gitea-admin
/
hetzner-ansible
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
prodnso
main
qa
feature/DEV-655
feature/SC-124
feature/SC-55
feature/DEV-470_2nd
feature/DEV-380_2nd
feature/DEV-380
master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '7f7054244b'
${ noResults }
hetzner-ansible/roles/iam/vars/main.yml

72 lines
2.9 KiB
YAML
Raw Blame History Unescape Escape

This file contains invisible Unicode characters!

This file contains invisible Unicode characters that may be processed differently from what appears below. If your use case is intentional and legitimate, you can safely ignore this warning. Use the Escape button to reveal hidden characters.

---
iam_id: "{{ service_name }}-iam"
iam_cache_timeout: 600s
iam_keycloak_auth_server_url: "https://{{ shared_service_keycloak_hostname }}/auth"
iam_keycloak_admin_user: "{{ keycloak_admin_username }}"
iam_keycloak_admin_password: "{{ keycloak_admin_password }}"
iam_labels: [
'"traefik.enable=true"',
'"traefik.http.routers.{{ iam_id }}.service={{ iam_id }}"',
'"traefik.http.routers.{{ iam_id }}.rule=Host(`{{ stage_server_url_host }}`)"',
'"traefik.http.routers.{{ iam_id }}.entrypoints=websecure"',
'"traefik.http.routers.{{ iam_id }}.tls=true"',
'"traefik.http.routers.{{ iam_id }}.tls.certresolver=letsencrypt"',
'"traefik.http.services.{{ iam_id }}.loadbalancer.server.port={{ service_port }}"',
'"traefik.http.routers.{{ iam_id }}-admin.service={{ iam_id }}-admin"',
'"traefik.http.routers.{{ iam_id }}-admin.rule=Host(`{{ stage_server_url_host }}`)"',
'"traefik.http.routers.{{ iam_id }}-admin.entrypoints=admin-service"',
'"traefik.http.routers.{{ iam_id }}-admin.tls=true"',
'"traefik.http.routers.{{ iam_id }}-admin.tls.certresolver=letsencrypt"',
'"traefik.http.routers.{{ iam_id }}-admin.middlewares={{ iam_id }}-admin-cors"',
'"traefik.http.middlewares.{{ iam_id }}-admin-cors.headers.accesscontrolallowmethods=GET,OPTIONS"',
'"traefik.http.middlewares.{{ iam_id }}-admin-cors.headers.accesscontrolalloworigin=*"',
'"traefik.http.middlewares.{{ iam_id }}-admin-cors.headers.accesscontrolallowheaders=SMA_USER"',
'"traefik.http.services.{{ iam_id }}-admin.loadbalancer.server.port={{ management_port }}"',
'"traefik.http.routers.{{ iam_id }}-monitor.service={{ service_name }}-node-exporter"',
'"traefik.http.routers.{{ iam_id }}-monitor.rule=Host(`{{ stage_server_url_host }}`)"',
'"traefik.http.routers.{{ iam_id }}-monitor.entrypoints=monitoring-system"',
'"traefik.http.routers.{{ iam_id }}-monitor.tls=true"',
'"traefik.http.routers.{{ iam_id }}-monitor.tls.certresolver=letsencrypt"',
]
iam_docker: {
networks: [
{
name: back-tier,
external: true,
},
{
name: front-tier,
external: true,
},
],
services: [
{
name: "{{ iam_id }}",
image_name: "{{ iam_image_name }}",
image_version: "{{ iam_version }}",
labels: "{{ iam_labels + ( iam_labels_additional | default([])) }}",
restart: "{{ iam_service_restart | default('always') }}",
environment: [
"SERVER_PORT: \"{{ service_port }}\"",
"ADMIN_PORT: \"{{ management_port }}\"",
"SERVER_ERROR_INCLUDE_MESSAGE: \"always\"",
"SPRING_CACHE_CAFFEINE_SPEC: \"expireAfterAccess={{ iam_cache_timeout }}\"",
"IAM_KEYCLOAK_AUTH_SERVER_URL: \"{{ iam_keycloak_auth_server_url }}\"",
"IAM_KEYCLOAK_ADMIN_USER: \"{{ iam_keycloak_admin_user }}\"",
"IAM_KEYCLOAK_ADMIN_PASSWORD: \"{{ iam_keycloak_admin_password }}\""
],
networks: [
'"back-tier"',
'"front-tier"',
],
extra_hosts: "{{ iam_extra_hosts | default([]) }}",
}
],
}
Reference in New Issue View Git Blame Copy Permalink