Added wordpress disourse draft

2025-09-18 00:06:05 +02:00 · 2025-04-22 12:50:48 +02:00
parent e1df746346
commit 3653b3111a
14 changed files with 110 additions and 833 deletions
--- a/roles/docker-wordpress/tasks/oidc/README.md
+++ b/roles/docker-wordpress/tasks/oidc/README.md
@@ -0,0 +1,2 @@
+# Wordpress with OIDC
+This folder contains the files to setup Wordpress with OIDC.
--- a/roles/docker-wordpress/tasks/oidc/install.yml
+++ b/roles/docker-wordpress/tasks/oidc/install.yml
@@ -0,0 +1,26 @@
+---
+- name: "Install OpenID Connect Generic Plugin via WP CLI"
+  command: >
+    docker-compose exec -u www-data -T application
+      wp plugin install daggerhart-openid-connect-generic
+      --path={{ wordpress_docker_html_path }}
+  args:
+    chdir: "{{ docker_compose.directories.instance }}"
+
+- name: Wait for Discourse API
+  wait_for:
+    host: "{{ domains.discourse }}"
+    port: 80
+    delay: 5
+    timeout: 600
+
+- name: "Activate OpenID Connect Generic Plugin"
+  command: >
+    docker-compose exec -u www-data -T application
+      wp plugin activate daggerhart-openid-connect-generic
+      --path={{ wordpress_docker_html_path }}
+  args:
+    chdir: "{{ docker_compose.directories.instance }}"
+
+- name: "Setup OIDC settings"
+  include_tasks: "settings.yml"
--- a/roles/docker-wordpress/tasks/oidc/settings.yml
+++ b/roles/docker-wordpress/tasks/oidc/settings.yml
@@ -0,0 +1,25 @@
+- name: "Load OIDC settings variables"
+  include_vars:
+    file: "{{ role_path }}/vars/oidc.yml"
+    name: oidc_vars
+
+- name: "Ensure the OIDC settings option exists as a PHP-serialized empty array"
+  # Generate an empty serialized array in the container, then add or update the option
+  command: >
+    docker-compose exec -u www-data -T application bash -lc
+    "serialized_empty_array=$(wp eval 'echo serialize(array());' --path={{ wordpress_docker_html_path }}); \
+     wp option add openid_connect_generic_settings \"$serialized_empty_array\" --path={{ wordpress_docker_html_path }} \
+     || wp option update openid_connect_generic_settings \"$serialized_empty_array\" --path={{ wordpress_docker_html_path }};"
+  args:
+    chdir: "{{ docker_compose.directories.instance }}"
+  failed_when: false
+
+- name: "Apply all OIDC settings via WP-CLI eval (safe via base64)"
+  # Convert the settings map to base64-encoded JSON to avoid shell escaping issues
+  vars:
+    oidc_settings_json_b64: "{{ oidc_vars.oidc_settings | to_json | b64encode }}"
+  command: >
+    docker-compose exec -u www-data -T application bash -lc
+      "wp eval \"update_option('openid_connect_generic_settings', json_decode(base64_decode('{{ oidc_settings_json_b64 }}'), true));\" --path={{ wordpress_docker_html_path }}"
+  args:
+    chdir: "{{ docker_compose.directories.instance }}"