Update to 2021-11-21 21:00

3 years ago · 1602d96a32
parent d65672152c
commit 1602d96a32
6 changed files with 30 additions and 9 deletions
--- a/roles/jitsi/tasks/install.yml
+++ b/roles/jitsi/tasks/install.yml
@ -62,6 +62,7 @@
        dest: "{{ jitsi_root_dir }}/jicofo/"
        recursive: True
        delete: True
+        compress: False
      delegate_to: "{{ inventory_hostname }}"
      notify: restart jitsi-jicofo
  when: (jitsi_jicofo_git.changed and jitsi_manage_upgrade) or not jitsi_jicofo_script.stat.exists
@ -99,6 +100,7 @@
        dest: "{{ jitsi_root_dir }}/jigasi/"
        recursive: True
        delete: True
+        compress: False
      delegate_to: "{{ inventory_hostname }}"
      notify: restart jitsi-jigasi
  when: (jitsi_jigasi_git.changed and jitsi_manage_upgrade) or not jitsi_jigasi_script.stat.exists
--- a/roles/jitsi_videobridge/tasks/install.yml
+++ b/roles/jitsi_videobridge/tasks/install.yml
@ -37,6 +37,7 @@
        dest: "{{ jitsi_root_dir }}/videobridge/"
        recursive: True
        delete: True
+        compress: False
      delegate_to: "{{ inventory_hostname }}"
      notify: restart jitsi-videobridge

--- a/roles/maven/defaults/main.yml
+++ b/roles/maven/defaults/main.yml
@ -1,6 +1,6 @@
 ---

-mvn_version: 3.6.3
+mvn_version: 3.8.3
 mvn_archive_url: https://miroir.univ-lorraine.fr/apache/maven/maven-3/{{ mvn_version }}/binaries/apache-maven-{{ mvn_version }}-bin.tar.gz
-mvn_archive_sha1: cc836dc7e64b113472df31996caaedf132969009
+mvn_archive_sha1: cbd24fbfa9845e72f1ca01b8571b5db5bde6c333
 mvn_root_dir: /opt/maven
--- a/roles/maven/tasks/install.yml
+++ b/roles/maven/tasks/install.yml
@ -26,6 +26,7 @@
        dest: "{{ mvn_root_dir }}/apache-maven/"
        recursive: True
        delete: True
+        compress: False
      delegate_to: "{{ inventory_hostname }}"

  when: mvn_install_mode != 'none'
--- a/roles/pgadmin4/defaults/main.yml
+++ b/roles/pgadmin4/defaults/main.yml
@ -10,13 +10,19 @@ pga_src_ip: []
 # Root dir where the app will be installed
 pga_root_dir: /opt/pgadmin4_{{ pga_id }}
 # Version to deploy
-pga_version: '6.1'
+pga_version: '6.2'
 # URL of the wheel
 pga_pip_url: https://ftp.postgresql.org/pub/pgadmin/pgadmin4/v{{ pga_version }}/pip/pgadmin4-{{ pga_version }}-py3-none-any.whl

-# OIDC Auth
-# Turn to true to enable
-pga_oidc_auth: False
+# When pg_auth is an empty list, pgAdmin will be in single user mode
+# You can set it to a list, eg
+# pga_auth:
+#   - oauth2
+#   - webserver
+#   - internal
+pga_auth: []
+
+# OIDC Auth (oauth2)
 pga_oidc_client_id: pgadmin4
 pga_oidc_display_name: SSO
 #pga_oidc_client_secret: XXXX
@ -26,3 +32,7 @@ pga_oidc_auth_url: "{{ pga_oidc_base_url }}/authorize"
 pga_oidc_userinfo_url: "{{ pga_oidc_base_url }}/userinfo"
 pga_oidc_scope: openid email profile

+# Webserver auth
+# Can be set to the header which carry the authenticated user name
+# Eg HTTP_X_FOWARDED_USER, REMOTE_USER etc.
+pga_webserver_header: HTTP_AUTH_USER
--- a/roles/pgadmin4/templates/config_local.py.j2
+++ b/roles/pgadmin4/templates/config_local.py.j2
@ -1,4 +1,4 @@
-SERVER_MODE={{ pga_oidc_auth | ternary('True','False') }}
+SERVER_MODE={{ (pga_auth | length >= 1) | ternary('True','False') }}
 DEFAULT_SERVER='0.0.0.0'
 DEFAULT_SERVER_PORT={{ pga_port }}
 DATA_DIR='{{ pga_root_dir }}/data'
@ -14,8 +14,10 @@ UPGRADE_CHECK_ENABLED=False
 DEFAULT_BINARY_PATHS = {
  "pg": "/usr/pgsql-14/bin/"
 }
-{% if pga_oidc_auth %}
-AUTHENTICATION_SOURCES=['oauth2']
+{% if pga_auth | length >= 1 %}
+AUTHENTICATION_SOURCES=['{{ pga_auth | join('\',\'') }}']
+{% endif %}
+{% if 'oauth2' in pga_auth %}
 OAUTH2_CONFIG=[{
  'OAUTH2_NAME': 'oidc',
  'OAUTH2_DISPLAY_NAME': '{{ pga_oidc_display_name }}',
@ -29,3 +31,8 @@ OAUTH2_CONFIG=[{
  'OAUTH2_AUTO_CREATE_USER': True
 }]
 {% endif %}
+{% if 'webserver' in pga_auth %}
+WEBSERVER_AUTO_CREATE_USER=True
+WEBSERVER_REMOTE_USER='{{ pga_webserver_header }}'
+{% endif %}
+