3 Commits

Author	SHA1	Message	Date
Kevin Veen-Birkenbach	f576b42579	XWiki: two-phase bootstrap + extension install before enabling auth; add XOR validation ... - Add 02_validation.yml to prevent OIDC+LDAP enabled simultaneously - Introduce _flush_config.yml with switches (OIDC/LDAP/superadmin) - Bootstrap with native+superadmin → create admin → install extensions (superadmin) → enable final auth - Refactor REST vars (XWIKI_REST_BASE, XWIKI_REST_XWIKI, XWIKI_REST_EXTENSION_INSTALL) - Update templates to use switch vars; gate OIDC block in properties - Idempotent REST readiness waits Conversation: https://chatgpt.com/share/68c40c1e-2b3c-800f-b59f-8d37baa9ebb2	2025-09-12 14:04:02 +02:00
Kevin Veen-Birkenbach	b7a7be4737	Fix XWiki automation bootstrap: ... - Accept HTTP 302 (Distribution Wizard redirects) in REST readiness and extension checks - Treat 302 as missing admin user during bootstrap - Move superadmin password to xwiki.cfg (correct location) - Disable automatic Distribution Wizard start in xwiki.properties - Standardize run_once includes for postgres, cdn, and xwiki roles See: https://chatgpt.com/share/68c3a67b-80b4-800f-8a90-ebdcd4abb86c	2025-09-12 06:50:24 +02:00
Kevin Veen-Birkenbach	6418a462ec	XWiki: LDAP/OIDC admin mapping, config mounts, and REST installs ... - LDAP: move settings to xwiki.cfg; enable trylocal (1/0), group_mapping to XWiki.XWikiAdminGroup, and mode_group_sync=always. - OIDC: add groups claim request (oidc.userinfoclaims), map provider group to XWiki.XWikiAdminGroup, and use space-separated scopes. - Compose: mount xwiki.cfg and xwiki.properties into /usr/local/xwiki. - Extensions: wait for REST readiness; pre-check OIDC/LDAP extensions (URL-encoded IDs); install via REST job only if missing. - Vars: strict mappings to LDAP.* and OIDC.* (no defaults), add XWIKI_ADMIN_GROUP and derived DNs. - Config: expose ldap.local_enabled; tidy meta tags; README grammar update. Conversation: https://chatgpt.com/share/68c2b8ad-4814-800f-b377-065f967998db	2025-09-11 13:55:53 +02:00