misc/ansible-base
0
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

[fix] role:dokuwiki

Browse source
This commit is contained in:
Christian Fraß 2023-12-19 23:09:23 +01:00
parent 89d806c27a
commit 846930b52d
6 changed files with 74 additions and 34 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
ansible/roles/dokuwiki/defaults/main.json
View file

@ -1,6 +1,8 @@
{ {
"var_dokuwiki_directory": "/opt/dokuwiki", "var_dokuwiki_directory": "/opt/dokuwiki",
"var_dokuwiki_title": "DokuWiki", "var_dokuwiki_title": "DokuWiki",
"var_dokuwiki_language": "en",
"var_dokuwiki_licence": "cc-by-sa",
"var_dokuwiki_oauth2_enable": false, "var_dokuwiki_oauth2_enable": false,
"var_dokuwiki_oauth2_title": "external auth", "var_dokuwiki_oauth2_title": "external auth",
"var_dokuwiki_oauth2_client_id": "dokuwiki", "var_dokuwiki_oauth2_client_id": "dokuwiki",
@ -11,5 +13,6 @@
"var_dokuwiki_admin_user_define": true, "var_dokuwiki_admin_user_define": true,
"var_dokuwiki_admin_user_name": "admin", "var_dokuwiki_admin_user_name": "admin",
"var_dokuwiki_admin_user_password": "REPLACE_ME", "var_dokuwiki_admin_user_password": "REPLACE_ME",
"var_dokuwiki_admin_user_label": "Admin",
"var_dokuwiki_admin_user_email_address": "dokuwiki-admin@example.org" "var_dokuwiki_admin_user_email_address": "dokuwiki-admin@example.org"
} }

5
ansible/roles/dokuwiki/info.md
View file

@ -9,3 +9,8 @@ Für das leicht-gewichtige Wiki-System [DokuWiki](https://www.dokuwiki.org/dokuw
- [Dokumentation | Ansible](https://www.dokuwiki.org/install:ansible) - [Dokumentation | Ansible](https://www.dokuwiki.org/install:ansible)
- [Plugin: oAuth](https://www.dokuwiki.org/plugin:oauth) - [Plugin: oAuth](https://www.dokuwiki.org/plugin:oauth)
- [Plugin: oAuthGeneric](https://www.dokuwiki.org/plugin:oauthgeneric) - [Plugin: oAuthGeneric](https://www.dokuwiki.org/plugin:oauthgeneric)
## ToDo
- Admin-Passwort richten

