computer-playbook/roles/web-app-lam/config/main.yml

docker:
  services:
    lam:
      image:   ghcr.io/ldapaccountmanager/lam
      version: latest
oauth2_proxy:
  application:                  application
  port:                         80
  allowed_groups:
    - "{{ [RBAC.GROUP.NAME, 'web-app-lam-administrator'] | path_join }}"
features:
  matomo:                       true
  css:                          true
  desktop:              true
  ldap:                         true
  oauth2:                       true
  logout:                       true
server:
  csp:
    flags:
      style-src:
        unsafe-inline:            true
      script-src-elem:
        unsafe-inline:            true
        unsafe-eval:              true
      script-src:
        unsafe-inline:            true
  domains:
    aliases:
      - "ldap.{{ PRIMARY_DOMAIN }}"
    canonical:
      - lam.{{ PRIMARY_DOMAIN }}