitlab/tasks/main.yml

@@ -6,16 +6,5 @@
 - name: "include tasks nginx-docker-proxy-domain.yml"
   include_tasks: nginx-docker-proxy-domain.yml
 
-- name: "create {{docker_compose.files.docker_compose}}"
+- name: "copy docker-compose.yml and env file"
-  template:
+  include_tasks: copy-docker-compose-and-env.yml
-    src:	"docker-compose.yml.j2"
-    dest:	"{{docker_compose.files.docker_compose}}"
-  notify: docker compose project setup
-
-- name: "create {{docker_compose.files.env}}"
-  template: 
-    src:  "env.j2" 
-    dest: "{{docker_compose.files.env}}"
-    mode: '770'
-    force: yes
-  notify: docker compose project setup

roles/docker-joomla/tasks/main.yml

@@ -9,16 +9,5 @@
   loop_control:
     loop_var: domain
 
-- name: "create {{docker_compose.files.docker_compose}}"
+- name: "copy docker-compose.yml and env file"
-  template:
+  include_tasks: copy-docker-compose-and-env.yml
-    src:	"docker-compose.yml.j2"
-    dest:	"{{docker_compose.files.docker_compose}}"
-  notify: docker compose project setup
-
-- name: "create {{docker_compose.files.env}}"
-  template: 
-    src:  "env.j2" 
-    dest: "{{docker_compose.files.env}}"
-    mode: '770'
-    force: yes
-  notify: docker compose project setup

roles/docker-keycloak/tasks/main.yml

@@ -6,16 +6,5 @@
 - name: "include tasks nginx-docker-proxy-domain.yml"
   include_tasks: nginx-docker-proxy-domain.yml
 
-- name: "create {{docker_compose.files.docker_compose}}"
+- name: "copy docker-compose.yml and env file"
-  template:
+  include_tasks: copy-docker-compose-and-env.yml
-    src:	"docker-compose.yml.j2"
-    dest:	"{{docker_compose.files.docker_compose}}"
-  notify: docker compose project setup
-
-- name: "create {{docker_compose.files.env}}"
-  template: 
-    src:  "env.j2" 
-    dest: "{{docker_compose.files.env}}"
-    mode: '770'
-    force: yes
-  notify: docker compose project setup

roles/docker-ldap/tasks/main.yml

@@ -24,19 +24,8 @@
     name: central_ldap
     state: present
 
-- name: "create {{docker_compose.files.docker_compose}}"
+- name: "copy docker-compose.yml and env file"
-  template:
+  include_tasks: copy-docker-compose-and-env.yml
-    src:	"docker-compose.yml.j2"
-    dest:	"{{docker_compose.files.docker_compose}}"
-  notify: docker compose project setup
-
-- name: "create {{docker_compose.files.env}}"
-  template: 
-    src:  "env.j2" 
-    dest: "{{docker_compose.files.env}}"
-    mode: '770'
-    force: yes
-  notify: docker compose project setup
 
 - name: "create {{docker_compose.directories.env}}phpldapadmin.env"
   template: 

roles/docker-listmonk/tasks/main.yml

@@ -15,19 +15,8 @@
 - name: "include tasks nginx-docker-proxy-domain.yml"
   include_tasks: nginx-docker-proxy-domain.yml
 
-- name: "create {{docker_compose.files.docker_compose}}"
+- name: "copy docker-compose.yml and env file"
-  template:
+  include_tasks: copy-docker-compose-and-env.yml
-    src:	"docker-compose.yml.j2"
-    dest:	"{{docker_compose.files.docker_compose}}"
-  notify: docker compose project setup
-
-- name: "create {{docker_compose.files.env}}"
-  template: 
-    src:  "env.j2" 
-    dest: "{{docker_compose.files.env}}"
-    mode: '770'
-    force: yes
-  notify: docker compose project setup
 
 - name: add config.toml
   template: 

roles/docker-mailu/tasks/main.yml

@@ -12,19 +12,8 @@
   include_role:
     name: nginx-docker-cert-deploy
 
-- name: "create {{docker_compose.files.docker_compose}}"
+- name: "copy docker-compose.yml and env file"
-  template:
+  include_tasks: copy-docker-compose-and-env.yml
-    src:	"docker-compose.yml.j2"
-    dest:	"{{docker_compose.files.docker_compose}}"
-  notify: docker compose project setup
-
-- name: "create {{docker_compose.files.env}}"
-  template: 
-    src:  "env.j2" 
-    dest: "{{docker_compose.files.env}}"
-    mode: '770'
-    force: yes
-  notify: docker compose project setup
 
