Kevin Veen-Birkenbach
57d5269b07
- Add CSP3 support for style/script: include -elem and -attr directives - Base (style-src, script-src) now unions elem/attr (CSP2/Safari fallback) - Respect explicit base disables (e.g. style-src.unsafe-inline: false) - Hashes only when 'unsafe-inline' absent in the final base tokens - Nginx: set CSP only for HTML/worker via header_filter_by_lua_block; drop for subresources - Remove per-location header_filter; keep body_filter only - Update app role flags to *-attr where appropriate; extend desktop CSS sources - Add comprehensive unit tests for union/explicit-disable/no-mirror-back Ref: https://chatgpt.com/share/68f87a0a-cebc-800f-bb3e-8c8ab4dee8ee
Taiga
Description
Taiga is a powerful and intuitive open-source project management platform tailored for agile teams. Whether you're practicing Scrum, Kanban, or a custom hybrid workflow, Taiga offers a rich, customizable environment to plan, track, and collaborate on your projects — without the complexity of enterprise tools or the vendor lock-in of SaaS platforms.
This Ansible role deploys Taiga in a Docker-based environment, allowing fast, reproducible, and secure installations. It also optionally integrates OpenID Connect (OIDC) for single sign-on via providers like Keycloak.
Why Taiga?
Taiga is ideal for developers, designers, and agile teams who want:
- ✅ Beautiful UI: Clean, modern, and responsive interface.
- 📌 Agile Workflows: Supports Scrum, Kanban, Scrumban, and Epics.
- 🗃️ Backlog & Sprint Management: Create user stories, tasks, and sprints with ease.
- 📈 Burn-down Charts & Metrics: Monitor velocity and progress.
- 🔄 Custom Workflows: Define your own states, priorities, and permissions.
- 📎 Attachments & Wiki: Collaborate with file uploads and internal documentation.
- 🔐 SSO/Authentication Plugins: OpenID Connect, LDAP, GitHub, GitLab and more.
- 🌍 Multilingual UI: Used by teams worldwide.
Purpose
This role automates the deployment and configuration of a complete, production-ready Taiga stack using Docker Compose. It ensures integration with common infrastructure tools such as Nginx, PostgreSQL, and RabbitMQ, while optionally enabling OpenID Connect authentication for enterprise-grade SSO.
By using this role, teams can set up Taiga in minutes on Arch Linux systems — whether in a homelab, dev environment, or production cluster.
Features
- 🐳 Docker-Based Deployment: Easy containerized setup of backend, frontend, async workers, and events service.
- 🔐 OIDC (Single Sign-On): Supported via:
- 📨 Email Backend: Supports SMTP and console backends for development.
- 🔁 Async & Realtime Events: Includes RabbitMQ and support for Taiga’s event system.
- 🌐 Reverse Proxy Ready: Integrates with Nginx using the
sys-stk-front-proxyrole. - 🧩 Composable Design: Integrates cleanly with other Infinito.Nexus infrastructure roles.
Author
Developed and maintained by Kevin Veen-Birkenbach
Email: kevin@veen.world
Website: veen.world
Part of the Infinito.Nexus Project
License: Infinito.Nexus NonCommercial License