ansible-role-sso/doc/overview.plantuml

@startuml

!theme vibrant
skinparam linetype ortho
left to right direction

package "External Ports (0.0.0.0)" as ExternalPorts {
    interface "tcp/80 (HTTP)" as PortServerHTTP
}

node "SSO Server" as SSOServer {
    package "Internal Ports (127.0.0.1)" as InternalPorts {
        interface "tcp/4444 (Hydra Public)" as PortHydraPublic
        interface "tcp/4445 (Hydra Admin)" as PortHydraAdmin
        interface "tcp/3000 (Hydra Dispatcher)" as PortHydraDispatcher
        interface "tcp/3001 (Hydra Passwordless)" as PortHydraPasswordless
        interface "tcp/3002 (Shibboleth SP)" as PortShibbolethSP
        interface "tcp/3003 (Hydra Remote User)" as PortHydraRemoteUser
    }

    package "Containers" as Containers {
        [cadoles-pod-hydra-v1] as ContainerHydra
        [cadoles-pod-hydra-dispatcher-v1] as ContainerHydraDispatcher
        [cadoles-pod-hydra-passwordless-v1] as ContainerHydraPasswordless
        [cadoles-pod-hydra-remote-user-v1] as ContainerHydraRemoteUser
        [cadoles-pod-shibboleth-sp-v3] as ContainerShibbolethSP
    }

    package "Files" as Filesystem {
        frame "/etc/haproxy/haproxy.cfg" as HAProxyConfFile
        frame "/etc/cadoles-pod-hydra-v1.conf" as HydraConfFile
        frame "/etc/cadoles-pod-hydra-dispatcher-v1.conf" as HydraDispatcherConfFile
        frame "/etc/hydra-dispatcher/conf.d/*.yml" as HydraDispatcherAppsConfFile
        frame "/etc/hydra/clients.d/*.json" as HydraClientConfFile
        frame "/etc/cadoles-pod-hydra-remote-user-v1.conf" as HydraRemoteUserConfFile
        frame "/etc/hydra-remote-user/conf.d/*.yml" as HydraRemoteUserMappingsConfFile
        frame "/etc/cadoles-pod-hydra-passwordless-v1.conf" as HydraPasswordlessConfFile
        frame "/etc/cadoles-pod-shibboleth-sp-v3.conf" as ShibbolethSPConfFile
        frame "/etc/shibboleth/credentials/*" as ShibbolethSPCredentialsFile
    }

    package "Packages" as Packages {
        [cadoles-pod-hydra-v1] as PackageHydra
        [cadoles-pod-hydra-dispatcher-v1] as PackageHydraDispatcher
        [cadoles-pod-hydra-remote-user-v1] as PackageHydraRemoteUser
        [cadoles-pod-hydra-shibboleth-sp-v3] as PackageShibbolethSP
        [cadoles-pod-hydra-passwordless-v1] as PackageHydraPasswordless
        [haproxy] as PackageHAProxy
    }

    package "Services" as Services {
        [cadoles-pod-hydra-v1] as ServiceHydra
        [cadoles-pod-hydra-dispatcher-v1] as ServiceHydraDispatcher
        [cadoles-pod-shibboleth-sp-v3] as ServiceShibbolethSP
        [cadoles-pod-hydra-remote-user-v1] as ServiceHydraRemoteUser
        [cadoles-pod-hydra-passwordless-v1] as ServiceHydraPasswordless
        [haproxy] as ServiceHAProxy
    }

    PackageHAProxy ..up.> PortServerHTTP: binds

    ServiceHAProxy ...> PortHydraPublic : exposes (/)
    ServiceHAProxy ...> PortHydraDispatcher : exposes (/auth/dispatcher)
    ServiceHAProxy ...> PortHydraPasswordless : exposes (/auth/passwordless)
    ServiceHAProxy ...> PortShibbolethSP : exposes (/auth/saml)

    ContainerHydra ...> PortHydraPublic : binds
    ContainerHydra ...> PortHydraAdmin : binds
    ContainerHydraDispatcher ...> PortHydraDispatcher : binds
    ContainerShibbolethSP ...> PortShibbolethSP : binds
    ContainerHydraPasswordless ...> PortHydraPasswordless : binds
    ContainerHydraRemoteUser ...> PortHydraRemoteUser : binds
    ContainerShibbolethSP ..> PortHydraRemoteUser : proxies

    ServiceHydra ...> ContainerHydra: manages
    ServiceHydraDispatcher ...> ContainerHydraDispatcher: manages
    ServiceShibbolethSP ...> ContainerShibbolethSP: manages
    ServiceHydraPasswordless ...> ContainerHydraPasswordless: manages
    ServiceHydraRemoteUser ...> ContainerHydraRemoteUser: manages

