diff options
| author | Christian Pointner <equinox@spreadspace.org> | 2024-01-28 02:11:05 +0100 |
|---|---|---|
| committer | Christian Pointner <equinox@spreadspace.org> | 2024-01-28 02:11:05 +0100 |
| commit | 24b4917d8186551bcf987b72d1c3588e4705096a (patch) | |
| tree | 4cba19d0999095ac27edafc9f88513fdaa80ab16 /inventory/host_vars/ch-http-proxy.yml | |
| parent | move ch-auth-legacy to _graveyard_ (diff) | |
finalize whawty/auth roles for now
Diffstat (limited to 'inventory/host_vars/ch-http-proxy.yml')
| -rw-r--r-- | inventory/host_vars/ch-http-proxy.yml | 23 |
1 files changed, 20 insertions, 3 deletions
diff --git a/inventory/host_vars/ch-http-proxy.yml b/inventory/host_vars/ch-http-proxy.yml index eabf7dbe..46e63c1d 100644 --- a/inventory/host_vars/ch-http-proxy.yml +++ b/inventory/host_vars/ch-http-proxy.yml @@ -54,6 +54,19 @@ prometheus_job_multitarget_blackbox__probe: hostname: "login.chaos-at-home.org" +whawty_auth_store_instances: + chaos-at-home: + config: "{{ whawty_auth_store__chaos_at_home | combine({'basedir': '/var/lib/whawty/auth/chaos-at-home'}) }}" + permissions: + file-mode: "0600" + dir-mode: "0700" + sync: + type: client + hostname: 192.168.32.1 + port: 3022 + user: sync + + whawty_nginx_sso_backends: chaos-at-home: port: 1234 @@ -81,8 +94,14 @@ whawty_nginx_sso_logins: backend: bolt: {} auth: - static: + whawty: + store: /etc/whawty/auth/store-chaos-at-home.yml autoreload: yes + remote-upgrades: + url: https://127.0.0.1/api/update + http-host: passwd.chaos-at-home.org + tls: + server-name: passwd.chaos-at-home.org web: listen: 127.0.0.1:1234 login: @@ -92,8 +111,6 @@ whawty_nginx_sso_logins: prometheus: listen: 127.0.0.1:1235 -whawty_nginx_sso_login_static_credentials__chaos-at-home: "{{ vault_whawty_nginx_sso_login_static_credentials['chaos-at-home'] }}" - prometheus_job_multitarget_whawty_nginx_sso: ch-http-proxy: - instance: "whawty-nginx-sso-{{ inventory_hostname }}-chaos-at-home" |