fix: various web1 fixes

group_vars/all.yaml

@@ -24,15 +24,18 @@ keycloak_address: keycloak.atlantishq.de
 
 keycloak_clients:
     python-flask-picture-factory:
+        party_secret : "HISTORY_PURGED_SECRETKG0j"
         client_id: z_images
         client_secret: "HISTORY_PURGED_SECRET"
         redirect_uris: '"https://images.atlantishq.de/*","https://images.athq.de/*","https://images.potaris.de/*"'
     simple-log-server:
+        party_secret : "8fZpHISTORY_PURGED_SECRET"
         client_id: z_sls
         client_secret: ""
         redirect_uris: '"https://sls.atlantishq.de/*"'
 
     soundlib-interface:
+        party_secret : "zdHRHISTORY_PURGED_SECRET"
         client_id: z_soundlib
         client_secret: ""
         redirect_uris: '"https://sounds.atlantishq.de/*"'

roles/global-handlers/handlers/main.yml

@@ -19,3 +19,7 @@
   systemd:
     name: influxdb
     state: restarted
+
+- name: daemon reload
+  systemd:
+    daemon-reload: yes

roles/web1/files/sls_config.py

@@ -0,0 +1 @@
+SQLALCHEMY_DATABASE_URI = "sqlite:///database.sqlite"

roles/web1/tasks/main.yaml

@@ -3,6 +3,7 @@
     name: 
       - itsdangerous==2.0.1
       - flask
+      - flask-login
       - flask-oidc
       - Flask-SQLAlchemy
       - MarkupSafe
@@ -42,6 +43,13 @@
     - simple-log-server
     - soundlib-interface
 
+- name: SLS Config
+  copy:
+    src: sls_config.py
+    dest: /var/www/simple-log-server/config.py
+    owner: www-data
+    group: www-data
+
 - name: Deploy OIDC config (client secrets)
   template:
     src: oidc_client_secrets.json.j2
@@ -53,12 +61,27 @@
     - simple-log-server
     - soundlib-interface
 
-- name: Systemd Units
+- name: Template Systemd Units
   template:
     src: "waitress-systemd-unit.j2"
-    dest: "/etc/systemd/user/{{ item.name }}.service"
+    dest: "/etc/systemd/system/{{ item.name }}.service"
   with_items:
     - { name : "image-factory",     path : "/var/www/python-flask-picture-factory", port : 5000 }
     - { name : "serien-ampel",      path : "/var/www/serien-ampel",                 port : 5001 }
-    - { name : "simple-log-server", path : "/var/www/simple-log-service",           port : 5002 }
+    - { name : "simple-log-server", path : "/var/www/simple-log-server",            port : 5002 }
     - { name : "soundlib",          path : "/var/www/soundlib-interface",           port : 5003 }
+  notify:
+    - daemon reload
+
+- meta: flush_handlers
+
+- name: Enable and Start Systemd Units
+  systemd:
+    name: "{{ item }}"
+    enabled: yes
+    state: started
+  with_items:
+    - image-factory
+    - serien-ampel
+    - simple-log-server
+    - soundlib

templates/oidc_config.json.j2

@@ -1,5 +1,5 @@
 {
-    "SECRET_KEY" : "{{ lookup('password', '/dev/null length=20 chars=ascii_letters') }}",
+    "SECRET_KEY" : "{{ keycloak_clients[item].party_secret }}",
     "TEST" : true,
     "DEBUG" : true,
     "OIDC_CLIENT_SECRETS" : "oidc_client_secrets.json",