Add invite to Keycloak

2024-07-15 12:37:33 +02:00 · 2024-07-15 12:37:33 +02:00 · 94f65f8fe7
commit 94f65f8fe7
parent a990c96eb1
5 changed files with 112 additions and 0 deletions
--- a/playbooks/templates/chaosknoten/configs/keycloak/compose.yaml.j2
+++ b/playbooks/templates/chaosknoten/configs/keycloak/compose.yaml.j2
@ -71,6 +71,59 @@ services:
      POSTGRES_PASSWORD: {{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/keycloak/POSTGRES_PASSWORD", create=false, missing="error") }}
      POSTGRES_DB: keycloak

+  id-invite-web:
+    image: git.hamburg.ccc.de/ccchh/id-invite/id-invite:latest
+    command: web
+    restart: always
+    networks:
+      - web
+      - email
+      - keycloak
+    ports:
+      - 3000:3000
+    environment:
+      - "APP_EMAIL_BASE_URI=http://id-invite-email:3000"
+      - "APP_KEYCLOAK_BASE_URI=http://id-invite-keycloak:3000"
+      - "IDINVITE_URL=https://invite.hamburg.ccc.de"
+      - "IDINVITE_KEYCLOAK_NAME=CCCHH ID"
+      - "IDINVITE_VALID_HOURS=50"
+      - "IDINVITE_SECRET={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/keycloak/IDINVITE_TOKEN_SECRET", create=false, missing="error") }}"
+      - "IDINVITE_DISCOVERY_URL=https://id.hamburg.ccc.de/realms/ccchh/.well-known/openid-configuration"
+      - "IDINVITE_CLIENT_ID=id-invite"
+      - "IDINVITE_CLIENT_SECRET={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/keycloak/IDINVITE_CLIENT_SECRET", create=false, missing="error") }}"
+      - "MAIL_FROM=no-reply@hamburg.ccc.de"
+      - "BOTTLE_HOST=0.0.0.0"
+
+  id-invite-email:
+    image: git.hamburg.ccc.de/ccchh/id-invite/id-invite:latest
+    command: email
+    restart: always
+    networks:
+      - email
+      - web
+    environment:
+      - "IDINVITE_KEYCLOAK_NAME=CCCHH ID"
+      - "SMTP_HOSTNAME=cow.hamburg.ccc.de"
+      - "SMTP_USERNAME=no-reply@id.hamburg.ccc.de"
+      - "SMTP_PASSWORD={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/keycloak/NO_REPLY_SMTP", create=false, missing="error") }}"
+
+  id-invite-keycloak:
+    image: git.hamburg.ccc.de/ccchh/id-invite/id-invite:latest
+    command: keycloak
+    restart: always
+    networks:
+      - keycloak
+    environment:
+      - "KEYCLOAK_API_URL=http://keycloak:8080"
+      - "KEYCLOAK_API_USERNAME=id-invite"
+      - "KEYCLOAK_API_PASSWORD={{ lookup("community.general.passwordstore", "noc/vm-secrets/chaosknoten/keycloak/IDINVITE_ADMIN_PASSWORD", create=false, missing="error") }}"
+      - "KEYCLOAK_API_REALM=ccchh"
+
+
+
 networks:
  keycloak:
    external: false
+  web:
+  email:
+    external: false