Keycloak auth, more app parameters.

This commit is contained in:
Andrea Dell'Amico 2022-03-08 16:20:52 +01:00
parent e019d51acd
commit 43d21d16aa
Signed by: adellam
GPG Key ID: 147ABE6CEB9E20FF
2 changed files with 30 additions and 5 deletions

View File

@ -69,8 +69,8 @@ shinyproxy_template_path: '{{ shinyproxy_install_dir }}/web_templates'
shinyproxy_app_title: 'Open Analytics Shiny Proxy'
shinyproxy_logo_url: 'http://www.openanalytics.eu/sites/www.openanalytics.eu/themes/oa/logo.png'
shinyproxy_authentication: ldap
shinyproxy_ldap_enabled: False
# ldap, keycloak, none
shinyproxy_authentication: 'none'
shinyproxy_basic_auth: 'false'
shinyproxy_admin_group: ''
shinyproxy_ldap_server: 'ldap://ldap.forumsys.com:389/dc=example,dc=com'
@ -84,5 +84,13 @@ shinyproxy_ldap_user_search_filter_enabled: True
shinyproxy_ldap_user_search_filter: '(uid={0})'
shinyproxy_ldap_group_search_base: ''
shinyproxy_ldap_group_search_filter: '(uniqueMember={0})'
shinyproxy_keycloak_realm: 'realm'
shinyproxy_keycloak_url: 'http://localhost:8180/auth'
shinyproxy_keycloak_resource: 'shiny_client'
shinyproxy_keycloak_secret: 'use a vault file'
shinyproxy_keycloak_ssl_required: 'external'
# preferred_username, nickname, email
shinyproxy_keycloak_name_attribute: 'preferred_username'
shinyproxy_keycloak_role_mappings: 'false'
shinyproxy_max_log_size: 20MB

View File

@ -38,7 +38,7 @@ proxy:
{% endif %}
admin-groups: {{ shinyproxy_admin_group }}
container-backend: {{ shinyproxy_container_backend }}
{% if shinyproxy_ldap_enabled %}
{% if shinyproxy_authentication == 'ldap' %}
# LDAP configuration
ldap:
url: {{ shinyproxy_ldap_server }}
@ -56,6 +56,16 @@ proxy:
manager-dn: {{ shinyproxy_ldap_admin }}
manager-password: {{ shinyproxy_ldap_admin_pwd }}
{% endif %}
{% if shinyproxy_authentication == 'keycloak' %}
keycloak:
realm: {{ shinyproxy_keycloak_realm }}
auth-server-url: {{ shinyproxy_keycloak_url }}
resource: {{ shinyproxy_keycloak_resource }}
credentials-secret: {{ shinyproxy_keycloak_secret }}
ssl-required: {{ shinyproxy_keycloak_ssl_required }}
proxy.keycloak.name-attribute: {{ shinyproxy_keycloak_name_attribute }}
use-resource-role-mappings: {{ shinyproxy_keycloak_role_mappings }}
{% endif %}
{% if shinyproxy_container_backend == 'docker' or shinyproxy_container_backend == 'docker-swarm' %}
docker:
container-memory-request: {{ shinyproxy_docker_memory_request }}
@ -87,7 +97,7 @@ proxy:
- id: {{ app.name }}
display-name: {{ app.display_name }}
description: {{ app.description }}
container-cmd: ["R", "-e {{ app.cmd }}"]
{% if app.cmd is defined %}container-cmd: ["R", "-e {{ app.cmd }}"]{% endif %}
container-image: {{ app.docker_image }}
container-memory: {{ app.docker_memory | default('2g') }}
{% if shinyproxy_version is version_compare('2.6.0', '>=') %}
@ -96,7 +106,14 @@ proxy:
max-lifetime: {{ app.max_lifetime | default(shinyproxy_default_proxy_max_lifetime) }}
{% endif %}
{% if app.environment is defined %}
container-env:
{% for env in app.environment %}
{{ env.name }}: {{ env.value }}
{% endfor %}
{% endif %}
{% if shinyproxy_as_docker_service %}
{% if shinyproxy_container_backend == 'docker-swarm' %}