History

Simon Bärlocher 3236ca332f docs(collection): document all roles and fix metadata drift Replace ansible-galaxy init placeholders across the collection and correct documentation that drifted from the code, after a multi-agent review of every role README against its defaults, tasks and templates. Collection level: - README: role table for all 16 roles, requirements and role-ordering - galaxy.yml: declare community.docker and community.general deps, real description/tags/urls; normalize license to MIT-0 - meta/runtime.yml: requires_ansible '>=2.15.0' - plugins/README: document the homarr_layout filter and garage_credentials lookup instead of scaffold boilerplate Per-role meta/main.yml and README for the placeholder roles (389ds, authentik, authentik_outpost_ldap, base, collabora, drawio, garage, homarr, httpbin, keycloak, nextcloud, opencloud, traefik). Correctness fixes found during review: - keycloak: wrong domain default, drop invented keycloak_cert_resolver, document the provisioning feature - garage: root_domain is .s3.<first-entry>, not the bare domain - opnform: jwt/front_api secrets use `openssl rand -hex 32`; align the validation fail_msg in tasks/main.yml accordingly - send: S3 example references garage_s3_domains[0] (was singular) - opencloud: document required opencloud_wopi_domain License normalized to MIT-0 across galaxy.yml, role meta and READMEs to match the SPDX headers.		2026-05-27 23:12:24 +02:00
..
defaults	feat: add 389ds ldap backend to keycloak	2026-03-13 10:58:40 +01:00
handlers	chore: add empty boilerplate role for 389ds	2026-03-06 17:47:50 +01:00
meta	docs(collection): document all roles and fix metadata drift	2026-05-27 23:12:24 +02:00
tasks	feat: add 389ds ldap backend to keycloak	2026-03-13 10:58:40 +01:00
templates	feat: add 389ds ldap backend to keycloak	2026-03-13 10:58:40 +01:00
tests	chore: add empty boilerplate role for 389ds	2026-03-06 17:47:50 +01:00
vars	chore: add empty boilerplate role for 389ds	2026-03-06 17:47:50 +01:00
README.md	docs(collection): document all roles and fix metadata drift	2026-05-27 23:12:24 +02:00

README.md

389ds

Deploys 389 Directory Server (389ds/dirsrv) as an LDAP directory via Docker Compose. After the container starts, the role creates the configured suffix and a set of base organizational units (e.g. users, groups).

Requirements

Docker and Docker Compose on the target host (e.g. via digitalboard.core.base)
Ansible collection: community.docker

Role variables

Variable	Default	Description
`ds389_image`	`docker.io/389ds/dirsrv:3.1`	Container image.
`ds389_suffix`	`dc=example,dc=com`	Root suffix of the directory.
`ds389_root_dn`	`cn=Directory Manager`	Directory Manager bind DN.
`ds389_root_password`	`changeme`	Directory Manager password — override this.
`ds389_instance_name`	`localhost`	Directory server instance name (slapd config dir).
`ds389_hostname`	`389ds`	Container hostname (defaults to `ds389_service_name`).
`ds389_backend_network`	`backend`	Docker network LDAP clients connect over (created by Compose).
`ds389_ldap_port`	`3389`	Published LDAP port (container port 3389).
`ds389_ldaps_port`	`3636`	Published LDAPS port (container port 3636).
`ds389_base_ous`	`[users, groups]`	Base OUs created after startup.

Example

- hosts: directory
  become: true
  roles:
    - role: digitalboard.core.389ds
      vars:
        ds389_suffix: "dc=example,dc=org"
        ds389_root_password: "{{ vault_ds389_root_password }}"

License

MIT-0