feat(oidc_user_backend): add ansible role

galaxy.yml

@@ -1,6 +1,6 @@
 namespace: finallycoffee
 name: nextcloud
-version: 0.7.2
+version: 0.6.1
 readme: README.md
 authors:
 - transcaffeine <transcaffeine@finally.coffee>
@@ -12,7 +12,3 @@ build_ignore:
 - '*.tar.gz'
 repository: https://git.finally.coffee/finallycoffee/nextcloud
 issues: https://codeberg.org/finallycoffee/ansible-collection-nextcloud/issues
-tags:
-  - nextcloud
-  - nextcloud_apps
-  - docker

roles/apps/meta/main.yml

@@ -1,12 +0,0 @@
----
-allow_duplicates: true
-dependencies: []
-galaxy_info:
-  role_name: apps
-  description: Install Nextcloud apps using ansible
-  galaxy_tags:
-    - nextcloud
-    - owncloud
-    - apps
-    - nextcloud-apps
-    - docker

roles/ldap_user_backend/meta/main.yml

@@ -1,12 +1,4 @@
 ---
-allow_duplicates: true
+
-dependencies: []
+collections:
-galaxy_info:
+  - community.docker
-  role_name: ldap_user_backend
-  description: Configure a nextcloud ldap user backend using ansible
-  galaxy_tags:
-    - nextcloud
-    - owncloud
-    - ldap
-    - authentication
-    - docker

roles/nginx_fpm_proxy/meta/main.yml

@@ -1,12 +0,0 @@
----
-allow_duplicates: true
-dependencies: []
-galaxy_info:
-  role_name: nginx_fpm_proxy
-  description: Configure nginx as a FPM proxy for nextcloud
-  galaxy_tags:
-    - nextcloud
-    - owncloud
-    - nginx
-    - fpm
-    - docker

roles/nginx_fpm_proxy/tasks/main.yml

@@ -29,9 +29,9 @@
     env: "{{ nextcloud_nginx_container_env }}"
     name: "{{ nextcloud_nginx_container_name }}"
     image: "{{ nextcloud_nginx_container_image_ref }}"
-    ports: "{{ nextcloud_nginx_container_ports  | default(omit, true) }}"
+    ports: "{{ nextcloud_nginx_container_ports }}"
     volumes: "{{ nextcloud_nginx_container_volumes }}"
-    labels: "{{ nextcloud_nginx_container_labels | default(omit, true) }}"
+    labels: "{{ nextcloud_nginx_container_labels }}"
-    networks: "{{ nextcloud_nginx_container_networks | default(omit, true) }}"
+    networks: "{{ nextcloud_nginx_container_networks | default(omit) }}"
     restart_policy: "{{ nextcloud_nginx_container_restart_policy }}"
     state: started

roles/oidc_user_backend/README.md

@@ -4,6 +4,9 @@ Configure OIDC user backends in nextcloud using this ansible role.
 This role can be run multiple times with different arguments in order to
 configure multiple oidc-based user backends.
 
+> [!WARNING]
+> This role is not production ready or finished
+
 ## Configuration
 
 Set `oidc_user_backend_provider_identifier` to a unique identifier.

roles/oidc_user_backend/defaults/main/config.yml

@@ -9,7 +9,7 @@ oidc_user_backend_config_provider_scopes:
   - email
   - profile
 
-oidc_user_backend_config_provider_settings_unique_uid: true
+oidc_user_backend_config_provider_settings_unique_id: true
 oidc_user_backend_config_provider_settings_check_bearer: true
 oidc_user_backend_config_provider_settings_send_id_token_hint: true
 oidc_user_backend_config_provider_settings_bearer_provisioning: false
@@ -38,3 +38,5 @@ oidc_user_backend_config_provider_settings_mapping_headline: ~
 oidc_user_backend_config_provider_settings_mapping_biography: ~
 oidc_user_backend_config_provider_settings_mapping_phone: ~
 oidc_user_backend_config_provider_settings_mapping_gender: ~
+
+

roles/oidc_user_backend/meta/main.yml

@@ -1,12 +0,0 @@
----
-allow_duplicates: true
-dependencies: []
-galaxy_info:
-  role_name: oidc_user_backend
-  description: Configure a nextcloud oidc user backend using ansible
-  galaxy_tags:
-    - nextcloud
-    - owncloud
-    - oidc
-    - authentication
-    - docker

roles/oidc_user_backend/tasks/execute-occ.yml

@@ -38,4 +38,3 @@
     oidc_user_backend_occ_command_result: >-2
       {{ oidc_user_backend_occ_result_map[oidc_user_backend_deployment_method]
       | default(false, true) }}
-  when: oidc_user_backend_occ_command_result_var | default(false, true)

roles/oidc_user_backend/tasks/main.yml

@@ -45,8 +45,8 @@
   ansible.builtin.include_tasks:
     file: execute-occ.yml
   vars:
-    oidc_user_backend_occ_command_to_exec: >-
+    occ_command: >-
       {{ oidc_user_backend_occ_user_oidc_provider_set_command }}
-    oidc_user_backend_occ_user_to_become: "{{ oidc_user_backend_deployment_become_user_info.uid }}"
+    occ_become_user: "{{ oidc_user_backend_deployment_become_user_info.uid }}"
-    oidc_user_backend_occ_command_result_var: ~
+    occ_command_result_var: "oidc_user_backend_occ_user_oidc_provider_update_info"
   when: oidc_user_backend_backend_force_update | default(false, true)

