diff --git a/data/defaults.yaml b/data/defaults.yaml --- a/data/defaults.yaml +++ b/data/defaults.yaml @@ -1687,6 +1687,12 @@ # OpenAIRE - 213.135.60.145 - 213.135.60.146 +swh::deploy::webapp::config::keycloak: + # disable OIDC login link in production until the feature got + # properly tested in staging + server_url: "" + # server_url: "https://%{hiera('keycloak::vhost::name')}/auth/" + realm_name: SoftwareHeritage # in private data: # deposit_basic_auth_swhworker_username @@ -1709,6 +1715,7 @@ private_api_password: "%{hiera('deposit_basic_auth_swhworker_password')}" client_config: sentry_dsn: "%{lookup('swh::deploy::webapp::sentry_dsn')}" + keycloak: "%{hiera('swh::deploy::webapp::config::keycloak')}" swh::deploy::webapp::locked_endpoints: - /api/1/content/[^/]+/symbol/ diff --git a/data/hostname/webapp.internal.staging.swh.network.yaml b/data/hostname/webapp.internal.staging.swh.network.yaml --- a/data/hostname/webapp.internal.staging.swh.network.yaml +++ b/data/hostname/webapp.internal.staging.swh.network.yaml @@ -57,3 +57,6 @@ - 127.0.0.0/8 - 192.168.100.0/23 - 129.168.128.0/24 +swh::deploy::webapp::config::keycloak: + server_url: "https://%{hiera('keycloak::vhost::name')}/auth/" + realm_name: SoftwareHeritageStaging