feat: add atlantis verify

group_vars/all.yaml

@@ -231,3 +231,14 @@ keycloak_clients:
         keycloak_id: "00000000-0000-0000-0000-000000000013"
         groups: "pki"
         master_address: "https://harbor-registry.atlantishq.de"
+
+    atlantis-verify:
+        party_secret: "3HISTORY_PURGED_SECRET"
+        client_id: z_at_verify
+        client_secret: "HISTORY_PURGED_SECRET"
+        redirect_uris:
+            - "https://verify.atlantishq.de/*"
+        description: "Atlantis Verification"
+        keycloak_id: "00000000-0000-0000-0000-000000000014"
+        groups:
+        master_address: "https://verify.atlantishq.de"

roles/docker-deployments/tasks/main.yaml

@@ -50,6 +50,7 @@
     - event-dispatcher
     - reactive-resume
     - hedgedoc
+    - atlantis-verify
 
 - name: Copy AtlantisHub config
   copy:
@@ -93,6 +94,7 @@
     - tor
     - reactive-resume
     - hedgedoc
+    - atlantis-verify
 
 - name: Copy compose templates
   template:
@@ -111,6 +113,7 @@
     - tor
     - reactive-resume
     - hedgedoc
+    - atlantis-verify
 
 - name: Log into private registry
   docker_login:
@@ -137,6 +140,7 @@
     - tor
     - reactive-resume
     - hedgedoc
+    - atlantis-verify
 
 - name: OAuth2Proxy directories
   file:
@@ -148,6 +152,7 @@
     - atlantis-hub
     - grafana
     - async-icinga
+    - atlantis-verify
 
 - name: include services ports
   include_vars: services.yaml
@@ -161,6 +166,7 @@
     - atlantis-hub
     - grafana
     - async-icinga
+    - atlantis-verify
 
 - name: Deploy OAuth2Proxy
   community.docker.docker_compose:
@@ -171,3 +177,4 @@
     - atlantis-hub
     - grafana
     - async-icinga
+    - atlantis-verify

roles/docker-deployments/templates/atlantis-verify.yaml

@@ -0,0 +1,28 @@
+atlantis-verify:
+    image: harbor-registry.atlantishq.de/atlantishq/atlantis-verify:latest
+    restart: always
+    environment:
+
+        LDAP_SERVER: ldap://{{ ldap_server }}
+        LDAP_BIND_DN: {{ ldap_bind_dn }}
+        LDAP_BIND_PW: {{ ldap_password }}
+        LDAP_BASE_DN: {{ ldap_user_dn }}
+
+        DISPATCH_SERVER: {{ event_dispatcher_address }}
+
+        SQLALCHEMY_DATABASE_URI: "instance/database.sqlite"
+        
+        KEYCLOAK_URL: https://{{ keycloak_address }}
+        KEYCLOAK_REALM: master
+        KEYCLOAK_ADMIN_USER: admin
+        KEYCLOAK_ADMIN_PASS: {{ keycloak_admin_password }}
+
+        MAIN_HOME: https://hub.atlantishq.de
+
+        DISPATCH_AUTH_USER: {{ event_dispatcher_user }}
+        DISPATCH_AUTH_PASSWORD: {{ event_dispatcher_pass }}
+
+    ports:
+        - 6013:5000
+    volumes:
+        - /data/atlantis-verify/instance/:/app/instance/

vars/services.yaml

@@ -21,3 +21,5 @@ services:
         port: 3000
     async-icinga:
         port: 5006
+    atlantis-verify:
+        port: 5013