feat: support for heimdall/hub page

2025-12-06 12:01:37 +01:00 · 2023-06-27 10:49:10 +00:00
parent 7237c07ecb
commit f2567c5e9f
5 changed files with 36 additions and 1 deletions
--- a/group_vars/all.yaml
+++ b/group_vars/all.yaml
@@ -120,3 +120,16 @@ keycloak_clients:
        groups: "trackmania"
        master_address: "https://trackmania.atlantishq.de"
        skips:
+
+    heimdall:
+        party_secret : "HISTORY_PURGED_SECRET"
+        client_id: z_heimdall
+        client_secret: "HISTORY_PURGED_SECRET"
+        client_secret: "HISTORY_PURGED_SECRET"
+        redirect_uris:
+            - "https://hub.atlantishq.de/*"
+        description: "AtlantisHQ Hub"
+        keycloak_id: "00000000-0000-0000-0000-000000000007"
+        groups:
+        master_address: "https://hub.atlantishq.de"
+        skips:
--- a/roles/docker-deployments/tasks/main.yaml
+++ b/roles/docker-deployments/tasks/main.yaml
@@ -38,6 +38,7 @@
    state: directory
  with_items:
    - tmnf-replay-server
+    - heimdall

 - name: Create compose directories
  file:
@@ -50,6 +51,7 @@
    - sector32
    - async-icinga
    - tmnf-replay-server
+    - heimdall

 - name: Copy compose templates
  template:
@@ -62,6 +64,7 @@
    - sector32
    - async-icinga
    - tmnf-replay-server
+    - heimdall

 - name: Log into private registry
  docker_login:
@@ -82,6 +85,7 @@
    - sector32
    - async-icinga
    - tmnf-replay-server
+    - heimdall

 - name: OAuth2Proxy directories
  file:
@@ -90,6 +94,7 @@
    recurse: yes
  with_items:
    - tmnf-replay-server
+    - heimdall

 - name: include services ports
  include_vars: services.yaml
@@ -100,6 +105,7 @@
    dest: "/opt/oauth2proxy/{{ item }}/docker-compose.yaml"
  with_items:
    - tmnf-replay-server
+    - heimdall

 - name: Deploy OAuth2Proxy
  community.docker.docker_compose:
@@ -107,3 +113,4 @@
    pull: true
  with_items:
    - tmnf-replay-server
+    - heimdall
--- a/roles/docker-deployments/templates/heimdall.yaml
+++ b/roles/docker-deployments/templates/heimdall.yaml
@@ -0,0 +1,10 @@
+heimdall:
+    image: linuxserver/heimdall:latest
+    restart: always
+    ports:
+        - 6011:80
+    volumes:
+        - /data/heimdall/:/config/
+    environment:
+        - PGID=1000
+        - PUID=1000
--- a/templates/oauth-standalone-docker-compose.yaml
+++ b/templates/oauth-standalone-docker-compose.yaml
@@ -28,7 +28,10 @@ services:
      OAUTH2_PROXY_OIDC_ISSUER_URL: "https://{{ keycloak_address }}/realms/master"
      OAUTH2_PROXY_CLIENT_ID: "{{ keycloak_clients[item].client_id }}"
      OAUTH2_PROXY_CLIENT_SECRET: "{{ keycloak_clients[item].client_secret }}"
-      OAUTH2_PROXY_ALLOWED_GROUPS: {{ keycloak_clients[item].groups }}
+
+      {% if keycloak_clients[item].groups %}
+OAUTH2_PROXY_ALLOWED_GROUPS: {{ keycloak_clients[item].groups }}
+      {% endif %}

      OAUTH2_PROXY_OIDC_EMAIL_CLAIM: sub
      OAUTH2_PROXY_SET_XAUTHREQUEST: "true"
--- a/vars/services.yaml
+++ b/vars/services.yaml
@@ -11,3 +11,5 @@ services:
        port: 5000
    tmnf-replay-server:
        port: 5010
+    heimdall:
+        port: 5011