refactor: switch architecture diagram to dark theme and show all roles

**Changed:**

- Updated all detail box background and text colors to use a dark theme for better
  readability and visual consistency across the architecture diagram
- Modified generated SVG to use a dark background and light text, updating
  palette and Mermaid CLI config for dark mode
- Changed role listing in detail boxes to show all roles instead of truncating
  and summarizing with "+N more"
- Updated diagram generation script to write a Mermaid config file for dark
  theme and clean it up after rendering
- Improved color contrast and adjusted SVG node and edge styling for dark theme
- Removed the "Diagram source" collapsible section from the README and from
  auto-generated README content for a cleaner appearance

**Removed:**

- Truncation and "+N more" logic from role display in detail boxes to ensure
  all roles are listed for each category
- "Diagram source" details section from README and generated README content

Author: l50

.hooks/gen-arch-diagram.py

@@ -22,35 +22,35 @@
         "names": ["laps_dc"],
         "color": "#f39c12",
         "border": "#d68910",
-        "detail_bg": "#fef9f0",
+        "detail_bg": "#3d2e0a",
     }),
     ("SCCM", {
         "prefixes": ["sccm_"],
         "names": [],
         "color": "#1abc9c",
         "border": "#16a085",
-        "detail_bg": "#f0fcfa",
+        "detail_bg": "#0d2e28",
     }),
     ("Vulnerabilities", {
         "prefixes": ["vulns_"],
         "names": [],
         "color": "#9b59b6",
         "border": "#8e44ad",
-        "detail_bg": "#f8f2fc",
+        "detail_bg": "#2a1a33",
     }),
     ("Security", {
         "prefixes": ["security_"],
         "names": ["dc_audit_sacl", "ldap_diagnostic_logging"],
         "color": "#e67e22",
         "border": "#d35400",
-        "detail_bg": "#fef5ed",
+        "detail_bg": "#3a2210",
     }),
     ("Settings", {
         "prefixes": ["settings_"],
         "names": [],
         "color": "#3498db",
         "border": "#2980b9",
-        "detail_bg": "#f0f7fd",
+        "detail_bg": "#132a3d",
     }),
     ("Active Directory", {
         "prefixes": [],
@@ -66,7 +66,7 @@
         ],
         "color": "#e74c3c",
         "border": "#c0392b",
-        "detail_bg": "#fdf2f2",
+        "detail_bg": "#3a1515",
     }),
     ("Server Roles", {
         "prefixes": ["mssql_"],
@@ -77,7 +77,7 @@
         ],
         "color": "#2ecc71",
         "border": "#27ae60",
-        "detail_bg": "#f2fdf5",
+        "detail_bg": "#133320",
     }),
 ]
 
@@ -137,22 +137,21 @@ def discover_collection(collection_path):
     return sorted(roles), sorted(plugins), sorted(playbooks)
 
 
-def abbreviate_roles(roles, prefixes=None, max_shown=6):
-    """Return a string summarising roles for the detail box."""
+def abbreviate_roles(roles, prefixes=None):
+    """Return a string listing all roles for the detail box."""
     def strip_prefix(name):
         if prefixes:
             for p in prefixes:
                 if name.startswith(p):
                     return name[len(p):]
         return name
 
-    display = [strip_prefix(r) for r in roles[:max_shown]]
-    suffix = f" +{len(roles) - max_shown} more" if len(roles) > max_shown else ""
-    # Use bullet separator, ~3 per line via <br/>
+    display = [strip_prefix(r) for r in roles]
+    # 3 per line via <br/>
     chunks = []
     for i in range(0, len(display), 3):
         chunks.append(" &bull; ".join(display[i:i + 3]))
-    return "<br/>".join(chunks) + suffix
+    return "<br/>".join(chunks)
 
 
 def generate_mermaid(roles, plugins, playbooks):
@@ -225,7 +224,7 @@ def generate_mermaid(roles, plugins, playbooks):
         )
         lines.append(
             f"    style {nid}_detail fill:{cat_cfg['detail_bg']},"
-            f"stroke:{cat_cfg['border']},color:#333"
+            f"stroke:{cat_cfg['border']},color:#ccc"
         )
 
     return "\n".join(lines)
@@ -245,12 +244,22 @@ def render_svg(mmd_path, svg_path):
             return False
         cmd = [npx, "--yes", "@mermaid-js/mermaid-cli"]
 
