ldap: support nextcloud_ldap_expert_username_attr setting

defaults/main.yml

@@ -1,20 +1,82 @@
 ---
+# domain, webroot
+nextcloud_domain: example.com
+nextcloud_web_root: /
+
+# database
+nextcloud_db_engine: sqlite
+
+# db name or path (sqlite)
+nextcloud_db_name: nextcloud
+
+# mysql, mariadb, postgresql
+nextcloud_db_host: localhost
+nextcloud_db_user: nextcloud
+nextcloud_db_password: password
+nextcloud_table_prefix: ""
+
+# data dir (inside container)
+nextcloud_data_dir: /var/www/html/data
+
+# admin user
+nextcloud_admin_user: admin
+nextcloud_admin_password: password
+
+# space separated trusted domains
+nextcloud_trusted_domains:
+  - "{{ nextcloud_domain }}"
+
+# The install and update script is only triggered when a default command
+# is used (apache-foreground or php-fpm). If you use a custom command
+# you have to enable the install / update with
+nextcloud_update: ""
+
+# The use of Redis is recommended to prevent file locking problems. See
+# the examples for further instructions.
+# If you want to use Redis you have to create a separate Redis container
+# in your setup / in your docker-compose file. To inform Nextcloud about
+# the Redis container add:
+nextcloud_redis_host: ""
+nextcloud_redis_port: "6379"
+
+# smtp
+nextcloud_smtp_host: ""
+nextcloud_smtp_secure: ""
+nextcloud_smtp_port: ""
+nextcloud_smtp_authtype: LOGIN
+nextcloud_smtp_user: ""
+nextcloud_smtp_password: ""
+nextcloud_mail_from_address: ""
+nextcloud_mail_domain: "{{ nextcloud_domain }}"
+
+# ldap
+nextcloud_ldap_enable: false
+nextcloud_ldap_host: "{{ ldap_uri | default('openldap') | regex_replace(':[0-9]+$') }}"
+nextcloud_ldap_port: "389"
+#nextcloud_ldap_backup_host: ""
+nextcloud_ldap_backup_port: "389"
+#nextcloud_ldap_agent_name: ""
+#nextcloud_ldap_agent_password: ""
+nextcloud_ldap_base: "dc={{ openldap_domain | default('example.com') | replace('.', ',dc=') }}"
+#nextcloud_ldap_base_users: ""
+#nextcloud_ldap_base_groups: ""
+#nextcloud_ldap_user_filter_objectclass: ""
+#nextcloud_ldap_user_filter: ""
+#nextcloud_ldap_login_filter: ""
+#nextcloud_ldap_group_filter_objectclass: ""
+#nextcloud_ldap_group_filter: ""
+#nextcloud_ldap_gid_number: ""
+#nextcloud_ldap_user_display_name: ""
+#nextcloud_ldap_user_display_name_2: ""
+#nextcloud_ldap_group_display_name: ""
+#nextcloud_ldap_email_attribute: ""
+#nextcloud_ldap_group_member_assoc_attr: ""
+#nextcloud_ldap_expert_username_attr: ""
+
 # container
-mariadb_image: mariadb
-mariadb_container: mariadb
-mariadb_volume: mariadb
-
-# clave del usuario root (CAMBIAR)
-mariadb_root_password: password
-
-# base de datos y usuario (opcionales)
-# mariadb_database: db
-# mariadb_user: db_user
-# mariadb_password: db_pass
-
-# binding del puerto mariadb
-mariadb_bind_host: 127.0.0.1
-mariadb_bind_port: 3306
+nextcloud_image: eumau/nextcloud
+nextcloud_container: nextcloud
+nextcloud_volume: nextcloud
 
 # definido por rol docker
-docker_network_name: dockernet
+docker_network: dockernet

tasks/main.yml

@@ -1,33 +1,133 @@
 ---
-- name: start mariadb container
-  docker_container:
-    image: "{{ mariadb_image }}"
-    name: "{{ mariadb_container }}"
-    volumes:
-      - "{{ mariadb_volume }}:/var/lib/mysql"
-    env:
-      MYSQL_ROOT_PASSWORD: "{{ mariadb_root_password }}"
-      MYSQL_DATABASE: "{{ mariadb_database | default(omit) }}"
-      MYSQL_USER: "{{ mariadb_user | default(omit) }}"
-      MYSQL_PASSWORD: "{{ mariadb_password | default(omit) }}"
-    networks:
-      - name: "{{ docker_network_name }}"
-    ports:
-      - "{{ mariadb_bind_host }}:{{ mariadb_bind_port }}:3306"
+# TODO: postgres support
+# - name: create nextcloud database (pg)
+#   postgresql_db:
+#     state: present
+#     name: "{{ nextcloud_db_name }}"
+#     login_host: "{{ postgresql_host }}"
+#     login_port: "{{ postgresql_port }}"
+#     login_user: "{{ postgresql_root_password }}"
+#     login_password: "{{ postgresql_root_password }}"
 
