feat: add drawio instance for nextcloud and opencloud

Signed-off-by: Bert-Jan Fikse <bert-jan@whatwedo.ch>
2026-03-13 14:37:02 +01:00 · 2026-03-13 14:37:02 +01:00 · 4811b4657f
commit 4811b4657f
parent e976ff37c9
6 changed files with 37 additions and 2 deletions
--- a/inventories/vagrant/host_vars/backend/drawio.yml
+++ b/inventories/vagrant/host_vars/backend/drawio.yml
@ -0,0 +1 @@
 drawio_domain: "drawio.local.test"
--- a/inventories/vagrant/host_vars/backend/nextcloud.yml
+++ b/inventories/vagrant/host_vars/backend/nextcloud.yml
@ -1,4 +1,18 @@
 nextcloud_collabora_disable_cert_verification: true
 # Draw.io integration
 nextcloud_enable_drawio: true
 nextcloud_drawio_url: "https://drawio.local.test"
 # Apps to install (override defaults to include drawio)
 nextcloud_apps_to_install:
  - groupfolders
  - richdocuments
  - spreed
  - user_ldap
  - user_oidc
  - whiteboard
  - drawio
 nextcloud_allow_local_remote_servers: true  # Allow requests to local network in Vagrant
 nextcloud_oidc_allow_selfsigned: true  # Allow self-signed certs for OIDC in Vagrant
--- a/inventories/vagrant/host_vars/backend/opencloud.yml
+++ b/inventories/vagrant/host_vars/backend/opencloud.yml
@ -5,6 +5,7 @@ opencloud_extra_hosts:
  - "keycloak.local.test:host-gateway"
  - "storage.local.test:192.168.56.11"
  - "office.local.test:host-gateway"
  - "drawio.local.test:host-gateway"
  - "389ds:192.168.56.11"
 # OIDC configuration (Keycloak)
@ -31,6 +32,11 @@ opencloud_ldap_bind_password: "admin"
 opencloud_ldap_user_base_dn: "ou=users,dc=local,dc=test"
 opencloud_ldap_group_base_dn: "ou=groups,dc=local,dc=test"
-# Allow OpenCloud to connect to Keycloak for OIDC discovery
+# Draw.io integration
 opencloud_drawio_url: "https://drawio.local.test"
 # CSP configuration
 opencloud_csp_extra_connect_src:
-  - "https://keycloak.local.test/"
+  - "https://keycloak.local.test/"
 opencloud_csp_extra_frame_src:
  - "https://drawio.local.test/"
--- a/inventories/vagrant/host_vars/backend/traefik.yml
+++ b/inventories/vagrant/host_vars/backend/traefik.yml
@ -28,6 +28,10 @@ traefik_dmz_exposed_services:
    domain: opencloud.local.test
    port: 443
    protocol: https
  - name: drawio
    domain: drawio.local.test
    port: 443
    protocol: https
  # Example: Add more services as you deploy them
  # - name: forgejo
  #   domain: git.example.com
--- a/inventories/vagrant/hosts.yml
+++ b/inventories/vagrant/hosts.yml
@ -69,6 +69,10 @@ all:
      hosts:
        backend:
    drawio_servers:
      hosts:
        backend:
    opencloud_servers:
      hosts:
        backend:
--- a/playbooks/site.yml
+++ b/playbooks/site.yml
@ -53,6 +53,12 @@
  roles:
    - digitalboard.core.authentik
 - name: Deploy drawio service
  hosts: drawio_servers
  become: yes
  roles:
    - digitalboard.core.drawio
 - name: Deploy opencloud service
  hosts: opencloud_servers
  become: yes