From a416e842f4e3a4000e20ad81c466eedd00a44fba Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?R=C3=A9mi=20-=20Le=20Filament?= <remi@le-filament.com> Date: Fri, 11 Jun 2021 14:51:43 +0200 Subject: [PATCH] Add documentation --- README.md | 30 ++++++++++++++++++++++++------ defaults/main.yml | 38 +++++++++++++++++++++++++++++++++++++- meta/main.yml | 23 ++++++++--------------- 3 files changed, 69 insertions(+), 22 deletions(-) diff --git a/README.md b/README.md index a3d0bdb..937fd1b 100644 --- a/README.md +++ b/README.md @@ -1,22 +1,40 @@ -Role Name -========= +docker_auth_v2 +============== -A brief description of the role goes here. +This role deploys LemonLDAP v2 together with OpenLDAP and PHPLdapAdmin and for SSO authentication Requirements ------------ -Any pre-requisites that may not be covered by Ansible itself or the role should be mentioned here. For instance, if the role uses the EC2 module, it may be a good idea to mention in this section that the boto package is required. +None Role Variables -------------- -A description of the settable variables for this role should go here, including any variables that are in defaults/main.yml, vars/main.yml, and any variables that can/should be set via parameters to the role. Any variables that are read from other roles and/or the global scope (ie. hostvars, group vars, etc.) should be mentioned here as well. +Variables from default directory : +* SSO + * sso_url: URL for SSO +* LDAP + * ldap_org: Organization name + * ldap_domain: Organization domain + * ldap_base_dn: Base Distinguished name (by default "dc=example,dc=org") + * ldap_admin_pass: Admin user password + * ldap_config_pass: Configuration user password + * ldap_readonly_pass: Read-Only user password + * ldap_url: URL for LDAP +* Backups (for backups to be deployed, host needs to be in maintenance_contract group) + * swift parameters for 2 object storage instances where backups should be pushed daily + * auth_backup_pass : Passphrase for encryption of backups + Dependencies ------------ -A list of other roles hosted on Galaxy should go here, plus any details in regards to parameters that may need to be set for other roles, or variables that are used from other roles. +This role requires the following Ansible collection : +* community.docker + +This Docker role supposes that Traefik is deployed as an inverseproxy in front of the deployed Dockers. +The following role is used by Le Filament for deploying Traefik : docker_server (https://sources.le-filament.com/lefilament/ansible-roles/docker_server) Example Playbook ---------------- diff --git a/defaults/main.yml b/defaults/main.yml index 5b9f486..e971eff 100644 --- a/defaults/main.yml +++ b/defaults/main.yml @@ -1,4 +1,40 @@ --- -ldap_url: "ldap.example.org" +## SSO Paramters sso_url: "sso.example.org" + +## LDAP parameters +# Organization name +ldap_org: "Example" +# Domain +ldap_domain: "example.org" +# Base DN +ldap_base_dn: "dc=example,dc=org" +# Admin password +ldap_admin_pass: "AdminPasswordToBeModified" +# Configuration password +ldap_config_pass: "ConfigPasswordToBeModified" +# Readonly password +ldap_readonly_pass: "ReadOnlyPasswordToBeModified" +# URL for PHP MyAdmin +ldap_url: "ldap.example.org" + +# Backups +# Parameters for pushing backups to Object Storage - Instance 1 +swift_odoo_authurl: https://auth.cloud.ovh.net/v3/ +swift_odoo_authversion: 3 +swift_odoo_tenantid: "132e1fa" +swift_odoo_tenantname: "12312534534" +swift_odoo_username: "testuser" +swift_odoo_password: "testpassword" +swift_odoo_regionname: "GRA" +# Parameters for pushing backups to Object Storage - Instance 2 +swift_odoo2_authurl: https://auth.cloud.ovh.net/v3/ +swift_odoo2_authversion: 3 +swift_odoo2_tenantid: "12323534ab" +swift_odoo2_tenantname: "123124235345" +swift_odoo2_username: "testuser" +swift_odoo2_password: "testpassword" +swift_odoo2_regionname: "DE" +# Passphrase for backups encryption +auth_backup_pass: notSecureEnoughPasswordToBeModified diff --git a/meta/main.yml b/meta/main.yml index 4ed7944..dcd4108 100644 --- a/meta/main.yml +++ b/meta/main.yml @@ -1,20 +1,13 @@ +--- galaxy_info: author: RĂ©mi - description: your role description + description: This role deploys LemonLDAP v2 together with LDAP for SSO authentication company: Le Filament (https://le-filament.com) - license: AGPL-3.0-or-later - min_ansible_version: 2.1 - - platforms: - - name: CentOS - versions: - - 7 - - name: Ubuntu - versions: - - 16.04 - - 18.04 - - 20.04 - - galaxy_tags: [] + galaxy_tags: + - sso + - lemonldap + - ldap + - openldap + - phpldapadmin -- GitLab