summaryrefslogtreecommitdiff
path: root/inventory/host_vars/sk-testvm.yml
diff options
context:
space:
mode:
Diffstat (limited to 'inventory/host_vars/sk-testvm.yml')
-rw-r--r--inventory/host_vars/sk-testvm.yml42
1 files changed, 42 insertions, 0 deletions
diff --git a/inventory/host_vars/sk-testvm.yml b/inventory/host_vars/sk-testvm.yml
index 264e87f6..2650b85b 100644
--- a/inventory/host_vars/sk-testvm.yml
+++ b/inventory/host_vars/sk-testvm.yml
@@ -39,6 +39,7 @@ external_ip: "{{ network.primary.overlay }}"
#
spreadspace_apt_repo_components:
+ - main
- container
docker_storage:
@@ -525,3 +526,44 @@ ownca_cert_config__test:
extended_key_usage_critical: yes
create_subject_key_identifier: yes
not_after: +100w
+
+
+nginx_sso_backends:
+ spreadspace:
+ auth_url: http://127.0.0.1:8082/auth
+ base_url: https://login.spreadspace.org
+
+nginx_sso_backend_configs:
+ spreadspace:
+ login:
+ title: "spreadspace - Login"
+ default_method: "simple"
+ hide_mfa_field: true
+ names:
+ simple: "Username / Password"
+ cookie:
+ domain: ".spreadspace.org"
+ authentication_key: "WXCBcOAiDrupSxJTqIEKsT5EXBfdXbydFCI7mXDTSTL6dF0KFJKhVgbVgc3nD7G2"
+ prefix: nginx-sso-spreadspace
+ listen:
+ addr: "127.0.0.1"
+ port: 8082
+ audit_log:
+ targets:
+ - fd://stdout
+ events: ['access_denied', 'login_success', 'login_failure', 'logout', 'validate']
+ headers: ['x-origin-uri']
+ trusted_ip_headers: ["X-Forwarded-For", "RemoteAddr", "X-Real-IP"]
+ acl:
+ rule_sets:
+ - rules:
+ - field: "x-host"
+ regexp: ".*"
+ allow: ["@_authenticated"]
+ providers:
+ simple:
+ enable_basic_auth: false
+ users:
+ admin: "{{ 'admin' | password_hash('bcrypt', ('admin@spreadspace.com/nginx-sso' | bcrypt_salt)) }}"
+ groups:
+ admins: ["admin"]
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-26 03:10:31 +0000