feat: oidc web1 basics

templates/oidc_client_secrets.json.j2

@@ -0,0 +1,14 @@
+{
+    "web": {
+        "issuer": "https://{{ keycloak_address }}/realms/master",
+        "auth_uri": "https://{{ keycloak_address }}/realms/master/protocol/openid-connect/auth",
+        "client_id": "{{ keycloak_clients[item].client_id }}",
+        "client_secret": "{{ keycloak_clients[item].client_secret }}",
+        "redirect_uris": [
+            {{ keycloak_clients[item].redirect_uris }}
+        ],
+        "userinfo_uri": "https://{{ keycloak_address }}/realms/master/protocol/openid-connect/userinfo", 
+        "token_uri": "https://{{ keycloak_address }}/realms/master/protocol/openid-connect/token",
+        "token_introspection_uri": "https://{{ keycloak_address }}/realms/master/protocol/openid-connect/token/introspect"
+    }
+}

templates/oidc_config.json.j2

@@ -0,0 +1,9 @@
+{
+    "SECRET_KEY" : "{{ lookup('password', '/dev/null length=20 chars=ascii_letters') }}",
+    "TEST" : true,
+    "DEBUG" : true,
+    "OIDC_CLIENT_SECRETS" : "oidc_client_secrets.json",
+    "OIDC_SCOPES" : [ "openid", "email", "roles" ],
+    "OIDC_INTROSPECTION_AUTH_METHOD": "client_secret_post",
+    "PREFERRED_URL_SCHEME" :  "https"
+}

templates/waitress-systemd-unit.j2

@@ -0,0 +1,14 @@
+[Unit]
+Description={{ item.name }} on {{ item.port }} at {{ item.path }}
+After=network.target
+
+[Service]
+WorkingDirectory={{ item.path }}
+
+Type=simple
+User=www-data
+
+ExecStart=/usr/bin/waitress-serve --host 0.0.0.0 --port {{ item.port }} --call 'app:createApp'
+
+[Install]
+WantedBy=multi-user.target