Use our postgresql server for IPA-tuura

Signed-off-by: Aurélien Bompard <aurelien@bompard.org>

playbooks/groups/ipatuura.yml

@@ -4,6 +4,28 @@
     myhosts: "ipatuura_stg"
 
 
+- name: Setup the database
+  hosts: db-fas01.stg.rdu3.fedoraproject.org
+  gather_facts: no
+  become: yes
+  become_user: postgres
+  vars_files:
+    - /srv/web/infra/ansible/vars/global.yml
+    - /srv/private/ansible/vars.yml
+    - /srv/web/infra/ansible/vars/{{ ansible_distribution }}.yml
+
+  tasks:
+    - name: IPA-tuura DB user
+      community.postgresql.postgresql_user:
+        name: ipatuura
+        password: "{{ (env == 'production') | ternary(ipatuura_db_password_prod, ipatuura_db_password_stg) }}"
+    - name: IPA-tuura database creation
+      community.postgresql.postgresql_db:
+        name: ipatuura
+        owner: ipatuura
+        encoding: UTF-8
+
+
 - name: Make the box be real
   hosts: ipatuura_stg
   user: root

roles/ipatuura/templates/settings.py.j2

@@ -1 +1,18 @@
 from root.settings import *
+
+
+# SECURITY WARNING: keep the secret key used in production secret!
+SECRET_KEY = '{{ ipatuura_django_secret_key }}'
+
+# Database
+# https://docs.djangoproject.com/en/3.0/ref/settings/#databases
+DATABASES = {
+    "default": {
+        "ENGINE": "django.db.backends.postgresql",
+        "NAME": "ipatuura",
+        "USER": "ipatuura",
+        "PASSWORD": "{{ (env == 'production') | ternary(ipatuura_db_password_prod, ipatuura_db_password_stg) }}",
+        "HOST": "{{ ipatuura_db_host }}",
+        "PORT": "",
+    }
+}

roles/openshift-apps/keycloak/templates/operator-config.yml.j2

@@ -26,3 +26,12 @@ spec:
     ipa:
       secret:
         name: trusted-certs
+  additionalOptions:
+    # Connections to IPA-tuura can take longer than the default 5 seconds
+    - name: spi-connections-http-client--default--socket-timeout-millis
+      value: "60000"
+  # Slow login because of IPA-tuura
+  ingress:
+    annotations:
+      haproxy.router.openshift.io/timeout: 1m
+