Refactor and cleanup OIDC, desktop, and web-app roles

- Improved OIDC variable definitions (12_oidc.yml) - Added account/security/profile URLs - Restructured web-app-desktop tasks and JS handling - Introduced oidc.js and iframe.js with runtime loader - Fixed nginx.conf, LDAP, and healthcheck templates spacing - Improved Lua injection for CSP and snippets - Fixed typos (WordPress, receive, etc.) - Added silent-check-sso nginx location Conversation: https://chatgpt.com/share/68ae0060-4fac-800f-9f02-22592a4087d3
2025-08-29 23:08:06 +02:00 · 2025-08-26 20:44:05 +02:00
parent ce033c370a
commit c182ecf516
33 changed files with 543 additions and 146 deletions
--- a/roles/web-app-desktop/templates/menu/header.yml.j2
+++ b/roles/web-app-desktop/templates/menu/header.yml.j2
@@ -17,4 +17,39 @@
      description: Reload the application
      icon:
        class: fa-solid fa-rotate-right
-      url:   "{{ WEB_PROTOCOL }}://{{ domains | get_domain('web-app-desktop') }}"
+      url:   "{{ domains | get_url('web-app-desktop', WEB_PROTOCOL) }}"
+
+{% if DESKTOP_OIDC_ENABLED | bool %}
+
+    - name: Account
+      description: Manage your Account
+      icon:
+        class: fa-solid fa-user
+      children:
+        - name: Profile
+          description: Manage your profile
+          icon:
+            class: fa-solid fa-id-card
+          url: {{ OIDC.CLIENT.ACCOUNT.PROFILE_URL }}
+          iframe: {{ DESKTOP_KEYCLOAK_IFRAME_ENABLED }}
+        - name: Security
+          description: Manage your security settings
+          icon:
+            class: fa-solid fa-user-gear
+          url: {{ OIDC.CLIENT.ACCOUNT.SECURITY_URL }}
+          iframe: {{ DESKTOP_KEYCLOAK_IFRAME_ENABLED }}
+        - name: Logout
+          description: "Logout from {{ SOFTWARE_NAME }} on {{ PRIMARY_DOMAIN }}"
+          target: "_top"  
+          icon:
+            class: fa-solid fa-right-from-bracket
+          url: {{ OIDC.CLIENT.LOGOUT_URL }}
+          iframe: false # Neccesary to refresh desktop page after logout
+    - name: Login
+      description: "Login to {{ SOFTWARE_NAME }} on {{ PRIMARY_DOMAIN }}"
+      target: "_top"
+      icon:
+        class: fa-solid fa-right-to-bracket
+      url: {{ DESKTOP_KEYCLOAK_LOGIN_URL }}
+      iframe: false # Neccesary to refresh desktop page after login
+{% endif %}