-- name: inspect mariadb volume
+# - name: create nextcloud db user (pg)
+#   postgresql_user:
+#     state: present
+#     name: "{{ nextcloud_db_user }}"
+#     password: "{{ nextcloud_db_password }}"
+#     priv: "{{ nextcloud_db_name }}.*:ALL"
+#     login_host: "{{ postgresql_host }}"
+#     login_port: "{{ postgresql_port }}"
+#     login_user: root
+#     login_password: "{{ postgresql_root_password }}"
+
+- name: create nextcloud database
+  mysql_db:
+    state: present
+    name: "{{ nextcloud_db_name }}"
+    login_host: "{{ mariadb_host }}"
+    login_port: "{{ mariadb_port }}"
+    login_user: root
+    login_password: "{{ mariadb_root_password }}"
+  when: nextcloud_db_engine in ('mariadb','mysql')
+
+- name: create nextcloud db user
+  mysql_user:
+    state: present
+    name: "{{ nextcloud_db_user }}"
+    host: "%"
+    password: "{{ nextcloud_db_password }}"
+    priv: "{{ nextcloud_db_name }}.*:ALL"
+    login_host: "{{ mariadb_host }}"
+    login_port: "{{ mariadb_port }}"
+    login_user: root
+    login_password: "{{ mariadb_root_password }}"
+  when: nextcloud_db_engine in ('mariadb','mysql')
+
+- name: start nextcloud container
+  docker_container:
+    image: "{{ nextcloud_image }}"
+    name: "{{ nextcloud_container }}"
+    volumes:
+      - "{{ nextcloud_volume }}:/var/www/html"
+    env:
+      SQLITE_DATABASE:
+        "{{ nextcloud_db_name if nextcloud_db_engine == 'sqlite' else '' }}"
+      MYSQL_DATABASE:
+        "{{ nextcloud_db_name if nextcloud_db_engine in ('mysql','mariadb') else '' }}"
+      MYSQL_USER:
+        "{{ nextcloud_db_user if nextcloud_db_engine in ('mysql','mariadb') else '' }}"
+      MYSQL_PASSWORD:
+        "{{ nextcloud_db_password if nextcloud_db_engine in ('mysql','mariadb') else '' }}"
+      MYSQL_HOST:
+        "{{ nextcloud_db_host if nextcloud_db_engine in ('mysql','mariadb') else '' }}"
+      POSTGRES_DB:
+        "{{ nextcloud_db_name if 'postgres' in nextcloud_db_engine else '' }}"
+      POSTGRES_USER:
+        "{{ nextcloud_db_user if 'postgres' in nextcloud_db_engine else '' }}"
+      POSTGRES_PASSWORD:
+        "{{ nextcloud_db_password if 'postgres' in nextcloud_db_engine else '' }}"
+      POSTGRES_HOST:
+        "{{ nextcloud_db_host if 'postgres' in nextcloud_db_engine else '' }}"
+      NEXTCLOUD_TABLE_PREFIX: "{{ nextcloud_table_prefix }}"
+      NEXTCLOUD_ADMIN_USER: "{{ nextcloud_admin_user }}"
+      NEXTCLOUD_ADMIN_PASSWORD: "{{ nextcloud_admin_password }}"
+      NEXTCLOUD_TRUSTED_DOMAINS: "{{ nextcloud_trusted_domains | join(' ')}}"
+      NEXTCLOUD_UPDATE: "{{ nextcloud_update }}"
+      REDIS_HOST: "{{ nextcloud_redis_host }}"
+      REDIS_HOST_PORT: "{{ nextcloud_redis_port }}"
+      SMTP_HOST: "{{ nextcloud_smtp_host }}"
+      SMTP_SECURE: "{{ nextcloud_smtp_secure }}"
+      SMTP_PORT: "{{ nextcloud_smtp_port }}"
+      SMTP_AUTHTYPE: "{{ nextcloud_smtp_authtype }}"
+      SMTP_NAME: "{{ nextcloud_smtp_user }}"
+      SMTP_PASSWORD: "{{ nextcloud_smtp_password }}"
+      MAIL_FROM_ADDRESS: "{{ nextcloud_mail_from_address }}"
