[fix] role:zeitbild_backend:conf

roles/zeitbild_backend/defaults/main.json

@@ -11,5 +11,11 @@
 	"var_zeitbild_backend_database_data_postgresql_port": 5432,
 	"var_zeitbild_backend_database_data_postgresql_username": "zeitbild_user",
 	"var_zeitbild_backend_database_data_postgresql_password": "REPLACE_ME",
-	"var_zeitbild_backend_database_data_postgresql_schema": "zeitbild"
+	"var_zeitbild_backend_database_data_postgresql_schema": "zeitbild",
+	"var_zeitbild_backend_authentication_kind": "internal",
+	"var_zeitbild_backend_authentication_data_authelia_url_base": "https://authelia.example.org",
+	"var_zeitbild_backend_authentication_data_authelia_client_id": "zeitbild",
+	"var_zeitbild_backend_authentication_data_authelia_client_secret": "REPLACE_ME",
+	"var_zeitbild_backend_authentication_data_authelia_label": "Authelia",
+	"var_zeitbild_backend_authentication_data_authelia_backend_url_base": "https://zeitbild.example.org/"
 }

roles/zeitbild_backend/templates/conf.json.j2

@@ -1 +1,60 @@
-{}
+{
+	"version": 1,
+	"log": [
+		{
+			"kind": "stdout",
+			"data": {
+				"threshold": "info"
+			}
+		}
+	],
+	"server": {
+		"address": {{var_zeitbild_backend_address}},
+		"port": {{var_zeitbild_backend_port | string}}
+	},
+{% if var_zeitbild_backend_database_kind == 'sqlite' %}
+	"database": {
+		"kind": "sqlite",
+		"data": {
+			"path": "data.sqlite"
+		}
+	},
+{% endif %}
+{% if var_zeitbild_backend_database_kind == 'postgresql' %}
+	"database": {
+		"kind": "postgresql",
+		"data": {
+			"host": "{{var_zeitbild_backend_database_data_postgresql_host}}"
+			"port": "{{var_zeitbild_backend_database_data_postgresql_port | string}}",
+			"username": "{{var_zeitbild_backend_database_data_postgresql_username}}",
+			"password": "{{var_zeitbild_backend_database_data_postgresql_password}}"
+			"schema": "{{var_zeitbild_backend_database_data_postgresql_schema}}"
+		}
+	},
+{% endif %}
+{% if var_zeitbild_backend_authentication_kind == 'internal' %}
+	"authentication": {
+		"kind": "internal",
+		"data": {}
+	},
+{% endif %}
+{% if var_zeitbild_backend_authentication_kind == 'authelia' %}
+	"authentication": {
+		"kind": "oidc",
+		"data": {
+			"url_authorization": "{{var_zeitbild_backend_authentication_data_authelia_url_base}}/api/oidc/authorization",
+			"url_token": "{{var_zeitbild_backend_authentication_data_authelia_url_base}}/api/oidc/token",
+			"url_userinfo": "{{var_zeitbild_backend_authentication_data_authelia_url_base}}/api/oidc/userinfo",
+			"client_id": "{{var_zeitbild_backend_authentication_data_authelia_client_id}}",
+			"client_secret": "{{var_zeitbild_backend_authentication_data_authelia_client_secret}}",
+			"backend_url_base": "{{var_zeitbild_backend_authentication_data_authelia_backend_url_base}}",
+			"label": "{{var_zeitbild_backend_authentication_data_authelia_provider_name}}"
+		}
+	},
+{% endif %}
+	"session_management": {
+		"in_memory": false,
+		"lifetime": 3600,
+		"drop_all_at_start": false
+	}
+}

roles/zeitbild_backend/vardef.json

@@ -60,5 +60,29 @@
 	"database_data_postgresql_schema": {
 		"type": "string",
 		"mandatory": false
-	}
+	},
+	"authentication_kind": {
+		"type": "string",
+		"options": [
+			"internal",
+			"authelia"
+		],
+		"mandatory": false
+	},
+	"authentication_data_authelia_url_base": {
+		"type": "string",
+		"mandatory": false
+	},
+	"authentication_data_authelia_client_id": {
+		"type": "string",
+		"mandatory": false
+	},
+	"authentication_data_authelia_client_secret": {
+		"type": "string",
+		"mandatory": false
+	},
+	"authentication_data_authelia_label": {
+		"type": "string",
+		"mandatory": false
+	},
 }

