Fix RBAC groups handling and refactor Keycloak role

- Fixed incorrect handling of RBAC group configuration (moved from OIDC claims into dedicated RBAC variable set). - Unified RBAC group usage across applications (LAM, pgAdmin, phpLDAPadmin, phpMyAdmin, YOURLS). - Replaced old 'KEYCLOAK_OIDC_RBAC_SCOPE_NAME' with dedicated 'KEYCLOAK_RBAC_GROUP_*' variables. - Updated OAuth2 Proxy configuration to use 'RBAC.GROUP.CLAIM'. - Refactored Keycloak role task structure: * Renamed and reorganized task files for clarity ('_update.yml', '02_cleanup.yml', etc.). * Introduced meta and dependency handling separation. - Cleaned up Keycloak config defaults and recaptcha placeholders.
2025-08-29 15:06:26 +02:00 · 2025-08-17 23:27:01 +02:00
parent 5f0762e4f6 5642793f4a
commit d1cd87c843
24 changed files with 66 additions and 58 deletions
--- a/roles/web-app-bigbluebutton/tasks/main.yml
+++ b/roles/web-app-bigbluebutton/tasks/main.yml
@@ -13,7 +13,7 @@
  include_role:
    name: cmp-docker-proxy
  vars:
-    docker_compose_flush_handlers:      false
+    docker_compose_flush_handlers: false
 - name: "include 04_seed-database-to-backup.yml"
  include_tasks: "{{ playbook_dir }}/roles/sys-bkp-docker-2-loc/tasks/04_seed-database-to-backup.yml"