 - name: flush docker service
   meta: flush_handlers

roles/docker-mastodon/tasks/main.yml

@@ -9,19 +9,8 @@
   loop_control:
     loop_var: domain
 
-- name: "create {{docker_compose.files.docker_compose}}"
+- name: "copy docker-compose.yml and env file"
-  template:
+  include_tasks: copy-docker-compose-and-env.yml
-    src:	"docker-compose.yml.j2"
-    dest:	"{{docker_compose.files.docker_compose}}"
-  notify: docker compose project setup
-
-- name: "create {{docker_compose.files.env}}"
-  template: 
-    src:  "env.j2" 
-    dest: "{{docker_compose.files.env}}"
-    mode: '770'
-    force: yes
-  notify: docker compose project setup
 
 - name: flush docker service
   meta: flush_handlers

roles/docker-matomo/tasks/main.yml

@@ -6,16 +6,5 @@
 - name: "include tasks nginx-docker-proxy-domain.yml"
   include_tasks: nginx-docker-proxy-domain.yml
 
-- name: "create {{docker_compose.files.docker_compose}}"
+- name: "copy docker-compose.yml and env file"
-  template:
+  include_tasks: copy-docker-compose-and-env.yml
-    src:	"docker-compose.yml.j2"
-    dest:	"{{docker_compose.files.docker_compose}}"
-  notify: docker compose project setup
-
-- name: "create {{docker_compose.files.env}}"
-  template: 
-    src:  "env.j2" 
-    dest: "{{docker_compose.files.env}}"
-    mode: '770'
-    force: yes
-  notify: docker compose project setup

roles/docker-moodle/tasks/main.yml

@@ -6,16 +6,5 @@
 - name: "include tasks nginx-docker-proxy-domain.yml"
   include_tasks: nginx-docker-proxy-domain.yml
 
-- name: "create {{docker_compose.files.docker_compose}}"
+- name: "copy docker-compose.yml and env file"
-  template:
+  include_tasks: copy-docker-compose-and-env.yml
-    src:	"docker-compose.yml.j2"
-    dest:	"{{docker_compose.files.docker_compose}}"
-  notify: docker compose project setup
-
-- name: "create {{docker_compose.files.env}}"
-  template: 
-    src:  "env.j2" 
-    dest: "{{docker_compose.files.env}}"
-    mode: '770'
-    force: yes
-  notify: docker compose project setup

roles/docker-nextcloud/README.md

@@ -1,61 +1,66 @@
-# role docker-nextcloud
+# Docker Nextcloud Role 🚀
 
-## modify config
+This repository contains an Ansible role for deploying and managing [Nextcloud](https://nextcloud.com/) using [Docker](https://www.docker.com/). It covers configuration modifications, updates, backups, database management, and more. Additionally, OIDC (OpenID Connect) is supported (for example, via **Keycloak**).
-Enter container:
+
+---
+
+## Modify Config 🔧
+
+### Enter the Container
 ```bash
-  docker-compose exec -it application /bin/sh
+docker-compose exec -it application /bin/sh
 ```
 
-Afterwards modify config:
+### Modify the Configuration
+Inside the container, install a text editor and edit the config:
 ```bash
 apk add --no-cache nano && nano config/config.php
 ```
 
-## update
+---
 
-To update the nextcloud container execute the following commands on the server:
+## Update 🔄
+
+To update the Nextcloud container, execute the following commands on the server:
 ```bash
-  docker-compose exec -it -u www-data application /var/www/html/occ maintenance:mode --on &&
+docker-compose exec -it -u www-data application /var/www/html/occ maintenance:mode --on &&
-  export COMPOSE_HTTP_TIMEOUT=600 &&
+export COMPOSE_HTTP_TIMEOUT=600 &&
-  export DOCKER_CLIENT_TIMEOUT=600 &&
+export DOCKER_CLIENT_TIMEOUT=600 &&
-  docker-compose down
+docker-compose down
 ```
 
-Afterwards update the ***applications.nextcloud.version*** variable to the next version and run the this repository with this ansible role.
+Afterwards, update the ***applications.nextcloud.version*** variable to the next version and run this repository with this Ansible role.
 
