Add custom httpd config for Koschei in OpenShift

This commit is contained in:
Mikolaj Izdebski 2019-01-27 20:43:28 +01:00
parent 3029ceaa39
commit addf73cf4a
3 changed files with 30 additions and 4 deletions

View file

@ -13,10 +13,9 @@
roles:
- openshift/project
- role: openshift/secret-file
secret_name: frontend-config
key: config-frontend.cfg
template: config-frontend.cfg.j2
- role: openshift/object
template: frontend-config.yml
objectname: frontend-config.yml
- role: openshift/object
template: frontend-deployment.yml

View file

@ -0,0 +1,7 @@
apiVersion: v1
kind: Secret
metadata:
name: frontend-config
stringData:
config-frontend.cfg: "{{ lookup('template', roles_path + '/openshift-apps/koschei/templates/config-frontend.cfg.j2') }}"
httpd.conf: "{{ lookup('template', roles_path + '/openshift-apps/koschei/templates/httpd.conf.j2') }}"

View file

@ -0,0 +1,20 @@
<VirtualHost *>
RewriteEngine on
RewriteRule ^/documentation/?$ https://fedoraproject.org/wiki/Koschei [R=301,L]
OIDCRedirectURI "{{ koschei_topurl }}/login/redirect_uri"
OIDCProviderMetadataURL "https://{{ koschei_oidc_provider }}/openidc/wellknown_openid_configuration"
OIDCClientID "koschei"
OIDCClientSecret "{{ koschei_oidc_client_secret }}"
OIDCCryptoPassphrase "{{ koschei_oidc_crypto_secret }}"
OIDCSSLValidateServer On
OIDCResponseType "code"
OIDCSessionType client-cookie
OIDCScope "openid profile"
<Location /login>
AuthType openid-connect
Require valid-user
</Location>
</VirtualHost>