mirror of
https://pagure.io/fedora-infra/ansible.git
synced 2026-05-03 23:13:28 +08:00
93 lines
5.1 KiB
INI
93 lines
5.1 KiB
INI
# Beware that the quotes around the values are mandatory
|
|
|
|
# GENERAL CONFIGURATION
|
|
GLOBAL = {'reverse_proxied': True,
|
|
{% if env == 'staging' %}
|
|
'database_url': "postgresql://{{ fedoauth_db_user }}:{{ fedoauth_db_pass }}@{{ fedoauth_db_host }}.stg/{{ fedoauth_db_name }}",
|
|
{% else %}
|
|
'database_url': "postgresql://{{ fedoauth_db_user }}:{{ fedoauth_db_pass }}@{{ fedoauth_db_host }}/{{ fedoauth_db_name }}",
|
|
{% endif %}
|
|
'cookies_secure': True,
|
|
'transactions_timeout': 5,
|
|
'global_template_dir': '/usr/share/fedoauth/templates/global/',
|
|
'template_dir': '/usr/share/fedoauth/templates/fedora/',
|
|
'logging_config_location': '/etc/fedoauth/fedoauth.log.cfg',
|
|
'secret_key': '{{ fedoauth_secret_key }}',
|
|
|
|
{% if env == 'staging' %}
|
|
'url_root': 'https://id.stg.fedoraproject.org',
|
|
'static_content_root': 'https://id.stg.fedoraproject.org/static',
|
|
'enable_test_endpoint': True,
|
|
{% else %}
|
|
'url_root': 'https://id.fedoraproject.org',
|
|
'static_content_root': 'https://id.fedoraproject.org/static',
|
|
'enable_test_endpoint': False,
|
|
{% endif %}
|
|
}
|
|
|
|
|
|
AUTH_MODULE_CONFIGURATION = {
|
|
# This module authenticates against the Fedora Account System
|
|
# (https://admin.fedoraproject.org/accounts/)
|
|
'fedoauth.auth.fas.Auth_FAS': {'enabled': True,
|
|
'listed': True,
|
|
'select_image': '/static/fedora/fedora-authn-logo-white.png',
|
|
'reauth_timeout': 15,
|
|
'email_alias_when_cla': True,
|
|
'user_agent': 'FedOAuth',
|
|
'check_cert': True,
|
|
{% if env == 'staging' %}
|
|
'email_auth_domains': ['stg.fedoraproject.org'],
|
|
'base_url': 'https://admin.stg.fedoraproject.org/accounts/',
|
|
{% else %}
|
|
'email_auth_domains': ['fedoraproject.org'],
|
|
'base_url': 'https://admin.fedoraproject.org/accounts/',
|
|
{% endif %}
|
|
}
|
|
}
|
|
|
|
|
|
AUTH_PROVIDER_CONFIGURATION = {
|
|
'fedoauth.provider.persona': {'enabled': True,
|
|
{% if env == 'staging' %}
|
|
'domains': ['id.stg.fedoraproject.org', 'stg.fedoraproject.org'],
|
|
'private_key': {'path': '/etc/fedoauth/persona.stg.key',
|
|
'passphrase': '{{ fedoauth_persona_key_passphrase }}'},
|
|
{% else %}
|
|
'domains': ['id.fedoraproject.org', 'fedoraproject.org'],
|
|
'private_key': {'path': '/etc/fedoauth/persona.key',
|
|
'passphrase': '{{ fedoauth_persona_key_passphrase }}'},
|
|
{% endif %}
|
|
},
|
|
'fedoauth.provider.openid': {'enabled': True,
|
|
{% if env == 'staging' %}
|
|
'identity_url_pattern': 'http://%(username)s.id.stg.fedoraproject.org/',
|
|
'trusted_roots': [],
|
|
{% else %}
|
|
'identity_url_pattern': 'http://%(username)s.id.fedoraproject.org/',
|
|
'trusted_roots': ['http://jenkins.cloud.fedoraproject.org/securityRealm/finishLogin',
|
|
'https://ask.fedoraproject.org/',
|
|
'https://fedorahosted.org/',
|
|
'https://badges.fedoraproject.org',
|
|
'https://apps.fedoraproject.org/tagger/',
|
|
'https://apps.fedoraproject.org/nuancier/',
|
|
'https://apps.fedoraproject.org/datagrepper/',
|
|
'https://apps.fedoraproject.org/calendar/',
|
|
'http://apps.fedoraproject.org/notifications/',
|
|
'http://copr.fedoraproject.org/',
|
|
'http://copr-fe.cloud.fedoraproject.org/',
|
|
'https://admin.fedoraproject.org/pkgdb/',
|
|
'https://admin.fedoraproject.org/voting/',
|
|
'https://apps.fedoraproject.org/github2fedmsg',
|
|
'https://admin.fedoraproject.org', # Nagios
|
|
'https://apps.fedoraproject.org/', # FMN
|
|
'https://release-monitoring.org/', # Anitya
|
|
'http://pagure.io/', # Pagure
|
|
'http://admin.fedoraproject.org/mirrormanager/'], # MM
|
|
|
|
{% endif %}
|
|
'non_trusted_roots': [],
|
|
'handle_magic_groups_value': True
|
|
}
|
|
}
|