defaults/main.yml

@@ -74,7 +74,6 @@ hydra_dispatcher_available_locales:
 hydra_dispatcher_sentry_dsn:
 hydra_dispatcher_sentry_environment:
 hydra_dispatcher_mounts: []
-hydra_dispatcher_disable_app_auto_select: true
 
 # Hydra Passwordless configuration
 

tasks/main.yml

@@ -54,6 +54,15 @@
   ansible.builtin.include_tasks: hydra-database.yml
   when: not hydra_use_external_database  
 
+- name: Configure HAProxy
+  template:
+    src: haproxy.cfg.j2
+    dest: /etc/haproxy/haproxy.cfg
+    validate: "haproxy -c -f %s"
+  notify:
+    - Restart HAProxy
+  become: true
+
 - name: Create hydra-clients
   template:
     src: hydra-client.json.j2
@@ -112,13 +121,4 @@
 
 - name: Stop OIDC Test app if disabled
   ansible.builtin.include_tasks: stop-oidc-test.yml
-  when: not enable_oidc_test_app
-
-- name: Configure HAProxy
-  template:
-    src: haproxy.cfg.j2
-    dest: /etc/haproxy/haproxy.cfg
-    validate: "haproxy -c -f %s"
-  notify:
-    - Restart HAProxy
-  become: true
+  when: not enable_oidc_test_app

templates/cadoles-pod-hydra-dispatcher-v1.conf.j2

@@ -20,7 +20,6 @@ PODMAN_ARGS="\
     -e 'TRUSTED_PROXIES=127.0.0.1,10.0.2.0/24' \
     -e 'SENTRY_DSN={{ hydra_dispatcher_sentry_dsn }}' \
     -e 'SENTRY_ENVIRONMENT={{ hydra_dispatcher_sentry_environment }}' \
-    -e 'DISABLE_APP_AUTO_SELECT={{ hydra_dispatcher_disable_app_auto_select }}' \
     -v /etc/hydra-dispatcher/conf.d:/var/www/config/hydra \
     {% for item in hydra_dispatcher_mounts %}
     -v {{ item.host }}:{{ item.container }} \

templates/cadoles-pod-shibboleth-sp-v3.conf.j2

@@ -4,7 +4,7 @@ PODMAN_ARGS="\
     --network=slirp4netns:allow_host_loopback=true \
     --replace --name 'cadoles-pod-shibboleth-sp-v3' \
     --tz=local \
-    -e 'SP_ENTITY_ID={{ haproxy_public_base_url }}{{ haproxy_hydra_saml_base_path }}' \
+    -e 'SP_ENTITY_ID=http://{{ ansible_fqdn }}{{ haproxy_hydra_saml_base_path }}' \
     -e 'SP_LOG_LEVEL={{ hydra_saml_sp_log_level }}' \
     -e 'IDP_ENTITY_ID={{ hydra_saml_idp_entity_id }}' \
     -e 'IDP_METADATA_URL={{ hydra_saml_idp_metadata_url }}' \

templates/haproxy.cfg.j2

@@ -1,7 +1,7 @@
 # {{ ansible_managed }}
 global
-    log /dev/log	local0 err
-    log /dev/log	local1 err
+    log /dev/log	local0
+    log /dev/log	local1 notice
     chroot /var/lib/haproxy
     stats socket /run/haproxy/admin.sock mode 660 level admin expose-fd listeners
     stats timeout 30s
@@ -141,4 +141,4 @@ backend oidc_test
     http-request set-header X-Forwarded-Prefix {{ haproxy_oidc_test_base_path }}
 
     server oidc-test 127.0.0.1:8080 check
-{% endif %}
+{% endif %}