    ContainerHydra ...> HydraConfFile : uses
    ContainerHydra ...> HydraClientConfFile : uses
    ContainerHydraDispatcher ...> HydraDispatcherConfFile : uses
    ContainerHydraDispatcher ...> HydraDispatcherAppsConfFile : uses
    ContainerHydraPasswordless ...> HydraPasswordlessConfFile : uses
    ContainerHydraRemoteUser ...> HydraRemoteUserConfFile : uses
    ContainerHydraRemoteUser ...> HydraRemoteUserMappingsConfFile : uses
    ContainerShibbolethSP ...> ShibbolethSPConfFile : uses
    ContainerShibbolethSP ...> ShibbolethSPCredentialsFile : creates

    PackageHAProxy ...> HAProxyConfFile : deploys
    PackageHydra ...> HydraConfFile : deploys
    PackageHydraDispatcher ...> HydraDispatcherConfFile : deploys
    PackageHydraRemoteUser ...> HydraRemoteUserConfFile : deploys
    PackageShibbolethSP ...> ShibbolethSPConfFile : deploys
    
    PackageHAProxy ...> ServiceHAProxy : deploys
    PackageHydra ...> ServiceHydra : deploys
    PackageHydraDispatcher ...> ServiceHydraDispatcher : deploys
    PackageHydraRemoteUser ...> ServiceHydraRemoteUser : deploys
    PackageHydraPasswordless ...> ServiceHydraPasswordless : deploys

    PackageHydra ...> ContainerHydra : deploys
    PackageHydraDispatcher ...> ContainerHydraDispatcher : deploys
    PackageHydraRemoteUser ...> ContainerHydraRemoteUser : deploys
    PackageShibbolethSP ...> ContainerShibbolethSP : deploys
    PackageHydraPasswordless ...> ContainerHydraPasswordless : deploys
}

@enduml
feat: initial commit 2022-07-19 14:26:08 +02:00			`@startuml`

			`!theme vibrant`
			`skinparam linetype ortho`
			`left to right direction`

			`package "External Ports (0.0.0.0)" as ExternalPorts {`
			`interface "tcp/80 (HTTP)" as PortServerHTTP`
			`}`

			`node "SSO Server" as SSOServer {`
			`package "Internal Ports (127.0.0.1)" as InternalPorts {`
			`interface "tcp/4444 (Hydra Public)" as PortHydraPublic`
			`interface "tcp/4445 (Hydra Admin)" as PortHydraAdmin`
			`interface "tcp/3000 (Hydra Dispatcher)" as PortHydraDispatcher`
			`interface "tcp/3001 (Hydra Passwordless)" as PortHydraPasswordless`
			`interface "tcp/3002 (Shibboleth SP)" as PortShibbolethSP`
			`interface "tcp/3003 (Hydra Remote User)" as PortHydraRemoteUser`
			`}`

			`package "Containers" as Containers {`
			`[cadoles-pod-hydra-v1] as ContainerHydra`
			`[cadoles-pod-hydra-dispatcher-v1] as ContainerHydraDispatcher`
			`[cadoles-pod-hydra-passwordless-v1] as ContainerHydraPasswordless`
			`[cadoles-pod-hydra-remote-user-v1] as ContainerHydraRemoteUser`
			`[cadoles-pod-shibboleth-sp-v3] as ContainerShibbolethSP`
			`}`

			`package "Files" as Filesystem {`
			`frame "/etc/haproxy/haproxy.cfg" as HAProxyConfFile`
			`frame "/etc/cadoles-pod-hydra-v1.conf" as HydraConfFile`
			`frame "/etc/cadoles-pod-hydra-dispatcher-v1.conf" as HydraDispatcherConfFile`
			`frame "/etc/hydra-dispatcher/conf.d/*.yml" as HydraDispatcherAppsConfFile`
			`frame "/etc/hydra/clients.d/*.json" as HydraClientConfFile`
			`frame "/etc/cadoles-pod-hydra-remote-user-v1.conf" as HydraRemoteUserConfFile`
			`frame "/etc/hydra-remote-user/conf.d/*.yml" as HydraRemoteUserMappingsConfFile`
			`frame "/etc/cadoles-pod-hydra-passwordless-v1.conf" as HydraPasswordlessConfFile`
			`frame "/etc/cadoles-pod-shibboleth-sp-v3.conf" as ShibbolethSPConfFile`
			`frame "/etc/shibboleth/credentials/*" as ShibbolethSPCredentialsFile`
			`}`

