diff options
author | Paul Sokolovsky <paul.sokolovsky@linaro.org> | 2013-10-15 21:05:54 +0300 |
---|---|---|
committer | Paul Sokolovsky <paul.sokolovsky@linaro.org> | 2013-10-15 21:05:54 +0300 |
commit | 82e8618980d178b26acf2389db9fab15d2f90552 (patch) | |
tree | 639f4a86db069c39f80ecc896b347affcf353160 | |
parent | ee62a473c517e1bd8b3b432054ea51c0a9288f5c (diff) |
Add Crowd auth suport for backend. Credentials stored off-tree.
-rw-r--r-- | ansible-deploy/frontend.yml | 2 | ||||
-rw-r--r-- | ansible-deploy/roles/frontend/tasks/main.yml | 3 | ||||
-rw-r--r-- | ansible-deploy/roles/frontend/templates/settings_prod.py | 11 | ||||
-rw-r--r-- | ansible-deploy/roles/frontend/vars/main.yml | 2 |
4 files changed, 15 insertions, 3 deletions
diff --git a/ansible-deploy/frontend.yml b/ansible-deploy/frontend.yml index c88d9b7..49fc8ea 100644 --- a/ansible-deploy/frontend.yml +++ b/ansible-deploy/frontend.yml @@ -4,6 +4,8 @@ vars: - linaro_android_frontend_repo: lp:linaro-android-frontend - linaro_android_frontend_rev: 337 + vars_files: + - ../ansible-private-vars/main.yml roles: - common - frontend diff --git a/ansible-deploy/roles/frontend/tasks/main.yml b/ansible-deploy/roles/frontend/tasks/main.yml index d04c12e..05f7acd 100644 --- a/ansible-deploy/roles/frontend/tasks/main.yml +++ b/ansible-deploy/roles/frontend/tasks/main.yml @@ -8,6 +8,7 @@ - tidy - unzip - python-cssutils + - sqlite3 - name: Create frontend user user: name=build-system-frontend comment="Android Build Frontend" @@ -41,6 +42,8 @@ # TODO: actually replace SECRET_KEY template: src=settings_prod.py dest=~build-system-frontend/ mode=0640 owner=build-system-frontend group=www-data sudo: yes + notify: + - Restart Apache - name: Create config symlink # wart: relative symlinks not supported file: state=link src=~/settings_prod.py dest=~/frontend/settings_prod.py diff --git a/ansible-deploy/roles/frontend/templates/settings_prod.py b/ansible-deploy/roles/frontend/templates/settings_prod.py index ca84ca8..be8b199 100644 --- a/ansible-deploy/roles/frontend/templates/settings_prod.py +++ b/ansible-deploy/roles/frontend/templates/settings_prod.py @@ -1,12 +1,17 @@ from settings import * MEDIA_URL = '/static/' -LOGIN_URL = '/openid/login/' -LOGOUT_URL = '/logout' DATABASES['default']['NAME'] = '/var/lib/linaro-abs-frontend/session.db' FRONTEND_JENKINS_USER = 'frontend' FRONTEND_JENKINS_PASSWORD = open('/var/lib/linaro-abs-frontend/jenkins-password').read().strip() -SECRET_KEY = '$KEY' +{% if frontend_auth == "openid" %} +LOGIN_URL = '/openid/login/' +{% elif frontend_auth == "crowd" %} +AUTH_CROWD_APPLICATION_USER = '{{crowd_user}}' +AUTH_CROWD_APPLICATION_PASSWORD = '{{crowd_passwd}}' +{% endif %} + +SECRET_KEY = "{{ lookup('password', cred_store + '/frontend/django_secret_key') }}" diff --git a/ansible-deploy/roles/frontend/vars/main.yml b/ansible-deploy/roles/frontend/vars/main.yml new file mode 100644 index 0000000..e927a04 --- /dev/null +++ b/ansible-deploy/roles/frontend/vars/main.yml @@ -0,0 +1,2 @@ +# "crowd" or "openid" +frontend_auth: crowd |