misc/ansible-base
0
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

Authelia | client-secrets hashen #3

Merged
roydfalk merged 12 commits from dev-authelia_hashed_client_secrets into main 2024-10-26 12:10:57 +02:00
Conversation 0 Commits 12 Files changed 20 +22 -4
4 changed files with 22 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files
Showing only changes of commit f2766fcf43 - Show all commits

4
roles/authelia-for-owncloud/defaults/main.json
View file

@ -4,5 +4,7 @@
"var_authelia_for_owncloud_android_client_id": "owncloud_android",
"var_authelia_for_owncloud_android_client_secret": "REPLACE_ME",
"var_authelia_for_owncloud_ios_client_id": "owncloud_ios",
"var_authelia_for_owncloud_ios_client_secret": "REPLACE_ME"
"var_authelia_for_owncloud_ios_client_secret": "REPLACE_ME",
"var_authelia_for_owncloud_desktop_client_id": "xdXOt13JKxym1B1QcEncf2XDkLAexMBFwiT9j6EfhhHFJhs2KM9jbjTmf8JBXE69",
"var_authelia_for_owncloud_desktop_client_secret": "UBntmLjC2yYCeHwsyj73Uwo9TAaecAetRwMw0xYcvNL9yRdLSUi0hUAHfvCHFeFh"
}

8
roles/authelia-for-owncloud/tasks/main.json
View file

@ -23,6 +23,14 @@
},
"register": "temp_authelia_for_owncloud_ios_client_secret_hashed"
},
{
"name": "configuration | compute client secret hash | desktop",
"become": true,
"ansible.builtin.shell": {
"cmd": "authelia crypto hash generate bcrypt --password {{var_authelia_for_owncloud_desktop_client_secret}} | cut --delimiter=' ' --fields='2-'"
},
"register": "temp_authelia_for_owncloud_desktop_client_secret_hashed"
},
{
"name": "configuration | emplace",
"become": true,

4
roles/authelia-for-owncloud/templates/authelia-client-conf-desktop.json.j2
View file

@ -1,6 +1,6 @@
{
"client_id": "xdXOt13JKxym1B1QcEncf2XDkLAexMBFwiT9j6EfhhHFJhs2KM9jbjTmf8JBXE69",
"client_secret": "UBntmLjC2yYCeHwsyj73Uwo9TAaecAetRwMw0xYcvNL9yRdLSUi0hUAHfvCHFeFh",
"client_id": "{{var_authelia_for_owncloud_desktop_client_id}}",
"client_secret": "{{temp_authelia_for_owncloud_desktop_client_secret_hashed.stdout}}",
"client_name": "ownCloud | Desktop Client",
"authorization_policy": "one_factor",
"scopes": [

10
roles/authelia-for-owncloud/vardef.json
View file

@ -13,13 +13,21 @@
},
"android_client_secret": {
"type": "string",
"mandatory": false
"mandatory": true
},
"ios_client_id": {
"type": "string",
"mandatory": false
},
"ios_client_secret": {
"type": "string",
"mandatory": true
},
"dektop_client_id": {
"type": "string",
"mandatory": false
},
"desktop_client_secret": {
"type": "string",
"mandatory": false
}