Huge role refactoring/cleanup. Other commits will propably follow. Because some bugs will exist. Still important for longrun and also for auto docs/help/slideshow generation

2025-08-29 23:08:06 +02:00 · 2025-07-08 23:43:13 +02:00
parent 6b87a049d4
commit 563d5fd528
1242 changed files with 2301 additions and 1355 deletions
--- a/roles/web-app-peertube/tasks/create-domains.yml
+++ b/roles/web-app-peertube/tasks/create-domains.yml
@@ -0,0 +1,9 @@
+- name: "include role for {{application_id}} to receive certs & do modification routines"
+  include_role:
+    name: webserver-composer
+
+- name: configure {{domain}}.conf
+  template: 
+    src:  "templates/peertube.conf.j2"
+    dest: "{{nginx.directories.http.servers}}{{domain}}.conf"
+  notify: restart nginx
--- a/roles/web-app-peertube/tasks/disable-oidc.yml
+++ b/roles/web-app-peertube/tasks/disable-oidc.yml
@@ -0,0 +1,5 @@
+- name: "Uninstall auth-openid-connect plugin for Peertube"
+  command: >
+    docker exec {{ container_name }} \
+    npm run plugin:uninstall -- --npm-name {{oidc_plugin}}
+  ignore_errors: true
--- a/roles/web-app-peertube/tasks/enable-oidc.yml
+++ b/roles/web-app-peertube/tasks/enable-oidc.yml
@@ -0,0 +1,33 @@
+- name: "Load OIDC Settings vor Peertube"
+  include_vars: vars/oidc-settings.yml
+  changed_when: false
+
+- name: Check if OIDC plugin is already installed
+  command: >
+    docker exec {{ container_name }} test -d /data/plugins/data/peertube-plugin-auth-openid-connect
+  register: peertube_oidc_plugin_check
+  failed_when:  false
+  changed_when: false
+
+- name: "Install auth-openid-connect plugin for Peertube"
+  command: >
+    docker exec {{ container_name }} \
+    npm run plugin:install -- --npm-name {{oidc_plugin}}
+  when: peertube_oidc_plugin_check.rc != 0
+  notify: docker compose up
+
+- name: "Update the settings column of the auth-openid-connect plugin"
+  community.postgresql.postgresql_query:
+    db: "{{ database_name }}"
+    login_user: "{{ database_username }}"
+    login_password: "{{ database_password }}"
+    login_host: "127.0.0.1"
+    login_port: "{{ database_port }}"
+    query: |
+      UPDATE public.plugin
+      SET settings = '{{ oidc_settings | to_json }}',
+      enabled = TRUE,
+      uninstalled = FALSE
+      WHERE name = 'auth-openid-connect';
+  notify: docker compose up
+  when: peertube_oidc_plugin_check.rc != 0
--- a/roles/web-app-peertube/tasks/main.yml
+++ b/roles/web-app-peertube/tasks/main.yml
@@ -0,0 +1,20 @@
+---
+- name: "include service-rdbms-central"
+  include_role: 
+    name: service-rdbms-central
+  
+- name: "include create-domains.yml for peertube"
+  include_tasks: create-domains.yml
+  loop: "{{ domains.peertube }}"
+  loop_control:
+    loop_var: domain
+  vars:
+    http: "{{ ports.localhost.http[application_id] }}"
+
+- name: "Install and activate auth-openid-connect plugin if OIDC is enabled"
+  include_tasks: enable-oidc.yml
+  when: applications | is_feature_enabled('oidc',application_id)
+
+- name: "Deinstall and disable auth-openid-connect plugin if OIDC is enabled"
+  include_tasks: disable-oidc.yml
+  when: applications | is_feature_enabled('oidc',application_id)