Skip to content

Commit

Permalink
OIDCNG: make it possible to connect to a locally available mongo in d…
Browse files Browse the repository at this point in the history 
…ocker
  • Loading branch information
@quartje
quartje committed Nov 26, 2024
1 parent 053df90 commit 6a0d3e1
Show file tree
Hide file tree
Showing 3 changed files with 13 additions and 9 deletions.
7 changes: 4 additions & 3 deletions roles/oidcng/defaults/main.yml
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
---
oidcng_dir: /opt/openconext/oidcng
oidcng_config_dir: /config
oidcng_version: ''
oidcng_snapshot_timestamp: ''
oidcng_version: ""
oidcng_snapshot_timestamp: ""
oidcng_cronjobmaster: true
oidcng_saml_sp_entityid: https://connect.{{ base_domain }}
oidcng_idp_metadata_url: https://engine.{{ base_domain }}/authentication/idp/metadata
Expand All @@ -19,4 +19,5 @@ oidcng_manage_provision_samlsp_metadata_url: "https://connect.{{ base_domain }}/
oidcng_manage_provision_samlsp_sp_cert: "{{ lookup('file', '{{ inventory_dir }}/files/certs/oidc/oidcsaml.crt') | depem }}"
oidcng_manage_provision_samlsp_sign: "True"
oidcng_manage_provision_samlsp_trusted_proxy: "True"

oidcng_docker_networks:
- name: loadbalancer
13 changes: 8 additions & 5 deletions roles/oidcng/tasks/main.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -88,6 +88,13 @@
group: "root"
mode: "0755"

- name: Add the mongodb docker network to the list of networks when MongoDB runs in Docker
ansible.builtin.set_fact:
oidcng_docker_networks:
- name: loadbalancer
- name: openconext_mongodb
when: mongodb_in_docker | default(false) | bool

- name: Create and start the server container
community.docker.docker_container:
name: oidcngserver
Expand All @@ -96,8 +103,7 @@
pull: true
restart_policy: "always"
state: started
networks:
- name: "loadbalancer"
networks: "{{ oidcng_docker_networks }}"
mounts:
- source: "{{ oidcng_dir }}"
target: /config/
Expand Down Expand Up @@ -137,9 +143,6 @@
traefik.http.middlewares.oidcngmw.replacepathregex.regex: "^/.well-known/openid-configuration"
traefik.http.middlewares.oidcngmw.replacepathregex.replacement: "/oidc/.well-known/openid-configuration"
register: oidcngservercontainer



#- name: Include the role manage_provision_entities to provision oidncg to Manage
# ansible.builtin.include_role:
# name: manage_provision_entities
Expand Down
2 changes: 1 addition & 1 deletion roles/oidcng/templates/application.yml.j2
View file
Original file line number Diff line number Diff line change
Expand Up @@ -76,7 +76,7 @@ idp:
spring:
data:
mongodb:
uri: "mongodb://{{ oidcng.mongo_user }}:{{ oidcng.mongo_password }}@{% for host in groups['mongo_servers'] %}{{ hostvars[host]['inventory_hostname'] }}:{{ oidcng.mongo_port }}{% if not loop.last %},{% endif %}{%endfor %}/{{ oidcng.mongo_database }}?ssl=true"
uri: "mongodb://{{ oidcng.mongo_user }}:{{ oidcng.mongo_password }}@{% for host in groups['mongo_servers'] %}{{ hostvars[host]['inventory_hostname'] }}:{{ oidcng.mongo_port }}{% if not loop.last %},{% endif %}{%endfor %}/{{ oidcng.mongo_database }}?ssl={{ mongodb_ssl | default('true') }}"

thymeleaf:
cache: true
Expand Down

0 comments on commit 6a0d3e1

Please sign in to comment.