ansible-role-sso/sso.schema.yml

166 lines
4.4 KiB
YAML

title: SSO Configuration
description: Variables de personnalisation de votre serveur SSO
type: object
properties:
cadoles_pod_debian_repository_url:
description: URL du dépôt Debian Cadoles
type: string
cadoles_pod_debian_repository:
description: Segment du dépôt Debian à utiliser
type: string
cadoles_pod_debian_repository_key_url:
description: URL de la clé GPG du dépôt Debian Cadoles
type: string
haproxy_package_version:
description: Version du paquet 'haproxy' (* pour dernière version disponible)
type: string
cadoles_pod_hydra_v1_package_version:
description: Version du paquet 'cadoles-pod-hydra-v1' (* pour dernière version disponible)
type: string
cadoles_pod_hydra_dispatcher_v1_package_version:
description: Version du paquet 'cadoles-pod-hydra-dispatcher-v1' (* pour dernière version disponible)
type: string
cadoles_pod_shibboleth_sp_v3_package_version:
description: Version du paquet 'cadoles-pod-shibboleth-sp-v3' (* pour dernière version disponible)
type: string
cadoles_pod_hydra_remote_user_v1_package_version:
description: Version du paquet 'cadoles-pod-hydra-remote-user-v1' (* pour dernière version disponible)
type: string
cadoles_pod_hydra_passwordless_v1_package_version:
description: Version du paquet 'cadoles-pod-hydra-passwordless-v1' (* pour dernière version disponible)
type: string
hydra_use_external_database:
type: boolean
description: Utiliser une base de données externe ?
hydra_database_name:
type: string
description: Nom de la base de données Hydra
hydra_database_user:
type: string
description: Utilisateur pour la base de données Hydra
hydra_database_password:
type: string
description: Mot de passe pour la base de données Hydra
hydra_database_host:
type: string
description: Hôte de la base de données Hydra
hydra_database_port:
type: number
description: Port de la base de données Hydra
haproxy_public_base_url:
type: string
description: URL de base pour le serveur SSO
haproxy_hydra_dispatcher_base_path:
type: string
description: Chemin du point d'entrée d'hydra-dispatcher
haproxy_hydra_passwordless_base_path:
type: string
description: Chemin du point d'entrée d'hydra-passwordless
haproxy_hydra_saml_base_path:
type: string
description: Chemin du point d'entrée d'hydra-remote-user (SAML)
haproxy_forwarded_proto:
type: string
haproxy_forwarded_host:
type: string
haproxy_forwarded_port:
type: string
hydra_urls_self_issuer_url:
type: string
hydra_urls_consent:
type: string
hydra_urls_login:
type: string
hydra_urls_logout:
type: string
hydra_url_post_logout:
type: string
hydra_log_level:
type: string
hydra_log_leak_sensitive_values:
type: boolean
hydra_ttl_refresh_token:
type: string
hydra_brypt_cost:
type: number
description: Coût CPU pour calculer des hachages de secret (4-31)
# This value should not be changed after first deployment !
hydra_secrets_seed:
type: string
# Hydra clients
hydra_clients:
type: array
items:
type: object
properties:
client_id:
type: string
client_name:
type: string
client_secret:
type: string
# Hydra Passwordless configuration
enable_hydra_passwordless:
type: boolean
hydra_passwordless_app_title:
type: object
hydra_passwordless_app_description:
type: object
hydra_passwordless_app_icon_url:
type: string
hydra_passwordless_smtp_host:
type: string
hydra_passwordless_smtp_port:
type: number
hydra_passwordless_smtp_user:
type: string
hydra_passwordless_smtp_password:
type: string
hydra_passwordless_smtp_insecure_skip_verify:
type: boolean
hydra_passwordless_smtp_use_start_tls:
type: boolean
hydra_passwordless_sender_address:
type: string
hydra_passwordless_sender_name:
type: string
enable_hydra_saml:
type: boolean
hydra_saml_app_title:
type: object
hydra_saml_app_description:
type: object
hydra_saml_app_icon_url:
type: string
hydra_saml_idp_entity_id:
type: string
hydra_saml_idp_metadata_url:
type: string
# OIDC Test configuration
enable_oidc_test_app:
type: boolean
oidc_test_app_public_base_url:
type: string
oidc_test_app_client_id:
type: string
oidc_test_app_client_secret:
type: string
additionalProperties: true