Joomla: Add LDAP autocreate plugin support

- Introduced autocreate_users feature flag in config/main.yml
- Added ldapautocreate.php and ldapautocreate.xml plugin files
- Implemented tasks/01_ldap_files.yml for plugin deployment
- Added tasks/05_ldap.yml to configure LDAP plugin and register ldapautocreate
- Renamed tasks for better structure (01→02, 02→03, etc.)
- Updated cli-ldap.php.j2 for clean parameter handling
- Mounted ldapautocreate plugin via docker-compose.yml.j2
- Extended vars/main.yml with LDAP autocreate configuration

Ref: https://chatgpt.com/share/68b0802f-bfd4-800f-b10a-57cf0c091f7e

roles/web-app-joomla/tasks/01_ldap_files.yml

@@ -0,0 +1,25 @@
+- name: "Render LDAP CLI helper"
+  template:
+    src: cli-ldap.php.j2
+    dest: "{{ JOOMLA_LDAP_CONF_FILE }}"
+    mode: "0644"
+  when: JOOMLA_LDAP_ENABLED | bool
+  notify: docker compose restart
+
+- block:
+  - name: "Ensure ldapautocreate plugin hostdir exists"
+    file:
+      path: "{{ JOOMLA_LDAP_AUT_CRT_HOST_DIR }}"
+      state: directory
+      mode: "0755"
+
+  - name: "Deploy ldapautocreate plugin files"
+    copy:
+      src: "ldapautocreate.{{ item }}"
+      dest: "{{ [ JOOMLA_LDAP_AUT_CRT_HOST_DIR, 'ldapautocreate.' ~ item ] | path_join }}"
+      mode: "0644"
+    notify: docker compose restart
+    loop:
+      - php
+      - xml
+  when: JOOMLA_LDAP_AUTO_CREATE_ENABLED | bool

roles/web-app-joomla/tasks/04_ldap.yml

@@ -1,9 +0,0 @@
-- name: "Configure LDAP plugin params via helper"
-  command: >
-    docker exec {{ JOOMLA_CONTAINER }}
-    php cli/cli-ldap.php
-  register: ldap_conf
-  changed_when: "'configured' in ldap_conf.stdout | lower"
-  async: "{{ ASYNC_TIME if ASYNC_ENABLED | bool else omit }}"
-  poll:  "{{ ASYNC_POLL if ASYNC_ENABLED | bool else omit }}"
-  when: JOOMLA_LDAP_ENABLED | bool

roles/web-app-joomla/tasks/05_ldap.yml

@@ -0,0 +1,56 @@
+- name: "Configure LDAP plugin params via helper"
+  command: >
+    docker exec {{ JOOMLA_CONTAINER }}
+    sh -c 'test -f /var/www/html/cli/cli-ldap.php && php /var/www/html/cli/cli-ldap.php'
+  register: ldap_conf
+  changed_when: "'configured' in ldap_conf.stdout | lower"
+  async: "{{ ASYNC_TIME if ASYNC_ENABLED | bool else omit }}"
+  poll: "{{ ASYNC_POLL if ASYNC_ENABLED | bool else omit }}"
+  when: JOOMLA_LDAP_ENABLED | bool
+
+- name: "Register & enable ldapautocreate Joomla system plugin"
+  command: >
+    docker exec {{ JOOMLA_CONTAINER }}
+    sh -lc '
+      test -f /var/www/html/plugins/system/ldapautocreate/ldapautocreate.php ||
+        { echo "ERROR: plugin file missing"; exit 1; };
+      php -r "
+      define(\"_JEXEC\",1);
+      \$root=\"/var/www/html\";
+      require \$root.\"/includes/defines.php\";
+      require \$root.\"/includes/framework.php\";
+      \$dbo = Joomla\\CMS\\Factory::getDbo();
+      \$ext = \$dbo->setQuery(
+        \"SELECT * FROM #__extensions WHERE type=\\\"plugin\\\" AND folder=\\\"system\\\" AND element=\\\"ldapautocreate\\\"\"
+      )->loadObject();
+      if (!\$ext) {
+        \$row = (object)[
+          \"name\" => \"plg_system_ldapautocreate\",
+          \"type\" => \"plugin\",
+          \"element\" => \"ldapautocreate\",
+          \"folder\" => \"system\",
+          \"enabled\" => 1,
+          \"access\" => 1,
+          \"protected\" => 0,
+          \"manifest_cache\" => \"{}\",
+          \"params\" => \"{}\",
+          \"custom_data\" => \"{}\",
+          \"state\" => 0,
+          \"ordering\" => 0,
+          \"client_id\" => 0
+        ];
+        \$dbo->insertObject(\"#__extensions\", \$row);
+        echo \"Plugin registered + enabled\\n\";
+      } else {
+        \$ext->enabled = 1;
+        \$dbo->updateObject(\"#__extensions\", \$ext, \"extension_id\");
+        echo \"Plugin already exists, just enabled\\n\";
+      }
+      "
+    '
+  register: ldapautocreate_reg
+  changed_when: >
+    ('registered + enabled' in (ldapautocreate_reg.stdout | lower)) or
+    ('just enabled' in (ldapautocreate_reg.stdout | lower))
+  failed_when: ldapautocreate_reg.rc != 0
+  when: JOOMLA_LDAP_AUTO_CREATE_ENABLED | bool

roles/web-app-joomla/tasks/main.yml

@@ -1,12 +1,12 @@
 ---
-- name: "Include role srv-domain-provision for {{ application_id }}"
-  include_role:
-    name: srv-domain-provision
-  loop: "{{ JOOMLA_DOMAINS }}"
-  loop_control:
-    loop_var: domain
-  vars:
-    http_port: "{{ ports.localhost.http[application_id] }}"
+#- name: "Include role srv-domain-provision for {{ application_id }}"
+#  include_role:
+#    name: srv-domain-provision
+#  loop: "{{ JOOMLA_DOMAINS }}"
+#  loop_control:
+#    loop_var: domain
+#  vars:
+#    http_port: "{{ ports.localhost.http[application_id] }}"
 
 - name: "load docker and db for {{ application_id }}"
   include_role: 
@@ -14,12 +14,8 @@
   vars:
     docker_compose_flush_handlers: false
 
-- name: "Render LDAP CLI helper"
-  template:
-    src: cli-ldap.php.j2
-    dest: "{{ JOOMLA_LDAP_CONF_FILE }}"
-    mode: "0644"
-  when: JOOMLA_LDAP_ENABLED | bool
+- name: Include install routines
+  include_tasks: "01_ldap_files.yml"
 
 - name: "flush docker compose handlers"
   meta: flush_handlers
@@ -27,8 +23,8 @@
 - name: Include install routines
   include_tasks: "{{ item }}"
   loop:
-    - 01_install.yml
-    - 02_debug.yml
-    - 03_patch.yml
-    - 04_ldap.yml
-    - 05_assert.yml
+    - 02_install.yml
+    - 03_debug.yml
+    - 04_patch.yml
+    - 05_ldap.yml
+    - 06_assert.yml