Lessons Learned

The network role in this repository is a powerful tool that sets up a complete network stack, including Nginx Proxy Manager for reverse proxying and wireguard-easy for a WireGuard web UI.
The gitea and postgres roles use Docker Compose to deploy their respective services.
Properly managing variables, especially secrets like passwords and API keys, is crucial. Using group_vars and a .gitignored secrets directory is a good practice.
It's important to have a clear plan and get user feedback before making any changes. The "planning mode" and "acting mode" paradigm is a good way to structure the workflow.
The docker role proved problematic on Ubuntu 24.04 (noble) due to repository issues.
Podman is a viable and simpler alternative to Docker for container management.
Ansible modules designed for Docker (e.g., community.docker.docker_compose_v2, docker_container) are not directly compatible with Podman.
podman-compose can be used with ansible.builtin.shell for managing docker-compose.yml files with Podman.
containers.podman.podman_container is the direct replacement for docker_container for managing individual Podman containers.
Ansible Vault is crucial for securely managing sensitive data like passwords in version control.