web-app-taiga: refactor OIDC gating + defaults

- Introduced dedicated variables in vars/main.yml:
  * TAIGA_FLAVOR_TAIGAIO
  * TAIGA_TAIGAIO_ENABLED
- Replaced inline Jinja2 get_app_conf checks with TAIGA_TAIGAIO_ENABLED for
  consistency in tasks, docker-compose template and env file.
- Adjusted env.j2 to use TAIGA_TAIGAIO_ENABLED instead of direct flavor checks.
- Enabled css by default (true instead of false).
- Cleaned up spacing/indentation in config and env.

This improves readability, reduces duplicated logic, and makes it easier to
maintain both OIDC flavors (robrotheram, taigaio).

Conversation: https://chatgpt.com/share/68af65b3-27c0-800f-964f-ff4f2d96ff5d

roles/web-app-taiga/config/main.yml

@@ -7,17 +7,17 @@ oidc: {}
 flavor:               'taigaio' # Potential flavors: robrotheram, taigaio
 features:
   matomo:             true
-  css:                false
-  desktop:    true
+  css:                true
+  desktop:            true
   oidc:               false
   central_database:   true
   logout:             true
 docker:
   services:
     database:
-      enabled: true
+      enabled:        true
     taiga: 
-      version: "latest"
+      version:        "latest"
 server:
   csp:
     flags:

roles/web-app-taiga/tasks/main.yml

@@ -7,7 +7,7 @@
   template:
     src:  "taiga/{{item}}.py.j2"
     dest: "{{ docker_compose.directories.config }}taiga-{{item}}.py"
-  when:   applications | get_app_conf(application_id, 'features.oidc', True) and applications | get_app_conf(application_id, 'oidc.flavor', True) == 'taigaio'
+  when:   TAIGA_TAIGAIO_ENABLED | bool
   notify: docker compose up
   loop:   "{{ TAIGA_SETTING_FILES }}"
 

roles/web-app-taiga/templates/docker-compose.yml.j2

@@ -9,7 +9,7 @@
       - media-data:/taiga-back/media
       # - ./config.py:/taiga-back/settings/config.py
 
-{% if applications | get_app_conf(application_id, 'features.oidc', False) and applications | get_app_conf(application_id, 'oidc.flavor', True) == 'taigaio' %}
+{% if TAIGA_TAIGAIO_ENABLED %}
 
       - {{ docker_compose.directories.config }}taiga-local.py:/taiga-back/settings/local.py:ro
 
@@ -22,7 +22,7 @@
         condition: service_started
       taiga-async-rabbitmq:
         condition: service_started
-{% if applications | get_app_conf(application_id, 'features.oidc', False) and applications | get_app_conf(application_id, 'oidc.flavor', True) == 'taigaio' %}
+{% if TAIGA_TAIGAIO_ENABLED %}
     
     command: >
       /bin/sh -c "
@@ -42,7 +42,7 @@
       - media-data:/taiga-back/media
       # - ./config.py:/taiga-back/settings/config.py
 
-{% if applications | get_app_conf(application_id, 'features.oidc', False) and applications | get_app_conf(application_id, 'oidc.flavor', True) == 'taigaio' %}
+{% if TAIGA_TAIGAIO_ENABLED %}
 
 {% for item in TAIGA_SETTING_FILES %}
       - {{ docker_compose.directories.config }}taiga-{{ item }}.py:/taiga-back/settings/{{ item }}.py:ro
@@ -57,7 +57,7 @@
         condition: service_started
       taiga-async-rabbitmq:
         condition: service_started
-{% if applications | get_app_conf(application_id, 'features.oidc', False) and applications | get_app_conf(application_id, 'oidc.flavor', True) == 'taigaio' %}
+{% if TAIGA_TAIGAIO_ENABLED %}
     
     command: >
       /bin/sh -c "

roles/web-app-taiga/templates/env.j2

@@ -25,8 +25,8 @@ EMAIL_DEFAULT_FROM  =   "{{ users['no-reply'].email }}"         # default email
 DEFAULT_FROM_EMAIL  =   "{{ users['no-reply'].email }}"
 
 # EMAIL_USE_TLS/EMAIL_USE_SSL are mutually exclusive (only set one of those to True)
-EMAIL_USE_TLS   =   "{{ SYSTEM_EMAIL.TLS | capitalize }}"                   # use TLS (secure) connection with the SMTP server
-EMAIL_USE_SSL   =   "{{ 'False' if SYSTEM_EMAIL.START_TLS else 'True' }}"   # use implicit TLS (secure) connection with the SMTP server
+EMAIL_USE_TLS       =   "{{ SYSTEM_EMAIL.TLS | capitalize }}"                   # use TLS (secure) connection with the SMTP server
+EMAIL_USE_SSL       =   "{{ 'False' if SYSTEM_EMAIL.START_TLS else 'True' }}"   # use implicit TLS (secure) connection with the SMTP server
 
 RABBITMQ_USER=taiga
 RABBITMQ_PASS=taiga
@@ -46,9 +46,9 @@ MAX_AGE             =   360
 # Taiga's Telemetry - Variable to enable or disable the anonymous telemetry
 ENABLE_TELEMETRY    =   True
 
-{% if applications | get_app_conf(application_id, 'features.oidc', False) %}
+{% if TAIGA_OIDC_ENABLED %}
 
-{% if applications | get_app_conf(application_id, 'oidc.flavor') == 'taigaio' %}
+{% if TAIGA_TAIGAIO_ENABLED %}
 
 # OIDC via taigaio official contrib
 # @See https://github.com/taigaio/taiga-contrib-oidc-auth

roles/web-app-taiga/vars/main.yml

@@ -10,6 +10,8 @@ docker_pull_git_repository: true
 TAIGA_OIDC_ENABLED:           "{{ applications | get_app_conf(application_id, 'features.oidc') }}"
 TAIGA_FLAVOR_ROBROTHERAM:     "{{ applications | get_app_conf(application_id, 'oidc.flavor') == 'robrotheram' }}"
 TAIGA_ROBROTHERAM_ENABLED:    "{{ TAIGA_OIDC_ENABLED and TAIGA_FLAVOR_ROBROTHERAM }}"
+TAIGA_FLAVOR_TAIGAIO:         "{{ applications | get_app_conf(application_id, 'oidc.flavor') == 'taigaio' }}"
+TAIGA_TAIGAIO_ENABLED:        "{{ TAIGA_OIDC_ENABLED and TAIGA_FLAVOR_TAIGAIO }}"
 TAIGA_EMAIL_BACKEND:          "{{ 'smtp' if SYSTEM_EMAIL.SMTP else 'console' }}"  ## use an SMTP server or display the emails in the console (either "smtp" or "console")
 TAIGA_DOCKER_COMPOSE_INIT:    "{{ [ docker_compose.directories.instance,'docker-compose-inits.yml.j2' ] | path_join }}"
 TAIGA_DOCKER_IMAGE_BACKEND:   "{{ 'robrotheram/taiga-back-openid' if TAIGA_ROBROTHERAM_ENABLED else 'taigaio/taiga-back' }}"