--- - name: Add required utilities ansible.builtin.apt: name: - gpg - wget - openssl update_cache: yes state: present - name: Add LetsEncrypt missing intermediate certificates command: "bash -c 'wget -O- --no-check-certificate https://forge.cadoles.com/Cadoles/Jenkins/raw/branch/master/resources/com/cadoles/common/add-letsencrypt-ca.sh | bash'" args: creates: /etc/ssl/certs/lets-encrypt-e1.pem.pem - name: Add cadoles-pod debian repository key ansible.builtin.apt_key: url: "{{ cadoles_pod_debian_repository_key_url }}" state: present - name: Configure cadoles-pod debian repository ansible.builtin.apt_repository: repo: "deb {{ cadoles_pod_debian_repository_url }} {{ cadoles_pod_debian_repository }} main" state: present - name: Install core packages ansible.builtin.apt: name: - haproxy - mariadb-server - python3-pip - cadoles-pod-hydra-v1 - cadoles-pod-hydra-dispatcher-v1 update_cache: yes state: latest - name: Install PyMySQL python package ansible.builtin.pip: name: PyMySQL - name: Create Hydra database community.mysql.mysql_db: name: "{{ hydra_database_name }}" login_unix_socket: /var/run/mysqld/mysqld.sock state: present - name: Create Hydra database user community.mysql.mysql_user: name: "{{ hydra_database_user }}" password: "{{ hydra_database_password }}" login_unix_socket: /var/run/mysqld/mysqld.sock priv: '{{ hydra_database_name }}.*:ALL,GRANT' state: present - name: Configure HAProxy template: src: haproxy.cfg.j2 dest: /etc/haproxy/haproxy.cfg validate: "haproxy -c -f %s" notify: - Restart HAProxy - name: Configure cadoles-pod-hydra-v1 template: src: "{{ item.src }}" dest: "{{ item.dest }}" with_items: - src: cadoles-pod-hydra-v1.conf.j2 dest: /etc/cadoles-pod-hydra-v1.conf - src: oidc-test-client.json.j2 dest: /etc/hydra/clients.d/oidc-test.json notify: - Restart cadoles-pod-hydra-v1 - name: Configure cadoles-pod-hydra-dispatcher-v1 template: src: "{{ item.src }}" dest: "{{ item.dest }}" with_items: - src: cadoles-pod-hydra-dispatcher-v1.conf.j2 dest: /etc/cadoles-pod-hydra-dispatcher-v1.conf - src: hydra-dispatcher-apps.yml.j2 dest: /etc/hydra-dispatcher/conf.d/apps.yml notify: - Restart cadoles-pod-hydra-dispatcher-v1 - name: Configure passwordless authentification if enabled ansible.builtin.include_tasks: hydra-passwordless.yml when: enable_hydra_passwordless - name: Configure SAML authentification if enabled ansible.builtin.include_tasks: hydra-saml.yml when: enable_hydra_saml - name: Sart OIDC Test app if enabled ansible.builtin.include_tasks: oidc-test.yml when: enable_oidc_test_app