chore: cors for swagger on connect/iam

group_vars/all/plain.yml

@@ -98,7 +98,6 @@ service_port_pgadmin: "9001"
 service_port_phpmyadmin: "9002"
 service_port_sonarqube: "9000"
 
-monitor_port_service: "9081"
 monitor_port_system: "9082"
 monitor_port_docker: "9083"
 monitor_port_elastic: "9084"
@@ -107,6 +106,7 @@ monitor_port_maria: "9086"
 monitor_port_postgres: "9087"
 monitor_port_awx: "80"
 
+admin_port_service: "9081"
 admin_port_traefik: "9080"
 
 connect_id: "{{ inventory_hostname }}-connect"

roles/connect-wordpress/vars/main.yml

@@ -43,7 +43,7 @@ wordpress_docker: {
         "  define( 'WP_HOME', 'https://{{ wordpress_base_url }}' );",
         "  define( 'WP_SITEURL', 'https://{{ wordpress_base_url }}' );",
         "AUTH_API: \"https://{{ shared_service_keycloak_hostname }}\"",
-        "RESOURCE_API: \"https://{{ stage_server_domain }}\"",
+        "RESOURCE_API: \"https://{{ connect_base_url }}\"",
         "REALM_ID: \"{{ current_realm_name | default('none') }}\"",
         "REGISTRATION_ID: \"{{ wordpress_oidc_client_id | default('none') }}\"",
         "CLIENT_ID: \"{{ wordpress_oidc_client_id | default('none') }}\"",

roles/connect/defaults/main.yml

@@ -7,5 +7,5 @@ connect_admin_username: "connect-admin"
 connect_admin_password: "connect-admin"
 
 connect_mail_host: "{{ shared_service_mail_hostname }}"
-connect_mail_properties_base_url: "{{ http_s }}://{{ stage_server_domain }}"
+connect_mail_properties_base_url: "{{ http_s }}://{{ connect_base_url }}"
-connect_mail_properties_base_url_extern: "{{ http_s }}://{{ stage_server_domain }}"
+connect_mail_properties_base_url_extern: "{{ http_s }}://{{ connect_base_url }}"

roles/connect/vars/main.yml

@@ -10,7 +10,7 @@ connect_labels: [
   '"traefik.http.services.{{ connect_id }}.loadbalancer.server.port={{ service_port }}"',
 
   '"traefik.http.routers.{{ connect_id }}-admin.service={{ connect_id }}-admin"',
-  '"traefik.http.routers.{{ connect_id }}-admin.rule=Host(`{{ stage_server_domain }}`)"',
+  '"traefik.http.routers.{{ connect_id }}-admin.rule=Host(`{{ connect_base_url }}`)"',
   '"traefik.http.routers.{{ connect_id }}-admin.entrypoints=admin-service"',
   '"traefik.http.routers.{{ connect_id }}-admin.tls=true"',
   '"traefik.http.routers.{{ connect_id }}-admin.tls.certresolver=letsencrypt"',
@@ -75,14 +75,14 @@ connect_environment: [
   "EXTERNAL_TASK_SCRIPT_WORKER_ENABLED: \"{{ connect_external_task_script_worker_enabled | default('false') }}\"",
 
   "SMA_ENABLE_WEBDAV_DOC_EDITING: \"true\"",
-  "SMA_WEBDAV_BASE_PATH: \"{{ http_s }}://{{ stage_server_domain }}\"",
+  "SMA_WEBDAV_BASE_PATH: \"{{ http_s }}://{{ connect_base_url }}\"",
   "SMA_WEBDAV_HOST_URL: \"{{ http_s }}://{{ shared_service_webdav_hostname }}/\"",
   "SMA_WEBDAV_FRONTEND_URL: \"{{ http_s }}://{{ shared_service_webdav_hostname }}/\"",
   "SMA_WEBDAV_JWT_SECRET: \"{{ webdav_jwt_secret }}\"",
 