-    cmd += ["-i", str(mmd_path), "-o", str(svg_path), "--theme", "default", "-w", "1600"]
+    # Use dark theme with dark background
+    config_path = mmd_path.parent / "mermaid-config.json"
+    config_path.write_text('{"theme":"dark","themeVariables":{"darkMode":true}}\n')
+    cmd += [
+        "-i", str(mmd_path), "-o", str(svg_path),
+        "-c", str(config_path),
+        "-b", "#1a1a2e",
+        "-w", "1600",
+    ]
     try:
         subprocess.run(cmd, check=True, capture_output=True, text=True)
     except subprocess.CalledProcessError as exc:
         print(f"Error rendering SVG: {exc.stderr}", file=sys.stderr)
         return False
+    finally:
+        config_path.unlink(missing_ok=True)
     return True
 
 
@@ -280,20 +289,6 @@ def update_readme(readme_path="README.md"):
 
 ![Architecture](docs/architecture.svg)
 
-<details>
-<summary>Diagram source</summary>
-
-The diagram is auto-generated from the collection structure by a pre-commit hook.
-Source: [`docs/architecture.mmd`](docs/architecture.mmd)
-
-To regenerate manually:
-
-```bash
-python .hooks/gen-arch-diagram.py
-```
-
-</details>
-
 """
 
     new_content = content[:start_pos] + new_section + content[end_pos:]

README.md

@@ -12,20 +12,6 @@ by Orange Cyberdefense.
 
 ![Architecture](docs/architecture.svg)
 
-<details>
-<summary>Diagram source</summary>
-
-The diagram is auto-generated from the collection structure by a pre-commit hook.
-Source: [`docs/architecture.mmd`](docs/architecture.mmd)
-
-To regenerate manually:
-
-```bash
-python .hooks/gen-arch-diagram.py
-```
-
-</details>
-
 ## Requirements
 
 - Ansible >= 2.15

docs/architecture.mmd

@@ -10,28 +10,28 @@ graph LR
     Collection --> ServerRoles["Server Roles<br/><i>15 roles</i>"]
 
