# Installs OIDC / LDAP using a temporary Groovy page that calls the # Extension Script Service (services.extension.install). # Avoids REST job API and any Namespace class import for portability. # # Flow: # - Bootstrap config renders with both auth backends OFF (already in your role). # - This file installs required extensions on the current wiki. # - Final config later turns auth ON (already in your role). # # Notes: # - We print machine-readable markers so Ansible can assert deterministically. # - We protect XWiki's {{groovy}} wiki macro from Jinja by using {% raw %}…{% endraw %}. - name: "XWIKI | Build Groovy installer code from static file (base64 payload)" vars: _wanted_b64: "{{ XWIKI_PLUGINS | to_json | b64encode }}" set_fact: _install_code: >- {{ lookup('file', 'roles/web-app-xwiki/files/extension_installer_b64.groovy') | regex_replace('__WANTED_B64__', _wanted_b64) }} - name: "XWIKI | PUT installer page Main.InstallExtensions" uri: url: "{{ [XWIKI_REST_XWIKI_PAGES, 'InstallExtensions'] | url_join }}" method: PUT user: "{{ XWIKI_SUPERADMIN_USERNAME }}" password: "{{ XWIKI_SUPERADMIN_PASSWORD }}" force_basic_auth: true status_code: [200, 201, 202, 204] headers: Content-Type: "application/xml" Accept: "application/xml" body: | InstallExtensions xwiki/2.1 register: _put_page - name: "XWIKI | Execute installer page" uri: url: "http://127.0.0.1:{{ XWIKI_HOST_PORT }}/bin/view/XWiki/InstallExtensions?xpage=plain" method: GET user: "{{ XWIKI_SUPERADMIN_USERNAME }}" password: "{{ XWIKI_SUPERADMIN_PASSWORD }}" force_basic_auth: true status_code: [200] return_content: yes timeout: 300 register: _exec_page retries: 20 delay: 15 until: _exec_page is succeeded - name: "XWIKI | Delete installer page" uri: url: "{{ [XWIKI_REST_XWIKI_PAGES, 'InstallExtensions'] | url_join }}" method: DELETE user: "{{ XWIKI_SUPERADMIN_USERNAME }}" password: "{{ XWIKI_SUPERADMIN_PASSWORD }}" force_basic_auth: true status_code: [204, 200, 202, 404] register: _delete_page changed_when: _delete_page.status != 404