diff options
Diffstat (limited to 'roles/apps/whawty/auth/instance/templates')
-rw-r--r-- | roles/apps/whawty/auth/instance/templates/listener.yml.j2 | 16 | ||||
-rw-r--r-- | roles/apps/whawty/auth/instance/templates/pod-spec.yml.j2 | 4 |
2 files changed, 20 insertions, 0 deletions
diff --git a/roles/apps/whawty/auth/instance/templates/listener.yml.j2 b/roles/apps/whawty/auth/instance/templates/listener.yml.j2 index a69bdc58..12a83905 100644 --- a/roles/apps/whawty/auth/instance/templates/listener.yml.j2 +++ b/roles/apps/whawty/auth/instance/templates/listener.yml.j2 @@ -6,3 +6,19 @@ https: certificate-key: /tls/publish-key.pem min-protocol-version: "TLSv1.3" prefer-server-ciphers: true +{% if 'ldap' in whawty_auth_instances[whawty_auth_instance] %} +{% if 'tls' in whawty_auth_instances[whawty_auth_instance].ldap %} +ldaps: +{% else %} +ldap: +{% endif %} + listen: + - ":{{ whawty_auth_instances[whawty_auth_instance].ldap.port }}" +{% if 'tls' in whawty_auth_instances[whawty_auth_instance].ldap %} + tls: + certificate: /tls/ldap-crt.pem + certificate-key: /tls/ldap-key.pem + min-protocol-version: "TLSv1.3" + prefer-server-ciphers: true +{% endif %} +{% endif %} diff --git a/roles/apps/whawty/auth/instance/templates/pod-spec.yml.j2 b/roles/apps/whawty/auth/instance/templates/pod-spec.yml.j2 index 01a956cc..4b75a346 100644 --- a/roles/apps/whawty/auth/instance/templates/pod-spec.yml.j2 +++ b/roles/apps/whawty/auth/instance/templates/pod-spec.yml.j2 @@ -27,6 +27,10 @@ containers: {% if whawty_auth_instances[whawty_auth_instance].publish.zone.publisher == inventory_hostname %} hostIP: "127.0.0.1" {% endif %} +{% if 'ldap' in whawty_auth_instances[whawty_auth_instance] %} + - containerPort: {{ whawty_auth_instances[whawty_auth_instance].ldap.port }} + hostPort: {{ whawty_auth_instances[whawty_auth_instance].ldap.port }} +{% endif %} {% if 'sync' in whawty_auth_instances[whawty_auth_instance] %} - name: sync image: "ghcr.io/whawty/auth/sync:v{{ whawty_auth_instances[whawty_auth_instance].version }}" |