kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-08-29 15:06:26 +02:00
Code Issues Packages Projects Releases Wiki Activity

Implemented Nextcloud Plugin Routine

Browse Source
This commit is contained in:
Kevin Veen-Birkenbach
2025-02-27 15:28:43 +01:00
parent 3d096f1fc7
commit 1756babbc2
12 changed files with 262 additions and 67 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
roles/docker-nextcloud/tasks/ldap.yml
View File

@@ -1,14 +1,6 @@
# @See https://docs.nextcloud.com/server/latest/admin_manual/configuration_user/user_auth_ldap.html
# @See https://chatgpt.com/c/67aa2d21-cb4c-800f-b1be-8629b6bd3f55
# @todo implement
- name: install LDAP plugin
command: "docker exec -u www-data {{nextcloud_application_container_name}} {{nextcloud_docker_path}}occ app:install user_ldap"
ignore_errors: true
- name: Activate Nextcloud LDAP App
command: "docker exec -u www-data {{ nextcloud_application_container_name }} php occ app:enable user_ldap"
- name: Load LDAP Nextcloud configuration variables
include_vars:
file: ldap.yml
@@ -16,10 +8,10 @@
- name: Set Nextcloud LDAP config
loop: "{{ nextcloud_ldap_configuration }}"
command: >
docker exec -u www-data {{ nextcloud_application_container_name }}
docker exec -u www-data {{ applications.nextcloud.container.application }}
php occ config:app:set {{ item.appid }} {{ item.configkey }} --value "{{ item.configvalue }}"
- name: Set Nextcloud LDAP bind password
command: >
docker exec -u www-data {{ nextcloud_application_container_name }}
docker exec -u www-data {{ applications.nextcloud.container.application }}
php occ ldap:set-config s01 ldapAgentPassword "{{ ldap.bind_credential }}"

4
roles/docker-nextcloud/tasks/legacy_login_mask.yml
View File

@@ -1,5 +1,5 @@
- name: Set hide_login_form to true
command: "docker exec -u www-data {{nextcloud_application_container_name}} {{nextcloud_docker_path}}occ config:system:set --type boolean --value {{ (not applications[application_id].legacy_login_mask.enabled) | lower }} hide_login_form"
command: "docker exec -u www-data {{applications.nextcloud.container.application}} {{nextcloud_docker_path}}occ config:system:set --type boolean --value {{ (not applications[application_id].legacy_login_mask.enabled) | lower }} hide_login_form"
- name: "Set auth.webauthn.enabled to false"
command: "docker exec -u www-data {{nextcloud_application_container_name}} {{nextcloud_docker_path}}occ config:system:set --type boolean --value {{applications[application_id].legacy_login_mask.enabled | lower}} auth.webauthn.enabled"
command: "docker exec -u www-data {{applications.nextcloud.container.application}} {{nextcloud_docker_path}}occ config:system:set --type boolean --value {{applications[application_id].legacy_login_mask.enabled | lower}} auth.webauthn.enabled"

14
roles/docker-nextcloud/tasks/main.yml
View File

@@ -13,7 +13,7 @@
- name: Remove OIDC configuration lines from config.php if present (container)
command: >
docker exec -u www-data {{ nextcloud_application_container_name }} sh -c "sed -i '/CONFIG_EXTRA = include.*oidc\.config\.php/d' /var/www/html/config/config.php && sed -i '/CONFIG = array_merge(\\$CONFIG, \\$CONFIG_EXTRA)/d' /var/www/html/config/config.php"
docker exec -u www-data {{ applications.nextcloud.container.application }} sh -c "sed -i '/CONFIG_EXTRA = include.*oidc\.config\.php/d' /var/www/html/config/config.php && sed -i '/CONFIG = array_merge(\\$CONFIG, \\$CONFIG_EXTRA)/d' /var/www/html/config/config.php"
when: applications[application_id].oidc.flavor == "sociallogin" and mode_cleanup | bool
- name: "include role for {{application_id}} to recieve certs & do modification routines"
@@ -35,6 +35,18 @@
- name: "copy docker-compose.yml and env file"
include_tasks: copy-docker-compose-and-env.yml
- name: Flush all handlers immediately so that occ can be used
meta: flush_handlers
- name: Setup Nextcloud Plugins
include_tasks: plugin.yml
loop: "{{applications[application_id].plugins | dict2items }}"
loop_control:
loop_var: plugin_item
vars:
plugin_name: "{{ plugin_item.key }}"
plugin_configuration: "{{ plugin_item.value }}"
- name: "Include OIDC-specific tasks with flavor {{applications[application_id].oidc.flavor}}"
include_tasks: "{{applications[application_id].oidc.flavor}}.yml"
when: applications[application_id].oidc.enabled | bool