-It is only possible to update from one to the next major version at a time
+> **Note:**  
-
+> It is only possible to update from one to the next major version at a time.  
-Wait for the update to finish.
+> Wait for the update to finish.
-
-You can verify that the update is finished by checking the following logs:
 
+Verify the update by checking the logs:
 ```bash
 docker-compose logs application
 ```
-
 and
-
 ```bash
 docker-compose exec -it application top
 ```
 
-If nextcloud stays in the maintenance mode after the update try the following:
+If Nextcloud remains in maintenance mode after the update, try the following:
-
 ```bash
-  docker-compose exec -it -u www-data application /var/www/html/occ maintenance:mode --on
+docker-compose exec -it -u www-data application /var/www/html/occ maintenance:mode --on
-  docker-compose exec -it -u www-data application /var/www/html/occ upgrade
+docker-compose exec -it -u www-data application /var/www/html/occ upgrade
-  docker-compose exec -it -u www-data application /var/www/html/occ maintenance:mode --off
+docker-compose exec -it -u www-data application /var/www/html/occ maintenance:mode --off
 ```
 
-If the update process fails execute
+If the update process fails, execute:
-
 ```bash
-  docker-compose exec -it -u www-data application /var/www/html/occ maintenance:repair --include-expensive
+docker-compose exec -it -u www-data application /var/www/html/occ maintenance:repair --include-expensive
 ```
+and disable any non-functioning apps.
 
-and disable the not functioning apps.
+---
+
+## Recover Latest Backup 💾
 
-## recover latest backup
 ```bash
 cd {{path_docker_compose_instances}}nextcloud &&
 docker-compose down &&
@@ -64,77 +69,108 @@ cd {{path_administrator_scripts}}backup-docker-to-local &&
 bash ./recover-docker-from-local.sh "nextcloud_data" "$(sha256sum /etc/machine-id | head -c 64)"
 ```
 
-## database
+---
-### database access
+
-To access the database execute
+## Database Management 🗄️
+
+### Database Access
+To access the database, execute:
 ```bash
-  docker-compose exec -it database mysql -u nextcloud -D nextcloud -p
+docker-compose exec -it database mysql -u nextcloud -D nextcloud -p
 ```
 
-### recreate database with new volume:
+### Recreate Database with New Volume
 ```bash
 docker-compose run --detach --name database --env MYSQL_USER="nextcloud" --env MYSQL_PASSWORD=PASSWORD --env MYSQL_ROOT_PASSWORD=PASSWORD --env MYSQL_DATABASE="nextcloud" -v nextcloud_database:/var/lib/mysql
 ```
 
-The process can be checked with:
+Check the process with:
-
+```sql
-```bash
 show processlist;
 ```
 
-## occ
+---
 
-To use occ run:
+## OCC (Nextcloud Command Line) 🔧
 
+To use OCC, run:
 ```bash
-  docker-compose exec -it -u www-data application /var/www/html/occ
+docker-compose exec -it -u www-data application /var/www/html/occ
 ```
 
-## app relevant tables
+---
-- oc_appconfig
-- oc_migrations
 
-### initialize duplicates
+## App Relevant Tables 🗃️
 
+- `oc_appconfig`
+- `oc_migrations`
+
+### Initialize Duplicates
 ```bash
-  docker-compose exec -it -u www-data application /var/www/html/occ duplicates:find-all --output
+docker-compose exec -it -u www-data application /var/www/html/occ duplicates:find-all --output
 ```
 
-### unlock files
+### Unlock Files
 ```bash
-  docker-compose exec -it -u www-data application /var/www/html/occ maintenance:mode --on
+docker-compose exec -it -u www-data application /var/www/html/occ maintenance:mode --on
-  docker-compose exec -it nextcloud_database_1 mysql -u nextcloud -pPASSWORD1234132 -D nextcloud -e "delete from oc_file_locks where 1"
+docker-compose exec -it nextcloud_database_1 mysql -u nextcloud -pPASSWORD1234132 -D nextcloud -e "delete from oc_file_locks where 1"
-  docker-compose exec -it -u www-data application /var/www/html/occ maintenance:mode --off
+docker-compose exec -it -u www-data application /var/www/html/occ maintenance:mode --off
 ```
 
-## architecture
+---
-### Maria DB
-Until NC24 MariaDB version has to be used.
 
-## performance
+## Architecture
-### 504 Gateway Timeout
+
+### MariaDB
+Until Nextcloud 24, the MariaDB version must be used.
+
+---
+
+## Performance: 504 Gateway Timeout ⏱️
 
