Compare commits

..

12 Commits

16 changed files with 92 additions and 24 deletions
galaxy.yml
roles
apps
ldap_user_backend
nginx_fpm_proxy
oidc_user_backend
server

@ -1,6 +1,6 @@
namespace: finallycoffee namespace: finallycoffee
name: nextcloud name: nextcloud
version: 0.6.1 version: 0.7.1
readme: README.md readme: README.md
authors: authors:
- transcaffeine <transcaffeine@finally.coffee> - transcaffeine <transcaffeine@finally.coffee>
@ -12,3 +12,7 @@ build_ignore:
- '*.tar.gz' - '*.tar.gz'
repository: https://git.finally.coffee/finallycoffee/nextcloud repository: https://git.finally.coffee/finallycoffee/nextcloud
issues: https://codeberg.org/finallycoffee/ansible-collection-nextcloud/issues issues: https://codeberg.org/finallycoffee/ansible-collection-nextcloud/issues
tags:
- nextcloud
- nextcloud-apps
- docker

12
roles/apps/meta/main.yml Normal file

@ -0,0 +1,12 @@
---
allow_duplicates: true
dependencies: []
galaxy_info:
role_name: apps
description: Install Nextcloud apps using ansible
galaxy_tags:
- nextcloud
- owncloud
- apps
- nextcloud-apps
- docker

@ -1,4 +1,12 @@
--- ---
allow_duplicates: true
collections: dependencies: []
- community.docker galaxy_info:
role_name: ldap_user_backend
description: Configure a nextcloud ldap user backend using ansible
galaxy_tags:
- nextcloud
- owncloud
- ldap
- authentication
- docker

@ -0,0 +1,12 @@
---
allow_duplicates: true
dependencies: []
galaxy_info:
role_name: nginx_fpm_proxy
description: Configure nginx as a FPM proxy for nextcloud
galaxy_tags:
- nextcloud
- owncloud
- nginx
- fpm
- docker

@ -29,9 +29,9 @@
env: "{{ nextcloud_nginx_container_env }}" env: "{{ nextcloud_nginx_container_env }}"
name: "{{ nextcloud_nginx_container_name }}" name: "{{ nextcloud_nginx_container_name }}"
image: "{{ nextcloud_nginx_container_image_ref }}" image: "{{ nextcloud_nginx_container_image_ref }}"
ports: "{{ nextcloud_nginx_container_ports }}" ports: "{{ nextcloud_nginx_container_ports | default(omit, true) }}"
volumes: "{{ nextcloud_nginx_container_volumes }}" volumes: "{{ nextcloud_nginx_container_volumes }}"
labels: "{{ nextcloud_nginx_container_labels }}" labels: "{{ nextcloud_nginx_container_labels | default(omit, true) }}"
networks: "{{ nextcloud_nginx_container_networks | default(omit) }}" networks: "{{ nextcloud_nginx_container_networks | default(omit, true) }}"
restart_policy: "{{ nextcloud_nginx_container_restart_policy }}" restart_policy: "{{ nextcloud_nginx_container_restart_policy }}"
state: started state: started

@ -4,9 +4,6 @@ Configure OIDC user backends in nextcloud using this ansible role.
This role can be run multiple times with different arguments in order to This role can be run multiple times with different arguments in order to
configure multiple oidc-based user backends. configure multiple oidc-based user backends.
> [!WARNING]
> This role is not production ready or finished
## Configuration ## Configuration
Set `oidc_user_backend_provider_identifier` to a unique identifier. Set `oidc_user_backend_provider_identifier` to a unique identifier.

@ -9,7 +9,7 @@ oidc_user_backend_config_provider_scopes:
- email - email
- profile - profile
oidc_user_backend_config_provider_settings_unique_id: true oidc_user_backend_config_provider_settings_unique_uid: true
oidc_user_backend_config_provider_settings_check_bearer: true oidc_user_backend_config_provider_settings_check_bearer: true
oidc_user_backend_config_provider_settings_send_id_token_hint: true oidc_user_backend_config_provider_settings_send_id_token_hint: true
oidc_user_backend_config_provider_settings_bearer_provisioning: false oidc_user_backend_config_provider_settings_bearer_provisioning: false
@ -38,5 +38,3 @@ oidc_user_backend_config_provider_settings_mapping_headline: ~
oidc_user_backend_config_provider_settings_mapping_biography: ~ oidc_user_backend_config_provider_settings_mapping_biography: ~
oidc_user_backend_config_provider_settings_mapping_phone: ~ oidc_user_backend_config_provider_settings_mapping_phone: ~
oidc_user_backend_config_provider_settings_mapping_gender: ~ oidc_user_backend_config_provider_settings_mapping_gender: ~

@ -0,0 +1,12 @@
---
allow_duplicates: true
dependencies: []
galaxy_info:
role_name: oidc_user_backend
description: Configure a nextcloud oidc user backend using ansible
galaxy_tags:
- nextcloud
- owncloud
- oidc
- authentication
- docker

@ -38,3 +38,4 @@
oidc_user_backend_occ_command_result: >-2 oidc_user_backend_occ_command_result: >-2
{{ oidc_user_backend_occ_result_map[oidc_user_backend_deployment_method] {{ oidc_user_backend_occ_result_map[oidc_user_backend_deployment_method]
| default(false, true) }} | default(false, true) }}
when: oidc_user_backend_occ_command_result_var | default(false, true)

