mirror of
https://github.com/FAUSheppy/no-secrets-athq-ansible
synced 2025-12-06 08:51:37 +01:00
110 lines
2.8 KiB
YAML
110 lines
2.8 KiB
YAML
- name: Include service variables
|
|
include_vars: services.yaml
|
|
|
|
- name: Install python packages
|
|
pip:
|
|
name:
|
|
- itsdangerous==2.0.1
|
|
- flask
|
|
- flask-login
|
|
- flask-oidc
|
|
- Flask-SQLAlchemy
|
|
- MarkupSafe
|
|
- Pillow
|
|
- docker-compose
|
|
- waitress
|
|
|
|
- name: fix dumb flask oidc scheme bug
|
|
lineinfile:
|
|
path: /usr/local/lib/python3.9/dist-packages/flask_oidc/__init__.py
|
|
regex: " flow\\.redirect_uri = url_for\\('_oidc_callback', _external=True\\)"
|
|
line: " flow.redirect_uri = url_for('_oidc_callback', _external=True, _scheme='https')"
|
|
backup: yes
|
|
|
|
- name: Set mode /usr/local/lib/ (python libraries)
|
|
file:
|
|
path: /usr/local/lib/
|
|
mode: 'a+rX'
|
|
recurse: true
|
|
|
|
- name: Clone repositories
|
|
git:
|
|
repo: https://github.com/FAUSheppy/{{ item }}.git
|
|
dest: "/var/www/{{ item }}"
|
|
with_items:
|
|
- python-flask-picture-factory
|
|
- simple-log-server
|
|
- soundlib-interface
|
|
|
|
- name: Deploy OIDC config (config)
|
|
template:
|
|
src: oidc_config.json.j2
|
|
dest: "/var/www/{{ item }}/oidc.json"
|
|
owner: www-data
|
|
group: www-data
|
|
with_items:
|
|
- python-flask-picture-factory
|
|
- simple-log-server
|
|
- soundlib-interface
|
|
|
|
- name: SLS Config
|
|
copy:
|
|
src: sls_config.py
|
|
dest: /var/www/simple-log-server/config.py
|
|
owner: www-data
|
|
group: www-data
|
|
|
|
- name: Deploy OIDC config (client secrets)
|
|
template:
|
|
src: oidc_client_secrets.json.j2
|
|
dest: "/var/www/{{ item }}/oidc_client_secrets.json"
|
|
owner: www-data
|
|
group: www-data
|
|
with_items:
|
|
- python-flask-picture-factory
|
|
- simple-log-server
|
|
- soundlib-interface
|
|
|
|
- name: OAuth2Proxy directories
|
|
file:
|
|
path: "/opt/oauth2proxy/{{ item }}/"
|
|
state: directory
|
|
recurse: yes
|
|
with_items:
|
|
- python-flask-picture-factory
|
|
- simple-log-server
|
|
- soundlib-interface
|
|
|
|
- name: Deploy OAuth2Proxy compose files
|
|
template:
|
|
src: oauth-standalone-docker-compose.yaml
|
|
dest: "/opt/oauth2proxy/{{ item }}/docker-compose.yaml"
|
|
with_items:
|
|
- simple-log-server
|
|
- soundlib-interface
|
|
|
|
- name: Template Systemd Units
|
|
template:
|
|
src: "waitress-systemd-unit.j2"
|
|
dest: "/etc/systemd/system/{{ item.name }}.service"
|
|
with_items:
|
|
- { name : "image-factory", path : "/var/www/python-flask-picture-factory" }
|
|
- { name : "serien-ampel", path : "/var/www/serien-ampel" }
|
|
- { name : "simple-log-server", path : "/var/www/simple-log-server" }
|
|
- { name : "soundlib", path : "/var/www/soundlib-interface", external_oidc : true }
|
|
notify:
|
|
- daemon reload
|
|
|
|
- meta: flush_handlers
|
|
|
|
- name: Enable and Start Systemd Units
|
|
systemd:
|
|
name: "{{ item }}"
|
|
enabled: yes
|
|
state: started
|
|
with_items:
|
|
- image-factory
|
|
- serien-ampel
|
|
- simple-log-server
|
|
- soundlib
|