 ```bash
-  docker-compose logs web --tail 1000 | grep 504
+docker-compose logs web --tail 1000 | grep 504
 ```
 
-#### See
+#### See:
-- https://support.f5.com/csp/article/K48373902
+- [F5 Support: K48373902](https://support.f5.com/csp/article/K48373902)
-- https://github.com/nextcloud/server/issues/25436
+- [Nextcloud Server Issue #25436](https://github.com/nextcloud/server/issues/25436)
-- https://help.nextcloud.com/t/update-to-next-cloud-21-0-2-has-get-an-error/117028/23?page=2
+- [Nextcloud 21.0.2 Update Error](https://help.nextcloud.com/t/update-to-next-cloud-21-0-2-has-get-an-error/117028/23?page=2)
-- https://serverfault.com/questions/178671/nginx-php-fpm-504-gateway-time-out-error-with-almost-zero-load-on-a-test-se
+- [ServerFault: Nginx PHP-FPM 504 Error](https://serverfault.com/questions/178671/nginx-php-fpm-504-gateway-time-out-error-with-almost-zero-load-on-a-test-se)
-- https://help.nextcloud.com/t/solved-manual-lemp-install-php-fpm-timing-out/39070
+- [Manual LEMP Install Timeout](https://help.nextcloud.com/t/solved-manual-lemp-install-php-fpm-timing-out/39070)
+
+---
+
+## Further Information ℹ️
+
+- [Nextcloud Docker Example with Nginx Proxy, MariaDB, and FPM](https://github.com/nextcloud/docker/blob/master/.examples/docker-compose/with-nginx-proxy/mariadb/fpm/docker-compose.yml)
+- [Nextcloud Upgrade via Docker by Goneuland](https://goneuland.de/nextcloud-upgrade-auf-neue-versionen-mittels-docker/)
+- [Nextcloud Data Version Issue](https://help.nextcloud.com/t/cant-start-nextcloud-because-the-version-of-the-data-is-higher-than-the-docker-image-version-and-downgrading-is-not-supported/109438)
+- [Nextcloud Docker Issue #1302](https://github.com/nextcloud/docker/issues/1302)
+- [Update to Nextcloud 22 Failed Database Error](https://help.nextcloud.com/t/update-to-22-failed-with-database-error-updated/120682)
+- [Nextcloud 21.0.0-beta1 Database Error](https://help.nextcloud.com/t/nc-update-to-21-0-0-beta1-exception-database-error/101124/4)
+- [Reset Password for MariaDB/MySQL in Docker](https://wolfgang.gassler.org/reset-password-mariadb-mysql-docker/)
+- [Ansible Docker Container and depends_on Issue](https://unix.stackexchange.com/questions/478855/ansible-docker/container/and-depends-on)
+- [Docker Convenience Scripts by gdiepen](https://github.com/gdiepen/docker-convenience-scripts)
+- [Issues After Upgrading to Nextcloud 21](https://help.nextcloud.com/t/several-issues-after-upgrading-to-nextcloud-21/113118/3)
+- [Nextcloud Talk Plugin and Turnserver in Docker](https://forum.openmediavault.org/index.php?thread/31782-docker-nextcloud-talk-plugin-and-turnserver/)
+- [Nextcloud Talk on Docker: Turn Server Issues](https://help.nextcloud.com/t/nextcloud-talk-im-docker/container/turn-server-auf-docker-host-kein-video/84133/10)
+
+---
+
+## OIDC (OpenID Connect) Support 🔐
+
+OIDC is supported in this role—for example, via **Keycloak**. OIDC-specific tasks are included when enabled, allowing integration of external authentication providers seamlessly.
+
+---
+## Author
+
+**Developed by:** Kevin Veen-Birkenbach  
+**Website:** [https://www.veen.world/](https://www.veen.world/)
+
+*This README.md was created with the help of [ChatGPT](https://chatgpt.com/share/67a5312c-7248-800f-ae27-0288c1c82f1d).*
+
+---
+*Enjoy and happy containerizing! 😄*
+
 
-## further information
-- https://github.com/nextcloud/docker/blob/master/.examples/docker-compose/with-nginx-proxy/mariadb/fpm/docker-compose.yml
