Simon Bärlocher 03bf0efe44

docs(collection): document all roles and fix metadata drift

Replace ansible-galaxy init placeholders across the collection and
correct documentation that drifted from the code, after a multi-agent
review of every role README against its defaults, tasks and templates.

Collection level:
- README: role table for all 16 roles, requirements and role-ordering
- galaxy.yml: declare community.docker and community.general deps,
  real description/tags/urls; normalize license to MIT-0
- meta/runtime.yml: requires_ansible '>=2.15.0'
- plugins/README: document the homarr_layout filter and
  garage_credentials lookup instead of scaffold boilerplate

Per-role meta/main.yml and README for the placeholder roles
(389ds, authentik, authentik_outpost_ldap, base, collabora, drawio,
garage, homarr, httpbin, keycloak, nextcloud, opencloud, traefik).

Correctness fixes found during review:
- keycloak: wrong domain default, drop invented keycloak_cert_resolver,
  document the provisioning feature
- garage: root_domain is .s3.<first-entry>, not the bare domain
- opnform: jwt/front_api secrets use `openssl rand -hex 32`; align the
  validation fail_msg in tasks/main.yml accordingly
- send: S3 example references garage_s3_domains[0] (was singular)
- opencloud: document required opencloud_wopi_domain

License normalized to MIT-0 across galaxy.yml, role meta and READMEs to
match the SPDX headers.

2026-05-27 22:33:42 +02:00

1.5 KiB

Raw Blame History

389ds

Deploys 389 Directory Server (389ds/dirsrv) as an LDAP directory via Docker Compose. After the container starts, the role creates the configured suffix and a set of base organizational units (e.g. users, groups).

Requirements

Docker and Docker Compose on the target host (e.g. via digitalboard.core.base)
Ansible collection: community.docker

Role variables

Variable	Default	Description
`ds389_image`	`docker.io/389ds/dirsrv:3.1`	Container image.
`ds389_suffix`	`dc=example,dc=com`	Root suffix of the directory.
`ds389_root_dn`	`cn=Directory Manager`	Directory Manager bind DN.
`ds389_root_password`	`changeme`	Directory Manager password — override this.
`ds389_instance_name`	`localhost`	Directory server instance name (slapd config dir).
`ds389_hostname`	`389ds`	Container hostname (defaults to `ds389_service_name`).
`ds389_backend_network`	`backend`	Docker network LDAP clients connect over (created by Compose).
`ds389_ldap_port`	`3389`	Published LDAP port (container port 3389).
`ds389_ldaps_port`	`3636`	Published LDAPS port (container port 3636).
`ds389_base_ous`	`[users, groups]`	Base OUs created after startup.

Example

- hosts: directory
  become: true
  roles:
    - role: digitalboard.core.389ds
      vars:
        ds389_suffix: "dc=example,dc=org"
        ds389_root_password: "{{ vault_ds389_root_password }}"

License

MIT-0

1.5 KiB Raw Blame History