kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-08-29 23:08:06 +02:00
Code Issues Packages Projects Releases Wiki Activity

Renamed general and mode constants and implemented a check to verify that constants are just defined ones over the whole repository

Browse Source
This commit is contained in:
Kevin Veen-Birkenbach
2025-08-13 19:10:44 +02:00
parent 004507e233
commit db0e030900
171 changed files with 474 additions and 345 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
roles/web-app-keycloak/config/main.yml
View File

@@ -28,7 +28,7 @@ server:
- "*" # For frontend channel logout it's necessary that iframes can be loaded
domains:
canonical:
- "auth.{{ primary_domain }}"
- "auth.{{ PRIMARY_DOMAIN }}"
scopes:
rbac_roles: rbac_roles
nextcloud: nextcloud

2
roles/web-app-keycloak/templates/env.j2
View File

@@ -25,7 +25,7 @@ KC_BOOTSTRAP_ADMIN_USERNAME= "{{applications | get_app_conf(application_id, '
KC_BOOTSTRAP_ADMIN_PASSWORD= "{{applications | get_app_conf(application_id, 'credentials.administrator_password', True)}}"
# Enable detailed logs
{% if enable_debug | bool %}
{% if MODE_DEBUG | bool %}
KC_LOG_LEVEL=DEBUG
KC_LOG_CONSOLE_ENABLED=true
{% endif %}

4
roles/web-app-keycloak/templates/import/realm.json.j2
View File

@@ -836,7 +836,7 @@
{# The following line should be covered by 02_update_client_redirects.yml #}
"redirectUris": {{ domains | redirect_uris(applications, WEB_PROTOCOL) | tojson }},
"webOrigins": [
"{{ WEB_PROTOCOL }}://*.{{primary_domain}}"
"{{ WEB_PROTOCOL }}://*.{{PRIMARY_DOMAIN}}"
],
"notBefore": 0,
"bearerOnly": false,
@@ -853,7 +853,7 @@
"oidc.ciba.grant.enabled": "false",
"client.secret.creation.time": "0",
"backchannel.logout.session.required": "true",
"post.logout.redirect.uris": "{{ WEB_PROTOCOL }}://{{primary_domain}}/*##+",
"post.logout.redirect.uris": "{{ WEB_PROTOCOL }}://{{PRIMARY_DOMAIN}}/*##+",
"frontchannel.logout.session.required": "true",
"oauth2.device.authorization.grant.enabled": "false",
"display.on.consent.screen": "false",

4
roles/web-app-keycloak/vars/main.yml
View File

@@ -5,7 +5,7 @@ database_type: "postgres"
# Keycloak
keycloak_container: "{{ applications | get_app_conf(application_id, 'docker.services.keycloak.name') }}" # Name of the keycloak docker container
keycloak_docker_import_directory: "/opt/keycloak/data/import/" # Directory in which keycloak import files are placed in the running docker container
keycloak_realm: "{{ primary_domain}}" # This is the name of the default realm which is used by the applications
keycloak_realm: "{{ PRIMARY_DOMAIN}}" # This is the name of the default realm which is used by the applications
keycloak_master_api_user: "{{ applications | get_app_conf(application_id, 'users.administrator') }}" # Master Administrator
keycloak_master_api_user_name: "{{ keycloak_master_api_user.username }}" # Master Administrator Username
keycloak_master_api_user_password: "{{ keycloak_master_api_user.password }}" # Master Administrator Password
@@ -15,7 +15,7 @@ keycloak_server_host: "127.0.0.1:{{ ports.localhost.http[applicati
keycloak_server_host_url: "http://{{ keycloak_server_host }}"
keycloak_image: "{{ applications | get_app_conf(application_id, 'docker.services.keycloak.image') }}" # Keycloak docker image
keycloak_version: "{{ applications | get_app_conf(application_id, 'docker.services.keycloak.version') }}" # Keycloak docker version
keycloak_debug_enabled: "{{ enable_debug }}"
keycloak_debug_enabled: "{{ MODE_DEBUG }}"
keycloak_redirect_features: ["features.oauth2","features.oidc"]
keycloak_client_id: "{{ oidc.client.id }}"
keycloak_ldap_component_name: "{{ ldap.server.domain }}" # Name of the LDAP User Federation component in Keycloak (as shown in UI)