misc/ansible-base
0
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

[mod] role:authelia:variable lifespans and cors endpoints

Browse source
This commit is contained in:
roydfalk 2024-08-22 15:27:43 +02:00
parent 824eeb3fb3
commit 0a8cc8d1df
3 changed files with 38 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
roles/authelia/defaults/main.json
View file

@ -32,5 +32,8 @@
"var_authelia_notification_smtp_username": "authelia", "var_authelia_notification_smtp_username": "authelia",
"var_authelia_notification_smtp_password": "REPLACE_ME", "var_authelia_notification_smtp_password": "REPLACE_ME",
"var_authelia_notification_smtp_sender": "authelia@example.org", "var_authelia_notification_smtp_sender": "authelia@example.org",
"var_authelia_oidc_hmac_secret": "REPLACE_ME" "var_authelia_oidc_hmac_secret": "REPLACE_ME",
"var_authelia_oidc_lifespan_access_token": "1h",
"var_authelia_oidc_lifespan_refresh_token": "1m",
"var_authelia_oidc_cors_endpoints": null
} }

8
roles/authelia/templates/conf-main.json.j2
View file

@ -190,8 +190,16 @@
"oidc": { "oidc": {
"hmac_secret": "{{var_authelia_oidc_hmac_secret}}", "hmac_secret": "{{var_authelia_oidc_hmac_secret}}",
"issuer_private_key": "{{temp_tls_result.privatekey | replace('\n', '\\n')}}", "issuer_private_key": "{{temp_tls_result.privatekey | replace('\n', '\\n')}}",
"lifespans": {
"access_token": "{{var_authelia_oidc_lifespan_access_token}}",
"refresh_token": "{{var_authelia_oidc_lifespan_refresh_token}}"
},
"cors": { "cors": {
"allowed_origins_from_client_redirect_uris": true "allowed_origins_from_client_redirect_uris": true
{% if var_authelia_oidc_cors_endpoints == None %}
{% else %}
,"endpoints": {{var_authelia_oidc_cors_endpoints | to_json}}
{% endif %}
}, },
"clients": [ "clients": [
] ]

26
roles/authelia/vardef.json
View file

@ -139,5 +139,31 @@
"oidc_hmac_secret": { "oidc_hmac_secret": {
"type": "string", "type": "string",
"mandatory": true "mandatory": true
},
"oidc_lifespan_access_token": {
"nullable": true,
"type": "string",
"mandatory": false
},
"oidc_lifespan_refresh_token": {
"nullable": true,
"type": "string",
"mandatory": false
},
"oidc_cors_endpoints": {
"nullable": true,
"type": "array",
"items": {
"type": "string",
"enum": [
"authorization",
"pushed-authorization-request",
"token",
"revocation",
"introspection",
"userinfo"
]
},
"mandatory": false
} }
} }