69
ansible/roles/dokuwiki/tasks/main.json
View file

@ -10,6 +10,13 @@
] ]
} }
}, },
{
"name": "core | preparation",
"ansible.builtin.file": {
"state": "directory",
"path": "/tmp/dokuwiki-core"
}
},
{ {
"name": "core | acquisition", "name": "core | acquisition",
"ansible.builtin.get_url": { "ansible.builtin.get_url": {
@ -22,13 +29,13 @@
"ansible.builtin.unarchive": { "ansible.builtin.unarchive": {
"remote_src": true, "remote_src": true,
"src": "/tmp/dokuwiki.tgz", "src": "/tmp/dokuwiki.tgz",
"dest": "/tmp" "dest": "/tmp/dokuwiki-core"
} }
}, },
{ {
"name": "core | version retrieval", "name": "core | version retrieval",
"ansible.builtin.shell": { "ansible.builtin.command": {
"cmd": "ls -1 /tmp/ | grep dokuwiki- | grep -v plugin" "cmd": "ls /tmp/dokuwiki-core"
}, },
"register": "temp_core_version_output" "register": "temp_core_version_output"
}, },
@ -46,13 +53,20 @@
"become": true, "become": true,
"ansible.builtin.copy": { "ansible.builtin.copy": {
"remote_src": true, "remote_src": true,
"src": "/tmp/{{temp_core_version_output.stdout}}/", "src": "/tmp/dokuwiki-core/{{temp_core_version_output.stdout}}/",
"dest": "{{var_dokuwiki_directory}}", "dest": "{{var_dokuwiki_directory}}",
"owner": "www-data" "owner": "www-data"
} }
}, },
{ {
"name": "plugin oauth2 base | acquisition", "name": "plugin 'oauth' | preparation",
"ansible.builtin.file": {
"state": "directory",
"path": "/tmp/dokuwiki-plugin-oauth"
}
},
{
"name": "plugin 'oauth' | acquisition",
"when": "var_dokuwiki_oauth2_enable", "when": "var_dokuwiki_oauth2_enable",
"ansible.builtin.get_url": { "ansible.builtin.get_url": {
"url": "https://github.com/cosmocode/dokuwiki-plugin-oauth/zipball/master", "url": "https://github.com/cosmocode/dokuwiki-plugin-oauth/zipball/master",
@ -60,24 +74,24 @@
} }
}, },
{ {
"name": "plugin oauth2 base | extraction", "name": "plugin 'oauth' | extraction",
"when": "var_dokuwiki_oauth2_enable", "when": "var_dokuwiki_oauth2_enable",
"ansible.builtin.unarchive": { "ansible.builtin.unarchive": {
"remote_src": true, "remote_src": true,
"src": "/tmp/dokuwiki-plugin-oauth-base.zip", "src": "/tmp/dokuwiki-plugin-oauth-base.zip",
"dest": "/tmp" "dest": "/tmp/dokuwiki-plugin-oauth"
} }
}, },
{ {
"name": "plugin oauth2 base | version retrieval", "name": "plugin 'oauth' | version retrieval",
"when": "var_dokuwiki_oauth2_enable", "when": "var_dokuwiki_oauth2_enable",
"ansible.builtin.shell": { "ansible.builtin.command": {
"cmd": "ls -1 /tmp/ | grep cosmocode-dokuwiki-plugin-oauth-" "cmd": "ls -1 /tmp/dokuwiki-plugin-oauth"
}, },
"register": "temp_plugin_oauth_base_version_output" "register": "temp_plugin_oauth_base_version_output"
}, },
{ {
"name": "plugin oauth2 base | directory", "name": "plugin 'oauth' | directory",
"when": "var_dokuwiki_oauth2_enable", "when": "var_dokuwiki_oauth2_enable",
"become": true, "become": true,
"ansible.builtin.file": { "ansible.builtin.file": {
@ -87,18 +101,25 @@
} }
}, },
{ {
"name": "plugin oauth2 base | emplacement", "name": "plugin 'oauth' | emplacement",
"when": "var_dokuwiki_oauth2_enable", "when": "var_dokuwiki_oauth2_enable",
"become": true, "become": true,
"ansible.builtin.copy": { "ansible.builtin.copy": {
"remote_src": true, "remote_src": true,
