sheppy/no-secrets-athq-ansible
1
0
Fork 0
mirror of https://github.com/FAUSheppy/no-secrets-athq-ansible synced 2025-12-09 19:28:33 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

fix: repair and readd image factory service OIDC

Browse Source
This commit is contained in:
Johnathen Sheppard
2023-06-07 08:33:14 +00:00
parent 7dafe7e3a7
commit fa27f02259
3 changed files with 10 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
group_vars/all.yaml
View File

@@ -41,7 +41,7 @@ keycloak_address: keycloak.atlantishq.de
keycloak_clients: keycloak_clients:
python-flask-picture-factory: python-flask-picture-factory:
party_secret : "HISTORY_PURGED_SECRETKG0j" party_secret : "HISTORY_PURGED_SECRET"
client_id: z_images client_id: z_images
client_secret: "HISTORY_PURGED_SECRET" client_secret: "HISTORY_PURGED_SECRET"
redirect_uris: redirect_uris:

22
roles/web1/tasks/main.yaml
View File

@@ -21,17 +21,6 @@
line: " flow.redirect_uri = url_for('_oidc_callback', _external=True, _scheme='https')" line: " flow.redirect_uri = url_for('_oidc_callback', _external=True, _scheme='https')"
backup: yes backup: yes
- name: Set owner in case git already exists and has bad ownership
file:
path: /var/www/{{ item }}/
owner: root
group: root
recurse: true
with_items:
- python-flask-picture-factory
- simple-log-server
- soundlib-interface
- name: Set mode /usr/local/lib/ (python libraries) - name: Set mode /usr/local/lib/ (python libraries)
file: file:
path: /usr/local/lib/ path: /usr/local/lib/
@@ -42,12 +31,14 @@
git: git:
repo: https://github.com/FAUSheppy/{{ item }}.git repo: https://github.com/FAUSheppy/{{ item }}.git
dest: "/var/www/{{ item }}" dest: "/var/www/{{ item }}"
become: yes
become_user: www-data
with_items: with_items:
- python-flask-picture-factory - python-flask-picture-factory
- simple-log-server - simple-log-server
- soundlib-interface - soundlib-interface
- name: Reset Ownership to www-data - name: Ensure Ownership to www-data
file: file:
path: /var/www/{{ item }}/ path: /var/www/{{ item }}/
owner: www-data owner: www-data
@@ -104,13 +95,15 @@
with_items: with_items:
- simple-log-server - simple-log-server
- soundlib-interface - soundlib-interface
- python-flask-picture-factory
- name: Template Systemd Units - name: Template Systemd Units
template: template:
src: "waitress-systemd-unit.j2" src: "waitress-systemd-unit.j2"
dest: "/etc/systemd/system/{{ item.name }}.service" dest: "/etc/systemd/system/{{ item.name }}.service"
with_items: with_items:
- { name : "image-factory", path : "/var/www/python-flask-picture-factory" } - { name : "python-flask-picture-factory",
path : "/var/www/python-flask-picture-factory", external_oidc : true }
- { name : "serien-ampel", path : "/var/www/serien-ampel" } - { name : "serien-ampel", path : "/var/www/serien-ampel" }
- { name : "simple-log-server", path : "/var/www/simple-log-server", external_oidc : true } - { name : "simple-log-server", path : "/var/www/simple-log-server", external_oidc : true }
- { name : "soundlib-interface", path : "/var/www/soundlib-interface", external_oidc : true } - { name : "soundlib-interface", path : "/var/www/soundlib-interface", external_oidc : true }
@@ -130,6 +123,7 @@
with_items: with_items:
- soundlib-interface - soundlib-interface
- simple-log-server - simple-log-server
- python-flask-picture-factory
- name: Enable and Start Systemd Units - name: Enable and Start Systemd Units
systemd: systemd:
@@ -137,7 +131,7 @@
enabled: yes enabled: yes
state: started state: started
with_items: with_items:
- image-factory - python-flask-picture-factory
- serien-ampel - serien-ampel
- simple-log-server - simple-log-server
- soundlib-interface - soundlib-interface

2
vars/services.yaml
View File

@@ -1,5 +1,5 @@
services: services:
image-factory: python-flask-picture-factory:
port: 5000 port: 5000
serien-ampel: serien-ampel:
port: 5001 port: 5001