-- https://goneuland.de/nextcloud-upgrade-auf-neue-versionen-mittels-docker/
-- https://help.nextcloud.com/t/cant-start-nextcloud-because-the-version-of-the-data-is-higher-than-the-docker-image-version-and-downgrading-is-not-supported/109438
-- https://github.com/nextcloud/docker/issues/1302
-- https://help.nextcloud.com/t/update-to-22-failed-with-database-error-updated/120682
-- https://help.nextcloud.com/t/nc-update-to-21-0-0-beta1-exception-database-error/101124/4
-- https://wolfgang.gassler.org/reset-password-mariadb-mysql-docker/
-- https://unix.stackexchange.com/questions/478855/ansible-docker/container/and-depends-on
-- https://github.com/gdiepen/docker-convenience-scripts
-- https://help.nextcloud.com/t/several-issues-after-upgrading-to-nextcloud-21/113118/3
-- https://forum.openmediavault.org/index.php?thread/31782-docker-nextcloud-talk-plugin-and-turnserver/
-- https://help.nextcloud.com/t/nextcloud-talk-im-docker/container/turn-server-auf-docker-host-kein-video/84133/10

roles/docker-nextcloud/tasks/main.yml

@@ -18,21 +18,9 @@
     dest: "{{docker_compose.directories.volumes}}nginx.conf"
   notify: docker compose project setup
 
-- name: "create {{docker_compose.files.docker_compose}}"
+- name: "copy docker-compose.yml and env file"
-  template:
+  include_tasks: copy-docker-compose-and-env.yml
-    src:	"docker-compose.yml.j2"
-    dest:	"{{docker_compose.files.docker_compose}}"
-  notify: docker compose project setup
 
-- name: "create {{docker_compose.files.env}}"
+- name: Include OIDC-specific tasks if OIDC client is active
-  template: 
+  include_tasks: oidc_tasks.yml
-    src:  "env.j2" 
+  when: oidc.enabled | bool
-    dest: "{{docker_compose.files.env}}"
-    mode: '770'
-    force: yes
-  notify: docker compose project setup
-
-# @todo activate
-#- name: Include OIDC-specific tasks if OIDC client is active
-#  include_tasks: oidc_tasks.yml
-#  when: oidc.enabled | bool

roles/docker-nextcloud/tasks/oidc_tasks.yml

@@ -6,28 +6,24 @@
 - name: Set hide_login_form to true
   command: "docker exec -u www-data {{nextcloud_application_container_name}} /var/www/html/occ config:system:set --type boolean --value true hide_login_form"
 
-- name: Set auth.webauthn.enabled to false
+- name: "Set auth.webauthn.enabled to false"
-  command: docker exec -u www-data {{nextcloud_application_container_name}} /var/www/html/occ config:system:set --type boolean --value false auth.webauthn.enabled"
+  command: "docker exec -u www-data {{nextcloud_application_container_name}} /var/www/html/occ config:system:set --type boolean --value false auth.webauthn.enabled"
 
 - name: Set allow_login_connect to 1
-  command: >
+  command: "docker exec -u www-data {{nextcloud_application_container_name}} /var/www/html/occ config:app:set sociallogin allow_login_connect --value='1'"
-    docker-compose exec -u www-data application /var/www/html/occ
-    config:app:set sociallogin allow_login_connect --value="1"
   # This configuration allows users to connect multiple accounts to their Nextcloud profile
   # using the sociallogin app.
 
 - name: Set custom_providers
   command: >
-    docker-compose exec -u www-data application /var/www/html/occ
+    docker exec -u www-data {{nextcloud_application_container_name}} /var/www/html/occ
     config:app:set sociallogin custom_providers