roles/oidc_user_backend/vars/main/provider-options-json.yml

@@ -9,7 +9,7 @@ oidc_user_backend_occ_user_oidc_config_provider_dict:
   scope: "{{ oidc_user_backend_config_provider_scopes | default([], true) | join(' ') }}"
   settings:
     uniqueUid: >-2
-      {{ oidc_user_backend_config_provider_settings_unique_uid | bool }}
+      {{ oidc_user_backend_config_provider_settings_unique_id | bool }}
     providerBasedId: >-2
       {{ oidc_user_backend_config_provider_settings_provider_based_id | bool }}
     checkBearer: >-2

roles/oidc_user_backend/vars/main/provider-options.yml

@@ -7,7 +7,7 @@ oidc_user_backend_occ_user_oidc_provider_options_dict:
   endsessionendpointuri: "{{ oidc_user_backend_config_provider_end_session_endpoint }}"
   scope: "'{{ oidc_user_backend_config_provider_scopes | default([], true) | join(' ') }}'"
   "unique-uid": >-2
-    {{ oidc_user_backend_config_provider_settings_unique_uid | bool | ternary(1, 0) }}
+    {{ oidc_user_backend_config_provider_settings_unique_id | bool | ternary(1, 0) }}
   "check-bearer": >-2
     {{ oidc_user_backend_config_provider_settings_check_bearer | bool | ternary(1, 0) }}
   "send-id-token-hint": >-2

roles/server/defaults/main.yml

@@ -1,6 +1,6 @@
 ---
 
-nextcloud_version: 30.0.4
+nextcloud_version: 30.0.0
 nextcloud_user: nextcloud
 nextcloud_basepath: /opt/nextcloud
 nextcloud_config_path: "{{ nextcloud_basepath }}/config"
@@ -20,20 +20,9 @@ nextcloud_database_pass: ~
 nextcloud_database_host: localhost
 
 nextcloud_container_name: nextcloud
-nextcloud_container_image_server: docker.io
+nextcloud_container_image: docker.io/library/nextcloud
-nextcloud_container_image_namespace: library
-nextcloud_container_image_name: nextcloud
-nextcloud_container_image: >-2
-  {{
-    [
-      nextcloud_container_image_server,
-      nextcloud_container_image_namespace,
-      nextcloud_container_image_name,
-    ] | join('/')
-  }}
 nextcloud_container_image_variant: "-fpm-alpine"
-nextcloud_container_image_ref: >-2
+nextcloud_container_image_ref: "{{ nextcloud_container_name }}:{{ nextcloud_version }}{{ nextcloud_container_image_variant }}"
-  {{ nextcloud_container_image }}:{{ nextcloud_version }}{{ nextcloud_container_image_variant }}
 nextcloud_container_image_force_source: false
 nextcloud_container_restart_policy: "unless-stopped"
 
@@ -52,6 +41,7 @@ nextcloud_container_extra_labels: {}
 nextcloud_container_extra_environment: {}
 
 nextcloud_container_networks: ~
+nextcloud_container_purge_other_networks: true
 
 nextcloud_paths:
   - path: "{{ nextcloud_config_path }}"

roles/server/meta/main.yml

@@ -1,10 +0,0 @@
----
-allow_duplicates: true
-dependencies: []
-galaxy_info:
-  role_name: server
-  description: Deploy nextcloud server, the self-hosted nextcloud
-  galaxy_tags:
-    - nextcloud
-    - owncloud
-    - docker

roles/server/tasks/configure-single-setting.yml

@@ -9,9 +9,6 @@
         user: "{{ nextcloud_user_info.uid }}"
         tty: yes
       register: nextcloud_current_config_entry
-      until: nextcloud_current_config_entry is success
-      retries: 30
-      delay: 10
       check_mode: false
       changed_when: false
 
@@ -28,9 +25,9 @@
     value_type: >-
       {% if value is boolean %}
       boolean
-      {% elif value is integer %}
+      {% elsif value is integer %}
       integer
-      {% elif value is float %}
+      {% elsif value is float %}
       float
       {% else %}
       string

roles/server/tasks/main.yml

@@ -29,7 +29,7 @@
     group: "{{ item.group }}"
   loop: "{{ nextcloud_paths }}"
 
-- name: Ensure docker container image '{{ nextcloud_container_image_ref }}' for nextcloud is pulled
+- name: Ensure docker container for nextcloud is pulled
   community.docker.docker_image:
     name: "{{ nextcloud_container_image_ref }}"
     state: present
@@ -118,8 +118,8 @@
     volumes: "{{ nextcloud_container_volumes }}"
     labels: "{{ nextcloud_container_labels }}"
     env: "{{ nextcloud_container_env }}"
-    etc_hosts: "{{ nextcloud_container_etc_hosts | default(omit, true) }}"
     networks: "{{ nextcloud_container_networks | default(omit, true) }}"
+    purge_networks: "{{ nextcloud_container_purge_other_networks }}"
     restart_policy: "{{ nextcloud_container_restart_policy }}"
     state: started