fix/shibboleth_entity_id #10
@ -74,6 +74,7 @@ hydra_dispatcher_available_locales:
|
||||
hydra_dispatcher_sentry_dsn:
|
||||
hydra_dispatcher_sentry_environment:
|
||||
hydra_dispatcher_mounts: []
|
||||
hydra_dispatcher_disable_app_auto_select: true
|
||||
|
||||
# Hydra Passwordless configuration
|
||||
|
||||
|
@ -54,15 +54,6 @@
|
||||
ansible.builtin.include_tasks: hydra-database.yml
|
||||
when: not hydra_use_external_database
|
||||
|
||||
- name: Configure HAProxy
|
||||
template:
|
||||
src: haproxy.cfg.j2
|
||||
dest: /etc/haproxy/haproxy.cfg
|
||||
validate: "haproxy -c -f %s"
|
||||
notify:
|
||||
- Restart HAProxy
|
||||
become: true
|
||||
|
||||
- name: Create hydra-clients
|
||||
template:
|
||||
src: hydra-client.json.j2
|
||||
@ -121,4 +112,13 @@
|
||||
|
||||
- name: Stop OIDC Test app if disabled
|
||||
ansible.builtin.include_tasks: stop-oidc-test.yml
|
||||
when: not enable_oidc_test_app
|
||||
when: not enable_oidc_test_app
|
||||
|
||||
- name: Configure HAProxy
|
||||
template:
|
||||
src: haproxy.cfg.j2
|
||||
dest: /etc/haproxy/haproxy.cfg
|
||||
validate: "haproxy -c -f %s"
|
||||
notify:
|
||||
- Restart HAProxy
|
||||
become: true
|
@ -20,6 +20,7 @@ PODMAN_ARGS="\
|
||||
-e 'TRUSTED_PROXIES=127.0.0.1,10.0.2.0/24' \
|
||||
-e 'SENTRY_DSN={{ hydra_dispatcher_sentry_dsn }}' \
|
||||
-e 'SENTRY_ENVIRONMENT={{ hydra_dispatcher_sentry_environment }}' \
|
||||
-e 'DISABLE_APP_AUTO_SELECT={{ hydra_dispatcher_disable_app_auto_select }}' \
|
||||
-v /etc/hydra-dispatcher/conf.d:/var/www/config/hydra \
|
||||
{% for item in hydra_dispatcher_mounts %}
|
||||
-v {{ item.host }}:{{ item.container }} \
|
||||
|
@ -4,7 +4,7 @@ PODMAN_ARGS="\
|
||||
--network=slirp4netns:allow_host_loopback=true \
|
||||
--replace --name 'cadoles-pod-shibboleth-sp-v3' \
|
||||
--tz=local \
|
||||
-e 'SP_ENTITY_ID=http://{{ ansible_fqdn }}{{ haproxy_hydra_saml_base_path }}' \
|
||||
-e 'SP_ENTITY_ID={{ haproxy_public_base_url }}{{ haproxy_hydra_saml_base_path }}' \
|
||||
-e 'SP_LOG_LEVEL={{ hydra_saml_sp_log_level }}' \
|
||||
-e 'IDP_ENTITY_ID={{ hydra_saml_idp_entity_id }}' \
|
||||
-e 'IDP_METADATA_URL={{ hydra_saml_idp_metadata_url }}' \
|
||||
|
@ -1,7 +1,7 @@
|
||||
# {{ ansible_managed }}
|
||||
global
|
||||
log /dev/log local0
|
||||
log /dev/log local1 notice
|
||||
log /dev/log local0 err
|
||||
log /dev/log local1 err
|
||||
chroot /var/lib/haproxy
|
||||
stats socket /run/haproxy/admin.sock mode 660 level admin expose-fd listeners
|
||||
stats timeout 30s
|
||||
@ -141,4 +141,4 @@ backend oidc_test
|
||||
http-request set-header X-Forwarded-Prefix {{ haproxy_oidc_test_base_path }}
|
||||
|
||||
server oidc-test 127.0.0.1:8080 check
|
||||
{% endif %}
|
||||
{% endif %}
|
||||
|
Loading…
Reference in New Issue
Block a user