-    --value='{"custom_oidc":[{"name":"{{domains.keycloak}}","title":"keycloak","authorizeUrl":"{{oidc.client.authorize_url}}","tokenUrl":"{{oidc.client.toke_url}}","displayNameClaim":"","userInfoUrl":"{{oidc.client.user_info_url}}","logoutUrl":"{{oidc.client.logout_url}}","clientId":"{{oidc.client.id}}","clientSecret":"{{oidc.client.secret}}","scope":"openid","groupsClaim":"","style":"","defaultGroup":""}]}'
+    --value='{"custom_oidc":[{"name":"{{domains.keycloak}}","title":"keycloak","style":"keycloak","authorizeUrl":"{{oidc.client.authorize_url}}","tokenUrl":"{{oidc.client.toke_url}}","displayNameClaim":"","userInfoUrl":"{{oidc.client.user_info_url}}","logoutUrl":"{{oidc.client.logout_url}}","clientId":"{{oidc.client.id}}","clientSecret":"{{oidc.client.secret}}","scope":"openid","groupsClaim":"","style":"","defaultGroup":""}]}'
   # This configuration defines custom OpenID Connect (OIDC) providers for authentication.
   # In this case, it sets up a Keycloak provider with details like URLs for authorization,
   # token retrieval, user info, and logout, as well as the client ID and secret.
 
 - name: Set prevent_create_email_exists to 1
-  command: >
+  command: 'docker exec -u www-data {{nextcloud_application_container_name}} /var/www/html/occ config:app:set sociallogin prevent_create_email_exists --value="1"'
-    docker-compose exec -u www-data application /var/www/html/occ
-    config:app:set sociallogin prevent_create_email_exists --value="1"
   # This configuration prevents the creation of new Nextcloud users if an account with the
   # same email address already exists in the system. It helps avoid duplicate accounts.

roles/docker-openproject/tasks/main.yml

@@ -50,16 +50,5 @@
     state: directory
     mode: 0755
 
-- name: "create {{docker_compose.files.docker_compose}}"
+- name: "copy docker-compose.yml and env file"
-  template:
+  include_tasks: copy-docker-compose-and-env.yml
-    src:	"docker-compose.yml.j2"
-    dest:	"{{docker_compose.files.docker_compose}}"
-  notify: docker compose project setup
-
-- name: "create {{docker_compose.files.env}}"
-  template: 
-    src:  "env.j2" 
-    dest: "{{docker_compose.files.env}}"
-    mode: '770'
-    force: yes
-  notify: docker compose project setup

roles/docker-peertube/tasks/main.yml

@@ -9,16 +9,5 @@
   loop_control:
     loop_var: domain
 
-- name: "create {{docker_compose.files.docker_compose}}"
+- name: "copy docker-compose.yml and env file"
-  template:
+  include_tasks: copy-docker-compose-and-env.yml
-    src:	"docker-compose.yml.j2"
-    dest:	"{{docker_compose.files.docker_compose}}"
-  notify: docker compose project setup
-
-- name: "create {{docker_compose.files.env}}"
-  template: 
-    src:  "env.j2" 
-    dest: "{{docker_compose.files.env}}"
-    mode: '770'
-    force: yes
-  notify: docker compose project setup

roles/docker-phpmyadmin/tasks/main.yml

@@ -6,16 +6,5 @@
 - name: "include tasks nginx-docker-proxy-domain.yml"
   include_tasks: nginx-docker-proxy-domain.yml
 
-- name: "create {{docker_compose.files.docker_compose}}"
+- name: "copy docker-compose.yml and env file"
-  template:
+  include_tasks: copy-docker-compose-and-env.yml
-    src:	"docker-compose.yml.j2"
-    dest:	"{{docker_compose.files.docker_compose}}"
-  notify: docker compose project setup
-
-- name: "create {{docker_compose.files.env}}"
-  template: 
-    src:  "env.j2" 
-    dest: "{{docker_compose.files.env}}"
-    mode: '770'
-    force: yes
-  notify: docker compose project setup

roles/docker-pixelfed/tasks/main.yml

@@ -6,16 +6,5 @@
 - name: "include tasks nginx-docker-proxy-domain.yml"
   include_tasks: nginx-docker-proxy-domain.yml
 
