diff --git a/deployment/host_vars/localhost.yml b/deployment/host_vars/localhost.yml index a065ca0..faae0b7 100644 --- a/deployment/host_vars/localhost.yml +++ b/deployment/host_vars/localhost.yml @@ -24,7 +24,7 @@ oidc_urls: host: hydra.cacert.localhost port: 4445 hydra_public: - address: localhost + address: 127.0.0.1 host: auth.cacert.localhost port: 4444 idp: diff --git a/deployment/roles/hydra_server/tasks/main.yml b/deployment/roles/hydra_server/tasks/main.yml index 7043c75..967d019 100644 --- a/deployment/roles/hydra_server/tasks/main.yml +++ b/deployment/roles/hydra_server/tasks/main.yml @@ -71,7 +71,7 @@ ansible.builtin.command: cmd: "mkcert -cert-file {{ hydra_cert_temp_dir.path }}/hydra.pem -key-file {{ hydra_cert_temp_dir.path }}/hydra.key.pem {{ oidc_urls.hydra_admin.host }} {{ oidc_urls.hydra_public.host }}" environment: - CAROOT: "{{ mkcert_caroot | default(omit) }}" + CAROOT: "{{ mkcert_caroot | default('') }}" - name: Move Hydra certificate and key to target ansible.builtin.copy: @@ -107,3 +107,9 @@ group: root mode: "0640" notify: hydra_systemd_reload + +- name: Ensure service is started + ansible.builtin.systemd: + state: started + name: hydra + enabled: true diff --git a/deployment/roles/oidc_demo_application/tasks/main.yml b/deployment/roles/oidc_demo_application/tasks/main.yml index ee72e82..9648785 100644 --- a/deployment/roles/oidc_demo_application/tasks/main.yml +++ b/deployment/roles/oidc_demo_application/tasks/main.yml @@ -73,7 +73,7 @@ ansible.builtin.command: cmd: "mkcert -cert-file {{ demoapp_cert_temp_dir.path }}/demoapp.pem -key-file {{ demoapp_cert_temp_dir.path }}/demoapp.key.pem {{ oidc_urls.demoapp.host }}" environment: - CAROOT: "{{ mkcert_caroot | default(omit) }}" + CAROOT: "{{ mkcert_caroot | default('') }}" - name: Move demo application certificate and key to target ansible.builtin.copy: @@ -163,5 +163,11 @@ dest: /etc/systemd/system/cacert-demoapp.service owner: root group: root - mode: "0640" + mode: "0644" notify: demoapp_systemd_reload + +- name: Ensure service is started + ansible.builtin.systemd: + state: started + name: cacert-demoapp + enabled: true diff --git a/deployment/roles/oidc_idp/tasks/main.yml b/deployment/roles/oidc_idp/tasks/main.yml index e272c2c..2ac8d2e 100644 --- a/deployment/roles/oidc_idp/tasks/main.yml +++ b/deployment/roles/oidc_idp/tasks/main.yml @@ -51,7 +51,7 @@ ansible.builtin.command: cmd: "mkcert -cert-file {{ idp_cert_temp_dir.path }}/idp.pem -key-file {{ idp_cert_temp_dir.path }}/idp.key.pem {{ oidc_urls.idp.host }}" environment: - CAROOT: "{{ mkcert_caroot | default(omit) }}" + CAROOT: "{{ mkcert_caroot | default('') }}" - name: Move IDP certificate and key to target ansible.builtin.copy: @@ -120,5 +120,11 @@ dest: /etc/systemd/system/cacert-idp.service owner: root group: root - mode: "0640" + mode: "0644" notify: idp_systemd_reload + +- name: Ensure service is started + ansible.builtin.systemd: + state: started + name: cacert-idp + enabled: true diff --git a/deployment/roles/prepare_devtools/tasks/main.yml b/deployment/roles/prepare_devtools/tasks/main.yml index d546510..0910e4e 100644 --- a/deployment/roles/prepare_devtools/tasks/main.yml +++ b/deployment/roles/prepare_devtools/tasks/main.yml @@ -19,7 +19,7 @@ ansible.builtin.command: cmd: "mkcert -install" environment: - CAROOT: "{{ mkcert_caroot | default(omit) }}" + CAROOT: "{{ mkcert_caroot | default('') }}" changed_when: false become: false