			`package "Packages" as Packages {`
			`[cadoles-pod-hydra-v1] as PackageHydra`
			`[cadoles-pod-hydra-dispatcher-v1] as PackageHydraDispatcher`
			`[cadoles-pod-hydra-remote-user-v1] as PackageHydraRemoteUser`
			`[cadoles-pod-hydra-shibboleth-sp-v3] as PackageShibbolethSP`
			`[cadoles-pod-hydra-passwordless-v1] as PackageHydraPasswordless`
			`[haproxy] as PackageHAProxy`
			`}`

			`package "Services" as Services {`
			`[cadoles-pod-hydra-v1] as ServiceHydra`
			`[cadoles-pod-hydra-dispatcher-v1] as ServiceHydraDispatcher`
			`[cadoles-pod-shibboleth-sp-v3] as ServiceShibbolethSP`
			`[cadoles-pod-hydra-remote-user-v1] as ServiceHydraRemoteUser`
			`[cadoles-pod-hydra-passwordless-v1] as ServiceHydraPasswordless`
			`[haproxy] as ServiceHAProxy`
			`}`

			`PackageHAProxy ..up.> PortServerHTTP: binds`

			`ServiceHAProxy ...> PortHydraPublic : exposes (/)`
			`ServiceHAProxy ...> PortHydraDispatcher : exposes (/auth/dispatcher)`
			`ServiceHAProxy ...> PortHydraPasswordless : exposes (/auth/passwordless)`
			`ServiceHAProxy ...> PortShibbolethSP : exposes (/auth/saml)`

			`ContainerHydra ...> PortHydraPublic : binds`
			`ContainerHydra ...> PortHydraAdmin : binds`
			`ContainerHydraDispatcher ...> PortHydraDispatcher : binds`
			`ContainerShibbolethSP ...> PortShibbolethSP : binds`
			`ContainerHydraPasswordless ...> PortHydraPasswordless : binds`
			`ContainerHydraRemoteUser ...> PortHydraRemoteUser : binds`
			`ContainerShibbolethSP ..> PortHydraRemoteUser : proxies`

			`ServiceHydra ...> ContainerHydra: manages`
			`ServiceHydraDispatcher ...> ContainerHydraDispatcher: manages`
			`ServiceShibbolethSP ...> ContainerShibbolethSP: manages`
			`ServiceHydraPasswordless ...> ContainerHydraPasswordless: manages`
			`ServiceHydraRemoteUser ...> ContainerHydraRemoteUser: manages`

			`ContainerHydra ...> HydraConfFile : uses`
			`ContainerHydra ...> HydraClientConfFile : uses`
			`ContainerHydraDispatcher ...> HydraDispatcherConfFile : uses`
			`ContainerHydraDispatcher ...> HydraDispatcherAppsConfFile : uses`
			`ContainerHydraPasswordless ...> HydraPasswordlessConfFile : uses`
			`ContainerHydraRemoteUser ...> HydraRemoteUserConfFile : uses`
			`ContainerHydraRemoteUser ...> HydraRemoteUserMappingsConfFile : uses`
			`ContainerShibbolethSP ...> ShibbolethSPConfFile : uses`
			`ContainerShibbolethSP ...> ShibbolethSPCredentialsFile : creates`

			`PackageHAProxy ...> HAProxyConfFile : deploys`
			`PackageHydra ...> HydraConfFile : deploys`
			`PackageHydraDispatcher ...> HydraDispatcherConfFile : deploys`
			`PackageHydraRemoteUser ...> HydraRemoteUserConfFile : deploys`
			`PackageShibbolethSP ...> ShibbolethSPConfFile : deploys`

			`PackageHAProxy ...> ServiceHAProxy : deploys`
			`PackageHydra ...> ServiceHydra : deploys`
			`PackageHydraDispatcher ...> ServiceHydraDispatcher : deploys`
			`PackageHydraRemoteUser ...> ServiceHydraRemoteUser : deploys`
			`PackageHydraPasswordless ...> ServiceHydraPasswordless : deploys`

			`PackageHydra ...> ContainerHydra : deploys`
			`PackageHydraDispatcher ...> ContainerHydraDispatcher : deploys`
			`PackageHydraRemoteUser ...> ContainerHydraRemoteUser : deploys`
			`PackageShibbolethSP ...> ContainerShibbolethSP : deploys`
			`PackageHydraPasswordless ...> ContainerHydraPasswordless : deploys`
			`}`

			`@enduml`