Fix localhost ansible setup

This commit is contained in:
Jan Dittberner 2023-08-09 12:44:36 +02:00
parent 2db1ba3c05
commit 67f55d76a0
5 changed files with 25 additions and 7 deletions

View file

@ -24,7 +24,7 @@ oidc_urls:
host: hydra.cacert.localhost host: hydra.cacert.localhost
port: 4445 port: 4445
hydra_public: hydra_public:
address: localhost address: 127.0.0.1
host: auth.cacert.localhost host: auth.cacert.localhost
port: 4444 port: 4444
idp: idp:

View file

@ -71,7 +71,7 @@
ansible.builtin.command: ansible.builtin.command:
cmd: "mkcert -cert-file {{ hydra_cert_temp_dir.path }}/hydra.pem -key-file {{ hydra_cert_temp_dir.path }}/hydra.key.pem {{ oidc_urls.hydra_admin.host }} {{ oidc_urls.hydra_public.host }}" cmd: "mkcert -cert-file {{ hydra_cert_temp_dir.path }}/hydra.pem -key-file {{ hydra_cert_temp_dir.path }}/hydra.key.pem {{ oidc_urls.hydra_admin.host }} {{ oidc_urls.hydra_public.host }}"
environment: environment:
CAROOT: "{{ mkcert_caroot | default(omit) }}" CAROOT: "{{ mkcert_caroot | default('') }}"
- name: Move Hydra certificate and key to target - name: Move Hydra certificate and key to target
ansible.builtin.copy: ansible.builtin.copy:
@ -107,3 +107,9 @@
group: root group: root
mode: "0640" mode: "0640"
notify: hydra_systemd_reload notify: hydra_systemd_reload
- name: Ensure service is started
ansible.builtin.systemd:
state: started
name: hydra
enabled: true

View file

@ -73,7 +73,7 @@
ansible.builtin.command: ansible.builtin.command:
cmd: "mkcert -cert-file {{ demoapp_cert_temp_dir.path }}/demoapp.pem -key-file {{ demoapp_cert_temp_dir.path }}/demoapp.key.pem {{ oidc_urls.demoapp.host }}" cmd: "mkcert -cert-file {{ demoapp_cert_temp_dir.path }}/demoapp.pem -key-file {{ demoapp_cert_temp_dir.path }}/demoapp.key.pem {{ oidc_urls.demoapp.host }}"
environment: environment:
CAROOT: "{{ mkcert_caroot | default(omit) }}" CAROOT: "{{ mkcert_caroot | default('') }}"
- name: Move demo application certificate and key to target - name: Move demo application certificate and key to target
ansible.builtin.copy: ansible.builtin.copy:
@ -163,5 +163,11 @@
dest: /etc/systemd/system/cacert-demoapp.service dest: /etc/systemd/system/cacert-demoapp.service
owner: root owner: root
group: root group: root
mode: "0640" mode: "0644"
notify: demoapp_systemd_reload notify: demoapp_systemd_reload
- name: Ensure service is started
ansible.builtin.systemd:
state: started
name: cacert-demoapp
enabled: true

View file

@ -51,7 +51,7 @@
ansible.builtin.command: ansible.builtin.command:
cmd: "mkcert -cert-file {{ idp_cert_temp_dir.path }}/idp.pem -key-file {{ idp_cert_temp_dir.path }}/idp.key.pem {{ oidc_urls.idp.host }}" cmd: "mkcert -cert-file {{ idp_cert_temp_dir.path }}/idp.pem -key-file {{ idp_cert_temp_dir.path }}/idp.key.pem {{ oidc_urls.idp.host }}"
environment: environment:
CAROOT: "{{ mkcert_caroot | default(omit) }}" CAROOT: "{{ mkcert_caroot | default('') }}"
- name: Move IDP certificate and key to target - name: Move IDP certificate and key to target
ansible.builtin.copy: ansible.builtin.copy:
@ -120,5 +120,11 @@
dest: /etc/systemd/system/cacert-idp.service dest: /etc/systemd/system/cacert-idp.service
owner: root owner: root
group: root group: root
mode: "0640" mode: "0644"
notify: idp_systemd_reload notify: idp_systemd_reload
- name: Ensure service is started
ansible.builtin.systemd:
state: started
name: cacert-idp
enabled: true

View file

@ -19,7 +19,7 @@
ansible.builtin.command: ansible.builtin.command:
cmd: "mkcert -install" cmd: "mkcert -install"
environment: environment:
CAROOT: "{{ mkcert_caroot | default(omit) }}" CAROOT: "{{ mkcert_caroot | default('') }}"
changed_when: false changed_when: false
become: false become: false