Changeset View
Changeset View
Standalone View
Standalone View
data/defaults.yaml
Show First 20 Lines • Show All 605 Lines • ▼ Show 20 Lines | letsencrypt::gandi_paas_hook::config: | ||||
zone_keys: | zone_keys: | ||||
softwareheritage.org: "%{alias('gandi::softwareheritage_org::xmlrpc_key')}" | softwareheritage.org: "%{alias('gandi::softwareheritage_org::xmlrpc_key')}" | ||||
letsencrypt::certificates::exported_directory: "%{::puppet_vardir}/letsencrypt_exports" | letsencrypt::certificates::exported_directory: "%{::puppet_vardir}/letsencrypt_exports" | ||||
letsencrypt::certificates::directory: /etc/ssl/certs/letsencrypt | letsencrypt::certificates::directory: /etc/ssl/certs/letsencrypt | ||||
letsencrypt::certificates: | letsencrypt::certificates: | ||||
archive_production: | archive_production: | ||||
domains: | domains: | ||||
# Should match with keycloak::resources::realms.SoftwareHeritage.clients.swh-web.redirect_uris | |||||
- archive.softwareheritage.org | - archive.softwareheritage.org | ||||
- base.softwareheritage.org | - base.softwareheritage.org | ||||
- archive.internal.softwareheritage.org | - archive.internal.softwareheritage.org | ||||
- webapp0.softwareheritage.org | - webapp0.softwareheritage.org | ||||
archive_staging: | archive_staging: | ||||
domains: | domains: | ||||
# Should match with keycloak::resources::realms.SoftwareHeritageStaging.clients.swh-web.redirect_uris | |||||
- webapp.staging.swh.network | - webapp.staging.swh.network | ||||
- webapp.internal.staging.swh.network | - webapp.internal.staging.swh.network | ||||
deposit_production: | deposit_production: | ||||
domains: | domains: | ||||
- deposit.softwareheritage.org | - deposit.softwareheritage.org | ||||
- deposit.internal.softwareheritage.org | - deposit.internal.softwareheritage.org | ||||
deposit_staging: | deposit_staging: | ||||
domains: | domains: | ||||
▲ Show 20 Lines • Show All 2,019 Lines • ▼ Show 20 Lines | |||||
# keycloak::admin::password in private-data | # keycloak::admin::password in private-data | ||||
keycloak::postgres::host: db.internal.softwareheritage.org | keycloak::postgres::host: db.internal.softwareheritage.org | ||||
keycloak::postgres::port: 5432 | keycloak::postgres::port: 5432 | ||||
keycloak::postgres::dbname: keycloak | keycloak::postgres::dbname: keycloak | ||||
keycloak::postgres::user: keycloak | keycloak::postgres::user: keycloak | ||||
# keycloak::postgres::password in private-data | # keycloak::postgres::password in private-data | ||||
keycloak::resources::realms::common_settings: | |||||
remember_me: true | |||||
login_with_email_allowed: true | |||||
internationalization_enabled: true | |||||
keycloak::resources::clients::common_settings: | |||||
public_client: true | |||||
default_client_scopes: | |||||
- profile | |||||
- roles | |||||
- web-origins | |||||
optional_client_scopes: | |||||
- microprofile-jwt | |||||
- offline_access | |||||
keycloak::resources::protocol_mappers::audience: | |||||
name: audience | |||||
type: oidc-audience-mapper | |||||
included_client_audience: __client_id__ | |||||
keycloak::resources::protocol_mappers::groups: | |||||
name: groups | |||||
type: oidc-group-membership-mapper | |||||
claim_name: groups | |||||
full_path: true | |||||
keycloak::resources::realms: | |||||
SoftwareHeritage: | |||||
settings: | |||||
display_name: Software Heritage | |||||
clients: | |||||
swh-web: | |||||
settings: | |||||
redirect_uris: | |||||
# Should match letsencrypt::certificates.archive_production.domains | |||||
- https://archive.softwareheritage.org/* | |||||
- https://base.softwareheritage.org/* | |||||
- https://archive.internal.softwareheritage.org/* | |||||
- https://webapp0.softwareheritage.org/* | |||||
protocol_mappers: | |||||
- "%{alias('keycloak::resources::protocol_mappers::audience')}" | |||||
- "%{alias('keycloak::resources::protocol_mappers::groups')}" | |||||
SoftwareHeritageStaging: | |||||
settings: | |||||
display_name: Software Heritage (Staging) | |||||
clients: | |||||
swh-web: | |||||
settings: | |||||
redirect_uris: | |||||
# Should match letsencrypt::certificates.archive_staging.domains | |||||
- https://webapp.staging.swh.network/* | |||||
- https://webapp.internal.staging.swh.network/* | |||||
protocol_mappers: | |||||
- "%{alias('keycloak::resources::protocol_mappers::audience')}" | |||||
- "%{alias('keycloak::resources::protocol_mappers::groups')}" | |||||
cassandra::release: 311x | cassandra::release: 311x | ||||
cassandra::cluster: azure | cassandra::cluster: azure | ||||
cassandra::exporter::version: "0.9.10" | cassandra::exporter::version: "0.9.10" | ||||
cassandra::exporter::listen_network: "%{lookup('internal_network')}" | cassandra::exporter::listen_network: "%{lookup('internal_network')}" | ||||
cassandra::exporter::listen_port: 9500 | cassandra::exporter::listen_port: 9500 | ||||
▲ Show 20 Lines • Show All 1,212 Lines • Show Last 20 Lines |