kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-11-06 05:08:16 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
d1ccfd9cdd57cb788550666264c4e360e96db3de
computer-playbook/roles/web-app-taiga
History
Kevin Veen-Birkenbach 57d5269b07 CSP (Safari-safe): merge -elem/-attr into base; respect explicit disables; no mirror-back; header only for documents/workers 
- Add CSP3 support for style/script: include -elem and -attr directives
- Base (style-src, script-src) now unions elem/attr (CSP2/Safari fallback)
- Respect explicit base disables (e.g. style-src.unsafe-inline: false)
- Hashes only when 'unsafe-inline' absent in the final base tokens
- Nginx: set CSP only for HTML/worker via header_filter_by_lua_block; drop for subresources
- Remove per-location header_filter; keep body_filter only
- Update app role flags to *-attr where appropriate; extend desktop CSS sources
- Add comprehensive unit tests for union/explicit-disable/no-mirror-back

Ref: https://chatgpt.com/share/68f87a0a-cebc-800f-bb3e-8c8ab4dee8ee
2025-10-22 13:53:06 +02:00
..
config
meta
schema
tasks
templates
users
vars
README.md

README.md

Taiga

Description

Taiga is a powerful and intuitive open-source project management platform tailored for agile teams. Whether you're practicing Scrum, Kanban, or a custom hybrid workflow, Taiga offers a rich, customizable environment to plan, track, and collaborate on your projects — without the complexity of enterprise tools or the vendor lock-in of SaaS platforms.

This Ansible role deploys Taiga in a Docker-based environment, allowing fast, reproducible, and secure installations. It also optionally integrates OpenID Connect (OIDC) for single sign-on via providers like Keycloak.

Why Taiga?

Taiga is ideal for developers, designers, and agile teams who want:

  • Beautiful UI: Clean, modern, and responsive interface.
  • 📌 Agile Workflows: Supports Scrum, Kanban, Scrumban, and Epics.
  • 🗃️ Backlog & Sprint Management: Create user stories, tasks, and sprints with ease.
  • 📈 Burn-down Charts & Metrics: Monitor velocity and progress.
  • 🔄 Custom Workflows: Define your own states, priorities, and permissions.
  • 📎 Attachments & Wiki: Collaborate with file uploads and internal documentation.
  • 🔐 SSO/Authentication Plugins: OpenID Connect, LDAP, GitHub, GitLab and more.
  • 🌍 Multilingual UI: Used by teams worldwide.

Purpose

This role automates the deployment and configuration of a complete, production-ready Taiga stack using Docker Compose. It ensures integration with common infrastructure tools such as Nginx, PostgreSQL, and RabbitMQ, while optionally enabling OpenID Connect authentication for enterprise-grade SSO.

By using this role, teams can set up Taiga in minutes on Arch Linux systems — whether in a homelab, dev environment, or production cluster.

Features

  • 🐳 Docker-Based Deployment: Easy containerized setup of backend, frontend, async workers, and events service.
  • 🔐 OIDC (Single Sign-On): Supported via:
  • 📨 Email Backend: Supports SMTP and console backends for development.
  • 🔁 Async & Realtime Events: Includes RabbitMQ and support for Taigas event system.
  • 🌐 Reverse Proxy Ready: Integrates with Nginx using the sys-stk-front-proxy role.
  • 🧩 Composable Design: Integrates cleanly with other Infinito.Nexus infrastructure roles.

Author

Developed and maintained by Kevin Veen-Birkenbach
Email: kevin@veen.world
Website: veen.world

Part of the Infinito.Nexus Project
License: Infinito.Nexus NonCommercial License