diff --git a/roles/paperless_ng/defaults/main.yml b/roles/paperless_ng/defaults/main.yml index 9b3e274..c91edf2 100644 --- a/roles/paperless_ng/defaults/main.yml +++ b/roles/paperless_ng/defaults/main.yml @@ -49,3 +49,10 @@ paperless_ocr_lang: fra # If set, paperless will look for a username sent in the provided HTTP header # If a user is found, it'll be automatically authenticated # paperless_auth_header: HTTP_REMOTE_USER + +# Paperless can detect dates PDF to add metadata. But you might want it to ignore +# some dates (like birthdays) +# paperless_ignore_dates: +# - 1986-03-29 +# - 1993-09-12 +paperless_ignore_dates: [] diff --git a/roles/paperless_ng/templates/paperless.conf.j2 b/roles/paperless_ng/templates/paperless.conf.j2 index e9d6f82..79e4c36 100644 --- a/roles/paperless_ng/templates/paperless.conf.j2 +++ b/roles/paperless_ng/templates/paperless.conf.j2 @@ -30,3 +30,6 @@ PAPERLESS_CONSUMER_SUBDIRS_AS_TAGS=True PAPERLESS_ENABLE_HTTP_REMOTE_USER=True PAPERLESS_HTTP_REMOTE_USER_HEADER_NAME={{ paperless_auth_header }} {% endif %} +{% if paperless_ignore_dates | length > 0 %} +PAPERLESS_IGNORE_DATES={{ paperless_ignore_dates | join(',') }} +{% endif %} diff --git a/roles/sssd_ad_auth/defaults/main.yml b/roles/sssd_ad_auth/defaults/main.yml index 9007d14..5cd4a8f 100644 --- a/roles/sssd_ad_auth/defaults/main.yml +++ b/roles/sssd_ad_auth/defaults/main.yml @@ -17,6 +17,9 @@ ad_force_join: False # Set to false to disable dyndns update ad_dyndns_update: True +# Set to false to disable private group +ad_private_groups: True + # sssd doesn't support cross forest approbations, but we can add the Linux box to the other domains ad_trusted_domains: "{{ samba_trusted_domains | default([]) }}" # ad_trusted_domains: diff --git a/roles/sssd_ad_auth/templates/sssd.conf.j2 b/roles/sssd_ad_auth/templates/sssd.conf.j2 index 43b89ac..9bcf296 100644 --- a/roles/sssd_ad_auth/templates/sssd.conf.j2 +++ b/roles/sssd_ad_auth/templates/sssd.conf.j2 @@ -36,6 +36,9 @@ ad_gpo_access_control = {{ ad_gpo_access_control }} {% if not ad_dyndns_update %} dyndns_update = false {% endif %} +{% if ad_private_groups %} +auto_private_groups = true +{% endif %} {% for domain in ad_trusted_domains %}