kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-06-25 11:45:32 +02:00
Code Issues Packages Projects Releases Wiki Activity

Optimized Peertube OIDC draft

Browse Source
This commit is contained in:
Kevin Veen-Birkenbach 2025-05-20 04:18:27 +02:00
parent 3c7825fd23
commit 2f1d6a5178
No known key found for this signature in database
GPG Key ID: 44D8F11FD62F878E
5 changed files with 34 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
roles/docker-peertube/tasks/disable-oidc.yml Normal file
View File

@ -0,0 +1,5 @@
- name: "Uninstall auth-openid-connect plugin for Peertube"
command: >
docker exec {{ container_name }} \
npm run plugin:uninstall -- --npm-name {{oidc_plugin}}
ignore_errors: true

16
roles/docker-peertube/tasks/enable-oidc.yml Normal file
View File

@ -0,0 +1,16 @@
- name: "Install auth-openid-connect plugin for Peertube"
command: >
docker exec {{ container_name }} \
npm run plugin:install -- --npm-name {{oidc_plugin}}
- name: Update Peertube config for OpenID Connect
ansible.builtin.lineinfile:
path: /opt/peertube/config/production.yaml
regexp: '^{{ item.key }}:'
line: "{{ item.key }}: {{ item.value }}"
loop:
- { key: "oidc.client_id", value: "{{ oidc_client_id }}" }
- { key: "oidc.client_secret", value: "{{ oidc_client_secret }}" }
- { key: "oidc.discover_url", value: "{{ oidc_discover_url }}" }
- { key: "oidc.scope", value: "openid email profile" }
become: yes

8
roles/docker-peertube/tasks/main.yml
View File

@ -13,3 +13,11 @@
- name: "copy docker-compose.yml and env file" - name: "copy docker-compose.yml and env file"
include_tasks: copy-docker-compose-and-env.yml include_tasks: copy-docker-compose-and-env.yml
- name: "Install and activate auth-openid-connect plugin if OIDC is enabled"
include_tasks: enable-oidc.yml
when: applications | is_feature_enabled('oidc',application_id)
- name: "Deinstall and disable auth-openid-connect plugin if OIDC is enabled"
include_tasks: disable-oidc.yml
when: applications | is_feature_enabled('oidc',application_id)

1
roles/docker-peertube/vars/configuration.yml
View File

@ -4,6 +4,7 @@ features:
css: false css: false
portfolio_iframe: false portfolio_iframe: false
central_database: true central_database: true
oidc: false
csp: csp:
flags: flags:
script-src: script-src:

6
roles/docker-peertube/vars/main.yml
View File

@ -1,2 +1,4 @@
application_id: "peertube" application_id: "peertube"
database_type: "postgres" database_type: "postgres"
container_name: "{{ application_id }}"
oidc_plugin: "peertube-plugin-auth-openid-connect"