44 lines
No EOL
1.7 KiB
YAML
44 lines
No EOL
1.7 KiB
YAML
nextcloud_collabora_disable_cert_verification: true
|
|
nextcloud_allow_local_remote_servers: true # Allow requests to local network in Vagrant
|
|
nextcloud_oidc_allow_selfsigned: true # Allow self-signed certs for OIDC in Vagrant
|
|
|
|
# S3 storage configuration using Garage
|
|
nextcloud_use_s3_storage: true
|
|
nextcloud_s3_key: "{{ lookup('digitalboard.core.garage_credentials', 'nextcloud', host='backend')['key_id'] }}"
|
|
nextcloud_s3_secret: "{{ lookup('digitalboard.core.garage_credentials', 'nextcloud', host='backend')['secret_key'] }}"
|
|
nextcloud_s3_bucket: "nextcloud"
|
|
nextcloud_s3_host: "{{ hostvars['backend']['garage_s3_domain'] }}"
|
|
nextcloud_s3_port: 80
|
|
nextcloud_s3_ssl: false
|
|
nextcloud_s3_usepath_style: true
|
|
|
|
# Extra hosts for container DNS resolution (Vagrant only)
|
|
nextcloud_extra_hosts:
|
|
- "storage.local.test:192.168.56.11"
|
|
- "keycloak.local.test:192.168.56.11"
|
|
- "authentik.local.test:192.168.56.11"
|
|
|
|
# OIDC providers for login
|
|
nextcloud_oidc_providers:
|
|
- identifier: keycloak
|
|
display_name: "Login with Keycloak"
|
|
client_id: "nextcloud"
|
|
client_secret: "nextcloud-secret-change-in-production"
|
|
discovery_url: "https://keycloak.local.test/realms/vagrant/.well-known/openid-configuration"
|
|
scope: "openid email profile"
|
|
unique_uid: true
|
|
mapping:
|
|
uid: preferred_username
|
|
display_name: name
|
|
email: email
|
|
- identifier: authentik
|
|
display_name: "Login with Authentik"
|
|
client_id: "test1234"
|
|
client_secret: "test1234"
|
|
discovery_url: "https://authentik.local.test/application/o/nextcloud/.well-known/openid-configuration"
|
|
scope: "openid email profile"
|
|
unique_uid: true
|
|
mapping:
|
|
uid: preferred_username
|
|
display_name: name
|
|
email: email |