CI: fix vault/markdown/license errors

- Remove ANSIBLE_VAULT_PASSWORD_FILE env (invalid /dev/null)
- Fix markdown table spacing in docs/reference/*.md
- Whitelist Python-2.0 license (argparse dependency)

.gitea/workflows/ci.yml

@@ -119,7 +119,6 @@ jobs:
 
           echo "ANSIBLE_CONFIG=/tmp/ci-ansible.cfg" >> "$GITHUB_ENV"
           echo "ANSIBLE_INVENTORY=/tmp/ci-inventory.ini" >> "$GITHUB_ENV"
-          echo "ANSIBLE_VAULT_PASSWORD_FILE=/dev/null" >> "$GITHUB_ENV"
 
       - name: Install Python and dependencies
         run: |
@@ -259,7 +258,7 @@ jobs:
           if [ -f "package.json" ]; then
             npm ci
             # Exclude the repo itself (private=true packages are treated as UNLICENSED by license-checker).
-            license-checker --excludePrivatePackages --onlyAllow 'MIT;Apache-2.0;BSD-3-Clause;ISC;BSD-2-Clause'
+            license-checker --excludePrivatePackages --onlyAllow 'MIT;Apache-2.0;BSD-3-Clause;ISC;BSD-2-Clause;Python-2.0'
           else
             echo "No package.json found, skipping license check"
           fi
@@ -375,7 +374,6 @@ jobs:
 
           echo "ANSIBLE_CONFIG=/tmp/ci-ansible.cfg" >> "$GITHUB_ENV"
           echo "ANSIBLE_INVENTORY=/tmp/ci-inventory.ini" >> "$GITHUB_ENV"
-          echo "ANSIBLE_VAULT_PASSWORD_FILE=/dev/null" >> "$GITHUB_ENV"
 
       - name: Install Python and dependencies
         run: |

docs/reference/applications.md

@@ -6,7 +6,7 @@ Complete inventory of applications and tools deployed by Ansible playbooks.
 
 ### 🔧 System Tools
 | Package | Description | Source | Role |
-|---------|-------------|--------|------|
+| --------- | ------------- | -------- | ------ |
 | curl | Command line HTTP client | apt | base |
 | wget | Network downloader | apt | base |
 | unzip | Archive extraction | apt | base |
@@ -20,7 +20,7 @@ Complete inventory of applications and tools deployed by Ansible playbooks.
 
 ### 🔒 Security Tools
 | Package | Description | Source | Role |
-|---------|-------------|--------|------|
+| --------- | ------------- | -------- | ------ |
 | ufw | Uncomplicated Firewall | apt | ssh |
 | fail2ban | Intrusion prevention | apt | monitoring |
 | openssh-server | SSH daemon | apt | ssh |
@@ -31,7 +31,7 @@ Complete inventory of applications and tools deployed by Ansible playbooks.
 
 ### 💻 Development Tools
 | Package | Description | Source | Role |
-|---------|-------------|--------|------|
+| --------- | ------------- | -------- | ------ |
 | git | Version control | apt | development |
 | nodejs | JavaScript runtime | apt | development |
 | npm | Node package manager | apt | development |
@@ -41,7 +41,7 @@ Complete inventory of applications and tools deployed by Ansible playbooks.
 
 ### 🐳 Container Platform
 | Package | Description | Source | Role |
-|---------|-------------|--------|------|
+| --------- | ------------- | -------- | ------ |
 | docker-ce | Docker Community Edition | docker | docker |
 | docker-ce-cli | Docker CLI | docker | docker |
 | containerd.io | Container runtime | docker | docker |
@@ -50,7 +50,7 @@ Complete inventory of applications and tools deployed by Ansible playbooks.
 
 ### 🖥️ Shell Environment
 | Package | Description | Source | Role |
-|---------|-------------|--------|------|
+| --------- | ------------- | -------- | ------ |
 | zsh | Z shell | apt | shell |
 | tmux | Terminal multiplexer | apt | shell |
 | fzf | Fuzzy finder | apt | shell |
@@ -58,7 +58,7 @@ Complete inventory of applications and tools deployed by Ansible playbooks.
 
 ### 📊 Monitoring Tools
 | Package | Description | Source | Role |
-|---------|-------------|--------|------|
+| --------- | ------------- | -------- | ------ |
 | htop | Process viewer | apt | monitoring |
 | btop | Modern system monitor | snap | monitoring |
 | iotop | I/O monitor | apt | monitoring |
@@ -74,13 +74,13 @@ Complete inventory of applications and tools deployed by Ansible playbooks.
 
 ### 🌐 Network Tools
 | Package | Description | Source | Role |
-|---------|-------------|--------|------|
+| --------- | ------------- | -------- | ------ |
 | tailscale | Mesh VPN client | tailscale | tailscale |
 | tailscaled | Tailscale daemon | tailscale | tailscale |
 
 ### 🖱️ Desktop Applications
 | Package | Description | Source | Role |
-|---------|-------------|--------|------|
+| --------- | ------------- | -------- | ------ |
 | copyq | Clipboard manager (history/search) | apt | applications |
 | evince | PDF viewer | apt | applications |
 | redshift | Blue light filter | apt | applications |
@@ -148,7 +148,7 @@ Maintains existing installations:
 ## Package Sources
 
 | Source | Description | Configuration |
-|--------|-------------|---------------|
+| -------- | ------------- | --------------- |
 | apt | Debian/Ubuntu packages | System default |
 | snap | Snap packages | snapd daemon |
 | docker | Docker repository | Docker GPG key + repo |
@@ -158,7 +158,7 @@ Maintains existing installations:
 ## Services Enabled
 
 | Service | Description | Management |
-|---------|-------------|------------|
+| --------- | ------------- | ------------ |
 | docker | Container runtime | systemctl |
 | tailscaled | VPN daemon | systemctl |
 | ufw | Firewall | systemctl |

docs/reference/makefile.md

@@ -6,7 +6,7 @@ Complete reference for all available `make` commands in the Ansible project.
 
