feat: generalize variables usage

2022-07-21 14:19:23 +02:00
parent 20f5ef8faa
commit 4152fa2e3d
14 changed files with 94 additions and 352 deletions
--- a/tasks/hydra-passwordless.yml
+++ b/tasks/hydra-passwordless.yml
@ -3,9 +3,9 @@
 - name: Install cadoles-pod-hydra-passwordless-v1 package
  ansible.builtin.apt:
    name:
-      - cadoles-pod-hydra-passwordless-v1
+      - "cadoles-pod-hydra-passwordless-v1={{ cadoles_pod_hydra_passwordless_v1_package_version }}"
    update_cache: yes
-    state: latest
+    state: present
  become: true

 - name: Configure cadoles-pod-hydra-passwordless-v1
--- a/tasks/hydra-saml.yml
+++ b/tasks/hydra-saml.yml
@ -3,10 +3,10 @@
 - name: Install cadoles-pod-hydra-remote-user-v1 package
  ansible.builtin.apt:
    name:
-      - cadoles-pod-shibboleth-sp-v3
-      - cadoles-pod-hydra-remote-user-v1
+      - "cadoles-pod-shibboleth-sp-v3={{ cadoles_pod_shibboleth_sp_v3_package_version }}"
+      - "cadoles-pod-hydra-remote-user-v1={{ cadoles_pod_hydra_remote_user_v1_package_version }}"
    update_cache: yes
-    state: latest
+    state: present
  become: true

 - name: Configure cadoles-pod-hydra-remote-user-v1
@ -50,12 +50,4 @@
      dest: /etc/shibboleth/attribute-map.inc.xml
  notify:
    - Restart cadoles-pod-shibboleth-sp-v3
-  become: true
-
- name: Configure cadoles-pod-shibboleth-sp-v3 (2)
-  ansible.builtin.copy:
-    src:  shibboleth2.xml.gotmpl
-    dest: /etc/shibboleth/shibboleth2.xml.gotmpl
-  notify:
-    - Restart cadoles-pod-shibboleth-sp-v3
  become: true
--- a/tasks/main.yml
+++ b/tasks/main.yml
@ -31,11 +31,11 @@
 - name: Install core packages
  ansible.builtin.apt:
    name:
-      - haproxy
-      - cadoles-pod-hydra-v1
-      - cadoles-pod-hydra-dispatcher-v1
+      - haproxy={{ haproxy_package_version }}
+      - cadoles-pod-hydra-v1={{ cadoles_pod_hydra_v1_package_version }}
+      - cadoles-pod-hydra-dispatcher-v1={{ cadoles_pod_hydra_dispatcher_v1_package_version }}
    update_cache: yes
-    state: latest
+    state: present
  become: true

 - name: Configure Hydra local database
--- a/tasks/oidc-test.yml
+++ b/tasks/oidc-test.yml
@ -8,8 +8,8 @@
    - client_id: "{{ oidc_test_app_client_id }}"
      client_secret: "{{ oidc_test_app_client_secret }}"
      client_name: "OIDC Test"
-      redirect_uris: ["{{ public_scheme }}://{{ public_host }}:8080/oauth2/callback"]
-      post_logout_redirect_uris: ["{{ public_scheme }}://{{ public_host }}:8080"]
+      redirect_uris: ["{{ oidc_test_app_public_base_url }}/oauth2/callback"]
+      post_logout_redirect_uris: ["{{ oidc_test_app_public_base_url }}"]
      logo_uri: https://www.cadoles.com/images/logo.svg

  notify:
@ -19,7 +19,7 @@
 - name: Start oidc-test app
  containers.podman.podman_container:
    name: oidc-test
-    image: docker.io/bornholm/oidc-test:v0.0.0-2-gd0583cc
+    image: docker.io/bornholm/oidc-test:v0.0.0-3-g5beae19
    state: started
    network: host
    recreate: yes
@ -27,8 +27,9 @@
      OIDC_CLIENT_ID: "{{ oidc_test_app_client_id }}"
      OIDC_CLIENT_SECRET: "{{ oidc_test_app_client_secret }}"
      LOG_LEVEL: 0
-      OIDC_ISSUER_URL: "http://{{ public_host }}/"
-      OIDC_REDIRECT_URL: "http://{{ public_host }}:8080" 
-      OIDC_POST_LOGOUT_REDIRECT_URL: "http://{{ public_host }}:8080"
+      OIDC_ISSUER_URL: "{{ hydra_urls_self_issuer_url }}/"
+      OIDC_INSECURE_SKIP_VERIFY: true
+      OIDC_REDIRECT_URL: "{{ oidc_test_app_public_base_url }}" 
+      OIDC_POST_LOGOUT_REDIRECT_URL: "{{ oidc_test_app_public_base_url }}"
      HTTP_ADDRESS: 0.0.0.0:8080
  become: true