Skip to content
Extraits de code Groupes Projets
Valider a416e842 rédigé par Rémi - Le Filament's avatar Rémi - Le Filament
Parcourir les fichiers

Add documentation

parent 9fa9297d
Aucune branche associée trouvée
Aucune étiquette associée trouvée
Aucune requête de fusion associée trouvée
Role Name
=========
docker_auth_v2
==============
A brief description of the role goes here.
This role deploys LemonLDAP v2 together with OpenLDAP and PHPLdapAdmin and for SSO authentication
Requirements
------------
Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required.
None
Role Variables
--------------
A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well.
Variables from default directory :
* SSO
* sso_url: URL for SSO
* LDAP
* ldap_org: Organization name
* ldap_domain: Organization domain
* ldap_base_dn: Base Distinguished name (by default "dc=example,dc=org")
* ldap_admin_pass: Admin user password
* ldap_config_pass: Configuration user password
* ldap_readonly_pass: Read-Only user password
* ldap_url: URL for LDAP
* Backups (for backups to be deployed, host needs to be in maintenance_contract group)
* swift parameters for 2 object storage instances where backups should be pushed daily
* auth_backup_pass : Passphrase for encryption of backups
Dependencies
------------
A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles.
This role requires the following Ansible collection :
* community.docker
This Docker role supposes that Traefik is deployed as an inverseproxy in front of the deployed Dockers.
The following role is used by Le Filament for deploying Traefik : docker_server (https://sources.le-filament.com/lefilament/ansible-roles/docker_server)
Example Playbook
----------------
......
---
ldap_url: "ldap.example.org"
## SSO Paramters
sso_url: "sso.example.org"
## LDAP parameters
# Organization name
ldap_org: "Example"
# Domain
ldap_domain: "example.org"
# Base DN
ldap_base_dn: "dc=example,dc=org"
# Admin password
ldap_admin_pass: "AdminPasswordToBeModified"
# Configuration password
ldap_config_pass: "ConfigPasswordToBeModified"
# Readonly password
ldap_readonly_pass: "ReadOnlyPasswordToBeModified"
# URL for PHP MyAdmin
ldap_url: "ldap.example.org"
# Backups
# Parameters for pushing backups to Object Storage - Instance 1
swift_odoo_authurl: https://auth.cloud.ovh.net/v3/
swift_odoo_authversion: 3
swift_odoo_tenantid: "132e1fa"
swift_odoo_tenantname: "12312534534"
swift_odoo_username: "testuser"
swift_odoo_password: "testpassword"
swift_odoo_regionname: "GRA"
# Parameters for pushing backups to Object Storage - Instance 2
swift_odoo2_authurl: https://auth.cloud.ovh.net/v3/
swift_odoo2_authversion: 3
swift_odoo2_tenantid: "12323534ab"
swift_odoo2_tenantname: "123124235345"
swift_odoo2_username: "testuser"
swift_odoo2_password: "testpassword"
swift_odoo2_regionname: "DE"
# Passphrase for backups encryption
auth_backup_pass: notSecureEnoughPasswordToBeModified
---
galaxy_info:
author: Rémi
description: your role description
description: This role deploys LemonLDAP v2 together with LDAP for SSO authentication
company: Le Filament (https://le-filament.com)
license: AGPL-3.0-or-later
min_ansible_version: 2.1
platforms:
- name: CentOS
versions:
- 7
- name: Ubuntu
versions:
- 16.04
- 18.04
- 20.04
galaxy_tags: []
galaxy_tags:
- sso
- lemonldap
- ldap
- openldap
- phpldapadmin
0% Chargement en cours ou .
You are about to add 0 people to the discussion. Proceed with caution.
Veuillez vous inscrire ou vous pour commenter