Sys-util-csp-cert Role

Description: No description available

Variables

• author: Kevin Veen-Birkenbach

• description: Composes HTTPS setup and HTML-content injections (CSS, Matomo, iFrame, JS) for webserver domains.

• license: Infinito.Nexus NonCommercial License

• license_url: https://s.infinito.nexus/license

• company: Kevin Veen-Birkenbach

Consulting & Coaching Solutions https://www.veen.world

• min_ansible_version: 2.9

• platforms: [{‘name’: ‘Archlinux’, ‘versions’: [‘rolling’]}, {‘name’: ‘Ubuntu’, ‘versions’: [‘all’]}]

• galaxy_tags: [‘webserver’, ‘https’, ‘tls’, ‘injection’, ‘css’, ‘matomo’, ‘iframe’, ‘javascript’, ‘orchestration’]

• repository: https://s.infinito.nexus/code

• issue_tracker_url: https://s.infinito.nexus/issues

• documentation: https://s.infinito.nexus/code/roles/sys-util-csp-cert

README

sys-util-csp-cert

This Ansible role composes and orchestrates all necessary HTTPS-layer tasks and HTML-content injections for your webserver domains. It integrates two key sub-roles into a unified workflow:

1. ``sys-front-inj-all`` Injects global HTML snippets (CSS, Matomo tracking, iFrame notifier, custom JavaScript) into responses using Nginx sub_filter.

2. ``sys-svc-certs`` Handles issuing, renewing, and managing TLS certificates via ACME/Certbot.

By combining encryption setup with content enhancements, this role streamlines domain provisioning for secure, fully-featured HTTP/HTTPS delivery.

Features

• Unified HTTPS Orchestration Seamlessly sets up TLS and performs HTML-level content injections in one role.

• Content Injection Adds global theming, analytics, and custom scripts before </head> and tracking noscript tags before </body>.

• Certificate Management Automates cert issuance and renewal via sys-svc-certs.

• Idempotent Workflow Ensures each component runs only once per domain.

• Simplified Playbooks Call a single role to handle both security (TLS) and user-experience (injections).