From a0c1aa799d94c3ce0c697bfd6777e0233dd77d92 Mon Sep 17 00:00:00 2001
From: Christian Pointner <equinox@spreadspace.org>
Date: Mon, 13 Nov 2023 21:56:24 +0100
Subject: finalize whawty.nginx-sso roles

---
 inventory/host_vars/ch-http-proxy.yml        |  4 ++--
 inventory/host_vars/ch-testvm-prometheus.yml | 25 +++++++++++++++++++++++++
 2 files changed, 27 insertions(+), 2 deletions(-)

(limited to 'inventory')

diff --git a/inventory/host_vars/ch-http-proxy.yml b/inventory/host_vars/ch-http-proxy.yml
index 255dbebe..07376b36 100644
--- a/inventory/host_vars/ch-http-proxy.yml
+++ b/inventory/host_vars/ch-http-proxy.yml
@@ -53,8 +53,8 @@ whawty_nginx_sso_logins:
     config:
       cookie:
         domain: ".chaos-at-home.org"
-        name: __Secure-chaos-at-home-sso
-        secure: yes
+        name: chaos-at-home-sso
+        secure: false
         expire: 23h
         keys:
         - name: 2023-11
diff --git a/inventory/host_vars/ch-testvm-prometheus.yml b/inventory/host_vars/ch-testvm-prometheus.yml
index 415e6774..bec8d70d 100644
--- a/inventory/host_vars/ch-testvm-prometheus.yml
+++ b/inventory/host_vars/ch-testvm-prometheus.yml
@@ -35,3 +35,28 @@ network:
   - *_network_primary_
 
 ntp_variant: systemd-timesyncd
+
+
+
+whawty_nginx_sso_backends:
+  chaos-at-home:
+    port: 1234
+    login_url: https://login.chaos-at-home.org/login
+
+whawty_nginx_sso_auths:
+  chaos-at-home:
+    config:
+      cookie:
+        domain: ".chaos-at-home.org"
+        name: chaos-at-home-sso
+        secure: no
+        expire: 23h
+        keys:
+        - name: 2023-11
+          ed25519:
+            public-key: |-
+              -----BEGIN PUBLIC KEY-----
+              MCowBQYDK2VwAyEAawvVwThGnYYBDLjQ0Rs71prAmxQ/tfaPUNZvPWS3Z3U=
+              -----END PUBLIC KEY-----
+      web:
+        listen: 127.0.0.1:1234
-- 
cgit v1.2.3