add: trackmania replay server with oidc

group_vars/all.yaml

@@ -108,3 +108,15 @@ keycloak_clients:
         groups: "pki"
         master_address: "https://vpn.atlantishq.de"
         skips:
+
+    tmnf-replay-server:
+        party_secret : "HISTORY_PURGED_SECRET"
+        client_id: z_trackmania
+        client_secret: "HISTORY_PURGED_SECRET"
+        redirect_uris:
+            - "https://trackmania.atlantishq.de/*"
+        description: "AtlantisHQ Trackmania Replays"
+        keycloak_id: "00000000-0000-0000-0000-000000000006"
+        groups: "trackmania"
+        master_address: "https://trackmania.atlantishq.de"
+        skips:

roles/docker-deployments/tasks/main.yaml

@@ -32,6 +32,13 @@
   notify:
     - reload async icinga settings
 
+- name: Create data directories
+  file:
+    name: "/data/{{ item }}/"
+    state: directory
+  with_items:
+    - tmnf-replay-server
+
 - name: Create compose directories
   file:
     name: "/opt/{{ item }}"
@@ -42,6 +49,7 @@
     - potaris
     - sector32
     - async-icinga
+    - tmnf-replay-server
 
 - name: Copy compose templates
   template:
@@ -53,6 +61,7 @@
     - potaris
     - sector32
     - async-icinga
+    - tmnf-replay-server
 
 - name: Log into private registry
   docker_login:
@@ -72,3 +81,29 @@
     - potaris
     - sector32
     - async-icinga
+    - tmnf-replay-server
+
+- name: OAuth2Proxy directories
+  file:
+    path: "/opt/oauth2proxy/{{ item }}/"
+    state: directory
+    recurse: yes
+  with_items:
+    - tmnf-replay-server
+
+- name: include services ports
+  include_vars: services.yaml
+
+- name: Deploy OAuth2Proxy compose files
+  template:
+    src: oauth-standalone-docker-compose.yaml
+    dest: "/opt/oauth2proxy/{{ item }}/docker-compose.yaml"
+  with_items:
+    - tmnf-replay-server
+
+- name: Deploy OAuth2Proxy
+  community.docker.docker_compose:
+    project_src: /opt/oauth2proxy/{{ item }}/
+    pull: true
+  with_items:
+    - tmnf-replay-server

roles/docker-deployments/templates/tmnf-replay-server.yaml

@@ -0,0 +1,10 @@
+tmnf-replay-server:
+    image: registry.atlantishq.de/tmnf-replay-server:latest
+    restart: always
+    ports:
+        - 6010:5000
+    volumes:
+        - /data/tmnf-replay-server/data/:/app/data/
+        - /data/tmnf-replay-server/upload/:/app/upload/
+    environment:
+        - SQLITE_LOCATION=sqlite:////app/data/sqlite.db

vars/services.yaml

@@ -9,3 +9,5 @@ services:
         port: 5003
     cert-manager:
         port: 5000
+    tmnf-replay-server:
+        port: 5010