kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-11-04 04:08:15 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
7a38cb90fbe5171485ead448187fc4b2a188a5c4
computer-playbook/roles/web-app-xwiki/vars/main.yml

74 lines
4.1 KiB
YAML
Raw Blame History

# General
application_id: "web-app-xwiki"
database_type: "{{ applications | get_app_conf(application_id, 'docker.services.database.type') }}"
domain: "{{ domains | get_domain(application_id) }}"
container_port: 8080
container_hostname: "{{ domain }}"
# XWiki
XWIKI_HOST_PORT: "{{ ports.localhost.http[application_id] }}"
## URLs
XWIKI_HOSTNAME: "{{ container_hostname }}"
## Paths
XWIKI_HOST_PROPERTIES_PATH: "{{ [docker_compose.directories.config, 'xwiki.properties'] | path_join }}"
XWIKI_DOCK_DATA_DIR: "/usr/local/xwiki"
## Docker
XWIKI_IMAGE_CUSTOM: "xwiki_custom"
XWIKI_IMAGE: "{{ applications | get_app_conf(application_id, 'docker.services.xwiki.image') }}"
XWIKI_VERSION: "{{ applications | get_app_conf(application_id, 'docker.services.xwiki.version') }}"
XWIKI_CONTAINER: "{{ applications | get_app_conf(application_id, 'docker.services.xwiki.name') }}"
XWIKI_DATA_VOLUME: "{{ applications | get_app_conf(application_id, 'docker.volumes.data') }}"
# Feature toggles (must be set in config/main.yml -> features)
XWIKI_LDAP_ENABLED: "{{ applications | get_app_conf(application_id, 'features.ldap') }}"
XWIKI_OIDC_ENABLED: "{{ applications | get_app_conf(application_id, 'features.oidc') }}"
XWIKI_SSO_ENABLED: "{{ (XWIKI_OIDC_ENABLED | bool) or (XWIKI_LDAP_ENABLED | bool) }}"
# Admin credentials (must be provided via inventory/vault)
XWIKI_ADMIN_USER: "{{ users.administrator.username }}"
XWIKI_ADMIN_GROUP: "{{ application_id }}-administrator"
# Superadministrator
XWIKI_SUPERADMIN_PASSWORD: "{{ applications | get_app_conf(application_id, 'credentials.superadminpassword') }}"
XWIKI_SUPERADMIN_USERNAME: "superadmin"
# REST endpoint (local inside container)
XWIKI_REST_BASE: "{{ ['http://127.0.0.1:'~ XWIKI_HOST_PORT, '/rest/'] | url_join }}"
XWIKI_REST_XWIKI: "{{ [XWIKI_REST_BASE, 'wikis/xwiki'] | url_join }}"
XWIKI_REST_XWIKI_PAGES: "{{ [XWIKI_REST_BASE, 'wikis/xwiki/spaces/XWiki/pages'] | url_join }}"
# LDAP configuration (mapped to LDAP.* context)
XWIKI_LDAP_SERVER: "{{ LDAP.SERVER.DOMAIN }}"
XWIKI_LDAP_PORT: "{{ LDAP.SERVER.PORT }}"
XWIKI_LDAP_BASE_DN: "{{ LDAP.DN.ROOT }}"
XWIKI_LDAP_BIND_DN: "{{ LDAP.DN.ADMINISTRATOR.DATA }}"
XWIKI_LDAP_BIND_PASS: "{{ LDAP.BIND_CREDENTIAL }}"
XWIKI_LDAP_TRYLOCAL: "{{ applications | get_app_conf(application_id, 'ldap.local_enabled') }}"
XWIKI_LDAP_FIELDS_MAPPING: "last_name={{ LDAP.USER.ATTRIBUTES.SURNAME }},first_name={{ LDAP.USER.ATTRIBUTES.FIRSTNAME }},email={{ LDAP.USER.ATTRIBUTES.MAIL }}"
XWIKI_LDAP_ADMIN_GROUP_DN: "cn={{ XWIKI_ADMIN_GROUP ~ ',' ~ LDAP.DN.OU.GROUPS }}"
# OIDC configuration (must exist in OIDC.* context)
XWIKI_OIDC_PROVIDER: "{{ OIDC.CLIENT.ISSUER_URL }}"
XWIKI_OIDC_AUTHORIZATION: "{{ OIDC.CLIENT.AUTHORIZE_URL }}"
XWIKI_OIDC_TOKEN: "{{ OIDC.CLIENT.TOKEN_URL }}"
XWIKI_OIDC_USERINFO: "{{ OIDC.CLIENT.USER_INFO_URL }}"
XWIKI_OIDC_LOGOUT: "{{ OIDC.CLIENT.LOGOUT_URL }}"
XWIKI_OIDC_CLIENT_ID: "{{ OIDC.CLIENT.ID }}"
XWIKI_OIDC_CLIENT_SECRET: "{{ OIDC.CLIENT.SECRET }}"
XWIKI_OIDC_SCOPES: "openid,email,profile,{{ RBAC.GROUP.CLAIM }}"
XWIKI_OIDC_GROUPS_CLAIM: "{{ RBAC.GROUP.CLAIM }}"
XWIKI_OIDC_ADMIN_PROVIDER_GROUP: "{{ [RBAC.GROUP.NAME, XWIKI_ADMIN_GROUP] | path_join }}"
# Collect enabled plugin items from config/main.yml
XWIKI_PLUGINS: >-
{{
(applications | get_app_conf(application_id, 'plugins'))
| dict2items | selectattr('value.enabled','equalto', true)
| map(attribute='value.items') | list | sum(start=[])
}}
Reference in New Issue View Git Blame Copy Permalink