diff --git a/roles/pgadmin4/defaults/main.yml b/roles/pgadmin4/defaults/main.yml index b349fe8..e7dfcbc 100644 --- a/roles/pgadmin4/defaults/main.yml +++ b/roles/pgadmin4/defaults/main.yml @@ -1,9 +1,28 @@ --- +# You can deploy several instances of pgadmin4 on the same host +# pga_id must be uniq for each instance pga_id: 1 +# The port on which this instance will listen pga_port: 5050 +# List of IP / CIDR for which the port will be opened pga_src_ip: [] +# Root dir where the app will be installed pga_root_dir: /opt/pgadmin4_{{ pga_id }} +# Version to deploy pga_version: '6.0' +# URL of the wheel pga_pip_url: https://ftp.postgresql.org/pub/pgadmin/pgadmin4/v{{ pga_version }}/pip/pgadmin4-{{ pga_version }}-py3-none-any.whl -pga_master_pass: False + +# OIDC Auth +# Turn to true to enable +pga_oidc_auth: False +pga_oidc_client_id: pgadmin4 +pga_oidc_display_name: SSO +#pga_oidc_client_secret: XXXX +pga_oidc_base_url: https://sso.{{ ansible_domain }}/oauth2 +pga_oidc_token_url: "{{ pga_oidc_base_url }}/token" +pga_oidc_auth_url: "{{ pga_oidc_base_url }}/authorize" +pga_oidc_userinfo_url: "{{ pga_oidc_base_url }}/userinfo" +pga_oidc_scope: openid email profile + diff --git a/roles/pgadmin4/templates/config_local.py.j2 b/roles/pgadmin4/templates/config_local.py.j2 index 3d475d2..0d1eca0 100644 --- a/roles/pgadmin4/templates/config_local.py.j2 +++ b/roles/pgadmin4/templates/config_local.py.j2 @@ -1,4 +1,4 @@ -SERVER_MODE=False +SERVER_MODE={{ pga_oidc_auth | ternary('True','False') }} DEFAULT_SERVER='0.0.0.0' DEFAULT_SERVER_PORT={{ pga_port }} DATA_DIR='{{ pga_root_dir }}/data' @@ -6,5 +6,26 @@ LOG_FILE='{{ pga_root_dir }}/logs/pgadmin4.log' STORAGE_DIR='{{ pga_root_dir }}/data' SQLITE_PATH='{{ pga_root_dir }}/data/pgadmin4.db' SECURITY_EMAIL_SENDER='pgadmin4@{{ ansible_domain }}' -SESSION_DB_PATH = '{{ pga_root_dir }}/sessions' -MASTER_PASSWORD_REQUIRED={{ (pga_master_pass == True) | ternary('True','False') }} +SESSION_DB_PATH='{{ pga_root_dir }}/sessions' +CONSOLE_LOG_FORMAT='%(levelname)s\t%(name)s:\t%(message)s' +SHOW_GRAVATAR_IMAGE=False +SECURITY_EMAIL_SENDER='no-reply@{{ ansible_domain }}' +UPGRADE_CHECK_ENABLED=False +DEFAULT_BINARY_PATHS = { + "pg": "/usr/pgsql-14/bin/" +} +{% if pga_oidc_auth %} +AUTHENTICATION_SOURCES=['oauth2'] +OAUTH2_CONFIG=[{ + 'OAUTH2_NAME': 'oidc', + 'OAUTH2_DISPLAY_NAME': '{{ pga_oidc_display_name }}', + 'OAUTH2_CLIENT_ID': '{{ pga_oidc_client_id }}', + 'OAUTH2_CLIENT_SECRET': '{{ pga_oidc_client_secret }}', + 'OAUTH2_API_BASE_URL': '{{ pga_oidc_base_url }}', + 'OAUTH2_TOKEN_URL': '{{ pga_oidc_token_url }}', + 'OAUTH2_AUTHORIZATION_URL': '{{ pga_oidc_auth_url }}', + 'OAUTH2_USERINFO_ENDPOINT': '{{ pga_oidc_userinfo_url }}', + 'OAUTH2_SCOPE': '{{ pga_oidc_scope }}', + 'OAUTH2_AUTO_CREATE_USER': True +}] +{% endif %} diff --git a/roles/pgadmin4/vars/RedHat-7.yml b/roles/pgadmin4/vars/RedHat-7.yml index b9fa21d..6b8c1ac 100644 --- a/roles/pgadmin4/vars/RedHat-7.yml +++ b/roles/pgadmin4/vars/RedHat-7.yml @@ -4,6 +4,7 @@ pgadmin4_packages: - gcc - postgresql - postgresql-devel + - postgresql14 - python3-virtualenv - python3-pip - python-setuptools # Needed for pip install expect diff --git a/roles/pgadmin4/vars/RedHat-8.yml b/roles/pgadmin4/vars/RedHat-8.yml index 2485ddf..7ee913e 100644 --- a/roles/pgadmin4/vars/RedHat-8.yml +++ b/roles/pgadmin4/vars/RedHat-8.yml @@ -4,6 +4,7 @@ pgadmin4_packages: - gcc - postgresql - postgresql-devel + - postgresql14 - python3-virtualenv - python3-pip - python3-setuptools # Needed for pip install expect diff --git a/roles/zabbix_lld_all_graph/files/zabbix_lld_all_graph b/roles/zabbix_lld_all_graph/files/zabbix_lld_all_graph index 3ad7dd4..046bc45 100755 --- a/roles/zabbix_lld_all_graph/files/zabbix_lld_all_graph +++ b/roles/zabbix_lld_all_graph/files/zabbix_lld_all_graph @@ -47,9 +47,9 @@ $header = "Content-Type:application/json"; our @conf = (); %{$conf[0]} = (); -# DIsk space, % used +# Disk space, % used # only add graphs to hosts linked to this template -$conf[0]{"template"} = qr{^Template_OS_((Linux_(Server|minimal)|iPasserelle)|Windows_(Minimal|Serveu?r)|PfSense(2)?)$}; +$conf[0]{"template"} = qr{^Template_OS_((Linux_(Server|minimal)|iPasserelle)|Windows_(Minimal|Serveu?r)|PfSense(2)?|OPNSense)$}; # create a graph with this name in each host $conf[0]{"graph"} = 'System: Filesystem usage'; $conf[0]{"graphtype"} = 1; ### 0=normal, 1=stacked