mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-08-30 23:38:13 +02:00

Files

Kevin Veen-Birkenbach 009bee531b Refactor role naming for TLS and proxy stack

- Renamed role `srv-tls-core` → `sys-svc-certs`
- Renamed role `srv-https-stack` → `sys-stk-front-pure`
- Renamed role `sys-stk-front` → `sys-stk-front-proxy`
- Updated all includes, READMEs, meta, and dependent roles accordingly

This improves clarity and consistency of naming conventions for certificate management and proxy orchestration.

See: https://chatgpt.com/share/68b19f2c-22b0-800f-ba9b-3f2c8fd427b0

2025-08-29 14:38:20 +02:00

README.md

Role: srv-composer

This Ansible role composes and orchestrates all necessary HTTPS-layer tasks and HTML-content injections for your webserver domains. It integrates two key sub-roles into a unified workflow:

sys-srv-web-inj-compose Injects global HTML snippets (CSS, Matomo tracking, iFrame notifier, custom JavaScript) into responses using Nginx sub_filter.
sys-svc-certs Handles issuing, renewing, and managing TLS certificates via ACME/Certbot.

By combining encryption setup with content enhancements, this role streamlines domain provisioning for secure, fully-featured HTTP/HTTPS delivery.

Features

Unified HTTPS Orchestration Seamlessly sets up TLS and performs HTML-level content injections in one role.
Content Injection Adds global theming, analytics, and custom scripts before </head> and tracking noscript tags before </body>.
Certificate Management Automates cert issuance and renewal via sys-svc-certs.
Idempotent Workflow Ensures each component runs only once per domain.
Simplified Playbooks Call a single role to handle both security (TLS) and user-experience (injections).