Clean up molecule configuration.
Allow PostgreSQL to be exposed for backup. Create network.
This commit is contained in:
parent
5932c1bf58
commit
35dcd22825
@ -80,7 +80,9 @@ authentik_db_password: "changeme"
|
||||
authentik_db_port: "5432"
|
||||
```
|
||||
|
||||
Because of a PostgreSQL limitation, only passwords up to 99 chars are supported. See [this link](https://www.postgresql.org/message-id/09512C4F-8CB9-4021-B455-EF4C4F0D55A0@amazon.com) for details.
|
||||
You can expose PostgreSQL to the outside world (e.g. for backup) by defining `authentik_db_container_public_port` to a valid port number.
|
||||
|
||||
**Note**:Because of a PostgreSQL limitation, only passwords up to 99 chars are supported. See [this link](https://www.postgresql.org/message-id/09512C4F-8CB9-4021-B455-EF4C4F0D55A0@amazon.com) for details.
|
||||
|
||||
### SMTP configuration
|
||||
|
||||
|
@ -15,6 +15,7 @@ authentik_db: "authentik"
|
||||
authentik_db_user: "authentik"
|
||||
authentik_db_password: "changeme"
|
||||
authentik_db_port: "5432"
|
||||
authentik_db_container_public_port:
|
||||
|
||||
# SMTP configuration
|
||||
#
|
||||
|
@ -1,6 +1,7 @@
|
||||
---
|
||||
- name: Clean up
|
||||
hosts: all
|
||||
gather_facts: true
|
||||
tasks:
|
||||
- name: Check if the docker-compose file exists.
|
||||
ansible.builtin.stat:
|
||||
|
@ -20,3 +20,4 @@
|
||||
|
||||
roles:
|
||||
- role: laurivan.authentik
|
||||
|
||||
|
@ -1,35 +0,0 @@
|
||||
---
|
||||
- name: Create
|
||||
hosts: localhost
|
||||
connection: local
|
||||
# gather_facts: false
|
||||
no_log: "{{ molecule_no_log }}"
|
||||
tasks:
|
||||
|
||||
# TODO: Developer must implement and populate 'server' variable
|
||||
|
||||
- when: server.changed | default(false) | bool
|
||||
block:
|
||||
- name: Populate instance config dict
|
||||
ansible.builtin.set_fact:
|
||||
instance_conf_dict: {
|
||||
'instance': "{{ }}",
|
||||
'address': "{{ }}",
|
||||
'user': "{{ }}",
|
||||
'port': "{{ }}",
|
||||
'identity_file': "{{ }}", }
|
||||
with_items: "{{ server.results }}"
|
||||
register: instance_config_dict
|
||||
|
||||
- name: Convert instance config dict to a list
|
||||
ansible.builtin.set_fact:
|
||||
instance_conf: "{{ instance_config_dict.results | map(attribute='ansible_facts.instance_conf_dict') | list }}"
|
||||
|
||||
- name: Dump instance config
|
||||
ansible.builtin.copy:
|
||||
content: |
|
||||
# Molecule managed
|
||||
|
||||
{{ instance_conf | to_json | from_json | to_yaml }}
|
||||
dest: "{{ molecule_instance_config }}"
|
||||
mode: 0600
|
@ -10,7 +10,7 @@ dependency:
|
||||
driver:
|
||||
name: docker
|
||||
platforms:
|
||||
- name: instance-authentik
|
||||
- name: instance
|
||||
image: "geerlingguy/docker-${MOLECULE_DISTRO:-centos8}-ansible:latest"
|
||||
command: ${MOLECULE_DOCKER_COMMAND:-""}
|
||||
volumes:
|
||||
|
@ -1,12 +1,12 @@
|
||||
---
|
||||
- name: Setup the test machine
|
||||
hosts: all
|
||||
hosts: instance
|
||||
tasks:
|
||||
- name: create docker.sock
|
||||
- name: Create docker.sock
|
||||
raw: touch /var/run/docker.sock
|
||||
become: true
|
||||
changed_when: false
|
||||
- name: move docker.sock from tmp
|
||||
- name: Move docker.sock from tmp
|
||||
raw: mount --move /tmp/docker_mounted.sock /var/run/docker.sock
|
||||
become: true
|
||||
changed_when: false
|
||||
|
@ -2,4 +2,4 @@
|
||||
roles:
|
||||
- geerlingguy.docker
|
||||
collections:
|
||||
- community.docker
|
||||
# - community.docker
|
@ -11,6 +11,12 @@ services:
|
||||
interval: 30s
|
||||
retries: 5
|
||||
timeout: 5s
|
||||
{% if authentik_db_container_public_port %}
|
||||
ports:
|
||||
- "{{ authentik_db_container_public_port }}:5432"
|
||||
{% endif %}
|
||||
networks:
|
||||
- authentik
|
||||
volumes:
|
||||
- {{ authentik_volume_db }}:/var/lib/postgresql/data
|
||||
- /etc/timezone:/etc/timezone:ro
|
||||
@ -31,6 +37,8 @@ services:
|
||||
interval: 30s
|
||||
retries: 5
|
||||
timeout: 3s
|
||||
networks:
|
||||
- authentik
|
||||
volumes:
|
||||
- {{ authentik_volume_redis }}:/data
|
||||
- /etc/timezone:/etc/timezone:ro
|
||||
@ -47,6 +55,8 @@ services:
|
||||
AUTHENTIK_POSTGRESQL__PASSWORD: "{{ authentik_db_password }}"
|
||||
# AUTHENTIK_ERROR_REPORTING__ENABLED: "true"
|
||||
# WORKERS: 2
|
||||
networks:
|
||||
- authentik
|
||||
volumes:
|
||||
- {{ authentik_volume_media }}:/media
|
||||
- {{ authentik_volume_templates }}:/templates
|
||||
@ -73,6 +83,8 @@ services:
|
||||
# - The permissions for the /media folders aren't fixed, so make sure they are 1000:1000
|
||||
# - The docker socket can't be accessed anymore
|
||||
user: root
|
||||
networks:
|
||||
- authentik
|
||||
volumes:
|
||||
- {{ authentik_volume_media }}:/media
|
||||
- {{ authentik_volume_certs }}:/certs
|
||||
@ -93,3 +105,7 @@ services:
|
||||
env_file:
|
||||
- {{ authentik_volume_config }}/env.authentik.conf
|
||||
{% endif %}
|
||||
# Custom network
|
||||
networks:
|
||||
authentik:
|
||||
name: authentik
|
||||
|
Loading…
Reference in New Issue
Block a user