     LAPS -.- LAPS_detail["dc &bull; permissions &bull; server<br/>verify"]
-    SCCM -.- SCCM_detail["config_accounts &bull; config_boundary &bull; config_client_install<br/>config_client_push &bull; config_discovery &bull; config_naa +8 more"]
-    Vulnerabilities -.- Vulnerabilities_detail["acls &bull; adcs_templates &bull; administrator_folder<br/>anonymous_enum &bull; autologon &bull; credentials +14 more"]
-    Security -.- Security_detail["dc_audit_sacl &bull; ldap_diagnostic_logging &bull; account_is_sensitive<br/>asr &bull; audit_policy &bull; enable_run_as_ppl +2 more"]
-    Settings -.- Settings_detail["adjust_rights &bull; admin_password &bull; copy_files<br/>disable_nat_adapter &bull; enable_nat_adapter &bull; gpmc +7 more"]
-    ActiveDirectory -.- ActiveDirectory_detail["acl &bull; ad &bull; adcs<br/>adcs_templates &bull; child_domain &bull; dc_dns_conditional_forwarder +15 more"]
-    ServerRoles -.- ServerRoles_detail["common &bull; commonwkstn &bull; dhcp<br/>elk &bull; fix_dns &bull; iis +9 more"]
+    SCCM -.- SCCM_detail["config_accounts &bull; config_boundary &bull; config_client_install<br/>config_client_push &bull; config_discovery &bull; config_naa<br/>config_pxe &bull; config_users &bull; install_adk<br/>install_iis &bull; install_mecm &bull; install_prerequisites<br/>install_wsus &bull; pxe"]
+    Vulnerabilities -.- Vulnerabilities_detail["acls &bull; adcs_templates &bull; administrator_folder<br/>anonymous_enum &bull; autologon &bull; credentials<br/>directory &bull; disable_firewall &bull; enable_credssp_client<br/>enable_credssp_server &bull; enable_llmnr &bull; enable_nbt_ns<br/>files &bull; mssql &bull; ntlmdowngrade<br/>openshares &bull; permissions &bull; schedule<br/>shares &bull; smbv1"]
+    Security -.- Security_detail["dc_audit_sacl &bull; ldap_diagnostic_logging &bull; account_is_sensitive<br/>asr &bull; audit_policy &bull; enable_run_as_ppl<br/>ensure_kb_not_installed &bull; powershell_restrict"]
+    Settings -.- Settings_detail["adjust_rights &bull; admin_password &bull; copy_files<br/>disable_nat_adapter &bull; enable_nat_adapter &bull; gpmc<br/>gpo_remove &bull; hostname &bull; keyboard<br/>no_updates &bull; updates &bull; user_rights<br/>windows_defender"]
+    ActiveDirectory -.- ActiveDirectory_detail["acl &bull; ad &bull; adcs<br/>adcs_templates &bull; child_domain &bull; dc_dns_conditional_forwarder<br/>disable_user &bull; dns_conditional_forwarder &bull; domain_controller<br/>domain_controller_slave &bull; enable_user &bull; gmsa<br/>gmsa_hosts &bull; groups_domains &bull; member_server<br/>move_to_ou &bull; onlyusers &bull; parent_child_dns<br/>password_policy &bull; sync_domains &bull; trusts"]
+    ServerRoles -.- ServerRoles_detail["common &bull; commonwkstn &bull; dhcp<br/>elk &bull; fix_dns &bull; iis<br/>localusers &bull; logs_windows &bull; mssql<br/>audit &bull; link &bull; reporting<br/>ssms &bull; ps &bull; webdav"]
 
     Collection --> Playbooks["Playbooks<br/><i>1 playbooks</i>"]
 
     style Collection fill:#4a9eff,stroke:#2d7cd4,color:#fff,font-weight:bold
     style Playbooks fill:#7f8c8d,stroke:#6c7a7d,color:#fff
     style LAPS fill:#f39c12,stroke:#d68910,color:#fff
-    style LAPS_detail fill:#fef9f0,stroke:#d68910,color:#333
+    style LAPS_detail fill:#3d2e0a,stroke:#d68910,color:#ccc
     style SCCM fill:#1abc9c,stroke:#16a085,color:#fff
-    style SCCM_detail fill:#f0fcfa,stroke:#16a085,color:#333
+    style SCCM_detail fill:#0d2e28,stroke:#16a085,color:#ccc
     style Vulnerabilities fill:#9b59b6,stroke:#8e44ad,color:#fff
-    style Vulnerabilities_detail fill:#f8f2fc,stroke:#8e44ad,color:#333
+    style Vulnerabilities_detail fill:#2a1a33,stroke:#8e44ad,color:#ccc
     style Security fill:#e67e22,stroke:#d35400,color:#fff
-    style Security_detail fill:#fef5ed,stroke:#d35400,color:#333
+    style Security_detail fill:#3a2210,stroke:#d35400,color:#ccc
     style Settings fill:#3498db,stroke:#2980b9,color:#fff
-    style Settings_detail fill:#f0f7fd,stroke:#2980b9,color:#333
+    style Settings_detail fill:#132a3d,stroke:#2980b9,color:#ccc
     style ActiveDirectory fill:#e74c3c,stroke:#c0392b,color:#fff
-    style ActiveDirectory_detail fill:#fdf2f2,stroke:#c0392b,color:#333
+    style ActiveDirectory_detail fill:#3a1515,stroke:#c0392b,color:#ccc
     style ServerRoles fill:#2ecc71,stroke:#27ae60,color:#fff
-    style ServerRoles_detail fill:#f2fdf5,stroke:#27ae60,color:#333
+    style ServerRoles_detail fill:#133320,stroke:#27ae60,color:#ccc