docs: rewrite README with structured overview and quick start guide

Replaces the minimal project description with a comprehensive README
including a component overview table, quick start instructions, common
Ansible operations, and links to detailed documentation. Aligns with
Red Panda Approval™ standards.

ansible/openwebui/deploy.yml

@@ -0,0 +1,127 @@
+---
+- name: Install OpenWebUI configured with PostgreSQL
+  hosts: ubuntu
+  vars:
+    ansible_common_remote_group: "{{ openwebui_group | default(omit) }}"
+    allow_world_readable_tmpfiles: true
+  tasks:
+  - name: Check if host has openwebui service
+    ansible.builtin.set_fact:
+      has_openwebui_service: "{{ 'openwebui' in services | default([]) }}"
+
+  - name: Skip hosts without openwebui service
+    ansible.builtin.meta: end_host
+    when: not has_openwebui_service
+
+  - name: Create OpenWebUI User
+    become: true
+    ansible.builtin.user:
+      name: "{{openwebui_user}}"
+      comment: "{{openwebui_user}}"
+      system: true
+
+  - name: Add "remote_user" user to OpenWebUI group
+    become: true
+    ansible.builtin.user:
+      name: "{{remote_user}}"
+      groups: "{{openwebui_group}}"
+      append: true
+
+  - name: Create OpenWebUI directory
+    become: true
+    ansible.builtin.file:
+      path: "{{openwebui_directory}}"
+      owner: "{{openwebui_user}}"
+      group: "{{openwebui_group}}"
+      state: directory
+      mode: '0750'
+
+  - name: Install required packages
+    become: true
+    ansible.builtin.apt:
+      name: [postgresql-client, ffmpeg]
+      state: present
+      update_cache: true
+
+  - name: Install Python 3.12 and venv
+    become: true
+    ansible.builtin.apt:
+      name: [python3.12, python3.12-venv, python3.12-dev]
+      state: latest
+      update_cache: true
+
+  - name: Create virtual environment
+    become: true
+    become_user: "{{openwebui_user}}"
+    ansible.builtin.command: python3.12 -m venv {{openwebui_directory}}/.venv
+    args:
+      creates: "{{openwebui_directory}}/.venv/bin/activate"
+
+  - name: Install wheel and openwebui in virtual environment
+    become: true
+    become_user: "{{openwebui_user}}"
+    ansible.builtin.pip:
+      name:
+        - wheel
+        - open-webui[all]=={{openwebui_rel}}
+        - psycopg2-binary
+      state: latest
+      virtualenv: "{{openwebui_directory}}/.venv"
+      virtualenv_python: python3.12
+    vars:
+      ansible_common_remote_group: "{{openwebui_group}}"
+      allow_world_readable_tmpfiles: true
+    notify: Restart OpenWebUI
+
+  - name: Create environment file for OpenWebUI
+    become: true
+    ansible.builtin.template:
+      src: openwebui.env.j2
+      dest: "{{openwebui_directory}}/.env"
+      owner: "{{openwebui_user}}"
+      group: "{{openwebui_group}}"
+      mode: '0600'
+    notify: Restart OpenWebUI
+
+  - name: Create systemd service file
+    become: true
+    ansible.builtin.template:
+      src: openwebui.service.j2
+      dest: /etc/systemd/system/openwebui.service
+      mode: '0644'
+    notify: Restart OpenWebUI
+
+  - name: Enable openwebui service
+    become: true
+    ansible.builtin.systemd:
+      name: openwebui
+      daemon_reload: true
+      enabled: true
+
+  handlers:
+  - name: Restart OpenWebUI
+    become: true
+    ansible.builtin.systemd:
+      name: openwebui
+      daemon_reload: true
+      state: restarted
+
+  post_tasks:
+  - name: Wait for OpenWebUI to initialize database schema
+    ansible.builtin.pause:
+      seconds: 20
+      prompt: "Waiting for OpenWebUI to initialize the database schema..."
+
+  - name: Check if OpenWebUI is running
+    ansible.builtin.uri:
+      url: http://localhost:{{openwebui_port}}/
+      method: GET
+      status_code: 200
+      timeout: 5
+    register: openwebui_status
+    ignore_errors: true
+
+  - name: Show OpenWebUI status
+    ansible.builtin.debug:
+      msg: "OpenWebUI is {{ 'running' if openwebui_status.status == 200 else 'not running properly' }}"
+

ansible/openwebui/openwebui.env.j2

@@ -0,0 +1,42 @@
+# OpenWebUI Environment Configuration
+
+# Server settings
+PORT={{openwebui_port}}
+HOST={{openwebui_host}}
+WEBUI_SECRET_KEY={{openwebui_secret_key}}
+CORS_ALLOW_ORIGIN={{openwebui_cors_allow_origin}}
+
+# Database configuration
+DATABASE_URL=postgresql://{{openwebui_db_user}}:{{openwebui_db_password}}@{{openwebui_db_host}}:{{openwebui_db_port}}/{{openwebui_db_name}}
+DATABASE_TYPE=postgres
+VECTOR_DB=pgvector
+PGVECTOR_CREATE_EXTENSION=false
+
+# Authentication settings
+ENABLE_SIGNUP={{openwebui_enable_signup}}
+ENABLE_EMAIL_LOGIN={{openwebui_enable_email_login}}
+
+# OAuth/OIDC Configuration (Casdoor SSO)
+ENABLE_OAUTH_SIGNUP=true
+OAUTH_CLIENT_ID={{openwebui_oauth_client_id}}
+OAUTH_CLIENT_SECRET={{openwebui_oauth_client_secret}}
+OAUTH_PROVIDER_NAME={{openwebui_oauth_provider_name}}
+OPENID_PROVIDER_URL={{openwebui_oauth_provider_url}}
+
+# API settings
+OPENAI_API_KEY={{openwebui_openai_api_key}}
+ANTHROPIC_API_KEY={{openwebui_anthropic_api_key}}
+MISTRAL_API_KEY={{openwebui_mistral_api_key}}
+GROQ_API_KEY={{openwebui_groq_api_key}}
+
+# Ollama LLM settings
+OLLAMA_API_BASE_URL={{ollama_api_base_url}}
+OLLAMA_API_KEY={{openwebui_ollama_api_key}}
+
+# Security settings
+ENABLE_HTTPS={{openwebui_enable_https}}
+SSL_CERT_PATH={{openwebui_ssl_cert_path}}
+SSL_KEY_PATH={{openwebui_ssl_key_path}}
+
+# Logging
+LOG_LEVEL={{openwebui_log_level}}

ansible/openwebui/openwebui.service.j2

@@ -0,0 +1,19 @@
+[Unit]
+Description=Open WebUI
+After=network.target
+
+[Service]
+Type=simple
+User={{openwebui_user}}
+Group={{openwebui_group}}
+WorkingDirectory={{openwebui_directory}}
+EnvironmentFile={{openwebui_directory}}/.env
+ExecStart={{openwebui_directory}}/.venv/bin/open-webui serve --port {{openwebui_port}}
+Restart=always
+RestartSec=3
+StandardOutput=journal
+StandardError=journal
+SyslogIdentifier=openwebui
+
+[Install]
+WantedBy=multi-user.target