From 6d3cefc29d596fcce0d436391eb6feec16bf2018 Mon Sep 17 00:00:00 2001 From: Elizabeth Hunt Date: Wed, 28 May 2025 23:56:55 -0700 Subject: CI part one --- playbooks/roles/kanidm/templates/stacks/docker-compose.yml | 8 +------- playbooks/roles/kanidm/templates/volumes/data/server.toml | 8 +++++++- 2 files changed, 8 insertions(+), 8 deletions(-) (limited to 'playbooks/roles/kanidm/templates') diff --git a/playbooks/roles/kanidm/templates/stacks/docker-compose.yml b/playbooks/roles/kanidm/templates/stacks/docker-compose.yml index 36ec4f5..f9d8cbe 100644 --- a/playbooks/roles/kanidm/templates/stacks/docker-compose.yml +++ b/playbooks/roles/kanidm/templates/stacks/docker-compose.yml @@ -1,6 +1,6 @@ services: kanidm: - image: kanidm/server + image: kanidm/server:latest volumes: - {{ kanidm_base }}/volumes/data:/data - {{ letsencrypt_certs }}:/certs:ro @@ -17,12 +17,6 @@ services: /sbin/kanidmd server -c /data/server.toml healthcheck: disable: true -{% else %} - healthcheck: - test: ["CMD-SHELL", "curl --fail -k https://localhost:8443/status"] - retries: 1 - timeout: 2s - interval: 30s {% endif %} environment: - TZ={{ timezone }} diff --git a/playbooks/roles/kanidm/templates/volumes/data/server.toml b/playbooks/roles/kanidm/templates/volumes/data/server.toml index dd13e1c..afaf0f1 100644 --- a/playbooks/roles/kanidm/templates/volumes/data/server.toml +++ b/playbooks/roles/kanidm/templates/volumes/data/server.toml @@ -1,6 +1,7 @@ +version = "2" + bindaddress = "[::]:8443" ldapbindaddress = "[::]:3636" -trust_x_forward_for = true db_path = "/data/kanidm.db" tls_chain = "/certs/{{ idm_domain }}.pem" tls_key = "/certs/{{ idm_domain }}.key" @@ -8,3 +9,8 @@ log_level = "info" domain = "{{ idm_domain }}" origin = "https://{{ idm_domain }}" + +# soon... once https://github.com/kanidm/kanidm/commit/b5cdf9dcf20114ed291700d99e8531226025f197 released >:D +# x-forward-for = ["{{ swarm_network }}"] +[http_client_address_info] +x-forward-for-all-source-trusted = [] -- cgit v1.2.3-70-g09d2