12
roles/docker-nextcloud/tasks/oidc_login.yml
View File

@@ -1,13 +1,3 @@
- name: enable sociallogin plugin
command: "docker exec -u www-data {{nextcloud_application_container_name}} {{nextcloud_docker_path}}occ app:disable sociallogin"
ignore_errors: true
when:
- mode_cleanup | bool
- name: install oidc_login plugin
command: "docker exec -u www-data {{nextcloud_application_container_name}} {{nextcloud_docker_path}}occ app:install oidc_login"
ignore_errors: true
- name: Add OIDC configuration if not implemented yet
command: >
docker exec -u www-data {{ nextcloud_application_container_name }} sh -c 'grep -q "CONFIG_EXTRA = include" ./config/config.php || echo -e "\n\$CONFIG_EXTRA = include '\''{{nextcloud_docker_oidc_login_config_path}}'\'';\n\$CONFIG = array_merge(\$CONFIG, \$CONFIG_EXTRA);" >> ./config/config.php'
docker exec -u www-data {{ applications.nextcloud.container.application }} sh -c 'grep -q "CONFIG_EXTRA = include" ./config/config.php || echo -e "\n\$CONFIG_EXTRA = include '\''{{nextcloud_docker_oidc_login_config_path}}'\'';\n\$CONFIG = array_merge(\$CONFIG, \$CONFIG_EXTRA);" >> ./config/config.php'

14
roles/docker-nextcloud/tasks/plugin.yml Normal file
View File

@@ -0,0 +1,14 @@
- name: "Disable incompatible plugins for {{plugin_name}}."
command: "docker exec -u www-data {{applications.nextcloud.container.application}} {{nextcloud_docker_path}}occ app:disable {{incompatible_plugin}}"
loop: "{{plugin_configuration.incompatible_plugins}}"
loop_control:
loop_var: incompatible_plugin
when: plugin_configuration.incompatible_plugins is defined and plugin_configuration.incompatible_plugins | length > 0
- name: install {{ plugin_name }} nextcloud plugin
command: "docker exec -u www-data {{ applications.nextcloud.container.application }} {{ nextcloud_docker_path }}occ app:install {{ plugin_name }}"
register: install_result
failed_when: install_result.rc != 0 and ("already installed" not in install_result.stdout)
- name: enable {{plugin_name}} nextcloud plugin
command: "docker exec -u www-data {{applications.nextcloud.container.application}} {{nextcloud_docker_path}}occ app:enable {{plugin_name}}"

19
roles/docker-nextcloud/tasks/sociallogin.yml
View File

@@ -1,21 +1,4 @@
# @See https://chatgpt.com/share/6798189e-9c00-800f-923c-5ce3cfbdf405
- name: Flush all handlers immediately so that occ can be used
meta: flush_handlers
- name: disable oidc_login plugin
command: "docker exec -u www-data {{nextcloud_application_container_name}} {{nextcloud_docker_path}}occ app:disable oidc_login"
ignore_errors: true
when:
- mode_cleanup | bool
- name: install sociallogin plugin
command: "docker exec -u www-data {{nextcloud_application_container_name}} {{nextcloud_docker_path}}occ app:install sociallogin"
ignore_errors: true
- name: enable sociallogin plugin
command: "docker exec -u www-data {{nextcloud_application_container_name}} {{nextcloud_docker_path}}occ app:enable sociallogin"
- name: Load Sociallogin configuration variables
include_vars:
file: sociallogin.yml
@@ -24,5 +7,5 @@
loop: "{{ nextcloud_sociallogin_configuration}}"
# The | to_json function is necessary to escape custom_providers correct.
command: >
docker exec -u www-data {{ nextcloud_application_container_name }}
docker exec -u www-data {{ applications.nextcloud.container.application }}
php occ config:app:set {{ item.appid }} {{ item.configkey }} --value '{{ item.configvalue | to_json if item.configvalue is mapping else item.configvalue }}'