From acfa9c0745ab821b0045f549064ee5605405598b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20Fra=C3=9F?= <frass@greenscale.de>
Date: Mon, 18 Dec 2023 08:14:07 +0100
Subject: [PATCH] [add] role:authelia-for-dokuwiki

---
 .../authelia-for-dokuwiki/defaults/main.json  |  5 ++++
 ansible/roles/authelia-for-dokuwiki/info.md   |  3 ++
 .../authelia-for-dokuwiki/tasks/main.json     | 25 +++++++++++++++++
 .../templates/authelia-client-conf.json.j2    | 28 +++++++++++++++++++
 4 files changed, 61 insertions(+)
 create mode 100644 ansible/roles/authelia-for-dokuwiki/defaults/main.json
 create mode 100644 ansible/roles/authelia-for-dokuwiki/info.md
 create mode 100644 ansible/roles/authelia-for-dokuwiki/tasks/main.json
 create mode 100644 ansible/roles/authelia-for-dokuwiki/templates/authelia-client-conf.json.j2

diff --git a/ansible/roles/authelia-for-dokuwiki/defaults/main.json b/ansible/roles/authelia-for-dokuwiki/defaults/main.json
new file mode 100644
index 0000000..66adc78
--- /dev/null
+++ b/ansible/roles/authelia-for-dokuwiki/defaults/main.json
@@ -0,0 +1,5 @@
+{
+	"var_authelia_for_dokuwiki_dokuwiki_url_base": "https://dokuwiki.example.org",
+	"var_authelia_for_dokuwiki_client_id": "dokuwiki",
+	"var_authelia_for_dokuwiki_client_secret": "REPLACE_ME"
+}
diff --git a/ansible/roles/authelia-for-dokuwiki/info.md b/ansible/roles/authelia-for-dokuwiki/info.md
new file mode 100644
index 0000000..71fc4ff
--- /dev/null
+++ b/ansible/roles/authelia-for-dokuwiki/info.md
@@ -0,0 +1,3 @@
+## Beschreibung
+
+Um [DokuWiki](../dokuwiki) gegen [Authelia](../authelia) authentifizieren zu lassen
diff --git a/ansible/roles/authelia-for-dokuwiki/tasks/main.json b/ansible/roles/authelia-for-dokuwiki/tasks/main.json
new file mode 100644
index 0000000..9bcb960
--- /dev/null
+++ b/ansible/roles/authelia-for-dokuwiki/tasks/main.json
@@ -0,0 +1,25 @@
+[
+	{
+		"name": "configuration | emplace",
+		"become": true,
+		"ansible.builtin.template": {
+			"src": "authelia-client-conf.json.j2",
+			"dest": "/etc/authelia/conf.d/clients/dokuwiki.json"
+		}
+	},
+	{
+		"name": "configuration | apply",
+		"become": true,
+		"ansible.builtin.command": {
+			"cmd": "/usr/bin/authelia-conf-compose"
+		}
+	},
+	{
+		"name": "restart service",
+		"become": true,
+		"ansible.builtin.systemd_service": {
+			"state": "restarted",
+			"name": "authelia"
+		}
+	}
+]
diff --git a/ansible/roles/authelia-for-dokuwiki/templates/authelia-client-conf.json.j2 b/ansible/roles/authelia-for-dokuwiki/templates/authelia-client-conf.json.j2
new file mode 100644
index 0000000..4540de7
--- /dev/null
+++ b/ansible/roles/authelia-for-dokuwiki/templates/authelia-client-conf.json.j2
@@ -0,0 +1,28 @@
+{
+	"id": "{{var_authelia_for_dokuwiki_client_id}}",
+	"description": "DokuWiki",
+	"secret": "{{var_authelia_for_dokuwiki_client_secret}}",
+	"public": false,
+	"authorization_policy": "one_factor",
+	"scopes": [
+		"openid",
+		"email",
+		"profile"
+	],
+	"redirect_uris": [
+		"{{var_authelia_for_dokuwiki_dokuwiki_url_base}}/doku.php"
+	],
+	"grant_types": [
+		"refresh_token",
+		"authorization_code"
+	],
+	"response_types": [
+		"code"
+	],
+	"response_modes": [
+		"form_post",
+		"query",
+		"fragment"
+	],
+	"userinfo_signing_algorithm": "none"
+}