Digitalboard/digitalboard.core
6
2
Fork 0
Code Pull requests 1 Releases Packages Activity Actions
digitalboard.core/roles/opencloud/README.md
Simon Bärlocher 3236ca332f
docs(collection): document all roles and fix metadata drift 
Replace ansible-galaxy init placeholders across the collection and
correct documentation that drifted from the code, after a multi-agent
review of every role README against its defaults, tasks and templates.

Collection level:
- README: role table for all 16 roles, requirements and role-ordering
- galaxy.yml: declare community.docker and community.general deps,
  real description/tags/urls; normalize license to MIT-0
- meta/runtime.yml: requires_ansible '>=2.15.0'
- plugins/README: document the homarr_layout filter and
  garage_credentials lookup instead of scaffold boilerplate

Per-role meta/main.yml and README for the placeholder roles
(389ds, authentik, authentik_outpost_ldap, base, collabora, drawio,
garage, homarr, httpbin, keycloak, nextcloud, opencloud, traefik).

Correctness fixes found during review:
- keycloak: wrong domain default, drop invented keycloak_cert_resolver,
  document the provisioning feature
- garage: root_domain is .s3.<first-entry>, not the bare domain
- opnform: jwt/front_api secrets use `openssl rand -hex 32`; align the
  validation fail_msg in tasks/main.yml accordingly
- send: S3 example references garage_s3_domains[0] (was singular)
- opencloud: document required opencloud_wopi_domain

License normalized to MIT-0 across galaxy.yml, role meta and READMEs to
match the SPDX headers.
2026-05-27 23:12:24 +02:00

1.8 KiB
Raw Blame History

opencloud

Deploys OpenCloud (opencloudeu/opencloud) as a self-contained file platform via Docker Compose behind Traefik. Supports the built-in IdP or external OIDC, optional S3 storage, external LDAP, Collabora and draw.io integration, and OIDC-claim-based role assignment.

Role variables

A selection of the most relevant variables — see defaults/main.yml for the full set.

Variable Default Description
opencloud_domain opencloud.local.test FQDN the Traefik router matches.
opencloud_image opencloudeu/opencloud:latest Container image.
opencloud_port 9200 Container port Traefik forwards to.
opencloud_admin_password admin Initial admin password — override this.
opencloud_traefik_network proxy Docker network shared with Traefik.
opencloud_use_ssl true Enable the TLS resolver on the router.
opencloud_oidc_issuer "" External OIDC issuer; empty uses the built-in IdP.
opencloud_use_s3_storage false Use S3 storage instead of local disk.
opencloud_ldap_uri "" External LDAP URI; empty uses the built-in directory.
opencloud_collabora_domain "" Collabora server domain; set with opencloud_wopi_domain to enable editing.
opencloud_wopi_domain "" WOPI server FQDN; required alongside opencloud_collabora_domain.
opencloud_drawio_url "" draw.io URL; set to enable diagram editing.
opencloud_role_assignment_driver default Set to oidc to map OIDC claims to roles.

Example

- hosts: services
  become: true
  roles:
    - role: digitalboard.core.opencloud
      vars:
        opencloud_domain: "opencloud.example.com"
        opencloud_admin_password: "{{ vault_opencloud_admin_password }}"

License

MIT-0