feat(nextcloud): integrate Talk & Whiteboard; refactor to NEXTCLOUD_* vars; full-stack setup

config(ports): add Nextcloud websocket port (4003); canonical domains (nextcloud/talk/whiteboard) refactor: unify get_app_conf usage & Jinja spacing; migrate paths/handlers to new NEXTCLOUD_* vars feat(plugins): split plugin routines; configure Whiteboard via occ (URL + JWT) fix(oidc): use NEXTCLOUD_URL for logout; correct LDAP attribute mappings; add OIDC flavor switch feat: Whiteboard container & reverse-proxy location; Talk STUN/WS ports; Redis URL for Whiteboard chore: drop obsolete TODO; minor cleanups in oauth2-proxy, matrix, peertube, pgadmin, phpldapadmin, pixelfed, phpmyadmin security(schema): Bluesky jwt_secret now base64_prefixed_32; add Nextcloud whiteboard_jwt_secret db: normalize postgres image tag templating; central DB host checks spacing fixes ops: add full-stack bootstrap (certs, proxy, volumes); internal nginx config reload handler update refs: https://chatgpt.com/share/68b5f5b7-8d64-800f-b001-1241f818dc0e
2025-09-09 19:57:16 +02:00 · 2025-09-01 21:37:02 +02:00
parent 110381e80c
commit 7ca8b7c71d
48 changed files with 276 additions and 201 deletions
--- a/roles/web-app-nextcloud/config/main.yml
+++ b/roles/web-app-nextcloud/config/main.yml
@@ -17,8 +17,9 @@ server:
        - "{{ WEBSOCKET_PROTOCOL }}://collabora.{{ PRIMARY_DOMAIN }}"
  domains:
    canonical:
-      - "cloud.{{ PRIMARY_DOMAIN }}"
-      # talk:       "talk.{{ PRIMARY_DOMAIN }}" @todo needs to be activated
+      nextcloud:    "cloud.{{ PRIMARY_DOMAIN }}"
+      talk:         "talk.{{ PRIMARY_DOMAIN }}"
+      whiteboard:   "whiteboard.{{ PRIMARY_DOMAIN }}"
 docker:
  volumes:
    data: nextcloud_data
@@ -45,8 +46,14 @@ docker:
      name:     "nextcloud-talk"
      image:    "nextcloud/aio-talk"
      version:  "latest"
-      enabled:  false # Not enabled yet, because just implemented during refactoring and not tested yet. if tested activate
-oidc:
+      backup:
+        no_stop_required: false
+    whiteboard:
+      name:     "nextcloud-whiteboard"
+      image:    "ghcr.io/nextcloud-releases/whiteboard"
+      version:  "latest"
+      backup:
+        no_stop_required: true
  enabled:  "{{ applications | get_app_conf('web-app-nextcloud', 'features.oidc', False, True) }}"   # Activate OIDC for Nextcloud
  # floavor decides which OICD plugin should be used. 
  # Available options: oidc_login, sociallogin
@@ -72,7 +79,8 @@ performance:
    opcache_memory_consumption: "{{ ((ansible_memtotal_mb | int) / 30)|int }}M" # Dynamic set memory consumption

 plugins_enabled:                true                                            # Implemented for speeding up testing and debugging process. For productive environments keep it true and steer the apps via the plugins config
-
+oidc:
+  flavor:                       "{{ _applications_nextcloud_oidc_flavor }}" 
 plugins:                                                  
 # List for Nextcloud Plugin Routine
 # Decides if plugins should be activated or deactivated