Kevin Veen-Birkenbach
79e702a3ab
- sys-service:
- Set explicit ownership and permissions for generated unit files:
owner=root, group=root, mode=0644. Prevents drift and makes idempotence
predictable when handlers reload/refresh systemd.
- web-svc-collabora:
- Move cmp-docker-proxy include into tasks/01_core.yml and run it
before Nginx config generation. Use public: true only to initialize the
proxy/compose context and docker_compose_flush_handlers: true to ensure
timely handler execution.
- Define role-local variables domain and http_port in vars/main.yml
and use {{ domain }} for the Nginx server file path. These values MUST
be defined locally because they cannot be reliably imported via
public: true — other roles may override them later in the play, leading
to leakage and nondeterministic behavior. Localizing avoids precedence
conflicts without resorting to host-wide set_fact.
- CSP adjusted: add server.security.flags.style-src.unsafe-inline: true
to accommodate Collabora’s inline styles (requested as “csr” in notes).
- Minor variable alignment/cleanup and TODO note for future refactor.
- Housekeeping:
- Rename task title to reflect {{ domain }} usage.
Refs:
- Discussion and rationale in this chat https://chatgpt.com/share/68a731aa-d394-800f-9eb4-2499f45ed54b (2025-08-21, Europe/Berlin).
Infinito.Nexus 🚀
🔐 One login. ♾️ Infinite application
What is Infinito.Nexus? 📌
Infinito.Nexus is an automated, modular infrastructure framework built on Docker, Linux, and Ansible, equally suited for cloud services, local server management, and desktop workstations. At its core lies a web-based desktop with single sign-on—backed by an LDAP directory and OIDC—granting seamless access to an almost limitless portfolio of self-hosted applications. It fully supports ActivityPub applications and is Fediverse-compatible, while integrated monitoring, alerting, cleanup, self-healing, automated updates, and backup solutions provide everything an organization needs to run at scale.
| 📚 | 🔗 |
|---|---|
| 🌐 Try It Live |  |
| 🔧 Request Your Setup |  |
| 📖 About This Project |    |
| ☕️ Support Us |     |
Key Features 🎯
-
Automated Deployment 📦 Turn up servers and workstations in minutes with ready-made Ansible roles.
-
Enterprise-Grade Security 🔒 Centralized user management via LDAP & OIDC (Keycloak), plus optional 2FA and encrypted storage.
-
Modular Scalability 📈 Grow from small teams to global enterprises by composing only the services you need.
-
Fediverse & ActivityPub Support 🌐 Seamlessly integrate Mastodon, Peertube, Matrix and other ActivityPub apps out of the box.
-
Self-Healing & Maintenance ⚙️ Automated cleanup, container healing, and auto-updates keep infrastructure healthy without human intervention.
-
Monitoring, Alerting & Analytics 📊 Built-in system, application, and security monitoring with multi-channel notifications.
-
Backup & Disaster Recovery 💾 Scheduled backups and scripted recovery processes to safeguard your data.
-
Continuous Updates 🔄 Automatic patching and version upgrades across the stack.
-
Application Ecosystem 🚀 A curated suite of self-hosted apps—from project management, version control, and CI/CD to chat, video conferencing, CMS, e-learning, social networking, and e-commerce—all seamlessly integrated.
More informations about the features you will find here.
Get Started 🚀
Use it online 🌐
Try Infinito.Nexus – sign up in seconds, explore the platform, and discover what our solution can do for you! 🚀🔧✨
Install locally 💻
- Install Infinito.Nexus via Kevin's Package Manager
- Setup Infinito.Nexus using:
pkgmgr install infinito - Explore Commands with:
infinito --help
Setup with Docker🚢
Get Infinito.Nexus up and running inside Docker in just a few steps. For detailed build options and troubleshooting, see the Docker Guide.
# 1. Build the Docker image: the Docker image:
docker build -t infinito:latest .
# 2. Run the CLI interactively:
docker run --rm -it infinito:latest infinito --help
License ⚖️
Infinito.Nexus is distributed under the Infinito.Nexus NonCommercial License. Please see LICENSE.md for full terms.
Professional Setup & Support 💼
For expert installation and configuration visit cybermaster.space or write to us at contact@cymais.cloud.