# Ansible Collection - enbewe.uffd
Collecion to deploy [uffd (**U**ser**F**erwaltungs**F**ronten**d**)](https://git.cccv.de/uffd/uffd) as OAuth/OIDC authentication service.

## Playbooks
### enbewe.uffd.build
Deploys the role `enbewe.uffd.build` to all hosts of the `uffd` group.

### enbewe.uffd.deploy
Deploys the role `enbewe.uffd.uffd` to all hosts of the `uffd` group.

## Roles
### enbewe.uffd.build
Creates the current image of uffd. The image is tagged with the current timestamp as well as 'latest'.
This role could probably replaced by some build- and publishing job.

#### Optional Variables

**uffd_build_tempdir** *(Default: '/tmp/podman-uffd-build')*
Path to use for building the uffd OCI container in. This path will be created as needed and removed again afterwards.

**uffd_build_debian_version** *(Default: 'bullseye')*
The debian version name to use for the uffd container.

**uffd_build_force_rebuild** *(Default: false)*
Flag to force the reduilding of the uffd container even if it already exists.

**uffd_build_tag_latest** *(Default: true)*
Flag to disable tagging the built image as `latest`.

### enbewe.uffd.uffd
Deploys uffd through a podman container.
Additionally deploys an nginx container as a HTTP server for static files as well as uWSGI proxy.

#### Required variables

**uffd_secret_key**
The secret key to use for uffd data.

**uffd_initial_admin_user**
Name of the initial admin user.

**uffd_initial_admin_pw**
Password of the initial admin user.

**uffd_initial_admin_mail**
E-Mail address of the initial admin user.

#### Optional Variables

**uffd_podman_network** *(Default: 'uffd-net')*
Name of the podman network to use for uffd container and the nginx server.

**uffd_conf_dir** *(Default: '/etc/uffd')*
The directory to use for config files.

**uffd_static_files_volume** *(Default: 'uffd-static-files')*
The name of the podman volume to use for the static files of the uffd.

**uffd_data_volume** *(Default: 'uffd-data')*
The name of the podman volume to use for the runtime data of uffd.