kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-09-14 14:26:04 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
f576b4257973d74d0ff26d2bb59a06a3e4204d7d
computer-playbook/roles/web-app-xwiki/tasks/03_administrator.yml
Kevin Veen-Birkenbach f576b42579 XWiki: two-phase bootstrap + extension install before enabling auth; add XOR validation 
- Add 02_validation.yml to prevent OIDC+LDAP enabled simultaneously
- Introduce _flush_config.yml with switches (OIDC/LDAP/superadmin)
- Bootstrap with native+superadmin → create admin → install extensions (superadmin) → enable final auth
- Refactor REST vars (XWIKI_REST_BASE, XWIKI_REST_XWIKI, XWIKI_REST_EXTENSION_INSTALL)
- Update templates to use switch vars; gate OIDC block in properties
- Idempotent REST readiness waits

Conversation: https://chatgpt.com/share/68c40c1e-2b3c-800f-b59f-8d37baa9ebb2
2025-09-12 14:04:02 +02:00

44 lines
1.5 KiB
YAML
Raw Blame History

---
# Wait until REST endpoint is available (01_core usually ensures this, but add safety)
- name: "XWIKI | Wait until REST answers"
uri:
url: "{{ XWIKI_REST_BASE }}"
status_code: [200, 401]
register: _rest_ping
retries: 60
delay: 5
until: _rest_ping is succeeded
# Check if the target admin already exists
# 404 => missing, 302 => DW redirect (treat as missing for bootstrap)
- name: "XWIKI | Check if target admin user exists"
uri:
url: "{{ XWIKI_REST_XWIKI }}/users/{{ XWIKI_ADMIN_USER | urlencode }}"
method: GET
user: "{{ XWIKI_SUPERADMIN_USERNAME }}"
password: "{{ XWIKI_SUPERADMIN_PASSWORD }}"
force_basic_auth: true
status_code: [200, 404, 302]
register: _admin_exists
# Create admin user if not existing (or DW still redirecting)
- name: "XWIKI | Create admin user via REST"
uri:
url: "{{ XWIKI_REST_XWIKI }}/users"
method: POST
user: "{{ XWIKI_SUPERADMIN_USERNAME }}"
password: "{{ XWIKI_SUPERADMIN_PASSWORD }}"
force_basic_auth: true
status_code: 201
headers:
Content-Type: "application/xml"
body: |
<user>
<firstName>{{ users.administrator.firstname | default('Admin') }}</firstName>
<lastName>{{ users.administrator.lastname | default('User') }}</lastName>
<email>{{ users.administrator.email }}</email>
<username>{{ XWIKI_ADMIN_USER }}</username>
<password>{{ XWIKI_ADMIN_PASS }}</password>
</user>
when: _admin_exists.status in [404, 302]
Reference in New Issue View Git Blame Copy Permalink