"src": "/tmp/{{temp_plugin_oauth_base_version_output.stdout}}/", "src": "/tmp/dokuwiki-plugin-oauth/{{temp_plugin_oauth_base_version_output.stdout}}/",
"dest": "{{var_dokuwiki_directory}}/lib/plugins/oauth", "dest": "{{var_dokuwiki_directory}}/lib/plugins/oauth",
"owner": "www-data" "owner": "www-data"
} }
}, },
{ {
"name": "plugin oauth2 generic | acquisition", "name": "plugin 'oauthgeneric' | preparation",
"ansible.builtin.file": {
"state": "directory",
"path": "/tmp/dokuwiki-plugin-oauthgeneric"
}
},
{
"name": "plugin 'oauthgeneric' | acquisition",
"when": "var_dokuwiki_oauth2_enable", "when": "var_dokuwiki_oauth2_enable",
"ansible.builtin.get_url": { "ansible.builtin.get_url": {
"url": "https://github.com/cosmocode/dokuwiki-plugin-oauthgeneric/zipball/master", "url": "https://github.com/cosmocode/dokuwiki-plugin-oauthgeneric/zipball/master",
@ -106,24 +127,24 @@
} }
}, },
{ {
"name": "plugin oauth2 generic | extraction", "name": "plugin 'oauthgeneric' | extraction",
"when": "var_dokuwiki_oauth2_enable", "when": "var_dokuwiki_oauth2_enable",
"ansible.builtin.unarchive": { "ansible.builtin.unarchive": {
"remote_src": true, "remote_src": true,
"src": "/tmp/dokuwiki-plugin-oauth-generic.zip", "src": "/tmp/dokuwiki-plugin-oauth-generic.zip",
"dest": "/tmp" "dest": "/tmp/dokuwiki-plugin-oauthgeneric"
} }
}, },
{ {
"name": "plugin oauth2 generic | version retrieval", "name": "plugin 'oauthgeneric' | version retrieval",
"when": "var_dokuwiki_oauth2_enable", "when": "var_dokuwiki_oauth2_enable",
"ansible.builtin.shell": { "ansible.builtin.command": {
"cmd": "ls -1 /tmp/ | grep cosmocode-dokuwiki-plugin-oauthgeneric-" "cmd": "ls -1 /tmp/dokuwiki-plugin-oauthgeneric"
}, },
"register": "temp_plugin_oauth_generic_version_output" "register": "temp_plugin_oauth_generic_version_output"
}, },
{ {
"name": "plugin oauth2 generic | directory", "name": "plugin 'oauthgeneric' | directory",
"when": "var_dokuwiki_oauth2_enable", "when": "var_dokuwiki_oauth2_enable",
"become": true, "become": true,
"ansible.builtin.file": { "ansible.builtin.file": {
@ -133,21 +154,21 @@
} }
}, },
{ {
"name": "plugin oauth2 generic | emplacement", "name": "plugin 'oauthgeneric' | emplacement",
"when": "var_dokuwiki_oauth2_enable", "when": "var_dokuwiki_oauth2_enable",
"become": true, "become": true,
"ansible.builtin.copy": { "ansible.builtin.copy": {
"remote_src": true, "remote_src": true,
"src": "/tmp/{{temp_plugin_oauth_generic_version_output.stdout}}/", "src": "/tmp/dokuwiki-plugin-oauthgeneric/{{temp_plugin_oauth_generic_version_output.stdout}}/",
"dest": "{{var_dokuwiki_directory}}/lib/plugins/oauthgeneric", "dest": "{{var_dokuwiki_directory}}/lib/plugins/oauthgeneric",
"owner": "www-data" "owner": "www-data"
} }
}, },
{ {
"name": "admin user | password hash", "name": "admin user password",
"when": "var_dokuwiki_admin_user_define", "when": "var_dokuwiki_admin_user_define",
"ansible.builtin.set_fact": { "ansible.builtin.set_fact": {
"temp_password_hash": "{{var_dokuwiki_admin_user_password | ansible.builtin.password_hash(hashtype='blowfish',rounds=10)}}" "temp_password_hash": "{{var_dokuwiki_admin_user_password | ansible.builtin.password_hash(hashtype='bcrypt',rounds=12)}}"
} }
}, },
{ {

