diff --git a/roles/docker-keycloak/templates/import/realm.json.j2 b/roles/docker-keycloak/templates/import/realm.json.j2 index 540ba1f8..716df9a1 100644 --- a/roles/docker-keycloak/templates/import/realm.json.j2 +++ b/roles/docker-keycloak/templates/import/realm.json.j2 @@ -835,7 +835,7 @@ "secret": "{{oidc.client.secret}}", {%- set redirect_uris = [] %} {%- for application, domain in domains.items() %} - {%- if applications[application] is defined and (applications | is_feature_enabled('oauth2',application) or applications | is_feature_enabled('oidc',application)) %} + {%- if applications[application] is defined and (applications | is_feature_enabled('oauth2',application) or applications | is_feature_enabled('oidc',application_id)) %} {%- if domain is string %} {%- set _ = redirect_uris.append(web_protocol ~ '://' ~ domain ~ '/*') %} {%- else %} diff --git a/roles/docker-moodle/tasks/main.yml b/roles/docker-moodle/tasks/main.yml index 7182b64e..34b09d6b 100644 --- a/roles/docker-moodle/tasks/main.yml +++ b/roles/docker-moodle/tasks/main.yml @@ -10,9 +10,15 @@ domain: "{{ domains[application_id] }}" http_port: "{{ ports.localhost.http[application_id] }}" +- name: "Transfer Dockerfile to {{ docker_compose.directories.instance }}" + copy: + src: Dockerfile.j2 + dest: "{{ docker_compose.directories.instance }}Dockerfile" + notify: docker compose project build and setup + - name: "copy docker-compose.yml and env file" include_tasks: copy-docker-compose-and-env.yml - name: "Configure OIDC login for Moodle if enabled" include_tasks: oidc.yml - when: applications | is_feature_enabled('oidc',application) + when: applications | is_feature_enabled('oidc',application_id) diff --git a/roles/docker-moodle/tasks/oidc.yml b/roles/docker-moodle/tasks/oidc.yml index 5349809c..872da595 100644 --- a/roles/docker-moodle/tasks/oidc.yml +++ b/roles/docker-moodle/tasks/oidc.yml @@ -1,13 +1,4 @@ --- -- name: "Ensure OIDC plugin is installed inside container" - command: > - docker exec {{ container_name }} bash -c ' - set -e; - cd /bitnami/moodle; - if [ ! -d "auth/oidc" ]; then - git clone https://github.com/microsoft/moodle-auth_oidc.git auth/oidc; - fi' - - name: "Upgrade Moodle to apply OIDC plugin" command: "docker exec {{ container_name }} php admin/cli/upgrade.php --non-interactive" diff --git a/roles/docker-moodle/templates/Dockerfile.j2 b/roles/docker-moodle/templates/Dockerfile.j2 new file mode 100644 index 00000000..c6e81985 --- /dev/null +++ b/roles/docker-moodle/templates/Dockerfile.j2 @@ -0,0 +1,14 @@ +FROM bitnami/moodle:{{ applications[application_id].version }} + +{% if applications | is_feature_enabled('oidc',application_id) %} +# Install git (required to clone the OIDC plugin) +USER root +RUN install_packages git unzip + +# Clone the Microsoft OIDC plugin into Moodle's auth directory +RUN git clone https://github.com/microsoft/moodle-auth_oidc.git \ + /opt/bitnami/moodle/auth/oidc && \ + chown -R www-data:www-data /opt/bitnami/moodle/auth/oidc + +USER 1001 +{% endif %} \ No newline at end of file diff --git a/roles/docker-moodle/templates/docker-compose.yml.j2 b/roles/docker-moodle/templates/docker-compose.yml.j2 index 34dd495c..6c9f0596 100644 --- a/roles/docker-moodle/templates/docker-compose.yml.j2 +++ b/roles/docker-moodle/templates/docker-compose.yml.j2 @@ -3,7 +3,10 @@ services: {% include 'roles/docker-central-database/templates/services/' + database_type + '.yml.j2' %} moodle: container_name: {{ container_name }} - image: docker.io/bitnami/moodle:{{applications.moodle.version}} + build: + context: . + dockerfile: Dockerfile + image: moodle_custom ports: - 127.0.0.1:{{ports.localhost.http[application_id]}}:8080 {% include 'roles/docker-compose/templates/services/base.yml.j2' %}