kevinveenbirkenbach/computer-playbook
1
0
Fork 0
mirror of https://github.com/kevinveenbirkenbach/computer-playbook.git synced 2025-10-31 18:29:21 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
1b91ddeac2329c1816c22781aea56a288da6b143
computer-playbook/roles/web-svc-logout/templates/env.j2
Kevin Veen-Birkenbach 4ae3cee36c web-svc-logout: merge logout domains into CSP connect-src and refactor task flow 
• Add tasks/01_core.yml to set applications[application_id].server.csp.whitelist['connect-src'] = LOGOUT_CONNECT_SRC_NEW.

• Switch tasks/main.yml to include 01_core.yml (run-once guard preserved).

• Update templates/env.j2 to emit LOGOUT_DOMAINS as a comma-separated list.

• Rework vars/main.yml: compute LOGOUT_DOMAINS, derive LOGOUT_ORIGINS with WEB_PROTOCOL, read connect-src via the get_app_conf filter, and merge/dedupe (unique).

Rationale: ensure CSP allows cross-domain logout requests for all configured services.

Conversation: https://chatgpt.com/share/68b5b07d-b208-800f-b6b2-f26934607c8a
2025-09-01 16:41:33 +02:00

15 lines
458 B
Django/Jinja
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# Commaseparated list of all subdomains to log out (no spaces)
LOGOUT_DOMAINS={{ LOGOUT_DOMAINS | join(',') }}
# Port the logout service will listen on inside the container
LOGOUT_PORT={{ container_port }}
# (Optional) If youre using dockercompose, you can also define:
#HOST_LOGOUT_PORT=8080
#HOST_NGINX_HTTP_PORT=80
#HOST_NGINX_HTTPS_PORT=443
# (For the Nginx Jinja2 proxy snippet)
#LOGOUT_SERVICE_HOST=logout-service
#LOGOUT_SERVICE_PORT=8000
Reference in New Issue View Git Blame Copy Permalink