Optimized LDAP integration, keycloak realm import and health checks for docker images

2025-08-29 15:06:26 +02:00 · 2025-02-18 21:00:14 +01:00
parent e87c3e2090
commit 0f44e65bf1
26 changed files with 111 additions and 63 deletions
--- a/roles/docker-funkwhale/templates/env.j2
+++ b/roles/docker-funkwhale/templates/env.j2
@@ -100,7 +100,7 @@ DJANGO_SETTINGS_MODULE=config.settings.production
 # Generate one using `openssl rand -base64 45`, for example
 DJANGO_SECRET_KEY={{funkwhale_django_secret}}

-{% if ldap_enabled | bool %}
+{% if applications[application_id].ldap_enabled | bool %}
 # LDAP settings
 # Use the following options to allow authentication on your Funkwhale instance
 # using a LDAP directory.
@@ -110,7 +110,7 @@ DJANGO_SECRET_KEY={{funkwhale_django_secret}}
 LDAP_ENABLED        =   True
 LDAP_SERVER_URI     =   "{{ldap.server.uri}}"
 LDAP_BIND_DN        =   "{{ldap.dn.bind}}"
-LDAP_BIND_PASSWORD  =   "{{ldap.dn.bind_credential}}"
+LDAP_BIND_PASSWORD  =   "{{ldap.bind_credential}}"
 LDAP_SEARCH_FILTER  =   "(|(cn={0})(mail={0}))"
 LDAP_START_TLS      =   False
 LDAP_ROOT_DN        =   "{{ldap.dn.root}}"
--- a/roles/docker-funkwhale/vars/main.yml
+++ b/roles/docker-funkwhale/vars/main.yml
@@ -2,7 +2,6 @@ application_id:                                 "funkwhale"
 nginx_docker_reverse_proxy_extra_configuration: "client_max_body_size 512M;"
 database_password:                              "{{funkwhale_database_password}}"
 database_type:                                  "postgres"
-ldap_enabled:                                   True
 media_root:                                     "/srv/funkwhale/data/"
 static_root:                                    "{{media_root}}static"
 celeryd_concurrency:                            1