-  "SPRINGDOC_SERVER_URL: \"{{ connect_base_url }}\"",
+  "SPRINGDOC_SERVER_URL: \"{{ http_s }}://{{ connect_base_url }}\"",
   
-  "SMA_CORS_ORIGINS: \"{{ stage_server_domain }}:{{ monitor_port_service }}\"",
+  "SMA_CORS_ORIGINS: \"{{ http_s }}://{{ connect_base_url }}:{{ admin_port_service }}\"",
   "SMA_CORS_ALLOWED_METHODS: \"*\"",
   "SMA_CORS_ALLOWED_HEADERS: \"*\"",
   "SMA_CORS_PATH_PATTERN: \"/**\"",

roles/iam/vars/main.yml

@@ -56,9 +56,9 @@ iam_docker: {
         "SMA_JWT_ENABLED: \"{{ iam_jwt_enabled | default('false') }}\"",
         "SMA_JWT_SECRET: \"{{ iam_jwt_secret | default('') }}\"",
 
-        "SPRINGDOC_SERVER_URL: \"{{ stage_server_domain }}\"",
+        "SPRINGDOC_SERVER_URL: \"{{ http_s }}://{{ stage_server_domain }}\"",
 
-        "SMA_CORS_ALLOWED_ORIGINS: \"{{ stage_server_domain }}:{{ monitor_port_service }}\"",
+        "SMA_CORS_ALLOWED_ORIGINS: \"{{ http_s }}://{{ stage_server_domain }}:{{ admin_port_service }}\"",
         "SMA_CORS_ALLOWED_METHODS: \"*\"",
         "SMA_CORS_ALLOWED_HEADERS: \"*\"",
         "SMA_CORS_PATH_PATTERN: \"/**\"",

roles/traefik/vars/main.yml

@@ -53,8 +53,8 @@ traefik_docker: {
           internal: "{{ admin_port_traefik }}"
         },
         {
-          external: "0.0.0.0:{{ monitor_port_service }}",
+          external: "0.0.0.0:{{ admin_port_service }}",
-          internal: "{{ monitor_port_service }}"
+          internal: "{{ admin_port_service }}"
         },
         {
           external: "0.0.0.0:{{ monitor_port_docker }}",

templates/prometheus/config/prometheus/prometheus.yml.j2

@@ -55,7 +55,7 @@ scrape_configs:
   and hostvars[host].traefik_enabled)
   or (hostvars[host].traefik_enabled is not defined)
 %}
-          '{{ host }}.{{ domain }}:{{ monitor_port_service }}',
+          '{{ host }}.{{ domain }}:{{ admin_port_service }}',
 {% endif %}
 {% endfor %}
         ]
@@ -167,7 +167,7 @@ scrape_configs:
     static_configs:
       - targets: [
 {% for host in server_group_names_connect | default([]) %}
-          '{{ host }}.{{ domain }}:{{ monitor_port_service }}',
+          '{{ host }}-connect.{{ domain }}:{{ admin_port_service }}',
 {% endfor %}
         ]
         labels:
@@ -186,7 +186,7 @@ scrape_configs:
     static_configs:
       - targets: [
 {% for host in server_group_names_iam | default([]) %}
-          '{{ host }}.{{ domain }}:{{ monitor_port_service }}',
+          '{{ host }}.{{ domain }}:{{ admin_port_service }}',
 {% endfor %}
         ]
         labels:
@@ -205,7 +205,7 @@ scrape_configs:
     static_configs:
       - targets: [
 {% for host in server_group_names_webdav | default([]) %}
-          '{{ host }}.{{ domain }}:{{ monitor_port_service }}',
+          '{{ host }}.{{ domain }}:{{ admin_port_service }}',
 {% endfor %}
         ]
         labels:

templates/traefik/traefik.toml.j2

@@ -75,7 +75,7 @@
 
   ### service monitoring port - metrics for all served services ###
   [entryPoints.admin-service]
-    address = ":{{ monitor_port_service }}"
+    address = ":{{ admin_port_service }}"
     [entryPoints.admin-service.http.redirections.entryPoint]
       to = "admin-service"
       scheme = "https"