 ### Setup & Testing
 | Command | Description | Usage |
-|---------|-------------|-------|
+| --------- | ------------- | ------- |
 | `help` | Show all available commands | `make help` |
 | `bootstrap` | Install required collections and dependencies | `make bootstrap` |
 | `test` | Run all tests (lint + syntax check) | `make test` |
@@ -17,7 +17,7 @@ Complete reference for all available `make` commands in the Ansible project.
 
 ### Deployment
 | Command | Description | Usage |
-|---------|-------------|-------|
+| --------- | ------------- | ------- |
 | `apply` | Run development playbook on all dev hosts | `make apply` |
 | `local` | Run local playbook on localhost | `make local` |
 | `dev` | Run on specific host | `make dev HOST=dev01` |
@@ -27,7 +27,7 @@ Complete reference for all available `make` commands in the Ansible project.
 
 ### System Maintenance
 | Command | Description | Usage |
-|---------|-------------|-------|
+| --------- | ------------- | ------- |
 | `maintenance` | Run system maintenance | `make maintenance [GROUP=dev] [HOST=dev01]` |
 | | | Options: `SERIAL=1 CHECK=true VERBOSE=true` |
 | `maintenance-dev` | Run maintenance on dev group | `make maintenance-dev` |
@@ -37,7 +37,7 @@ Complete reference for all available `make` commands in the Ansible project.
 
 ### Security & Networking
 | Command | Description | Usage |
-|---------|-------------|-------|
+| --------- | ------------- | ------- |
 | `security` | Run only security-related roles | `make security` |
 | `tailscale` | Install Tailscale on all machines | `make tailscale` |
 | `tailscale-check` | Check Tailscale installation (dry-run) | `make tailscale-check` |
@@ -46,7 +46,7 @@ Complete reference for all available `make` commands in the Ansible project.
 
 ### Applications & Tools
 | Command | Description | Usage |
-|---------|-------------|-------|
+| --------- | ------------- | ------- |
 | `docker` | Install/configure Docker only | `make docker` |
 | `shell` | Configure shell only | `make shell` |
 | `apps` | Install applications only | `make apps` |
@@ -56,9 +56,9 @@ Complete reference for all available `make` commands in the Ansible project.
 
 ### VM & Host Management
 | Command | Description | Usage |
-|---------|-------------|-------|
+| --------- | ------------- | ------- |
 | `create-vm` | Create Ansible controller VM on Proxmox | `make create-vm` |
-| `proxmox-info` | Show Proxmox guest info (LXC/VM) | `make proxmox-info [PROJECT=projectA] [ALL=true] [TYPE=lxc\|qemu\|all]` |
+| `proxmox-info` | Show Proxmox guest info (LXC/VM) | `make proxmox-info [PROJECT=projectA] [ALL=true] [TYPE=lxc/qemu/all]` |
 | `app-provision` | Provision app project guests on Proxmox | `make app-provision PROJECT=projectA` |
 | `app-configure` | Configure OS + app on project guests | `make app-configure PROJECT=projectA` |
 | `app` | Provision + configure app project guests | `make app PROJECT=projectA` |
@@ -69,7 +69,7 @@ Complete reference for all available `make` commands in the Ansible project.
 
 ### SSH & Vault Management
 | Command | Description | Usage |
-|---------|-------------|-------|
+| --------- | ------------- | ------- |
 | `copy-ssh-key` | Copy SSH key to specific host | `make copy-ssh-key HOST=giteaVM` |
 | `create-vault` | Create encrypted vault file | `make create-vault` |
 | `edit-vault` | Edit encrypted host vars | `make edit-vault HOST=dev01` |
@@ -79,7 +79,7 @@ Complete reference for all available `make` commands in the Ansible project.
 
 ### Debugging & Cleanup
 | Command | Description | Usage |
-|---------|-------------|-------|
+| --------- | ------------- | ------- |
 | `debug` | Run with debug output enabled | `make debug` |
 | `verbose` | Run with verbose output | `make verbose` |
 | `clean` | Clean up ansible artifacts | `make clean` |
@@ -90,7 +90,7 @@ Complete reference for all available `make` commands in the Ansible project.
 Many commands accept these optional variables:
 
 | Variable | Description | Example |
-|----------|-------------|---------|
+| ---------- | ------------- | --------- |
 | `HOST` | Target specific host | `HOST=dev01` |
 | `GROUP` | Target specific group | `GROUP=dev` |
 | `CHECK` | Run in check mode (dry-run) | `CHECK=true` |
@@ -170,7 +170,7 @@ make debug
 The Makefile respects these environment variables:
 
 | Variable | Description | Default |
-|----------|-------------|---------|
+| ---------- | ------------- | --------- |
 | `ANSIBLE_CONFIG` | Ansible configuration file | `./ansible.cfg` |
 | `ANSIBLE_VAULT_PASSWORD_FILE` | Vault password file | `~/.ansible-vault-pass` |
 | `ANSIBLE_HOST_KEY_CHECKING` | SSH host key checking | `False` |