ansible-role-sso/templates/cadoles-pod-hydra-dispatche...

29 lines
1.3 KiB
Django/Jinja

# {{ ansible_managed }}
PODMAN_ARGS="\
--name 'cadoles-pod-hydra-dispatcher-v1' \
--replace \
--network=slirp4netns:allow_host_loopback=true \
--tz=local \
-p 127.0.0.1:3000:8080 \
-e APP_ENV=prod \
-e 'APP_DEBUG={{ hydra_dispatcher_debug }}' \
-e HYDRA_ADMIN_BASE_URL=http://10.0.2.2:4445 \
-e HYDRA_BASE_URL=http://10.0.2.2:4444 \
-e HYDRA_REWRITE_ISSUER=no \
-e 'HYDRA_ORIGINAL_ISSUER={{ haproxy_public_base_url }}' \
-e 'HYDRA_NEW_ISSUER={{ haproxy_public_base_url }}' \
-e 'BASE_URL={{ haproxy_public_base_url }}{{ haproxy_hydra_dispatcher_base_path }}' \
-e 'COOKIE_PATH={{ hydra_dispatcher_cookie_path }}' \
-e 'DEFAULT_LOCALE={{ hydra_dispatcher_default_locale }}' \
-e 'APP_LOCALES={{ hydra_dispatcher_available_locales | join(',') }}' \
-e 'HYDRA_ADMIN_AUTHORIZED_HOSTS={{ hydra_dispatcher_admin_authorized_hosts | join(',') }}' \
-e 'TRUSTED_PROXIES=127.0.0.1,10.0.2.0/24' \
-e 'SENTRY_DSN={{ hydra_dispatcher_sentry_dsn }}' \
-e 'SENTRY_ENVIRONMENT={{ hydra_dispatcher_sentry_environment }}' \
-e 'DISABLE_APP_AUTO_SELECT={{ hydra_dispatcher_disable_app_auto_select }}' \
-e 'PHP_FPM_MEMORY_LIMIT=128m' \
-v /etc/hydra-dispatcher/conf.d:/app/config/hydra \
{% for item in hydra_dispatcher_mounts %}
-v {{ item.host }}:{{ item.container }} \
{% endfor %}
"