mirror of
https://github.com/kevinveenbirkenbach/computer-playbook.git
synced 2025-02-22 12:29:39 +01:00
36 lines
2.4 KiB
YAML
36 lines
2.4 KiB
YAML
# @See https://chatgpt.com/share/6798189e-9c00-800f-923c-5ce3cfbdf405
|
|
|
|
- name: Flush all handlers immediately so that occ can be used
|
|
meta: flush_handlers
|
|
|
|
- name: Set hide_login_form to true
|
|
command: "docker exec -u www-data {{nextcloud_application_container_name}} /var/www/html/occ config:system:set --type boolean --value true hide_login_form"
|
|
|
|
- name: "Set auth.webauthn.enabled to false"
|
|
command: "docker exec -u www-data {{nextcloud_application_container_name}} /var/www/html/occ config:system:set --type boolean --value false auth.webauthn.enabled"
|
|
|
|
- name: Set allow_login_connect to 1
|
|
command: "docker exec -u www-data {{nextcloud_application_container_name}} /var/www/html/occ config:app:set sociallogin allow_login_connect --value='1'"
|
|
# This configuration allows users to connect multiple accounts to their Nextcloud profile
|
|
# using the sociallogin app.
|
|
|
|
- name: install sociallogin plugin
|
|
command: "docker exec -u www-data {{nextcloud_application_container_name}} /var/www/html/occ app:install sociallogin"
|
|
ignore_errors: true
|
|
|
|
- name: enable sociallogin plugin
|
|
command: "docker exec -u www-data {{nextcloud_application_container_name}} /var/www/html/occ app:enable sociallogin"
|
|
|
|
- name: Set custom_providers
|
|
command: >
|
|
docker exec -u www-data {{nextcloud_application_container_name}} /var/www/html/occ
|
|
config:app:set sociallogin custom_providers
|
|
--value='{"custom_oidc":[{"name":"{{domains.keycloak}}","title":"keycloak","style":"keycloak","authorizeUrl":"{{oidc.client.authorize_url}}","tokenUrl":"{{oidc.client.toke_url}}","displayNameClaim":"","userInfoUrl":"{{oidc.client.user_info_url}}","logoutUrl":"{{oidc.client.logout_url}}","clientId":"{{oidc.client.id}}","clientSecret":"{{oidc.client.secret}}","scope":"openid","groupsClaim":"","style":"","defaultGroup":""}]}'
|
|
# This configuration defines custom OpenID Connect (OIDC) providers for authentication.
|
|
# In this case, it sets up a Keycloak provider with details like URLs for authorization,
|
|
# token retrieval, user info, and logout, as well as the client ID and secret.
|
|
|
|
- name: Set prevent_create_email_exists to 1
|
|
command: 'docker exec -u www-data {{nextcloud_application_container_name}} /var/www/html/occ config:app:set sociallogin prevent_create_email_exists --value="1"'
|
|
# This configuration prevents the creation of new Nextcloud users if an account with the
|
|
# same email address already exists in the system. It helps avoid duplicate accounts. |