Commit c8628291 authored by nono's avatar nono 💻
Browse files

Ajout du test du role keycloak

parent 7eeec224
......@@ -78,10 +78,6 @@
path = roles/ansible-backup
url = gitlab@git.laquadrature.net:lqdn-interne/piops-roles/ansible-backup.git
branch = master
[submodule "roles/ansible-role-mediawiki"]
path = roles/ansible-role-mediawiki
url = https://github.com/robertdebock/ansible-role-mediawiki.git
branch = master
[submodule "roles/ansible-role-mysql"]
path = roles/ansible-role-mysql
url = https://github.com/robertdebock/ansible-role-mysql.git
......
$ANSIBLE_VAULT;1.1;AES256
34383930353736323238336366313631633464626631343436376430346264336465613761653930
3634666338376235383138363339343832633934643639300a373334373533393566383239313931
30363330343131333638323266346333313439333839316661356133643835666635393135313437
3330356662636265620a636430353366633038356338363130383531393166343934343166386138
32396362653866386432373462653165386165336564653362323762613235383863333839366266
38396563346164663639373931633766383665383066386439396330333536326531313930666166
38613564336233626363333464323562663036613063373033373764356535343336666161666439
30626433636461643463663863636433323630303765643665633835373736353939653734333837
35333965633964393165346362366635376432393761653862346535393332643963623464623263
36663665336639316636373030663964666539356361616564623262376130346164633765333636
31653434346437343864343264386338303832356663343761623730656439656230383633363031
32316539303865663763333365623334396633643236396365353461363630396536623830656331
63343230636639316338313965353937386464353666313863663730326131393365323863346430
63626361653534646565653433626431623135303964643434363361353466386262383638306331
38313363353064386161353337336663653938306635373930343965353535613338363064636331
30333933653266376135356131636663393163333865313338623937626230396137616463396162
63623864343932643964306632653764326638313766306335393063336162356366313338353636
32393834633165626264326464623231333534356236343433646363333131383862383438353531
35393664303761633963323132313232646363383136623036386364653237623832393437393464
38396132383961623732666237346439373761633139376635613765613162316338313938633335
64393862363564386662313562333135303235623561633534306334663738326332376638623562
35366533656238316433386538616239346634613964666162643635313130323466633537396264
32666535353231623363393063396366343664323830356563613836633730653934383037303531
36323262343731666234613235376364393463393532613561336435313935303163653562646131
39633438386132633936393764623265383534383731613833386566353035653234636439633235
61666563366634623865373863623535373839656630303265626163373839356136343962383861
32376437663131333566643138393736373866383933653037383032353730323065633939333262
61393162613936653531386163326164323033616231306333323331663466316631636537393533
32653165363333643332376132323634306239623262626531373861623932643530343036653563
35333839646563303937323461376233336438383166363739373162383863316536346466386366
38623433366638393630363032393663376232613733396462376337353765393138393630623661
61613161613534356639363162363137346436343064343066653331366132343465313337306230
39616131323165306562666666376331623035376466313566653263356561303239616664373230
38316163373265386437636239346538643365353338636330643537623033326431616336393935
34323337343665343134656366653132333234636338353633353633393634643665313732663639
34393832333363633861346535663363366661633562636636653163326465373439303533613466
31653130383834343064653138363864653865656462626165383339376135343366306431373936
33663330306635663362313233323430323030323939653135303131653036653032373737643731
33613234353336653131333531393463663731323432316630376532313434323233303934303335
33306234363764363732373732333534646465343931373933393136653539353235613430313536
34613738653535633931396132663063383963626236623439613232643135626366613634653633
36383731613130386430356364653765326632336239343831656334613832363230376233353565
65363863386130366137623839663231343766386138333166373861346439383731376464393866
35636431373331396235623436306463663663353937636336626531616561313939666237323033
33386163326639653462616230643131306666386434336431366138336462343435366431316566
65393935376163366634656532346163316631353638333935383563343732376137343033336338
61303835666532393339386633636437356332323461613933643665363164616262623135323339
66356363363835313530613939383530386266356164613232396163353833653736663661386562
33346132653936633162313731396339323535363938393434363262383936343932353331393436
62336130366533306232616435346562333834616139386630353637653732316263376230366230
30306363646262333432336231643330363761616137636134313431356338363261613066656431
34656630313635346134666437356432663536656439613165383934363131346333636463386631
