kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-08-29 23:08:06 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
009bee531b37c5eb7e4b4b85a46a659b9c4af9e8
computer-playbook/roles/srv-composer/README.md
Kevin Veen-Birkenbach 009bee531b Refactor role naming for TLS and proxy stack 
- Renamed role `srv-tls-core` → `sys-svc-certs`
- Renamed role `srv-https-stack` → `sys-stk-front-pure`
- Renamed role `sys-stk-front` → `sys-stk-front-proxy`
- Updated all includes, READMEs, meta, and dependent roles accordingly

This improves clarity and consistency of naming conventions for certificate management and proxy orchestration.

See: https://chatgpt.com/share/68b19f2c-22b0-800f-ba9b-3f2c8fd427b0
2025-08-29 14:38:20 +02:00

1.1 KiB
Raw Blame History

Role: srv-composer

This Ansible role composes and orchestrates all necessary HTTPS-layer tasks and HTML-content injections for your webserver domains. It integrates two key sub-roles into a unified workflow:

  1. sys-srv-web-inj-compose Injects global HTML snippets (CSS, Matomo tracking, iFrame notifier, custom JavaScript) into responses using Nginx sub_filter.
  2. sys-svc-certs Handles issuing, renewing, and managing TLS certificates via ACME/Certbot.

By combining encryption setup with content enhancements, this role streamlines domain provisioning for secure, fully-featured HTTP/HTTPS delivery.

Features

  • Unified HTTPS Orchestration Seamlessly sets up TLS and performs HTML-level content injections in one role.
  • Content Injection Adds global theming, analytics, and custom scripts before </head> and tracking noscript tags before </body>.
  • Certificate Management Automates cert issuance and renewal via sys-svc-certs.
  • Idempotent Workflow Ensures each component runs only once per domain.
  • Simplified Playbooks Call a single role to handle both security (TLS) and user-experience (injections).