Implemented not working oauth2-proxy draft

2025-08-29 15:06:26 +02:00 · 2025-01-26 13:25:39 +01:00
parent e6292663b4
commit 7b9959af21
8 changed files with 61 additions and 13 deletions
--- a/group_vars/all
+++ b/group_vars/all
@@ -270,7 +270,7 @@ mastodon_single_user_mode:        false
 matrix_administrator_username:  "{{administrator_username}}"  # Accountname of the matrix admin
 matrix_playbook_tags:           "setup-all,start"             # For the initial update use: install-all,ensure-matrix-users-created,start
 matrix_role:                    "compose"                     # Role to setup Matrix. Valid values: ansible, compose
-matrix_server_name:             "{{primary_domain}}"              # Adress for the account names etc.
+matrix_server_name:             "{{primary_domain}}"          # Adress for the account names etc.
 matrix_synapse_version:         "latest"
 matrix_element_version:         "latest"

@@ -286,17 +286,28 @@ moodle_administrator_email: "{{administrator_email}}"
 moodle_version:             "latest"

 #### MyBB
-mybb_version:            "latest"
+mybb_version:               "latest"

 #### Nextcloud
-nextcloud_version:      "production"  # @see https://nextcloud.com/blog/nextcloud-release-channels-and-how-to-track-them/
+nextcloud_version:          "production"  # @see https://nextcloud.com/blog/nextcloud-release-channels-and-how-to-track-them/
+
+#### OAuth2 Proxy
+oauth2_proxy_active:                  true
+oauth2_version:                       "latest"
+oauth2_proxy_redirect_url:            "https://{{domain_keycloak}}/auth/realms/{{primary_domain}}/protocol/openid-connect/auth"  # The redirect URL for the OAuth2 flow. It should match the redirect URL configured in Keycloak.
+# oauth2_proxy_port:                  >= 4180 # This ports should be defined in the roles. They are for the local mapping on the host and need to be defined in the playbook for transparancy.
+# oauth2_proxy_upstream_application:  # The name of the application which the server redirects to. Needs to be defined in role vars.
+
+#### Open Project
+# openproject_oauth2_proxy_client_secret: Needs to be defined in inventory # The client ID configured in Keycloak for the application. 
+# openproject_oauth2_proxy_cookie_secret: Needs to be defined in inventory # The client secret configured in Keycloak for the application.

 #### Peertube
-peertube_version:       "bookworm"
+peertube_version:           "bookworm"

 #### Pixelfed
-pixelfed_app_name:      "Pictures on {{primary_domain}}"
-pixelfed_version:       "latest"
+pixelfed_app_name:          "Pictures on {{primary_domain}}"
+pixelfed_version:           "latest"

 #### Postgres
 # Please set an version in your inventory file - Rolling release for postgres isn't recommended