32636133336137306430306537653435326463626334393462313632653036383631353161313834
30343234313530326233326566383234613934383338326365623937363431653765363633623731
36396565396136346130396366646132623539616630613333613062373839366239633936383765
33316338663432343065
36386431623461393766633130653031643866663034373565343532356566313735373233643531
3737623866333737376432663936346532303365336137350a333035373835646132343436613035
30623639323032393165613532363531343532623266656166303562636536623862633766373736
3938313564323934640a666164613336316535613231343263356538396366346330616339306465
62303235396631333766373961356361623437363536363263656462623535373031656466373865
63623363336234306138303037376639626531393330393362646631383433316539386332626365
34363163626132613931383164626238343038653661363438393961373339336361616139323065
34336462613064623662663735316363363462643938616366633661666464363833633963313964
31616139383639303135306563343733326264343530386430373338396161333162356461613631
35376333313863333836643831643864626664353564643031313730393362366639636635356338
31626165303433316161666366383131666333326330613264373935363066646130666566313231
31633838323937353136636265326132636533333333306136633730626138313361306530373033
62326562353736356464306439666361383333306430356166326663306233386437613531363830
63356361326438363466636436333439633737383063323433346263626433386464353264313036
37663564653337616631353837373666376534623365303564396532333566383563623938396533
34666164313065643435343131376633643866363564623961386330363833653631636234356639
66653137303338323335666138333862373431623731396235326539343837393737393337313166
33656532383138306338393234393435343238623031663430633663313561383936313532373738
31636361373336336433666563383734626132336336343139363963613566623631653932306133
34643839376432653865613136333531303436386338653031666665363830373834393135663730
61366630613763653335346630366236306632653236393439363063333935363035663734643362
64343763313962383330626362343261356666373135303336366263393764383966333834386564
63346634386235393566613836353138666264626363373831376437393364353834386531376530
31396533396135363265653531346261366164366664373634626238396136663336643865396435
37653135613464366364326234393938363366643530323064383037653432383935643530616437
37326165643933663638666239643836303632353935643132636332616538656665383961626532
36643666643932396234353433373261666131353764643138393634386430323233646238623735
34386566383131626331626639323930623531616461663731643933346536386462646639336262
64613166623739633931613461343630623666393835346662666462643537336430303530393763
64663638373661383031333136643862633436666166636633333866316231386562313861376566
64393630333034353065376365333237666436353839383738653865636366313663343361613062
65303732383331336463343336353466613365633064323435393965353839353130336234313238
34623862633637653539613936356266656535626130643532383131353665396532313764633036
31303830363762326466366332613030633564663534666161626439396363353365323434646263
39363631326261306538393064393235376263353861303030356266323435383835373836626538
62343363316439353831363630383839613261323066356534383664633032306131663765383533
65656433386662303232373033363234646663663039396431663334643666306635633130653731
35343866643539353565626538343933656161653437303064653633636138386533353564326163
61366262353831356166623636303431376533663436613463656534363262633365366434313137
34326665623036386430326433653530313765323233353966656162646537623037613031396238
64303635303066303562663933613435666637646239636432396562646638396430643938333938
33376535643566393031636464383863656132356165666338656333373435643265326538366166
66643438623433383432323137383835613561666466396233633633313532313164353630383566
35613636643462393662313636316165613038336237343161373739373533363764343465626337
33313765623334393636313834613161626663646435373439646230383637316664376264366466
38323934313666643762363936323262353062616561663031616634613861656634636430646534
38666630636137303530323938303235373436656238626561363538363539353930323130363038
30303738363962303230616562326134306534646163396134373637626139643534343835653038
33383961633062626238386433616664336238653437303336333438303732386432393031656132
61316336363266626263366262323931326630653363353134386535623961346139313665373966
35633035663266303730363737643463316136356630353537616564333663303265646637316533
65306232663663363436306362306538643463663238366265333130323939383166376633306631
63653035323562616438366635623033633733336237613263376237306662613065383037353163
35636663313934353762383563636164393936373237316565623630316162353537303633633232
33613136666364383937333061343333303861633631313734303934616535373262656662366330
37396234356438623132383365373833353865613262326264646663323439306638663732356564
