ALLOWED_HOSTS = [ "netbox.eh22.easterhegg.eu" ]
DATABASE = {
  "HOST": "localhost",
  "NAME": "netbox",
  "USER": "netbox",
  "PASSWORD": "{{ lookup('community.general.passwordstore', 'noc/vm-secrets/chaosknoten/eh22-netbox/DATABASE_PASSWORD', create=false, missing='error') }}",
}
REDIS = {
    "tasks": {
      "HOST": "localhost",
      "PORT": 6379,
      "USERNAME": "",
      "PASSWORD": "",
      "DATABASE": 0,
      "SSL": False,
    },
    "caching": {
      "HOST": "localhost",
      "PORT": 6379,
      "USERNAME": "",
      "PASSWORD": "",
      "DATABASE": 1,
      "SSL": False,
    },
}
SECRET_KEY = "{{ lookup('community.general.passwordstore', 'noc/vm-secrets/chaosknoten/eh22-netbox/SECRET_KEY', create=false, missing='error') }}"
SESSION_COOKIE_SECURE = True

# CCCHH ID (Keycloak) integration.
# https://github.com/python-social-auth/social-core/blob/0925304a9e437f8b729862687d3a808c7fb88a95/social_core/backends/keycloak.py#L7
# https://python-social-auth.readthedocs.io/en/latest/backends/keycloak.html
REMOTE_AUTH_BACKEND = "social_core.backends.keycloak.KeycloakOAuth2"
SOCIAL_AUTH_KEYCLOAK_ACCESS_TOKEN_URL = (
    "https://id.hamburg.ccc.de/realms/ccchh/protocol/openid-connect/token"
)
SOCIAL_AUTH_KEYCLOAK_AUTHORIZATION_URL = (
    "https://id.hamburg.ccc.de/realms/ccchh/protocol/openid-connect/auth"
)
SOCIAL_AUTH_KEYCLOAK_KEY = "eh22-netbox"
SOCIAL_AUTH_KEYCLOAK_PUBLIC_KEY = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi/Shi+b2OyYNGVFPsa6qf9SesEpRl5U5rpwgmt8H7NawMvwpPUYVW9o46QW0ulYcDmysT3BzpP3tagO/SFNoOjZdYe0D9nJ7vEp8KHbzR09KCfkyQIi0wLssKnDotVHL5JeUY+iKk+gjiwF9FSFSHPBqsST7hXVAut9LkOvs2aDod9AzbTH/uYbt4wfUm5l/1Ii8D+K7YcsFGUIqxv4XS/ylKqObqN4M2dac69iIwapoh6reaBQEm66vrOzJ+3yi4DZuPrkShJqi2hddtoyZihyCkF+eJJKEI5LrBf1KZB3Ec2YUrqk93ZGUGs/XY6R87QSfR3hJ82B1wnF+c2pw+QIDAQAB"
SOCIAL_AUTH_KEYCLOAK_SECRET = "{{ lookup('community.general.passwordstore', 'noc/vm-secrets/chaosknoten/eh22-netbox/SOCIAL_AUTH_KEYCLOAK_SECRET', create=false, missing='error') }}"
# Use custom OIDC group and role mapping pipeline functions added in via
# netbox__custom_pipeline_oidc_group_and_role_mapping.
# The default pipeline this is based on can be found here:
# https://github.com/netbox-community/netbox/blob/main/netbox/netbox/settings.py
SOCIAL_AUTH_PIPELINE = [
    "social_core.pipeline.social_auth.social_details",
    "social_core.pipeline.social_auth.social_uid",
    "social_core.pipeline.social_auth.social_user",
    "social_core.pipeline.user.get_username",
    "social_core.pipeline.user.create_user",
    "social_core.pipeline.social_auth.associate_user",
    "netbox.authentication.user_default_groups_handler",
    "social_core.pipeline.social_auth.load_extra_data",
    "social_core.pipeline.user.user_details",
    # Custom OIDC group and role mapping functions.
    "netbox.custom_pipeline_oidc_mapping.add_groups",
    "netbox.custom_pipeline_oidc_mapping.remove_groups",
    "netbox.custom_pipeline_oidc_mapping.set_roles",
]