2022-08-16 15:28:29 +02:00
|
|
|
# {{ ansible_managed }}
|
2022-07-19 14:26:08 +02:00
|
|
|
PODMAN_ARGS="\
|
|
|
|
--name 'cadoles-pod-hydra-v1' \
|
|
|
|
--replace \
|
|
|
|
--network=slirp4netns:allow_host_loopback=true \
|
|
|
|
-p 127.0.0.1:4444:4444 \
|
|
|
|
-p 127.0.0.1:4445:4445 \
|
|
|
|
--tmpfs /tmp \
|
2022-08-04 13:49:15 +02:00
|
|
|
--tz=local \
|
2022-07-19 14:26:08 +02:00
|
|
|
-e 'HYDRA_DSN=mysql://{{ hydra_database_user }}:{{ hydra_database_password }}@tcp({{ hydra_database_host }}:{{ hydra_database_port }})/{{ hydra_database_name }}?parseTime=true' \
|
2022-07-21 14:19:23 +02:00
|
|
|
-e 'LOG_LEVEL={{ hydra_log_level }}' \
|
|
|
|
-e 'LOG_LEAK_SENSITIVE_VALUES={{ hydra_log_leak_sensitive_values }}' \
|
|
|
|
-e 'HYDRA_URLS_SELF_ISSUER={{ hydra_urls_self_issuer_url }}' \
|
|
|
|
-e 'HYDRA_URLS_CONSENT={{ hydra_urls_consent }}' \
|
|
|
|
-e 'HYDRA_URLS_LOGIN={{ hydra_urls_login }}' \
|
|
|
|
-e 'HYDRA_URLS_LOGOUT={{ hydra_urls_logout }}' \
|
2023-01-24 14:11:25 +01:00
|
|
|
-e 'HYDRA_URLS_ERROR={{ hydra_urls_error }}' \
|
2022-11-18 12:12:33 +01:00
|
|
|
-e 'HYDRA_URL_POST_LOGOUT={{ hydra_url_post_logout }}' \
|
2022-07-21 14:19:23 +02:00
|
|
|
-e 'HYDRA_ALLOW_INSECURE=yes' \
|
|
|
|
-e 'HYDRA_LEVEL={{ hydra_log_level }}' \
|
2023-10-09 10:57:30 +02:00
|
|
|
-e 'TTL_REFRESH_TOKEN={{ hydra_ttl_refresh_token }}'\
|
2023-06-20 21:48:44 +02:00
|
|
|
{% if hydra_public_cors_allowed_origins | default([]) | length > 0 %}
|
|
|
|
-e 'SERVE_PUBLIC_CORS_ENABLED=true' \
|
|
|
|
-e 'SERVE_PUBLIC_CORS_ALLOWED_ORIGINS={{ hydra_public_cors_allowed_origins | join(',') }}' \
|
|
|
|
{% endif %}
|
2022-07-21 14:19:23 +02:00
|
|
|
-e 'HYDRA_SECRETS_SYSTEM={{ lookup('ansible.builtin.password', '/dev/null length=32 seed=hydra_secrets_seed') }}' \
|
|
|
|
-e 'HYDRA_OIDC_SUBJECT_IDENTIFIERS_PAIRWISE_SALT={{ lookup('ansible.builtin.password', '/dev/null length=32 seed=hydra_secrets_seed') }}' \
|
2023-11-13 11:12:03 +01:00
|
|
|
-e 'HYDRA_BCRYPT_COST={{ hydra_bcrypt_cost }}' \
|
2022-07-19 14:26:08 +02:00
|
|
|
-v /etc/hydra/clients.d:/etc/hydra/clients.d \
|
2022-11-18 12:12:33 +01:00
|
|
|
"
|