36313563646533623164623463646137663335653734663633633035396262326565393034343462
33373935323033373363623566613531636235613931386432626333313861626134343830346233
33663736633432646435636664646534633034363338666331396237646432356166346636316331
34623238633838643562653639326266343332633066313635333931376263323739663161303865
32313333666565343230633863663331343862643866636330633234363433323563393431393566
32623334616433613962613665393765613164363563653566636336316237376163623364663735
30613765316266636363396537626230393437653039343164383535646432363232333530623931
35373336666230343736303562613237643064393934353831323139326236336166363662356231
61633334303031313633316333363461393433393866353532323466346533656538333137613034
37636235663232623965383761663663396166656265313433653165383638636563303437383937
34666365653335373737333766636139363261643164616631343037646364623464373836663765
31383066346233613262653862646439633361663066656335656236326633616166653836653966
30343130636336663062393736626163616233363637653630346133333034656433366438633365
61383465626237663863626365656632663437303137653663643530303564656464346434643334
36353036376436623133313765656362643962633430396362353862323561313639613238313834
30623463316638353232663738363635633563653435623063613062656161363739333832616530
32366535653534376431396534353037616233656363336336633830353835646231313132386130
37323862333761366363633231346635343665616539373865323162316337633862366430383130
32633536313636313430646663383762316330316565343433626233303039303534636336613139
32323762343938303766383461303665326161383835393733326665633932303561383966396638
35353932363961613336376263316364353335386631343263366539646232353665
monitoring_service_url: "stats.test.lqdn.fr"
server_url: "test.lqdn.fr"
# Firewall
firewall_state: started
......@@ -34,3 +35,87 @@ backup_max_months: 1
backup_with_mysql: true
backup_with_postgresql: true
backup_with_mongodb: false
# Keycloak
keycloak_service_group: "keycloak"
keycloak_service_user: "keycloak"
keycloak_service_name: "keycloak"
keycloak_base_path: "/opt/keycloak"
keycloak_dest: "{{ keycloak_base_path }}"
## General settings
## Keycloak config
keycloak_version: "16.1.0"
keycloak_previous_version: "15.0.2"
keycloak_create_admin: false
keycloak_force_install: true
## Security config
keycloak_log_directory: "/opt/keycloak/keycloak-{{ keycloak_version }}/standalone/log"
## Cerbot config
certbot_install_method: package
certbot_admin_email: "{{ sysadmin_email }}"
certbot_create_if_missing: True
certbot_create_method: standalone
certbot_certs:
- domains:
- sso.{{ server_url }}
certbot_auto_renew_options: '--webroot -w /var/www/letsencrypt && systemctl reload nginx'
certbot_auto_renew: true
## Nginx config
nginx_vhosts:
- listen: "443 ssl http2"
server_name: "sso.{{ server_url }}"
access_log: "/var/log/nginx/keycloak_access.log"
error_log: "/var/log/nginx/keycloak_error.log"
state: "present"
template: "{{ nginx_vhost_template }}"
filename: "sso.{{ server_url }}.https.conf"
extra_parameters: |
location / {
proxy_buffering off;
proxy_set_header Referer $http_referer;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header Host $http_host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_pass http://127.0.0.1:8080;
proxy_redirect off;
}
location /.well-known/acme-challenge {
alias /var/www/letsencrypt/.well-known/acme-challenge;
}
location = / {
return 301 "https://sso.{{ server_url }}/auth/realms/lqdn/account";
}
location = /admin {
return 301 "https://sso.{{ server_url }}/auth/admin/";
}
ssl_certificate /etc/letsencrypt/live/sso.{{ server_url }}/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/sso.{{ server_url }}/privkey.pem;
ssl_protocols TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
- listen: "80"
server_name: "sso.{{ server_url }}"
access_log: "/var/log/nginx/keycloak_access.log"
error_log: "/var/log/nginx/keycloak_error.log"
state: "present"
template: "{{ nginx_vhost_template }}"
filename: "sso.{{ server_url }}.http.conf"
extra_parameters: |
location / {
return 302 https://sso.{{ server_url }}$request_uri;
}
Subproject commit 6ef03c70f481396f0eb26fa4f459122b2302d676
......@@ -74,18 +74,31 @@
# - testing
# - don
- name: Wiki LQDN
# - name: Wiki LQDN
# hosts: test
# remote_user: root
# roles:
# - ansible-role-certbot
# - ansible-role-nginx
# - ansible-role-php
# - ansible-role-mysql
# - ansible-role-mediawiki
# tags:
# - testing
# - wiki
- name: SSO LQDN
hosts: test
remote_user: root
roles:
- ansible-role-certbot
- security-lqdn
- packages-lqdn
- updates-lqdn
- ansible-role-nginx
- ansible-role-php
- ansible-role-mysql
- ansible-role-mediawiki
- ansible-role-certbot
- sso-lqdn
tags:
- testing
- wiki
- sso
# - name: Wordpress LQDN
#
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment