Huge role refactoring/cleanup. Other commits will propably follow. Because some bugs will exist. Still important for longrun and also for auto docs/help/slideshow generation

2025-09-09 11:47:14 +02:00 · 2025-07-08 23:43:13 +02:00
parent 6b87a049d4
commit 563d5fd528
1242 changed files with 2301 additions and 1355 deletions
--- a/roles/web-app-nextcloud/vars/plugins/sociallogin.yml
+++ b/roles/web-app-nextcloud/vars/plugins/sociallogin.yml
@@ -0,0 +1,86 @@
+plugin_configuration:
+  -
+    appid: "sociallogin"
+    # This configuration allows users to connect multiple accounts to their Nextcloud profile
+    # using the sociallogin app.
+    configkey: "allow_login_connect"
+    configvalue: 1
+  -
+    appid: "sociallogin"
+    configkey: "auto_create_groups"
+    configvalue: ""
+  -
+    appid: "sociallogin"
+    configkey: "button_text_wo_prefix"
+    configvalue: ""
+  -
+    appid: "sociallogin"
+    configkey: "create_disabled_users"
+    configvalue: ""
+  -
+    appid: "sociallogin"
+    # This configuration defines custom OpenID Connect (OIDC) providers for authentication.
+    # In this case, it sets up a Keycloak provider with details like URLs for authorization,
+    # token retrieval, user info, and logout, as well as the client ID and secret.
+    configkey: "custom_providers"
+    configvalue: 
+      custom_oidc:
+        - name: "{{ domains | get_domain('keycloak') }}"
+          title: "keycloak"
+          style: "keycloak"
+          authorizeUrl: "{{ oidc.client.authorize_url }}"
+          tokenUrl: "{{ oidc.client.token_url }}"
+          displayNameClaim: ""
+          userInfoUrl: "{{ oidc.client.user_info_url }}"
+          logoutUrl: "{{ oidc.client.logout_url }}"
+          clientId: "{{ oidc.client.id }}"
+          clientSecret: "{{ oidc.client.secret }}"
+          scope: "openid"
+          groupsClaim: ""
+          defaultGroup: ""
+  -
+    appid: "sociallogin"
+    configkey: "disable_notify_admins"
+    configvalue: ""
+  -
+    appid: "sociallogin"
+    configkey: "disable_registration"
+    configvalue: ""
+  -
+    appid: "sociallogin"
+    configkey: "enabled"
+    configvalue: "yes"
+  -
+    appid: "sociallogin"
+    configkey: "hide_default_login"
+    configvalue: ""
+  -
+    appid: "sociallogin"
+    configkey: "no_prune_user_groups"
+    configvalue: ""
+  -
+    appid: "sociallogin"
+    configkey: "oauth_providers"
+    configvalue: "null"
+  -
+    appid: "sociallogin"
+    # This configuration prevents the creation of new Nextcloud users if an account with the
+    # same email address already exists in the system. It helps avoid duplicate accounts.
+    configkey: "prevent_create_email_exists"
+    configvalue: 1
+  -
+    appid: "sociallogin"
+    configkey: "restrict_users_wo_assigned_groups"
+    configvalue: ""
+  -
+    appid: "sociallogin"
+    configkey: "restrict_users_wo_mapped_groups"
+    configvalue: ""
+  -
+    appid: "sociallogin"
+    configkey: "types"
+    configvalue: ""
+  -
+    appid: "sociallogin"
+    configkey: "update_profile_on_login"
+    configvalue: 1