From 88f7258c7b6617c602e14bbf0e18432a934ea4c0 Mon Sep 17 00:00:00 2001 From: Michal Konecny Date: Mon, 14 Aug 2023 11:25:39 +0200 Subject: [PATCH] [Pagure] Enable OIDC on production As OIDC authentication works without issue on staging let's enable it on production as well. Signed-off-by: Michal Konecny --- roles/pagure/tasks/main.yml | 1 - roles/pagure/templates/pagure.cfg | 4 ---- 2 files changed, 5 deletions(-) diff --git a/roles/pagure/tasks/main.yml b/roles/pagure/tasks/main.yml index 90c063c594..8d4b8c3d52 100644 --- a/roles/pagure/tasks/main.yml +++ b/roles/pagure/tasks/main.yml @@ -357,7 +357,6 @@ - config - web - pagure - when: env == 'pagure-staging' - name: create the database scheme diff --git a/roles/pagure/templates/pagure.cfg b/roles/pagure/templates/pagure.cfg index 409ba264af..1aac49deff 100644 --- a/roles/pagure/templates/pagure.cfg +++ b/roles/pagure/templates/pagure.cfg @@ -195,7 +195,6 @@ DISABLED_PLUGINS = ['IRC'] ### Switch the authentication method # Specify which authentication method to use: `openid`, `oidc`, `local` # Default: ``fas``. -{% if env == 'pagure-staging' %} PAGURE_AUTH = 'oidc' OIDC_CLIENT_SECRETS = "/etc/pagure/client_secrets.json" OIDC_ID_TOKEN_COOKIE_SECURE = True @@ -210,9 +209,6 @@ OIDC_PAGURE_USERNAME = 'preferred_username' OIDC_PAGURE_SSH_KEY = 'ssh_key' OIDC_PAGURE_GROUPS = 'groups' OIDC_PAGURE_USERNAME_FALLBACK = 'nickname' -{% else %} -PAGURE_AUTH = 'openid' -{% endif %} # When this is set to True, the session cookie will only be returned to the # server via ssl (https). If you connect to the server via plain http, the