kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-02-23 04:49:40 +01:00
Code Issues Packages Projects Releases Wiki Activity
computer-playbook/roles/docker-nextcloud/tasks/oidc_tasks.yml

33 lines
2.0 KiB
YAML
Raw Blame History

# @See https://chatgpt.com/share/6798189e-9c00-800f-923c-5ce3cfbdf405
- name: Flush all handlers immediately so that occ can be used
meta: flush_handlers
- name: Set hide_login_form to true
command: "docker exec -u www-data {{nextcloud_application_container_name}} /var/www/html/occ config:system:set --type boolean --value true hide_login_form"
- name: Set auth.webauthn.enabled to false
command: docker exec -u www-data {{nextcloud_application_container_name}} /var/www/html/occ config:system:set --type boolean --value false auth.webauthn.enabled"
- name: Set allow_login_connect to 1
command: >
docker-compose exec -u www-data application /var/www/html/occ
config:app:set sociallogin allow_login_connect --value="1"
# This configuration allows users to connect multiple accounts to their Nextcloud profile
# using the sociallogin app.
- name: Set custom_providers
command: >
docker-compose exec -u www-data application /var/www/html/occ
config:app:set sociallogin custom_providers
--value='{"custom_oidc":[{"name":"{{domains.keycloak}}","title":"keycloak","authorizeUrl":"{{oidc_client_authorize_url}}","tokenUrl":"{{oidc_client_toke_url}}","displayNameClaim":"","userInfoUrl":"{{oidc_client_user_info_url}}","logoutUrl":"{{oidc_client_logout_url}}","clientId":"{{oidc_client_id}}","clientSecret":"{{oidc_client_secret}}","scope":"openid","groupsClaim":"","style":"","defaultGroup":""}]}'
# This configuration defines custom OpenID Connect (OIDC) providers for authentication.
# In this case, it sets up a Keycloak provider with details like URLs for authorization,
# token retrieval, user info, and logout, as well as the client ID and secret.
- name: Set prevent_create_email_exists to 1
command: >
docker-compose exec -u www-data application /var/www/html/occ
config:app:set sociallogin prevent_create_email_exists --value="1"
# This configuration prevents the creation of new Nextcloud users if an account with the
# same email address already exists in the system. It helps avoid duplicate accounts.
Reference in New Issue View Git Blame Copy Permalink