fix

apps/wordpress/index.yaml

@@ -120,6 +120,7 @@ options:
   config:
     default:
       admin_name: wordpress_admin
+      extra_admins: ''
       is_debug: false
       locale: fr_FR
       locales: fr_FR en_US
@@ -128,6 +129,7 @@ options:
       themes: ''
     examples:
     - admin_name: wordpress_admin
+      extra_admins: ''
       is_debug: false
       locale: fr_FR
       locales: fr_FR en_US
@@ -138,6 +140,9 @@ options:
       admin_name:
         default: wordpress_admin
         type: string
+      extra_admins:
+        default: ''
+        type: string
       is_debug:
         default: false
         type: boolean
@@ -462,6 +467,16 @@ options:
     examples:
     - 1
     type: integer
+  sso:
+    default:
+      name: vynil
+    examples:
+    - name: vynil
+    properties:
+      name:
+        default: vynil
+        type: string
+    type: object
   storage:
     default:
       ndb:

apps/wordpress/presentation.tf

@@ -11,7 +11,7 @@ locals {
   dns_name = "${var.sub_domain}.${var.domain_name}"
   dns_names = [local.dns_name]
   app_name = var.component == var.instance ? var.instance : format("%s-%s", var.component, var.instance)
-  icon              = "logo192.png"
+  icon              = "wp-admin/load-styles.php?c=0&dir=ltr&load%5Bchunk_0%5D=dashicons,admin-bar,common,forms,admin-menu,dashboard,list-tables,edit,revisions,media,themes,about,nav-menus,wp-pointer,widgets&load%5Bchunk_1%5D=,site-icon,l10n,buttons,wp-auth-check"
   request_headers = {
     "Content-Type"  = "application/json"
     Authorization   = "Bearer ${data.kubernetes_secret_v1.authentik.data["AUTHENTIK_BOOTSTRAP_TOKEN"]}"

apps/wordpress/wordpress_ConfigMap.tf

@@ -19,6 +19,7 @@ resource "kubectl_manifest" "wordpress_cfg" {
       WORDPRESS_THEMES: "${var.config.themes}"
       WORDPRESS_THEME: "${var.config.theme}"
       WORDPRESS_LOCALES: "${var.config.locales}"
+      WORDPRESS_ADMINS: "${var.config.extra_admins}"
       WORDPRESS_LOCALE: "${var.config.locale}"
       WORDPRESS_CONFIG_EXTRA: |
         #### general settings
@@ -77,6 +78,16 @@ resource "kubectl_manifest" "wordpress_files" {
           wp language plugin install --all $WORDPRESS_LOCALE
           wp language core activate $WORDPRESS_LOCALE
         fi
+        if wp option get mo_oauth_apps_list >/dev/null 2>&1;then
+          wp option update --format=json mo_oauth_apps_list "$WORDPRESS_SSO_CONFIG"
+        else
+          wp option add --format=json mo_oauth_apps_list "$WORDPRESS_SSO_CONFIG"
+        fi
+        for ADMIN in $(echo "$WORDPRESS_ADMINS"|sed 's/;/ /g;s/,/ /g');do
+          if wp user get $ADMIN >/dev/null 2>&1;then
+            wp user add-role $ADMIN administrator
+          fi
+        done
         wp core update-db
       wp-cli: |-
         #!/bin/sh

apps/wordpress/wordpress_Secret.tf

@@ -43,6 +43,27 @@ resource "random_password" "ADM_PASS" {
   special          = false
 }
 
+locals {
+  sso_config = {
+    "${var.sso.name}" = {
+      "ssoprotocol" ="oauth"
+      "apptype" = "oauth"
+      "send_headers" = "1"
+      "send_body" = "0"
+      "send_state" = 1
+      "show_on_login_page" = 1
+      "appId" = "vynil"
+      "scope" = "email openid profile"
+      "username_attr" = "preferred_username"
+      "clientid" = module.oauth2.client_id
+      "clientsecret" = module.oauth2.client_secret
+      "redirecturi" = "https://${local.dns_name}"
+      "authorizeurl" = module.oauth2.sso_authorize_url
+      "accesstokenurl" = module.oauth2.sso_token_url
+      "resourceownerdetailsurl" = module.oauth2.sso_userinfo_url
+    }
+  }
+}
 resource "kubectl_manifest" "secret" {
   yaml_body  = <<-EOF
     apiVersion: v1
@@ -63,6 +84,7 @@ resource "kubectl_manifest" "secret" {
       WORDPRESS_DB_PASSWORD: "${random_password.mysql_comp_pass.result}"
       WORDPRESS_ADMIN_NAME: "${var.config.admin_name}"
       WORDPRESS_ADMIN_PASSWORD: "${random_password.ADM_PASS.result}"
+      WORDPRESS_SSO_CONFIG: "${jsonencode(local.sso_config)}"
 EOF
 }