CCCHH/ansible-infra
CCCHH/ansible-infra
3
2
Fork 0
Code Issues2 Pull requests Wiki Activity Actions
ansible-infra/resources/chaosknoten/eh22-netbox/netbox/configuration.py.j2

60 lines
2.9 KiB
Django/Jinja
Raw Blame History

ALLOWED_HOSTS = [ "netbox.eh22.easterhegg.eu" ]
DATABASE = {
"HOST": "localhost",
"NAME": "netbox",
"USER": "netbox",
"PASSWORD": "{{ lookup('community.general.passwordstore', 'noc/vm-secrets/chaosknoten/eh22-netbox/DATABASE_PASSWORD', create=false, missing='error') }}",
}
REDIS = {
"tasks": {
"HOST": "localhost",
"PORT": 6379,
"USERNAME": "",
"PASSWORD": "",
"DATABASE": 0,
"SSL": False,
},
"caching": {
"HOST": "localhost",
"PORT": 6379,
"USERNAME": "",
"PASSWORD": "",
"DATABASE": 1,
"SSL": False,
},
}
SECRET_KEY = "{{ lookup('community.general.passwordstore', 'noc/vm-secrets/chaosknoten/eh22-netbox/SECRET_KEY', create=false, missing='error') }}"
SESSION_COOKIE_SECURE = True
# CCCHH ID (Keycloak) integration.
# https://github.com/python-social-auth/social-core/blob/0925304a9e437f8b729862687d3a808c7fb88a95/social_core/backends/keycloak.py#L7
# https://python-social-auth.readthedocs.io/en/latest/backends/keycloak.html
REMOTE_AUTH_BACKEND = "social_core.backends.keycloak.KeycloakOAuth2"
SOCIAL_AUTH_KEYCLOAK_ACCESS_TOKEN_URL = (
"https://id.hamburg.ccc.de/realms/ccchh/protocol/openid-connect/token"
)
SOCIAL_AUTH_KEYCLOAK_AUTHORIZATION_URL = (
"https://id.hamburg.ccc.de/realms/ccchh/protocol/openid-connect/auth"
)
SOCIAL_AUTH_KEYCLOAK_KEY = "eh22-netbox"
SOCIAL_AUTH_KEYCLOAK_PUBLIC_KEY = "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi/Shi+b2OyYNGVFPsa6qf9SesEpRl5U5rpwgmt8H7NawMvwpPUYVW9o46QW0ulYcDmysT3BzpP3tagO/SFNoOjZdYe0D9nJ7vEp8KHbzR09KCfkyQIi0wLssKnDotVHL5JeUY+iKk+gjiwF9FSFSHPBqsST7hXVAut9LkOvs2aDod9AzbTH/uYbt4wfUm5l/1Ii8D+K7YcsFGUIqxv4XS/ylKqObqN4M2dac69iIwapoh6reaBQEm66vrOzJ+3yi4DZuPrkShJqi2hddtoyZihyCkF+eJJKEI5LrBf1KZB3Ec2YUrqk93ZGUGs/XY6R87QSfR3hJ82B1wnF+c2pw+QIDAQAB"
SOCIAL_AUTH_KEYCLOAK_SECRET = "{{ lookup('community.general.passwordstore', 'noc/vm-secrets/chaosknoten/eh22-netbox/SOCIAL_AUTH_KEYCLOAK_SECRET', create=false, missing='error') }}"
# Use custom OIDC group and role mapping pipeline functions added in via
# netbox__custom_pipeline_oidc_group_and_role_mapping.
# The default pipeline this is based on can be found here:
# https://github.com/netbox-community/netbox/blob/main/netbox/netbox/settings.py
SOCIAL_AUTH_PIPELINE = [
"social_core.pipeline.social_auth.social_details",
"social_core.pipeline.social_auth.social_uid",
"social_core.pipeline.social_auth.social_user",
"social_core.pipeline.user.get_username",
"social_core.pipeline.user.create_user",
"social_core.pipeline.social_auth.associate_user",
"netbox.authentication.user_default_groups_handler",
"social_core.pipeline.social_auth.load_extra_data",
"social_core.pipeline.user.user_details",
# Custom OIDC group and role mapping functions.
"netbox.custom_pipeline_oidc_mapping.add_groups",
"netbox.custom_pipeline_oidc_mapping.remove_groups",
"netbox.custom_pipeline_oidc_mapping.set_roles",
]
Reference in a new issue View git blame Copy permalink