feat: add s3 storage provisioning for opencloud

Signed-off-by: Bert-Jan Fikse <bert-jan@whatwedo.ch>
2026-03-05 16:24:12 +01:00 · 2026-03-05 16:24:12 +01:00 · 6e115c20c7
commit 6e115c20c7
parent ad1f8a1999
2 changed files with 13 additions and 1 deletions
--- a/inventories/vagrant/host_vars/backend/garage.yml
+++ b/inventories/vagrant/host_vars/backend/garage.yml
@ -17,4 +17,8 @@ garage_s3_keys:
   - name: "nextcloud-backup"
     buckets:
       - name: "nextcloud"
-         permissions: ["read"]
+         permissions: ["read"]
   - name: "opencloud"
     buckets:
       - name: "opencloud"
         permissions: ["read", "write"]
--- a/inventories/vagrant/host_vars/backend/opencloud.yml
+++ b/inventories/vagrant/host_vars/backend/opencloud.yml
@ -3,6 +3,7 @@ opencloud_admin_password: "admin"
 opencloud_extra_hosts:
  - "opencloud.local.test:host-gateway"
  - "keycloak.local.test:host-gateway"
  - "storage.local.test:192.168.56.11"
 # OIDC configuration (Keycloak)
 opencloud_oidc_issuer: "https://keycloak.local.test/realms/vagrant"
@ -10,6 +11,13 @@ opencloud_oidc_client_id: "opencloud"
 opencloud_oidc_client_secret: "opencloud-secret-change-in-production"
 opencloud_oidc_account_edit_url: "https://keycloak.local.test/realms/vagrant/account"
 # S3 storage configuration using Garage
 opencloud_use_s3_storage: true
 opencloud_s3_endpoint: "http://{{ hostvars['backend']['garage_s3_domain'] }}"
 opencloud_s3_access_key: "{{ lookup('digitalboard.core.garage_credentials', 'opencloud', host='backend')['key_id'] }}"
 opencloud_s3_secret_key: "{{ lookup('digitalboard.core.garage_credentials', 'opencloud', host='backend')['secret_key'] }}"
 opencloud_s3_bucket: "opencloud"
 # Allow OpenCloud to connect to Keycloak for OIDC discovery
 opencloud_csp_extra_connect_src:
  - "https://keycloak.local.test/"