History

Albert Stefanov df6b81bd6b Decouple users from podman		2024-02-20 09:48:10 +02:00
..
files	Add empty ansible/files dir so ansible includes work	2024-02-16 17:47:26 +02:00
group_vars/all	Keycloak works, add example yml	2024-02-17 11:00:06 +02:00
host_vars/infrahost	Decouple users from podman	2024-02-20 09:48:10 +02:00
roles	Decouple users from podman	2024-02-20 09:48:10 +02:00
tasks	Add linter	2024-02-19 10:56:04 +02:00
templates	Support nftables	2024-02-18 09:52:10 +02:00
.ansible-lint	Add linter	2024-02-19 10:56:04 +02:00
.gitignore	Keycloak works, add example yml	2024-02-17 11:00:06 +02:00
README.md	Add SSH keys for users, create ansible/README.md	2024-02-16 22:34:58 +02:00
lint.sh	Add linter	2024-02-19 10:56:04 +02:00
main.yml	Support nftables	2024-02-18 09:52:10 +02:00

README.md

OpenFest Infra -- Ansible Playbooks

General Variables

Global/Group

Name	Description
global_ssh_keys	Keys of people authorized to access all hosts

Host

Name	Description
ssh_keys['root']	Users authorized to run commands as root
ssh_keys[username]	Authorized keys for a specific user
ssh_keys['*']	Authorized keys for all non-root users provisioned by ansible

Secret and not-so-secret Variables (grouped by service)

Keycloak

Name	Description
keycloak_hostname	Passed as the Public URL
keycloak_db_password	PostgreSQL DB Password
keycloak_db_ansible_host	PostgreSQL DB Host (in inventory), for provisioning the database
keycloak_podman_user_name	Owner of the keycloak container
keycloak_podman_user_home	`{{ keycloak_podman_user_name }}`'s home directory
keycloak_data_dir	Used for the volumes / bind mounts
keycloak_listen_address	Where to bind on the host (for using a reverse proxy)