8
ansible/roles/dokuwiki/templates/conf-acl.auth.php.j2
View file

@ -1 +1,7 @@
* @ALL 8 # acl.auth.php
# <?php exit()?>
# Don't modify the lines above
#
# Access Control Lists
* @ALL 0
* @user 8

21
ansible/roles/dokuwiki/templates/conf-local.php.j2
View file

@ -1,23 +1,28 @@
<?php <?php
$conf['title'] = '{{var_dokuwiki_title}}'; $conf['title'] = '{{var_dokuwiki_title}}';
$conf['lang'] = 'en'; $conf['lang'] = '{{var_dokuwiki_language}}';
$conf['license'] = 'cc-by-sa'; $conf['license'] = '{{var_dokuwiki_licence}}';
$conf['useacl'] = 1; $conf['useacl'] = 1;
$conf['superuser'] = '@admin'; $conf['superuser'] = '@admin';
$conf['disableactions'] = 'register'; $conf['passcrypt'] = 'bcrypt';
{% if var_dokuwiki_oauth2_enable %} {% if var_dokuwiki_oauth2_enable %}
$conf['authtype'] = 'oauth'; $conf['authtype'] = 'oauth';
$conf['disableactions'] = 'resendpwd,profile,profile_delete';
$conf['plugin']['oauth']['singleService'] = 1;
$conf['plugin']['oauthgeneric']['key'] = '{{var_dokuwiki_oauth2_client_id}}'; $conf['plugin']['oauthgeneric']['key'] = '{{var_dokuwiki_oauth2_client_id}}';
$conf['plugin']['oauthgeneric']['secret'] = '{{var_dokuwiki_oauth2_client_secret}}'; $conf['plugin']['oauthgeneric']['secret'] = '{{var_dokuwiki_oauth2_client_secret}}';
$conf['plugin']['oauthgeneric']['authurl'] = '{{var_dokuwiki_oauth2_auth_url}}'; $conf['plugin']['oauthgeneric']['authurl'] = '{{var_dokuwiki_oauth2_auth_url}}';
$conf['plugin']['oauthgeneric']['tokenurl'] = '{{var_dokuwiki_oauth2_token_url}}'; $conf['plugin']['oauthgeneric']['tokenurl'] = '{{var_dokuwiki_oauth2_token_url}}';
$conf['plugin']['oauthgeneric']['userurl'] = '{{var_dokuwiki_oauth2_user_url}}'; $conf['plugin']['oauthgeneric']['userurl'] = '{{var_dokuwiki_oauth2_user_url}}';
$conf['plugin']['oauthgeneric']['scopes'] = array('openid email profile'); $conf['plugin']['oauthgeneric']['authmethod'] = 0;
$conf['plugin']['oauthgeneric']['json-user'] = '.sub'; $conf['plugin']['oauthgeneric']['scopes'] = ['openid','email','profile','groups'];
$conf['plugin']['oauthgeneric']['json-name'] = '.name'; $conf['plugin']['oauthgeneric']['needs-state'] = 1;
$conf['plugin']['oauthgeneric']['json-mail'] = '.email'; $conf['plugin']['oauthgeneric']['json-user'] = 'sub';
$conf['plugin']['oauthgeneric']['json-name'] = 'name';
$conf['plugin']['oauthgeneric']['json-mail'] = 'email';
$conf['plugin']['oauthgeneric']['json-grps'] = 'groups';
$conf['plugin']['oauthgeneric']['label'] = '{{var_dokuwiki_oauth2_title}}'; $conf['plugin']['oauthgeneric']['label'] = '{{var_dokuwiki_oauth2_title}}';
$conf['plugin']['oauthgeneric']['color'] = '#333333';
{% else %} {% else %}
$conf['authtype'] = 'authplain'; $conf['authtype'] = 'authplain';
{% endif %} {% endif %}

2
ansible/roles/dokuwiki/templates/conf-users.auth.php.j2
View file

@ -5,5 +5,5 @@
# Userfile # Userfile
{% if var_dokuwiki_admin_user_define %} {% if var_dokuwiki_admin_user_define %}
{{var_dokuwiki_admin_user_name}}:{{temp_password_hash}}:{{var_dokuwiki_admin_user_email_address}}:admin,user {{var_dokuwiki_admin_user_name}}:{{temp_password_hash}}:{{var_dokuwiki_admin_user_label}}:{{var_dokuwiki_admin_user_email_address}}:admin,user
{% endif %} {% endif %}