28 lines
1.2 KiB
Markdown
28 lines
1.2 KiB
Markdown
|
# `finallycoffee.nextcloud.ldap-user-backend` ansible role
|
||
|
|
|
||
|
|
Ansible role for managing LDAP authentication of nextcloud instances using ansible.
|
||
|
|
|
||
|
|
## Prerequisites
|
||
|
|
|
||
|
|
This role assumes a nextcloud instance is up and running, and has the `user_ldap`
|
||
|
|
nextcloud app installed. For starting a nextcloud instance, see the
|
||
|
|
`finallycoffee.nextcloud.server` role, for managing nextcloud apps see the
|
||
|
|
`finallycoffee.nextcloud.apps` ansible role.
|
||
|
|
|
||
|
|
## Configuration
|
||
|
|
|
||
|
|
- Set `nc_ldap_api_method` to either `occ` or `http` to control wether the
|
||
|
|
configuration is set using `php occ` command line calls or the `http` API
|
||
|
|
of the `user_ldap` nextcloud app.
|
||
|
|
|
||
|
|
- For `nc_ldap_api_method: occ`, ensure `nc_ldap_container` is set to the name
|
||
|
|
of the docker container where nextcloud is running, and `nc_ldap_occ_user` is
|
||
|
|
the user the container / nextcloud itself runs as. `nc_ldap_occ_command`
|
||
|
|
_can_ also be tweaked if `php` is not in the path, but the default should
|
||
|
|
be fine in most cases.
|
||
|
|
|
||
|
|
- For `nc_ldap_api_method: http`, ensure `nc_ldapi_api_instance_url` contains
|
||
|
|
the URL to the nextcloud server, including protocol (and port, if
|
||
|
|
non-standard), and `nc_ldap_api_basic_auth_[user|password]` contain the
|
||
|
|
credentials of an admin user with the rights to edit the LDAP settings.
|