feat: opencloud group provisioning via oidc

Signed-off-by: Bert-Jan Fikse <bert-jan@whatwedo.ch>

roles/opencloud/templates/docker-compose.yml.j2

@@ -35,6 +35,12 @@ services:
       PROXY_CSP_CONFIG_FILE_OVERRIDE_LOCATION: "/etc/opencloud/csp-override.yaml"
 {% endif %}
       IDM_ADMIN_PASSWORD: "{{ opencloud_admin_password }}"
+{% if opencloud_role_assignment_driver == "oidc" %}
+      PROXY_ROLE_ASSIGNMENT_DRIVER: "oidc"
+      PROXY_ROLE_ASSIGNMENT_OIDC_CLAIM: "{{ opencloud_role_assignment_oidc_claim }}"
+      GRAPH_ASSIGN_DEFAULT_USER_ROLE: "false"
+      SETTINGS_SETUP_DEFAULT_ASSIGNMENTS: "false"
+{% endif %}
 {% if opencloud_oidc_issuer %}
       OC_OIDC_ISSUER: "{{ opencloud_oidc_issuer }}"
       OC_OIDC_CLIENT_ID: "{{ opencloud_oidc_client_id }}"