nextcloud/roles/oidc_user_backend/tasks/main.yml

---
- name: Check if deployment method is supported
  ansible.builtin.fail:
    msg: >-2
      Deployment method '{{ oidc_user_backend_deployment_method }}' is not supported!
      Supported are: {{ oidc_user_backend_deployment_methods | join(', ') }}
  when: oidc_user_backend_deployment_method not in oidc_user_backend_deployment_methods

- name: Lookup become user info
  ansible.builtin.user:
    name: "{{ oidc_user_backend_deployment_become_user }}"
    state: present
  check_mode: true
  register: oidc_user_backend_deployment_become_user_info
  when: oidc_user_backend_deployment_become_user | default(false, true)

- name: Retrieve configured providers
  ansible.builtin.include_tasks:
    file: execute-occ.yml
  vars:
    oidc_user_backend_occ_command_to_exec: >-
      {{ oidc_user_backend_occ_user_oidc_provider_get_command }}
    oidc_user_backend_occ_user_to_become: "{{ oidc_user_backend_deployment_become_user_info.uid }}"
    oidc_user_backend_occ_command_result_var: "oidc_user_backend_occ_user_oidc_provider"

- name: Check if provider information should be updated
  set_fact:
    oidc_user_backend_backend_force_update: true
  loop: "{{ lookup('ansible.utils.to_paths', oidc_user_backend_occ_user_oidc_provider) | dict2items }}"
  loop_control:
    label: "{{ item.key }}"
  vars:
    target_config: >-2
      {{ lookup('ansible.utils.to_paths', oidc_user_backend_occ_user_oidc_config_provider_dict) }}
  when:
    - item.key not in oidc_user_backend_occ_user_oidc_provider_ignored_settings
    - (item.value != None) and (target_config[item.key] != None)
    - >-2
        (target_config[item.key] != None) | ternary(
          (item.value != target_config[item.key]),
          (item.value | string | length > 0)
        )

- name: Update configuration for provider '{{ oidc_user_backend_config_provider_identifier }}'
  ansible.builtin.include_tasks:
    file: execute-occ.yml
  vars:
    oidc_user_backend_occ_command_to_exec: >-
      {{ oidc_user_backend_occ_user_oidc_provider_set_command }}
    oidc_user_backend_occ_user_to_become: "{{ oidc_user_backend_deployment_become_user_info.uid }}"
    oidc_user_backend_occ_command_result_var: ~
  when: oidc_user_backend_backend_force_update | default(false, true)
feat(oidc_user_backend): add ansible role 2024-09-29 10:52:45 +00:00			`---`
			`- name: Check if deployment method is supported`
			`ansible.builtin.fail:`
			`msg: >-2`
			`Deployment method '{{ oidc_user_backend_deployment_method }}' is not supported!`
			`Supported are: {{ oidc_user_backend_deployment_methods \| join(', ') }}`
			`when: oidc_user_backend_deployment_method not in oidc_user_backend_deployment_methods`

			`- name: Lookup become user info`
			`ansible.builtin.user:`
			`name: "{{ oidc_user_backend_deployment_become_user }}"`
			`state: present`
			`check_mode: true`
			`register: oidc_user_backend_deployment_become_user_info`
			`when: oidc_user_backend_deployment_become_user \| default(false, true)`

			`- name: Retrieve configured providers`
			`ansible.builtin.include_tasks:`
			`file: execute-occ.yml`
			`vars:`
			`oidc_user_backend_occ_command_to_exec: >-`
			`{{ oidc_user_backend_occ_user_oidc_provider_get_command }}`
			`oidc_user_backend_occ_user_to_become: "{{ oidc_user_backend_deployment_become_user_info.uid }}"`
			`oidc_user_backend_occ_command_result_var: "oidc_user_backend_occ_user_oidc_provider"`

			`- name: Check if provider information should be updated`
			`set_fact:`
			`oidc_user_backend_backend_force_update: true`
			`loop: "{{ lookup('ansible.utils.to_paths', oidc_user_backend_occ_user_oidc_provider) \| dict2items }}"`
			`loop_control:`
			`label: "{{ item.key }}"`
			`vars:`
			`target_config: >-2`
			`{{ lookup('ansible.utils.to_paths', oidc_user_backend_occ_user_oidc_config_provider_dict) }}`
			`when:`
			`- item.key not in oidc_user_backend_occ_user_oidc_provider_ignored_settings`
			`- (item.value != None) and (target_config[item.key] != None)`
			`- >-2`
			`(target_config[item.key] != None) \| ternary(`
			`(item.value != target_config[item.key]),`
			`(item.value \| string \| length > 0)`
			`)`

			`- name: Update configuration for provider '{{ oidc_user_backend_config_provider_identifier }}'`
			`ansible.builtin.include_tasks:`
			`file: execute-occ.yml`
			`vars:`
			`oidc_user_backend_occ_command_to_exec: >-`
			`{{ oidc_user_backend_occ_user_oidc_provider_set_command }}`
			`oidc_user_backend_occ_user_to_become: "{{ oidc_user_backend_deployment_become_user_info.uid }}"`
			`oidc_user_backend_occ_command_result_var: ~`
			`when: oidc_user_backend_backend_force_update \| default(false, true)`