diff --git a/README.md b/README.md index a3d0bdb2495b5c518b05828bf6df27a5966d747a..937fd1b99bf26735dd87df61171756a0108f3c56 100644 --- a/README.md +++ b/README.md @@ -1,22 +1,40 @@ -Role Name -========= +docker_auth_v2 +============== -A brief description of the role goes here. +This role deploys LemonLDAP v2 together with OpenLDAP and PHPLdapAdmin and for SSO authentication Requirements ------------ -Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. +None Role Variables -------------- -A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. +Variables from default directory : +* SSO + * sso_url: URL for SSO +* LDAP + * ldap_org: Organization name + * ldap_domain: Organization domain + * ldap_base_dn: Base Distinguished name (by default "dc=example,dc=org") + * ldap_admin_pass: Admin user password + * ldap_config_pass: Configuration user password + * ldap_readonly_pass: Read-Only user password + * ldap_url: URL for LDAP +* Backups (for backups to be deployed, host needs to be in maintenance_contract group) + * swift parameters for 2 object storage instances where backups should be pushed daily + * auth_backup_pass : Passphrase for encryption of backups + Dependencies ------------ -A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. +This role requires the following Ansible collection : +* community.docker + +This Docker role supposes that Traefik is deployed as an inverseproxy in front of the deployed Dockers. +The following role is used by Le Filament for deploying Traefik : docker_server (https://sources.le-filament.com/lefilament/ansible-roles/docker_server) Example Playbook ---------------- diff --git a/defaults/main.yml b/defaults/main.yml index 5b9f486f86c35f825ab02321ec608fdb57f9e8a8..e971effdf4a87fc42ee483f691924f87ca0218ec 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -1,4 +1,40 @@ --- -ldap_url: "ldap.example.org" +## SSO Paramters sso_url: "sso.example.org" + +## LDAP parameters +# Organization name +ldap_org: "Example" +# Domain +ldap_domain: "example.org" +# Base DN +ldap_base_dn: "dc=example,dc=org" +# Admin password +ldap_admin_pass: "AdminPasswordToBeModified" +# Configuration password +ldap_config_pass: "ConfigPasswordToBeModified" +# Readonly password +ldap_readonly_pass: "ReadOnlyPasswordToBeModified" +# URL for PHP MyAdmin +ldap_url: "ldap.example.org" + +# Backups +# Parameters for pushing backups to Object Storage - Instance 1 +swift_odoo_authurl: https://auth.cloud.ovh.net/v3/ +swift_odoo_authversion: 3 +swift_odoo_tenantid: "132e1fa" +swift_odoo_tenantname: "12312534534" +swift_odoo_username: "testuser" +swift_odoo_password: "testpassword" +swift_odoo_regionname: "GRA" +# Parameters for pushing backups to Object Storage - Instance 2 +swift_odoo2_authurl: https://auth.cloud.ovh.net/v3/ +swift_odoo2_authversion: 3 +swift_odoo2_tenantid: "12323534ab" +swift_odoo2_tenantname: "123124235345" +swift_odoo2_username: "testuser" +swift_odoo2_password: "testpassword" +swift_odoo2_regionname: "DE" +# Passphrase for backups encryption +auth_backup_pass: notSecureEnoughPasswordToBeModified diff --git a/meta/main.yml b/meta/main.yml index 4ed794420a4091f49a205352f097ce321d7ec1f3..dcd410833a6bae52d9e193c79ffde70a354a5856 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -1,20 +1,13 @@ +--- galaxy_info: author: Rémi - description: your role description + description: This role deploys LemonLDAP v2 together with LDAP for SSO authentication company: Le Filament (https://le-filament.com) - license: AGPL-3.0-or-later - min_ansible_version: 2.1 - - platforms: - - name: CentOS - versions: - - 7 - - name: Ubuntu - versions: - - 16.04 - - 18.04 - - 20.04 - - galaxy_tags: [] + galaxy_tags: + - sso + - lemonldap + - ldap + - openldap + - phpldapadmin