[int]

2025-10-07 16:22:00 +02:00 · 2025-10-07 16:22:00 +02:00 · 52e14d8f8d
parent 71aea3040a
commit 52e14d8f8d
2 changed files with 116 additions and 95 deletions
--- a/roles/authelia/tasks/main.json
+++ b/roles/authelia/tasks/main.json
@ -1,45 +1,56 @@
 [
 	{
-		"name": "packages | prerequisites",
+		"name": "show vars",
-		"become": true,
+		"ansible.builtin.debug": {
-		"ansible.builtin.apt": {
+			"var": "vars.cfg_authelia"
 			"update_cache": true,
 			"pkg": [
 				"apt-transport-https",
 				"ca-certificates",
 				"gpg"
 			]
 		}
 	},
 	{
-		"name": "packages | keys",
+		"name": "packages",
-		"become": true,
+		"block": [
-		"ansible.builtin.get_url": {
+			{
-			"url": "https://www.authelia.com/keys/authelia-security.gpg",
+				"name": "prerequisites",
-			"dest": "/usr/share/keyrings/authelia-security.gpg"
+				"become": true,
-		}
+				"ansible.builtin.apt": {
-	},
+					"update_cache": true,
-	{
+					"pkg": [
-		"name": "packages | repository",
+						"apt-transport-https",
-		"become": true,
+						"ca-certificates",
-		"ansible.builtin.shell": {
+						"gpg"
-			"cmd": "echo \"deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/authelia-security.gpg] https://apt.authelia.com stable main\" > /etc/apt/sources.list.d/authelia.list",
+					]
-			"creates": "/etc/apt/sources.list.d/authelia.list"
+				}
-		}
+			},
 			{
 				"name": "keys",
 				"become": true,
 				"ansible.builtin.get_url": {
 					"url": "https://www.authelia.com/keys/authelia-security.gpg",
 					"dest": "/usr/share/keyrings/authelia-security.gpg"
 				}
 			},
 			{
 				"name": "repository",
 				"become": true,
 				"ansible.builtin.shell": {
 					"cmd": "echo \"deb [arch=$(dpkg --print-architecture) signed-by=/usr/share/keyrings/authelia-security.gpg] https://apt.authelia.com stable main\" > /etc/apt/sources.list.d/authelia.list",
 					"creates": "/etc/apt/sources.list.d/authelia.list"
 				}
-	},
+			},
-	{
+			{
-		"name": "packages | installation",
+				"name": "installation",
-		"become": true,
+				"become": true,
-		"ansible.builtin.apt": {
+				"ansible.builtin.apt": {
-			"update_cache": true,
+					"update_cache": true,
-			"pkg": [
+					"pkg": [
-				"openssl",
+						"openssl",
-				"python3-cryptography",
+						"python3-cryptography",
-				"python3-yaml",
+						"python3-yaml",
-				"authelia"
+						"authelia"
-			]
+					]
-		}
+				}
 			}
 		]
 	},
 	{
 		"name": "generate private key for signing OIDC JWTs",
@ -53,40 +64,45 @@
 		"register": "temp_tls_result"
 	},
 	{
-		"name": "configuration | compose script",
+		"name": "configuration",
-		"become": true,
+		"block": [
-		"ansible.builtin.copy": {
+			{
-			"src": "conf-compose.py",
+				"name": "compose script",
-			"dest": "/usr/bin/authelia-conf-compose",
+				"become": true,
-			"mode": "0700"
+				"ansible.builtin.copy": {
-		}
+					"src": "conf-compose.py",
-	},
+					"dest": "/usr/bin/authelia-conf-compose",
-	{
+					"mode": "0700"
-		"name": "configuration | directories",
+				}
-		"become": true,
+			},
-		"loop": [
+			{
-			"/etc/authelia/conf.d",
+				"name": "directories",
-			"/etc/authelia/conf.d/clients"
+				"become": true,
-		],
+				"loop": [
-		"ansible.builtin.file": {
+					"/etc/authelia/conf.d",
-			"state": "directory",
+					"/etc/authelia/conf.d/clients"
-			"path": "{{item}}"
+				],
-		}
+				"ansible.builtin.file": {
-	},
+					"state": "directory",
-	{
+					"path": "{{item}}"
-		"name": "configuration | main",
+				}
-		"become": true,
+			},
-		"ansible.builtin.template": {
+			{
-			"src": "conf-main.json.j2",
+				"name": "main",
-			"dest": "/etc/authelia/conf.d/main.json"
+				"become": true,
-		}
+				"ansible.builtin.template": {
-	},
+					"src": "conf-main.json.j2",
-	{
+					"dest": "/etc/authelia/conf.d/main.json"
-		"name": "configuration | compose",
+				}
-		"become": true,
+			},
-		"ansible.builtin.command": {
+			{
-			"cmd": "/usr/bin/authelia-conf-compose --main-file-path=/etc/authelia/conf.d/main.json --clients-directory-path=/etc/authelia/conf.d/clients --output-format=yaml --output-path=/etc/authelia/configuration.yml"
+				"name": "compose",
-		}
+				"become": true,
 				"ansible.builtin.command": {
 					"cmd": "/usr/bin/authelia-conf-compose --main-file-path=/etc/authelia/conf.d/main.json --clients-directory-path=/etc/authelia/conf.d/clients --output-format=yaml --output-path=/etc/authelia/configuration.yml"
 				}
 			}
 		]
 	},
 	{
 		"name": "setup log directory",
@ -97,30 +113,35 @@
 		}
 	},
 	{
-		"name": "users | directory",
+		"name": "users",
-		"become": true,
+		"block": [
-		"ansible.builtin.file": {
+			{
-			"state": "directory",
+				"name": "directory",
-			"path": "{{var_authelia_users_file_path | dirname}}"
+				"become": true,
-		}
+				"ansible.builtin.file": {
-	},
+					"state": "directory",
-	{
+					"path": "{{var_authelia_users_file_path | dirname}}"
-		"name": "users | initial file",
+				}
-		"become": true,
+			},
-		"ansible.builtin.template": {
+			{
-			"src": "users.yml.j2",
+				"name": "initial file",
-			"dest": "{{var_authelia_users_file_path}}",
+				"become": true,
-			"force": false
+				"ansible.builtin.template": {
-		}
+					"src": "users.yml.j2",
-	},
+					"dest": "{{var_authelia_users_file_path}}",
-	{
+					"force": false
-		"name": "users | management script",
+				}
-		"become": true,
+			},
-		"ansible.builtin.copy": {
+			{
-			"src": "user-manage.py",
+				"name": "management script",
-			"dest": "/usr/bin/authelia-user-manage",
+				"become": true,
-			"mode": "0700"
+				"ansible.builtin.copy": {
-		}
+					"src": "user-manage.py",
 					"dest": "/usr/bin/authelia-user-manage",
 					"mode": "0700"
 				}
 			}
 		]
 	},
 	{
 		"name": "apply",
--- a/roles/nginx/tasks/main.json
+++ b/roles/nginx/tasks/main.json
@ -2,7 +2,7 @@
 	{
 		"name": "show vars",
 		"ansible.builtin.debug": {
-			"var": "vars"
+			"var": "vars.cfg_nginx"
 		}
 	},
 	{