sheppy/no-secrets-athq-ansible
1
0
Fork 0
mirror of https://github.com/FAUSheppy/no-secrets-athq-ansible synced 2025-12-06 15:11:39 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

feat: support for heimdall/hub page

Browse Source
This commit is contained in:
Johnathen Sheppard
2023-06-27 10:49:10 +00:00
parent 7237c07ecb
commit f2567c5e9f
5 changed files with 36 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
group_vars/all.yaml
View File

@@ -120,3 +120,16 @@ keycloak_clients:
groups: "trackmania" groups: "trackmania"
master_address: "https://trackmania.atlantishq.de" master_address: "https://trackmania.atlantishq.de"
skips: skips:
heimdall:
party_secret : "HISTORY_PURGED_SECRET"
client_id: z_heimdall
client_secret: "HISTORY_PURGED_SECRET"
client_secret: "HISTORY_PURGED_SECRET"
redirect_uris:
- "https://hub.atlantishq.de/*"
description: "AtlantisHQ Hub"
keycloak_id: "00000000-0000-0000-0000-000000000007"
groups:
master_address: "https://hub.atlantishq.de"
skips:

7
roles/docker-deployments/tasks/main.yaml
View File

@@ -38,6 +38,7 @@
state: directory state: directory
with_items: with_items:
- tmnf-replay-server - tmnf-replay-server
- heimdall
- name: Create compose directories - name: Create compose directories
file: file:
@@ -50,6 +51,7 @@
- sector32 - sector32
- async-icinga - async-icinga
- tmnf-replay-server - tmnf-replay-server
- heimdall
- name: Copy compose templates - name: Copy compose templates
template: template:
@@ -62,6 +64,7 @@
- sector32 - sector32
- async-icinga - async-icinga
- tmnf-replay-server - tmnf-replay-server
- heimdall
- name: Log into private registry - name: Log into private registry
docker_login: docker_login:
@@ -82,6 +85,7 @@
- sector32 - sector32
- async-icinga - async-icinga
- tmnf-replay-server - tmnf-replay-server
- heimdall
- name: OAuth2Proxy directories - name: OAuth2Proxy directories
file: file:
@@ -90,6 +94,7 @@
recurse: yes recurse: yes
with_items: with_items:
- tmnf-replay-server - tmnf-replay-server
- heimdall
- name: include services ports - name: include services ports
include_vars: services.yaml include_vars: services.yaml
@@ -100,6 +105,7 @@
dest: "/opt/oauth2proxy/{{ item }}/docker-compose.yaml" dest: "/opt/oauth2proxy/{{ item }}/docker-compose.yaml"
with_items: with_items:
- tmnf-replay-server - tmnf-replay-server
- heimdall
- name: Deploy OAuth2Proxy - name: Deploy OAuth2Proxy
community.docker.docker_compose: community.docker.docker_compose:
@@ -107,3 +113,4 @@
pull: true pull: true
with_items: with_items:
- tmnf-replay-server - tmnf-replay-server
- heimdall

10
roles/docker-deployments/templates/heimdall.yaml Normal file
View File

@@ -0,0 +1,10 @@
heimdall:
image: linuxserver/heimdall:latest
restart: always
ports:
- 6011:80
volumes:
- /data/heimdall/:/config/
environment:
- PGID=1000
- PUID=1000

5
templates/oauth-standalone-docker-compose.yaml
View File

@@ -28,7 +28,10 @@ services:
OAUTH2_PROXY_OIDC_ISSUER_URL: "https://{{ keycloak_address }}/realms/master" OAUTH2_PROXY_OIDC_ISSUER_URL: "https://{{ keycloak_address }}/realms/master"
OAUTH2_PROXY_CLIENT_ID: "{{ keycloak_clients[item].client_id }}" OAUTH2_PROXY_CLIENT_ID: "{{ keycloak_clients[item].client_id }}"
OAUTH2_PROXY_CLIENT_SECRET: "{{ keycloak_clients[item].client_secret }}" OAUTH2_PROXY_CLIENT_SECRET: "{{ keycloak_clients[item].client_secret }}"
OAUTH2_PROXY_ALLOWED_GROUPS: {{ keycloak_clients[item].groups }}
{% if keycloak_clients[item].groups %}
OAUTH2_PROXY_ALLOWED_GROUPS: {{ keycloak_clients[item].groups }}
{% endif %}
OAUTH2_PROXY_OIDC_EMAIL_CLAIM: sub OAUTH2_PROXY_OIDC_EMAIL_CLAIM: sub
OAUTH2_PROXY_SET_XAUTHREQUEST: "true" OAUTH2_PROXY_SET_XAUTHREQUEST: "true"

2
vars/services.yaml
View File

@@ -11,3 +11,5 @@ services:
port: 5000 port: 5000
tmnf-replay-server: tmnf-replay-server:
port: 5010 port: 5010
heimdall:
port: 5011