mirror of
https://github.com/kevinveenbirkenbach/computer-playbook.git
synced 2025-11-06 13:17:58 +00:00
Kevin Veen-Birkenbach
0bf286f62a
- Added 'font-src data:' to CSP whitelist to allow inline fonts in Admin UI - Refactored init.sh to run as root only for volume permission setup, then drop privileges to www-data - Unified all bash invocations to sh for POSIX compliance - Added missing 'bundles' named volume and mount to Docker Compose - Set init container to run as root (0:0) for permission setup - Added admin user rename step via Ansible task See discussion: https://chatgpt.com/share/69087361-859c-800f-862c-7413350cca3e
28 lines
1.2 KiB
YAML
28 lines
1.2 KiB
YAML
# Replace INFX_LDAP_PLUGIN with the actual plugin name you use
|
|
- name: "Install LDAP admin plugin & activate"
|
|
shell: |
|
|
docker exec -i --user {{ SHOPWARE_USER }} {{ SHOPWARE_WEB_CONTAINER }} sh -lc '
|
|
set -e
|
|
cd {{ SHOPWARE_ROOT }}
|
|
php bin/console plugin:refresh
|
|
php bin/console plugin:install --activate INFX_LDAP_PLUGIN || true
|
|
php bin/console cache:clear
|
|
'
|
|
args:
|
|
chdir: "{{ docker_compose.directories.instance }}"
|
|
|
|
- name: "Configure LDAP connection"
|
|
shell: |
|
|
docker exec -i --user {{ SHOPWARE_USER }} {{ SHOPWARE_WEB_CONTAINER }} sh -lc '
|
|
set -e
|
|
cd {{ SHOPWARE_ROOT }}
|
|
php bin/console system:config:set "InfxLdap.config.host" "{{ LDAP.SERVER.DOMAIN }}"
|
|
php bin/console system:config:set "InfxLdap.config.port" "{{ LDAP.SERVER.PORT }}"
|
|
php bin/console system:config:set "InfxLdap.config.bindDn" "{{ LDAP.DN.ADMINISTRATOR.DATA }}"
|
|
php bin/console system:config:set "InfxLdap.config.password" "{{ LDAP.BIND_CREDENTIAL }}"
|
|
php bin/console system:config:set "InfxLdap.config.userBase" "{{ LDAP.DN.OU.USERS }}"
|
|
php bin/console cache:clear
|
|
'
|
|
args:
|
|
chdir: "{{ docker_compose.directories.instance }}"
|