@ -45,8 +45,8 @@
ansible.builtin.include_tasks: ansible.builtin.include_tasks:
file: execute-occ.yml file: execute-occ.yml
vars: vars:
occ_command: >- oidc_user_backend_occ_command_to_exec: >-
{{ oidc_user_backend_occ_user_oidc_provider_set_command }} {{ oidc_user_backend_occ_user_oidc_provider_set_command }}
occ_become_user: "{{ oidc_user_backend_deployment_become_user_info.uid }}" oidc_user_backend_occ_user_to_become: "{{ oidc_user_backend_deployment_become_user_info.uid }}"
occ_command_result_var: "oidc_user_backend_occ_user_oidc_provider_update_info" oidc_user_backend_occ_command_result_var: ~
when: oidc_user_backend_backend_force_update | default(false, true) when: oidc_user_backend_backend_force_update | default(false, true)

@ -9,7 +9,7 @@ oidc_user_backend_occ_user_oidc_config_provider_dict:
scope: "{{ oidc_user_backend_config_provider_scopes | default([], true) | join(' ') }}" scope: "{{ oidc_user_backend_config_provider_scopes | default([], true) | join(' ') }}"
settings: settings:
uniqueUid: >-2 uniqueUid: >-2
{{ oidc_user_backend_config_provider_settings_unique_id | bool }} {{ oidc_user_backend_config_provider_settings_unique_uid | bool }}
providerBasedId: >-2 providerBasedId: >-2
{{ oidc_user_backend_config_provider_settings_provider_based_id | bool }} {{ oidc_user_backend_config_provider_settings_provider_based_id | bool }}
checkBearer: >-2 checkBearer: >-2

@ -7,7 +7,7 @@ oidc_user_backend_occ_user_oidc_provider_options_dict:
endsessionendpointuri: "{{ oidc_user_backend_config_provider_end_session_endpoint }}" endsessionendpointuri: "{{ oidc_user_backend_config_provider_end_session_endpoint }}"
scope: "'{{ oidc_user_backend_config_provider_scopes | default([], true) | join(' ') }}'" scope: "'{{ oidc_user_backend_config_provider_scopes | default([], true) | join(' ') }}'"
"unique-uid": >-2 "unique-uid": >-2
{{ oidc_user_backend_config_provider_settings_unique_id | bool | ternary(1, 0) }} {{ oidc_user_backend_config_provider_settings_unique_uid | bool | ternary(1, 0) }}
"check-bearer": >-2 "check-bearer": >-2
{{ oidc_user_backend_config_provider_settings_check_bearer | bool | ternary(1, 0) }} {{ oidc_user_backend_config_provider_settings_check_bearer | bool | ternary(1, 0) }}
"send-id-token-hint": >-2 "send-id-token-hint": >-2

@ -1,6 +1,6 @@
--- ---
nextcloud_version: 30.0.0 nextcloud_version: 30.0.2
nextcloud_user: nextcloud nextcloud_user: nextcloud
nextcloud_basepath: /opt/nextcloud nextcloud_basepath: /opt/nextcloud
nextcloud_config_path: "{{ nextcloud_basepath }}/config" nextcloud_config_path: "{{ nextcloud_basepath }}/config"
@ -20,9 +20,20 @@ nextcloud_database_pass: ~
nextcloud_database_host: localhost nextcloud_database_host: localhost
nextcloud_container_name: nextcloud nextcloud_container_name: nextcloud
nextcloud_container_image: docker.io/library/nextcloud nextcloud_container_image_server: docker.io
nextcloud_container_image_namespace: library
nextcloud_container_image_name: nextcloud
nextcloud_container_image: >-2
{{
[
nextcloud_container_image_server,
nextcloud_container_image_namespace,
nextcloud_container_image_name,
] | join('/')
}}
nextcloud_container_image_variant: "-fpm-alpine" nextcloud_container_image_variant: "-fpm-alpine"
nextcloud_container_image_ref: "{{ nextcloud_container_name }}:{{ nextcloud_version }}{{ nextcloud_container_image_variant }}" nextcloud_container_image_ref: >-2
{{ nextcloud_container_image }}:{{ nextcloud_version }}{{ nextcloud_container_image_variant }}
nextcloud_container_image_force_source: false nextcloud_container_image_force_source: false
nextcloud_container_restart_policy: "unless-stopped" nextcloud_container_restart_policy: "unless-stopped"

@ -0,0 +1,10 @@
---
allow_duplicates: true
dependencies: []
galaxy_info:
role_name: server
description: Deploy nextcloud server, the self-hosted nextcloud
galaxy_tags:
- nextcloud
- owncloud
- docker

@ -9,6 +9,9 @@
user: "{{ nextcloud_user_info.uid }}" user: "{{ nextcloud_user_info.uid }}"
tty: yes tty: yes
register: nextcloud_current_config_entry register: nextcloud_current_config_entry
until: nextcloud_current_config_entry is success
retries: 30
delay: 10
check_mode: false check_mode: false
changed_when: false changed_when: false
@ -25,9 +28,9 @@
value_type: >- value_type: >-
{% if value is boolean %} {% if value is boolean %}
boolean boolean
{% elsif value is integer %} {% elif value is integer %}
integer integer
{% elsif value is float %} {% elif value is float %}
float float
{% else %} {% else %}
string string

@ -29,7 +29,7 @@
group: "{{ item.group }}" group: "{{ item.group }}"
loop: "{{ nextcloud_paths }}" loop: "{{ nextcloud_paths }}"
- name: Ensure docker container for nextcloud is pulled - name: Ensure docker container image '{{ nextcloud_container_image_ref }}' for nextcloud is pulled
community.docker.docker_image: community.docker.docker_image:
name: "{{ nextcloud_container_image_ref }}" name: "{{ nextcloud_container_image_ref }}"
state: present state: present