-- name: "create {{docker_compose.files.docker_compose}}"
+- name: "copy docker-compose.yml and env file"
-  template:
+  include_tasks: copy-docker-compose-and-env.yml
-    src:	"docker-compose.yml.j2"
-    dest:	"{{docker_compose.files.docker_compose}}"
-  notify: docker compose project setup
-
-- name: "create {{docker_compose.files.env}}"
-  template: 
-    src:  "env.j2" 
-    dest: "{{docker_compose.files.env}}"
-    mode: '770'
-    force: yes
-  notify: docker compose project setup

roles/docker-snipe_it/tasks/main.yml

@@ -6,16 +6,5 @@
 - name: "include tasks nginx-docker-proxy-domain.yml"
   include_tasks: nginx-docker-proxy-domain.yml
 
-- name: "create {{docker_compose.files.docker_compose}}"
+- name: "copy docker-compose.yml and env file"
-  template:
+  include_tasks: copy-docker-compose-and-env.yml
-    src:	"docker-compose.yml.j2"
-    dest:	"{{docker_compose.files.docker_compose}}"
-  notify: docker compose project setup
-
-- name: "create {{docker_compose.files.env}}"
-  template: 
-    src:  "env.j2" 
-    dest: "{{docker_compose.files.env}}"
-    mode: '770'
-    force: yes
-  notify: docker compose project setup

roles/docker-taiga/tasks/main.yml

@@ -20,16 +20,5 @@
     dest:	"{{docker_compose_init}}"
   notify: docker compose project setup
 
-- name: "create {{docker_compose.files.docker_compose}}"
+- name: "copy docker-compose.yml and env file"
-  template:
+  include_tasks: copy-docker-compose-and-env.yml
-    src:	"docker-compose.yml.j2"
-    dest:	"{{docker_compose.files.docker_compose}}"
-  notify: docker compose project setup
-
-- name: "create {{docker_compose.files.env}}"
-  template: 
-    src:  "env.j2" 
-    dest: "{{docker_compose.files.env}}"
-    mode: '770'
-    force: yes
-  notify: docker compose project setup

roles/docker-wordpress/tasks/main.yml

@@ -27,17 +27,6 @@
     - docker compose project setup
     - rebuild wordpress container
 
-- name: "create {{docker_compose.files.docker_compose}}"
+- name: "copy docker-compose.yml and env file"
-  template:
+  include_tasks: copy-docker-compose-and-env.yml
-    src:	"docker-compose.yml.j2"
-    dest:	"{{docker_compose.files.docker_compose}}"
-  notify: docker compose project setup
-
-- name: "create {{docker_compose.files.env}}"
-  template: 
-    src:  "env.j2" 
-    dest: "{{docker_compose.files.env}}"
-    mode: '770'
-    force: yes
-  notify: docker compose project setup
   

roles/docker-yourls/tasks/main.yml

@@ -6,16 +6,5 @@
 - name: "include tasks nginx-docker-proxy-domain.yml"
   include_tasks: nginx-docker-proxy-domain.yml
 
-- name: "create {{docker_compose.files.docker_compose}}"
+- name: "copy docker-compose.yml and env file"
-  template:
+  include_tasks: copy-docker-compose-and-env.yml
-    src:	"docker-compose.yml.j2"
-    dest:	"{{docker_compose.files.docker_compose}}"
-  notify: docker compose project setup
-
-- name: "create {{docker_compose.files.env}}"
-  template: 
-    src:  "env.j2" 
-    dest: "{{docker_compose.files.env}}"
-    mode: '770'
-    force: yes
-  notify: docker compose project setup

tasks/copy-docker-compose-and-env.yml

@@ -0,0 +1,13 @@
+- name: "create {{docker_compose.files.docker_compose}}"
+  template:
+    src:	"docker-compose.yml.j2"
+    dest:	"{{docker_compose.files.docker_compose}}"
+  notify: docker compose project setup
+
+- name: "create {{docker_compose.files.env}}"
+  template: 
+    src:  "env.j2" 
+    dest: "{{docker_compose.files.env}}"
+    mode: '770'
+    force: yes
+  notify: docker compose project setup