Infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions

Set OIDC secrets in place for MBS service provider.

Browse source
This commit is contained in:
Ralph Bean 2017-02-15 15:52:03 +00:00
parent c1b28e4568
commit 9f6dafbe93
3 changed files with 13 additions and 14 deletions
Download patch file Download diff file Expand all files Collapse all files

5
roles/mbs/common/tasks/main.yml
View file

@ -26,10 +26,11 @@
- mbs
- mbs/common
- name: copy client secrets that aren't really secret.
- name: copy client secrets
template: >
src=client_secrets.json.{{env}} dest=/etc/module-build-service/client_secrets.json
owner=root group=root mode=0644
owner=root group=apache mode=0640
when: inventory_hostname.startswith('mbs-web')
notify:
- restart apache
tags:

11
roles/mbs/common/templates/client_secrets.json.production
View file

@ -1,12 +1,11 @@
{
"web": {
"auth_uri": "https://id.fedoraproject.org/openidc/Authorization",
"client_id": "mbs-authorizer",
"client_secret": "notsecret",
"redirect_uris": [
"http://localhost:13747/"
],
"client_id": "mbs-prod",
"client_secret": "{{ mbs_prod_oidc_client_secret }}",
"redirect_uris": [],
"token_uri": "https://id.fedoraproject.org/openidc/Token",
"token_introspection_uri": "https://id.fedoraproject.org/openidc/TokenInfo"
"token_introspection_uri": "https://id.fedoraproject.org/openidc/TokenInfo",
"userinfo_uri": "https://id.fedoraproject.org/openidc/UserInfo"
}
}

11
roles/mbs/common/templates/client_secrets.json.staging
View file

@ -1,12 +1,11 @@
{
"web": {
"auth_uri": "https://id.stg.fedoraproject.org/openidc/Authorization",
"client_id": "mbs-authorizer",
"client_secret": "notsecret",
"redirect_uris": [
"http://localhost:13747/"
],
"client_id": "mbs-stg",
"client_secret": "{{ mbs_stg_oidc_client_secret }}",
"redirect_uris": [],
"token_uri": "https://id.stg.fedoraproject.org/openidc/Token",
"token_introspection_uri": "https://id.stg.fedoraproject.org/openidc/TokenInfo"
"token_introspection_uri": "https://id.stg.fedoraproject.org/openidc/TokenInfo",
"userinfo_uri": "https://id.stg.fedoraproject.org/openidc/UserInfo"
}
}