mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-12-07 09:56:41 +00:00

Files

Kevin Veen-Birkenbach 986f959696 Refactor webserver proxy variables and fix BigBlueButton deployment behavior

Refactor proxy/webserver configuration variables to a consistent webserver_* naming scheme across roles. Replace legacy variables like proxy_extra_configuration, client_max_body_size, vhost_flavour, location_ws and ws_port with webserver_extra_configuration, webserver_client_max_body_size, webserver_vhost_flavour, webserver_websocket_location and webserver_websocket_port. Update NGINX vhost and location templates (html, upload, ws, basic, ws_generic) as well as callers (sys-front-inj-all, sys-stk-front-proxy, various web-app-* and web-svc-* roles) to use the new naming.

Tighten docker-compose Git repository handling by making docker_git_repository_pull depend on docker_git_repository_address being defined, a string and non-empty. This avoids accidental Git operations when the repository address is unset or of the wrong type.

Refactor the BigBlueButton role structure and fix deployment bugs: introduce 01_core.yml to orchestrate docker/proxy setup, database seeding, websocket map deployment, docker-compose overrides and admin/bootstrap logic in a single once-executed entrypoint. Rename supporting task files (02_docker-compose.yml, 03_administrator.yml, 04_dependencies.yml) and update tasks/main.yml to delegate via include_tasks with run_once_web_app_bigbluebutton. Improve Greenlight admin creation behavior by treating the 'Email has already been taken' error as a non-fatal, unchanged outcome and running user:set_admin_role as a fallback, both for the primary password and the OIDC starred-password path.

Also standardize vhost flavour selection for services like Mailu, Discourse, CDN, Collabora, Coturn, OnlyOffice, Simpleicons and web-svc-logout by explicitly passing webserver_vhost_flavour where needed and aligning client_max_body_size and websocket configuration with the new webserver_* variables.

Reference: ChatGPT conversation https://chatgpt.com/share/6931c530-bba8-800f-9997-dd61dc1d497b

2025-12-04 18:31:09 +01:00

defaults

Refactor webserver proxy variables and fix BigBlueButton deployment behavior

2025-12-04 18:31:09 +01:00

README.md

Nginx Domain Setup 🚀

Description

This role bootstraps per-domain Nginx configuration: it requests TLS certificates, applies global modifiers, deploys a ready-made vHost file, and can optionally lock down access via OAuth2.

Overview

A higher-level orchestration wrapper, sys-stk-front-proxy ties together several lower-level roles:

sys-front-inj-all – applies global tweaks and includes.
sys-svc-certs – obtains Let’s Encrypt certificates.
Domain template deployment – copies a Jinja2 vHost from sys-svc-proxy.
web-app-oauth2-proxy (optional) – protects the site with OAuth2.

The result is a complete, reproducible domain rollout in a single playbook task.

Purpose

Provide one-stop, idempotent domain provisioning for Nginx-based homelabs or small production environments.

Features

End-to-end TLS — certificate retrieval and secure headers included.
Template-driven vHosts — choose basic or ws_generic flavours (or your own).
Conditional OAuth2 — easily toggle authentication per application.
Handler-safe — automatically triggers an Nginx reload when templates change.
Composable — designed to be called repeatedly for many domains.

Credits 📝

Developed and maintained by Kevin Veen-Birkenbach.
Learn more at https://www.veen.world

Part of the Infinito.Nexus Project — licensed under the Infinito.Nexus NonCommercial License

README.md Unescape Escape