oidc-parent/deployment/roles/hydra_server/templates/hydra.yml.j2
Jan Dittberner 5daa87ca90 Add local preconditions and Vagrantfile
This commit adds a role to ensure local preconditions (i.e. mkcert) and
a Vagrantfile to test the ansible playbook in a local virtual machine.
2022-08-18 11:58:24 +02:00

48 lines
1.5 KiB
Django/Jinja

---
serve:
admin:
host: {{ oidc_urls.hydra_admin.address | default("localhost") }}
port: {{ oidc_urls.hydra_admin.port | default("4445") }}
public:
host: {{ oidc_urls.hydra_public.address | default(ansible_default_ipv4.address) }}
port: {{ oidc_urls.hydra_public.port | default("4444") }}
tls:
cert:
path: {{ hydra_tls.cert }}
key:
path: {{ hydra_tls.key }}
dsn: 'postgres://{{ hydra_db_user }}:{{ hydra_db_password }}@{{ hydra_db_host }}:{{ hydra_db_port }}/{{ hydra_db_name }}'
webfinger:
oidc_discovery:
supported_claims:
- email
- email_verified
- given_name
- family_name
- middle_name
- name
- birthdate
- zoneinfo
- locale
- https://auth.cacert.org/groups
supported_scope:
- profile
- email
oauth2:
expose_internal_errors: false
urls:
login: https://{{ oidc_urls.idp.host }}:{{ oidc_urls.idp.port }}/login
consent: https://{{ oidc_urls.idp.host }}:{{ oidc_urls.idp.port }}/consent
logout: https://{{ oidc_urls.idp.host }}:{{ oidc_urls.idp.port }}/logout
error: https://{{ oidc_urls.idp.host }}:{{ oidc_urls.idp.port }}/error
post_logout_redirect: https://{{ oidc_urls.idp.host }}:{{ oidc_urls.idp.port }}/logout-successful
self:
public: https://{{ oidc_urls.hydra_public.host }}:{{ oidc_urls.hydra_public.port }}/
issuer: https://{{ oidc_urls.hydra_public.host }}:{{ oidc_urls.hydra_public.port }}/
secrets:
system:
- "{{ hydra_system_secret }}"