b951d9542e
Removed Zitadel identity provider due to:
- Critical bugs with FirstInstance initialization in v2.63.7
- Requirement for manual setup (not scalable for multi-tenant)
- User preference for Authentik in future
Changes:
- Removed entire Zitadel Ansible role and all tasks
- Removed Zitadel agent configuration (.claude/agents/zitadel.md)
- Updated deploy.yml playbook (removed Zitadel role)
- Updated architecture decisions document
- Updated PROJECT_REFERENCE.md (removed Zitadel sections)
- Updated README.md (removed Zitadel references)
- Cleaned up Zitadel deployment from test server
- Updated secrets file (removed Zitadel credentials)
Architecture now focuses on:
- Nextcloud as standalone file sync/collaboration platform
- May add Authentik or other identity provider in future if needed
🤖 Generated with Claude Code
Co-Authored-By: Claude <noreply@anthropic.com>
38 lines
1,004 B
YAML
38 lines
1,004 B
YAML
---
|
|
# Deploy applications to client servers
|
|
# This playbook deploys Nextcloud and other applications
|
|
|
|
- name: Deploy applications to client servers
|
|
hosts: all
|
|
become: yes
|
|
|
|
pre_tasks:
|
|
- name: Gather facts
|
|
setup:
|
|
|
|
- name: Determine client name from hostname
|
|
set_fact:
|
|
client_name: "{{ inventory_hostname }}"
|
|
|
|
- name: Load client secrets
|
|
community.sops.load_vars:
|
|
file: "{{ playbook_dir }}/../../secrets/clients/{{ client_name }}.sops.yaml"
|
|
name: client_secrets
|
|
age_key: "{{ lookup('env', 'SOPS_AGE_KEY_FILE') }}"
|
|
no_log: true
|
|
|
|
- name: Set client domain from secrets
|
|
set_fact:
|
|
client_domain: "{{ client_secrets.client_domain }}"
|
|
when: client_secrets.client_domain is defined
|
|
|
|
roles:
|
|
- role: nextcloud
|
|
|
|
post_tasks:
|
|
- name: Display deployment summary
|
|
debug:
|
|
msg: |
|
|
Deployment complete for client: {{ client_name }}
|
|
|
|
Nextcloud: https://nextcloud.{{ client_domain }}
|