--- # The home-server project produces a multi-purpose setup using Ansible. # Copyright © 2018–2023 Y. Gablin, under the GPL-3.0-or-later license. # Full licensing information in the LICENSE file, or gnu.org/licences/gpl-3.0.txt if the file is missing. ### UPSTREAM BEGIN ⇒ ### - name: pull prerequisites from upstream include_role: name=etckeeper.inc allow_duplicates=true tasks_from=upstream.yml vars: msg: SSO ### ⇐ UPSTREAM BEGIN ### - name: (SSOwat) uninstall software package: name: "{{item}}" state: absent with_items: # 2023-05-20: removed - ssowat-git - nginx-mainline-mod-lua - nginx-mainline-mod-ndk - lua51-lualdap-git - name: install AUR software include_role: name: aur.inc allow_duplicates: true vars: packages: - simple-sso-git ### UPSTREAM END ⇒ ### - name: merge upstream include_role: name=etckeeper.inc allow_duplicates=true tasks_from=merge.yml vars: msg: SSO ### ⇐ UPSTREAM END ### # 2023-05-20: removed - name: (SSOwat) remove SSOwat configuration file: path: /etc/ssowat state: absent notify: - restart openresty.service # 2023-05-20: removed - name: (SSOwat) remove external LUA module from Nginx file: path: /etc/nginx/main.inc.d/ndk+lua.inc state: absent notify: - restart openresty.service - name: init the SSO code in Nginx copy: content: | lua_shared_dict cache 10m; init_by_lua_file /etc/nginx/ssso/do_init.lua; dest: /etc/nginx/conf.d/00_sso.conf group: http mode: 0640 notify: - restart openresty.service - name: enforce SSO checking for each request copy: content: | access_by_lua_file /etc/nginx/ssso/do_access.lua; dest: /etc/nginx/inc.d/00_sso.https.inc group: http mode: 0640 notify: - restart openresty.service - name: send the custom SSO configuration template: src: templates/conf.json.j2 dest: /etc/nginx/ssso/global.json group: http mode: 0640 - name: register the fact that SSO is installed set_fact: is_sso_used: true ### LOCAL COMMIT ⇒ ### - name: commit local changes include_role: name=etckeeper.inc allow_duplicates=true tasks_from=local.yml vars: msg: SSO ### ⇐ LOCAL COMMIT ### - meta: flush_handlers