mirror of
https://github.com/kevinveenbirkenbach/computer-playbook.git
synced 2025-10-09 18:28:10 +02:00
Kevin Veen-Birkenbach
aa19a97ed6
- Add reusable Nginx include: roles/sys-svc-proxy/templates/headers/access_control_allow.conf.j2
(dynamic ACAO/credentials/methods/headers via role vars)
- Set global 'Vary: Origin' in nginx.conf.j2 to prevent cache poisoning
- CSP: allow Simple Icons via connect-src when feature is enabled
- Front proxy: rename vars to lowercase + flush handlers after config deploy
- Desktop: gate & load Simple Icons role; inject brand logos when enabled
- Bluesky + Logout: replace inline CORS with centralized include
- Simpleicons: public CORS (ACAO='*', no credentials), keep GET/OPTIONS, allow headers
- Taiga: adjust canonical domain to taiga.kanban.{{ PRIMARY_DOMAIN }}
- LibreTranslate: remove unused images/versions keys
Fixes: https://open.project.infinito.nexus/projects/cymais/work_packages/342/activity
Discussion: https://chatgpt.com/share/68da5e27-ffd4-800f-91a3-0ef103058d44
65 lines
1.8 KiB
YAML
65 lines
1.8 KiB
YAML
- name: "Load brand logos role for '{{ application_id }}'"
|
|
include_role:
|
|
name: web-svc-simpleicons
|
|
vars:
|
|
flush_handlers: true
|
|
when:
|
|
- run_once_web_svc_simpleicons is not defined
|
|
- DESKTOP_SIMPLEICONS_ENABLED | bool
|
|
|
|
- name: "Validate configuration"
|
|
include_tasks: "02_validate.yml"
|
|
when: MODE_ASSERT | bool
|
|
|
|
- name: "Include JS routines"
|
|
include_tasks: "03_javascript.yml"
|
|
|
|
- name: "load docker, proxy for '{{ application_id }}'"
|
|
include_role:
|
|
name: sys-stk-full-stateless
|
|
|
|
- name: "Check if host-specific config.yaml exists in {{ DESKTOP_CONFIG_INV_PATH }}"
|
|
stat:
|
|
path: "{{ DESKTOP_CONFIG_INV_PATH }}"
|
|
delegate_to: localhost
|
|
become: false
|
|
register: config_file
|
|
|
|
- name: Load menu categories
|
|
include_vars:
|
|
file: "menu_categories.yml"
|
|
|
|
- name: Load docker cards
|
|
set_fact:
|
|
portfolio_cards: "{{ lookup('docker_cards', 'roles') }}"
|
|
|
|
- name: "Load Desktop Brand logos"
|
|
set_fact:
|
|
portfolio_cards: "{{ portfolio_cards | add_simpleicon_source(domains, WEB_PROTOCOL) }}"
|
|
when: DESKTOP_SIMPLEICONS_ENABLED | bool
|
|
changed_when: false
|
|
|
|
- name: Group docker cards
|
|
set_fact:
|
|
portfolio_menu_data: "{{ lookup('docker_cards_grouped', portfolio_cards, portfolio_menu_categories) }}"
|
|
|
|
- name: Copy host-specific config.yaml if it exists
|
|
template:
|
|
src: "{{ DESKTOP_CONFIG_INV_PATH }}"
|
|
dest: "{{ DESKTOP_CONFIG_YML_DEST }}"
|
|
notify: docker compose up
|
|
when: config_file.stat.exists
|
|
|
|
- name: Copy default config.yaml from the role template if host-specific file does not exist
|
|
template:
|
|
src: "{{ DESKTOP_CONFIG_YML_SRC_FILE }}"
|
|
dest: "{{ DESKTOP_CONFIG_YML_DEST }}"
|
|
notify: docker compose up
|
|
when: not config_file.stat.exists
|
|
|
|
- name: add docker-compose.yml
|
|
template:
|
|
src: docker-compose.yml.j2
|
|
dest: "{{ docker_compose.directories.instance }}docker-compose.yml"
|
|
notify: docker compose up
|