feat(oidc_user_backend): add ansible role

roles/oidc_user_backend/README.md

@@ -4,9 +4,6 @@ Configure OIDC user backends in nextcloud using this ansible role.
 This role can be run multiple times with different arguments in order to
 configure multiple oidc-based user backends.
 
-> [!WARNING]
-> This role is not production ready or finished
-
 ## Configuration
 
 Set `oidc_user_backend_provider_identifier` to a unique identifier.

roles/oidc_user_backend/defaults/main/config.yml

@@ -9,7 +9,7 @@ oidc_user_backend_config_provider_scopes:
   - email
   - profile
 
-oidc_user_backend_config_provider_settings_unique_id: true
+oidc_user_backend_config_provider_settings_unique_uid: true
 oidc_user_backend_config_provider_settings_check_bearer: true
 oidc_user_backend_config_provider_settings_send_id_token_hint: true
 oidc_user_backend_config_provider_settings_bearer_provisioning: false

roles/oidc_user_backend/tasks/execute-occ.yml

@@ -38,3 +38,4 @@
     oidc_user_backend_occ_command_result: >-2
       {{ oidc_user_backend_occ_result_map[oidc_user_backend_deployment_method]
       | default(false, true) }}
+  when: oidc_user_backend_occ_command_result_var | default(false, true)

roles/oidc_user_backend/tasks/main.yml

@@ -45,8 +45,8 @@
   ansible.builtin.include_tasks:
     file: execute-occ.yml
   vars:
-    occ_command: >-
+    oidc_user_backend_occ_command_to_exec: >-
       {{ oidc_user_backend_occ_user_oidc_provider_set_command }}
-    occ_become_user: "{{ oidc_user_backend_deployment_become_user_info.uid }}"
+    oidc_user_backend_occ_user_to_become: "{{ oidc_user_backend_deployment_become_user_info.uid }}"
-    occ_command_result_var: "oidc_user_backend_occ_user_oidc_provider_update_info"
+    oidc_user_backend_occ_command_result_var: ~
   when: oidc_user_backend_backend_force_update | default(false, true)

roles/oidc_user_backend/vars/main/provider-options-json.yml

@@ -9,7 +9,7 @@ oidc_user_backend_occ_user_oidc_config_provider_dict:
   scope: "{{ oidc_user_backend_config_provider_scopes | default([], true) | join(' ') }}"
   settings:
     uniqueUid: >-2
-      {{ oidc_user_backend_config_provider_settings_unique_id | bool }}
+      {{ oidc_user_backend_config_provider_settings_unique_uid | bool }}
     providerBasedId: >-2
       {{ oidc_user_backend_config_provider_settings_provider_based_id | bool }}
     checkBearer: >-2

roles/oidc_user_backend/vars/main/provider-options.yml

@@ -7,7 +7,7 @@ oidc_user_backend_occ_user_oidc_provider_options_dict:
   endsessionendpointuri: "{{ oidc_user_backend_config_provider_end_session_endpoint }}"
   scope: "'{{ oidc_user_backend_config_provider_scopes | default([], true) | join(' ') }}'"
   "unique-uid": >-2
-    {{ oidc_user_backend_config_provider_settings_unique_id | bool | ternary(1, 0) }}
+    {{ oidc_user_backend_config_provider_settings_unique_uid | bool | ternary(1, 0) }}
   "check-bearer": >-2
     {{ oidc_user_backend_config_provider_settings_check_bearer | bool | ternary(1, 0) }}
   "send-id-token-hint": >-2