roles/zeitbild_frontend_dali/defaults/main.json

@@ -0,0 +1,11 @@
+{
+	"var_zeitbild_frontend_dali_git_reference": "master",
+	"var_zeitbild_frontend_dali_directory": "/opt/dali",
+	"var_zeitbild_frontend_dali_user": "root",
+	"var_zeitbild_frontend_dali_title": "Dali",
+	"var_zeitbild_frontend_dali_backend_scheme": "https",
+	"var_zeitbild_frontend_dali_backend_host": "zeitbild.example.org",
+	"var_zeitbild_frontend_dali_backend_port": 7845,
+	"var_zeitbild_frontend_dali_backend_path_base": "",
+	"var_zeitbild_frontend_dali_url_base": "https://dali.example.org"
+}

roles/zeitbild_frontend_dali/tasks/main.json

@@ -0,0 +1,52 @@
+[
+	{
+		"name": "packages",
+		"become": true,
+		"ansible.builtin.apt": {
+			"update_cache": true,
+			"pkg": [
+				"git",
+				"make"
+			]
+		}
+	},
+	{
+		"name": "directory",
+		"become": true,
+		"ansible.builtin.file": {
+			"state": "directory",
+			"owner": "{{var_zeitbild_frontend_dali_user}}"
+		}
+	},
+	{
+		"name": "program | fetch",
+		"ansible.builtin.git": {
+			"repo": "https://forgejo.linke.sx/zeitbild/frontend",
+			"version": "{{var_zeitbild_frontend_dali_git_reference}}",
+			"dest": "/tmp/zeitbild-frontend-dali-repo"
+		}
+	},
+	{
+		"name": "program | build",
+		"ansible.builtin.command": {
+			"chdir": "/tmp/zeitbild-frontend-dali-repo",
+			"cmd": "tools/build"
+		}
+	},
+	{
+		"name": "program | deploy",
+		"become": true,
+		"ansible.builtin.shell": {
+			"cmd": "cp --recursive --update /tmp/zeitbild-frontend-dali-repo/build/* {{var_zeitbild_frontend_dali_directory}}/ && chown --recursive {{var_zeitbild_frontend_dali_user}} {{var_zeitbild_frontend_dali_directory}}"
+		}
+	},
+	{
+		"name": "conf",
+		"become": true,
+		"ansible.builtin.template": {
+			"src": "conf.json.j2",
+			"dest": "{{var_zeitbild_frontend_dali_directory}}/conf.json",
+			"owner": "{{var_zeitbild_frontend_dali_user}}"
+		}
+	}
+]

roles/zeitbild_frontend_dali/templates/conf.json.j2

@@ -0,0 +1,12 @@
+{
+	"version": 1,
+	"backend": {
+		"scheme": "{{var_zeitbild_frontend_dali_backend_scheme}}",
+		"host": "{{var_zeitbild_frontend_dali_backend_host}}",
+		"port": {{var_zeitbild_frontend_dali_backend_port | string}},
+		"path": "{{var_zeitbild_frontend_dali_backend_path_base}}"
+	},
+	"misc": {
+		"oidc_redirect_uri_template": "{{var_zeitbild_frontend_dali_url_base}}/#oidc_finish,session_key={% raw %}{{session_key}}{% endraw %}"
+	}
+}

roles/zeitbild_frontend_dali/vardef.json

@@ -0,0 +1,38 @@
+{
+	"git_reference": {
+		"type": "string",
+		"mandatory": false
+	},
+	"directory": {
+		"type": "string",
+		"mandatory": false
+	},
+	"user": {
+		"type": "string",
+		"mandatory": false
+	},
+	"title": {
+		"type": "string",
+		"mandatory": false
+	},
+	"backend_scheme": {
+		"type": "string",
+		"mandatory": false
+	},
+	"backend_host": {
+		"type": "string",
+		"mandatory": false
+	},
+	"backend_port": {
+		"type": "string",
+		"mandatory": false
+	},
+	"backend_path_base": {
+		"type": "string",
+		"mandatory": false
+	},
+	"url_base": {
+		"type": "string",
+		"mandatory": false
+	}
+}