oidc-parent/deployment/roles/hydra_server/templates/hydra.yml.j2

50 lines
1.5 KiB
Text
Raw Permalink Normal View History

---
serve:
admin:
host: {{ oidc_urls.hydra_admin.address | default("localhost") }}
port: {{ oidc_urls.hydra_admin.port | default("4445") }}
2023-08-07 16:41:29 +00:00
tls:
enabled: true
cert:
path: {{ hydra_tls.cert }}
key:
path: {{ hydra_tls.key }}
public:
host: {{ oidc_urls.hydra_public.address | default(ansible_default_ipv4.address) }}
port: {{ oidc_urls.hydra_public.port | default("4444") }}
2023-08-07 16:41:29 +00:00
tls:
enabled: true
cert:
path: {{ hydra_tls.cert }}
key:
path: {{ hydra_tls.key }}
dsn: 'postgres://{{ hydra_db_user }}:{{ hydra_db_password }}@{{ hydra_db_host }}:{{ hydra_db_port }}/{{ hydra_db_name }}'
webfinger:
oidc_discovery:
supported_claims:
- email
- email_verified
- name
supported_scope:
- profile
- email
oauth2:
expose_internal_errors: false
urls:
login: https://{{ oidc_urls.idp.host }}:{{ oidc_urls.idp.port }}/login
consent: https://{{ oidc_urls.idp.host }}:{{ oidc_urls.idp.port }}/consent
logout: https://{{ oidc_urls.idp.host }}:{{ oidc_urls.idp.port }}/logout
error: https://{{ oidc_urls.idp.host }}:{{ oidc_urls.idp.port }}/error
post_logout_redirect: https://{{ oidc_urls.idp.host }}:{{ oidc_urls.idp.port }}/logout-successful
self:
public: https://{{ oidc_urls.hydra_public.host }}:{{ oidc_urls.hydra_public.port }}/
issuer: https://{{ oidc_urls.hydra_public.host }}:{{ oidc_urls.hydra_public.port }}/
secrets:
system:
- "{{ hydra_system_secret }}"