From 52e14d8f8da5f31c20264711da6fa36e11373afc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20Fra=C3=9F?= Date: Tue, 7 Oct 2025 16:22:00 +0200 Subject: [PATCH] [int] --- roles/authelia/tasks/main.json | 209 ++++++++++++++++++--------------- roles/nginx/tasks/main.json | 2 +- 2 files changed, 116 insertions(+), 95 deletions(-) diff --git a/roles/authelia/tasks/main.json b/roles/authelia/tasks/main.json index 3ae8267..5aed8c7 100644 --- a/roles/authelia/tasks/main.json +++ b/roles/authelia/tasks/main.json @@ -1,45 +1,56 @@ [ { - "name": "packages | prerequisites", - "become": true, - "ansible.builtin.apt": { - "update_cache": true, - "pkg": [ - "apt-transport-https", - "ca-certificates", - "gpg" - ] + "name": "show vars", + "ansible.builtin.debug": { + "var": "vars.cfg_authelia" } }, { - "name": "packages | keys", - "become": true, - "ansible.builtin.get_url": { - "url": "https://www.authelia.com/keys/authelia-security.gpg", - "dest": "/usr/share/keyrings/authelia-security.gpg" - } - }, - { - "name": "packages | repository", - "become": true, - "ansible.builtin.shell": { - "cmd": "echo \"deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/authelia-security.gpg] https://apt.authelia.com stable main\" > /etc/apt/sources.list.d/authelia.list", - "creates": "/etc/apt/sources.list.d/authelia.list" - } + "name": "packages", + "block": [ + { + "name": "prerequisites", + "become": true, + "ansible.builtin.apt": { + "update_cache": true, + "pkg": [ + "apt-transport-https", + "ca-certificates", + "gpg" + ] + } + }, + { + "name": "keys", + "become": true, + "ansible.builtin.get_url": { + "url": "https://www.authelia.com/keys/authelia-security.gpg", + "dest": "/usr/share/keyrings/authelia-security.gpg" + } + }, + { + "name": "repository", + "become": true, + "ansible.builtin.shell": { + "cmd": "echo \"deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/authelia-security.gpg] https://apt.authelia.com stable main\" > /etc/apt/sources.list.d/authelia.list", + "creates": "/etc/apt/sources.list.d/authelia.list" + } - }, - { - "name": "packages | installation", - "become": true, - "ansible.builtin.apt": { - "update_cache": true, - "pkg": [ - "openssl", - "python3-cryptography", - "python3-yaml", - "authelia" - ] - } + }, + { + "name": "installation", + "become": true, + "ansible.builtin.apt": { + "update_cache": true, + "pkg": [ + "openssl", + "python3-cryptography", + "python3-yaml", + "authelia" + ] + } + } + ] }, { "name": "generate private key for signing OIDC JWTs", @@ -53,40 +64,45 @@ "register": "temp_tls_result" }, { - "name": "configuration | compose script", - "become": true, - "ansible.builtin.copy": { - "src": "conf-compose.py", - "dest": "/usr/bin/authelia-conf-compose", - "mode": "0700" - } - }, - { - "name": "configuration | directories", - "become": true, - "loop": [ - "/etc/authelia/conf.d", - "/etc/authelia/conf.d/clients" - ], - "ansible.builtin.file": { - "state": "directory", - "path": "{{item}}" - } - }, - { - "name": "configuration | main", - "become": true, - "ansible.builtin.template": { - "src": "conf-main.json.j2", - "dest": "/etc/authelia/conf.d/main.json" - } - }, - { - "name": "configuration | compose", - "become": true, - "ansible.builtin.command": { - "cmd": "/usr/bin/authelia-conf-compose --main-file-path=/etc/authelia/conf.d/main.json --clients-directory-path=/etc/authelia/conf.d/clients --output-format=yaml --output-path=/etc/authelia/configuration.yml" - } + "name": "configuration", + "block": [ + { + "name": "compose script", + "become": true, + "ansible.builtin.copy": { + "src": "conf-compose.py", + "dest": "/usr/bin/authelia-conf-compose", + "mode": "0700" + } + }, + { + "name": "directories", + "become": true, + "loop": [ + "/etc/authelia/conf.d", + "/etc/authelia/conf.d/clients" + ], + "ansible.builtin.file": { + "state": "directory", + "path": "{{item}}" + } + }, + { + "name": "main", + "become": true, + "ansible.builtin.template": { + "src": "conf-main.json.j2", + "dest": "/etc/authelia/conf.d/main.json" + } + }, + { + "name": "compose", + "become": true, + "ansible.builtin.command": { + "cmd": "/usr/bin/authelia-conf-compose --main-file-path=/etc/authelia/conf.d/main.json --clients-directory-path=/etc/authelia/conf.d/clients --output-format=yaml --output-path=/etc/authelia/configuration.yml" + } + } + ] }, { "name": "setup log directory", @@ -97,30 +113,35 @@ } }, { - "name": "users | directory", - "become": true, - "ansible.builtin.file": { - "state": "directory", - "path": "{{var_authelia_users_file_path | dirname}}" - } - }, - { - "name": "users | initial file", - "become": true, - "ansible.builtin.template": { - "src": "users.yml.j2", - "dest": "{{var_authelia_users_file_path}}", - "force": false - } - }, - { - "name": "users | management script", - "become": true, - "ansible.builtin.copy": { - "src": "user-manage.py", - "dest": "/usr/bin/authelia-user-manage", - "mode": "0700" - } + "name": "users", + "block": [ + { + "name": "directory", + "become": true, + "ansible.builtin.file": { + "state": "directory", + "path": "{{var_authelia_users_file_path | dirname}}" + } + }, + { + "name": "initial file", + "become": true, + "ansible.builtin.template": { + "src": "users.yml.j2", + "dest": "{{var_authelia_users_file_path}}", + "force": false + } + }, + { + "name": "management script", + "become": true, + "ansible.builtin.copy": { + "src": "user-manage.py", + "dest": "/usr/bin/authelia-user-manage", + "mode": "0700" + } + } + ] }, { "name": "apply", diff --git a/roles/nginx/tasks/main.json b/roles/nginx/tasks/main.json index 6c2a199..1b7d843 100644 --- a/roles/nginx/tasks/main.json +++ b/roles/nginx/tasks/main.json @@ -2,7 +2,7 @@ { "name": "show vars", "ansible.builtin.debug": { - "var": "vars" + "var": "vars.cfg_nginx" } }, {