+      MAIL_DOMAIN: "{{ nextcloud_mail_domain }}"
+      LDAP_ENABLE: "{{ 'true' if nextcloud_ldap_enable else 'false' }}"
+      LDAP_HOST: "{{ nextcloud_ldap_host }}"
+      LDAP_PORT: "{{ nextcloud_ldap_port | string }}"
+      LDAP_BACKUP_HOST: "{{ nextcloud_ldap_backup_host | default(omit) }}"
+      LDAP_BACKUP_PORT: "{{ nextcloud_ldap_backup_port | string }}"
+      LDAP_AGENT_NAME: "{{ nextcloud_ldap_agent_name | default(omit) }}"
+      LDAP_AGENT_PASSWORD: "{{ nextcloud_ldap_agent_password | default(omit) }}"
+      LDAP_BASE: "{{ nextcloud_ldap_base }}"
+      LDAP_BASE_USERS: "{{ nextcloud_ldap_base_users | default(omit) }}"
+      LDAP_BASE_GROUPS: "{{ nextcloud_ldap_base_groups | default(omit) }}"
+      LDAP_USER_FILTER_OBJECTCLASS: "{{ nextcloud_ldap_user_filter_objectclass | default(omit) }}"
+      LDAP_USER_FILTER: "{{ nextcloud_ldap_user_filter | default(omit) }}"
+      LDAP_LOGIN_FILTER: "{{ nextcloud_ldap_login_filter | default(omit) }}"
+      LDAP_GROUP_FILTER_OBJECTCLASS: "{{ nextcloud_ldap_group_filter_objectclass | default(omit) }}"
+      LDAP_GROUP_FILTER: "{{ nextcloud_ldap_group_filter | default(omit) }}"
+      LDAP_GID_NUMBER: "{{ nextcloud_ldap_gid_number | default(omit) }}"
+      LDAP_USER_DISPLAY_NAME: "{{ nextcloud_ldap_user_display_name | default(omit) }}"
+      LDAP_USER_DISPLAY_NAME_2: "{{ nextcloud_ldap_user_display_name_2 | default(omit) }}"
+      LDAP_GROUP_DISPLAY_NAME: "{{ nextcloud_ldap_group_display_name | default(omit) }}"
+      LDAP_EMAIL_ATTRIBUTE: "{{ nextcloud_ldap_email_attribute | default(omit) }}"
+      LDAP_GROUP_MEMBER_ASSOC_ATTR: "{{ nextcloud_ldap_group_member_assoc_attr | default(omit) }}"
+      LDAP_EXPERT_USERNAME_ATTR: "{{ nextcloud_ldap_expert_username_attr | default(omit) }}"
+    networks:
+      - name: "{{ docker_network }}"
+    ports:
+
+- name: export nginx config
+  set_fact:
+    nginx_config: >-
+      {{ nginx_config | default({}) | combine({
+        nextcloud_domain: {
+          "locations": {
+            '/': {
+              "proxy_pass": "https://{}:9010".format(nextcloud_container)
+            }
+          }
+        }
+        }, recursive=True) }}
+
+- name: inspect nextcloud volume
   docker_volume_info:
-    name: "{{ mariadb_volume }}"
+    name: "{{ nextcloud_volume }}"
   register: volinfo
 
 - name: export variables
   set_fact:
-    mariadb_container: "{{ lookup('vars','mariadb_container') }}"
-    mariadb_volume: "{{ lookup('vars','mariadb_volume') }}"
-    mariadb_volume_mountpoint: "{{ volinfo.volume.Mountpoint }}"
-    mariadb_root_password: "{{ lookup('vars','mariadb_root_password') }}"
-    mariadb_database: "{{ lookup('vars','mariadb_database',default=omit) }}"
-    mariadb_user: "{{ lookup('vars','mariadb_user',default=omit) }}"
-    mariadb_password: "{{ lookup('vars','mariadb_password',default=omit) }}"
-    mariadb_host: localhost
-    mariadb_port: "{{ lookup('vars','mariadb_bind_port') }}"
+    nextcloud_volume: "{{ lookup('vars','nextcloud_volume') }}"
+    nextcloud_volume_mountpoint: "{{ volinfo.volume.Mountpoint }}"